dotsec 1.0.0-alpha.2 → 1.0.0-alpha.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/README.md +191 -39
  2. package/bin/dotsec.js +1 -1
  3. package/dist/cli/index.js +37 -0
  4. package/dist/cli/index.js.map +7 -0
  5. package/dist/cli/index.mjs +37 -0
  6. package/dist/cli/index.mjs.map +7 -0
  7. package/dist/index.d.ts +141 -11
  8. package/dist/index.js +1 -43
  9. package/dist/index.js.map +3 -3
  10. package/dist/index.mjs +2 -0
  11. package/dist/index.mjs.map +7 -0
  12. package/package.json +26 -31
  13. package/src/templates/dotsec.config.ts +15 -0
  14. package/bin/ds.js +0 -3
  15. package/dist/cli.d.ts +0 -1
  16. package/dist/cli.js +0 -2237
  17. package/dist/cli.js.map +0 -7
  18. package/dist/ds/cli.js +0 -1111
  19. package/dist/ds/cli.js.map +0 -7
  20. package/dist/esm/cli.js +0 -2245
  21. package/dist/esm/cli.js.map +0 -7
  22. package/dist/esm/ds/cli.js +0 -1116
  23. package/dist/esm/ds/cli.js.map +0 -7
  24. package/dist/esm/index.js +0 -16
  25. package/dist/esm/index.js.map +0 -7
package/dist/ds/cli.js.map DELETED
@@ -1,7 +0,0 @@
1
- {
2
- "version": 3,
3
- "sources": ["../../src/ds/cli.ts", "../../src/ds/commands/run.ts", "../../src/utils/getCredentialsProfileRegion.ts", "../../src/utils/logger.ts", "../../src/lib/partial-commands/handleCredentialsAndRegion.ts", "../../src/lib/wtf/crypto.ts", "../../src/utils/kms.ts", "../../src/utils/secretsManager.ts", "../../src/utils/ssm.ts", "../../src/lib/wtf/types.ts", "../../src/lib/wtf/flat.ts", "../../src/lib/wtf/dotenv.ts", "../../src/ds/commands/encrypt.ts", "../../src/utils/io.ts", "../../src/lib/wtf/dotsec.ts", "../../src/ds/commands/decrypt.ts", "../../src/lib/config/index.ts", "../../src/lib/json.ts", "../../src/lib/config/constants.ts"],
4
- "sourcesContent": ["import { Command } from \"commander\";\n\nimport addRunCommand from \"./commands/run\";\nimport addEncryptCommand from \"./commands/encrypt\";\nimport addDecryptCommand from \"./commands/decrypt\";\nimport { getConfig } from \"../lib/config\";\nconst program = new Command();\n\nprogram\n\t.name(\"dotsec\")\n\t.description(\".env, but secure\")\n\t.version(\"1.0.0\")\n\t.enablePositionalOptions()\n\t.option(\"--verbose\")\n\t.option(\"--config, <dotsec config file>\")\n\t.action((_options, other: Command) => {\n\t\t// console.log(options);\n\t\tother.help();\n\t})\n\t.hook(\n\t\t\"preSubcommand\",\n\t\tasync (thisCommand: Command, actionCommand: Command) => {\n\t\t\tconst configfile = thisCommand.getOptionValue(\"config\") as string;\n\t\t\tconst dotsecConfig = await getConfig(configfile);\n\n\t\t\tactionCommand.setOptionValue(\"dotsecConfig\", dotsecConfig);\n\t\t\tactionCommand.setOptionValue(\n\t\t\t\t\"verbose\",\n\t\t\t\tBoolean(thisCommand.getOptionValue(\"verbose\")),\n\t\t\t);\n\t\t},\n\t);\naddRunCommand(program);\naddEncryptCommand(program);\naddDecryptCommand(program);\nprogram.parse();\n", "import fs from \"node:fs\";\n\nimport commander, { Command } from \"commander\";\nimport spawn from \"cross-spawn\";\nimport { parse } from \"dotenv\";\n\nimport { handleCredentialsAndRegion } from \"../../lib/partial-commands/handleCredentialsAndRegion\";\nimport {\n\tdecryptedEncrypted,\n\tdecryptRawDotSecValues,\n} from \"../../lib/wtf/crypto\";\nimport { toDotEnv } from \"../../lib/wtf/dotenv\";\nimport { DotSec, DotSecEncrypted } from \"../../lib/wtf/types\";\nimport { DotsecConfig } from \"../../lib/config/types\";\nexport default (program: Command) => {\n\tconst subProgram = program\n\t\t.command(\"run\")\n\t\t.description(\n\t\t\t\"run a command with the decrypted .sec file as environment variables: dotsec run --sec .sec command npm run start\",\n\t\t)\n\t\t.summary(\n\t\t\t`Spawns a process with (decrypted) environment variables. \nWorks with .env, .sec, secrets.{json|yml|ts} and secrets.encrypted.{json|yml|ts}.