codehere 0.1.1

package/dist/infrastructure/governance/nist-ai-rmf.js

@@ -0,0 +1,292 @@
+/**
+ * INTERNAL ONLY — infrastructure helper, not a user-facing feature.
+ *
+ * NIST AI Risk Management Framework (AI RMF) - Infrastructure-only, not yet exposed as user-facing feature.
+ * Planned for 0.5.x (Teams & Governance). Not guaranteed to be stable.
+ *
+ * Do not rely on this directly.
+ *
+ * @internal
+ */
+/**
+ * NIST AI RMF Framework
+ * Implements 4 core functions for enterprise AI governance
+ */
+export class NISTAIRMF {
+    decisions = [];
+    /**
+     * GOVERN Function: Risk culture, accountability, lifecycle management
+     * Establishes organizational context for AI risk management
+     */
+    async govern(context) {
+        const decisionId = `govern-${Date.now()}`;
+        // Govern: Risk culture assessment
+        const riskCulture = this.assessRiskCulture(context);
+        // Govern: Accountability assignment
+        const accountability = this.assignAccountability(context);
+        // Govern: Lifecycle management planning
+        const lifecycle = this.planLifecycle(context);
+        const decision = {
+            decisionId,
+            timestamp: Date.now(),
+            function: 'govern',
+            decision: `Risk culture: ${riskCulture.level}, Accountability: ${accountability.role}, Lifecycle: ${lifecycle.phase}`,
+            rationale: `Governed ${context.contextType} operation with ${context.riskLevel} risk level`,
+            outcome: riskCulture.level === 'critical' ? 'requires_review' : 'allowed',
+        };
+        this.decisions.push(decision);
+        return decision;
+    }
+    /**
+     * MAP Function: Context framing, risk identification
+     * Identifies and characterizes risks in specific contexts
+     */
+    async map(context, existingRiskProfile) {
+        const decisionId = `map-${Date.now()}`;
+        // Map: Context framing
+        const contextFrame = this.frameContext(context);
+        // Map: Risk identification
+        const riskProfile = existingRiskProfile || {
+            security: {
+                vulnerabilities: 0,
+                licenseConflicts: 0,
+                providerBias: false,
+                uncertainty: 0.5,
+            },
+            compliance: {
+                gdprRelevant: context.regulatoryRelevant,
+                hipaaRelevant: context.targetDomain === 'healthcare',
+            },
+            operational: {
+                complexity: context.riskLevel === 'critical' ? 0.9 : 0.5,
+                dependencies: 0,
+            },
+        };
+        // Map: Risk characterization
+        const risks = this.characterizeRisks(riskProfile, context);
+        const decision = {
+            decisionId,
+            timestamp: Date.now(),
+            function: 'map',
+            decision: `Mapped ${risks.length} risks in ${context.contextType} context`,
+            rationale: risks.map(r => r.description).join('; '),
+            riskProfile,
+            outcome: risks.some(r => r.severity === 'critical') ? 'requires_review' : 'allowed',
+        };
+        this.decisions.push(decision);
+        return { decision, riskProfile };
+    }
+    /**
+     * MEASURE Function: SAST/SCA mandatory, security density tracking
+     * Quantifies and monitors AI risks and performance
+     */
+    async measure(riskProfile, metrics) {
+        const decisionId = `measure-${Date.now()}`;
+        // Measure: SAST/SCA metrics (mandatory)
+        const securityMetrics = {
+            vulnerabilities: metrics.sastFindings || 0,
+            licenseConflicts: metrics.licenseFindings || 0,
+            providerBias: (metrics.providerBiasFindings || 0) > 0,
+            uncertainty: metrics.uncertaintyScore || riskProfile.security.uncertainty,
+        };
+        // Measure: Security density tracking (language-specific thresholds)
+        const securityDensity = metrics.securityDensity || 0;
+        const densityThreshold = this.getSecurityDensityThreshold(riskProfile);
+        // Measure: Test coverage tracking
+        const testCoverage = metrics.testCoverage || riskProfile.operational.testCoverage || 0;
+        const updatedRiskProfile = {
+            ...riskProfile,
+            security: securityMetrics,
+            operational: {
+                ...riskProfile.operational,
+                testCoverage,
+            },
+        };
+        const decision = {
+            decisionId,
+            timestamp: Date.now(),
+            function: 'measure',
+            decision: `Measured: ${securityMetrics.vulnerabilities} vulnerabilities, ${securityMetrics.licenseConflicts} license conflicts, security density: ${securityDensity.toFixed(2)}, test coverage: ${testCoverage.toFixed(1)}%`,
+            rationale: `SAST/SCA metrics collected. Security density ${securityDensity > densityThreshold ? 'EXCEEDS' : 'within'} threshold (${densityThreshold}). Test coverage ${testCoverage < 80 ? 'BELOW' : 'meets'} target (80%)`,
+            riskProfile: updatedRiskProfile,
+            outcome: securityMetrics.vulnerabilities > 0 || securityMetrics.licenseConflicts > 0 || testCoverage < 50 ? 'requires_review' : 'allowed',
