chief-helm 0.1.1

package/dist/core/git.js

@@ -0,0 +1,188 @@
+/**
+ * @file Git operations for HELM.
+ *
+ * All git interactions are routed through this module. Every function
+ * operates on the personal instance repo at the path provided by the
+ * caller (obtained from repoPath() in core/repo.ts).
+ *
+ * Git discipline enforced by this module:
+ *   - pullLatest() must be called before any flow run.
+ *   - commitAndPush() must be called after any successful flow run.
+ *   - Merge conflicts abort all operations with explicit manual steps.
+ *   - git add is always called with an explicit file list — never -A.
+ *
+ * Push failures after a completed run are non-fatal: they surface as a
+ * warning with the manual push command so the user can recover without
+ * re-running the flow.
+ */
+import { simpleGit } from "simple-git";
+import chalk from "chalk";
+import { HelmError } from "../utils/errors.js";
+// ─── Internal Helpers ─────────────────────────────────────────────────────────
+/**
+ * Returns a configured SimpleGit instance scoped to the given repo root.
+ * Throws HelmError if the directory does not exist or is not a git repo.
+ *
+ * @param repoRoot - Absolute path to the git repository root.
+ */
+function getGit(repoRoot) {
+    return simpleGit(repoRoot);
+}
+/**
+ * Returns true if the status result indicates a merge conflict is in
+ * progress (files in BOTH_MODIFIED, BOTH_ADDED, etc. states).
+ */
+function hasConflicts(status) {
+    return status.conflicted.length > 0;
+}
+// ─── Public API ───────────────────────────────────────────────────────────────
+/**
+ * Pulls the latest changes from the remote origin for the current branch.
+ *
+ * Fails fast if:
+ *   - The pull results in a merge conflict.
+ *   - The git command itself fails (no remote, auth error, etc.).
+ *
+ * This must be called before any flow run begins to ensure the agent
+ * instructions and config are up to date.
+ *
+ * @param repoRoot - Absolute path to the instance repo.
+ * @throws {HelmError} On merge conflict or pull failure.
+ */
+export async function pullLatest(repoRoot) {
+    const git = getGit(repoRoot);
+    try {
+        await git.pull();
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        throw new HelmError(`git pull failed: ${detail}`, [
+            "Resolve manually:",
+            "  1. cd " + repoRoot,
+            "  2. git status",
+            "  3. Resolve any conflicts, then: git add . && git commit",
+            "  4. Re-run your helm command.",
+        ].join("\n  "));
+    }
+    const status = await getGit(repoRoot).status();
+    if (hasConflicts(status)) {
+        throw new HelmError("git pull introduced merge conflicts — cannot continue.", [
+            "Resolve manually:",
+            "  1. cd " + repoRoot,
+            "  2. git status  (lists conflicted files)",
+            "  3. Edit each conflicted file, then: git add <file>",
+            "  4. git commit",
+            "  5. Re-run your helm command.",
+        ].join("\n  "));
+    }
+}
+/**
+ * Returns the current working tree status of the repo.
+ *
+ * @param repoRoot - Absolute path to the instance repo.
+ * @throws {HelmError} If git status cannot be read.
+ */
+export async function getRepoStatus(repoRoot) {
+    const git = getGit(repoRoot);
+    try {
+        const status = await git.status();
+        const fileCount = status.modified.length +
+            status.not_added.length +
+            status.created.length +
+            status.deleted.length +
+            status.renamed.length;
+        return { clean: status.isClean(), fileCount };
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        throw new HelmError(`Could not read git status: ${detail}`, `Ensure ${repoRoot} is a valid git repository.`);
+    }
+}
+/**
+ * Stages an explicit list of files, commits with the given message,
+ * and pushes to origin.
+ *
+ * If the push fails the commit is preserved locally and the function
+ * prints a recoverable warning rather than throwing. This matches the
+ * PRD behaviour: a completed run's outputs are never discarded due to
+ * a push failure.
+ *
+ * @param repoRoot    - Absolute path to the instance repo.