\n\nExamples:\n\n// run npm start with .sec file\ndotsec run --sec .sec command npm start\ndotsec run command npm start\n\n\n// run npm start with .env file\ndotsec run --env .env command npm start\n\n\n// run npm start with secrets.json file \ndotsec run --secrets secrets.json command npm start\n\n\n// run npm start with secrets.encrypted.json file\ndotsec run --encrypted-secrets secrets.encrypted.json command npm start\n`,\n\t\t)\n\t\t.option(\"--env <env>\", \"Run command with .env file\")\n\t\t.option(\"--sec <sec>\", \"Run command with .sec file\")\n\t\t.option(\"--secrets <secrets>\", \"Run command with secrets.json file\")\n\t\t.option(\n\t\t\t\"--encryptedSecrets,--encrypted-secrets <encryptedSecrets>\",\n\t\t\t\"Run command with encrypted.secrets.json file\",\n\t\t)\n\n\t\t.option(\"--awsKeyAlias, --aws-key-alias <awsKeyAlias>\")\n\t\t.option(\"--awsRegion, --aws-region <awsRegion>\")\n\t\t.option(\"--searchPath, --search-path <searchPath>\")\n\t\t.action((_options: Record<string, string>, command: Command) => {\n\t\t\tcommand.help();\n\t\t});\n\n\tsubProgram\n\t\t.command(\"command <command...>\")\n\t\t.allowUnknownOption()\n\t\t.passThroughOptions()\n\t\t.action(async (commands: string[], _options, command: Command) => {\n\t\t\tconst config = command.parent?.getOptionValue(\n\t\t\t\t\"dotsecConfig\",\n\t\t\t) as DotsecConfig;\n\t\t\tconst verbose = Boolean(command.parent?.getOptionValue(\"verbose\"));\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.parent?.getOptionValue(\"awsKeyAlias\") as string) ||\n\t\t\t\tconfig.aws.keyAlias;\n\n\t\t\tconst awsRegion =\n\t\t\t\t(command.parent?.getOptionValue(\"awsRegion\") as string) ||\n\t\t\t\tconfig.aws.region;\n\t\t\tconst searchPath = command.parent?.getOptionValue(\"searchPath\") as string;\n\t\t\tconst sec = command.parent?.getOptionValue(\"sec\") as string;\n\t\t\tconst env = command.parent?.getOptionValue(\"env\") as string;\n\t\t\tconsole.log(\"awsKeyAlias\", {\n\t\t\t\tawsRegion,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tsearchPath,\n\t\t\t\tsec,\n\t\t\t\tenv,\n\t\t\t\tcommands,\n\t\t\t});\n\n\t\t\tconst inputFiles = [\"env\", \"sec\", \"secrets\", \"encryptedSecrets\"]\n\t\t\t\t.map((fileType) => {\n\t\t\t\t\tconst filename = command.parent?.getOptionValue(fileType) as string;\n\t\t\t\t\tif (filename) {\n\t\t\t\t\t\treturn [fileType, filename];\n\t\t\t\t\t}\n\t\t\t\t})\n\t\t\t\t.filter((v) => !!v);\n\n\t\t\tlet rawDotenv: string | undefined;\n\t\t\tif (inputFiles.length <= 1) {\n\t\t\t\t// pick that one\n\t\t\t\ttry {\n\t\t\t\t\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\t\t\t\t\tawait handleCredentialsAndRegion({\n\t\t\t\t\t\t\targv: {},\n\t\t\t\t\t\t\tenv: { ...process.env },\n\t\t\t\t\t\t});\n\n\t\t\t\t\tconst fileType = inputFiles.length === 0 ? \"sec\" : inputFiles[0]?.[0];\n\t\t\t\t\tconst filename =\n\t\t\t\t\t\tinputFiles.length === 0 ? \".sec\" : inputFiles[0]?.[1];\n\t\t\t\t\tconsole.log(\"filename\", filename);\n\t\t\t\t\tif (filename && fileType) {\n\t\t\t\t\t\tconst raw = fs.readFileSync(filename, \"utf8\");\n\t\t\t\t\t\tif (fileType === \"sec\") {\n\t\t\t\t\t\t\trawDotenv = await decryptRawDotSecValues({\n\t\t\t\t\t\t\t\tdotSecKeysValues: parse(raw),\n\t\t\t\t\t\t\t\tcredentials: credentialsAndOrigin.value,\n\t\t\t\t\t\t\t\tregion: awsRegion || regionAndOrigin.value,\n\t\t\t\t\t\t\t\tkeyAlias: awsKeyAlias,\n\t\t\t\t\t\t\t\tverbose,\n\t\t\t\t\t\t\t\tsearchPath,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t} else if (fileType === \"env\") {\n\t\t\t\t\t\t\trawDotenv = raw;\n\t\t\t\t\t\t} else if (fileType === \"secrets\") {\n\t\t\t\t\t\t\tconst dotSecPlainText = JSON.parse(raw) as DotSec;\n\n\t\t\t\t\t\t\trawDotenv = toDotEnv({\n\t\t\t\t\t\t\t\tdotSecPlainText,\n\t\t\t\t\t\t\t\tverbose,\n\t\t\t\t\t\t\t\tsearchPath,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t} else if (fileType === \"encryptedSecrets\") {\n\t\t\t\t\t\t\trawDotenv = raw;\n\t\t\t\t\t\t\tconst dotSecEncrypted = JSON.parse(raw) as DotSecEncrypted;\n\t\t\t\t\t\t\tconst dotSecPlainText = await decryptedEncrypted({\n\t\t\t\t\t\t\t\tdotSecEncrypted,\n\t\t\t\t\t\t\t\tcredentials: credentialsAndOrigin.value,\n\t\t\t\t\t\t\t\tregion: awsRegion || regionAndOrigin.value,\n\t\t\t\t\t\t\t\tkeyAlias: awsKeyAlias,\n\t\t\t\t\t\t\t\tverbose,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\trawDotenv = toDotEnv({\n\t\t\t\t\t\t\t\tdotSecPlainText,\n\t\t\t\t\t\t\t\tverbose,\n\t\t\t\t\t\t\t\tsearchPath,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (rawDotenv) {\n\t\t\t\t\t\tconst [userCommand, ...userCommandArgs] = commands;\n\t\t\t\t\t\tconst parsedDotEnv = parse(rawDotenv);\n\t\t\t\t\t\tspawn(userCommand, [...userCommandArgs], {\n\t\t\t\t\t\t\tstdio: \"inherit\",\n\t\t\t\t\t\t\tshell: false,\n\t\t\t\t\t\t\tenv: {\n\t\t\t\t\t\t\t\t...process.env,\n\t\t\t\t\t\t\t\t...parsedDotEnv,\n\t\t\t\t\t\t\t\t__DOTSEC_VARS: JSON.stringify(Object.keys(parsedDotEnv)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t} catch (e) {\n\t\t\t\t\tif (e instanceof Error) {\n\t\t\t\t\t\tconsole.error(e.message);\n\n\t\t\t\t\t\tif (verbose) {\n\t\t\t\t\t\t\tconsole.error(e.name, e.stack);\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\t// error\n\t\t\t\tthrow new commander.InvalidOptionArgumentError(\n\t\t\t\t\t\"Can only pick one of --sec. --env, --secrets or --encryptedSecrets\",\n\t\t\t\t);\n\t\t\t}\n\t\t});\n\n\treturn subProgram;\n};\n", "import {\n fromEnv,\n fromIni,\n fromTemporaryCredentials,\n} from '@aws-sdk/credential-providers';\nimport { loadSharedConfigFiles } from '@aws-sdk/shared-ini-file-loader';\n\nimport {\n CredentialsAndOrigin,\n ProfileAndOrigin,\n RegionAndOrigin,\n} from '../types';\nimport { emphasis, strong } from './logger';\n\nexport const getCredentialsProfileRegion = async ({\n argv,\n env,\n}: {\n argv: {\n profile?: string;\n region?: string;\n assumeRoleArn?: string;\n assumeRoleSessionDuration?: number;\n };\n env: {\n AWS_PROFILE?: string;\n AWS_ACCESS_KEY_ID?: string;\n AWS_SECRET_ACCESS_KEY?: string;\n AWS_REGION?: string;\n AWS_DEFAULT_REGION?: string;\n AWS_ASSUME_ROLE_ARN?: string | undefined;\n AWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n TZ?: string;\n };\n}) => {\n const sharedConfigFiles = await loadSharedConfigFiles();\n let credentialsAndOrigin: CredentialsAndOrigin | undefined = undefined;\n let profileAndOrigin: ProfileAndOrigin | undefined = undefined;\n let regionAndOrigin: RegionAndOrigin | undefined = undefined;\n if (argv.profile) {\n profileAndOrigin = {\n value: argv.profile,\n origin: `command line option: ${emphasis(argv.profile)}`,\n };\n credentialsAndOrigin = {\n value: await fromIni({\n profile: argv.profile,\n })(),\n origin: `${emphasis(`[${argv.profile}]`)} in credentials file`,\n };\n } else if (env.AWS_PROFILE) {\n profileAndOrigin = {\n value: env.AWS_PROFILE,\n origin: `env variable ${emphasis('AWS_PROFILE')}: ${strong(\n env.AWS_PROFILE,\n )}`,\n };\n credentialsAndOrigin = {\n value: await fromIni({\n profile: env.AWS_PROFILE,\n })(),\n origin: `env variable ${emphasis('AWS_PROFILE')}: ${strong(\n env.AWS_PROFILE,\n )}`,\n };\n } else if (env.AWS_ACCESS_KEY_ID && env.AWS_SECRET_ACCESS_KEY) {\n credentialsAndOrigin = {\n value: await fromEnv()(),\n origin: `env variables ${emphasis(\n 'AWS_ACCESS_KEY_ID',\n )} and ${emphasis('AWS_SECRET_ACCESS_KEY')}`,\n };\n } else if (sharedConfigFiles.credentialsFile?.default) {\n profileAndOrigin = {\n value: 'default',\n origin: `${emphasis('[default]')} in credentials file`,\n };\n credentialsAndOrigin = {\n value: await fromIni({\n profile: 'default',\n })(),\n origin: `profile ${emphasis('[default]')}`,\n };\n }\n\n if (argv.region) {\n regionAndOrigin = {\n value: argv.region,\n origin: `command line option: ${emphasis(argv.region)}`,\n };\n } else if (env.AWS_REGION) {\n regionAndOrigin = {\n value: env.AWS_REGION,\n origin: `env variable ${emphasis('AWS_REGION')}: ${strong(\n env.AWS_REGION,\n )}`,\n };\n } else if (env.AWS_DEFAULT_REGION) {\n regionAndOrigin = {\n value: env.AWS_DEFAULT_REGION,\n origin: `env variable ${emphasis('AWS_DEFAULT_REGION')}: ${strong(\n env.AWS_DEFAULT_REGION,\n )}`,\n };\n } else if (profileAndOrigin) {\n const foundRegion =\n sharedConfigFiles?.configFile?.