npm - claude-flow-novice - Versions diffs - 1.6.2 → 1.6.4 - Mend

claude-flow-novice 1.6.2 → 1.6.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/.claude-flow-novice/dist/src/web/frontend/src/utils/security.js ADDED Viewed

@@ -0,0 +1,425 @@
+/**
+ * Security Utilities for Frontend Application
+ * Comprehensive security measures for XSS protection, input validation, and secure data handling
+ */ // Content Security Policy helper
+export const CSP_CONSTANTS = {
+    DEFAULT_SRC: "'self'",
+    SCRIPT_SRC: "'self' 'unsafe-inline' 'unsafe-eval'",
+    STYLE_SRC: "'self' 'unsafe-inline'",
+    IMG_SRC: "'self' data: https:",
+    CONNECT_SRC: "'self' ws: wss:",
+    FONT_SRC: "'self' data:",
+    OBJECT_SRC: "'none'",
+    MEDIA_SRC: "'self'",
+    FRAME_SRC: "'none'",
+    CHILD_SRC: "'none'",
+    WORKER_SRC: "'self'",
+    MANIFEST_SRC: "'self'",
+    UPGRADE_INSECURE_REQUESTS: true
+};
+// Security headers helper
+export const addSecurityHeaders = (headers)=>{
+    return {
+        ...headers,
+        'Content-Security-Policy': Object.entries(CSP_CONSTANTS).map(([key, value])=>{
+            const cspKey = key.replace('_', '-').toLowerCase();
+            return `${cspKey} ${Array.isArray(value) ? value.join(' ') : value}`;
+        }).join('; '),
+        'X-Content-Type-Options': 'nosniff',
+        'X-Frame-Options': 'DENY',
+        'X-XSS-Protection': '1; mode=block',
+        'Referrer-Policy': 'strict-origin-when-cross-origin',
+        'Permissions-Policy': 'geolocation=(), microphone=(), camera=(), payment=()',
+        'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
+    };
+};
+// Sanitization utilities
+export class ContentSanitizer {
+    static allowedTags = [
+        'p',
+        'br',
+        'strong',
+        'em',
+        'u',
+        'ol',
+        'ul',
+        'li',
+        'h1',
+        'h2',
+        'h3',
+        'h4',
+        'h5',
+        'h6',
+        'blockquote',
+        'code',
+        'pre'
+    ];
+    static allowedAttributes = {
+        'a': [
+            'href',
+            'title',
+            'target'
+        ],
+        'img': [
+            'src',
+            'alt',
+            'title',
+            'width',
+            'height'
+        ]
+    };
+    static dangerousPatterns = [
+        /javascript:/gi,
+        /data:(?!image\/)/gi,
+        /vbscript:/gi,
+        /on\w+\s*=/gi,
+        /<script/gi,
+        /<iframe/gi,
+        /<object/gi,
+        /<embed/gi,
+        /<link/gi,
+        /<meta/gi,
+        /@import/gi,
+        /expression\(/gi
+    ];
+    static sanitizeHTML(html) {
+        let sanitized = html;
+        // Remove dangerous patterns
+        this.dangerousPatterns.forEach((pattern)=>{
+            sanitized = sanitized.replace(pattern, '');
+        });
+        // Basic HTML tag removal for now (will be enhanced with DOMPurify)
+        sanitized = sanitized.replace(/<[^>]*>/g, '');
+        // Encode special characters
+        sanitized = this.encodeHTMLEntities(sanitized);
+        return sanitized;
+    }