+        };
+        this.decisions.push(decision);
+        return decision;
+    }
+    /**
+     * MANAGE Function: Incident response, continuous updates
+     * Responds to and manages AI risks over time
+     */
+    async manage(incident, action) {
+        const decisionId = `manage-${Date.now()}`;
+        // Manage: Incident response
+        const response = this.respondToIncident(incident, action);
+        // Manage: Continuous update planning
+        const updates = this.planContinuousUpdates(incident);
+        const decision = {
+            decisionId,
+            timestamp: Date.now(),
+            function: 'manage',
+            decision: `${action.toUpperCase()}: ${incident.type} incident (${incident.severity})`,
+            rationale: `${response.description}. Continuous updates: ${updates.map(u => u.action).join(', ')}`,
+            outcome: action === 'accept' || action === 'transfer' ? 'allowed' : action === 'avoid' ? 'blocked' : 'requires_review',
+        };
+        this.decisions.push(decision);
+        return decision;
+    }
+    /**
+     * Get governance history for audit
+     */
+    getGovernanceHistory(filter) {
+        let filtered = [...this.decisions];
+        if (filter?.function) {
+            filtered = filtered.filter(d => d.function === filter.function);
+        }
+        if (filter?.outcome) {
+            filtered = filtered.filter(d => d.outcome === filter.outcome);
+        }
+        if (filter?.startTime) {
+            filtered = filtered.filter(d => d.timestamp >= filter.startTime);
+        }
+        if (filter?.endTime) {
+            filtered = filtered.filter(d => d.timestamp <= filter.endTime);
+        }
+        return filtered.sort((a, b) => b.timestamp - a.timestamp);
+    }
+    // Private helper methods
+    assessRiskCulture(context) {
+        const factors = [];
+        let level = 'low';
+        if (context.riskLevel === 'critical') {
+            level = 'critical';
+            factors.push('Critical risk level detected');
+        }
+        else if (context.regulatoryRelevant) {
+            level = 'high';
+            factors.push('Regulatory relevance (GDPR/HIPAA)');
+        }
+        else if (context.riskLevel === 'high') {
+            level = 'high';
+            factors.push('High risk level');
+        }
+        else {
+            level = context.riskLevel;
+        }
+        return { level, factors };
+    }
+    assignAccountability(context) {
+        // Accountability assignment based on risk level
+        if (context.riskLevel === 'critical') {
+            return { role: 'senior_engineer_review', responsible: 'Senior Engineer + Security Team' };
+        }
+        else if (context.riskLevel === 'high') {
+            return { role: 'engineer_review', responsible: 'Engineering Lead' };
+        }
+        else {
+            return { role: 'automated', responsible: 'AI System' };
+        }
+    }
+    planLifecycle(context) {
+        const stages = ['Development', 'Testing', 'Deployment', 'Monitoring', 'Retirement'];
+        return {
+            phase: 'Development',
+            stages,
+        };
+    }
+    frameContext(context) {
+        const constraints = [];
+        if (context.regulatoryRelevant) {
+            constraints.push('Regulatory compliance required');
+        }
+        if (context.riskLevel === 'critical') {
+            constraints.push('Critical risk - human review mandatory');
+        }
+        return {
+            domain: context.targetDomain,
+            constraints,
+        };
+    }
+    characterizeRisks(riskProfile, context) {
+        const risks = [];
+        if (riskProfile.security.vulnerabilities > 0) {
+            risks.push({
+                type: 'security',
+                severity: riskProfile.security.vulnerabilities > 5 ? 'critical' : 'high',
+                description: `${riskProfile.security.vulnerabilities} security vulnerabilities detected`,
+            });
+        }
+        if (riskProfile.security.licenseConflicts > 0) {
+            risks.push({
+                type: 'compliance',
+                severity: 'critical',
+                description: `${riskProfile.security.licenseConflicts} license conflicts detected (35% contamination risk)`,
+            });
+        }
+        if (riskProfile.security.providerBias) {
+            risks.push({
+                type: 'operational',
+                severity: 'medium',
+                description: 'Provider bias detected - vendor lock-in risk',
+            });
+        }
+        if (riskProfile.security.uncertainty > 0.7) {
+            risks.push({
+                type: 'reliability',
+                severity: 'high',
+                description: `High epistemic uncertainty (${(riskProfile.security.uncertainty * 100).toFixed(1)}%) - hallucination risk`,
+            });
+        }
+        if (riskProfile.compliance.gdprRelevant || riskProfile.compliance.hipaaRelevant) {
+            risks.push({
+                type: 'compliance',
+                severity: 'high',
+                description: 'Regulatory compliance requirements (GDPR/HIPAA)',