+ * @param files       - Explicit list of repo-relative paths to stage.
+ * @param message     - Commit message (caller applies [tag] prefix convention).
+ * @returns True if the push succeeded; false if it failed (warning printed).
+ * @throws {HelmError} If the commit itself fails.
+ */
+export async function commitAndPush(repoRoot, files, message) {
+    const git = getGit(repoRoot);
+    try {
+        await git.add(files);
+        await git.commit(message);
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        throw new HelmError(`git commit failed: ${detail}`, `Check git status in ${repoRoot} and resolve any issues, then push manually.`);
+    }
+    try {
+        await git.push();
+        return true;
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        console.warn(chalk.yellow(`\n  ⚠  git push failed: ${detail}\n  → Push manually: cd ${repoRoot} && git push`));
+        return false;
+    }
+}
+/**
+ * Stages all tracked modified files and pushes with a given commit message.
+ * Unlike commitAndPush(), this uses `git add -u` (tracked files only) rather
+ * than an explicit file list. Intended for helm push where the user is
+ * explicitly choosing to push whatever is dirty.
+ *
+ * @param repoRoot - Absolute path to the instance repo.
+ * @param message  - Commit message.
+ * @returns True if push succeeded.
+ * @throws {HelmError} If there is nothing to commit or commit fails.
+ */
+export async function addAllAndPush(repoRoot, message) {
+    const git = getGit(repoRoot);
+    const status = await git.status();
+    const isDirty = status.modified.length > 0 ||
+        status.not_added.length > 0 ||
+        status.created.length > 0 ||
+        status.deleted.length > 0;
+    if (!isDirty) {
+        throw new HelmError("Nothing to commit — the repo is already clean.", "Make changes first, or run: helm sync to pull the latest.");
+    }
+    try {
+        await git.add("-A");
+        await git.commit(message);
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        throw new HelmError(`git commit failed: ${detail}`, `Check git status in ${repoRoot} and resolve any issues.`);
+    }
+    try {
+        await git.push();
+        return true;
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        console.warn(chalk.yellow(`\n  ⚠  git push failed: ${detail}\n  → Push manually: cd ${repoRoot} && git push`));
+        return false;
+    }
+}
+/**
+ * Returns true if the `git` executable is available in PATH.
+ * Used by the startup check in index.ts.
+ */
+export async function isGitAvailable() {
+    try {
+        await simpleGit().raw(["--version"]);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=git.js.map

package/dist/core/git.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"git.js","sourceRoot":"","sources":["../../src/core/git.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,SAAS,EAAqC,MAAM,YAAY,CAAC;AAC1E,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAE/C,iFAAiF;AAEjF;;;;;GAKG;AACH,SAAS,MAAM,CAAC,QAAgB;IAC9B,OAAO,SAAS,CAAC,QAAQ,CAAC,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,MAAoB;IACxC,OAAO,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;AACtC,CAAC;AAED,iFAAiF;AAEjF;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAgB;IAC/C,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IACnB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,IAAI,SAAS,CACjB,oBAAoB,MAAM,EAAE,EAC5B;YACE,mBAAmB;YACnB,UAAU,GAAG,QAAQ;YACrB,iBAAiB;YACjB,2DAA2D;YAC3D,gCAAgC;SACjC,CAAC,IAAI,CAAC,MAAM,CAAC,CACf,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;IAE/C,IAAI,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,SAAS,CACjB,wDAAwD,EACxD;YACE,mBAAmB;YACnB,UAAU,GAAG,QAAQ;YACrB,2CAA2C;YAC3C,sDAAsD;YACtD,iBAAiB;YACjB,gCAAgC;SACjC,CAAC,IAAI,CAAC,MAAM,CAAC,CACf,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,QAAgB;IAClD,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,EAAE,CAAC;QAClC,MAAM,SAAS,GACb,MAAM,CAAC,QAAQ,CAAC,MAAM;YACtB,MAAM,CAAC,SAAS,CAAC,MAAM;YACvB,MAAM,CAAC,OAAO,CAAC,MAAM;YACrB,MAAM,CAAC,OAAO,CAAC,MAAM;YACrB,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;QAExB,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