cedar-mcp-server 1.0.0

package/dist/tools/diff-schema.d.ts

@@ -0,0 +1,103 @@
+export interface DiffSchemaInput {
+    blue: string;
+    green: string;
+}
+type Risk = "safe" | "review" | "breaking";
+export interface AttributeChange {
+    attr: string;
+    change: "added" | "removed" | "type_changed" | "optional_to_required" | "required_to_optional";
+    old_type?: string;
+    new_type?: string;
+    risk: Risk;
+    reason: string;
+}
+export interface EntityTypeModification {
+    namespace: string;
+    name: string;
+    member_of_changes?: {
+        added: string[];
+        removed: string[];
+        risk: Risk;
+        reason: string;
+    };
+    attribute_changes?: AttributeChange[];
+}
+export interface ContextChange {
+    attr: string;
+    change: "added" | "removed" | "type_changed";
+    old_type?: string;
+    new_type?: string;
+    risk: Risk;
+    reason: string;
+}
+export interface ActionModification {
+    namespace: string;
+    name: string;
+    principal_types?: {
+        added: string[];
+        removed: string[];
+        risk: Risk;
+        reason: string;
+    };
+    resource_types?: {
+        added: string[];
+        removed: string[];
+        risk: Risk;
+        reason: string;
+    };
+    context_changes?: ContextChange[];
+}
+export interface SchemaDiff {
+    namespaces_added: string[];
+    namespaces_removed: string[];
+    entity_types: {
+        added: Array<{
+            namespace: string;
+            name: string;
+        }>;
+        removed: Array<{
+            namespace: string;
+            name: string;
+            risk: Risk;
+            reason: string;
+        }>;
+        modified: EntityTypeModification[];
+    };
+    actions: {
+        added: Array<{
+            namespace: string;
+            name: string;
+        }>;
+        removed: Array<{
+            namespace: string;
+            name: string;
+            risk: Risk;
+            reason: string;
+        }>;
+        modified: ActionModification[];
+    };
+    common_types: {
+        added: Array<{
+            namespace: string;
+            name: string;
+        }>;
+        removed: Array<{
+            namespace: string;
+            name: string;
+            risk: Risk;
+            reason: string;
+        }>;
+        modified: Array<{
+            namespace: string;
+            name: string;
+            risk: Risk;
+            reason: string;
+        }>;
+    };
+    summary: string;
+    risk_level: Risk;
+    error?: string;
+}
+export declare function handleDiffSchema(input: DiffSchemaInput): Promise<SchemaDiff>;
+export {};
+//# sourceMappingURL=diff-schema.d.ts.map

package/dist/tools/diff-schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-schema.d.ts","sourceRoot":"","sources":["../../src/tools/diff-schema.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED,KAAK,IAAI,GAAG,MAAM,GAAG,QAAQ,GAAG,UAAU,CAAC;AAE3C,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,OAAO,GAAG,SAAS,GAAG,cAAc,GAAG,sBAAsB,GAAG,sBAAsB,CAAC;IAC/F,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,IAAI,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,iBAAiB,CAAC,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,IAAI,EAAE,IAAI,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IACvF,iBAAiB,CAAC,EAAE,eAAe,EAAE,CAAC;CACvC;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,OAAO,GAAG,SAAS,GAAG,cAAc,CAAC;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,IAAI,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,IAAI,EAAE,IAAI,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IACrF,cAAc,CAAC,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,IAAI,EAAE,IAAI,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IACpF,eAAe,CAAC,EAAE,aAAa,EAAE,CAAC;CACnC;AAED,MAAM,WAAW,UAAU;IACzB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,YAAY,EAAE;QACZ,KAAK,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClD,OAAO,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,IAAI,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAChF,QAAQ,EAAE,sBAAsB,EAAE,CAAC;KACpC,CAAC;IACF,OAAO,EAAE;QACP,KAAK,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClD,OAAO,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,IAAI,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAChF,QAAQ,EAAE,kBAAkB,EAAE,CAAC;KAChC,CAAC;IACF,YAAY,EAAE;QACZ,KAAK,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClD,OAAO,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,IAAI,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAChF,QAAQ,EAAE,KAAK,CAAC;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,IAAI,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KAClF,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,IAAI,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAoYD,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CA4ClF"}