+    static sanitizeText(text) {
+        return this.encodeHTMLEntities(text).replace(/[\x00-\x1F\x7F]/g, '').substring(0, 10000).trim();
+    }
+    static sanitizeURL(url) {
+        try {
+            const parsed = new URL(url, window.location.origin);
+            // Only allow http, https protocols
+            if (![
+                'http:',
+                'https:'
+            ].includes(parsed.protocol)) {
+                return '#';
+            }
+            // Remove dangerous parts
+            parsed.hash = '';
+            parsed.username = '';
+            parsed.password = '';
+            return parsed.toString();
+        } catch  {
+            return '#';
+        }
+    }
+    static encodeHTMLEntities(text) {
+        const entityMap = {
+            '&': '&amp;',
+            '<': '&lt;',
+            '>': '&gt;',
+            '"': '&quot;',
+            "'": '&#39;',
+            '/': '&#x2F;'
+        };
+        return text.replace(/[&<>"'/]/g, (char)=>entityMap[char] || char);
+    }
+    static validateCSS(css) {
+        const dangerousCSS = [
+            /javascript:/gi,
+            /expression\(/gi,
+            /@import/gi,
+            /binding\(/gi,
+            /behavior\s*:/gi
+        ];
+        return !dangerousCSS.some((pattern)=>pattern.test(css));
+    }
+}
+// Input validation utilities
+export class InputValidator {
+    static patterns = {
+        email: /^[^\s@]+@[^\s@]+\.[^\s@]+$/,
+        url: /^https?:\/\/.+/,
+        phone: /^\+?[\d\s\-\(\)]+$/,
+        alphanumeric: /^[a-zA-Z0-9]+$/,
+        numeric: /^[0-9]*\.?[0-9]+$/,
+        safeFilename: /^[a-zA-Z0-9._-]+$/
+    };
+    static validateEmail(email) {
+        return this.patterns.email.test(email) && email.length <= 254;
+    }
+    static validateURL(url) {
+        return this.patterns.url.test(url) && url.length <= 2048;
+    }
+    static validatePhone(phone) {
+        return this.patterns.phone.test(phone) && phone.length <= 20;
+    }
+    static validateLength(input, min, max) {
+        return input.length >= min && input.length <= max;
+    }
+    static validateNoSQL(input) {
+        const noSQLPatterns = [
+            /\$where/gi,
+            /\$gt/gi,
+            /\$lt/gi,
+            /\$ne/gi,
+            /\$in/gi,
+            /\$nin/gi,
+            /\{.*\$.*\}/gi,
+            /javascript:/gi,
+            /eval\(/gi
+        ];
+        return !noSQLPatterns.some((pattern)=>pattern.test(input));
+    }
+    static validateSQL(input) {
+        const sqlPatterns = [
+            /drop\s+table/gi,
+            /delete\s+from/gi,
+            /insert\s+into/gi,
+            /update\s+.*set/gi,
+            /union\s+select/gi,
+            /exec\s*\(/gi,
+            /script\s*>/gi,
+            /--/gi,
+            /\/\*/gi,
+            /\*\//gi
+        ];
+        return !sqlPatterns.some((pattern)=>pattern.test(input));
+    }
+    static sanitizeFilename(filename) {
+        return filename.replace(/[^a-zA-Z0-9._-]/g, '_').replace(/_{2,}/g, '_').toLowerCase().substring(0, 255);
+    }
+}
