npm - agim-cli - Versions diffs - 1.2.68 → 1.2.70 - Mend

agim-cli 1.2.68 → 1.2.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,112 @@ All notable changes to this project will be documented in this file.
 ## [Unreleased]
+## [1.2.70] - 2026-05-26
+### Security
+- **CR-1 / CR-3 / CR-4 — fixes from the v1.2.55–v1.2.69 code review.**
+  Closes three holes flagged as 🔴 critical in
+  `CODE_REVIEW_v1.2.55-v1.2.69.md`.
+- **CR-1: fs-dispatcher symlink escape guard.**
+  `core/llm/fs-dispatcher.ts:resolveAndCheck` is now async and runs an
+  extra `realpathSoft(abs)` after the lexical sensitive-path +
+  workspace-relative check. The resolved real path is re-validated
+  against `isSensitivePath` and the workspace boundary. A symlink
+  inside the agent cwd that points at `/etc/passwd` (or any path
+  outside the workspace) is rejected with reason
+  `"sensitive path (via symlink): …"` / `"symlink target … is outside
+  workspace"`. Non-existent targets (typical for `native_write_file`
+  to a new path) fall back to resolving the parent dir, catching the
+  "create file inside a symlinked directory" case.
+- **CR-3: SSRF parser accepts integer / hex / octal IPv4 forms.**
+  `core/llm/web-dispatcher.ts:checkUrlSafety` no longer relies on a
+  dotted-quad regex. New `tryParseIPv4Variants(host)` expands every
+  RFC3986 form Node's URL parser accepts: dotted quad, 1-/2-/3-part
+  short form (e.g. `127.1` → `127.0.0.1`), decimal int
+  (`2130706433`), hex int (`0x7f000001`), octal-prefixed octets
+  (`0177.0.0.1`). Each octet's range is validated, closing the
+  `999.999.999.999` overflow path. In practice Node's URL parser
+  already canonicalises most of these to dotted quad, but
+  defense-in-depth covers any consumer that hands us a raw hostname.
+- **CR-4: IPv6 ULA / link-local check now uses bit-masks, not regex.**
+  New `checkIpv6Safety(addr)` + `expandIpv6(addr)` canonicalise the
+  address to 8 × 16-bit groups via `net.isIPv6()`, then apply prefix
+  masks: `fe80::/10` (link-local), `fc00::/7` (ULA, covers `fc**` and
+  `fd**`), `::1` (loopback), `::ffff:V4` (mapped — recursively
+  checked against IPv4 safety), `::` (unspecified). Compressed forms
+  like `[fcab:1234::5]` or `[fd00::dead]` that the old regex missed
+  are now correctly blocked.
+### Tests
+- **+11 red-team cases** across the two dispatchers covering the
+  fixes above:
+  - `web-dispatcher.test.ts`: IPv6 ULA compressed forms, IPv6
+    loopback, mapped-v4 RFC1918, decimal/hex/octal/short-form IPv4,
+    overflow-octet rejection, public IPv6 still allowed, unit test
+    for `tryParseIPv4Variants` itself.
+  - `fs-dispatcher.test.ts`: symlink whose target is `/etc/passwd`,
+    symlink to an outside-workspace path, symlinked directory used
+    as write parent, symlink that DOES resolve inside the workspace
+    (positive case).
+  - Total dispatcher tests: 53/53 green.
+### Notes
+- CR-5 (exec-dispatcher dangerous-pattern regex bypass) and CR-6
+  (`IMHUB_NATIVE_EXEC_SANDBOX` defaults off) deferred to the next
+  batch alongside CR-2 (DNS-aware SSRF resolver).
+## [1.2.69] - 2026-05-26
+### Added
+- **`IMHUB_PLATFORM_BLACKLIST` env** — comma-separated list of IM
+  platform ids that the bot will REFUSE to enable. Default empty
+  (no blocks; backward compatible). Three-layer enforcement:
+  1. **Registry** (`core/registry.ts`): `registry.registerMessenger`
+     refuses adapters whose `name` matches the list (or its
+     `wechat ⇔ wechat-ilink` aliases). Refusal logs
+     `event=messenger.blacklisted` and skips the registration even
+     when credentials are present in `~/.agim/env`.
+  2. **CLI wizard** (`core/onboarding.ts`): blacklisted platforms
+     vanish from `getAvailableMessengers()` so the wizard never
+     prompts for them. Layered on top of the existing
+     `IMHUB_ENABLE_GLOBAL_IM` filter.
+  3. **Web admin** (`/api/messengers` GET): per-platform credential
+     blocks (`telegram` / `discord` / `feishu` / `dingtalk` /
+     `wechat`) are omitted from the response when their id (or
+     alias) is on the list. The `messengers` dictionary is also
+     filtered. The SPA sees nothing → renders nothing.
+- **New helpers exported from `core/registry.ts`**:
+  `parsePlatformBlacklist(raw)`, `isPlatformBlacklisted(name)`,
+  `getPlatformBlacklist()`. Each re-reads `process.env` so a hot
+  env-file update (via PUT /api/env) takes effect on the next
+  call without a service restart for the *filter* logic. Adapter
+  un-registration still requires restart (registry init runs
+  once).
+### Changed
+- `/settings/security` page gains:
+  - "IM platform blacklist" diagnostic row (green when empty,
+    warning when populated; shows the active list).
+  - New section at the bottom: input field for the blacklist CSV
+    + live preview of "currently in force" entries.
+- `ENV_EDITABLE_KEYS` in `web/server.ts` extended with
+  `IMHUB_PLATFORM_BLACKLIST`.
+- `/api/security/diagnostics` returns `platformBlacklist: string[]`.
+### Internal
+- 11 unit tests in `test/unit/platform-blacklist.test.ts` cover
+  parser, alias expansion, hot env-update, case-insensitivity, and
+  list snapshotting.
 ## [1.2.68] - 2026-05-26
 ### Fixed

package/dist/core/llm/fs-dispatcher.js CHANGED Viewed

@@ -161,7 +161,7 @@ async function runOne(name, args, ctx, signal) {
 function workspaceRestricted() {
     return process.env.IMHUB_NATIVE_FS_RESTRICT !== '0';
 }
-function resolveAndCheck(input, ctx) {
+async function resolveAndCheck(input, ctx) {
     if (typeof input !== 'string' || input.length === 0) {
         return { abs: '', ok: false, reason: 'path must be a non-empty string' };
     }
@@ -185,11 +185,61 @@ function resolveAndCheck(input, ctx) {
             };
         }
     }
+    // v1.2.70 — CR-1: realpath guard against symlink escape. Lexical
+    // checks alone don't see symlinks that point outside the workspace
+    // or at sensitive paths (e.g. a symlink "evil" → "/etc/passwd"
+    // dropped inside the agent cwd). Re-run sensitive + workspace
+    // checks against the resolved real path. Non-existent paths have
+    // no symlink to follow yet, so realpath ENOENT falls back to
+    // resolving the parent (which catches the "directory itself is a
+    // symlink" case) or leaves abs as-is.