package/dist/tools/diff-schema.js

@@ -0,0 +1,379 @@
+import { schemaToText, schemaToJsonWithResolvedTypes } from "@cedar-policy/cedar-wasm/nodejs";
+function stripCedarPrefix(value) {
+    if (typeof value === "string")
+        return value.replace(/^__cedar::/, "");
+    if (Array.isArray(value))
+        return value.map(stripCedarPrefix);
+    if (value && typeof value === "object") {
+        const out = {};
+        for (const [k, v] of Object.entries(value)) {
+            out[k] = k === "type" && typeof v === "string" ? v.replace(/^__cedar::/, "") : stripCedarPrefix(v);
+        }
+        return out;
+    }
+    return value;
+}
+function normalizeToCanonical(schemaStr) {
+    let asText;
+    // 1. Detect JSON vs cedarschema text
+    let parsedJson = null;
+    try {
+        parsedJson = JSON.parse(schemaStr);
+    }
+    catch {
+        parsedJson = null;
+    }
+    if (parsedJson !== null && typeof parsedJson === "object" && !Array.isArray(parsedJson)) {
+        const textAns = schemaToText(parsedJson);
+        if (textAns.type !== "success") {
+            throw new Error("Failed to convert JSON schema to text form: " + (textAns.errors?.[0]?.message ?? "unknown error"));
+        }
+        asText = textAns.text;
+    }
+    else {
+        asText = schemaStr;
+    }
+    // 2. Always normalize via schemaToJsonWithResolvedTypes (text input only — per spike findings)
+    const ans = schemaToJsonWithResolvedTypes(asText);
+    if (ans.type !== "success") {
+        throw new Error("Failed to parse schema: " + (ans.errors?.[0]?.message ?? "unknown error"));
+    }
+    return stripCedarPrefix(ans.json);
+}
+function attrType(attr) {
+    if (!attr)
+        return "unknown";
+    return attr.type;
+}
+function attrRequired(attr) {
+    return attr.required !== false;
+}
+function setDiff(blue, green) {
+    const blueSet = new Set(blue);
+    const greenSet = new Set(green);
+    return {
+        added: green.filter((x) => !blueSet.has(x)),
+        removed: blue.filter((x) => !greenSet.has(x)),
+    };
+}
+function diffAttributes(blueAttrs, greenAttrs, contextLabel) {
+    const b = blueAttrs ?? {};
+    const g = greenAttrs ?? {};
+    const changes = [];
+    for (const [name, gAttr] of Object.entries(g)) {
+        if (!(name in b)) {
+            const required = attrRequired(gAttr);
+            changes.push({
+                attr: name,
+                change: "added",
+                new_type: attrType(gAttr),
+                risk: required ? "breaking" : "safe",
+                reason: required
+                    ? `Required ${contextLabel} added: existing entities/requests without this field will fail validation.`
+                    : `Optional ${contextLabel} added: existing policies do not reference it; safe to deploy.`,
+            });
+        }
+    }
+    for (const [name, bAttr] of Object.entries(b)) {
+        if (!(name in g)) {
+            changes.push({
+                attr: name,
+                change: "removed",
+                old_type: attrType(bAttr),
+                risk: "breaking",
+                reason: `${contextLabel[0].toUpperCase() + contextLabel.slice(1)} removed: policies referencing it will fail validation.`,
+            });
+            continue;
+        }
+        const gAttr = g[name];
+        if (attrType(bAttr) !== attrType(gAttr)) {
+            changes.push({
+                attr: name,
+                change: "type_changed",
+                old_type: attrType(bAttr),
+                new_type: attrType(gAttr),
+                risk: "breaking",
+                reason: `Type changed (${attrType(bAttr)} → ${attrType(gAttr)}): policies expecting the old type will fail evaluation.`,
+            });
+            continue;
+        }
+        const bReq = attrRequired(bAttr);
+        const gReq = attrRequired(gAttr);
+        if (bReq !== gReq) {
+            changes.push({
+                attr: name,
+                change: bReq ? "required_to_optional" : "optional_to_required",
+                risk: bReq ? "safe" : "breaking",
+                reason: bReq
+                    ? "Attribute changed from required to optional; all existing entities still satisfy the constraint."