+// CSRF protection utilities
+export class CSRFProtection {
+    static token = null;
+    static generateToken() {
+        const token = Array.from(crypto.getRandomValues(new Uint8Array(32))).map((b)=>b.toString(16).padStart(2, '0')).join('');
+        this.token = token;
+        this.storeToken(token);
+        return token;
+    }
+    static getToken() {
+        if (!this.token) {
+            this.token = this.retrieveToken();
+        }
+        return this.token;
+    }
+    static validateToken(token) {
+        const storedToken = this.getToken();
+        return storedToken !== null && storedToken === token;
+    }
+    static storeToken(token) {
+        try {
+            sessionStorage.setItem('csrf-token', token);
+        } catch (error) {
+            console.warn('Could not store CSRF token:', error);
+        }
+    }
+    static retrieveToken() {
+        try {
+            return sessionStorage.getItem('csrf-token');
+        } catch (error) {
+            console.warn('Could not retrieve CSRF token:', error);
+            return null;
+        }
+    }
+    static addToFormData(formData) {
+        const token = this.getToken();
+        if (token) {
+            formData.append('csrf-token', token);
+        }
+    }
+    static addToHeaders(headers) {
+        const token = this.getToken();
+        if (token) {
+            headers['X-CSRF-Token'] = token;
+        }
+    }
+}
+// Secure storage utilities
+export class SecureStorage {
+    static encryptionKey = 'claude-flow-secure-storage';
+    static setItem(key, value, useEncryption = true) {
+        try {
+            const serializedValue = JSON.stringify(value);
+            const finalValue = useEncryption ? this.simpleEncrypt(serializedValue) : serializedValue;
+            localStorage.setItem(key, finalValue);
+        } catch (error) {
+            console.warn('Could not store item:', error);
+        }
+    }
+    static getItem(key, useEncryption = true) {
+        try {
+            const storedValue = localStorage.getItem(key);
+            if (!storedValue) return null;
+            const decryptedValue = useEncryption ? this.simpleDecrypt(storedValue) : storedValue;
+            return JSON.parse(decryptedValue);
+        } catch (error) {
+            console.warn('Could not retrieve item:', error);
+            return null;
+        }
+    }
+    static removeItem(key) {
+        try {
+            localStorage.removeItem(key);
+        } catch (error) {
+            console.warn('Could not remove item:', error);
+        }
+    }
+    static clear() {
+        try {
+            localStorage.clear();
+        } catch (error) {
+            console.warn('Could not clear storage:', error);
+        }
+    }
+    static simpleEncrypt(text) {
+        // Simple XOR encryption (not production-grade, but better than plaintext)
+        const key = this.encryptionKey;
+        let result = '';
+        for(let i = 0; i < text.length; i++){
+            result += String.fromCharCode(text.charCodeAt(i) ^ key.charCodeAt(i % key.length));
