@zhixuan92/multi-model-agent-core 4.7.19 → 4.8.0

package/dist/research/web-fetch.js

@@ -1,236 +0,0 @@
-// packages/core/src/research/web-fetch.ts
-//
-// Replaces the previous IP-pinning dispatcher (which failed 100% of real
-// requests on Node 25 / undici current) with a connect-callback re-validation
-// SSRF guard: undici resolves the host normally; the connect callback compares
-// the resolved IP against ssrf-guard's public-IP classification and aborts
-// the connection if it's private/loopback/metadata. validateAndPinURL still
-// runs first as the pre-request defense.
-import { request, Agent } from 'undici';
-import { USER_AGENT } from './user-agent.js';
-import { wrapFetchedContent } from './untrusted-content.js';
-import { classifyIP } from './ssrf-guard.js';
-import { REDIRECT_ERR_CODE_MAP, validateAndPinURL, extractContentType, isRedirect, extractLocation, extractBodyFromHTML, stripCredentialsFromURL, readBody, drainBody, mapRequestError, } from './web-fetch-helpers.js';
-const ALLOWED_CT = new Set([
-    'text/html', 'text/plain',
-    'application/xml', 'application/atom+xml', 'application/rss+xml',
-    'application/json',
-]);
-const RETURNED_TEXT_CAP = 64 * 1024;
-/**
- * Build the SSRF-revalidating `connect.lookup` for the guard agent.
- *
- * undici invokes `connect.lookup` with `{ all: true }` and expects the callback
- * to receive an ARRAY of `{ address, family }` entries — NOT the single-result
- * `dns.lookup(host, (err, address, family) => ...)` form. Returning a bare
- * address string makes undici read `addresses[0].address === undefined`, throw
- * `ERR_INVALID_IP_ADDRESS`, and surface as `web_fetch_request_failed`. Every
- * callback path here therefore returns the array form.
- *
- * Typed as `net.LookupFunction` — the exact type undici's `connect.lookup`
- * field accepts. On error paths we pass an empty address array (undici reads
- * `err` first and never consumes the addresses), which keeps the runtime
- * contract while satisfying the callback's required address argument.
- *
- * Exported for unit testing — it locks the undici lookup contract without
- * requiring real network (see tests/research/web-fetch.test.ts).
- */
-export function makeConnectGuardLookup(allowPrivateNetwork, testResolvedIp) {
-    return (host, opts, cb) => {
-        // If test seam present, return that IP; otherwise let Node resolve.
-        if (testResolvedIp) {
-            const fam = testResolvedIp.includes(':') ? 6 : 4;
-            // Re-validate test IP via ssrf-guard classification.
-            if (!allowPrivateNetwork) {
-                if (classifyIP(testResolvedIp) !== 'public') {
-                    cb(new Error('web_fetch_ssrf_postresolve_block'), []);
-                    return;
-                }
-            }
-            cb(null, [{ address: testResolvedIp, family: fam }]);
-            return;
-        }
-        // Production path: forward undici's options (which carry `all: true`) to
-        // Node's resolver, re-validate EVERY resolved address via the SSRF
-        // classifier, then return the array form undici expects.