+    const real = await realpathSoft(abs);
+    if (real !== abs) {
+        const sensReal = isSensitivePath(real, { cwd: ctx.cwd });
+        if (sensReal.sensitive) {
+            return { abs: real, ok: false, reason: `sensitive path (via symlink): ${sensReal.reason}` };
+        }
+        if (workspaceRestricted()) {
+            const relReal = relative(ctx.cwd, real);
+            if (relReal.startsWith('..') || (relReal.length > 0 && isAbsolute(relReal))) {
+                return {
+                    abs: real,
+                    ok: false,
+                    reason: `symlink target "${real}" is outside workspace "${ctx.cwd}". ` +
+                        'Set IMHUB_NATIVE_FS_RESTRICT=0 to allow broader access.',
+                };
+            }
+        }
+    }
     return { abs, ok: true };
 }
+/** Resolve symlinks in `abs`. If the path itself doesn't exist
+ *  (ENOENT — typical for write_file targeting a new file), resolve
+ *  the parent and rejoin with the basename. If the parent also
+ *  doesn't exist, return `abs` verbatim — there's no symlink to
+ *  follow yet, so lexical checks already cover us. */
+async function realpathSoft(abs) {
+    try {
+        return await fs.realpath(abs);
+    }
+    catch {
+        const lastSep = abs.lastIndexOf(sep);
+        if (lastSep <= 0)
+            return abs;
+        const parent = abs.slice(0, lastSep);
+        const name = abs.slice(lastSep + 1);
+        try {
+            const realParent = await fs.realpath(parent);
+            return resolvePath(realParent, name);
+        }
+        catch {
+            return abs;
+        }
+    }
+}
 // ─── tools ───────────────────────────────────────────────────────────
 async function runReadFile(args, ctx) {
-    const p = resolveAndCheck(args.path, ctx);
+    const p = await resolveAndCheck(args.path, ctx);
     if (!p.ok)
         return { text: p.reason ?? 'invalid path', isError: true, source: 'fs' };
     const maxBytes = clampNumber(args.max_bytes, DEFAULT_READ_MAX_BYTES, 1, 8 * 1024 * 1024);
@@ -220,7 +270,7 @@ async function runReadFile(args, ctx) {
     }
 }
 async function runWriteFile(args, ctx) {
-    const p = resolveAndCheck(args.path, ctx);
+    const p = await resolveAndCheck(args.path, ctx);
     if (!p.ok)
         return { text: p.reason ?? 'invalid path', isError: true, source: 'fs' };
     const content = typeof args.content === 'string' ? args.content : '';
@@ -251,7 +301,7 @@ async function runWriteFile(args, ctx) {
     }
 }
 async function runListDir(args, ctx) {
-    const p = resolveAndCheck(args.path, ctx);
+    const p = await resolveAndCheck(args.path, ctx);
     if (!p.ok)
         return { text: p.reason ?? 'invalid path', isError: true, source: 'fs' };
     const maxEntries = clampNumber(args.max_entries, DEFAULT_LIST_MAX_ENTRIES, 1, 5000);
@@ -288,7 +338,7 @@ async function runGlob(args, ctx, signal) {
     if (!pattern)
         return { text: 'pattern required', isError: true, source: 'fs' };
     const rootInput = typeof args.root === 'string' ? args.root : '.';
-    const p = resolveAndCheck(rootInput, ctx);
+    const p = await resolveAndCheck(rootInput, ctx);
     if (!p.ok)
         return { text: p.reason ?? 'invalid root', isError: true, source: 'fs' };
     const maxResults = clampNumber(args.max_results, DEFAULT_GLOB_MAX_RESULTS, 1, 5000);
@@ -312,7 +362,7 @@ async function runGrep(args, ctx, signal) {
     if (!pattern)
         return { text: 'pattern required', isError: true, source: 'fs' };
     const inputPath = typeof args.path === 'string' ? args.path : '.';
-    const p = resolveAndCheck(inputPath, ctx);
+    const p = await resolveAndCheck(inputPath, ctx);
     if (!p.ok)
         return { text: p.reason ?? 'invalid path', isError: true, source: 'fs' };
     const glob = typeof args.glob === 'string' ? args.glob : undefined;

package/dist/core/llm/fs-dispatcher.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"fs-dispatcher.js","sourceRoot":"","sources":["../../../src/core/llm/fs-dispatcher.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,EAAE;AACF,wEAAwE;AACxE,qEAAqE;AACrE,iEAAiE;AACjE,qEAAqE;AACrE,mEAAmE;AACnE,6CAA6C;AAC7C,EAAE;AACF,uEAAuE;AACvE,sEAAsE;AACtE,qEAAqE;AACrE,8DAA8D;AAC9D,8CAA8C;AAC9C,EAAE;AACF,sBAAsB;AACtB,yCAAyC;AACzC,8CAA8C;AAC9C,0CAA0C;AAC1C,gDAAgD;AAChD,wFAAwF;AACxF,EAAE;AACF,6EAA6E;AAC7E,qDAAqD;AAErD,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClD,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAA;AAC7E,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,cAAc,CAAA;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAIvD,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAA;AAE5D,MAAM,kBAAkB,GAAG,MAAM,CAAA;AACjC,MAAM,sBAAsB,GAAG,GAAG,GAAG,IAAI,CAAA,CAAK,SAAS;AACvD,MAAM,uBAAuB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAA,CAAC,OAAO;AACvD,MAAM,wBAAwB,GAAG,GAAG,CAAA;AACpC,MAAM,wBAAwB,GAAG,GAAG,CAAA;AACpC,MAAM,wBAAwB,GAAG,GAAG,CAAA;AAEpC,MAAM,aAAa,GAAG;IACpB,kBAAkB;IAClB,mBAAmB;IACnB,iBAAiB;IACjB,aAAa;IACb,aAAa;CACL,CAAA;AAEV,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,OAAQ,aAAmC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;AAC5D,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,OAAO;QACL;YACE,IAAI,EAAE,kBAAkB;YACxB,WAAW,EACT,0FAA0F;gBAC1F,6EAA6E;gBAC7E,6FAA6F;YAC/F,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0CAA0C,EAAE;oBACjF,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qCAAqC,EAAE;iBAClF;gBACD,QAAQ,EAAE,CAAC,MAAM,CAAC;gBAClB,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,mBAAmB;YACzB,WAAW,EACT,mFAAmF;gBACnF,yDAAyD;YAC3D,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE;oBACnD,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iCAAiC,EAAE;oBAC3E,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,QAAQ,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE;iBACvG;gBACD,QAAQ,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC;gBAC7B,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,iBAAiB;YACvB,WAAW,EACT,4FAA4F;gBAC5F,2DAA2D;YAC7D,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE;oBACxD,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qCAAqC,EAAE;iBACpF;gBACD,QAAQ,EAAE,CAAC,MAAM,CAAC;gBAClB,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,aAAa;YACnB,WAAW,EACT,iGAAiG;gBACjG,2DAA2D;YAC7D,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;oBACzD,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,+BAA+B,EAAE;oBACtE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,mCAAmC,EAAE;iBAClF;gBACD,QAAQ,EAAE,CAAC,SAAS,CAAC;gBACrB,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,aAAa;YACnB,WAAW,EACT,2FAA2F;gBAC3F,sFAAsF;gBACtF,qDAAqD;YACvD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE;oBAC1D,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4CAA4C,EAAE;oBACnF,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,oCAAoC,EAAE;oBAC3E,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;oBACpE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gCAAgC,EAAE;oBAC9E,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;iBACtC;gBACD,QAAQ,EAAE,CAAC,SAAS,CAAC;gBACrB,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF,CAAA;AACH,CAAC;AAMD,MAAM,UAAU,iBAAiB,CAAC,GAAc;IAC9C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,EAA6B,EAAE;QACvD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,IAAI,EAAE,gBAAgB,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QAChF,CAAC;QACD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAA;QACpC,IAAI,CAAC;YACH,OAAO,MAAM,WAAW,CACtB,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC,EAC9C,SAAS,EACT,IAAI,CAAC,IAAI,CACV,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YAC5D,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YAC/D,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