+            });
+        }
+        return risks;
+    }
+    getSecurityDensityThreshold(riskProfile) {
+        // Language-specific thresholds (LOC per CWE)
+        // Research: Security density tracking with language-specific thresholds
+        return 1000; // Default: 1 CWE per 1000 LOC
+    }
+    respondToIncident(incident, action) {
+        const steps = [];
+        if (action === 'mitigate') {
+            steps.push('Identify root cause');
+            steps.push('Implement fix');
+            steps.push('Verify resolution');
+            steps.push('Update risk profile');
+        }
+        else if (action === 'accept') {
+            steps.push('Document acceptance rationale');
+            steps.push('Monitor for escalation');
+        }
+        else if (action === 'avoid') {
+            steps.push('Block operation');
+            steps.push('Notify stakeholders');
+        }
+        else if (action === 'transfer') {
+            steps.push('Assign to responsible party');
+            steps.push('Track resolution');
+        }
+        return {
+            description: `${action.toUpperCase()} action for ${incident.severity} ${incident.type} incident`,
+            steps,
+        };
+    }
+    planContinuousUpdates(incident) {
+        const updates = [];
+        if (incident.severity === 'critical') {
+            updates.push({ action: 'Update risk models', priority: 'high' });
+            updates.push({ action: 'Enhance detection rules', priority: 'high' });
+        }
+        else {
+            updates.push({ action: 'Monitor similar incidents', priority: 'medium' });
+        }
+        updates.push({ action: 'Review governance policies', priority: 'low' });
+        return updates;
+    }
+}
+//# sourceMappingURL=nist-ai-rmf.js.map

package/dist/infrastructure/governance/nist-ai-rmf.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nist-ai-rmf.js","sourceRoot":"","sources":["../../../src/infrastructure/governance/nist-ai-rmf.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAwCH;;;GAGG;AACH,MAAM,OAAO,SAAS;IACZ,SAAS,GAAyB,EAAE,CAAC;IAE7C;;;OAGG;IACH,KAAK,CAAC,MAAM,CAAC,OAAoB;QAC/B,MAAM,UAAU,GAAG,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAE1C,kCAAkC;QAClC,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAEpD,oCAAoC;QACpC,MAAM,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAE1D,wCAAwC;QACxC,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAE9C,MAAM,QAAQ,GAAuB;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,iBAAiB,WAAW,CAAC,KAAK,qBAAqB,cAAc,CAAC,IAAI,gBAAgB,SAAS,CAAC,KAAK,EAAE;YACrH,SAAS,EAAE,YAAY,OAAO,CAAC,WAAW,mBAAmB,OAAO,CAAC,SAAS,aAAa;YAC3F,OAAO,EAAE,WAAW,CAAC,KAAK,KAAK,UAAU,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;SAC1E,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,GAAG,CAAC,OAAoB,EAAE,mBAAiC;QAC/D,MAAM,UAAU,GAAG,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAEvC,uBAAuB;QACvB,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAEhD,2BAA2B;QAC3B,MAAM,WAAW,GAAgB,mBAAmB,IAAI;YACtD,QAAQ,EAAE;gBACR,eAAe,EAAE,CAAC;gBAClB,gBAAgB,EAAE,CAAC;gBACnB,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,GAAG;aACjB;YACD,UAAU,EAAE;gBACV,YAAY,EAAE,OAAO,CAAC,kBAAkB;gBACxC,aAAa,EAAE,OAAO,CAAC,YAAY,KAAK,YAAY;aACrD;YACD,WAAW,EAAE;gBACX,UAAU,EAAE,OAAO,CAAC,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;gBACxD,YAAY,EAAE,CAAC;aAChB;SACF,CAAC;QAEF,6BAA6B;QAC7B,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAE3D,MAAM,QAAQ,GAAuB;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,UAAU,KAAK,CAAC,MAAM,aAAa,OAAO,CAAC,WAAW,UAAU;YAC1E,SAAS,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YACnD,WAAW;YACX,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;SACpF,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IACnC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO,CAAC,WAAwB,EAAE,OAOvC;QACC,MAAM,UAAU,GAAG,WAAW,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAE3C,wCAAwC;QACxC,MAAM,eAAe,GAAG;YACtB,eAAe,EAAE,OAAO,CAAC,YAAY,IAAI,CAAC;YAC1C,gBAAgB,EAAE,OAAO,CAAC,eAAe,IAAI,CAAC;YAC9C,YAAY,EAAE,CAAC,OAAO,CAAC,oBAAoB,IAAI,CAAC,CAAC,GAAG,CAAC;YACrD,WAAW,EAAE,OAAO,CAAC,gBAAgB,IAAI,WAAW,CAAC,QAAQ,CAAC,WAAW;SAC1E,CAAC;QAEF,oEAAoE;QACpE,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,CAAC,CAAC;QACrD,MAAM,gBAAgB,GAAG,IAAI,CAAC,2BAA2B,CAAC,WAAW,CAAC,CAAC;QAEvE,kCAAkC;QAClC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,WAAW,CAAC,WAAW,CAAC,YAAY,IAAI,CAAC,CAAC;QAEvF,MAAM,kBAAkB,GAAgB;YACtC,GAAG,WAAW;YACd,QAAQ,EAAE,eAAe;YACzB,WAAW,EAAE;gBACX,GAAG,WAAW,CAAC,WAAW;gBAC1B,YAAY;aACb;SACF,CAAC;QAEF,MAAM,QAAQ,GAAuB;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,aAAa,eAAe,CAAC,eAAe,qBAAqB,eAAe,CAAC,gBAAgB,yCAAyC,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC,oBAAoB,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;YAC5N,SAAS,EAAE,gDAAgD,eAAe,GAAG,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,eAAe,gBAAgB,oBAAoB,YAAY,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,eAAe;YAC3N,WAAW,EAAE,kBAAkB;YAC/B,OAAO,EAAE,eAAe,CAAC,eAAe,GAAG,CAAC,IAAI,eAAe,CAAC,gBAAgB,GAAG,CAAC,IAAI,YAAY,GAAG,EAAE,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS;SAC1I,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,MAAM,CACV,QAKC,EACD,MAAoD;QAEpD,MAAM,UAAU,GAAG,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAE1C,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAE1D,qCAAqC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAErD,MAAM,QAAQ,GAAuB;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,GAAG,MAAM,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,IAAI,cAAc,QAAQ,CAAC,QAAQ,GAAG;YACrF,SAAS,EAAE,GAAG,QAAQ,CAAC,WAAW,yBAAyB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAClG,OAAO,EAAE,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB;SACvH,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,MAKpB;QACC,IAAI,QAAQ,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;QAEnC,IAAI,MAAM,EAAE,QAAQ,EAAE,CAAC;YACrB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,MAAM,EAAE,OAAO,EAAE,CAAC;YACpB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,MAAM,CAAC,OAAO,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,MAAM,EAAE,SAAS,EAAE,CAAC;YACtB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC,SAAU,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,MAAM,EAAE,OAAO,EAAE,CAAC;YACpB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC,OAAQ,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;IAC5D,CAAC;IAED,yBAAyB;IAEjB,iBAAiB,CAAC,OAAoB;QAC5C,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,IAAI,KAAK,GAA2C,KAAK,CAAC;QAE1D,IAAI,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YACrC,KAAK,GAAG,UAAU,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC/C,CAAC;aAAM,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;YACtC,KAAK,GAAG,MAAM,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACpD,CAAC;aAAM,IAAI,OAAO,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YACxC,KAAK,GAAG,MAAM,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,OAAO,CAAC,SAA6B,CAAC;QAChD,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAC5B,CAAC;IAEO,oBAAoB,CAAC,OAAoB;QAC/C,gDAAgD;QAChD,IAAI,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YACrC,OAAO,EAAE,IAAI,EAAE,wBAAwB,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;QAC5F,CAAC;aAAM,IAAI,OAAO,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YACxC,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC;QACtE,CAAC;aAAM,CAAC;YACN,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;QACzD,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,OAAoB;QACxC,MAAM,MAAM,GAAG,CAAC,aAAa,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;QACpF,OAAO;YACL,KAAK,EAAE,aAAa;YACpB,MAAM;SACP,CAAC;IACJ,CAAC;IAEO,YAAY,CAAC,OAAoB;QACvC,MAAM,WAAW,GAAa,EAAE,CAAC;QAEjC,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;YAC/B,WAAW,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YACrC,WAAW,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO;YACL,MAAM,EAAE,OAAO,CAAC,YAAY;YAC5B,WAAW;SACZ,CAAC;IACJ,CAAC;IAEO,iBAAiB,CAAC,WAAwB,EAAE,OAAoB;QACtE,MAAM,KAAK,GAAmE,EAAE,CAAC;QAEjF,IAAI,WAAW,CAAC,QAAQ,CAAC,eAAe,GAAG,CAAC,EAAE,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;gBACxE,WAAW,EAAE,GAAG,WAAW,CAAC,QAAQ,CAAC,eAAe,oCAAoC;aACzF,CAAC,CAAC;QACL,CAAC;QAED,IAAI,WAAW,CAAC,QAAQ,CAAC,gBAAgB,GAAG,CAAC,EAAE,CAAC;YAC9C,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,GAAG,WAAW,CAAC,QAAQ,CAAC,gBAAgB,sDAAsD;aAC5G,CAAC,CAAC;QACL,CAAC;QAED,IAAI,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC;YACtC,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,WAAW,EAAE,8CAA8C;aAC5D,CAAC,CAAC;QACL,CAAC;QAED,IAAI,WAAW,CAAC,QAAQ,CAAC,WAAW,GAAG,GAAG,EAAE,CAAC;YAC3C,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,WAAW,EAAE,+BAA+B,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB;aACzH,CAAC,CAAC;QACL,CAAC;QAED,IAAI,WAAW,CAAC,UAAU,CAAC,YAAY,IAAI,WAAW,CAAC,UAAU,CAAC,aAAa,EAAE,CAAC;YAChF,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,WAAW,EAAE,iDAAiD;aAC/D,CAAC,CAAC;QACL,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,2BAA2B,CAAC,WAAwB;QAC1D,6CAA6C;QAC7C,wEAAwE;QACxE,OAAO,IAAI,CAAC,CAAC,8BAA8B;IAC7C,CAAC;IAEO,iBAAiB,CACvB,QAAiE,EACjE,MAAc;QAEd,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACpC,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC5C,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACvC,CAAC;aAAM,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACpC,CAAC;aAAM,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;YAC1C,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACjC,CAAC;QAED,OAAO;YACL,WAAW,EAAE,GAAG,MAAM,CAAC,WAAW,EAAE,eAAe,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,WAAW;YAChG,KAAK;SACN,CAAC;IACJ,CAAC;IAEO,qBAAqB,CAAC,QAA4C;QACxE,MAAM,OAAO,GAAgD,EAAE,CAAC;QAEhE,IAAI,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACjE,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,yBAAyB,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACxE,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,2BAA2B,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,4BAA4B,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;QAExE,OAAO,OAAO,CAAC;IACjB,CAAC;CACF"}

package/dist/infrastructure/governance/policy-as-code.d.ts

@@ -0,0 +1,88 @@
+/**
+ * INTERNAL ONLY — infrastructure helper, not a user-facing feature.