+        }
+        return btoa(result);
+    }
+    static simpleDecrypt(encryptedText) {
+        try {
+            const key = this.encryptionKey;
+            const decoded = atob(encryptedText);
+            let result = '';
+            for(let i = 0; i < decoded.length; i++){
+                result += String.fromCharCode(decoded.charCodeAt(i) ^ key.charCodeAt(i % key.length));
+            }
+            return result;
+        } catch (error) {
+            return '';
+        }
+    }
+}
+// Security event logging
+export class SecurityLogger {
+    static logEndpoint = '/api/security-events';
+    static logSecurityEvent(event) {
+        const securityEvent = {
+            ...event,
+            timestamp: event.timestamp || Date.now(),
+            userAgent: navigator.userAgent,
+            url: window.location.href,
+            sessionId: this.getSessionId()
+        };
+        // Log to console in development
+        if (process.env.NODE_ENV === 'development') {
+            console.warn('Security Event:', securityEvent);
+        }
+        // Store locally for debugging
+        this.storeLocalEvent(securityEvent);
+        // Send to server (in production)
+        if (process.env.NODE_ENV === 'production') {
+            this.sendToServer(securityEvent);
+        }
+    }
+    static getSessionId() {
+        let sessionId = sessionStorage.getItem('security-session-id');
+        if (!sessionId) {
+            sessionId = `session-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
+            sessionStorage.setItem('security-session-id', sessionId);
+        }
+        return sessionId;
+    }
+    static storeLocalEvent(event) {
+        try {
+            const events = JSON.parse(localStorage.getItem('security-events') || '[]');
+            events.push(event);
+            // Keep only last 100 events
+            if (events.length > 100) {
+                events.splice(0, events.length - 100);
+            }
+            localStorage.setItem('security-events', JSON.stringify(events));
+        } catch (error) {
+            console.warn('Could not store security event:', error);
+        }
+    }
+    static async sendToServer(event) {
+        try {
+            await fetch(this.logEndpoint, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify(event)
+            });
+        } catch (error) {
+            console.warn('Could not send security event to server:', error);
+        }
+    }
+}
+// Rate limiting utilities
+export class RateLimiter {
+    static attempts = new Map();
+    static isAllowed(identifier, maxAttempts = 5, windowMs = 60000) {
+        const now = Date.now();
+        const attempts = this.attempts.get(identifier) || [];
+        // Remove old attempts outside the window
+        const validAttempts = attempts.filter((timestamp)=>now - timestamp < windowMs);
+        if (validAttempts.length >= maxAttempts) {
+            SecurityLogger.logSecurityEvent({
+                type: 'unauthorized_access',
+                severity: 'medium',
+                details: {