,IAAI,YAAY,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QAC7E,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED,KAAK,UAAU,MAAM,CACnB,IAAY,EACZ,IAA6B,EAC7B,GAAc,EACd,MAAmB;IAEnB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,kBAAkB,CAAC,CAAC,OAAO,WAAW,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACtD,KAAK,mBAAmB,CAAC,CAAC,OAAO,YAAY,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACxD,KAAK,iBAAiB,CAAC,CAAC,OAAO,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACpD,KAAK,aAAa,CAAC,CAAC,OAAO,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;QACrD,KAAK,aAAa,CAAC,CAAC,OAAO,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;QACrD;YACE,OAAO,EAAE,IAAI,EAAE,oBAAoB,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC5E,CAAC;AACH,CAAC;AAED,wEAAwE;AAExE;;8DAE8D;AAC9D,SAAS,mBAAmB;IAC1B,OAAO,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,GAAG,CAAA;AACrD,CAAC;AAQD,SAAS,eAAe,CAAC,KAAc,EAAE,GAAc;IACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,iCAAiC,EAAE,CAAA;IAC1E,CAAC;IACD,IAAI,GAAG,GAAG,KAAK,CAAA;IACf,IAAI,GAAG,KAAK,GAAG;QAAE,GAAG,GAAG,OAAO,EAAE,CAAA;SAC3B,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,GAAG,GAAG,OAAO,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC7D,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAC7D,MAAM,IAAI,GAAG,eAAe,CAAC,GAAG,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;IACnD,IAAI,IAAI,CAAC,SAAS;QAAE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,IAAI,CAAC,MAAM,EAAE,EAAE,CAAA;IACvF,IAAI,mBAAmB,EAAE,EAAE,CAAC;QAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QAClC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChE,OAAO;gBACL,GAAG;gBACH,EAAE,EAAE,KAAK;gBACT,MAAM,EACJ,SAAS,GAAG,2BAA2B,GAAG,CAAC,GAAG,KAAK;oBACnD,yDAAyD;aAC5D,CAAA;QACH,CAAC;IACH,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;AAC1B,CAAC;AAED,wEAAwE;AAExE,KAAK,UAAU,WAAW,CAAC,IAA6B,EAAE,GAAc;IACtE,MAAM,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IACzC,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAA;IACxF,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;QAC/B,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE;YAAE,OAAO,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QACtF,IAAI,EAAE,CAAC,IAAI,GAAG,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;YACtC,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAA;gBAClC,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAA;gBAC1D,OAAO;oBACL,IAAI,EAAE,uBAAuB,EAAE,CAAC,IAAI,sBAAsB,SAAS,MAAM,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE;oBACvH,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,IAAI;iBACb,CAAA;YACH,CAAC;oBAAS,CAAC;gBACT,MAAM,IAAI,CAAC,KAAK,EAAE,CAAA;YACpB,CAAC;QACH,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QAC9C,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACrD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,qBAAqB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAClF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,IAA6B,EAAE,GAAc;IACvE,MAAM,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IACzC,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACpE,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,uBAAuB,EAAE,CAAC;QAClE,OAAO;YACL,IAAI,EAAE,iCAAiC,uBAAuB,QAAQ;YACtE,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,IAAI;SACb,CAAA;IACH,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAA;IAC5D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAA;QACjF,MAAM,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QAC3C,IAAI,IAAI,KAAK,QAAQ;YAAE,MAAM,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;;YAC9D,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;QAClC,OAAO;YACL,IAAI,EAAE,SAAS,KAAK,CAAC,IAAI,aAAa,CAAC,CAAC,GAAG,KAAK,IAAI,GAAG;YACvD,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,IAAI;SACb,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,sBAAsB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,IAA6B,EAAE,GAAc;IACrE,MAAM,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IACzC,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,IAAI,CAAC,CAAA;IACnF,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAChE,MAAM,IAAI,GAAyD,EAAE,CAAA;QACrE,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,KAAK;gBAClC,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,MAAM;oBACrB,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,SAAS;wBAChC,CAAC,CAAC,OAAO,CAAA;YACX,IAAI,IAAwB,CAAA;YAC5B,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,IAAI,CAAC;oBAAC,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;YACxF,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAA;QAC5E,CAAC;QACD,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,UAAU,CAAA;QAC7C,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;YACtH,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,IAAI;SACb,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,oBAAoB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACjF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,IAA6B,EAAE,GAAc,EAAE,MAAmB;IACvF,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACpE,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC9E,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAA;IACjE,MAAM,CAAC,GAAG,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IACzC,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,IAAI,CAAC,CAAA;IACnF,wEAAwE;IACxE,mEAAmE;IACnE,kEAAkE;IAClE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAA;QAC1E,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QAC9D,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAA;QACvE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACzD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,gBAAgB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC7E,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,IAA6B,EAAE,GAAc,EAAE,MAAmB;IACvF,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACpE,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC9E,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAA;IACjE,MAAM,CAAC,GAAG,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IACzC,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;IAClE,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,KAAK,OAAO,IAAI,IAAI,CAAC,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAA;IACxG,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,IAAI,CAAC,CAAA;IACnF,MAAM,EAAE,GAAG,IAAI,CAAC,gBAAgB,KAAK,IAAI,CAAA;IACzC,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QACxF,IAAI,CAAC,CAAC,EAAE;YAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QAC/D,OAAO,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC1E,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,gBAAgB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC7E,CAAC;AACH,CAAC;AAED,wEAAwE;AAExE,KAAK,UAAU,eAAe,CAAC,IAAY,EAAE,OAAe,EAAE,GAAW,EAAE,MAAmB;IAE5F,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAA;IACjD,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,eAAe,CAAC,CAAA;IAC5D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;QAC3D,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAA;QACzF,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QAChE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA;QACjC,OAAO;YACL,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;SAC1G,CAAA;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAA;IAChC,CAAC;AACH,CAAC;AAUD,KAAK,UAAU,gBAAgB,CAAC,OAAe,EAAE,IAAY,EAAE,IAAc;IAE3E,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,iEAAiE,EAAE,CAAA;IAC5H,MAAM,IAAI,GAAa,CAAC,eAAe,CAAC,CAAA;IACxC,IAAI,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC5B,IAAI,IAAI,CAAC,IAAI;QAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAC7C,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC1C,