@zintrust/core 0.1.49 → 0.1.51

package/app/Controllers/AuthController.js

@@ -1,223 +0,0 @@
-/**
- * Auth Controller
- * Minimal, real auth endpoints backing the example API routes.
- */
-import { Auth } from '../../src/auth/Auth.js';
-import { isUndefinedOrNull } from '../../src/helper/index.js';
-import { User } from '../Models/User.js';
-import { getString } from '../../src/common/utility.js';
-import { Logger } from '../../src/config/logger.js';
-import { getValidatedBody } from '../../src/http/ValidationHelper.js';
-import { JwtManager } from '../../src/security/JwtManager.js';
-const pickPublicUser = (row) => {
-    return {
-        id: row.id,
-        name: getString(row.name),
-        email: getString(row.email),
-    };
-};
-/**
- * Authenticates a user by email and password.
- * Validates credentials against the database and returns a JWT access token on success.
- * Logs all authentication attempts for security auditing.
- * @param req - HTTP request containing email and password
- * @param res - HTTP response to send authentication result
- * @returns Promise that resolves after sending the response
- */
-async function login(req, res) {
-    const body = getValidatedBody(req);
-    if (!body) {
-        Logger.error('AuthController.login: validation middleware did not populate req.validated.body');
-        return res.setStatus(500).json({ error: 'Internal server error' });
-    }
-    const email = getString(body['email']);
-    const password = getString(body['password']);
-    const ipAddress = req.getRaw().socket.remoteAddress ?? 'unknown';
-    try {
-        const existing = await User.where('email', '=', email).limit(1).first();
-        if (existing === null) {
-            Logger.warn('AuthController.login: failed login attempt', {
-                email,
-                ip: ipAddress,
-                reason: 'user_not_found',
-                timestamp: new Date().toISOString(),
-            });
-            res.setStatus(401).json({ error: 'Invalid credentials' });
-            return;
-        }
-        const passwordHash = getString(existing.password);
-        const ok = await Auth.compare(password, passwordHash);
-        if (!ok) {
-            Logger.warn('AuthController.login: failed login attempt', {
-                email,
-                ip: ipAddress,
-                reason: 'invalid_password',
-                timestamp: new Date().toISOString(),
-            });
-            res.setStatus(401).json({ error: 'Invalid credentials' });
-            return;
-        }
-        const user = pickPublicUser(existing);
-        const subject = (() => {
-            const id = user.id;
-            if (typeof id === 'string' && id.length > 0)
-                return id;
-            if (typeof id === 'number' && Number.isFinite(id))
-                return String(id);
-            return undefined;
-        })();
-        // Bulletproof Auth (device binding) expects a device id header to match a JWT claim.
-        // For the example app, we mint a stable device id derived from the subject.
-        // Production apps should issue a per-device id and manage a per-device signing secret.
-        const deviceId = isUndefinedOrNull(subject) ? undefined : `dev-${subject}`;
-        const token = await JwtManager.signAccessToken({
-            sub: subject,
-            email,
-            ...(isUndefinedOrNull(deviceId) ? {} : { deviceId }),
-        });
-        Logger.info('AuthController.login: successful login', {
-            userId: subject,
-            email,
-            ip: ipAddress,
-            timestamp: new Date().toISOString(),
-        });
-        res.json({
-            token,
-            token_type: 'Bearer',
-            ...(isUndefinedOrNull(deviceId) ? {} : { deviceId }),
-            user,
-        });
-    }
-    catch (error) {
-        Logger.error('AuthController.login: unexpected error', {
-            email,
-            ip: ipAddress,
-            error: error instanceof Error ? error.message : String(error),
-            timestamp: new Date().toISOString(),
-        });
-        res.setStatus(500).json({ error: 'Login failed' });
-    }
-}
-/**
- * Registers a new user with name, email, and password.
- * Validates email uniqueness, hashes password, and stores user in database.
- * Returns 201 on success, 409 if email already exists.
- * @param req - HTTP request containing name, email, and password
- * @param res - HTTP response to send registration result