,CAAC;IAChD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,IAAI,SAAS,CACjB,8BAA8B,MAAM,EAAE,EACtC,UAAU,QAAQ,6BAA6B,CAChD,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,KAAe,EACf,OAAe;IAEf,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACrB,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,IAAI,SAAS,CACjB,sBAAsB,MAAM,EAAE,EAC9B,uBAAuB,QAAQ,8CAA8C,CAC9E,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CACV,KAAK,CAAC,MAAM,CACV,2BAA2B,MAAM,2BAA2B,QAAQ,cAAc,CACnF,CACF,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,OAAe;IAEf,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7B,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,EAAE,CAAC;IAClC,MAAM,OAAO,GACX,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;QAC1B,MAAM,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;QAC3B,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;QACzB,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;IAE5B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CACjB,gDAAgD,EAChD,2DAA2D,CAC5D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpB,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,IAAI,SAAS,CACjB,sBAAsB,MAAM,EAAE,EAC9B,uBAAuB,QAAQ,0BAA0B,CAC1D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CACV,KAAK,CAAC,MAAM,CACV,2BAA2B,MAAM,2BAA2B,QAAQ,cAAc,CACnF,CACF,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,IAAI,CAAC;QACH,MAAM,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/core/inputs.d.ts

@@ -0,0 +1,40 @@
+/**
+ * @file Input credential definitions and connectivity tests.
+ *
+ * Defines which secret keys each input requires and provides the test
+ * function that verifies a live connection using those credentials.
+ *
+ * Test calls make real HTTP requests using the Node 20 built-in fetch.
+ * On success, each test returns a human-readable detail string (email
+ * address, calendar count, etc.) confirming the credential works.
+ *
+ * On failure with HTTP 401, the test reports the credential as invalid
+ * and instructs the user to refresh it via helm secrets set. No silent
+ * token refresh is attempted in Phase 1 — that is Phase 2 scope.
+ *
+ * Secret values retrieved from the keychain are used directly in HTTP
+ * Authorization headers and are never included in any log output or
+ * error message.
+ */
+import type { InputTestResult } from "../types/index.js";
+/**
+ * Ordered list of OS keychain key names required by each input.
+ * Used during helm setup to prompt for each credential and during
+ * helm inputs test to retrieve them for connectivity checks.
+ *
+ * Keys must match the names used in helm secrets set commands documented
+ * in SETUP.md.
+ */
+export declare const INPUT_CREDENTIAL_KEYS: Record<string, string[]>;
+/**
+ * Runs the connectivity test for the given input ID.
+ *
+ * Returns an InputTestResult regardless of outcome — errors are
+ * represented in the result rather than thrown, so callers can
+ * display results for multiple inputs without short-circuiting.
+ *
+ * @param inputId  - The input identifier to test (e.g. "gmail").
+ * @param username - Active username whose credentials to use.
+ */
+export declare function testInput(inputId: string, username: string): Promise<InputTestResult>;
+//# sourceMappingURL=inputs.d.ts.map

package/dist/core/inputs.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inputs.d.ts","sourceRoot":"","sources":["../../src/core/inputs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAKzD;;;;;;;GAOG;AACH,eAAO,MAAM,qBAAqB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAc1D,CAAC;AA4VF;;;;;;;;;GASG;AACH,wBAAsB,SAAS,CAC7B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAoB1B"}

package/dist/core/inputs.js

@@ -0,0 +1,360 @@
+/**
+ * @file Input credential definitions and connectivity tests.
+ *
+ * Defines which secret keys each input requires and provides the test
+ * function that verifies a live connection using those credentials.
+ *
+ * Test calls make real HTTP requests using the Node 20 built-in fetch.
+ * On success, each test returns a human-readable detail string (email
+ * address, calendar count, etc.) confirming the credential works.