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC1C,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAA;IAC3E,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAA;IAC9B,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;IAC7D,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC7C,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,WAAW,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAA;IACxF,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IAChE,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC/E,OAAO;QACL,EAAE,EAAE,IAAI;QACR,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,OAAO;YACP,IAAI;YACJ,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,KAAK,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU;YACpE,OAAO,EAAE,KAAK;SACf,EAAE,IAAI,EAAE,CAAC,CAAC;KACZ,CAAA;AACH,CAAC;AAED,IAAI,aAAkC,CAAA;AACtC,SAAS,UAAU;IACjB,IAAI,aAAa,KAAK,SAAS;QAAE,OAAO,aAAa,CAAA;IACrD,IAAI,CAAC;QACH,QAAQ,CAAC,aAAa,CAAC,CAAA;QACvB,aAAa,GAAG,IAAI,CAAA;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAChC,IAAI,CAAC;QACH,QAAQ,CAAC,mBAAmB,CAAC,CAAA;QAC7B,aAAa,GAAG,IAAI,CAAA;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;IAC9B,aAAa,GAAG,KAAK,CAAA;IACrB,OAAO,KAAK,CAAA;AACd,CAAC;AAQD,SAAS,MAAM,CAAC,GAAW,EAAE,IAAc,EAAE,IAA2C;IACtF,OAAO,IAAI,OAAO,CAAY,CAAC,OAAO,EAAE,EAAE;QACxC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,MAAqB,EAAE,CAAC,CAAA;QACrF,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QACjC,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QACjC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,MAAM,IAAI,KAAK,CAAA,CAAC,CAAC,CAAC,CAAA;QAC/D,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,MAAM,IAAI,KAAK,CAAA,CAAC,CAAC,CAAC,CAAA;QAC/D,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC9E,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;IACpF,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,wEAAwE;AAExE,KAAK,UAAU,YAAY,CAAC,IAAY,EAAE,OAAe,EAAE,GAAW,EAAE,MAAmB;IACzF,MAAM,OAAO,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAA;IAC1C,MAAM,GAAG,GAAa,EAAE,CAAA;IACxB,MAAM,KAAK,GAAa,CAAC,IAAI,CAAC,CAAA;IAC9B,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC5C,IAAI,MAAM,CAAC,OAAO;YAAE,MAAK;QACzB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,EAAG,CAAA;QAC1B,IAAI,OAAO,GAA+B,EAAE,CAAA;QAC5C,IAAI,CAAC;YAAC,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,SAAQ;QAAC,CAAC;QACnF,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAChC,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;gBACpB,IAAI,CAAC,CAAC,IAAI,KAAK,cAAc,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM;oBAAE,SAAQ;gBAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAClB,CAAC;iBAAM,IAAI,CAAC,CAAC,MAAM,EAAE,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACb,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG;oBAAE,MAAK;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;AACvG,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe;IACxC,kEAAkE;IAClE,+BAA+B;IAC/B,yDAAyD;IACzD,iBAAiB;IACjB,oBAAoB;IACpB,gBAAgB;IAChB,4BAA4B;IAC5B,EAAE;IACF,oEAAoE;IACpE,kEAAkE;IAClE,mEAAmE;IACnE,mEAAmE;IACnE,yBAAyB;IACzB,MAAM,OAAO,GAAG,OAAO;SACpB,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC;SACpC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,SAAS,EAAE,kBAAkB,CAAC;SACtC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC;SAC9B,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC;SACvB,OAAO,CAAC,mBAAmB,EAAE,UAAU,CAAC;SACxC,OAAO,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;IAC/B,OAAO,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,CAAC,CAAA;AACnC,CAAC;AAED,wEAAwE;AAExE,SAAS,gBAAgB;IACvB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAA;IAClD,IAAI,GAAG,EAAE,CAAC;QACR,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;QACrB,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,OAAO;YAAE,OAAO,CAAC,CAAA;IAC3D,CAAC;IACD,OAAO,kBAAkB,CAAA;AAC3B,CAAC;AAED,KAAK,UAAU,WAAW,CAAI,CAAa,EAAE,EAAU,EAAE,GAAW;IAClE,IAAI,KAAiC,CAAA;IACrC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;QAC/C,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,GAAG,oBAAoB,EAAE,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnF,CAAC,CAAC,CAAA;IACF,IAAI,CAAC;QACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAA;IACzC,CAAC;YAAS,CAAC;QACT,IAAI,KAAK;YAAE,YAAY,CAAC,KAAK,CAAC,CAAA;IAChC,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAc,EAAE,IAAY,EAAE,GAAW,EAAE,GAAW;IACzE,MAAM,CAAC,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAC3D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAA;IACpC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACpD,CAAC;AAED,SAAS,MAAM,CAAC,GAAY;IAC1B,OAAO,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;AACzD,CAAC"}
1	+ {"version":3,"file":"fs-dispatcher.js","sourceRoot":"","sources":["../../../src/core/llm/fs-dispatcher.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,EAAE;AACF,wEAAwE;AACxE,qEAAqE;AACrE,iEAAiE;AACjE,qEAAqE;AACrE,mEAAmE;AACnE,6CAA6C;AAC7C,EAAE;AACF,uEAAuE;AACvE,sEAAsE;AACtE,qEAAqE;AACrE,8DAA8D;AAC9D,8CAA8C;AAC9C,EAAE;AACF,sBAAsB;AACtB,yCAAyC;AACzC,8CAA8C;AAC9C,0CAA0C;AAC1C,gDAAgD;AAChD,wFAAwF;AACxF,EAAE;AACF,6EAA6E;AAC7E,qDAAqD;AAErD,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAClD,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,WAAW,CAAA;AAC7E,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,cAAc,CAAA;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAIvD,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAA;AAE5D,MAAM,kBAAkB,GAAG,MAAM,CAAA;AACjC,MAAM,sBAAsB,GAAG,GAAG,GAAG,IAAI,CAAA,CAAK,SAAS;AACvD,MAAM,uBAAuB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAA,CAAC,OAAO;AACvD,MAAM,wBAAwB,GAAG,GAAG,CAAA;AACpC,MAAM,wBAAwB,GAAG,GAAG,CAAA;AACpC,MAAM,wBAAwB,GAAG,GAAG,CAAA;AAEpC,MAAM,aAAa,GAAG;IACpB,kBAAkB;IAClB,mBAAmB;IACnB,iBAAiB;IACjB,aAAa;IACb,aAAa;CACL,CAAA;AAEV,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,OAAQ,aAAmC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;AAC5D,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,OAAO;QACL;YACE,IAAI,EAAE,kBAAkB;YACxB,WAAW,EACT,0FAA0F;gBAC1F,6EAA6E;gBAC7E,6FAA6F;YAC/F,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0CAA0C,EAAE;oBACjF,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qCAAqC,EAAE;iBAClF;gBACD,QAAQ,EAAE,CAAC,MAAM,CAAC;gBAClB,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,mBAAmB;YACzB,WAAW,EACT,mFAAmF;gBACnF,yDAAyD;YAC3D,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE;oBACnD,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iCAAiC,EAAE;oBAC3E,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,QAAQ,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE;iBACvG;gBACD,QAAQ,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC;gBAC7B,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,iBAAiB;YACvB,WAAW,EACT,4FAA4F;gBAC5F,2DAA2D;YAC7D,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE;oBACxD,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qCAAqC,EAAE;iBACpF;gBACD,QAAQ,EAAE,CAAC,MAAM,CAAC;gBAClB,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,aAAa;YACnB,WAAW,EACT,iGAAiG;gBACjG,2DAA2D;YAC7D,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;oBACzD,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,+BAA+B,EAAE;oBACtE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,mCAAmC,EAAE;iBAClF;gBACD,QAAQ,EAAE,CAAC,SAAS,CAAC;gBACrB,oBAAoB,EAAE,KAAK;aAC5B;SACF;QACD;YACE,IAAI,EAAE,aAAa;YACnB,WAAW,EACT,2FAA2F;gBAC3F,sFAAsF;gBACtF,qDAAqD;YACvD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE;oBAC1D,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4CAA4C,EAAE;oBACnF,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,oCAAoC,EAAE;oBAC3E,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;oBACpE,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gCAAgC,EAAE;oBAC9E,