[profileAndOrigin.value]?.region;\n\n if (foundRegion) {\n regionAndOrigin = {\n value: foundRegion,\n origin: `${emphasis(\n `[profile ${profileAndOrigin.value}]`,\n )} in config file`,\n };\n }\n }\n\n const assumedRole = argv.assumeRoleArn || env.AWS_ASSUME_ROLE_ARN;\n if (assumedRole) {\n const origin = argv.assumeRoleArn\n ? 'command line option'\n : 'env variable';\n credentialsAndOrigin = {\n value: await fromTemporaryCredentials({\n masterCredentials: credentialsAndOrigin?.value,\n\n params: {\n DurationSeconds:\n argv.assumeRoleSessionDuration ||\n Number(env.AWS_ASSUME_ROLE_SESSION_DURATION) ||\n 3600,\n RoleArn: assumedRole,\n },\n\n clientConfig: {\n region: regionAndOrigin?.value,\n },\n })(),\n origin: `${origin} ${emphasis(`[${assumedRole}]`)}`,\n };\n }\n\n return { credentialsAndOrigin, regionAndOrigin, profileAndOrigin };\n};\n\nexport const printVerboseCredentialsProfileRegion = ({\n credentialsAndOrigin,\n regionAndOrigin,\n profileAndOrigin,\n}: {\n credentialsAndOrigin?: CredentialsAndOrigin;\n regionAndOrigin?: RegionAndOrigin;\n profileAndOrigin?: ProfileAndOrigin;\n}): string => {\n const out: string[] = [];\n if (profileAndOrigin) {\n out.push(`Got profile name from ${profileAndOrigin.origin}`);\n }\n if (credentialsAndOrigin) {\n out.push(`Resolved credentials from ${credentialsAndOrigin.origin}`);\n }\n if (regionAndOrigin) {\n out.push(`Resolved region from ${regionAndOrigin.origin}`);\n }\n return out.join('\\n');\n};\n", "import chalk from 'chalk';\nimport { highlight, Theme, plain } from 'cli-highlight';\n// eslint-disable-next-line @typescript-eslint/naming-convention\nlet _logger: Pick<Console, 'info' | 'error' | 'table'>;\nexport const getLogger = () => {\n if (!_logger) {\n _logger = console;\n }\n\n return _logger;\n};\nexport const writeLine = (str: string) => {\n process.stdout.write(str);\n};\nexport const emphasis = (str: string): string => chalk.yellowBright(str);\nexport const strong = (str: string): string => chalk.yellow.bold(str);\n\nconst myTheme: Theme = {\n attr: chalk.yellow.bold,\n string: chalk.yellowBright.dim,\n params: chalk.red,\n deletion: chalk.red.strikethrough,\n number: plain,\n};\n\nexport const prettyCode = (str: string): string => {\n return highlight(str, { theme: myTheme });\n};\nexport const clientLogger = {\n debug(content: object) {\n console.log(content);\n },\n info(content: object) {\n console.log(content);\n },\n warn(content: object) {\n console.log(content);\n },\n error(content: object) {\n console.error(content);\n },\n};\n", "import {\n getCredentialsProfileRegion,\n printVerboseCredentialsProfileRegion,\n} from '../../utils/getCredentialsProfileRegion';\n\nexport const handleCredentialsAndRegion = async ({\n argv,\n env,\n}: {\n argv: {\n awsRegion?: string;\n awsProfile?: string;\n verbose?: boolean;\n awsAssumeRoleArn?: string;\n awsAssumeRoleSessionDuration?: number;\n };\n env: {\n AWS_PROFILE?: string | undefined;\n AWS_ACCESS_KEY_ID?: string | undefined;\n AWS_SECRET_ACCESS_KEY?: string | undefined;\n AWS_REGION?: string | undefined;\n AWS_DEFAULT_REGION?: string | undefined;\n AWS_ASSUME_ROLE_ARN?: string | undefined;\n AWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n TZ?: string;\n };\n}) => {\n const { credentialsAndOrigin, regionAndOrigin, profileAndOrigin } =\n await getCredentialsProfileRegion({\n argv: {\n region: argv.awsRegion,\n profile: argv.awsProfile,\n assumeRoleArn: argv.awsAssumeRoleArn,\n assumeRoleSessionDuration: argv.awsAssumeRoleSessionDuration,\n },\n env: {\n ...env,\n },\n });\n\n if (argv.verbose === true) {\n console.log(\n printVerboseCredentialsProfileRegion({\n credentialsAndOrigin,\n regionAndOrigin,\n profileAndOrigin,\n }),\n );\n }\n\n if (!credentialsAndOrigin || !regionAndOrigin) {\n if (!credentialsAndOrigin) {\n console.error('Could not find credentials');\n throw new Error('Could not find credentials');\n }\n if (!regionAndOrigin) {\n console.error('Could not find region');\n throw new Error('Could not find region');\n }\n }\n\n return { credentialsAndOrigin, regionAndOrigin };\n};\n", "import {\n\tDecryptCommand,\n\tDescribeKeyCommand,\n\tEncryptCommand,\n} from \"@aws-sdk/client-kms\";\nimport {\n\tCreateSecretCommand,\n\tListSecretsCommand,\n\tPutSecretValueCommand,\n} from \"@aws-sdk/client-secrets-manager\";\nimport {\n\tParameterTier,\n\tParameterType,\n\tPutParameterCommand,\n} from \"@aws-sdk/client-ssm\";\nimport { Credentials } from \"@aws-sdk/types\";\nimport { constantCase } from \"constant-case\";\n\nimport { getEncryptionAlgorithm, getKMSClient } from \"../../utils/kms\";\nimport { emphasis, getLogger, strong } from \"../../utils/logger\";\nimport { getSecretsManagerClient } from \"../../utils/secretsManager\";\nimport { getSSMClient } from \"../../utils/ssm\";\nimport {\n\texpandEncrypted,\n\texpandPlainText,\n\tflattenEncrypted,\n\tflattenPlainText,\n} from \"./flat\";\nimport {\n\tDotSecEncrypted,\n\tDotSecEncryptedFlattened,\n\tDotSecPlainText,\n\tDotSecPlainTextFlattened,\n\tDotSecValue,\n\tisBoolean,\n\tisNumber,\n\tisRegularParameter,\n\tisRegularParameterObject,\n\tisSecretsManagerParameter,\n\tisSSMParameter,\n\tisString,\n} from \"./types\";\n\nconst maybeJson = (value: string): string | JSON => {\n\ttry {\n\t\treturn JSON.parse(value) as JSON;\n\t} catch (e) {\n\t\treturn value;\n\t}\n};\nexport const decryptedEncrypted = async (options: {\n\tdotSecEncrypted: DotSecEncrypted;\n\tcredentials: Credentials;\n\tregion: string;\n\tverbose?: boolean;\n\tkeyAlias?: string;\n}): Promise<DotSecPlainText> => {\n\tconst { dotSecEncrypted, credentials, region, verbose, keyAlias } = options;\n\tconst dotSecEncryptedFlattened = flattenEncrypted(dotSecEncrypted);\n\t// get logger\n\tconst { info, table } = getLogger();\n\t// create KMS client\n\tconst kmsClient = getKMSClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\n\tconst awsKeyAlias = keyAlias || dotSecEncrypted.config?.aws?.keyAlias;\n\tif (!awsKeyAlias) {\n\t\tthrow new Error(\"No key alias specified\");\n\t}\n\tif (verbose) {\n\t\tinfo(\n\t\t\t`Encrypting using key alias ${emphasis(awsKeyAlias)} in ${emphasis(\n\t\t\t\tawait kmsClient.config.region(),\n\t\t\t)}`,\n\t\t);\n\n\t\t// describe key *once*\n\n\t\tconst describeKeyCommand = new DescribeKeyCommand({\n\t\t\tKeyId: awsKeyAlias,\n\t\t});\n\n\t\tconst describeKeyResult = await kmsClient.send(describeKeyCommand);\n\n\t\tinfo(\"keyMetaData\", { ...describeKeyResult.KeyMetadata });\n\t}\n\n\tconst encryptionAlgorithm = await getEncryptionAlgorithm(\n\t\tkmsClient,\n\t\tawsKeyAlias,\n\t);\n\n\tconst dotSecFlattened: DotSecPlainTextFlattened = {\n\t\tconfig: { ...dotSecEncrypted.config },\n\t\tplaintext: {},\n\t};\n\tfor (const [key, encryptedValue] of Object.entries(\n\t\tdotSecEncryptedFlattened.encrypted,\n\t)) {\n\t\tconst decryptCommand = new DecryptCommand({\n\t\t\tKeyId: awsKeyAlias,\n\t\t\tCiphertextBlob: Buffer.from(encryptedValue.encryptedValue, \"base64\"),\n\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t});\n\n\t\tconst decryptionResult = await kmsClient.send(decryptCommand);\n\n\t\tif (!decryptionResult.Plaintext) {\n\t\t\tthrow new Error(\n\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\tkey,\n\t\t\t\t\tcipherText: encryptedValue,\n\t\t\t\t\tdecryptCommand: decryptCommand,\n\t\t\t\t})}`,\n\t\t\t);\n\t\t}\n\n\t\tif (verbose) {\n\t\t\tinfo(`Decrypting key ${emphasis(key)} ${strong(\"ok\")}`);\n\t\t}\n\n\t\tconst decryptedValue = Buffer.from(decryptionResult.Plaintext).toString();\n\t\tconst decryptedKeyValue = JSON.parse(decryptedValue) as {\n\t\t\tkey: string;\n\t\t\tvalue: string;\n\t\t};\n\t\t/**\n\t\t * We don't really know for sure if this is JSON or not, so we'll try to parse it\n\t\t * Since we do not accept JSON at top level, we have a nice foot gun here.