+                    : "Attribute changed from optional to required; existing entities without this field will fail validation.",
+            });
+        }
+    }
+    return changes;
+}
+function diffEntityTypes(blue, green, diff, removedNamespaces, addedNamespaces) {
+    const allNamespaces = new Set([...Object.keys(blue), ...Object.keys(green)]);
+    for (const ns of allNamespaces) {
+        const bEnts = blue[ns]?.entityTypes ?? {};
+        const gEnts = green[ns]?.entityTypes ?? {};
+        for (const [name, gEnt] of Object.entries(gEnts)) {
+            if (!(name in bEnts)) {
+                diff.entity_types.added.push({ namespace: ns, name });
+            }
+            else {
+                const bEnt = bEnts[name];
+                const mod = { namespace: ns, name };
+                const bMember = bEnt.memberOfTypes ?? [];
+                const gMember = gEnt.memberOfTypes ?? [];
+                const memberD = setDiff(bMember, gMember);
+                if (memberD.added.length > 0 || memberD.removed.length > 0) {
+                    const breaking = memberD.removed.length > 0;
+                    mod.member_of_changes = {
+                        added: memberD.added,
+                        removed: memberD.removed,
+                        risk: breaking ? "breaking" : "review",
+                        reason: breaking
+                            ? "Parent types removed: policies using `in` against removed parents will fail validation."
+                            : "Parent types added: hierarchy widened; policies using `in` may match more entities than before.",
+                    };
+                }
+                const attrChanges = diffAttributes(bEnt.shape?.attributes, gEnt.shape?.attributes, "attribute");
+                if (attrChanges.length > 0)
+                    mod.attribute_changes = attrChanges;
+                if (mod.member_of_changes || mod.attribute_changes) {
+                    diff.entity_types.modified.push(mod);
+                }
+            }
+        }
+        for (const [name, bEnt] of Object.entries(bEnts)) {
+            if (!(name in gEnts)) {
+                diff.entity_types.removed.push({
+                    namespace: ns,
+                    name,
+                    risk: "breaking",
+                    reason: removedNamespaces.has(ns)
+                        ? `Namespace ${ns} removed; entity type removed transitively. Policies referencing it will fail.`
+                        : "Entity type removed: policies referencing it will fail validation; runtime requests for it will fail.",
+                });
+                void bEnt;
+            }
+        }
+        void addedNamespaces;
+    }
+}
+function diffActions(blue, green, diff) {
+    const allNamespaces = new Set([...Object.keys(blue), ...Object.keys(green)]);
+    for (const ns of allNamespaces) {
+        const bActs = blue[ns]?.actions ?? {};
+        const gActs = green[ns]?.actions ?? {};
+        for (const [name, gAct] of Object.entries(gActs)) {
+            if (!(name in bActs)) {
+                diff.actions.added.push({ namespace: ns, name });
+            }
+            else {
+                const bAct = bActs[name];
+                const mod = { namespace: ns, name };
+                const bPrin = bAct.appliesTo?.principalTypes ?? [];
+                const gPrin = gAct.appliesTo?.principalTypes ?? [];
+                const prinD = setDiff(bPrin, gPrin);
+                if (prinD.added.length > 0 || prinD.removed.length > 0) {
+                    const breaking = prinD.removed.length > 0;
+                    mod.principal_types = {
+                        added: prinD.added,
+                        removed: prinD.removed,
+                        risk: breaking ? "breaking" : "review",
+                        reason: breaking
+                            ? "Principal types narrowed: existing policies for the removed type will fail validation."
+                            : "Principal types widened: action applies to more principal types; policy effect may change.",
+                    };
+                }
+                const bRes = bAct.appliesTo?.resourceTypes ?? [];
+                const gRes = gAct.appliesTo?.resourceTypes ?? [];
+                const resD = setDiff(bRes, gRes);
+                if (resD.added.length > 0 || resD.removed.length > 0) {
+                    const breaking = resD.removed.length > 0;
+                    mod.resource_types = {
+                        added: resD.added,
+                        removed: resD.removed,
+                        risk: breaking ? "breaking" : "review",
+                        reason: breaking
+                            ? "Resource types narrowed: existing policies for the removed type will fail validation."