+ *
+ * On failure with HTTP 401, the test reports the credential as invalid
+ * and instructs the user to refresh it via helm secrets set. No silent
+ * token refresh is attempted in Phase 1 — that is Phase 2 scope.
+ *
+ * Secret values retrieved from the keychain are used directly in HTTP
+ * Authorization headers and are never included in any log output or
+ * error message.
+ */
+import { getSecret } from "./secrets.js";
+// ─── Credential Key Definitions ───────────────────────────────────────────────
+/**
+ * Ordered list of OS keychain key names required by each input.
+ * Used during helm setup to prompt for each credential and during
+ * helm inputs test to retrieve them for connectivity checks.
+ *
+ * Keys must match the names used in helm secrets set commands documented
+ * in SETUP.md.
+ */
+export const INPUT_CREDENTIAL_KEYS = {
+    gmail: [
+        "GMAIL_CLIENT_ID",
+        "GMAIL_CLIENT_SECRET",
+        "GMAIL_OAUTH_REFRESH_TOKEN",
+    ],
+    google_calendar: [
+        "GCAL_CLIENT_ID",
+        "GCAL_CLIENT_SECRET",
+        "GCAL_OAUTH_REFRESH_TOKEN",
+    ],
+    google_maps: ["GOOGLE_MAPS_API_KEY"],
+    todoist: ["TODOIST_API_TOKEN"],
+    zoom: ["ZOOM_ACCOUNT_ID", "ZOOM_CLIENT_ID", "ZOOM_CLIENT_SECRET"],
+};
+// ─── Internal HTTP Helpers ────────────────────────────────────────────────────
+/**
+ * Exchanges a Google OAuth refresh token for a short-lived access token
+ * using the Google token endpoint. Returns the access token string.
+ *
+ * The refresh token and client credentials are never included in logs or
+ * error output.
+ *
+ * @throws When the token endpoint returns a non-200 status.
+ */
+async function googleRefreshToAccessToken(clientId, clientSecret, refreshToken) {
+    const body = new URLSearchParams({
+        client_id: clientId,
+        client_secret: clientSecret,
+        refresh_token: refreshToken,
+        grant_type: "refresh_token",
+    });
+    const res = await fetch("https://oauth2.googleapis.com/token", {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: body.toString(),
+    });
+    if (!res.ok) {
+        const status = res.status;
+        const reason = status === 401 || status === 400
+            ? "credential rejected"
+            : `HTTP ${status}`;
+        throw new Error(reason);
+    }
+    const data = (await res.json());
+    return data.access_token;
+}
+// ─── Per-Input Test Functions ────────────────────────────────────────────────
+/**
+ * Tests the Gmail connection by exchanging the stored refresh token for
+ * an access token and fetching the user's Gmail profile.
+ * Returns the verified email address on success.
+ */
+async function testGmail(username) {
+    const clientId = await getSecret(username, "GMAIL_CLIENT_ID");
+    const clientSecret = await getSecret(username, "GMAIL_CLIENT_SECRET");
+    const refreshToken = await getSecret(username, "GMAIL_OAUTH_REFRESH_TOKEN");
+    if (!clientId || !clientSecret || !refreshToken) {
+        return {
+            inputId: "gmail",
+            ok: false,
+            error: "One or more Gmail credentials are missing.",
+            fix: "Run: helm secrets set GMAIL_CLIENT_ID && helm secrets set GMAIL_CLIENT_SECRET && helm secrets set GMAIL_OAUTH_REFRESH_TOKEN",
+        };
+    }
+    try {
+        const accessToken = await googleRefreshToAccessToken(clientId, clientSecret, refreshToken);
+        const res = await fetch("https://gmail.googleapis.com/gmail/v1/users/me/profile", { headers: { Authorization: `Bearer ${accessToken}` } });
+        if (res.status === 401) {
+            return {
+                inputId: "gmail",
+                ok: false,
+                error: "Gmail access token was rejected (401).",
+                fix: "Your refresh token may have expired. Run: helm secrets set GMAIL_OAUTH_REFRESH_TOKEN with a fresh token.",
+            };
+        }
+        if (!res.ok) {
+            return {
+                inputId: "gmail",
+                ok: false,
+                error: `Gmail API returned HTTP ${res.status}.`,
+                fix: "Check your Google Cloud project quota and API enablement, then retry.",
+            };
+        }
+        const data = (await res.json());
+        return { inputId: "gmail", ok: true, detail: data.emailAddress };
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return {
+            inputId: "gmail",
+            ok: false,
+            error: `Gmail test failed: ${msg}`,
+            fix: "Check your Gmail credentials and internet connection, then retry.",
+        };
+    }
+}
+/**
+ * Tests the Google Calendar connection by listing the user's calendars.
