attaform 0.0.1 → 0.14.0

package/dist/index.d.ts

@@ -0,0 +1,493 @@
+import { Plugin, App, InjectionKey } from 'vue';
+import { A as AttaformDefaults, C as CoercionRegistry, S as SlimPrimitiveKind, a as CoercionEntry, F as FormKey, G as GenericForm, U as UseFormConfiguration, b as AbstractSchema, D as DeepPartial, c as DefaultValuesShape, d as UseFormReturnType, R as RegisterValue, e as RegisterModelDynamicCustomDirective, V as ValidationError, f as ApiErrorEnvelope, g as ApiErrorDetails } from './shared/attaform.DDXrY-1Q.js';
+export { h as ApiErrorEntry, i as CoercionResult, j as CustomDirectiveRegisterAssignerFn, k as DefaultValuesResponse, l as FieldState, m as FieldStateLeaf, n as FieldStateMap, o as FieldStateMapEntry, p as FlatPath, q as FormErrorRecord, r as FormErrorsSurface, s as FormMeta, t as FormStorage, u as FormStorageKind, H as HandleSubmit, v as HistoryConfig, I as IsTuple, M as MetaTrackerValue, N as NestedReadType, w as NestedType, O as OnError, x as OnInvalidSubmitPolicy, y as OnSubmit, P as Path, z as PathKey, B as PendingValidationStatus, E as PersistConfig, J as PersistConfigOptions, K as PersistIncludeMode, L as ROOT_PATH, Q as ROOT_PATH_KEY, T as ReactiveValidationStatus, W as RegisterDirective, X as RegisterFlatPath, Y as RegisterOptions, Z as RegisterSelectModifier, _ as RegisterTextModifier, $ as RegisterTransform, a0 as Segment, a1 as SetValueCallback, a2 as SetValuePayload, a3 as SettledValidationStatus, a4 as SlimRuntimeOf, a5 as SubmitHandler, a6 as Unset, a7 as ValidateOn, a8 as ValidateOnConfig, a9 as ValidationResponse, aa as ValidationResponseWithoutValue, ab as WriteMeta, ac as canonicalizePath, ad as isUnset, ae as parseDottedPath, af as unset } from './shared/attaform.DDXrY-1Q.js';
+export { A as AttaformErrorCode, i as injectForm, u as useRegister } from './shared/attaform.BYc9kugA.js';
+export { A as AnonPersistError, a as AttaformError, I as InvalidPathError, O as OutsideSetupError, R as RegistryNotInstalledError, b as ReservedFormKeyError, S as SensitivePersistFieldError, c as SubmitErrorHandlerError } from './shared/attaform.BwaYWtMs.js';
+
+/**
+ * Portable SSR detection. The plugin captures this value at install time and
+ * exposes it via the registry so every runtime branch reads a single source
+ * of truth instead of sniffing `import.meta.*` (bundler-specific) at each
+ * call site.
+ *
+ * Consumers can override explicitly via `createAttaform({ ssr: true })`;
+ * the default heuristic handles the common Node-vs-browser split without
+ * relying on any bundler-injected flag.
+ */
+interface SSRDetectOptions {
+    override?: boolean;
+}
+
+/**
+ * Options for `createAttaform()`.
+ */
+type AttaformPluginOptions = SSRDetectOptions & {
+    /**
+     * Whether to install the Vue DevTools integration. Default `true`.
+     * The DevTools peer dependency is loaded lazily — in production
+     * builds where it's absent, the import fails silently and no
+     * extra bundle is shipped. Pass `false` to skip even attempting
+     * the import.
+     */
+    devtools?: boolean;
+    /**
+     * App-level defaults applied to every `useForm` call in this app.
+     * Per-form options always win. See `AttaformDefaults` for
+     * the supported option set and the merge rules.
+     *
+     * ```ts
+     * app.use(
+     *   createAttaform({
+     *     defaults: { debounceMs: 100 },
+     *   })
+     * )
+     * ```
+     */
+    defaults?: AttaformDefaults;
+};
+/**
+ * Create the Vue plugin that installs the form library on a Vue
+ * application. Call once per app, then `app.use(...)` the result.
+ *
+ * ```ts
+ * import { createApp } from 'vue'
+ * import { createAttaform } from 'attaform'
+ *
+ * createApp(App)
+ *   .use(createAttaform())
+ *   .mount('#app')
+ * ```
+ *
+ * Under SSR with bare Vue 3, pass `{ ssr: true }` from your server
+ * entry. Under Nuxt, install via `attaform/nuxt` instead —
+ * the Nuxt module wires both server and client automatically.
+ *
+ * Installing more than once on the same app is a no-op (the second
+ * call logs a dev-mode warning).
+ */
+declare function createAttaform(options?: AttaformPluginOptions): Plugin;
+
+/**
+ * Schema-driven coercion of user-typed DOM values at the v-register
+ * directive layer. When the slim schema declares a numeric or
+ * boolean type at a path, the directive coerces incoming string
+ * values (`'25'` → `25`, `'true'` → `true`) before the slim-primitive
+ * gate sees the write — making the schema authoritative for storage
+ * shape and freeing consumers from sprinkling `.number` modifiers
+ * across templates.
+ *
+ * Coercion is consumer-extensible: a `CoercionRegistry` is just an
+ * `Array<CoercionEntry>` keyed at config time by `(input, output)`
+ * `SlimPrimitiveKind` literals. The library ships
+ * `defaultCoercionRules` (string→number, string→boolean) and
+ * `defineCoercion` for type-narrowed authoring; consumers spread the
+ * defaults to extend or supply their own array to replace.
+ *
+ * Coercion applies ONLY to user-typed DOM values flowing through
+ * the directive's assigner. Programmatic writes (`form.setValue`,
+ * `setValueWithInternalPath`) bypass coercion — they're authoritative
+ * writes whose strict typing is on the caller. This mirrors the
+ * `transforms` pipeline's user-input-only contract.
+ */
+
+/**
+ * Type-narrowing helper for authoring entries. At runtime it's
+ * identity; at compile time it preserves the `input` / `output`
+ * literal types so `transform`'s parameter is narrowed to the
+ * runtime type instead of widening to `SlimRuntimeOf<SlimPrimitiveKind>`.
+ *
+ * Without this helper, authoring `{ input: 'string', output:
+ * 'number', transform: (s) => ... }` against the broader
+ * `CoercionEntry` widens `s` to `string | number | boolean | ...`,
+ * forcing a cast in every transform body. `defineCoercion` is the
+ * opaque-free idiom.