+                            : "Resource types widened: action applies to more resource types; policy effect may change.",
+                    };
+                }
+                const ctxChanges = diffAttributes(bAct.appliesTo?.context?.attributes, gAct.appliesTo?.context?.attributes, "context attribute");
+                if (ctxChanges.length > 0) {
+                    mod.context_changes = ctxChanges.map((c) => ({
+                        attr: c.attr,
+                        change: c.change,
+                        ...(c.old_type !== undefined ? { old_type: c.old_type } : {}),
+                        ...(c.new_type !== undefined ? { new_type: c.new_type } : {}),
+                        risk: c.risk,
+                        reason: c.reason,
+                    }));
+                }
+                if (mod.principal_types || mod.resource_types || mod.context_changes) {
+                    diff.actions.modified.push(mod);
+                }
+            }
+        }
+        for (const name of Object.keys(bActs)) {
+            if (!(name in gActs)) {
+                diff.actions.removed.push({
+                    namespace: ns,
+                    name,
+                    risk: "breaking",
+                    reason: "Action removed: policies referencing it become invalid; runtime requests for it will fail.",
+                });
+            }
+        }
+    }
+}
+function diffCommonTypes(blue, green, diff) {
+    const allNamespaces = new Set([...Object.keys(blue), ...Object.keys(green)]);
+    for (const ns of allNamespaces) {
+        const bCt = blue[ns]?.commonTypes ?? {};
+        const gCt = green[ns]?.commonTypes ?? {};
+        for (const name of Object.keys(gCt)) {
+            if (!(name in bCt))
+                diff.common_types.added.push({ namespace: ns, name });
+        }
+        for (const name of Object.keys(bCt)) {
+            if (!(name in gCt)) {
+                diff.common_types.removed.push({
+                    namespace: ns,
+                    name,
+                    risk: "review",
+                    reason: "Common type removed: any entity or action referencing it will cause policies to fail validation.",
+                });
+            }
+            else if (JSON.stringify(bCt[name]) !== JSON.stringify(gCt[name])) {
+                diff.common_types.modified.push({
+                    namespace: ns,
+                    name,
+                    risk: "review",
+                    reason: "Common type definition changed: review every entity/action that references it.",
+                });
+            }
+        }
+    }
+}
+function computeRiskLevel(diff) {
+    const allRisks = [];
+    diff.entity_types.removed.forEach((e) => allRisks.push(e.risk));
+    diff.entity_types.modified.forEach((m) => {
+        if (m.member_of_changes)
+            allRisks.push(m.member_of_changes.risk);
+        m.attribute_changes?.forEach((c) => allRisks.push(c.risk));
+    });
+    diff.actions.removed.forEach((a) => allRisks.push(a.risk));
+    diff.actions.modified.forEach((m) => {
+        if (m.principal_types)
+            allRisks.push(m.principal_types.risk);
+        if (m.resource_types)
+            allRisks.push(m.resource_types.risk);
+        m.context_changes?.forEach((c) => allRisks.push(c.risk));
+    });
+    diff.common_types.removed.forEach((c) => allRisks.push(c.risk));
+    diff.common_types.modified.forEach((c) => allRisks.push(c.risk));
+    if (allRisks.includes("breaking"))
+        return "breaking";
+    if (allRisks.includes("review"))
+        return "review";
+    return "safe";
+}
+function computeSummary(diff) {
+    const parts = [];
+    const breakingCount = diff.entity_types.removed.length +
+        diff.actions.removed.length +
+        diff.entity_types.modified.reduce((acc, m) => {
+            const memberBreaking = m.member_of_changes?.risk === "breaking" ? 1 : 0;
+            const attrsBreaking = (m.attribute_changes ?? []).filter((c) => c.risk === "breaking").length;
+            return acc + memberBreaking + attrsBreaking;
+        }, 0) +
+        diff.actions.modified.reduce((acc, m) => {
+            const pBreak = m.principal_types?.risk === "breaking" ? 1 : 0;
+            const rBreak = m.resource_types?.risk === "breaking" ? 1 : 0;
+            const cBreak = (m.context_changes ?? []).filter((c) => c.risk === "breaking").length;
+            return acc + pBreak + rBreak + cBreak;
+        }, 0);
+    if (diff.namespaces_added.length)
+        parts.push(`${diff.namespaces_added.length} namespace(s) added`);
+    if (diff.namespaces_removed.length)
+        parts.push(`${diff.namespaces_removed.length} namespace(s) removed`);
+    if (diff.entity_types.added.length)