+ * Returns the calendar count on success.
+ */
+async function testGoogleCalendar(username) {
+    const clientId = await getSecret(username, "GCAL_CLIENT_ID");
+    const clientSecret = await getSecret(username, "GCAL_CLIENT_SECRET");
+    const refreshToken = await getSecret(username, "GCAL_OAUTH_REFRESH_TOKEN");
+    if (!clientId || !clientSecret || !refreshToken) {
+        return {
+            inputId: "google_calendar",
+            ok: false,
+            error: "One or more Google Calendar credentials are missing.",
+            fix: "Run: helm secrets set GCAL_CLIENT_ID && helm secrets set GCAL_CLIENT_SECRET && helm secrets set GCAL_OAUTH_REFRESH_TOKEN",
+        };
+    }
+    try {
+        const accessToken = await googleRefreshToAccessToken(clientId, clientSecret, refreshToken);
+        const res = await fetch("https://www.googleapis.com/calendar/v3/users/me/calendarList", { headers: { Authorization: `Bearer ${accessToken}` } });
+        if (res.status === 401) {
+            return {
+                inputId: "google_calendar",
+                ok: false,
+                error: "Google Calendar access token was rejected (401).",
+                fix: "Your refresh token may have expired. Run: helm secrets set GCAL_OAUTH_REFRESH_TOKEN with a fresh token.",
+            };
+        }
+        if (!res.ok) {
+            return {
+                inputId: "google_calendar",
+                ok: false,
+                error: `Google Calendar API returned HTTP ${res.status}.`,
+                fix: "Check your Google Cloud project quota and Calendar API enablement, then retry.",
+            };
+        }
+        const data = (await res.json());
+        const count = data.items?.length ?? 0;
+        return {
+            inputId: "google_calendar",
+            ok: true,
+            detail: `${count} calendar${count !== 1 ? "s" : ""} found`,
+        };
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return {
+            inputId: "google_calendar",
+            ok: false,
+            error: `Google Calendar test failed: ${msg}`,
+            fix: "Check your Calendar credentials and internet connection, then retry.",
+        };
+    }
+}
+/**
+ * Tests the Google Maps connection by geocoding a known address.
+ * Returns "geocoding OK" on success.
+ */
+async function testGoogleMaps(username) {
+    const apiKey = await getSecret(username, "GOOGLE_MAPS_API_KEY");
+    if (!apiKey) {
+        return {
+            inputId: "google_maps",
+            ok: false,
+            error: "Google Maps API key is missing.",
+            fix: "Run: helm secrets set GOOGLE_MAPS_API_KEY",
+        };
+    }
+    try {
+        const url = new URL("https://maps.googleapis.com/maps/api/geocode/json");
+        url.searchParams.set("address", "1600 Amphitheatre Pkwy, Mountain View, CA");
+        url.searchParams.set("key", apiKey);
+        const res = await fetch(url.toString());
+        if (!res.ok) {
+            return {
+                inputId: "google_maps",
+                ok: false,
+                error: `Google Maps API returned HTTP ${res.status}.`,
+                fix: "Check your API key and Maps API enablement in Google Cloud Console.",
+            };
+        }
+        const data = (await res.json());
+        if (data.status === "REQUEST_DENIED") {
+            return {
+                inputId: "google_maps",
+                ok: false,
+                error: "Google Maps API key was rejected.",
+                fix: "Run: helm secrets set GOOGLE_MAPS_API_KEY with a valid key.",
+            };
+        }
+        return { inputId: "google_maps", ok: true, detail: "geocoding OK" };
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return {
+            inputId: "google_maps",
+            ok: false,
+            error: `Google Maps test failed: ${msg}`,
+            fix: "Check your Maps API key and internet connection, then retry.",
+        };
+    }
+}
+/**
+ * Tests the Todoist connection by fetching the authenticated user's info.