+ */
+declare function defineCoercion<I extends SlimPrimitiveKind, O extends SlimPrimitiveKind>(entry: CoercionEntry<I, O>): CoercionEntry<I, O>;
+/**
+ * The library's built-in registry. Two cells: string→number and
+ * string→boolean. Re-exported so consumers can spread it when
+ * supplying a custom registry that extends defaults.
+ */
+declare const defaultCoercionRules: CoercionRegistry;
+
+/**
+ * Per-Vue-app container for all form state instances. Each
+ * `app.use(createAttaform())` call gets its own registry,
+ * so the library runs under bare Vue 3 + SSR (via
+ * `@vue/server-renderer`) and Nuxt with the same code path.
+ *
+ * Each form's state lives in `forms: Map<FormKey, FormStore<GenericForm>>`.
+ * The type relaxation at storage time is necessary because different
+ * forms in the same app have different `Form` generics; callers recover
+ * the specific form type via `useForm`'s overloads.
+ */
+/**
+ * Serialised snapshot of one form's state, captured by
+ * `renderAttaformState` for SSR and replayed by
+ * `hydrateAttaformState` on the client. Round-trips through
+ * JSON-safe tuples; field references are intentionally omitted
+ * (DOM nodes don't survive serialisation).
+ */
+type SerializedFormData = {
+    /** The form's value at snapshot time. */
+    readonly form: unknown;
+    /**
+     * Errors produced by the schema at snapshot time. Replayed into
+     * the client form's error state at hydration; cleared on
+     * successful re-validation client-side.
+     */
+    readonly schemaErrors: ReadonlyArray<readonly [string, unknown]>;
+    /**
+     * Errors set explicitly via `setFieldErrors` / `addFieldErrors`
+     * (typically from a server response parsed via `parseApiErrors`)
+     * at snapshot time. Replayed at hydration; persists across
+     * client-side re-validation.
+     */
+    readonly userErrors: ReadonlyArray<readonly [string, unknown]>;
+    /** Per-field metadata (timestamps, raw values, connection flags) captured at snapshot time. */
+    readonly fields: ReadonlyArray<readonly [string, unknown]>;
+    /**
+     * Path keys that were in the form's `blankPaths` set at
+     * snapshot time. Round-trips the "displayed empty" UI state across
+     * the SSR boundary — without it, the client briefly renders
+     * `String(slim-default)` (e.g. `'0'`) for fields the server
+     * rendered as blank. Optional in the wire format so older payload
+     * shapes deserialise cleanly.
+     */
+    readonly blankPaths?: ReadonlyArray<string>;
+};
+/**
+ * The library's per-Vue-app container. One `AttaformRegistry` is
+ * created per `app.use(createAttaform())` call.
+ *
+ * Most consumers never touch this directly — `useForm` and
+ * `injectForm` reach the registry on your behalf. Access it
+ * explicitly only when wiring SSR or a custom plugin integration.
+ */
+type AttaformRegistry = {
+    /** `true` while running on the server during SSR; `false` on the client. */
+    readonly isSSR: boolean;
+    /** App-level defaults applied to every `useForm` call. */
+    readonly defaults: AttaformDefaults;
+};
+/**
+ * The Vue `InjectionKey` under which the registry is provided on the
+ * app. Most consumers never need this — `useForm` and
+ * `injectForm` resolve the registry automatically.
+ */
+declare const kAttaformRegistry: InjectionKey<AttaformRegistry>;
+declare module 'vue' {
+    interface App {
+    }
+}
+/** Options for `createRegistry`. */
+type CreateRegistryOptions = SSRDetectOptions & {
+    /**
+     * App-level defaults applied to every `useForm` call. Per-form
+     * options always win. Omitted is equivalent to `{}`.
+     */
+    defaults?: AttaformDefaults;
+};
+/**
+ * Create a fresh `AttaformRegistry`. `createAttaform()` calls
+ * this internally — most consumers never need to call it directly.
+ * Use it when building a custom plugin that doesn't want the
+ * `createAttaform` plugin's auto-install behaviour (e.g. test
+ * harnesses, embedded apps).
+ */
+declare function createRegistry(options?: CreateRegistryOptions): AttaformRegistry;
+/**
+ * Look up the current app's registry from inside a component's
+ * `setup()` (or any synchronous code on the setup call stack).
+ *
+ * Most consumers don't need this — `useForm` and `injectForm`
+ * call it on your behalf. Reach for it directly when building
+ * custom integrations that need the raw registry.
+ *
+ * Throws:
+ * - `OutsideSetupError` when called outside a Vue setup context
+ *   (e.g. from an event handler or async callback). Move the call
+ *   into setup, or trigger it from a child component.
+ * - `RegistryNotInstalledError` when called inside setup but the
+ *   plugin wasn't installed. Add
+ *   `app.use(createAttaform())` to your app entry.
+ */
+declare function useRegistry(): AttaformRegistry;
+/**
+ * Look up a Vue app's registry by `App` reference. Used by
+ * SSR helpers (`renderAttaformState`, `hydrateAttaformState`) that
+ * run outside a component setup context.
+ *
+ * Throws `RegistryNotInstalledError` when the app hasn't been wired
+ * with `createAttaform()`.
+ */
+declare function getRegistryFromApp(app: App): AttaformRegistry;
+
+/**
+ * Serialised snapshot of every form in a Vue app, produced by
+ * `renderAttaformState` and consumed by `hydrateAttaformState`.
+ *
+ * JSON-safe — pass to `JSON.stringify`, `devalue`, or any other
+ * serialiser before embedding in your SSR payload.
+ */
+type SerializedAttaformState = {
+    /** Tuples of `[formKey, snapshot]` for every form in the app. */
+    readonly forms: ReadonlyArray<readonly [FormKey, SerializedFormData]>;
+};
+/**
+ * Snapshot every form on a Vue app for SSR. Call from your server
+ * entry after rendering the app:
+ *
+ * ```ts
+ * import { renderToString } from '@vue/server-renderer'
+ * import { renderAttaformState, escapeForInlineScript } from 'attaform'
+ *
+ * const html = await renderToString(app)
+ * const state = renderAttaformState(app)
+ * const payload = escapeForInlineScript(JSON.stringify(state))
+ *
+ * return `
+ *   ${html}
+ *   <script>window.__ATTAFORM_STATE__ = ${payload}</script>
+ * `
+ * ```
+ *
+ * Pair with `hydrateAttaformState` on the client to restore the
+ * forms in their server-rendered state. Nuxt users don't need this —
+ * `attaform/nuxt` wires SSR automatically.