-        import('node:dns').then(({ lookup }) => {
-            lookup(host, { ...opts, all: true }, (err, addresses) => {
-                if (err) {
-                    cb(err, []);
-                    return;
-                }
-                const list = addresses;
-                if (!allowPrivateNetwork) {
-                    for (const a of list) {
-                        if (classifyIP(a.address) !== 'public') {
-                            cb(new Error('web_fetch_ssrf_postresolve_block'), []);
-                            return;
-                        }
-                    }
-                }
-                cb(null, list);
-            });
-        }).catch(e => cb(e, []));
-    };
-}
-/** Build a shared agent that re-validates the resolved IP at connect time. */
-function makeConnectGuardAgent(allowPrivateNetwork, testResolvedIp, connectTimeoutMs) {
-    const lookup = makeConnectGuardLookup(allowPrivateNetwork, testResolvedIp);
-    return new Agent({
-        connect: { lookup },
-        connectTimeout: connectTimeoutMs,
-    });
-}
-export async function webFetch(input) {
-    const { cfg, hostAllowlist } = input;
-    const privateNetworkHosts = input.privateNetworkHosts ?? new Set();
-    let credentialsStripped = false;
-    let initial;
-    try {
-        initial = new URL(input.url);
-    }
-    catch {
-        return { status: 'error', reasonCode: 'web_fetch_invalid_url', credentialsStripped };
-    }
-    credentialsStripped = stripCredentialsFromURL(initial);
-    const totalCtrl = new AbortController();
-    const totalTimer = setTimeout(() => totalCtrl.abort(), cfg.totalDeadlineMs);
-    try {
-        let currentURL = initial.toString();
-        let redirects = 0;
-        while (true) {
-            let v;
-            try {
-                v = await validateAndPinURL(currentURL, hostAllowlist, privateNetworkHosts, input.resolveIP, totalCtrl.signal);
-            }
-            catch (e) {
-                if (e instanceof DOMException && e.name === 'AbortError') {
-                    return { status: 'error', reasonCode: 'web_fetch_timeout', credentialsStripped };
-                }
-                return { status: 'error', reasonCode: 'web_fetch_dns_resolution_failed', credentialsStripped };
-            }
-            if (!v.ok) {
-                if (redirects > 0) {
-                    const mapped = REDIRECT_ERR_CODE_MAP[v.reasonCode] ?? v.reasonCode;
-                    return { status: 'error', reasonCode: mapped, host: v.host, credentialsStripped };
-                }
-                return { status: 'error', reasonCode: v.reasonCode, host: v.host, credentialsStripped };
-            }
-            // Honor createDispatcher hook for tests: when present, use whatever it
-            // returns (or skip dispatcher entirely if undefined → MockAgent
-            // intercepts via global). In production, fall back to the connect-guard
-            // agent for post-resolve SSRF re-validation.
-            let agent;
-            if (input.createDispatcher !== undefined) {
-                agent = input.createDispatcher(v.host, v.pinnedIP, cfg);
-            }
-            else {
-                agent = makeConnectGuardAgent(cfg.allowPrivateNetwork ?? false, input._testConnectResolvedIp, cfg.connectTimeoutMs);
-            }
-            const closeAgent = async () => {
-                if (agent && typeof agent.close === 'function') {
-                    try {
-                        await agent.close();
-                    }
-                    catch { /* ignore */ }
-                }
-            };
-            let res;
-            try {
-                res = await request(v.url.toString(), {
-                    method: 'GET',
-                    headersTimeout: cfg.connectTimeoutMs,
-                    headers: { 'user-agent': USER_AGENT },
-                    ...(agent ? { dispatcher: agent } : {}),
-                    signal: totalCtrl.signal,
-                });
-            }
-            catch (e) {
-                await closeAgent();
-                // Map our connect-callback abort to a stable reasonCode.