+ *
+ * Policy-as-Code (PaC) Framework - Infrastructure-only, not yet exposed as user-facing feature.
+ * Planned for 0.5.x (Teams & Governance). Not guaranteed to be stable.
+ *
+ * Do not rely on this directly.
+ *
+ * @internal
+ */
+export type PolicySeverity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export type PolicyAction = 'block' | 'warn' | 'allow' | 'require_review';
+export interface PolicyRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: PolicySeverity;
+    action: PolicyAction;
+    enabled: boolean;
+    conditions: PolicyCondition[];
+    version: string;
+    createdAt: number;
+    updatedAt: number;
+}
+export interface PolicyCondition {
+    type: 'security' | 'license' | 'provider_bias' | 'uncertainty' | 'test_coverage' | 'compliance';
+    operator: 'equals' | 'greater_than' | 'less_than' | 'contains' | 'not_contains' | 'exists';
+    field: string;
+    value: any;
+}
+export interface PolicyEvaluationResult {
+    ruleId: string;
+    ruleName: string;
+    passed: boolean;
+    severity: PolicySeverity;
+    action: PolicyAction;
+    message: string;
+    evidence?: Record<string, any>;
+}
+export interface PolicyEvaluationContext {
+    filepath?: string;
+    code?: string;
+    instruction?: string;
+    securityFindings?: any[];
+    licenseFindings?: any[];
+    providerBiasFindings?: any[];
+    uncertainty?: any;
+    testCoverage?: number;
+    metadata?: Record<string, any>;
+}
+/**
+ * Policy-as-Code Framework
+ * Enforces policies automatically based on code-defined rules
+ */
+export declare class PolicyAsCode {
+    private policies;
+    private defaultPolicies;
+    constructor();
+    /**
+     * Load policy from code definition
+     */
+    loadPolicy(rule: PolicyRule): void;
+    /**
+     * Evaluate policies against context
+     */
+    evaluate(context: PolicyEvaluationContext): Promise<{
+        passed: boolean;
+        results: PolicyEvaluationResult[];
+        blockingRules: PolicyEvaluationResult[];
+    }>;
+    /**
+     * Get all policies
+     */
+    getPolicies(): PolicyRule[];
+    /**
+     * Enable/disable policy
+     */
+    setPolicyEnabled(ruleId: string, enabled: boolean): boolean;
+    /**
+     * Update policy
+     */
+    updatePolicy(ruleId: string, updates: Partial<PolicyRule>): boolean;
+    private evaluateRule;
+    private evaluateCondition;
+    private initializeDefaultPolicies;
+    private incrementVersion;
+}
+//# sourceMappingURL=policy-as-code.d.ts.map

package/dist/infrastructure/governance/policy-as-code.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-as-code.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/governance/policy-as-code.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAC7E,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,GAAG,gBAAgB,CAAC;AAEzE,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,cAAc,CAAC;IACzB,MAAM,EAAE,YAAY,CAAC;IACrB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,UAAU,GAAG,SAAS,GAAG,eAAe,GAAG,aAAa,GAAG,eAAe,GAAG,YAAY,CAAC;IAChG,QAAQ,EAAE,QAAQ,GAAG,cAAc,GAAG,WAAW,GAAG,UAAU,GAAG,cAAc,GAAG,QAAQ,CAAC;IAC3F,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,GAAG,CAAC;CACZ;AAED,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,MAAM,EAAE,YAAY,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC;IACxB,oBAAoB,CAAC,EAAE,GAAG,EAAE,CAAC;IAC7B,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED;;;GAGG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAsC;IACtD,OAAO,CAAC,eAAe,CAAoB;;IAM3C;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI;IAKlC;;OAEG;IACG,QAAQ,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC;QACxD,MAAM,EAAE,OAAO,CAAC;QAChB,OAAO,EAAE,sBAAsB,EAAE,CAAC;QAClC,aAAa,EAAE,sBAAsB,EAAE,CAAC;KACzC,CAAC;IAyBF;;OAEG;IACH,WAAW,IAAI,UAAU,EAAE;IAI3B;;OAEG;IACH,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO;IAS3D;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO;YAYrD,YAAY;IAyC1B,OAAO,CAAC,iBAAiB;IA0DzB,OAAO,CAAC,yBAAyB;IA0FjC,OAAO,CAAC,gBAAgB;CAKzB"}

package/dist/infrastructure/governance/policy-as-code.js

@@ -0,0 +1,257 @@
+/**
+ * INTERNAL ONLY — infrastructure helper, not a user-facing feature.