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;iBACtC;gBACD,QAAQ,EAAE,CAAC,SAAS,CAAC;gBACrB,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF,CAAA;AACH,CAAC;AAMD,MAAM,UAAU,iBAAiB,CAAC,GAAc;IAC9C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,EAA6B,EAAE;QACvD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,IAAI,EAAE,gBAAgB,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QAChF,CAAC;QACD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAA;QACpC,IAAI,CAAC;YACH,OAAO,MAAM,WAAW,CACtB,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC,EAC9C,SAAS,EACT,IAAI,CAAC,IAAI,CACV,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YAC5D,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YAC/D,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,IAAI,YAAY,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QAC7E,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED,KAAK,UAAU,MAAM,CACnB,IAAY,EACZ,IAA6B,EAC7B,GAAc,EACd,MAAmB;IAEnB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,kBAAkB,CAAC,CAAC,OAAO,WAAW,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACtD,KAAK,mBAAmB,CAAC,CAAC,OAAO,YAAY,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACxD,KAAK,iBAAiB,CAAC,CAAC,OAAO,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACpD,KAAK,aAAa,CAAC,CAAC,OAAO,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;QACrD,KAAK,aAAa,CAAC,CAAC,OAAO,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;QACrD;YACE,OAAO,EAAE,IAAI,EAAE,oBAAoB,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC5E,CAAC;AACH,CAAC;AAED,wEAAwE;AAExE;;8DAE8D;AAC9D,SAAS,mBAAmB;IAC1B,OAAO,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,GAAG,CAAA;AACrD,CAAC;AAQD,KAAK,UAAU,eAAe,CAAC,KAAc,EAAE,GAAc;IAC3D,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,iCAAiC,EAAE,CAAA;IAC1E,CAAC;IACD,IAAI,GAAG,GAAG,KAAK,CAAA;IACf,IAAI,GAAG,KAAK,GAAG;QAAE,GAAG,GAAG,OAAO,EAAE,CAAA;SAC3B,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,GAAG,GAAG,OAAO,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC7D,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAC7D,MAAM,IAAI,GAAG,eAAe,CAAC,GAAG,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;IACnD,IAAI,IAAI,CAAC,SAAS;QAAE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,IAAI,CAAC,MAAM,EAAE,EAAE,CAAA;IACvF,IAAI,mBAAmB,EAAE,EAAE,CAAC;QAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QAClC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChE,OAAO;gBACL,GAAG;gBACH,EAAE,EAAE,KAAK;gBACT,MAAM,EACJ,SAAS,GAAG,2BAA2B,GAAG,CAAC,GAAG,KAAK;oBACnD,yDAAyD;aAC5D,CAAA;QACH,CAAC;IACH,CAAC;IACD,iEAAiE;IACjE,mEAAmE;IACnE,+DAA+D;IAC/D,8DAA8D;IAC9D,iEAAiE;IACjE,6DAA6D;IAC7D,iEAAiE;IACjE,sCAAsC;IACtC,MAAM,IAAI,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,CAAA;IACpC,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;QACjB,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;QACxD,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;YACvB,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,iCAAiC,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAA;QAC7F,CAAC;QACD,IAAI,mBAAmB,EAAE,EAAE,CAAC;YAC1B,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;YACvC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBAC5E,OAAO;oBACL,GAAG,EAAE,IAAI;oBACT,EAAE,EAAE,KAAK;oBACT,MAAM,EACJ,mBAAmB,IAAI,2BAA2B,GAAG,CAAC,GAAG,KAAK;wBAC9D,yDAAyD;iBAC5D,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;AAC1B,CAAC;AAED;;;;sDAIsD;AACtD,KAAK,UAAU,YAAY,CAAC,GAAW;IACrC,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,OAAO,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QACpC,IAAI,OAAO,IAAI,CAAC;YAAE,OAAO,GAAG,CAAA;QAC5B,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,CAAA;QACpC,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAA;QACnC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;YAC5C,OAAO,WAAW,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,GAAG,CAAA;QACZ,CAAC;IACH,CAAC;AACH,CAAC;AAED,wEAAwE;AAExE,KAAK,UAAU,WAAW,CAAC,IAA6B,EAAE,GAAc;IACtE,MAAM,CAAC,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAA;IACxF,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;QAC/B,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE;YAAE,OAAO,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QACtF,IAAI,EAAE,CAAC,IAAI,GAAG,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;YACtC,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAA;gBAClC,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAA;gBAC1D,OAAO;oBACL,IAAI,EAAE,uBAAuB,EAAE,CAAC,IAAI,sBAAsB,SAAS,MAAM,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE;oBACvH,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,IAAI;iBACb,CAAA;YACH,CAAC;oBAAS,CAAC;gBACT,MAAM,IAAI,CAAC,KAAK,EAAE,CAAA;YACpB,CAAC;QACH,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QAC9C,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACrD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,qBAAqB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAClF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,IAA6B,EAAE,GAAc;IACvE,MAAM,CAAC,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACpE,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,uBAAuB,EAAE,CAAC;QAClE,OAAO;YACL,IAAI,EAAE,iCAAiC,uBAAuB,QAAQ;YACtE,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,IAAI;SACb,CAAA;IACH,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAA;IAC5D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAA;QACjF,MAAM,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QAC3C,IAAI,IAAI,KAAK,QAAQ;YAAE,MAAM,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;;YAC9D,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;QAClC,OAAO;YACL,IAAI,EAAE,SAAS,KAAK,CAAC,IAAI,aAAa,CAAC,CAAC,GAAG,KAAK,IAAI,GAAG;YACvD,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,IAAI;SACb,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,sBAAsB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,IAA6B,EAAE,GAAc;IACrE,MAAM,CAAC,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,IAAI,CAAC,CAAA;IACnF,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAChE,MAAM,IAAI,GAAyD,EAAE,CAAA;QACrE,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,KAAK;gBAClC,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,MAAM;oBACrB,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,SAAS;wBAChC,CAAC,CAAC,OAAO,CAAA;YACX,IAAI,IAAwB,CAAA;YAC5B,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,IAAI,CAAC;oBAAC,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;YACxF,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAA;QAC5E,CAAC;QACD,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,UAAU,CAAA;QAC7C,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;YACtH,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,IAAI;SACb,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,oBAAoB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACjF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,IAA6B,EAAE,GAAc,EAAE,MAAmB;IACvF,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACpE,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC9E,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAA;IACjE,MAAM,CAAC,GAAG,MAAM,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,IAAI,CAAC,CAAA;IACnF,wEAAwE;IACxE,mEAAmE;IACnE,kEAAkE;IAClE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAA;QAC1E,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QAC9D,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAA;QACvE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACzD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,gBAAgB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC7E,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,IAA6B,EAAE,GAAc,EAAE,MAAmB;IACvF,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACpE,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC9E,MAAM,SAAS,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAA;IACjE,MAAM,CAAC,GAAG,MAAM,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAC/C,IAAI,CAAC,CAAC,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,IAAI,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACnF,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;IAClE,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,KAAK,OAAO,IAAI,IAAI,CAAC,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAA;IACxG,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,wBAAwB,EAAE,CAAC,EAAE,IAAI,CAAC,CAAA;IACnF,MAAM,EAAE,GAAG,IAAI,CAAC,gBAAgB,KAAK,IAAI,CAAA;IACzC,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QACxF,IAAI,CAAC,CAAC,EAAE;YAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;QAC/D,OAAO,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC1E,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,gBAAgB,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAC7E,CAAC;AACH,CAAC;AAED,wEAAwE;AAExE,KAAK,UAAU,eAAe,CAAC,IAAY,EAAE,OAAe,EAAE,GAAW,EAAE,MAAmB;IAE5F,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAA;IACjD,MAAM,IAAI,GAAG,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,eAAe,CAAC,CAAA;IAC5D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;QAC3D,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAA;QACzF,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QAChE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA;QACjC,OAAO;YACL,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;SAC1G,CAAA;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAA;IAChC,CAAC;AACH,CAAC;AAUD,KAAK,UAAU,gBAAgB,CAAC,OAAe,EAAE,IAAY,EAAE,IAAc;IAE3E,IAAI,CAAC,UAAU,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,iEAAiE,EAAE,CAAA;IAC5H,MAAM,IAAI,GAAa,CAAC,eAAe,CAAC,CAAA;IACxC,IAAI,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC5B,IAAI,IAAI,CAAC,IAAI;QAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAC7C,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC1C,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC1C,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAA;IAC3E,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAA;IAC9B,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;IAC7D,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC7C,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,WAAW,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAA;IACxF,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IAChE,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC/E,OAAO;QACL,EAAE,EAAE,IAAI;QACR,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,OAAO;YACP,IAAI;YACJ,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,KAAK,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU;YACpE,OAAO,EAAE,KAAK;SACf,EAAE,IAAI,EAAE,CAAC,CAAC;KACZ,CAAA;AACH,CAAC;AAED,IAAI,aAAkC,CAAA;AACtC,SAAS,UAAU;IACjB,IAAI,aAAa,KAAK,SAAS;QAAE,OAAO,aAAa,CAAA;IACrD,IAAI,CAAC;QACH,QAAQ,CAAC,aAAa,CAAC,CAAA;QACvB,aAAa,GAAG,IAAI,CAAA;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAChC,IAAI,CAAC;QACH,QAAQ,CAAC,mBAAmB,CAAC,CAAA;QAC7B,aAAa,GAAG,IAAI,CAAA;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;IAC9B,aAAa,GAAG,KAAK,CAAA;IACrB,OAAO,KAAK,CAAA;AACd,CAAC;AAQD,SAAS,MAAM,CAAC,GAAW,EAAE,IAAc,EAAE,IAA2C;IACtF,OAAO,IAAI,OAAO,CAAY,CAAC,OAAO,EAAE,EAAE;QACxC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,MAAqB,EAAE,CAAC,CAAA;QACrF,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QACjC,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QACjC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,MAAM,IAAI,KAAK,CAAA,CAAC,CAAC,CAAC,CAAA;QAC/D,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,MAAM,IAAI,KAAK,CAAA,CAAC,CAAC,CAAC,CAAA;QAC/D,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC9E,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;IACpF,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,wEAAwE;AAExE,KAAK,UAAU,YAAY,CAAC,IAAY,EAAE,OAAe,EAAE,GAAW,EAAE,MAAmB;IACzF,MAAM,OAAO,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAA;IAC1C,MAAM,GAAG,GAAa,EAAE,CAAA;IACxB,MAAM,KAAK,GAAa,CAAC,IAAI,CAAC,CAAA;IAC9B,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC5C,IAAI,MAAM,CAAC,OAAO;YAAE,MAAK;QACzB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,EAAG,CAAA;QAC1B,IAAI,OAAO,GAA+B,EAAE,CAAA;QAC5C,IAAI,CAAC;YAAC,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,SAAQ;QAAC,CAAC;QACnF,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YACrC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAChC,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;gBACpB,IAAI,CAAC,CAAC,IAAI,KAAK,cAAc,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM;oBAAE,SAAQ;gBAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAClB,CAAC;iBAAM,IAAI,CAAC,CAAC,MAAM,EAAE,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACb,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG;oBAAE,MAAK;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;AACvG,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe;IACxC,kEAAkE;IAClE,+BAA+B;IAC/B,yDAAyD;IACzD,iBAAiB;IACjB,oBAAoB;IACpB,gBAAgB;IAChB,4BAA4B;IAC5B,EAAE;IACF,oEAAoE;IACpE,kEAAkE;IAClE,mEAAmE;IACnE,mEAAmE;IACnE,yBAAyB;IACzB,MAAM,OAAO,GAAG,OAAO;SACpB,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC;SACpC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,SAAS,EAAE,kBAAkB,CAAC;SACtC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC;SAC9B,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC;SACvB,OAAO,CAAC,mBAAmB,EAAE,UAAU,CAAC;SACxC,OAAO,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;IAC/B,OAAO,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,CAAC,CAAA;AACnC,CAAC;AAED,wEAAwE;AAExE,SAAS,gBAAgB;IACvB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAA;IAClD,IAAI,GAAG,EAAE,CAAC;QACR,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;QACrB,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,OAAO;YAAE,OAAO,CAAC,CAAA;IAC3D,CAAC;IACD,OAAO,kBAAkB,CAAA;AAC3B,CAAC;AAED,KAAK,UAAU,WAAW,CAAI,CAAa,EAAE,EAAU,EAAE,GAAW;IAClE,IAAI,KAAiC,CAAA;IACrC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;QAC/C,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,GAAG,oBAAoB,EAAE,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnF,CAAC,CAAC,CAAA;IACF,IAAI,CAAC;QACH,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAA;IACzC,CAAC;YAAS,CAAC;QACT,IAAI,KAAK;YAAE,YAAY,CAAC,KAAK,CAAC,CAAA;IAChC,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAc,EAAE,IAAY,EAAE,GAAW,EAAE,GAAW;IACzE,MAAM,CAAC,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAC3D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAA;IACpC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACpD,CAAC;AAED,SAAS,MAAM,CAAC,GAAY;IAC1B,OAAO,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;AACzD,CAAC"}

package/dist/core/llm/web-dispatcher.d.ts CHANGED Viewed

@@ -23,6 +23,24 @@ interface SafetyResult {
     reason?: string;
 }
 export declare function checkUrlSafety(raw: string): SafetyResult;
+/**
+ * v1.2.70 — IPv4 parser that accepts every form Node's URL parser
+ * also accepts:
+ *   - dotted quad      "127.0.0.1"
+ *   - 3-part           "127.1" (rare but valid per RFC 3986)
+ *   - decimal integer  "2130706433"
+ *   - hex integer      "0x7f000001" / "0x7f.0.0.1"
+ *   - octal            "0177.0.0.1"
+ * Returns the 4-octet form or null if the input isn't a valid IPv4
+ * representation. Validates each octet's range, closing CR-3
+ * (999.999.999.999 overflow) — any out-of-range part → null.
+ */
+export declare function tryParseIPv4Variants(host: string): [number, number, number, number] | null;
+/** Expand `addr` (already validated by net.isIPv6) into 8 × 16-bit
+ *  groups. Returns null only if the form somehow can't be normalized
+ *  (shouldn't happen post-net.isIPv6).