-                const msg = e?.message ?? '';
-                if (msg.includes('web_fetch_ssrf_postresolve_block')) {
-                    return { status: 'error', reasonCode: 'web_fetch_ssrf_postresolve_block', host: v.host, credentialsStripped };
-                }
-                return { ...mapRequestError(e, totalCtrl.signal, v.host), credentialsStripped };
-            }
-            if (isRedirect(res.statusCode)) {
-                redirects++;
-                if (redirects > cfg.maxRedirects) {
-                    await closeAgent();
-                    return { status: 'error', reasonCode: 'web_fetch_too_many_redirects', host: v.host, credentialsStripped };
-                }
-                const location = extractLocation(res.headers);
-                if (!location) {
-                    await closeAgent();
-                    return { status: 'error', reasonCode: 'web_fetch_redirect_missing_location', host: v.host, credentialsStripped };
-                }
-                let nextURL;
-                try {
-                    nextURL = new URL(location, v.url);
-                }
-                catch {
-                    await closeAgent();
-                    return { status: 'error', reasonCode: 'web_fetch_redirect_invalid_url', host: v.host, credentialsStripped };
-                }
-                credentialsStripped = stripCredentialsFromURL(nextURL) || credentialsStripped;
-                currentURL = nextURL.toString();
-                await drainBody(res.body, totalCtrl.signal);
-                await closeAgent();
-                if (totalCtrl.signal.aborted) {
-                    return { status: 'error', reasonCode: 'web_fetch_timeout', host: v.host, credentialsStripped };
-                }
-                continue;
-            }
-            const contentType = extractContentType(res.headers);
-            if (contentType && !ALLOWED_CT.has(contentType)) {
-                await drainBody(res.body, totalCtrl.signal);
-                await closeAgent();
-                if (totalCtrl.signal.aborted) {
-                    return { status: 'error', reasonCode: 'web_fetch_timeout', host: v.host, credentialsStripped };
-                }
-                return { status: 'error', reasonCode: 'web_fetch_unsupported_content_type', host: v.host, credentialsStripped };
-            }
-            let rawText;
-            let bytesReturned;
-            let truncated;
-            try {
-                const rawBody = res.body;
-                const result = await readBody(rawBody, cfg.maxBodyBytes, totalCtrl.signal);
-                rawText = result.text;
-                bytesReturned = result.bytesReturned;
-                truncated = result.truncated;
-            }
-            catch (e) {
-                await closeAgent();
-                if (e instanceof DOMException && e.name === 'AbortError') {
-                    return { status: 'error', reasonCode: 'web_fetch_timeout', host: v.host, credentialsStripped };
-                }
-                if (totalCtrl.signal.aborted) {
-                    return { status: 'error', reasonCode: 'web_fetch_timeout', host: v.host, credentialsStripped };
-                }
-                return { status: 'error', reasonCode: 'web_fetch_body_read_failed', host: v.host, credentialsStripped };
-            }
-            await closeAgent();
-            let extracted = rawText;
-            if (contentType === 'text/html')
-                extracted = extractBodyFromHTML(rawText);
-            let textTruncated = false;
-            if (extracted.length > RETURNED_TEXT_CAP) {
-                extracted = extracted.slice(0, RETURNED_TEXT_CAP);
-                textTruncated = true;
-            }
-            const wrapped = wrapFetchedContent({
-                url: v.url.toString(), host: v.host, content: extracted,
-            });
-            return {
-                status: 'ok', body: wrapped, rawText, host: v.host,
-                bytesReturned, truncated, textTruncated, credentialsStripped,
-            };
-        }
-    }
-    finally {
-        clearTimeout(totalTimer);
-    }
-}
-//# sourceMappingURL=web-fetch.js.map