- * @returns Promise that resolves after sending the response
- */
-async function register(req, res) {
-    const body = getValidatedBody(req);
-    if (!body) {
-        Logger.error('AuthController.register: validation middleware did not populate req.validated.body');
-        res.setStatus(500).json({ error: 'Internal server error' });
-        return;
-    }
-    const name = getString(body['name']);
-    const email = getString(body['email']);
-    const password = getString(body['password']);
-    const ipAddress = req.getRaw().socket.remoteAddress ?? 'unknown';
-    try {
-        const existing = await User.where('email', '=', email).limit(1).first();
-        if (existing !== null) {
-            Logger.warn('AuthController.register: duplicate email attempt', {
-                email,
-                ip: ipAddress,
-                timestamp: new Date().toISOString(),
-            });
-            res.setStatus(409).json({ error: 'Email already registered' });
-            return;
-        }
-        const passwordHash = await Auth.hash(password);
-        const result = await User.query().insert({
-            name,
-            email,
-            password: passwordHash,
-        });
-        let insertedUserId = result.id;
-        if (insertedUserId === null || insertedUserId === undefined) {
-            const inserted = await User.where('email', '=', email).limit(1).first();
-            if (inserted?.id !== null && inserted?.id !== undefined) {
-                insertedUserId = inserted.id;
-            }
-        }
-        if (insertedUserId !== null && insertedUserId !== undefined) {
-            Logger.info('AuthController.register: successful registration', {
-                user_id: insertedUserId,
-                email,
-                ip: ipAddress,
-                timestamp: new Date().toISOString(),
-            });
-            res.setStatus(201).json({ message: 'Registered' });
-        }
-        else {
-            Logger.error('Failed to retrieve inserted user ID', {
-                email,
-                ip: ipAddress,
-            });
-            res.setStatus(500).json({ error: 'Registration failed' });
-        }
-        return;
-    }
-    catch (error) {
-        Logger.error('AuthController.register failed', error);
-        res.setStatus(500).json({ error: 'Registration failed' });
-    }
-}
-/**
- * Logs out the current user by revoking their JWT token.
- * Extracts authorization header and marks token as revoked.
- * Requires persistent token revocation store for stateless JWT validation.
- * @param req - HTTP request containing authorization header with JWT token
- * @param res - HTTP response to send logout confirmation
- * @returns Promise that resolves after sending the response
- */
-async function logout(req, res) {
-    const authHeader = typeof req.getHeader === 'function' ? req.getHeader('authorization') : undefined;
-    await JwtManager.logout(authHeader);
-    res.json({ message: 'Logged out' });
-}
-/**
- * Logs out the current user from all devices by removing all active sessions for their subject.
- *
- * With session allowlist enforcement, deleting a user's session records causes any previously issued
- * tokens to become unauthorized (401) immediately.
- */
-async function logoutAll(req, res) {
-    const sub = typeof req.user?.sub === 'string' ? req.user.sub.trim() : '';
-    if (sub === '') {
-        res.setStatus(401).json({ error: 'Unauthorized' });
-        return;
-    }
-    await JwtManager.logoutAll(sub);
-    res.json({ message: 'Logged out everywhere' });
-}
-/**
- * Refreshes the user's JWT access token.
- * Generates a new token with the same claims as the current user.
- * Returns 401 if user is not authenticated.
- * @param req - HTTP request with user populated by authentication middleware
- * @param res - HTTP response to send refreshed token
- * @returns Promise that resolves after sending the response
- */
-async function refresh(req, res) {
-    const user = req.user;
-    if (user === undefined) {
-        res.setStatus(401).json({ error: 'Unauthorized' });
-        return;
-    }
-    const token = await JwtManager.signAccessToken(user);
-    res.json({ token, token_type: 'Bearer' });
-}
-export const AuthController = Object.freeze({
-    create() {
-        return {
-            login,
-            register,
-            logout,
-            logoutAll,
-            refresh,
-        };
-    },
-});
-export default AuthController;