+ * Returns the user's display name on success.
+ */
+async function testTodoist(username) {
+    const apiToken = await getSecret(username, "TODOIST_API_TOKEN");
+    if (!apiToken) {
+        return {
+            inputId: "todoist",
+            ok: false,
+            error: "Todoist API token is missing.",
+            fix: "Run: helm secrets set TODOIST_API_TOKEN",
+        };
+    }
+    try {
+        const res = await fetch("https://api.todoist.com/rest/v2/user", {
+            headers: { Authorization: `Bearer ${apiToken}` },
+        });
+        if (res.status === 401) {
+            return {
+                inputId: "todoist",
+                ok: false,
+                error: "Todoist API token was rejected (401).",
+                fix: "Run: helm secrets set TODOIST_API_TOKEN with a fresh token from Todoist settings.",
+            };
+        }
+        if (!res.ok) {
+            return {
+                inputId: "todoist",
+                ok: false,
+                error: `Todoist API returned HTTP ${res.status}.`,
+                fix: "Check your Todoist API token and retry.",
+            };
+        }
+        const data = (await res.json());
+        return { inputId: "todoist", ok: true, detail: data.full_name };
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return {
+            inputId: "todoist",
+            ok: false,
+            error: `Todoist test failed: ${msg}`,
+            fix: "Check your Todoist API token and internet connection, then retry.",
+        };
+    }
+}
+/**
+ * Tests the Zoom Server-to-Server OAuth connection by exchanging
+ * account credentials for an access token. A successful token
+ * exchange confirms the app credentials are valid.
+ */
+async function testZoom(username) {
+    const accountId = await getSecret(username, "ZOOM_ACCOUNT_ID");
+    const clientId = await getSecret(username, "ZOOM_CLIENT_ID");
+    const clientSecret = await getSecret(username, "ZOOM_CLIENT_SECRET");
+    if (!accountId || !clientId || !clientSecret) {
+        return {
+            inputId: "zoom",
+            ok: false,
+            error: "One or more Zoom credentials are missing.",
+            fix: "Run: helm secrets set ZOOM_ACCOUNT_ID && helm secrets set ZOOM_CLIENT_ID && helm secrets set ZOOM_CLIENT_SECRET",
+        };
+    }
+    try {
+        const credentials = Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
+        const url = new URL("https://zoom.us/oauth/token");
+        url.searchParams.set("grant_type", "account_credentials");
+        url.searchParams.set("account_id", accountId);
+        const res = await fetch(url.toString(), {
+            method: "POST",
+            headers: { Authorization: `Basic ${credentials}` },
+        });
+        if (res.status === 401) {
+            return {
+                inputId: "zoom",
+                ok: false,
+                error: "Zoom credentials were rejected (401).",
+                fix: "Verify your ZOOM_CLIENT_ID and ZOOM_CLIENT_SECRET in the Zoom Marketplace, then run helm secrets set for each.",
+            };
+        }
+        if (!res.ok) {
+            return {
+                inputId: "zoom",
+                ok: false,
+                error: `Zoom OAuth returned HTTP ${res.status}.`,
+                fix: "Check your Zoom Server-to-Server app configuration and retry.",
+            };
+        }
+        return { inputId: "zoom", ok: true, detail: "token exchange OK" };
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return {
+            inputId: "zoom",
+            ok: false,
+            error: `Zoom test failed: ${msg}`,
+            fix: "Check your Zoom credentials and internet connection, then retry.",
+        };
+    }
+}
+// ─── Dispatcher ───────────────────────────────────────────────────────────────
+/**
+ * Runs the connectivity test for the given input ID.