+ */
+export declare function expandIpv6(addr: string): number[] | null;
 interface Cidr4 {
     network: number;
     mask: number;

package/dist/core/llm/web-dispatcher.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"web-dispatcher.d.ts","sourceRoot":"","sources":["../../../src/core/llm/web-dispatcher.ts"],"names":[],"mappings":"~~AAmBA~~,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,KAAK,EAAoB,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAY5E,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEnD;AAED,wBAAgB,WAAW,IAAI,OAAO,EAAE,CA0DvC;AAED,wBAAgB,kBAAkB,IAAI,cAAc,CAcnD;AAgHD,UAAU,SAAS;IACjB,KAAK,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,EAAE,MAAM,CAAA;CAChB;AA2CD;;;;sBAIsB;AACtB,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,EAAE,CAgBnE;AA6CD;;4BAE4B;AAC5B,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,EAAE,CAwB1E;AAID,UAAU,YAAY;IAAG,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE;AAEvD,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,YAAY,~~CAwDxD~~;AAKD,UAAU,KAAK;IAAG,OAAO,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE;AAEjD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG,KAAK,EAAE,CAiBnE"}
1	+ {"version":3,"file":"web-dispatcher.d.ts","sourceRoot":"","sources":["../../../src/core/llm/web-dispatcher.ts"],"names":[],"mappings":"AAoBA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,KAAK,EAAoB,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAY5E,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEnD;AAED,wBAAgB,WAAW,IAAI,OAAO,EAAE,CA0DvC;AAED,wBAAgB,kBAAkB,IAAI,cAAc,CAcnD;AAgHD,UAAU,SAAS;IACjB,KAAK,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,EAAE,MAAM,CAAA;CAChB;AA2CD;;;;sBAIsB;AACtB,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,EAAE,CAgBnE;AA6CD;;4BAE4B;AAC5B,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,EAAE,CAwB1E;AAID,UAAU,YAAY;IAAG,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE;AAEvD,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,YAAY,CAyCxD;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAuC1F;AAsED;;;GAGG;AACH,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,IAAI,CAgCxD;AAKD,UAAU,KAAK;IAAG,OAAO,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE;AAEjD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG,KAAK,EAAE,CAiBnE"}

package/dist/core/llm/web-dispatcher.js CHANGED Viewed

@@ -15,6 +15,7 @@
 //   2. metaso      — fallback when ddg returns 0/error, uses METASO_API_KEY
 //
 // Both tools are read-only and safe to default-allow in native's policy.
+import net from 'node:net';
 import { logger as rootLogger } from '../logger.js';
 const log = rootLogger.child({ component: 'web-dispatcher' });
 const DEFAULT_TIMEOUT_MS = 30_000;
@@ -361,61 +362,214 @@ export function checkUrlSafety(raw) {
     }
     if (process.env.IMHUB_NATIVE_WEB_ALLOW_PRIVATE === '1')
         return { ok: true };
-    // v1.2.66 — CIDR whitelist. Operator-set ranges escape the
-    // private-IP block. Use case: Tailscale (100.64.0.0/10), internal
-    // VPN subnets, OpenAI-compat services on internal docker networks.
-    // Format: `IMHUB_NATIVE_WEB_SSRF_WHITELIST=10.20.0.0/16,100.64.0.0/10`.
-    // Parsed once per call (cheap; called per fetch); cache could be
-    // added but the list is small and changes are rare.
+    // CIDR whitelist (v1.2.66). Tailscale 100.64.0.0/10 etc.
     const whitelist = parseSsrfWhitelist(process.env.IMHUB_NATIVE_WEB_SSRF_WHITELIST);
     const host = u.hostname.toLowerCase();
     if (host === 'localhost' || host === '::1' || host.endsWith('.localhost')) {
         return { ok: false, reason: 'localhost is private (set IMHUB_NATIVE_WEB_ALLOW_PRIVATE=1 or whitelist via IMHUB_NATIVE_WEB_SSRF_WHITELIST)' };
     }
-    // IPv4 numeric check
-    const v4 = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/.exec(host);
+    // v1.2.70 — normalize hostname to an IP if possible BEFORE pattern
+    // matching. Closes CR-3 (999.999.999.999 / decimal int / hex int
+    // bypass) and CR-4 (IPv6 compressed-form ULA regex hole).
+    //
+    // Three parse paths:
+    //   - bracketed IPv6 host ("[fe80::1]") → strip + net.isIPv6
+    //   - dotted-quad / decimal-int / hex-int / octal-int → tryParseIPv4Variants
+    //   - hostname → leave for v4/v6 check; non-IP names pass (treated
+    //     as DNS targets; CR-2 DNS rebind is a separate fix slot)
+    const v6Host = host.startsWith('[') && host.endsWith(']') ? host.slice(1, -1) : host;
+    if (net.isIPv6(v6Host)) {
+        return checkIpv6Safety(v6Host);
+    }
+    // IPv4 variants — including decimal int, hex int, octal, and any
+    // dotted-quad form Node's URL parser accepted but the regex missed.
+    const v4 = tryParseIPv4Variants(host);
     if (v4) {
-        const octets = [Number(v4[1]), Number(v4[2]), Number(v4[3]), Number(v4[4])];
-        if (whitelist.length > 0 && octets.every((o) => Number.isFinite(o) && o >= 0 && o <= 255)
-            && ipInAnyCidr4(octets, whitelist)) {
+        if (whitelist.length > 0 && ipInAnyCidr4(v4, whitelist))
             return { ok: true };
-        }
-        const [a, b] = [octets[0], octets[1]];
-        if (a === 10)
-            return { ok: false, reason: 'RFC1918 10.0.0.0/8 private' };
-        if (a === 172 && b >= 16 && b <= 31)
-            return { ok: false, reason: 'RFC1918 172.16.0.0/12 private' };
-        if (a === 192 && b === 168)
-            return { ok: false, reason: 'RFC1918 192.168.0.0/16 private' };
-        if (a === 127)
-            return { ok: false, reason: '127.0.0.0/8 loopback' };
-        if (a === 169 && b === 254)
-            return { ok: false, reason: '169.254.0.0/16 link-local (covers AWS/Azure IMDS 169.254.169.254)' };
-        // v1.2.66 — Carrier-grade NAT (RFC 6598). Cloud providers + some
-        // ISPs use this for internal-only hosts. Not "private" in the
-        // RFC1918 sense but routinely used as such; nanobot blocks it.
-        if (a === 100 && b >= 64 && b <= 127) {
-            return { ok: false, reason: '100.64.0.0/10 carrier-grade NAT (whitelist via IMHUB_NATIVE_WEB_SSRF_WHITELIST=100.64.0.0/10 if intentional, e.g. Tailscale)' };
-        }
-        if (a === 0)
-            return { ok: false, reason: '0.0.0.0/8 invalid' };
-    }
-    // IPv6 — Node's URL.hostname keeps the brackets ("[fe80::1]"). Strip
-    // for prefix matching. Block link-local (fe80::/10) and ULA
-    // (fc00::/7 — covers fc**/fd**). Also block ::1 loopback.
-    const v6 = host.startsWith('[') && host.endsWith(']') ? host.slice(1, -1) : host;
-    if (v6 === '::1')
+        return checkIpv4Safety(v4);
+    }
+    // Not an IP literal — DNS hostname. Pass without resolution at this
+    // layer; CR-2 (DNS-aware SSRF via custom http.Agent.lookup) is a
+    // separate hardening track.
+    return { ok: true };
+}
+/**
+ * v1.2.70 — IPv4 parser that accepts every form Node's URL parser
+ * also accepts:
+ *   - dotted quad      "127.0.0.1"
+ *   - 3-part           "127.1" (rare but valid per RFC 3986)
+ *   - decimal integer  "2130706433"
+ *   - hex integer      "0x7f000001" / "0x7f.0.0.1"
+ *   - octal            "0177.0.0.1"
+ * Returns the 4-octet form or null if the input isn't a valid IPv4
+ * representation. Validates each octet's range, closing CR-3
+ * (999.999.999.999 overflow) — any out-of-range part → null.
+ */
+export function tryParseIPv4Variants(host) {
+    // 1. canonical dotted quad with strict 0-255 range
+    const dq = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/.exec(host);
+    if (dq) {
+        const o = [Number(dq[1]), Number(dq[2]), Number(dq[3]), Number(dq[4])];
+        if (o.every((x) => x >= 0 && x <= 255))
+            return [o[0], o[1], o[2], o[3]];
+        return null;
+    }
+    // 2. one-to-four parts, each in decimal/hex/octal.