\n\t\t */\n\t\t// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n\t\t// @ts-ignore\n\t\tdotSecFlattened.plaintext[key] = maybeJson(decryptedKeyValue.value);\n\t}\n\treturn expandPlainText(dotSecFlattened);\n};\n\nexport const encryptPlainText = async (options: {\n\tdotSecPlainText: DotSecPlainText;\n\tcredentials: Credentials;\n\tregion: string;\n\tverbose?: boolean;\n\tkeyAlias?: string;\n}): Promise<DotSecEncrypted> => {\n\tconst { dotSecPlainText, credentials, region, verbose, keyAlias } = options;\n\tconst dotSecFlattened = flattenPlainText(dotSecPlainText);\n\tconst { info } = getLogger();\n\t// create KMS client\n\tconst kmsClient = getKMSClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\n\tconst awsKeyAlias = keyAlias || dotSecFlattened.config?.aws?.keyAlias;\n\tif (!awsKeyAlias) {\n\t\tthrow new Error(\"No key alias specified\");\n\t}\n\tif (verbose) {\n\t\tinfo(\n\t\t\t`Encrypting using key alias ${emphasis(awsKeyAlias)} in ${emphasis(\n\t\t\t\tawait kmsClient.config.region(),\n\t\t\t)}`,\n\t\t);\n\n\t\t// describe key *once*\n\n\t\tconst describeKeyCommand = new DescribeKeyCommand({\n\t\t\tKeyId: awsKeyAlias,\n\t\t});\n\n\t\tconst describeKeyResult = await kmsClient.send(describeKeyCommand);\n\n\t\tinfo(\"keyMetaData\", { ...describeKeyResult.KeyMetadata });\n\t}\n\n\tconst encryptionAlgorithm = await getEncryptionAlgorithm(\n\t\tkmsClient,\n\t\tawsKeyAlias,\n\t);\n\n\tconst encryptedDotSecFlattened: DotSecEncryptedFlattened = {\n\t\tconfig: { ...dotSecFlattened.config },\n\t\tencrypted: {},\n\t};\n\tfor (const [key, plainTextValue] of Object.entries(\n\t\tdotSecFlattened.plaintext,\n\t)) {\n\t\tlet plainTextValueCopy = plainTextValue;\n\t\t// check if parameter is string, number or boolean, if not, encode to json\n\t\tif (\n\t\t\ttypeof plainTextValueCopy !== \"string\" &&\n\t\t\ttypeof plainTextValueCopy !== \"number\" &&\n\t\t\ttypeof plainTextValueCopy !== \"boolean\"\n\t\t) {\n\t\t\tplainTextValueCopy = JSON.stringify(plainTextValue);\n\t\t}\n\n\t\tconst damn = JSON.stringify({ key, value: plainTextValueCopy });\n\t\tconst encryptCommand = new EncryptCommand({\n\t\t\tKeyId: awsKeyAlias,\n\t\t\tPlaintext: Buffer.from(String(damn)),\n\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t});\n\n\t\tconst encryptionResult = await kmsClient.send(encryptCommand);\n\n\t\tif (!encryptionResult.CiphertextBlob) {\n\t\t\tthrow new Error(\n\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\tkey,\n\t\t\t\t\tvalue: plainTextValue,\n\t\t\t\t\tencryptCommand,\n\t\t\t\t})}`,\n\t\t\t);\n\t\t}\n\n\t\tif (verbose) {\n\t\t\tinfo(`Encrypting key ${emphasis(key)} ${strong(\"ok\")}`);\n\t\t}\n\n\t\tconst cipherText = Buffer.from(encryptionResult.CiphertextBlob).toString(\n\t\t\t\"base64\",\n\t\t);\n\n\t\tif (isRegularParameter(plainTextValue)) {\n\t\t\tencryptedDotSecFlattened.encrypted[key] = {\n\t\t\t\ttype: \"standard\",\n\t\t\t\tencryptedValue: cipherText,\n\t\t\t};\n\t\t\t// do something ssm\n\t\t} else if (isSSMParameter(plainTextValue)) {\n\t\t\tencryptedDotSecFlattened.encrypted[key] = {\n\t\t\t\ttype: \"ssm\",\n\t\t\t\tencryptedValue: cipherText,\n\t\t\t};\n\t\t\t// do something ssm\n\t\t} else if (isSecretsManagerParameter(plainTextValue)) {\n\t\t\tencryptedDotSecFlattened.encrypted[key] = {\n\t\t\t\ttype: \"secretsManager\",\n\t\t\t\tencryptedValue: cipherText,\n\t\t\t};\n\t\t}\n\t}\n\treturn expandEncrypted(encryptedDotSecFlattened);\n};\n\ntype SyncTasks = {\n\ttotal: number;\n\tputParameterCommands: PutParameterCommand[];\n\tcreateSecretCommands: CreateSecretCommand[];\n\tputSecretValueCommands: PutSecretValueCommand[];\n};\nexport const createStorePlaintextTasks = async (options: {\n\tdotSecPlainText: DotSecPlainText;\n\tcredentials: Credentials;\n\tregion: string;\n\tverbose?: boolean;\n\tkeyAlias?: string;\n}): Promise<SyncTasks> => {\n\tconst { dotSecPlainText, credentials, region, verbose, keyAlias } = options;\n\tconst dotSecPlainTextFlattened = flattenPlainText(dotSecPlainText);\n\t// get logger\n\tconst { info } = getLogger();\n\t// create KMS client\n\t// create ssm client\n\tconst ssmClient = getSSMClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\n\tconst secretsManagerClient = getSecretsManagerClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\n\t// Array<[secretName: string, arn: string]>\n\tconst secretNameArnTuples = (\n\t\tawait secretsManagerClient.send(new ListSecretsCommand({}))\n\t)?.SecretList?.map((secret) => [secret.Name, secret.ARN]).filter(\n\t\t([name, ARN]) => name && ARN,\n\t) as [string, string][];\n\n\t// { [secretName: string] : arn }\n\tconst existingSecrets = secretNameArnTuples\n\t\t? Object.fromEntries(secretNameArnTuples)\n\t\t: {};\n\n\tconst awsKeyAlias = keyAlias || dotSecPlainText.config?.aws?.keyAlias;\n\tif (!awsKeyAlias) {\n\t\tthrow new Error(`No key alias specified`);\n\t}\n\tif (verbose) {\n\t\tinfo(`Encrypting to SSM and/or SecretsManager in ${emphasis(region)}`);\n\t}\n\n\tconst putParameterCommands: PutParameterCommand[] = [];\n\tconst createSecretCommands: CreateSecretCommand[] = [];\n\tconst putSecretValueCommands: PutSecretValueCommand[] = [];\n\n\tfor (const [keyPath, plainTextValue] of Object.entries(\n\t\tdotSecPlainTextFlattened.plaintext,\n\t)) {\n\t\tlet storageValue: DotSecValue;\n\t\tif (isRegularParameter(plainTextValue)) {\n\t\t\tif (isRegularParameterObject(plainTextValue)) {\n\t\t\t\tstorageValue = plainTextValue.value;\n\t\t\t} else {\n\t\t\t\tstorageValue = plainTextValue;\n\t\t\t}\n\t\t} else if (isSSMParameter(plainTextValue)) {\n\t\t\t// if (isSSMParameterObject(plainTextValue)) {\n\t\t\tstorageValue = plainTextValue.value;\n\t\t\t// } else {\n\t\t\t// storageValue = plainTextValue;\n\t\t\t// }\n\t\t} else if (isSecretsManagerParameter(plainTextValue)) {\n\t\t\tstorageValue = plainTextValue.value;\n\t\t} else {\n\t\t\tthrow new Error(\"Invalid parameter type\");\n\t\t}\n\t\t// check if parameter is string, number or boolean, if not, encode to json\n\t\tif (\n\t\t\t!isString(storageValue) &&\n\t\t\t!isNumber(storageValue) &&\n\t\t\t!isBoolean(storageValue)\n\t\t) {\n\t\t\tstorageValue = JSON.stringify(storageValue);\n\t\t}\n\t\tif (\n\t\t\tisSSMParameter(plainTextValue) ||\n\t\t\t(isRegularParameter(plainTextValue) &&\n\t\t\t\tdotSecPlainText.config?.standardParameterStorageType === \"ssm\" &&\n\t\t\t\t(isRegularParameterObject(plainTextValue)\n\t\t\t\t\t? plainTextValue.dontStore !== true\n\t\t\t\t\t: true))\n\t\t) {\n\t\t\tlet parameterTier: ParameterTier = ParameterTier.STANDARD;\n\t\t\tlet parameterType: ParameterType = ParameterType.STRING;\n\t\t\tlet description: string | undefined;\n\t\t\tif (isSSMParameter(plainTextValue)) {\n\t\t\t\tif (plainTextValue?.ssm?.tier) {\n\t\t\t\t\tparameterTier = plainTextValue.ssm.tier;\n\t\t\t\t}\n\t\t\t\tif (plainTextValue?.ssm?.type) {\n\t\t\t\t\tparameterType = plainTextValue.ssm.type;\n\t\t\t\t}\n\t\t\t\tif (plainTextValue?.description) {\n\t\t\t\t\tdescription = plainTextValue.description;\n\t\t\t\t}\n\t\t\t}\n\t\t\tconst putParameterCommand = new PutParameterCommand({\n\t\t\t\tName: `/${keyPath}`,\n\t\t\t\tValue: String(storageValue),\n\t\t\t\tType: parameterType,\n\t\t\t\tTier: parameterTier,\n\t\t\t\tDescription: description,\n\t\t\t\tOverwrite: true,\n\t\t\t});\n\t\t\tputParameterCommands.push(putParameterCommand);\n\t\t\t// await ssmClient.send(putParameterCommand);\n\t\t} else if (\n\t\t\tisSecretsManagerParameter(plainTextValue) ||\n\t\t\t(isRegularParameter(plainTextValue) &&\n\t\t\t\tdotSecPlainText.config?.standardParameterStorageType ===\n\t\t\t\t\t\"secretsManager\" &&\n\t\t\t\t(isRegularParameterObject(plainTextValue)\n\t\t\t\t\t? plainTextValue.dontStore !