+        parts.push(`${diff.entity_types.added.length} entity type(s) added`);
+    if (diff.entity_types.removed.length)
+        parts.push(`${diff.entity_types.removed.length} entity type(s) removed`);
+    if (diff.entity_types.modified.length)
+        parts.push(`${diff.entity_types.modified.length} entity type(s) modified`);
+    if (diff.actions.added.length)
+        parts.push(`${diff.actions.added.length} action(s) added`);
+    if (diff.actions.removed.length)
+        parts.push(`${diff.actions.removed.length} action(s) removed`);
+    if (diff.actions.modified.length)
+        parts.push(`${diff.actions.modified.length} action(s) modified`);
+    if (diff.common_types.added.length)
+        parts.push(`${diff.common_types.added.length} common type(s) added`);
+    if (diff.common_types.removed.length)
+        parts.push(`${diff.common_types.removed.length} common type(s) removed`);
+    if (diff.common_types.modified.length)
+        parts.push(`${diff.common_types.modified.length} common type(s) modified`);
+    if (parts.length === 0)
+        return "No schema changes detected.";
+    const breaking = breakingCount > 0 ? ` (${breakingCount} BREAKING)` : "";
+    return `Schema diff: ${parts.join(", ")}${breaking}.`;
+}
+export async function handleDiffSchema(input) {
+    let blueJson;
+    let greenJson;
+    try {
+        blueJson = normalizeToCanonical(input.blue);
+    }
+    catch (e) {
+        return errorResult(`blue schema: ${e instanceof Error ? e.message : String(e)}`);
+    }
+    try {
+        greenJson = normalizeToCanonical(input.green);
+    }
+    catch (e) {
+        return errorResult(`green schema: ${e instanceof Error ? e.message : String(e)}`);
+    }
+    const diff = {
+        namespaces_added: [],
+        namespaces_removed: [],
+        entity_types: { added: [], removed: [], modified: [] },
+        actions: { added: [], removed: [], modified: [] },
+        common_types: { added: [], removed: [], modified: [] },
+        summary: "",
+        risk_level: "safe",
+    };
+    const blueNs = new Set(Object.keys(blueJson));
+    const greenNs = new Set(Object.keys(greenJson));
+    for (const ns of greenNs)
+        if (!blueNs.has(ns))
+            diff.namespaces_added.push(ns);
+    for (const ns of blueNs)
+        if (!greenNs.has(ns))
+            diff.namespaces_removed.push(ns);
+    diffEntityTypes(blueJson, greenJson, diff, new Set(diff.namespaces_removed), new Set(diff.namespaces_added));
+    diffActions(blueJson, greenJson, diff);
+    diffCommonTypes(blueJson, greenJson, diff);
+    diff.summary = computeSummary(diff);
+    diff.risk_level = computeRiskLevel(diff);
+    return diff;
+}
+function errorResult(error) {
+    return {
+        namespaces_added: [],
+        namespaces_removed: [],
+        entity_types: { added: [], removed: [], modified: [] },
+        actions: { added: [], removed: [], modified: [] },
+        common_types: { added: [], removed: [], modified: [] },
+        summary: "",
+        risk_level: "safe",
+        error,
+    };
+}
+//# sourceMappingURL=diff-schema.js.map

package/dist/tools/diff-schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-schema.js","sourceRoot":"","sources":["../../src/tools/diff-schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,6BAA6B,EAAE,MAAM,iCAAiC,CAAC;AA4F9F,SAAS,gBAAgB,CAAC,KAAc;IACtC,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IACtE,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC7D,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,GAAG,GAA4B,EAAE,CAAC;QACxC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC,EAAE,CAAC;YACtE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,MAAM,IAAI,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;QACrG,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,SAAiB;IAC7C,IAAI,MAAc,CAAC;IAEnB,qCAAqC;IACrC,IAAI,UAAU,GAAY,IAAI,CAAC;IAC/B,IAAI,CAAC;QACH,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,UAAU,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,IAAI,UAAU,KAAK,IAAI,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QACxF,MAAM,OAAO,GAAG,YAAY,CAAC,UAAoB,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,eAAe,CAAC,CAAC,CAAC;QACtH,CAAC;QACD,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IACxB,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,SAAS,CAAC;IACrB,CAAC;IAED,+FAA+F;IAC/F,MAAM,GAAG,GAAG,6BAA6B,CAAC,MAAM,CAAC,CAAC;IAClD,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,eAAe,CAAC,CAAC,CAAC;IAC9F,CAAC;IAED,OAAO,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAoB,CAAC;AACvD,CAAC;AAED,SAAS,QAAQ,CAAC,IAA+B;IAC/C,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAC5B,OAAO,IAAI,CAAC,IAAI,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,IAAmB;IACvC,OAAO,IAAI,CAAC