+ *
+ * Returns an InputTestResult regardless of outcome — errors are
+ * represented in the result rather than thrown, so callers can
+ * display results for multiple inputs without short-circuiting.
+ *
+ * @param inputId  - The input identifier to test (e.g. "gmail").
+ * @param username - Active username whose credentials to use.
+ */
+export async function testInput(inputId, username) {
+    switch (inputId) {
+        case "gmail":
+            return testGmail(username);
+        case "google_calendar":
+            return testGoogleCalendar(username);
+        case "google_maps":
+            return testGoogleMaps(username);
+        case "todoist":
+            return testTodoist(username);
+        case "zoom":
+            return testZoom(username);
+        default:
+            return {
+                inputId,
+                ok: false,
+                error: `No test implementation for input "${inputId}".`,
+                fix: `Add a test function for "${inputId}" in core/inputs.ts.`,
+            };
+    }
+}
+//# sourceMappingURL=inputs.js.map

package/dist/core/inputs.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inputs.js","sourceRoot":"","sources":["../../src/core/inputs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,iFAAiF;AAEjF;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAA6B;IAC7D,KAAK,EAAE;QACL,iBAAiB;QACjB,qBAAqB;QACrB,2BAA2B;KAC5B;IACD,eAAe,EAAE;QACf,gBAAgB;QAChB,oBAAoB;QACpB,0BAA0B;KAC3B;IACD,WAAW,EAAE,CAAC,qBAAqB,CAAC;IACpC,OAAO,EAAE,CAAC,mBAAmB,CAAC;IAC9B,IAAI,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,EAAE,oBAAoB,CAAC;CAClE,CAAC;AAEF,iFAAiF;AAEjF;;;;;;;;GAQG;AACH,KAAK,UAAU,0BAA0B,CACvC,QAAgB,EAChB,YAAoB,EACpB,YAAoB;IAEpB,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;QAC3B,aAAa,EAAE,YAAY;QAC3B,UAAU,EAAE,eAAe;KAC5B,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,qCAAqC,EAAE;QAC7D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QAC1B,MAAM,MAAM,GACV,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG;YAC9B,CAAC,CAAC,qBAAqB;YACvB,CAAC,CAAC,QAAQ,MAAM,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA6B,CAAC;IAC5D,OAAO,IAAI,CAAC,YAAY,CAAC;AAC3B,CAAC;AAED,gFAAgF;AAEhF;;;;GAIG;AACH,KAAK,UAAU,SAAS,CAAC,QAAgB;IACvC,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC9D,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;IACtE,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,2BAA2B,CAAC,CAAC;IAE5E,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,EAAE,CAAC;QAChD,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,4CAA4C;YACnD,GAAG,EAAE,6HAA6H;SACnI,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,0BAA0B,CAClD,QAAQ,EACR,YAAY,EACZ,YAAY,CACb,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,wDAAwD,EACxD,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,EAAE,CACxD,CAAC;QAEF,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,OAAO;gBAChB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,wCAAwC;gBAC/C,GAAG,EAAE,0GAA0G;aAChH,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,OAAO;gBAChB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,2BAA2B,GAAG,CAAC,MAAM,GAAG;gBAC/C,GAAG,EAAE,uEAAuE;aAC7E,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA6B,CAAC;QAC5D,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;IACnE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,sBAAsB,GAAG,EAAE;YAClC,GAAG,EAAE,mEAAmE;SACzE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,kBAAkB,CAAC,QAAgB;IAChD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;IACrE,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,0BAA0B,CAAC,CAAC;IAE3E,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,EAAE,CAAC;QAChD,OAAO;YACL,OAAO,EAAE,iBAAiB;YAC1B,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,sDAAsD;YAC7D,GAAG,EAAE,0HAA0H;SAChI,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,0BAA0B,CAClD,QAAQ,EACR,YAAY,EACZ,YAAY,CACb,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,KAAK,CACrB,8DAA8D,EAC9D,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,EAAE,CACxD,CAAC;QAEF,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,iBAAiB;gBAC1B,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,kDAAkD;gBACzD,GAAG,EAAE,yGAAyG;aAC/G,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,iBAAiB;gBAC1B,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,qCAAqC,GAAG,CAAC,MAAM,GAAG;gBACzD,GAAG,EAAE,gFAAgF;aACtF,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAyB,CAAC;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,MAAM,IAAI,CAAC,CAAC;QACtC,OAAO;YACL,OAAO,EAAE,iBAAiB;YAC1B,EAAE,EAAE,IAAI;YACR,MAAM,EAAE,GAAG,KAAK,YAAY,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,QAAQ;SAC3D,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,iBAAiB;YAC1B,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,gCAAgC,GAAG,EAAE;YAC5C,GAAG,EAAE,sEAAsE;SAC5E,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,cAAc,CAAC,QAAgB;IAC5C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;IAEhE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,OAAO,EAAE,aAAa;YACtB,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,iCAAiC;YACxC,GAAG,EAAE,2CAA2C;SACjD,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,mDAAmD,CACpD,CAAC;QACF,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,EAAE,2CAA2C,CAAC,CAAC;QAC7E,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAEpC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,aAAa;gBACtB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,iCAAiC,GAAG,CAAC,MAAM,GAAG;gBACrD,GAAG,EAAE,qEAAqE;aAC3E,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAuB,CAAC;QAEtD,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,EAAE,CAAC;YACrC,OAAO;gBACL,OAAO,EAAE,aAAa;gBACtB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,mCAAmC;gBAC1C,GAAG,EAAE,6DAA6D;aACnE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IACtE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,aAAa;YACtB,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,4BAA4B,GAAG,EAAE;YACxC,GAAG,EAAE,8DAA8D;SACpE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;IAEhE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,+BAA+B;YACtC,GAAG,EAAE,yCAAyC;SAC/C,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,sCAAsC,EAAE;YAC9D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,QAAQ,EAAE,EAAE;SACjD,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,SAAS;gBAClB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,uCAAuC;gBAC9C,GAAG,EAAE,mFAAmF;aACzF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,SAAS;gBAClB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,6BAA6B,GAAG,CAAC,MAAM,GAAG;gBACjD,GAAG,EAAE,yCAAyC;aAC/C,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA0B,CAAC;QACzD,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAClE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,wBAAwB,GAAG,EAAE;YACpC,GAAG,EAAE,mEAAmE;SACzE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;IAErE,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAC7C,OAAO;YACL,OAAO,EAAE,MAAM;YACf,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,2CAA2C;YAClD,GAAG,EAAE,iHAAiH;SACvH,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC,CAAC,QAAQ,CACrE,QAAQ,CACT,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,6BAA6B,CAAC,CAAC;QACnD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QAC1D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAE9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YACtC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,aAAa,EAAE,SAAS,WAAW,EAAE,EAAE;SACnD,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,MAAM;gBACf,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,uCAAuC;gBAC9C,GAAG,EAAE,gHAAgH;aACtH,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,MAAM;gBACf,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,4BAA4B,GAAG,CAAC,MAAM,GAAG;gBAChD,GAAG,EAAE,+DAA+D;aACrE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;IACpE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,MAAM;YACf,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,qBAAqB,GAAG,EAAE;YACjC,GAAG,EAAE,kEAAkE;SACxE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,QAAgB;IAEhB,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,OAAO;YACV,OAAO,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC7B,KAAK,iBAAiB;YACpB,OAAO,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACtC,KAAK,aAAa;YAChB,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC/B,KAAK,MAAM;YACT,OAAO,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC5B;YACE,OAAO;gBACL,OAAO;gBACP,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,qCAAqC,OAAO,IAAI;gBACvD,GAAG,EAAE,4BAA4B,OAAO,sBAAsB;aAC/D,CAAC;IACN,CAAC;AACH,CAAC"}