+                    action: 'rate_limit_exceeded',
+                    identifier,
+                    attempts: validAttempts.length
+                }
+            });
+            return false;
+        }
+        // Add current attempt
+        validAttempts.push(now);
+        this.attempts.set(identifier, validAttempts);
+        return true;
+    }
+    static getRemainingAttempts(identifier, maxAttempts = 5, windowMs = 60000) {
+        const now = Date.now();
+        const attempts = this.attempts.get(identifier) || [];
+        const validAttempts = attempts.filter((timestamp)=>now - timestamp < windowMs);
+        return Math.max(0, maxAttempts - validAttempts.length);
+    }
+    static reset(identifier) {
+        this.attempts.delete(identifier);
+    }
+}
+// Security configuration
+export const SECURITY_CONFIG = {
+    // Input limits
+    MAX_INPUT_LENGTH: 10000,
+    MAX_FILENAME_LENGTH: 255,
+    MAX_URL_LENGTH: 2048,
+    // Rate limiting
+    RATE_LIMIT: {
+        LOGIN_ATTEMPTS: 5,
+        LOGIN_WINDOW: 15 * 60 * 1000,
+        API_REQUESTS: 100,
+        API_WINDOW: 60 * 1000 // 1 minute
+    },
+    // Password requirements
+    PASSWORD: {
+        MIN_LENGTH: 8,
+        MAX_LENGTH: 128,
+        REQUIRE_UPPERCASE: true,
+        REQUIRE_LOWERCASE: true,
+        REQUIRE_NUMBERS: true,
+        REQUIRE_SPECIAL_CHARS: true
+    },
+    // Session settings
+    SESSION: {
+        TIMEOUT: 30 * 60 * 1000,
+        WARNING_TIMEOUT: 5 * 60 * 1000,
+        RENEWAL_THRESHOLD: 5 * 60 * 1000 // Renew if less than 5 minutes left
+    }
+};
+//# sourceMappingURL=security.js.map

package/.claude-flow-novice/dist/src/web/frontend/src/utils/security.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../../../../../../src/web/frontend/src/utils/security.ts"],"names":["CSP_CONSTANTS","DEFAULT_SRC","SCRIPT_SRC","STYLE_SRC","IMG_SRC","CONNECT_SRC","FONT_SRC","OBJECT_SRC","MEDIA_SRC","FRAME_SRC","CHILD_SRC","WORKER_SRC","MANIFEST_SRC","UPGRADE_INSECURE_REQUESTS","addSecurityHeaders","headers","Object","entries","map","key","value","cspKey","replace","toLowerCase","Array","isArray","join","ContentSanitizer","allowedTags","allowedAttributes","dangerousPatterns","sanitizeHTML","html","sanitized","forEach","pattern","encodeHTMLEntities","sanitizeText","text","substring","trim","sanitizeURL","url","parsed","URL","window","location","origin","includes","protocol","hash","username","password","toString","entityMap","char","validateCSS","css","dangerousCSS","some","test","InputValidator","patterns","email","phone","alphanumeric","numeric","safeFilename","validateEmail","length","validateURL","validatePhone","validateLength","input","min","max","validateNoSQL","noSQLPatterns","validateSQL","sqlPatterns","sanitizeFilename","filename","CSRFProtection","token","generateToken","from","crypto","getRandomValues","Uint8Array","b","padStart","storeToken","getToken","retrieveToken","validateToken","storedToken","sessionStorage","setItem","error","console","warn","getItem","addToFormData","formData","append","addToHeaders","SecureStorage","encryptionKey","useEncryption","serializedValue","JSON","stringify","finalValue","simpleEncrypt","localStorage","storedValue","decryptedValue","simpleDecrypt","parse","removeItem","clear","result","i","String","fromCharCode","charCodeAt","btoa","encryptedText","decoded","atob","SecurityLogger","logEndpoint","logSecurityEvent","event","securityEvent","timestamp","Date","now","userAgent","navigator","href","sessionId","getSessionId","process","env","NODE_ENV","storeLocalEvent","sendToServer","Math","random","substr","events","push","splice","fetch","method","body","RateLimiter","attempts","Map","isAllowed","identifier","maxAttempts","windowMs","get","validAttempts","filter","type","severity","details","action","set","getRemainingAttempts","reset","delete","SECURITY_CONFIG","MAX_INPUT_LENGTH","MAX_FILENAME_LENGTH","MAX_URL_LENGTH","RATE_LIMIT","LOGIN_ATTEMPTS","LOGIN_WINDOW","API_REQUESTS","API_WINDOW","PASSWORD","MIN_LENGTH","MAX_LENGTH","REQUIRE_UPPERCASE","REQUIRE_LOWERCASE","REQUIRE_NUMBERS","REQUIRE_SPECIAL_CHARS","SESSION","TIMEOUT","WARNING_TIMEOUT","RENEWAL_THRESHOLD"],"mappings":"AAAA;;;CAGC,GAED,iCAAiC;AACjC,OAAO,MAAMA,gBAAgB;IAC3BC,aAAa;IACbC,YAAY;IACZC,WAAW;IACXC,SAAS;IACTC,aAAa;IACbC,UAAU;IACVC,YAAY;IACZC,WAAW;IACXC,WAAW;IACXC,WAAW;IACXC,YAAY;IACZC,cAAc;IACdC,2BAA2B;AAC7B,EAAE;AAEF,0BAA0B;AAC1B,OAAO,MAAMC,qBAAqB,CAACC;IACjC,OAAO;QACL,GAAGA,OAAO;QACV,2BAA2BC,OAAOC,OAAO,CAACjB,eACvCkB,GAAG,CAAC,CAAC,CAACC,KAAKC,MAAM;YAChB,MAAMC,SAASF,IAAIG,OAAO,CAAC,KAAK,KAAKC,WAAW;YAChD,OAAO,GAAGF,OAAO,CAAC,EAAEG,MAAMC,OAAO,CAACL,SAASA,MAAMM,IAAI,CAAC,OAAON,OAAO;QACtE,GACCM,IAAI,CAAC;QACR,0BAA0B;QAC1B,mBAAmB;QACnB,oBAAoB;QACpB,mBAAmB;QACnB,sBAAsB;QACtB,6BAA6B;IAC/B;AACF,EAAE;AAEF,yBAAyB;AACzB,OAAO,MAAMC;IACX,OAAeC,cAAc;QAC3B;QAAK;QAAM;QAAU;QAAM;QAAK;QAAM;QAAM;QAC5C;QAAM;QAAM;QAAM;QAAM;QAAM;QAC9B;QAAc;QAAQ;KACvB,CAAC;IAEF,OAAeC,oBAAoB;QACjC,KAAK;YAAC;YAAQ;YAAS;SAAS;QAChC,OAAO;YAAC;YAAO;YAAO;YAAS;YAAS;SAAS;IACnD,EAAE;IAEF,OAAeC,oBAAoB;QACjC;QACA;QACA;QACA;QACA;QACA;QACA;QACA;QACA;QACA;QACA;QACA;KACD,CAAC;IAEF,OAAOC,aAAaC,IAAY,EAAU;QACxC,IAAIC,YAAYD;QAEhB,4BAA4B;QAC5B,IAAI,CAACF,iBAAiB,CAACI,OAAO,CAACC,CAAAA;YAC7BF,YAAYA,UAAUX,OAAO,CAACa,SAAS;QACzC;QAEA,mEAAmE;QACnEF,YAAYA,UAAUX,OAAO,CAAC,YAAY;QAE1C,4BAA4B;QAC5BW,YAAY,IAAI,CAACG,kBAAkB,CAACH;QAEpC,OAAOA;IACT;IAEA,OAAOI,aAAaC,IAAY,EAAU;QACxC,OAAO,IAAI,CAACF,kBAAkB,CAACE,MAC5BhB,OAAO,CAAC,oBAAoB,IAC5BiB,SAAS,CAAC,GAAG,OACbC,IAAI;IACT;IAEA,OAAOC,YAAYC,GAAW,EAAU;QACtC,IAAI;YACF,MAAMC,SAAS,IAAIC,IAAIF,KAAKG,OAAOC,QAAQ,CAACC,MAAM;YAElD,mCAAmC;YACnC,IAAI,CAAC;gBAAC;gBAAS;aAAS,CAACC,QAAQ,CAACL,OAAOM,QAAQ,GAAG;gBAClD,OAAO;YACT;YAEA,yBAAyB;YACzBN,OAAOO,IAAI,GAAG;YACdP,OAAOQ,QAAQ,GAAG;YAClBR,OAAOS,QAAQ,GAAG;YAElB,OAAOT,OAAOU,QAAQ;QACxB,EAAE,OAAM;YACN,OAAO;QACT;IACF;IAEA,OAAejB,mBAAmBE,IAAY,EAAU;QACtD,MAAMgB,YAAoC;YACxC,KAAK;YACL,KAAK;YACL,KAAK;YACL,KAAK;YACL,KAAK;YACL,KAAK;QACP;QAEA,OAAOhB,KAAKhB,OAAO,CAAC,aAAaiC,CAAAA,OAAQD,SAAS,CAACC,KAAK,IAAIA;IAC9D;IAEA,OAAOC,YAAYC,GAAW,EAAW;QACvC,MAAMC,eAAe;YACnB;YACA;YACA;YACA;YACA;SACD;QAED,OAAO,CAACA,aAAaC,IAAI,CAACxB,CAAAA,UAAWA,QAAQyB,IAAI