+ */
+declare function renderAttaformState(app: App): SerializedAttaformState;
+/**
+ * Restore forms from a server-rendered snapshot on the client. Call
+ * from your client entry before mounting:
+ *
+ * ```ts
+ * import { createApp } from 'vue'
+ * import { createAttaform, hydrateAttaformState } from 'attaform'
+ *
+ * const app = createApp(App).use(createAttaform())
+ * hydrateAttaformState(app, window.__ATTAFORM_STATE__)
+ * app.mount('#app')
+ * ```
+ *
+ * The next `useForm({ key })` call for each serialised form picks up
+ * the snapshot transparently — no further action is required.
+ */
+declare function hydrateAttaformState(app: App, payload: SerializedAttaformState): void;
+
+/**
+ * Escape a JSON string so it's safe to embed inside an inline
+ * `<script>` tag during SSR. Plain `JSON.stringify` is not safe — a
+ * form value containing the literal substring `</script>` would
+ * break out of the script tag.
+ *
+ * ```ts
+ * const payload = escapeForInlineScript(JSON.stringify(renderAttaformState(app)))
+ * // `<script>window.__ATTAFORM_STATE__ = ${payload}</script>` is safe.
+ * ```
+ *
+ * Output remains valid JSON — `JSON.parse` round-trips back to the
+ * original value on the client.
+ */
+declare function escapeForInlineScript(json: string): string;
+
+/**
+ * Schema-agnostic `useForm`. Accepts any object that implements
+ * `AbstractSchema` — useful when integrating a custom schema
+ * adapter or a third-party validation library.
+ *
+ * ```ts
+ * import { useForm } from 'attaform'
+ *
+ * const form = useForm({
+ *   schema: myCustomAdapter,
+ *   defaultValues: { name: '' },
+ * })
+ * ```
+ *
+ * Most consumers prefer a typed entry point — e.g.
+ * `attaform/zod` (v4) or `attaform/zod-v3` —
+ * which wrap the underlying library's schema with the matching
+ * adapter automatically.
+ *
+ * Returns the same form API as the typed entry points; see
+ * `UseFormReturnType` for the full surface.
+ */
+declare function useAbstractForm<Form extends GenericForm, GetValueFormType extends GenericForm = Form>(configuration: UseFormConfiguration<Form, GetValueFormType, AbstractSchema<Form, GetValueFormType>, DeepPartial<DefaultValuesShape<Form>>>): UseFormReturnType<Form, GetValueFormType>;
+
+/**
+ * Symbol slot used by custom directive integrations to install an
+ * assigner on the bound element. Read by the v-register directive
+ * when a DOM event fires:
+ *
+ * ```ts
+ * import { assignKey } from 'attaform'
+ * el[assignKey] = (value) => myCustomWriter(value)
+ * ```
+ *
+ * Most consumers never need this — the built-in directives wire
+ * default assigners for text inputs, checkboxes, radios, and selects.
+ */
+declare const assignKey: unique symbol;
+/**
+ * Type guard for a `RegisterValue`. Returns `true` when `val` looks
+ * like the object returned from `form.register(path)`.
+ *
+ * ```ts
+ * if (isRegisterValue(slotValue)) {
+ *   // slotValue.innerRef is now a Ref<unknown>
+ * }
+ * ```
+ *
+ * Useful when building wrapper components that accept either a
+ * `RegisterValue` or a plain ref via the same prop.
+ */
+declare function isRegisterValue<Value = unknown>(val: unknown): val is RegisterValue<Value>;
+/**
+ * The `v-register` directive. Bind a form field to a native input,
+ * select, textarea, checkbox, or radio:
+ *
+ * ```vue
+ * <input v-register="form.register('email')" />
+ * <select v-register="form.register('country')">
+ *   <option value="us">US</option>
+ *   <option value="uk">UK</option>
+ * </select>
+ * ```
+ *
+ * The directive picks the right binding strategy automatically based
+ * on the element's `tagName` and `type`. Registered globally by
+ * `createAttaform()` — most consumers never import it
+ * directly, but it's exposed for advanced integrations that wire
+ * directives manually.
+ */
+declare const vRegister: RegisterModelDynamicCustomDirective;
+
+/**
+ * Result of `parseApiErrors`. Branch on `ok` to handle the two cases:
+ *
+ * ```ts
+ * const result = parseApiErrors(payload, { formKey: form.key })
+ * if (result.ok) {
+ *   form.setFieldErrors(result.errors)
+ * } else {
+ *   console.warn('Bad error payload:', result.rejected)
+ * }
+ * ```
+ *
+ * `ok: true` means the payload was recognised — `errors` may still be
+ * empty if the payload was valid but had no actual errors.
+ * `ok: false` means the payload didn't match a known shape; `rejected`
+ * carries a one-line description of why.
+ */
+type ParseApiErrorsResult = {
+    /** `true` when the payload was recognised; `false` when the shape was unfamiliar. */
+    readonly ok: boolean;
+    /** Errors extracted from the payload. May be empty even when `ok: true`. */
+    readonly errors: ValidationError[];
+    /** When `ok: false`, a one-line description of why the payload was rejected. */
+    readonly rejected?: string;
+};
+/**
+ * Options for `parseApiErrors`. The size caps protect against
+ * misbehaving or hostile servers — exceeding any cap causes the
+ * parser to reject the payload wholesale rather than partially apply.
+ */
+type ParseApiErrorsOptions = {
+    /**
+     * The form's identifier — pass `form.key`. Stamped on every
+     * produced `ValidationError` so errors route to the right form.
+     */
+    readonly formKey: FormKey;
+    /**
+     * Code stamped on `ValidationError`s synthesized from bare-string
+     * entries (the Rails / DRF / Laravel `{ field: ["msg"] }` shape).
+     * Default `'api:unknown'`. Pick something more specific
+     * (`'api:server-validation'`, `'myapp:legacy'`, …) when you know
+     * the source.
+     *
+     * Structured `{ message, code }` entries forward their `code`
+     * verbatim and ignore this option.
+     */
+    readonly defaultCode?: string;
+    /**
+     * Maximum number of distinct keys to accept. Default `1000`.
+     * Raise for trusted backends that legitimately produce more.
+     */
+    readonly maxEntries?: number;
+    /**
+     * Maximum number of path segments per key. Default `32`. Keys
+     * deeper than this are dropped (the rest of the payload still
+     * applies if it stays under the other caps).
+     */
+    readonly maxPathDepth?: number;
+    /**
+     * Maximum total path segments summed across every accepted key.
+     * Default `10000`. Bounds the worst-case traversal cost.
+     */
+    readonly maxTotalSegments?: number;
+};
+/**
+ * Default size caps + default fallback code used by `parseApiErrors`.
+ * Conservative; pass larger values (or a more specific code) via the
+ * options bag for trusted-backend integrations.