+ *
+ * Policy-as-Code (PaC) Framework - Infrastructure-only, not yet exposed as user-facing feature.
+ * Planned for 0.5.x (Teams & Governance). Not guaranteed to be stable.
+ *
+ * Do not rely on this directly.
+ *
+ * @internal
+ */
+/**
+ * Policy-as-Code Framework
+ * Enforces policies automatically based on code-defined rules
+ */
+export class PolicyAsCode {
+    policies = new Map();
+    defaultPolicies = [];
+    constructor() {
+        this.initializeDefaultPolicies();
+    }
+    /**
+     * Load policy from code definition
+     */
+    loadPolicy(rule) {
+        this.policies.set(rule.id, rule);
+        this.defaultPolicies.push(rule);
+    }
+    /**
+     * Evaluate policies against context
+     */
+    async evaluate(context) {
+        const results = [];
+        const blockingRules = [];
+        // Evaluate all enabled policies
+        for (const [ruleId, rule] of this.policies.entries()) {
+            if (!rule.enabled)
+                continue;
+            const result = await this.evaluateRule(rule, context);
+            results.push(result);
+            if (!result.passed && (result.action === 'block' || result.action === 'require_review')) {
+                blockingRules.push(result);
+            }
+        }
+        const passed = blockingRules.length === 0;
+        return {
+            passed,
+            results,
+            blockingRules,
+        };
+    }
+    /**
+     * Get all policies
+     */
+    getPolicies() {
+        return Array.from(this.policies.values());
+    }
+    /**
+     * Enable/disable policy
+     */
+    setPolicyEnabled(ruleId, enabled) {
+        const rule = this.policies.get(ruleId);
+        if (!rule)
+            return false;
+        rule.enabled = enabled;
+        rule.updatedAt = Date.now();
+        return true;
+    }
+    /**
+     * Update policy
+     */
+    updatePolicy(ruleId, updates) {
+        const rule = this.policies.get(ruleId);
+        if (!rule)
+            return false;
+        Object.assign(rule, updates);
+        rule.updatedAt = Date.now();
+        rule.version = this.incrementVersion(rule.version);
+        return true;
+    }
+    // Private methods
+    async evaluateRule(rule, context) {
+        // Evaluate all conditions (AND logic - all must pass)
+        let passed = true;
+        const evidence = {};
+        for (const condition of rule.conditions) {
+            const conditionResult = this.evaluateCondition(condition, context);
+            // Debug logging
+            console.log(`[PolicyAsCode] Evaluating condition: ${condition.type} ${condition.operator} ${condition.value}, actual: ${conditionResult.actual}, condition met: ${conditionResult.passed}`);
+            // CRITICAL FIX: Policy conditions are "blocking conditions"
+            // If condition is met (passed = true), it means we SHOULD block → policy FAILS
+            // If condition is NOT met (passed = false), it means we should NOT block → policy PASSES
+            // So: conditionResult.passed = true → should block → policy fails
+            //     conditionResult.passed = false → should not block → policy passes
+            if (conditionResult.passed) {
+                passed = false; // Condition met → should block → policy fails
+            }
+            evidence[condition.field] = {
+                expected: condition.value,
+                actual: conditionResult.actual,
+                passed: conditionResult.passed,
+                note: conditionResult.passed ? 'Condition met - blocking' : 'Condition not met - allowing',
+            };
+        }
+        return {
+            ruleId: rule.id,
+            ruleName: rule.name,
+            passed,
+            severity: rule.severity,
+            action: rule.action,
+            message: passed
+                ? `Policy "${rule.name}" passed`
+                : `Policy "${rule.name}" failed: ${rule.description}`,
+            evidence,
+        };
+    }
+    evaluateCondition(condition, context) {
+        let actual;
+        // Get actual value from context based on condition type
+        switch (condition.type) {
+            case 'security':
+                // Only count critical and high severity findings for policy evaluation
+                // This reduces false positives from medium/low severity findings
+                const securityFindings = context.securityFindings || [];
+                actual = securityFindings.filter((f) => f.severity === 'critical' || f.severity === 'high').length;
+                break;
+            case 'license':
+                actual = context.licenseFindings?.length || 0;
+                break;
+            case 'provider_bias':
+                actual = (context.providerBiasFindings?.length || 0) > 0;
+                break;
+            case 'uncertainty':
+                actual = context.uncertainty?.epistemic?.value || 0;
+                break;
+            case 'test_coverage':
+                actual = context.testCoverage || 0;