package/app/Controllers/UserController.d.ts

@@ -1,9 +0,0 @@
-/**
- * User Controller (compat)
- *
- * This file remains for backwards-compatibility. The actual implementation is
- * QueryBuilder-backed and lives in UserQueryBuilderController.
- */
-export { UserQueryBuilderController as UserController, UserQueryBuilderController, } from '../Controllers/UserQueryBuilderController';
-export { UserQueryBuilderController as default } from '../Controllers/UserQueryBuilderController';
-//# sourceMappingURL=UserController.d.ts.map

package/app/Controllers/UserController.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserController.d.ts","sourceRoot":"","sources":["../../../app/Controllers/UserController.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,0BAA0B,IAAI,cAAc,EAC5C,0BAA0B,GAC3B,MAAM,6CAA6C,CAAC;AAErD,OAAO,EAAE,0BAA0B,IAAI,OAAO,EAAE,MAAM,6CAA6C,CAAC"}

package/app/Controllers/UserController.js

@@ -1,8 +0,0 @@
-/**
- * User Controller (compat)
- *
- * This file remains for backwards-compatibility. The actual implementation is
- * QueryBuilder-backed and lives in UserQueryBuilderController.
- */
-export { UserQueryBuilderController as UserController, UserQueryBuilderController, } from '../Controllers/UserQueryBuilderController.js';
-export { UserQueryBuilderController as default } from '../Controllers/UserQueryBuilderController.js';

package/app/Controllers/UserQueryBuilderController.d.ts

@@ -1,16 +0,0 @@
-/**
- * User QueryBuilder Controller
- * QueryBuilder-backed controller for the users resource.
- */
-import type { IUserController } from '../Types/controller';
-/**
- * User QueryBuilder Controller Factory
- */
-export declare const UserQueryBuilderController: {
-    /**
-     * Create a new user controller instance
-     */
-    create(): IUserController;
-};
-export default UserQueryBuilderController;
-//# sourceMappingURL=UserQueryBuilderController.d.ts.map

package/app/Controllers/UserQueryBuilderController.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserQueryBuilderController.d.ts","sourceRoot":"","sources":["../../../app/Controllers/UserQueryBuilderController.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAmC,MAAM,uBAAuB,CAAC;AAkc9F;;GAEG;AACH,eAAO,MAAM,0BAA0B;IACrC;;OAEG;cACO,eAAe;CAG1B,CAAC;AAEF,eAAe,0BAA0B,CAAC"}