+ */
+declare const PARSE_API_ERRORS_DEFAULTS: {
+    readonly maxEntries: 1000;
+    readonly maxPathDepth: 32;
+    readonly maxTotalSegments: 10000;
+    readonly defaultCode: "api:unknown";
+};
+/**
+ * Normalise a server-side validation error payload into
+ * `ValidationError[]`. Pair with `form.setFieldErrors` /
+ * `form.addFieldErrors` to surface server errors on the form:
+ *
+ * ```ts
+ * const response = await fetch('/api/signup', { … })
+ * if (!response.ok) {
+ *   const payload = await response.json()
+ *   const result = parseApiErrors(payload, { formKey: form.key })
+ *   if (result.ok) form.setFieldErrors(result.errors)
+ * }
+ * ```
+ *
+ * Recognised payload shapes:
+ *
+ * - Wrapped envelope:
+ *   `{ error: { details: { email: { message: 'taken', code: 'api:duplicate-email' } } } }`
+ * - Unwrapped envelope:
+ *   `{ details: { email: { message: 'taken', code: 'api:duplicate-email' } } }`
+ * - Raw details record:
+ *   `{ email: { message: 'taken', code: 'api:duplicate-email' } }`
+ * - **Bare-string Rails / DRF / Laravel shape:**
+ *   `{ email: ['Email already taken.'], username: 'too short' }`
+ * - `null` / `undefined` — returns `{ ok: true, errors: [] }`
+ *
+ * Two entry shapes are accepted:
+ *
+ * 1. **Structured** — `{ message: string, code: string }`. The `code`
+ *    is forwarded verbatim onto the produced `ValidationError`.
+ * 2. **Bare-string** — a plain string. Synthesized into
+ *    `{ message: <string>, code: <defaultCode> }` where `defaultCode`
+ *    comes from `options.defaultCode` (default `'api:unknown'`).
+ *    Useful for the Rails / Django REST Framework / FastAPI / Laravel
+ *    JSON shape that doesn't carry a per-field code.
+ *
+ * Each detail key's value can be a single entry, an array, or a mix
+ * of structured and bare-string entries; arrays expand into one
+ * `ValidationError` per entry. Pick a prefix on the server (`api:`,
+ * `auth:`, etc.) and stay consistent so error renderers can branch
+ * on `code` — or rely on `defaultCode` when the wire shape is
+ * message-only.
+ *
+ * Dotted keys (`"address.line1"`) are split into structured paths
+ * automatically. Use a custom server response shape outside these
+ * patterns? Build the `ValidationError[]` array yourself and pass
+ * it to `setFieldErrors` directly — `parseApiErrors` is just a
+ * convenience for the common shapes.
+ */
+declare function parseApiErrors(payload: ApiErrorEnvelope | ApiErrorDetails | null | undefined | unknown, options: ParseApiErrorsOptions): ParseApiErrorsResult;
+
+export { AbstractSchema, ApiErrorDetails, ApiErrorEnvelope, AttaformDefaults, CoercionEntry, CoercionRegistry, DeepPartial, DefaultValuesShape, FormKey, GenericForm, PARSE_API_ERRORS_DEFAULTS, RegisterValue, SlimPrimitiveKind, UseFormConfiguration, UseFormReturnType, ValidationError, assignKey, createAttaform, createRegistry, defaultCoercionRules, defineCoercion, escapeForInlineScript, getRegistryFromApp, hydrateAttaformState, isRegisterValue, kAttaformRegistry, parseApiErrors, renderAttaformState, useAbstractForm as useForm, useRegistry, vRegister };
+export type { AttaformPluginOptions, AttaformRegistry, ParseApiErrorsOptions, ParseApiErrorsResult, SerializedAttaformState, SerializedFormData };

package/dist/index.mjs

@@ -0,0 +1,141 @@
+export { a as assignKey, c as createAttaform, h as hydrateAttaformState, i as isRegisterValue, r as renderAttaformState, v as vRegister } from './shared/attaform.DlgKK10S.mjs';
+import { I as InvalidPathError } from './shared/attaform.al_rpt7_.mjs';
+export { A as AnonPersistError, a as AttaformError, O as OutsideSetupError, R as RegistryNotInstalledError, b as ReservedFormKeyError, S as SensitivePersistFieldError, c as SubmitErrorHandlerError, d as createRegistry, g as getRegistryFromApp, k as kAttaformRegistry, u as useRegister, e as useRegistry } from './shared/attaform.al_rpt7_.mjs';
+export { A as AttaformErrorCode, d as defaultCoercionRules, a as defineCoercion, i as injectForm, b as isUnset, u as unset, c as useForm } from './shared/attaform.BRTxpA3q.mjs';
+import { c as canonicalizePath } from './shared/attaform.Cc93zNzD.mjs';
+export { R as ROOT_PATH, a as ROOT_PATH_KEY, p as parseDottedPath } from './shared/attaform.Cc93zNzD.mjs';
+
+function escapeForInlineScript(json) {
+  return json.replace(/[<>&\u2028\u2029]/g, (char) => {
+    switch (char) {
+      case "<":
+        return "\\u003c";
+      case ">":
+        return "\\u003e";
+      case "&":
+        return "\\u0026";
+      case "\u2028":
+        return "\\u2028";
+      case "\u2029":
+        return "\\u2029";
+      default:
+        return char;
+    }
+  });
+}
+
+const PARSE_API_ERRORS_DEFAULTS = {
+  maxEntries: 1e3,
+  maxPathDepth: 32,
+  maxTotalSegments: 1e4,
+  defaultCode: "api:unknown"
+};
+function parseApiErrors(payload, options) {
+  const maxEntries = options.maxEntries ?? PARSE_API_ERRORS_DEFAULTS.maxEntries;
+  const maxPathDepth = options.maxPathDepth ?? PARSE_API_ERRORS_DEFAULTS.maxPathDepth;
+  const maxTotalSegments = options.maxTotalSegments ?? PARSE_API_ERRORS_DEFAULTS.maxTotalSegments;
+  const defaultCode = options.defaultCode ?? PARSE_API_ERRORS_DEFAULTS.defaultCode;
+  if (payload === null || payload === void 0) {
+    return { ok: true, errors: [] };
+  }
+  if (typeof payload !== "object") {
+    return { ok: false, errors: [], rejected: `payload was ${typeof payload}, expected object` };
+  }
+  const extraction = extractDetails(payload);
+  if (!extraction.ok) {
+    return { ok: false, errors: [], rejected: extraction.reason };
+  }
+  const { details } = extraction;