+                break;
+            default:
+                actual = context.metadata?.[condition.field] || null;
+        }
+        // Evaluate condition based on operator
+        let passed = false;
+        switch (condition.operator) {
+            case 'equals':
+                passed = actual === condition.value;
+                break;
+            case 'greater_than':
+                passed = actual > condition.value;
+                break;
+            case 'less_than':
+                passed = actual < condition.value;
+                break;
+            case 'contains':
+                passed = String(actual).includes(String(condition.value));
+                break;
+            case 'not_contains':
+                passed = !String(actual).includes(String(condition.value));
+                break;
+            case 'exists':
+                passed = actual !== null && actual !== undefined;
+                break;
+        }
+        return { passed, actual };
+    }
+    initializeDefaultPolicies() {
+        // Default Policy 1: Block critical security vulnerabilities
+        // Policy semantics: Block if critical vulnerabilities > 0
+        // Condition: greater_than with value 0 means "if actual > 0, block"
+        // So: actual = 0 → 0 > 0 = false → condition NOT met → should NOT block → policy PASSES
+        //     actual > 0 → actual > 0 = true → condition met → should block → policy FAILS
+        this.loadPolicy({
+            id: 'security-critical-block',
+            name: 'Block Critical Security Vulnerabilities',
+            description: 'Block code with critical security vulnerabilities',
+            severity: 'critical',
+            action: 'block',
+            enabled: true,
+            conditions: [
+                {
+                    type: 'security',
+                    operator: 'greater_than',
+                    field: 'critical_vulnerabilities',
+                    value: 0,
+                },
+            ],
+            version: '1.0.0',
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+        });
+        // Default Policy 2: Block license conflicts
+        this.loadPolicy({
+            id: 'license-conflict-block',
+            name: 'Block License Conflicts',
+            description: 'Block code with license conflicts (GPL/MIT contamination)',
+            severity: 'critical',
+            action: 'block',
+            enabled: true,
+            conditions: [
+                {
+                    type: 'license',
+                    operator: 'greater_than',
+                    field: 'license_conflicts',
+                    value: 0,
+                },
+            ],
+            version: '1.0.0',
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+        });
+        // Default Policy 3: Warn on high uncertainty
+        this.loadPolicy({
+            id: 'uncertainty-high-warn',
+            name: 'Warn on High Uncertainty',
+            description: 'Warn when epistemic uncertainty exceeds threshold (hallucination risk)',
+            severity: 'high',
+            action: 'warn',
+            enabled: true,
+            conditions: [
+                {
+                    type: 'uncertainty',
+                    operator: 'greater_than',
+                    field: 'epistemic_uncertainty',
+                    value: 0.7,
+                },
+            ],
+            version: '1.0.0',
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+        });
+        // Default Policy 4: Require review for provider bias
+        this.loadPolicy({
+            id: 'provider-bias-review',
+            name: 'Review Provider Bias',
+            description: 'Require review when provider bias is detected (vendor lock-in risk)',
+            severity: 'medium',
+            action: 'require_review',
+            enabled: true,
+            conditions: [
+                {
+                    type: 'provider_bias',
+                    operator: 'equals',
+                    field: 'has_provider_bias',
+                    value: true,
+                },
+            ],
+            version: '1.0.0',
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+        });
+    }
+    incrementVersion(version) {
+        const parts = version.split('.');
+        const patch = parseInt(parts[2] || '0', 10) + 1;
+        return `${parts[0]}.${parts[1]}.${patch}`;
+    }
+}
+//# sourceMappingURL=policy-as-code.js.map