package/dist/research/web-fetch.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"web-fetch.js","sourceRoot":"","sources":["../../src/research/web-fetch.ts"],"names":[],"mappings":"AAAA,0CAA0C;AAC1C,EAAE;AACF,yEAAyE;AACzE,8EAA8E;AAC9E,+EAA+E;AAC/E,2EAA2E;AAC3E,4EAA4E;AAC5E,yCAAyC;AAEzC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAIxC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EACL,qBAAqB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,UAAU,EACxE,eAAe,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,QAAQ,EACvE,SAAS,EAAE,eAAe,GAE3B,MAAM,wBAAwB,CAAC;AA8BhC,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;IACzB,WAAW,EAAE,YAAY;IACzB,iBAAiB,EAAE,sBAAsB,EAAE,qBAAqB;IAChE,kBAAkB;CACnB,CAAC,CAAC;AACH,MAAM,iBAAiB,GAAG,EAAE,GAAG,IAAI,CAAC;AAEpC;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,sBAAsB,CACpC,mBAA4B,EAC5B,cAAkC;IAElC,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE;QACxB,oEAAoE;QACpE,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,GAAG,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACjD,qDAAqD;YACrD,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBACzB,IAAI,UAAU,CAAC,cAAc,CAAC,KAAK,QAAQ,EAAE,CAAC;oBAC5C,EAAE,CAAC,IAAI,KAAK,CAAC,kCAAkC,CAA0B,EAAE,EAAE,CAAC,CAAC;oBAC/E,OAAO;gBACT,CAAC;YACH,CAAC;YACD,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACrD,OAAO;QACT,CAAC;QACD,yEAAyE;QACzE,mEAAmE;QACnE,yDAAyD;QACzD,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE;YACrC,MAAM,CAAC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE;gBACtD,IAAI,GAAG,EAAE,CAAC;oBAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;oBAAC,OAAO;gBAAC,CAAC;gBACjC,MAAM,IAAI,GAAG,SAA4B,CAAC;gBAC1C,IAAI,CAAC,mBAAmB,EAAE,CAAC;oBACzB,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;wBACrB,IAAI,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;4BACvC,EAAE,CAAC,IAAI,KAAK,CAAC,kCAAkC,CAA0B,EAAE,EAAE,CAAC,CAAC;4BAC/E,OAAO;wBACT,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAA0B,EAAE,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,SAAS,qBAAqB,CAC5B,mBAA4B,EAC5B,cAAkC,EAClC,gBAAwB;IAExB,MAAM,MAAM,GAAG,sBAAsB,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAAC;IAC3E,OAAO,IAAI,KAAK,CAAC;QACf,OAAO,EAAE,EAAE,MAAM,EAAE;QACnB,cAAc,EAAE,gBAAgB;KACjC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,KAAoB;IACjD,MAAM,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC;IACrC,MAAM,mBAAmB,GAAG,KAAK,CAAC,mBAAmB,IAAI,IAAI,GAAG,EAAU,CAAC;IAC3E,IAAI,mBAAmB,GAAG,KAAK,CAAC;IAEhC,IAAI,OAAY,CAAC;IACjB,IAAI,CAAC;QAAC,OAAO,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAAC,CAAC;IACrC,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,uBAAuB,EAAE,mBAAmB,EAAE,CAAC;IAAC,CAAC;IAC/F,mBAAmB,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAEvD,MAAM,SAAS,GAAG,IAAI,eAAe,EAAE,CAAC;IACxC,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC;IAE5E,IAAI,CAAC;QACH,IAAI,UAAU,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;QACpC,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,OAAO,IAAI,EAAE,CAAC;YACZ,IAAI,CAAkC,CAAC;YACvC,IAAI,CAAC;gBACH,CAAC,GAAG,MAAM,iBAAiB,CACzB,UAAU,EAAE,aAAa,EAAE,mBAAmB,EAC9C,KAAK,CAAC,SAAS,EAAE,SAAS,CAAC,MAAM,CAClC,CAAC;YACJ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,IAAI,CAAC,YAAY,YAAY,IAAI,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBACzD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,CAAC;gBACnF,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,iCAAiC,EAAE,mBAAmB,EAAE,CAAC;YACjG,CAAC;YACD,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;gBACV,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;oBAClB,MAAM,MAAM,GAAG,qBAAqB,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC;oBACnE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBACpF,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;YAC1F,CAAC;YAED,uEAAuE;YACvE,gEAAgE;YAChE,wEAAwE;YACxE,6CAA6C;YAC7C,IAAI,KAA8C,CAAC;YACnD,IAAI,KAAK,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACzC,KAAK,GAAG,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC1D,CAAC;iBAAM,CAAC;gBACN,KAAK,GAAG,qBAAqB,CAC3B,GAAG,CAAC,mBAAmB,IAAI,KAAK,EAChC,KAAK,CAAC,sBAAsB,EAC5B,GAAG,CAAC,gBAAgB,CACrB,CAAC;YACJ,CAAC;YACD,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE;gBAC5B,IAAI,KAAK,IAAI,OAAQ,KAAyC,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;oBACpF,IAAI,CAAC;wBAAC,MAAO,KAAwC,CAAC,KAAK,EAAE,CAAC;oBAAC,CAAC;oBAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;gBACzF,CAAC;YACH,CAAC,CAAC;YAEF,IAAI,GAAG,CAAC;YACR,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;oBACpC,MAAM,EAAE,KAAK;oBACb,cAAc,EAAE,GAAG,CAAC,gBAAgB;oBACpC,OAAO,EAAE,EAAE,YAAY,EAAE,UAAU,EAAE;oBACrC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACvC,MAAM,EAAE,SAAS,CAAC,MAAM;iBACzB,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,MAAM,UAAU,EAAE,CAAC;gBACnB,yDAAyD;gBACzD,MAAM,GAAG,GAAI,CAA0B,EAAE,OAAO,IAAI,EAAE,CAAC;gBACvD,IAAI,GAAG,CAAC,QAAQ,CAAC,kCAAkC,CAAC,EAAE,CAAC;oBACrD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,kCAAkC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBAChH,CAAC;gBACD,OAAO,EAAE,GAAG,eAAe,CAAC,CAAC,EAAE,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,mBAAmB,EAAE,CAAC;YAClF,CAAC;YAED,IAAI,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,SAAS,EAAE,CAAC;gBACZ,IAAI,SAAS,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;oBACjC,MAAM,UAAU,EAAE,CAAC;oBACnB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,8BAA8B,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBAC5G,CAAC;gBACD,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,OAA4C,CAAC,CAAC;gBACnF,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,MAAM,UAAU,EAAE,CAAC;oBACnB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,qCAAqC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBACnH,CAAC;gBACD,IAAI,OAAY,CAAC;gBACjB,IAAI,CAAC;oBAAC,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;gBAAC,CAAC;gBAC3C,MAAM,CAAC;oBAAC,MAAM,UAAU,EAAE,CAAC;oBAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBAAC,CAAC;gBAC1I,mBAAmB,GAAG,uBAAuB,CAAC,OAAO,CAAC,IAAI,mBAAmB,CAAC;gBAC9E,UAAU,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;gBAChC,MAAM,SAAS,CAAC,GAAG,CAAC,IAAqC,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;gBAC7E,MAAM,UAAU,EAAE,CAAC;gBACnB,IAAI,SAAS,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC7B,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBACjG,CAAC;gBACD,SAAS;YACX,CAAC;YAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC,OAA4C,CAAC,CAAC;YACzF,IAAI,WAAW,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBAChD,MAAM,SAAS,CAAC,GAAG,CAAC,IAAqC,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;gBAC7E,MAAM,UAAU,EAAE,CAAC;gBACnB,IAAI,SAAS,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC7B,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBACjG,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;YAClH,CAAC;YAED,IAAI,OAAe,CAAC;YAAC,IAAI,aAAqB,CAAC;YAAC,IAAI,SAAkB,CAAC;YACvE,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,GAAG,CAAC,IAAwC,CAAC;gBAC7D,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;gBAC3E,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;gBAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;gBAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;YAC5F,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,UAAU,EAAE,CAAC;gBACnB,IAAI,CAAC,YAAY,YAAY,IAAI,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBACzD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBACjG,CAAC;gBACD,IAAI,SAAS,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC7B,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;gBACjG,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,4BAA4B,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;YAC1G,CAAC;YACD,MAAM,UAAU,EAAE,CAAC;YAEnB,IAAI,SAAS,GAAG,OAAO,CAAC;YACxB,IAAI,WAAW,KAAK,WAAW;gBAAE,SAAS,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAE1E,IAAI,aAAa,GAAG,KAAK,CAAC;YAC1B,IAAI,SAAS,CAAC,MAAM,GAAG,iBAAiB,EAAE,CAAC;gBACzC,SAAS,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC;gBAClD,aAAa,GAAG,IAAI,CAAC;YACvB,CAAC;YAED,MAAM,OAAO,GAAG,kBAAkB,CAAC;gBACjC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS;aACxD,CAAC,CAAC;YACH,OAAO;gBACL,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI;gBAClD,aAAa,EAAE,SAAS,EAAE,aAAa,EAAE,mBAAmB;aAC7D,CAAC;QACJ,CAAC;IACH,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,UAAU,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC"}