,QAAQ,KAAK,KAAK,CAAC;AACjC,CAAC;AAED,SAAS,OAAO,CAAI,IAAS,EAAE,KAAU;IACvC,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAChC,OAAO;QACL,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC3C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CACrB,SAAoD,EACpD,UAAqD,EACrD,YAA+C;IAE/C,MAAM,CAAC,GAAG,SAAS,IAAI,EAAE,CAAC;IAC1B,MAAM,CAAC,GAAG,UAAU,IAAI,EAAE,CAAC;IAC3B,MAAM,OAAO,GAAsB,EAAE,CAAC;IAEtC,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9C,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC;YACjB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC;gBACzB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;gBACpC,MAAM,EAAE,QAAQ;oBACd,CAAC,CAAC,YAAY,YAAY,6EAA6E;oBACvG,CAAC,CAAC,YAAY,YAAY,gEAAgE;aAC7F,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9C,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC;YACjB,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,SAAS;gBACjB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC;gBACzB,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,yDAAyD;aAC1H,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;QACtB,IAAI,QAAQ,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,cAAc;gBACtB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC;gBACzB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC;gBACzB,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,iBAAiB,QAAQ,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,KAAK,CAAC,0DAA0D;aACxH,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,MAAM,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACjC,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YAClB,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,sBAAsB;gBAC9D,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU;gBAChC,MAAM,EAAE,IAAI;oBACV,CAAC,CAAC,kGAAkG;oBACpG,CAAC,CAAC,yGAAyG;aAC9G,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,eAAe,CACtB,IAAqB,EACrB,KAAsB,EACtB,IAAgB,EAChB,iBAA8B,EAC9B,eAA4B;IAE5B,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7E,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,EAAE,WAAW,IAAI,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE,WAAW,IAAI,EAAE,CAAC;QAE3C,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrB,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;YACxD,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;gBACzB,MAAM,GAAG,GAA2B,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;gBAE5D,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;gBACzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;gBACzC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBAC1C,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC3D,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;oBAC5C,GAAG,CAAC,iBAAiB,GAAG;wBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;wBACpB,OAAO,EAAE,OAAO,CAAC,OAAO;wBACxB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ;wBACtC,MAAM,EAAE,QAAQ;4BACd,CAAC,CAAC,yFAAyF;4BAC3F,CAAC,CAAC,iGAAiG;qBACtG,CAAC;gBACJ,CAAC;gBAED,MAAM,WAAW,GAAG,cAAc,CAChC,IAAI,CAAC,KAAK,EAAE,UAAU,EACtB,IAAI,CAAC,KAAK,EAAE,UAAU,EACtB,WAAW,CACZ,CAAC;gBACF,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC;oBAAE,GAAG,CAAC,iBAAiB,GAAG,WAAW,CAAC;gBAEhE,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;oBACnD,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACvC,CAAC;YACH,CAAC;QACH,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrB,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC;oBAC7B,SAAS,EAAE,EAAE;oBACb,IAAI;oBACJ,IAAI,EAAE,UAAU;oBAChB,MAAM,EAAE,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC;wBAC/B,CAAC,CAAC,aAAa,EAAE,gFAAgF;wBACjG,CAAC,CAAC,uGAAuG;iBAC5G,CAAC,CAAC;gBACH,KAAK,IAAI,CAAC;YACZ,CAAC;QACH,CAAC;QACD,KAAK,eAAe,CAAC;IACvB,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAClB,IAAqB,EACrB,KAAsB,EACtB,IAAgB;IAEhB,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7E,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,EAAE,OAAO,IAAI,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE,OAAO,IAAI,EAAE,CAAC;QAEvC,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;YACnD,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;gBACzB,MAAM,GAAG,GAAuB,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;gBAExD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,EAAE,cAAc,IAAI,EAAE,CAAC;gBACnD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,EAAE,cAAc,IAAI,EAAE,CAAC;gBACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;gBACpC,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACvD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;oBAC1C,GAAG,CAAC,eAAe,GAAG;wBACpB,KAAK,EAAE,KAAK,CAAC,KAAK;wBAClB,OAAO,EAAE,KAAK,CAAC,OAAO;wBACtB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ;wBACtC,MAAM,EAAE,QAAQ;4BACd,CAAC,CAAC,wFAAwF;4BAC1F,CAAC,CAAC,4FAA4F;qBACjG,CAAC;gBACJ,CAAC;gBAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,IAAI,EAAE,CAAC;gBACjD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,IAAI,EAAE,CAAC;gBACjD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACjC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;oBACzC,GAAG,CAAC,cAAc,GAAG;wBACnB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ;wBACtC,MAAM,EAAE,QAAQ;4BACd,CAAC,CAAC,uFAAuF;4BACzF,CAAC,CAAC,0FAA0F;qBAC/F,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,cAAc,CAC/B,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,UAAU,EACnC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,UAAU,EACnC,mBAAmB,CACpB,CAAC;gBACF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC1B,GAAG,CAAC,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;wBAC3C,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,MAAM,EAAE,CAAC,CAAC,MAAiC;wBAC3C,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBAC7D,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBAC7D,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,MAAM,EAAE,CAAC,CAAC,MAAM;qBACjB,CAAC,CAAC,CAAC;gBACN,CAAC;gBAED,IAAI,GAAG,CAAC,eAAe,IAAI,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,eAAe,EAAE,CAAC;oBACrE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACtC,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;oBACxB,SAAS,EAAE,EAAE;oBACb,IAAI;oBACJ,IAAI,EAAE,UAAU;oBAChB,MAAM,EAAE,4FAA4F;iBACrG,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CACtB,IAAqB,EACrB,KAAsB,EACtB,IAAgB;IAEhB,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7E,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE,CAAC,EAAE,WAAW,IAAI,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE,WAAW,IAAI,EAAE,CAAC;QAEzC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACpC,IAAI,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC;gBAAE,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5E,CAAC;QACD,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACpC,IAAI,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;gBACnB,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC;oBAC7B,SAAS,EAAE,EAAE;oBACb,IAAI;oBACJ,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,kGAAkG;iBAC3G,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gBACnE,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAC9B,SAAS,EAAE,EAAE;oBACb,IAAI;oBACJ,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,gFAAgF;iBACzF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAgB;IACxC,MAAM,QAAQ,GAAW,EAAE,CAAC;IAC5B,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAChE,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACvC,IAAI,CAAC,CAAC,iBAAiB;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACjE,CAAC,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IACH,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3D,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,eAAe;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QAC7D,IAAI,CAAC,CAAC,cAAc;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAC3D,CAAC,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IACH,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAChE,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAEjE,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,UAAU,CAAC;IACrD,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IACjD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,cAAc,CAAC,IAAgB;IACtC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,aAAa,GACjB,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM;QAChC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM;QAC3B,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;YAC3C,MAAM,cAAc,GAAG,CAAC,CAAC,iBAAiB,EAAE,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACxE,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;YAC9F,OAAO,GAAG,GAAG,cAAc,GAAG,aAAa,CAAC;QAC9C,CAAC,EAAE,CAAC,CAAC;QACL,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,CAAC,CAAC,eAAe,EAAE,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,MAAM,MAAM,GAAG,CAAC,CAAC,cAAc,EAAE,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,CAAC,CAAC,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;YACrF,OAAO,GAAG,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;QACxC,CAAC,EAAE,CAAC,CAAC,CAAC;IAER,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,qBAAqB,CAAC,CAAC;IACnG,IAAI,IAAI,CAAC,kBAAkB,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,uBAAuB,CAAC,CAAC;IACzG,IAAI,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,MAAM,uBAAuB,CAAC,CAAC;IACzG,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,yBAAyB,CAAC,CAAC;IAC/G,IAAI,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,0BAA0B,CAAC,CAAC;IAClH,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,kBAAkB,CAAC,CAAC;IAC1F,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