package/dist/infrastructure/governance/policy-as-code.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-as-code.js","sourceRoot":"","sources":["../../../src/infrastructure/governance/policy-as-code.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AA+CH;;;GAGG;AACH,MAAM,OAAO,YAAY;IACf,QAAQ,GAA4B,IAAI,GAAG,EAAE,CAAC;IAC9C,eAAe,GAAiB,EAAE,CAAC;IAE3C;QACE,IAAI,CAAC,yBAAyB,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,IAAgB;QACzB,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACjC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,OAAgC;QAK7C,MAAM,OAAO,GAA6B,EAAE,CAAC;QAC7C,MAAM,aAAa,GAA6B,EAAE,CAAC;QAEnD,gCAAgC;QAChC,KAAK,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC;YACrD,IAAI,CAAC,IAAI,CAAC,OAAO;gBAAE,SAAS;YAE5B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAErB,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,MAAM,KAAK,gBAAgB,CAAC,EAAE,CAAC;gBACxF,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,KAAK,CAAC,CAAC;QAE1C,OAAO;YACL,MAAM;YACN,OAAO;YACP,aAAa;SACd,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,MAAc,EAAE,OAAgB;QAC/C,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAc,EAAE,OAA4B;QACvD,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kBAAkB;IAEV,KAAK,CAAC,YAAY,CAAC,IAAgB,EAAE,OAAgC;QAC3E,sDAAsD;QACtD,IAAI,MAAM,GAAG,IAAI,CAAC;QAClB,MAAM,QAAQ,GAAwB,EAAE,CAAC;QAEzC,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACxC,MAAM,eAAe,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAEnE,gBAAgB;YAChB,OAAO,CAAC,GAAG,CAAC,wCAAwC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,QAAQ,IAAI,SAAS,CAAC,KAAK,aAAa,eAAe,CAAC,MAAM,oBAAoB,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC;YAE5L,4DAA4D;YAC5D,+EAA+E;YAC/E,yFAAyF;YACzF,kEAAkE;YAClE,wEAAwE;YACxE,IAAI,eAAe,CAAC,MAAM,EAAE,CAAC;gBAC3B,MAAM,GAAG,KAAK,CAAC,CAAC,8CAA8C;YAChE,CAAC;YAED,QAAQ,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG;gBAC1B,QAAQ,EAAE,SAAS,CAAC,KAAK;gBACzB,MAAM,EAAE,eAAe,CAAC,MAAM;gBAC9B,MAAM,EAAE,eAAe,CAAC,MAAM;gBAC9B,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,8BAA8B;aAC3F,CAAC;QACJ,CAAC;QAED,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,MAAM;YACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,OAAO,EAAE,MAAM;gBACb,CAAC,CAAC,WAAW,IAAI,CAAC,IAAI,UAAU;gBAChC,CAAC,CAAC,WAAW,IAAI,CAAC,IAAI,aAAa,IAAI,CAAC,WAAW,EAAE;YACvD,QAAQ;SACT,CAAC;IACJ,CAAC;IAEO,iBAAiB,CACvB,SAA0B,EAC1B,OAAgC;QAEhC,IAAI,MAAW,CAAC;QAEhB,wDAAwD;QACxD,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;YACzB,KAAK,UAAU;gBACb,uEAAuE;gBACvE,iEAAiE;gBACjE,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,EAAE,CAAC;gBACxD,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAC1C,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CACnD,CAAC,MAAM,CAAC;gBACT,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC,CAAC;gBAC9C,MAAM;YACR,KAAK,eAAe;gBAClB,MAAM,GAAG,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;gBACzD,MAAM;YACR,KAAK,aAAa;gBAChB,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,SAAS,EAAE,KAAK,IAAI,CAAC,CAAC;gBACpD,MAAM;YACR,KAAK,eAAe;gBAClB,MAAM,GAAG,OAAO,CAAC,YAAY,IAAI,CAAC,CAAC;gBACnC,MAAM;YACR;gBACE,MAAM,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC;QACvD,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,QAAQ,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC7B,KAAK,QAAQ;gBACX,MAAM,GAAG,MAAM,KAAK,SAAS,CAAC,KAAK,CAAC;gBACpC,MAAM;YACR,KAAK,cAAc;gBACjB,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC;gBAClC,MAAM;YACR,KAAK,WAAW;gBACd,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC;gBAClC,MAAM;YACR,KAAK,UAAU;gBACb,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC1D,MAAM;YACR,KAAK,cAAc;gBACjB,MAAM,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC3D,MAAM;YACR,KAAK,QAAQ;gBACX,MAAM,GAAG,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,SAAS,CAAC;gBACjD,MAAM;QACR,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IAC5B,CAAC;IAEO,yBAAyB;QAC/B,4DAA4D;QAC5D,0DAA0D;QAC1D,oEAAoE;QACpE,wFAAwF;QACxF,mFAAmF;QACnF,IAAI,CAAC,UAAU,CAAC;YACd,EAAE,EAAE,yBAAyB;YAC7B,IAAI,EAAE,yCAAyC;YAC/C,WAAW,EAAE,mDAAmD;YAChE,QAAQ,EAAE,UAAU;YACpB,MAAM,EAAE,OAAO;YACf,OAAO,EAAE,IAAI;YACb,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,UAAU;oBAChB,QAAQ,EAAE,cAAc;oBACxB,KAAK,EAAE,0BAA0B;oBACjC,KAAK,EAAE,CAAC;iBACT;aACF;YACD,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,4CAA4C;QAC5C,IAAI,CAAC,UAAU,CAAC;YACd,EAAE,EAAE,wBAAwB;YAC5B,IAAI,EAAE,yBAAyB;YAC/B,WAAW,EAAE,2DAA2D;YACxE,QAAQ,EAAE,UAAU;YACpB,MAAM,EAAE,OAAO;YACf,OAAO,EAAE,IAAI;YACb,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,cAAc;oBACxB,KAAK,EAAE,mBAAmB;oBAC1B,KAAK,EAAE,CAAC;iBACT;aACF;YACD,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,6CAA6C;QAC7C,IAAI,CAAC,UAAU,CAAC;YACd,EAAE,EAAE,uBAAuB;YAC3B,IAAI,EAAE,0BAA0B;YAChC,WAAW,EAAE,wEAAwE;YACrF,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI;YACb,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,cAAc;oBACxB,KAAK,EAAE,uBAAuB;oBAC9B,KAAK,EAAE,GAAG;iBACX;aACF;YACD,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,qDAAqD;QACrD,IAAI,CAAC,UAAU,CAAC;YACd,EAAE,EAAE,sBAAsB;YAC1B,IAAI,EAAE,sBAAsB;YAC5B,WAAW,EAAE,qEAAqE;YAClF,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,gBAAgB;YACxB,OAAO,EAAE,IAAI;YACb,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,eAAe;oBACrB,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,mBAAmB;oBAC1B,KAAK,EAAE,IAAI;iBACZ;aACF;YACD,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;IACL,CAAC;IAEO,gBAAgB,CAAC,OAAe;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;QAChD,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;IAC5C,CAAC;CACF"}