package/app/Controllers/UserQueryBuilderController.js

@@ -1,404 +0,0 @@
-/**
- * User QueryBuilder Controller
- * QueryBuilder-backed controller for the users resource.
- */
-import { Logger, QueryBuilder, Sanitizer, Schema, Validator, getValidatedBody, nowIso, randomBytes, useDatabase, } from '../../src/index.js';
-const isValidationError = (error) => {
-    if (typeof error !== 'object' || error === null)
-        return false;
-    const maybe = error;
-    return maybe.name === 'ValidationError' && typeof maybe.toObject === 'function';
-};
-const isSanitizerError = (error) => {
-    if (typeof error !== 'object' || error === null)
-        return false;
-    const maybe = error;
-    return maybe.name === 'SanitizerError';
-};
-const toJsonRecord = (value) => {
-    if (typeof value !== 'object' || value === null)
-        return {};
-    if (Array.isArray(value))
-        return {};
-    return value;
-};
-const resolveBody = (req) => {
-    return toJsonRecord(getValidatedBody(req) ?? req.body ?? {});
-};
-const getParamCompat = (req, name) => {
-    try {
-        const anyReq = req;
-        if (typeof anyReq.getParam === 'function')
-            return anyReq.getParam(name);
-    }
-    catch {
-        // ignore
-    }
-    const anyReq = req;
-    const params = anyReq.params;
-    if (typeof params === 'object' && params !== null)
-        return params[name];
-    return undefined;
-};
-const requireSelf = (req, res, userId) => {
-    if (typeof userId !== 'string' || userId.length === 0) {
-        res.status(400).json({ error: 'Missing user id' });
-        return false;
-    }
-    const subject = typeof req.user?.sub === 'string' ? req.user.sub : undefined;
-    if (subject === undefined || subject.length === 0) {
-        res.status(401).json({ error: 'Unauthorized' });
-        return false;
-    }
-    if (subject !== userId) {
-        res.status(403).json({ error: 'Forbidden' });
-        return false;
-    }
-    return true;
-};
-const randomInt = (min, max) => {
-    const lo = Math.ceil(min);
-    const hi = Math.floor(max);
-    return Math.floor(lo + Math.random() * (hi - lo + 1)); // NOSONAR is just a test utility
-};
-const randomName = () => {
-    const first = ['Alex', 'Jordan', 'Taylor', 'Sam', 'Casey', 'Riley', 'Morgan'];
-    const last = ['Lee', 'Kim', 'Patel', 'Garcia', 'Brown', 'Nguyen', 'Smith'];
-    return `${first[randomInt(0, first.length - 1)]} ${last[randomInt(0, last.length - 1)]}`;
-};
-const randomEmail = () => {
-    const n = randomInt(10000, 99999);
-    return `user${n}@example.com`;
-};
-const randomPassword = () => {
-    // Not cryptographically perfect UX-wise, but avoids hard-coded credentials.
-    // `base64url` keeps it URL-safe and reasonably short.
-    return randomBytes(12).toString('base64url');
-};
-const pickAllowed = (body, allowed) => {
-    const out = {};
-    for (const [k, v] of Object.entries(body)) {
-        if (allowed.has(k))
-            out[k] = v;
-    }
-    return out;
-};
-const hasUnknownKeys = (body, allowed) => {
-    for (const k of Object.keys(body)) {
-        if (!allowed.has(k))
-            return k;
-    }
-    return null;
-};
-const sanitizeUserUpdateBody = (updateBody) => {
-    const sanitizedUpdateBody = {};
-    if ('name' in updateBody) {
-        sanitizedUpdateBody['name'] = Sanitizer.nameText(updateBody['name']).trim();
-    }
-    if ('email' in updateBody) {
-        sanitizedUpdateBody['email'] = Sanitizer.email(updateBody['email']).trim().toLowerCase();
-    }
-    if ('password' in updateBody) {
-        sanitizedUpdateBody['password'] = Sanitizer.safePasswordChars(updateBody['password']);
-    }
-    return sanitizedUpdateBody;
-};
-const buildUserUpdateSchema = () => {
-    return Schema.create()
-        .custom('name', (v) => v === undefined || typeof v === 'string', 'name must be a string')
-        .minLength('name', 1)
-        .custom('email', (v) => v === undefined || typeof v === 'string', 'email must be a string')
-        .custom('password', (v) => v === undefined || typeof v === 'string', 'password must be a string')
-        .minLength('password', 8);
-};
-const buildUserStoreSchema = () => {
-    return Schema.create()
-        .custom('name', (v) => typeof v === 'string', 'name must be a string')
-        .minLength('name', 1)
-        .custom('email', (v) => typeof v === 'string', 'email must be a string')
-        .email('email')
-        .custom('password', (v) => typeof v === 'string', 'password must be a string')
-        .minLength('password', 8);
-};
-/**
- * User Controller Methods
- */
-const userControllerMethods = {
-    /**
-     * List all users
-     * GET /users
-     */
-    async index(req, res) {
-        try {
-            const subject = typeof req.user?.sub === 'string' ? req.user.sub : undefined;
-            if (subject === undefined || subject.length === 0) {
-                res.status(401).json({ error: 'Unauthorized' });
-                return;
-            }
-            const db = useDatabase();
-            const users = await QueryBuilder.create('users', db)
-                .select('id', 'name', 'email', 'created_at', 'updated_at')
-                .where('id', '=', subject)
-                .limit(1)
-                .get();
-            res.json({ data: users });
-        }
-        catch (error) {
-            Logger.error('Error fetching users:', error);