,oBAAoB,CAAC,CAAC;IAChG,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,qBAAqB,CAAC,CAAC;IACnG,IAAI,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,MAAM,uBAAuB,CAAC,CAAC;IACzG,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,yBAAyB,CAAC,CAAC;IAC/G,IAAI,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,0BAA0B,CAAC,CAAC;IAElH,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,6BAA6B,CAAC;IAE7D,MAAM,QAAQ,GAAG,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,aAAa,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;IACzE,OAAO,gBAAgB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,QAAQ,GAAG,CAAC;AACxD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAsB;IAC3D,IAAI,QAAyB,CAAC;IAC9B,IAAI,SAA0B,CAAC;IAE/B,IAAI,CAAC;QACH,QAAQ,GAAG,oBAAoB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,WAAW,CAAC,gBAAgB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,CAAC;QACH,SAAS,GAAG,oBAAoB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,WAAW,CAAC,iBAAiB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,IAAI,GAAe;QACvB,gBAAgB,EAAE,EAAE;QACpB,kBAAkB,EAAE,EAAE;QACtB,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACtD,OAAO,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACjD,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACtD,OAAO,EAAE,EAAE;QACX,UAAU,EAAE,MAAM;KACnB,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IAChD,KAAK,MAAM,EAAE,IAAI,OAAO;QAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9E,KAAK,MAAM,EAAE,IAAI,MAAM;QAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEhF,eAAe,CACb,QAAQ,EACR,SAAS,EACT,IAAI,EACJ,IAAI,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,EAChC,IAAI,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAC/B,CAAC;IACF,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IACvC,eAAe,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAE3C,IAAI,CAAC,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACpC,IAAI,CAAC,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAEzC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO;QACL,gBAAgB,EAAE,EAAE;QACpB,kBAAkB,EAAE,EAAE;QACtB,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACtD,OAAO,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACjD,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACtD,OAAO,EAAE,EAAE;QACX,UAAU,EAAE,MAAM;QAClB,KAAK;KACN,CAAC;AACJ,CAAC"}

package/dist/tools/diff-stores.d.ts

@@ -0,0 +1,45 @@
+import type { StoreManager } from "../resources/store-manager.js";
+import { type SchemaDiff } from "./diff-schema.js";
+export interface DiffStoresInput {
+    blue: string;
+    green: string;
+    behavioral_test_requests?: string;
+}
+export interface PolicyChangeInfo {
+    policy_id: string;
+    can_update_in_place: boolean;
+    changes: Array<{
+        field: string;
+        in_place_allowed: boolean;
+        reason: string;
+    }>;
+    recommendation: string;
+}
+export interface BehavioralDriftEntry {
+    principal: string;
+    action: string;
+    resource: string;
+    blue_decision: "Allow" | "Deny" | "Error";
+    green_decision: "Allow" | "Deny" | "Error";
+    drifted: boolean;
+    error?: string;
+}
+export interface DiffStoresResult {
+    blue: string;
+    green: string;
+    policies_added: Array<{
+        policy_id: string;
+        content: string;
+    }>;
+    policies_removed: Array<{
+        policy_id: string;
+        content: string;
+    }>;
+    policies_modified: PolicyChangeInfo[];
+    schema_diff: SchemaDiff;
+    behavioral_diff?: BehavioralDriftEntry[];
+    summary: string;
+    error?: string;
+}
+export declare function handleDiffStores(input: DiffStoresInput, manager: StoreManager): Promise<DiffStoresResult>;
+//# sourceMappingURL=diff-stores.d.ts.map

package/dist/tools/diff-stores.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-stores.d.ts","sourceRoot":"","sources":["../../src/tools/diff-stores.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAElE,OAAO,EAAoB,KAAK,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAIrE,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,wBAAwB,CAAC,EAAE,MAAM,CAAC;CACnC;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,OAAO,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,gBAAgB,EAAE,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC7E,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;IAC1C,cAAc,EAAE,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;IAC3C,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC9D,gBAAgB,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAChE,iBAAiB,EAAE,gBAAgB,EAAE,CAAC;IACtC,WAAW,EAAE,UAAU,CAAC;IACxB,eAAe,CAAC,EAAE,oBAAoB,EAAE,CAAC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,eAAe,EACtB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,gBAAgB,CAAC,CAiI3B"}