+  const entryCount = Object.keys(details).length;
+  if (entryCount > maxEntries) {
+    return {
+      ok: false,
+      errors: [],
+      rejected: `payload has ${entryCount} entries, exceeds maxEntries=${maxEntries}`
+    };
+  }
+  const errors = [];
+  let totalSegments = 0;
+  for (const [key, value] of Object.entries(details)) {
+    const entryList = Array.isArray(value) ? value : [value];
+    let segments;
+    try {
+      segments = canonicalizePath(key).segments;
+    } catch (err) {
+      if (err instanceof InvalidPathError) continue;
+      throw err;
+    }
+    if (segments.length > maxPathDepth) continue;
+    totalSegments += segments.length;
+    if (totalSegments > maxTotalSegments) {
+      return {
+        ok: false,
+        errors: [],
+        rejected: `payload total path segments exceeds maxTotalSegments=${maxTotalSegments}`
+      };
+    }
+    for (const entry of entryList) {
+      const message = typeof entry === "string" ? entry : entry.message;
+      const code = typeof entry === "string" ? defaultCode : entry.code;
+      if (message.length === 0) continue;
+      errors.push({
+        message,
+        path: Array.from(segments),
+        formKey: options.formKey,
+        code
+      });
+    }
+  }
+  return { ok: true, errors };
+}
+function extractDetails(payload) {
+  const wrappedError = payload["error"];
+  if (wrappedError !== null && wrappedError !== void 0 && typeof wrappedError === "object") {
+    const inner = wrappedError.details;
+    if (inner === void 0) {
+      return { ok: true, details: {} };
+    }
+    if (isDetailsRecord(inner)) return { ok: true, details: inner };
+    return {
+      ok: false,
+      reason: "error.details entries must be strings or { message, code } objects"
+    };
+  }
+  if (wrappedError !== null && wrappedError !== void 0 && typeof wrappedError !== "object") {
+    return {
+      ok: false,
+      reason: `payload.error was ${typeof wrappedError}, expected an object with { details }`
+    };
+  }
+  if ("details" in payload) {
+    const inner = payload["details"];
+    if (inner === void 0) return { ok: true, details: {} };
+    if (isDetailsRecord(inner)) return { ok: true, details: inner };
+    return { ok: false, reason: "details entries must be strings or { message, code } objects" };
+  }
+  if (isDetailsRecord(payload)) return { ok: true, details: payload };
+  if (Object.keys(payload).length === 0) return { ok: true, details: {} };
+  return { ok: false, reason: "unrecognised payload shape" };
+}
+function isStructuredEntry(value) {
+  if (value === null || typeof value !== "object" || Array.isArray(value)) return false;
+  const obj = value;
+  return typeof obj.message === "string" && typeof obj.code === "string";
+}
+function isAcceptedEntry(value) {
+  return typeof value === "string" || isStructuredEntry(value);
+}
+function isDetailsRecord(value) {
+  if (value === null || typeof value !== "object" || Array.isArray(value)) return false;
+  const record = value;
+  for (const k of Object.keys(record)) {
+    const v = record[k];
+    if (isAcceptedEntry(v)) continue;
+    if (Array.isArray(v) && v.every((entry) => isAcceptedEntry(entry))) continue;
+    return false;
+  }
+  return true;
+}
+
+export { InvalidPathError, PARSE_API_ERRORS_DEFAULTS, canonicalizePath, escapeForInlineScript, parseApiErrors };
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","sources":["../src/runtime/core/serialize-script.ts","../src/runtime/core/parse-api-errors.ts"],"sourcesContent":["/**\n * Escape a JSON string so it's safe to embed inside an inline\n * `<script>` tag during SSR. Plain `JSON.stringify` is not safe — a\n * form value containing the literal substring `</script>` would\n * break out of the script tag.\n *\n * ```ts\n * const payload = escapeForInlineScript(JSON.stringify(renderAttaformState(app)))\n * // `<script>window.__ATTAFORM_STATE__ = ${payload}</script>` is safe.\n * ```\n *\n * Output remains valid JSON — `JSON.parse` round-trips back to the\n * original value on the client.\n */\nexport function escapeForInlineScript(json: string): string {\n  return json.replace(/[<>&\\u2028\\u2029]/g, (char) => {\n    switch (char) {\n      case '<':\n        return '\\\\u003c'\n      case '>':\n        return '\\\\u003e'\n      case '&':\n        return '\\\\u0026'\n      case '\\u2028':\n        return '\\\\u2028'\n      case '\\u2029':\n        return '\\\\u2029'\n      default:\n        return char\n    }\n  })\n}\n","import type {\n  ApiErrorDetails,\n  ApiErrorEntry,\n  ApiErrorEnvelope,\n  FormKey,\n  ValidationError,\n} from '../types/types-api'\nimport { InvalidPathError } from './errors'\nimport { canonicalizePath } from './paths'\n\n/**\n * Result of `parseApiErrors`. Branch on `ok` to handle the two cases:\n *\n * ```ts\n * const result = parseApiErrors(payload, { formKey: form.key })\n * if (result.ok) {\n *   form.setFieldErrors(result.errors)\n * } else {\n *   console.warn('Bad error payload:', result.rejected)\n * }\n * ```\n *\n * `ok: true` means the payload was recognised — `errors` may still be\n * empty if the payload was valid but had no actual errors.\n * `ok: false` means the payload didn't match a known shape; `rejected`\n * carries a one-line description of why.\n */\nexport type ParseApiErrorsResult = {\n  /** `true` when the payload was recognised; `false` when the shape was unfamiliar. */\n  readonly ok: boolean\n  /** Errors extracted from the payload. May be empty even when `ok: true`. */\n  readonly errors: ValidationError[]\n  /** When `ok: false`, a one-line description of why the payload was rejected. */\n  readonly rejected?: string\n}\n\n/**\n * Options for `parseApiErrors`. The size caps protect against\n * misbehaving or hostile servers — exceeding any cap causes the\n * parser to reject the payload wholesale rather than partially apply.