-            res.status(500).json({ error: 'Failed to fetch users' });
-        }
-    },
-    /**
-     * Show a specific user
-     * GET /users/:id
-     */
-    async show(req, res) {
-        try {
-            const db = useDatabase();
-            const rawId = getParamCompat(req, 'id');
-            const id = Sanitizer.digitsOnly(rawId); // Zero trust protection for db id
-            if (typeof id !== 'string' || id.length === 0) {
-                // ✅ Good
-                res.status(400).json({ error: 'Missing user id' });
-                return;
-            }
-            if (!requireSelf(req, res, id))
-                return;
-            const user = await QueryBuilder.create('users', db)
-                .select('id', 'name', 'email', 'created_at', 'updated_at')
-                .where('id', '=', id)
-                .limit(1)
-                .first();
-            if (user === null) {
-                res.status(404).json({ error: 'User not found' });
-                return;
-            }
-            res.json({ data: user });
-        }
-        catch (error) {
-            if (isSanitizerError(error)) {
-                res.status(400).json({ error: error.message });
-                return;
-            }
-            Logger.error('Error fetching user:', error);
-            res.status(500).json({ error: 'Failed to fetch user' });
-        }
-    },
-    /**
-     * Show create form
-     * GET /users/create
-     */
-    async create(_req, res) {
-        res.json({ form: 'Create User Form' });
-    },
-    /**
-     * Store a new user
-     * POST /users
-     */
-    async store(req, res) {
-        try {
-            // Use validated body if available (already sanitized by middleware), otherwise fallback to raw
-            const body = resolveBody(req);
-            const required = ['name', 'email', 'password'];
-            const missing = {};
-            for (const key of required) {
-                const val = body[key];
-                if (typeof val !== 'string' || val.trim() === '') {
-                    missing[key] = ['Required'];
-                }
-            }
-            if (Object.keys(missing).length > 0) {
-                res.status(422).json({ errors: missing });
-                return;
-            }
-            // Trust middleware for sanitization if validation passed.
-            // If we are here, validation ostensibly passed or we are in a context where we must self-validate.
-            // To satisfy defense-in-depth without double-sanitization bottleneck:
-            // We assume body is safe-ish if it came from resolved validated body.
-            // But to be explicit and type-safe, we cast or read fields directly.
-            const db = useDatabase();
-            const ts = nowIso();
-            // Apply bulletproof sanitization for defense-in-depth
-            const name = Sanitizer.nameText(body['name']);
-            const email = Sanitizer.email(body['email']);
-            const password = Sanitizer.safePasswordChars(body['password']);
-            Validator.validate({ name, email, password }, buildUserStoreSchema());
-            await QueryBuilder.create('users', db).insert({
-                name,
-                email,
-                password, // Hashing should be handled by model/service or here if raw
-                created_at: ts,
-                updated_at: ts,
-            });
-            res.status(201).json({ message: 'User created' });
-        }
-        catch (error) {
-            if (isSanitizerError(error)) {
-                res.status(400).json({ error: error.message });
-                return;
-            }
-            if (isValidationError(error)) {
-                res.status(422).json({ errors: error.toObject?.() ?? {} });
-                return;
-            }
-            Logger.error('Error creating user:', error);
-            res.status(500).json({ error: 'Failed to create user' });
-        }
-    },
-    /**
-     * Fill users table with random users
-     * POST /users/fill
-     */
-    async fill(req, res) {
-        try {
-            const body = resolveBody(req);
-            const countVal = body['count'];
-            // Ensure count is a number (middleware validation handles this, but we double check or default)
-            let count = typeof countVal === 'number' ? countVal : 10;
-            if (count < 1)
-                count = 1;
-            if (count > 100)
-                count = 100;
-            const db = useDatabase();
-            const ts = nowIso();
-            // Optimize: Bulk insert instead of N+1 inserts to reduce IO bottleneck and memory overhead
-            const users = Array.from({ length: count }, () => ({
-                name: randomName(),
-                email: randomEmail(),
-                password: randomPassword(),
-                created_at: ts,
-                updated_at: ts,
-            }));
-            await QueryBuilder.create('users', db).insert(users);
-            res.status(201).json({ message: 'Users filled', count });
-        }
-        catch (error) {
-            Logger.error('Error filling users:', error);
-            res.status(500).json({ error: 'Failed to fill users' });
-        }
-    },
-    /**
-     * Show edit form
-     * GET /users/:id/edit
-     */
-    async edit(_req, res) {
-        try {
-            res.json({ form: 'Edit User Form' });
-        }
-        catch (error) {
-            Logger.error('Error loading edit form:', error);
-            res.status(500).json({ error: 'Failed to load edit form' });
-        }
-    },
-    /**
-     * Update a user
-     * PUT /users/:id
-     */
-    async update(req, res) {
-        // NOSONAR bulletproof sanitization requires explicit validation steps
-        try {
-            const db = useDatabase();
-            const rawId = getParamCompat(req, 'id');
-            const id = Sanitizer.digitsOnly(rawId);
-            if (typeof id !== 'string' || id.length === 0) {
-                res.status(400).json({ error: 'Missing user id' });
-                return;
-            }
-            if (!requireSelf(req, res, id))
-                return;
-            const allowed = new Set(['name', 'email', 'password']);
-            const body = resolveBody(req);
-            const unknown = hasUnknownKeys(body, allowed);
-            if (unknown !== null) {
-                res.status(422).json({ errors: { [unknown]: ['Unknown field'] } });
-                return;
-            }
-            const updateBody = pickAllowed(body, allowed);
-            if (Object.keys(updateBody).length === 0) {
-                res.status(422).json({ errors: { body: ['No fields to update'] } });
-                return;
-            }
-            const sanitizedUpdateBody = sanitizeUserUpdateBody(updateBody);
-            Validator.validate(sanitizedUpdateBody, buildUserUpdateSchema());
-            const existing = await QueryBuilder.create('users', db)
-                .select('id')
-                .where('id', '=', id)
-                .limit(1)
-                .first();
-            if (existing === null) {
-                res.status(404).json({ error: 'User not found' });
-                return;
-            }
-            const ts = nowIso();
-            await QueryBuilder.create('users', db)
-                .where('id', '=', id)
-                .update({ ...sanitizedUpdateBody, updated_at: ts });
-            const user = await QueryBuilder.create('users', db)
-                .select('id', 'name', 'email', 'created_at', 'updated_at')
-                .where('id', '=', id)
-                .limit(1)
-                .first();
-            res.json({ message: 'User updated', user });
-        }
-        catch (error) {
-            if (isSanitizerError(error)) {
-                res.status(400).json({ error: error.message });
-                return;
-            }
-            if (isValidationError(error)) {
-                res.status(422).json({ errors: error.toObject?.() ?? {} });
-                return;
-            }
-            Logger.error('Error updating user:', error);
-            res.status(500).json({ error: 'Failed to update user' });
-        }
-    },
-    /**
-     * Delete a user
-     * DELETE /users/:id
-     */
-    async destroy(req, res) {
-        try {
-            const db = useDatabase();
-            const rawId = getParamCompat(req, 'id');
-            const id = Sanitizer.digitsOnly(rawId);
-            if (typeof id !== 'string' || id.length === 0) {
-                res.status(400).json({ error: 'Missing user id' });
-                return;
-            }
-            if (!requireSelf(req, res, id))
-                return;
-            const existing = await QueryBuilder.create('users', db)
-                .select('id')
-                .where('id', '=', id)
-                .limit(1)
-                .first();
-            if (existing === null) {
-                res.status(404).json({ error: 'User not found' });
-                return;
-            }
-            await QueryBuilder.create('users', db).where('id', '=', id).delete();
-            res.json({ message: 'User deleted' });
-        }
-        catch (error) {
-            if (isSanitizerError(error)) {
-                res.status(400).json({ error: error.message });
-                return;
-            }
-            Logger.error('Error deleting user:', error);
-            res.status(500).json({ error: 'Failed to delete user' });
-        }
-    },
-};
-/**
- * User QueryBuilder Controller Factory
- */
-export const UserQueryBuilderController = {
-    /**
-     * Create a new user controller instance
-     */
-    create() {
-        return userControllerMethods;
-    },
-};
-export default UserQueryBuilderController;

package/app/Middleware/ProfilerMiddleware.d.ts

@@ -1,12 +0,0 @@
-/**
- * Profiler Middleware
- * Enables request profiling when ENABLE_PROFILER environment variable is set
- */
-import type { Middleware } from '../../src/middleware/MiddlewareStack';
-/**
- * ProfilerMiddleware wraps request execution with performance profiling
- * Enabled via ENABLE_PROFILER=true environment variable
- * Attaches profiling report to response headers
- */
-export declare const ProfilerMiddleware: Middleware;
-//# sourceMappingURL=ProfilerMiddleware.d.ts.map

package/app/Middleware/ProfilerMiddleware.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ProfilerMiddleware.d.ts","sourceRoot":"","sources":["../../../app/Middleware/ProfilerMiddleware.ts"],"names":[],"mappings":"AACA;;;GAGG;AAGH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAG9D;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,EAAE,UAwChC,CAAC"}