,CAACH;IACpD;AACF;AAEA,6BAA6B;AAC7B,OAAO,MAAMI;IACX,OAAeC,WAAW;QACxBC,OAAO;QACPrB,KAAK;QACLsB,OAAO;QACPC,cAAc;QACdC,SAAS;QACTC,cAAc;IAChB,EAAE;IAEF,OAAOC,cAAcL,KAAa,EAAW;QAC3C,OAAO,IAAI,CAACD,QAAQ,CAACC,KAAK,CAACH,IAAI,CAACG,UAAUA,MAAMM,MAAM,IAAI;IAC5D;IAEA,OAAOC,YAAY5B,GAAW,EAAW;QACvC,OAAO,IAAI,CAACoB,QAAQ,CAACpB,GAAG,CAACkB,IAAI,CAAClB,QAAQA,IAAI2B,MAAM,IAAI;IACtD;IAEA,OAAOE,cAAcP,KAAa,EAAW;QAC3C,OAAO,IAAI,CAACF,QAAQ,CAACE,KAAK,CAACJ,IAAI,CAACI,UAAUA,MAAMK,MAAM,IAAI;IAC5D;IAEA,OAAOG,eAAeC,KAAa,EAAEC,GAAW,EAAEC,GAAW,EAAW;QACtE,OAAOF,MAAMJ,MAAM,IAAIK,OAAOD,MAAMJ,MAAM,IAAIM;IAChD;IAEA,OAAOC,cAAcH,KAAa,EAAW;QAC3C,MAAMI,gBAAgB;YACpB;YACA;YACA;YACA;YACA;YACA;YACA;YACA;YACA;SACD;QAED,OAAO,CAACA,cAAclB,IAAI,CAACxB,CAAAA,UAAWA,QAAQyB,IAAI,CAACa;IACrD;IAEA,OAAOK,YAAYL,KAAa,EAAW;QACzC,MAAMM,cAAc;YAClB;YACA;YACA;YACA;YACA;YACA;YACA;YACA;YACA;YACA;SACD;QAED,OAAO,CAACA,YAAYpB,IAAI,CAACxB,CAAAA,UAAWA,QAAQyB,IAAI,CAACa;IACnD;IAEA,OAAOO,iBAAiBC,QAAgB,EAAU;QAChD,OAAOA,SACJ3D,OAAO,CAAC,oBAAoB,KAC5BA,OAAO,CAAC,UAAU,KAClBC,WAAW,GACXgB,SAAS,CAAC,GAAG;IAClB;AACF;AAEA,4BAA4B;AAC5B,OAAO,MAAM2C;IACX,OAAeC,QAAuB,KAAK;IAE3C,OAAOC,gBAAwB;QAC7B,MAAMD,QAAQ3D,MAAM6D,IAAI,CAACC,OAAOC,eAAe,CAAC,IAAIC,WAAW,MAC5DtE,GAAG,CAACuE,CAAAA,IAAKA,EAAEpC,QAAQ,CAAC,IAAIqC,QAAQ,CAAC,GAAG,MACpChE,IAAI,CAAC;QAER,IAAI,CAACyD,KAAK,GAAGA;QACb,IAAI,CAACQ,UAAU,CAACR;QAEhB,OAAOA;IACT;IAEA,OAAOS,WAA0B;QAC/B,IAAI,CAAC,IAAI,CAACT,KAAK,EAAE;YACf,IAAI,CAACA,KAAK,GAAG,IAAI,CAACU,aAAa;QACjC;QACA,OAAO,IAAI,CAACV,KAAK;IACnB;IAEA,OAAOW,cAAcX,KAAa,EAAW;QAC3C,MAAMY,cAAc,IAAI,CAACH,QAAQ;QACjC,OAAOG,gBAAgB,QAAQA,gBAAgBZ;IACjD;IAEA,OAAeQ,WAAWR,KAAa,EAAQ;QAC7C,IAAI;YACFa,eAAeC,OAAO,CAAC,cAAcd;QACvC,EAAE,OAAOe,OAAO;YACdC,QAAQC,IAAI,CAAC,+BAA+BF;QAC9C;IACF;IAEA,OAAeL,gBAA+B;QAC5C,IAAI;YACF,OAAOG,eAAeK,OAAO,CAAC;QAChC,EAAE,OAAOH,OAAO;YACdC,QAAQC,IAAI,CAAC,kCAAkCF;YAC/C,OAAO;QACT;IACF;IAEA,OAAOI,cAAcC,QAAkB,EAAQ;QAC7C,MAAMpB,QAAQ,IAAI,CAACS,QAAQ;QAC3B,IAAIT,OAAO;YACToB,SAASC,MAAM,CAAC,cAAcrB;QAChC;IACF;IAEA,OAAOsB,aAAa1F,OAA+B,EAAQ;QACzD,MAAMoE,QAAQ,IAAI,CAACS,QAAQ;QAC3B,IAAIT,OAAO;YACTpE,OAAO,CAAC,eAAe,GAAGoE;QAC5B;IACF;AACF;AAEA,2BAA2B;AAC3B,OAAO,MAAMuB;IACX,OAAeC,gBAAgB,6BAA6B;IAE5D,OAAOV,QAAQ9E,GAAW,EAAEC,KAAU,EAAEwF,gBAAgB,IAAI,EAAQ;QAClE,IAAI;YACF,MAAMC,kBAAkBC,KAAKC,SAAS,CAAC3F;YACvC,MAAM4F,aAAaJ,gBAAgB,IAAI,CAACK,aAAa,CAACJ,mBAAmBA;YAEzEK,aAAajB,OAAO,CAAC9E,KAAK6F;QAC5B,EAAE,OAAOd,OAAO;YACdC,QAAQC,IAAI,CAAC,yBAAyBF;QACxC;IACF;IAEA,OAAOG,QAAWlF,GAAW,EAAEyF,gBAAgB,IAAI,EAAY;QAC7D,IAAI;YACF,MAAMO,cAAcD,aAAab,OAAO,CAAClF;YACzC,IAAI,CAACgG,aAAa,OAAO;YAEzB,MAAMC,iBAAiBR,gBAAgB,IAAI,CAACS,aAAa,CAACF,eAAeA;YACzE,OAAOL,KAAKQ,KAAK,CAACF;QACpB,EAAE,OAAOlB,OAAO;YACdC,QAAQC,IAAI,CAAC,4BAA4BF;YACzC,OAAO;QACT;IACF;IAEA,OAAOqB,WAAWpG,GAAW,EAAQ;QACnC,IAAI;YACF+F,aAAaK,UAAU,CAACpG;QAC1B,EAAE,OAAO+E,OAAO;YACdC,QAAQC,IAAI,CAAC,0BAA0BF;QACzC;IACF;IAEA,OAAOsB,QAAc;QACnB,IAAI;YACFN,aAAaM,KAAK;QACpB,EAAE,OAAOtB,OAAO;YACdC,QAAQC,IAAI,CAAC,4BAA4BF;QAC3C;IACF;IAEA,OAAee,cAAc3E,IAAY,EAAU;QACjD,0EAA0E;QAC1E,MAAMnB,MAAM,IAAI,CAACwF,aAAa;QAC9B,IAAIc,SAAS;QAEb,IAAK,IAAIC,IAAI,GAAGA,IAAIpF,KAAK+B,MAAM,EAAEqD,IAAK;YACpCD,