+    const parts = host.split('.');
+    if (parts.length < 1 || parts.length > 4)
+        return null;
+    const numeric = [];
+    for (const p of parts) {
+        const n = parseIntegerVariant(p);
+        if (n === null)
+            return null;
+        numeric.push(n);
+    }
+    // RFC 3986 §3.2.2 (Old-style URL parsers): expand the last part
+    // across the remaining bytes. E.g. "127.1" → 127.0.0.1.
+    if (numeric.length === 1) {
+        const v = numeric[0];
+        if (v < 0 || v > 0xffffffff)
+            return null;
+        return [(v >>> 24) & 0xff, (v >>> 16) & 0xff, (v >>> 8) & 0xff, v & 0xff];
+    }
+    if (numeric.length === 2) {
+        const a = numeric[0], rest = numeric[1];
+        if (a < 0 || a > 255 || rest < 0 || rest > 0xffffff)
+            return null;
+        return [a, (rest >>> 16) & 0xff, (rest >>> 8) & 0xff, rest & 0xff];
+    }
+    if (numeric.length === 3) {
+        const [a, b, rest] = numeric;
+        if (a > 255 || b > 255 || rest < 0 || rest > 0xffff)
+            return null;
+        return [a, b, (rest >>> 8) & 0xff, rest & 0xff];
+    }
+    // 4 parts → all must fit 0-255
+    if (numeric.every((x) => x >= 0 && x <= 255)) {
+        return [numeric[0], numeric[1], numeric[2], numeric[3]];
+    }
+    return null;
+}
+/** Parse a single integer-form octet. Hex prefix 0x, octal prefix 0
+ *  (only when followed by 0-7, else decimal). Returns null on invalid. */
+function parseIntegerVariant(s) {
+    if (s.length === 0)
+        return null;
+    if (/^0x[0-9a-f]+$/i.test(s))
+        return Number.parseInt(s, 16);
+    // octal: leading 0 followed by 1+ digits, ALL digits must be 0-7
+    if (/^0[0-7]+$/.test(s))
+        return Number.parseInt(s, 8);
+    if (/^[0-9]+$/.test(s))
+        return Number.parseInt(s, 10);
+    return null;
+}
+function checkIpv4Safety(octets) {
+    const [a, b] = octets;
+    if (a === 10)
+        return { ok: false, reason: 'RFC1918 10.0.0.0/8 private' };
+    if (a === 172 && b >= 16 && b <= 31)
+        return { ok: false, reason: 'RFC1918 172.16.0.0/12 private' };
+    if (a === 192 && b === 168)
+        return { ok: false, reason: 'RFC1918 192.168.0.0/16 private' };
+    if (a === 127)
+        return { ok: false, reason: '127.0.0.0/8 loopback' };
+    if (a === 169 && b === 254) {
+        return { ok: false, reason: '169.254.0.0/16 link-local (covers AWS/Azure IMDS 169.254.169.254)' };
+    }
+    if (a === 100 && b >= 64 && b <= 127) {
+        return {
+            ok: false,
+            reason: '100.64.0.0/10 carrier-grade NAT (whitelist via IMHUB_NATIVE_WEB_SSRF_WHITELIST=100.64.0.0/10 if intentional, e.g. Tailscale)',
+        };
+    }
+    if (a === 0)
+        return { ok: false, reason: '0.0.0.0/8 invalid' };
+    return { ok: true };
+}
+/**
+ * v1.2.70 — proper IPv6 safety check via numeric prefix parsing.
+ * Replaces the ad-hoc regex that missed compressed forms
+ * ("[fc::1]", "[fd00::]"). Uses the 16-bit groups returned by a
+ * canonical expansion so the prefix bits actually drive the
+ * decision.
+ */
+function checkIpv6Safety(addr) {
+    const groups = expandIpv6(addr);
+    if (!groups)
+        return { ok: false, reason: `invalid IPv6 address: ${addr}` };
+    // ::1 loopback
+    if (groups.every((g, i) => (i < 7 ? g === 0 : g === 1))) {
         return { ok: false, reason: 'IPv6 loopback ::1' };
-    if (v6.startsWith('fe80:') || v6.startsWith('fe80::')) {
+    }
+    // fe80::/10 — first 10 bits are 1111 1110 10
+    if ((groups[0] & 0xffc0) === 0xfe80) {
         return { ok: false, reason: 'IPv6 link-local fe80::/10' };
     }
-    if (v6.startsWith('fc') || v6.startsWith('fd')) {
-        if (/^f[cd][0-9a-f]{2}:/i.test(v6)) {
-            return { ok: false, reason: 'IPv6 ULA fc00::/7' };
-        }
+    // fc00::/7 — first 7 bits are 1111 110 (matches fc** and fd**)
+    if ((groups[0] & 0xfe00) === 0xfc00) {
+        return { ok: false, reason: 'IPv6 ULA fc00::/7' };
+    }
+    // ::ffff:V4 — IPv4-mapped. Extract embedded v4 and re-check.
+    if (groups[0] === 0 && groups[1] === 0 && groups[2] === 0
+        && groups[3] === 0 && groups[4] === 0 && groups[5] === 0xffff) {
+        const a = (groups[6] >>> 8) & 0xff;
+        const b = groups[6] & 0xff;
+        const c = (groups[7] >>> 8) & 0xff;
+        const d = groups[7] & 0xff;
+        return checkIpv4Safety([a, b, c, d]);
+    }
+    // Unspecified ::
+    if (groups.every((g) => g === 0)) {
+        return { ok: false, reason: 'IPv6 unspecified ::' };
     }
     return { ok: true };
 }
+/** Expand `addr` (already validated by net.isIPv6) into 8 × 16-bit
+ *  groups. Returns null only if the form somehow can't be normalized
+ *  (shouldn't happen post-net.isIPv6).
+ */
+export function expandIpv6(addr) {
+    const lower = addr.toLowerCase();
+    // Embedded IPv4 form like "::ffff:127.0.0.1"
+    let working = lower;
+    const v4Tail = /([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)$/.exec(lower);
+    if (v4Tail) {
+        const v4 = tryParseIPv4Variants(v4Tail[1]);
+        if (!v4)
+            return null;
+        const hex1 = ((v4[0] << 8) | v4[1]).toString(16);
+        const hex2 = ((v4[2] << 8) | v4[3]).toString(16);
+        working = lower.slice(0, v4Tail.index) + hex1 + ':' + hex2;
+    }
+    const [head, tail] = working.split('::');
+    const headGroups = head ? head.split(':') : [];
+    const tailGroups = tail !== undefined ? (tail ? tail.split(':') : []) : null;
+    let groups;
+    if (tailGroups === null) {
+        // No "::" present — must have exactly 8 groups
+        if (headGroups.length !== 8)
+            return null;
+        groups = headGroups;
+    }
+    else {
+        const missing = 8 - headGroups.length - tailGroups.length;
+        if (missing < 0)
+            return null;
+        groups = [...headGroups, ...Array(missing).fill('0'), ...tailGroups];
+    }
+    const out = [];
+    for (const g of groups) {
+        if (g === '' || g.length > 4 || !/^[0-9a-f]+$/.test(g))
+            return null;
+        out.push(Number.parseInt(g, 16));
+    }
+    if (out.length !== 8)
+        return null;
+    return out;
+}
 export function parseSsrfWhitelist(raw) {
     if (!raw)
         return [];