\n */\nexport type ParseApiErrorsOptions = {\n  /**\n   * The form's identifier — pass `form.key`. Stamped on every\n   * produced `ValidationError` so errors route to the right form.\n   */\n  readonly formKey: FormKey\n  /**\n   * Code stamped on `ValidationError`s synthesized from bare-string\n   * entries (the Rails / DRF / Laravel `{ field: [\"msg\"] }` shape).\n   * Default `'api:unknown'`. Pick something more specific\n   * (`'api:server-validation'`, `'myapp:legacy'`, …) when you know\n   * the source.\n   *\n   * Structured `{ message, code }` entries forward their `code`\n   * verbatim and ignore this option.\n   */\n  readonly defaultCode?: string\n  /**\n   * Maximum number of distinct keys to accept. Default `1000`.\n   * Raise for trusted backends that legitimately produce more.\n   */\n  readonly maxEntries?: number\n  /**\n   * Maximum number of path segments per key. Default `32`. Keys\n   * deeper than this are dropped (the rest of the payload still\n   * applies if it stays under the other caps).\n   */\n  readonly maxPathDepth?: number\n  /**\n   * Maximum total path segments summed across every accepted key.\n   * Default `10000`. Bounds the worst-case traversal cost.\n   */\n  readonly maxTotalSegments?: number\n}\n\n/**\n * Default size caps + default fallback code used by `parseApiErrors`.\n * Conservative; pass larger values (or a more specific code) via the\n * options bag for trusted-backend integrations.\n */\nexport const PARSE_API_ERRORS_DEFAULTS = {\n  maxEntries: 1000,\n  maxPathDepth: 32,\n  maxTotalSegments: 10000,\n  defaultCode: 'api:unknown',\n} as const\n\n/**\n * Normalise a server-side validation error payload into\n * `ValidationError[]`. Pair with `form.setFieldErrors` /\n * `form.addFieldErrors` to surface server errors on the form:\n *\n * ```ts\n * const response = await fetch('/api/signup', { … })\n * if (!response.ok) {\n *   const payload = await response.json()\n *   const result = parseApiErrors(payload, { formKey: form.key })\n *   if (result.ok) form.setFieldErrors(result.errors)\n * }\n * ```\n *\n * Recognised payload shapes:\n *\n * - Wrapped envelope:\n *   `{ error: { details: { email: { message: 'taken', code: 'api:duplicate-email' } } } }`\n * - Unwrapped envelope:\n *   `{ details: { email: { message: 'taken', code: 'api:duplicate-email' } } }`\n * - Raw details record:\n *   `{ email: { message: 'taken', code: 'api:duplicate-email' } }`\n * - **Bare-string Rails / DRF / Laravel shape:**\n *   `{ email: ['Email already taken.'], username: 'too short' }`\n * - `null` / `undefined` — returns `{ ok: true, errors: [] }`\n *\n * Two entry shapes are accepted:\n *\n * 1. **Structured** — `{ message: string, code: string }`. The `code`\n *    is forwarded verbatim onto the produced `ValidationError`.\n * 2. **Bare-string** — a plain string. Synthesized into\n *    `{ message: <string>, code: <defaultCode> }` where `defaultCode`\n *    comes from `options.defaultCode` (default `'api:unknown'`).\n *    Useful for the Rails / Django REST Framework / FastAPI / Laravel\n *    JSON shape that doesn't carry a per-field code.\n *\n * Each detail key's value can be a single entry, an array, or a mix\n * of structured and bare-string entries; arrays expand into one\n * `ValidationError` per entry. Pick a prefix on the server (`api:`,\n * `auth:`, etc.) and stay consistent so error renderers can branch\n * on `code` — or rely on `defaultCode` when the wire shape is\n * message-only.\n *\n * Dotted keys (`\"address.line1\"`) are split into structured paths\n * automatically. Use a custom server response shape outside these\n * patterns? Build the `ValidationError[]` array yourself and pass\n * it to `setFieldErrors` directly — `parseApiErrors` is just a\n * convenience for the common shapes.\n */\nexport function parseApiErrors(\n  payload: ApiErrorEnvelope | ApiErrorDetails | null | undefined | unknown,\n  options: ParseApiErrorsOptions\n): ParseApiErrorsResult {\n  const maxEntries = options.maxEntries ?? PARSE_API_ERRORS_DEFAULTS.maxEntries\n  const maxPathDepth = options.maxPathDepth ?? PARSE_API_ERRORS_DEFAULTS.maxPathDepth\n  const maxTotalSegments = options.maxTotalSegments ?? PARSE_API_ERRORS_DEFAULTS.maxTotalSegments\n  const defaultCode = options.defaultCode ?? PARSE_API_ERRORS_DEFAULTS.defaultCode\n\n  if (payload === null || payload === undefined) {\n    return { ok: true, errors: [] }\n  }\n  if (typeof payload !== 'object') {\n    return { ok: false, errors: [], rejected: `payload was ${typeof payload}, expected object` }\n  }\n\n  const extraction = extractDetails(payload as Record<string, unknown>)\n  if (!extraction.ok) {\n    return { ok: false, errors: [], rejected: extraction.reason }\n  }\n\n  const { details } = extraction\n  const entryCount = Object.keys(details).length\n  // Enforce the guardrails before we spend time walking the payload.\n  // Rejecting wholesale (not partial-applying) keeps the failure visible\n  // so consumers can tune the caps or investigate the server payload.