UAAUE,OAAOC,YAAY,CAC3BtF,KAAKuF,UAAU,CAACH,KAAKvG,IAAI0G,UAAU,CAACH,IAAIvG,IAAIkD,MAAM;QAEtD;QAEA,OAAOyD,KAAKL;IACd;IAEA,OAAeJ,cAAcU,aAAqB,EAAU;QAC1D,IAAI;YACF,MAAM5G,MAAM,IAAI,CAACwF,aAAa;YAC9B,MAAMqB,UAAUC,KAAKF;YACrB,IAAIN,SAAS;YAEb,IAAK,IAAIC,IAAI,GAAGA,IAAIM,QAAQ3D,MAAM,EAAEqD,IAAK;gBACvCD,UAAUE,OAAOC,YAAY,CAC3BI,QAAQH,UAAU,CAACH,KAAKvG,IAAI0G,UAAU,CAACH,IAAIvG,IAAIkD,MAAM;YAEzD;YAEA,OAAOoD;QACT,EAAE,OAAOvB,OAAO;YACd,OAAO;QACT;IACF;AACF;AAEA,yBAAyB;AACzB,OAAO,MAAMgC;IACX,OAAeC,cAAc,uBAAuB;IAEpD,OAAOC,iBACLC,KAKC,EACK;QACN,MAAMC,gBAAgB;YACpB,GAAGD,KAAK;YACRE,WAAWF,MAAME,SAAS,IAAIC,KAAKC,GAAG;YACtCC,WAAWC,UAAUD,SAAS;YAC9BhG,KAAKG,OAAOC,QAAQ,CAAC8F,IAAI;YACzBC,WAAW,IAAI,CAACC,YAAY;QAC9B;QAEA,gCAAgC;QAChC,IAAIC,QAAQC,GAAG,CAACC,QAAQ,KAAK,eAAe;YAC1C9C,QAAQC,IAAI,CAAC,mBAAmBkC;QAClC;QAEA,8BAA8B;QAC9B,IAAI,CAACY,eAAe,CAACZ;QAErB,iCAAiC;QACjC,IAAIS,QAAQC,GAAG,CAACC,QAAQ,KAAK,cAAc;YACzC,IAAI,CAACE,YAAY,CAACb;QACpB;IACF;IAEA,OAAeQ,eAAuB;QACpC,IAAID,YAAY7C,eAAeK,OAAO,CAAC;QACvC,IAAI,CAACwC,WAAW;YACdA,YAAY,CAAC,QAAQ,EAAEL,KAAKC,GAAG,GAAG,CAAC,EAAEW,KAAKC,MAAM,GAAGhG,QAAQ,CAAC,IAAIiG,MAAM,CAAC,GAAG,IAAI;YAC9EtD,eAAeC,OAAO,CAAC,uBAAuB4C;QAChD;QACA,OAAOA;IACT;IAEA,OAAeK,gBAAgBb,KAAU,EAAQ;QAC/C,IAAI;YACF,MAAMkB,SAASzC,KAAKQ,KAAK,CAACJ,aAAab,OAAO,CAAC,sBAAsB;YACrEkD,OAAOC,IAAI,CAACnB;YAEZ,4BAA4B;YAC5B,IAAIkB,OAAOlF,MAAM,GAAG,KAAK;gBACvBkF,OAAOE,MAAM,CAAC,GAAGF,OAAOlF,MAAM,GAAG;YACnC;YAEA6C,aAAajB,OAAO,CAAC,mBAAmBa,KAAKC,SAAS,CAACwC;QACzD,EAAE,OAAOrD,OAAO;YACdC,QAAQC,IAAI,CAAC,mCAAmCF;QAClD;IACF;IAEA,aAAqBiD,aAAad,KAAU,EAAiB;QAC3D,IAAI;YACF,MAAMqB,MAAM,IAAI,CAACvB,WAAW,EAAE;gBAC5BwB,QAAQ;gBACR5I,SAAS;oBACP,gBAAgB;gBAClB;gBACA6I,MAAM9C,KAAKC,SAAS,CAACsB;YACvB;QACF,EAAE,OAAOnC,OAAO;YACdC,QAAQC,IAAI,CAAC,4CAA4CF;QAC3D;IACF;AACF;AAEA,0BAA0B;AAC1B,OAAO,MAAM2D;IACX,OAAeC,WAAkC,IAAIC,MAAM;IAE3D,OAAOC,UACLC,UAAkB,EAClBC,cAAsB,CAAC,EACvBC,WAAmB,KAAK,EACf;QACT,MAAM1B,MAAMD,KAAKC,GAAG;QACpB,MAAMqB,WAAW,IAAI,CAACA,QAAQ,CAACM,GAAG,CAACH,eAAe,EAAE;QAEpD,yCAAyC;QACzC,MAAMI,gBAAgBP,SAASQ,MAAM,CAAC/B,CAAAA,YAAaE,MAAMF,YAAY4B;QAErE,IAAIE,cAAchG,MAAM,IAAI6F,aAAa;YACvChC,eAAeE,gBAAgB,CAAC;gBAC9BmC,MAAM;gBACNC,UAAU;gBACVC,SAAS;oBACPC,QAAQ;oBACRT;oBACAH,UAAUO,cAAchG,MAAM;gBAChC;YACF;YACA,OAAO;QACT;QAEA,sBAAsB;QACtBgG,cAAcb,IAAI,CAACf;QACnB,IAAI,CAACqB,QAAQ,CAACa,GAAG,CAACV,YAAYI;QAE9B,OAAO;IACT;IAEA,OAAOO,qBACLX,UAAkB,EAClBC,cAAsB,CAAC,EACvBC,WAAmB,KAAK,EAChB;QACR,MAAM1B,MAAMD,KAAKC,GAAG;QACpB,MAAMqB,WAAW,IAAI,CAACA,QAAQ,CAACM,GAAG,CAACH,eAAe,EAAE;QACpD,MAAMI,gBAAgBP,SAASQ,MAAM,CAAC/B,CAAAA,YAAaE,MAAMF,YAAY4B;QAErE,OAAOf,KAAKzE,GAAG,CAAC,GAAGuF,cAAcG,cAAchG,MAAM;IACvD;IAEA,OAAOwG,MAAMZ,UAAkB,EAAQ;QACrC,IAAI,CAACH,QAAQ,CAACgB,MAAM,CAACb;IACvB;AACF;AAEA,yBAAyB;AACzB,OAAO,MAAMc,kBAAkB;IAC7B,eAAe;IACfC,kBAAkB;IAClBC,qBAAqB;IACrBC,gBAAgB;IAEhB,gBAAgB;IAChBC,YAAY;QACVC,gBAAgB;QAChBC,cAAc,KAAK,KAAK;QACxBC,cAAc;QACdC,YAAY,KAAK,KAAK,WAAW;IACnC;IAEA,wBAAwB;IACxBC,UAAU;QACRC,YAAY;QACZC,YAAY;QACZC,mBAAmB;QACnBC,mBAAmB;QACnBC,iBAAiB;QACjBC,uBAAuB;IACzB;IAEA,mBAAmB;IACnBC,SAAS;QACPC,SAAS,KAAK,KAAK;QACnBC,iBAAiB,IAAI,KAAK;QAC1BC,mBAAmB,IAAI,KAAK,KAAK,oCAAoC;IACvE;AACF,EAAE"}