\n  if (entryCount > maxEntries) {\n    return {\n      ok: false,\n      errors: [],\n      rejected: `payload has ${entryCount} entries, exceeds maxEntries=${maxEntries}`,\n    }\n  }\n\n  const errors: ValidationError[] = []\n  let totalSegments = 0\n  for (const [key, value] of Object.entries(details)) {\n    const entryList: ReadonlyArray<string | ApiErrorEntry> = Array.isArray(value) ? value : [value]\n    // `canonicalizePath` throws `InvalidPathError` for dotted strings with\n    // empty segments (e.g. `'. '`, `'a..b'`). A misbehaving server can\n    // genuinely emit such a key; the hydrator is a normaliser, not a\n    // validator, so we drop offending keys rather than let the exception\n    // escape. Well-formed keys continue as normal.\n    let segments: readonly (string | number)[]\n    try {\n      segments = canonicalizePath(key).segments\n    } catch (err) {\n      if (err instanceof InvalidPathError) continue\n      throw err\n    }\n    // Per-path depth cap. We drop the offending key (rather than\n    // rejecting the whole payload) because a single stray deep path\n    // in an otherwise legitimate error set is still worth surfacing\n    // the rest. Consumers who want strict rejection can post-filter\n    // on `result.errors.length < details entryCount`.\n    if (segments.length > maxPathDepth) continue\n    // Total-segment cap. Enforced wholesale (not per-key) so a payload\n    // that passes the per-key gate but stacks into a pathological\n    // total still fails visibly. Mirrors `maxEntries` strictness.\n    totalSegments += segments.length\n    if (totalSegments > maxTotalSegments) {\n      return {\n        ok: false,\n        errors: [],\n        rejected: `payload total path segments exceeds maxTotalSegments=${maxTotalSegments}`,\n      }\n    }\n    for (const entry of entryList) {\n      // Bare-string entries (Rails / DRF / Laravel shape) synthesize a\n      // `code` from `options.defaultCode`; structured `{ message, code }`\n      // entries forward `code` verbatim. Empty messages drop silently\n      // (`{ message: '' }` or `''`) — same recoverable-malformed-server\n      // policy as before.\n      const message = typeof entry === 'string' ? entry : entry.message\n      const code = typeof entry === 'string' ? defaultCode : entry.code\n      if (message.length === 0) continue\n      errors.push({\n        message,\n        path: Array.from(segments),\n        formKey: options.formKey,\n        code,\n      })\n    }\n  }\n  return { ok: true, errors }\n}\n\ntype ExtractResult = { ok: true; details: ApiErrorDetails } | { ok: false; reason: string }\n\nfunction extractDetails(payload: Record<string, unknown>): ExtractResult {\n  const wrappedError = payload['error']\n  if (wrappedError !== null && wrappedError !== undefined && typeof wrappedError === 'object') {\n    const inner = (wrappedError as { details?: unknown }).details\n    if (inner === undefined) {\n      // A wrapped envelope without details is considered \"no errors\" — valid shape.\n      return { ok: true, details: {} }\n    }\n    if (isDetailsRecord(inner)) return { ok: true, details: inner }\n    return {\n      ok: false,\n      reason: 'error.details entries must be strings or { message, code } objects',\n    }\n  }\n\n  // `{ error: 'oops' }` / `{ error: 42 }` is a malformed wrapped envelope —\n  // the server meant an error object but sent a scalar. Without this guard\n  // the payload would fall through to the raw-details branch below, where\n  // `{ error: 'oops' }` satisfies `isDetailsRecord` and silently produces\n  // a phantom `ValidationError` at path `['error']`.\n  if (wrappedError !== null && wrappedError !== undefined && typeof wrappedError !== 'object') {\n    return {\n      ok: false,\n      reason: `payload.error was ${typeof wrappedError}, expected an object with { details }`,\n    }\n  }\n\n  if ('details' in payload) {\n    const inner = payload['details']\n    if (inner === undefined) return { ok: true, details: {} }\n    if (isDetailsRecord(inner)) return { ok: true, details: inner }\n    return { ok: false, reason: 'details entries must be strings or { message, code } objects' }\n  }\n\n  if (isDetailsRecord(payload)) return { ok: true, details: payload }\n\n  // Heuristic: if the payload has keys but none of them look like details,\n  // it's probably a completely different shape. Reject.\n  if (Object.keys(payload).length === 0) return { ok: true, details: {} }\n  return { ok: false, reason: 'unrecognised payload shape' }\n}\n\nfunction isStructuredEntry(value: unknown): value is ApiErrorEntry {\n  if (value === null || typeof value !== 'object' || Array.isArray(value)) return false\n  const obj = value as { message?: unknown; code?: unknown }\n  return typeof obj.message === 'string' && typeof obj.code === 'string'\n}\n\n/**\n * Accepts either a structured `{ message, code }` entry OR a bare\n * string. Bare strings synthesize a `code` at parse time\n * (`options.defaultCode`) and are useful for the Rails / Django REST\n * Framework / Laravel JSON shape that doesn't carry a per-field code.\n */\nfunction isAcceptedEntry(value: unknown): value is string | ApiErrorEntry {\n  return typeof value === 'string' || isStructuredEntry(value)\n}\n\n/**\n * A record is a \"details\" record when every value is either an\n * accepted entry or an array of accepted entries (mixing structured +\n * bare-string in the same array is fine; the parser normalises per\n * entry). Half-structured objects (e.g. `{ message: 'x' }` missing\n * `code`) are still rejected so the bug surfaces — see the\n * `'rejects entries that are objects but missing required fields'`\n * test for the rationale.\n */\nfunction isDetailsRecord(value: unknown): value is ApiErrorDetails {\n  if (value === null || typeof value !== 'object' || Array.isArray(value)) return false\n  // Reject prototype-polluted keys — we don't use them here, but downstream\n  // spreads shouldn't have to worry about this input.\n  const record = value as Record<string, unknown>\n  for (const k of Object.keys(record)) {\n    const v = record[k]\n    if (isAcceptedEntry(v)) continue\n    if (Array.isArray(v) && v.every((entry) => isAcceptedEntry(entry))) continue\n    return false\n  }\n  return true\n}\n"],"names":[],"mappings":";;;;;;;AAcO,SAAS,sBAAsB,IAAA,EAAsB;AAC1D,EAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,oBAAA,EAAsB,CAAC,IAAA,KAAS;AAClD,IAAA,QAAQ,IAAA;AAAM,MACZ,KAAK,GAAA;AACH,QAAA,OAAO,SAAA;AAAA,MACT,KAAK,GAAA;AACH,QAAA,OAAO,SAAA;AAAA,MACT,KAAK,GAAA;AACH,QAAA,OAAO,SAAA;AAAA,MACT,KAAK,QAAA;AACH,QAAA,OAAO,SAAA;AAAA,MACT,KAAK,QAAA;AACH,QAAA,OAAO,SAAA;AAAA,MACT;AACE,QAAA,OAAO,IAAA;AAAA;AACX,EACF,CAAC,CAAA;AACH;;ACkDO,MAAM,yBAAA,GAA4B;AAAA,EACvC,UAAA,EAAY,GAAA;AAAA,EACZ,YAAA,EAAc,EAAA;AAAA,EACd,gBAAA,EAAkB,GAAA;AAAA,EAClB,WAAA,EAAa;AACf;AAmDO,SAAS,cAAA,CACd,SACA,OAAA,EACsB;AACtB,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,UAAA,IAAc,yBAAA,CAA0B,UAAA;AACnE,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,YAAA,IAAgB,yBAAA,CAA0B,YAAA;AACvE,EAAA,MAAM,gBAAA,GAAmB,OAAA,CAAQ,gBAAA,IAAoB,yBAAA,CAA0B,gBAAA;AAC/E,EAAA,MAAM,WAAA,GAAc,OAAA,CAAQ,WAAA,IAAe,yBAAA,CAA0B,WAAA;AAErE,EAAA,IAAI,OAAA,KAAY,IAAA,IAAQ,OAAA,KAAY,MAAA,EAAW;AAC7C,IAAA,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,MAAA,EAAQ,EAAC,EAAE;AAAA,EAChC;AACA,EAAA,IAAI,OAAO,YAAY,QAAA,EAAU;AAC/B,IAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,IAAI,QAAA,EAAU,CAAA,YAAA,EAAe,OAAO,OAAO,CAAA,iBAAA,CAAA,EAAoB;AAAA,EAC7F;AAEA,EAAA,MAAM,UAAA,GAAa,eAAe,OAAkC,CAAA;AACpE,EAAA,IAAI,CAAC,WAAW,EAAA,EAAI;AAClB,IAAA,OAAO,EAAE,IAAI,KAAA,EAAO,MAAA,EAAQ,EAAC,EAAG,QAAA,EAAU,WAAW,MAAA,EAAO;AAAA,EAC9D;AAEA,EAAA,MAAM,EAAE,SAAQ,GAAI,UAAA;AACpB,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAA;AAIxC,EAAA,IAAI,aAAa,UAAA,EAAY;AAC3B,IAAA,OAAO;AAAA,MACL,EAAA,EAAI,KAAA;AAAA,MACJ,QAAQ,EAAC;AAAA,MACT,QAAA,EAAU,CAAA,YAAA,EAAe,UAAU,CAAA,6BAAA,EAAgC,UAAU,CAAA;AAAA,KAC/E;AAAA,EACF;AAEA,EAAA,MAAM,SAA4B,EAAC;AACnC,EAAA,IAAI,aAAA,GAAgB,CAAA;AACpB,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,OAAO,CAAA,EAAG;AAClD,IAAA,MAAM,YAAmD,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,GAAI,KAAA,GAAQ,CAAC,KAAK,CAAA;AAM9F,IAAA,IAAI,QAAA;AACJ,IAAA,IAAI;AACF,MAAA,QAAA,GAAW,gBAAA,CAAiB,GAAG,CAAA,CAAE,QAAA;AAAA,IACnC,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,eAAe,gBAAA,EAAkB;AACrC,MAAA,MAAM,GAAA;AAAA,IACR;AAMA,IAAA,IAAI,QAAA,CAAS,SAAS,YAAA,EAAc;AAIpC,IAAA,aAAA,IAAiB,QAAA,CAAS,MAAA;AAC1B,IAAA,IAAI,gBAAgB,gBAAA,EAAkB;AACpC,MAAA,OAAO;AAAA,QACL,EAAA,EAAI,KAAA;AAAA,QACJ,QAAQ,EAAC;AAAA,QACT,QAAA,EAAU,wDAAwD,gBAAgB,CAAA;AAAA,OACpF;AAAA,IACF;AACA,IAAA,KAAA,MAAW,SAAS,SAAA,EAAW;AAM7B,MAAA,MAAM,OAAA,GAAU,OAAO,KAAA,KAAU,QAAA,GAAW,QAAQ,KAAA,CAAM,OAAA;AAC1D,MAAA,MAAM,IAAA,GAAO,OAAO,KAAA,KAAU,QAAA,GAAW,cAAc,KAAA,CAAM,IAAA;AAC7D,MAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AAC1B,MAAA,MAAA,CAAO,IAAA,CAAK;AAAA,QACV,OAAA;AAAA,QACA,IAAA,EAAM,KAAA,CAAM,IAAA,CAAK,QAAQ,CAAA;AAAA,QACzB,SAAS,OAAA,CAAQ,OAAA;AAAA,QACjB;AAAA,OACD,CAAA;AAAA,IACH;AAAA,EACF;AACA,EAAA,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,MAAA,EAAO;AAC5B;AAIA,SAAS,eAAe,OAAA,EAAiD;AACvE,EAAA,MAAM,YAAA,GAAe,QAAQ,OAAO,CAAA;AACpC,EAAA,IAAI,iBAAiB,IAAA,IAAQ,YAAA,KAAiB,MAAA,IAAa,OAAO,iBAAiB,QAAA,EAAU;AAC3F,IAAA,MAAM,QAAS,YAAA,CAAuC,OAAA;AACtD,IAAA,IAAI,UAAU,MAAA,EAAW;AAEvB,MAAA,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,OAAA,EAAS,EAAC,EAAE;AAAA,IACjC;AACA,IAAA,IAAI,eAAA,CAAgB,KAAK,CAAA,EAAG,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,SAAS,KAAA,EAAM;AAC9D,IAAA,OAAO;AAAA,MACL,EAAA,EAAI,KAAA;AAAA,MACJ,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAOA,EAAA,IAAI,iBAAiB,IAAA,IAAQ,YAAA,KAAiB,MAAA,IAAa,OAAO,iBAAiB,QAAA,EAAU;AAC3F,IAAA,OAAO;AAAA,MACL,EAAA,EAAI,KAAA;AAAA,MACJ,MAAA,EAAQ,CAAA,kBAAA,EAAqB,OAAO,YAAY,CAAA,qCAAA;AAAA,KAClD;AAAA,EACF;AAEA,EAAA,IAAI,aAAa,OAAA,EAAS;AACxB,IAAA,MAAM,KAAA,GAAQ,QAAQ,SAAS,CAAA;AAC/B,IAAA,IAAI,KAAA,KAAU,QAAW,OAAO,EAAE,IAAI,IAAA,EAAM,OAAA,EAAS,EAAC,EAAE;AACxD,IAAA,IAAI,eAAA,CAAgB,KAAK,CAAA,EAAG,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,SAAS,KAAA,EAAM;AAC9D,IAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,8DAAA,EAA+D;AAAA,EAC7F;AAEA,EAAA,IAAI,eAAA,CAAgB,OAAO,CAAA,EAAG,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,SAAS,OAAA,EAAQ;AAIlE,EAAA,IAAI,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,MAAA,KAAW,CAAA,EAAG,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,OAAA,EAAS,EAAC,EAAE;AACtE,EAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,4BAAA,EAA6B;AAC3D;AAEA,SAAS,kBAAkB,KAAA,EAAwC;AACjE,EAAA,IAAI,KAAA,KAAU,QAAQ,OAAO,KAAA,KAAU,YAAY,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG,OAAO,KAAA;AAChF,EAAA,MAAM,GAAA,GAAM,KAAA;AACZ,EAAA,OAAO,OAAO,GAAA,CAAI,OAAA,KAAY,QAAA,IAAY,OAAO,IAAI,IAAA,KAAS,QAAA;AAChE;AAQA,SAAS,gBAAgB,KAAA,EAAiD;AACxE,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,iBAAA,CAAkB,KAAK,CAAA;AAC7D;AAWA,SAAS,gBAAgB,KAAA,EAA0C;AACjE,EAAA,IAAI,KAAA,KAAU,QAAQ,OAAO,KAAA,KAAU,YAAY,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG,OAAO,KAAA;AAGhF,EAAA,MAAM,MAAA,GAAS,KAAA;AACf,EAAA,KAAA,MAAW,CAAA,IAAK,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA,EAAG;AACnC,IAAA,MAAM,CAAA,GAAI,OAAO,CAAC,CAAA;AAClB,IAAA,IAAI,eAAA,CAAgB,CAAC,CAAA,EAAG;AACxB,IAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,CAAC,CAAA,IAAK,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU,eAAA,CAAgB,KAAK,CAAC,CAAA,EAAG;AACpE,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAA;AACT;;;;"}