== true\n\t\t\t\t\t: true))\n\t\t) {\n\t\t\tconst existingSecretARN = existingSecrets[keyPath];\n\t\t\tif (!existingSecretARN) {\n\t\t\t\tconst createSecretCommand = new CreateSecretCommand({\n\t\t\t\t\tName: keyPath,\n\t\t\t\t\tSecretString: String(storageValue),\n\t\t\t\t});\n\t\t\t\tcreateSecretCommands.push(createSecretCommand);\n\t\t\t\t// await secretsManagerClient.send(createSecretCommand);\n\t\t\t} else {\n\t\t\t\tconst putSecretCommand = new PutSecretValueCommand({\n\t\t\t\t\tSecretId: existingSecretARN,\n\t\t\t\t\tSecretString: String(storageValue),\n\t\t\t\t});\n\t\t\t\tputSecretValueCommands.push(putSecretCommand);\n\t\t\t\t// await secretsManagerClient.send(putSecretCommand);\n\t\t\t}\n\t\t}\n\t}\n\n\treturn {\n\t\ttotal:\n\t\t\tputParameterCommands.length +\n\t\t\tcreateSecretCommands.length +\n\t\t\tputSecretValueCommands.length,\n\t\tputParameterCommands,\n\t\tcreateSecretCommands,\n\t\tputSecretValueCommands,\n\t};\n};\n\nexport const executeStorePlainTextTasks = async (options: {\n\tcredentials: Credentials;\n\tregion: string;\n\tverbose?: boolean;\n\ttasks: SyncTasks;\n}): Promise<void> => {\n\tconst { credentials, region, verbose, tasks } = options;\n\tconst { info } = getLogger();\n\tconst ssmClient = getSSMClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\n\tconst secretsManagerClient = getSecretsManagerClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\tfor (const putParameterCommand of tasks.putParameterCommands) {\n\t\tprocess.stdout.write(\n\t\t\t`Storing SSM parameter ${emphasis(\n\t\t\t\tputParameterCommand.input.Name || \"<unnamed> \",\n\t\t\t)}... `,\n\t\t);\n\t\tawait ssmClient.send(putParameterCommand);\n\t\tprocess.stdout.write(`done\\n`);\n\t}\n\tfor (const createSecretCommand of tasks.createSecretCommands) {\n\t\tprocess.stdout.write(\n\t\t\t`Creating Secret ${emphasis(\n\t\t\t\tcreateSecretCommand.input.Name || \"<unnamed> \",\n\t\t\t)}... `,\n\t\t);\n\t\tawait secretsManagerClient.send(createSecretCommand);\n\t\tprocess.stdout.write(`done\\n`);\n\t}\n\tfor (const putSecretValueCommand of tasks.putSecretValueCommands) {\n\t\tprocess.stdout.write(\n\t\t\t`Updating Secret ${emphasis(\n\t\t\t\tputSecretValueCommand.input.SecretId || \"<unknown id> \",\n\t\t\t)}... `,\n\t\t);\n\t\tawait secretsManagerClient.send(putSecretValueCommand);\n\t\tprocess.stdout.write(`done\\n`);\n\t}\n};\n\nexport const prettyPrintTasks = (tasks: SyncTasks) => {\n\tconst { info, table } = getLogger();\n\tconst { putParameterCommands, createSecretCommands, putSecretValueCommands } =\n\t\ttasks;\n\n\tconst ssmTasks = putParameterCommands.map((command) => {\n\t\treturn {\n\t\t\tname: command.input.Name,\n\t\t\tdescription: command.input.Description || \"<no description>\",\n\t\t\ttier: command.input.Tier,\n\t\t\ttype: command.input.Type,\n\t\t\tvalue: command.input.Value,\n\t\t};\n\t});\n\tinfo(emphasis(`AWS Systems Manager > Parameter Store: create or update`));\n\ttable(ssmTasks);\n\n\tconst createSecretTasks = createSecretCommands.map((command) => {\n\t\treturn {\n\t\t\tsecretName: command.input.Name,\n\t\t\tdescription: command.input.Description || \"<no description>\",\n\t\t\tvalue: \"**** redacted ****>\",\n\t\t};\n\t});\n\tif (createSecretTasks.length) {\n\t\tinfo(emphasis(`AWS Secrets Manager Secrets: create`));\n\t\ttable(createSecretTasks);\n\t}\n\tconst updateSecretTasks = putSecretValueCommands.map((command) => {\n\t\treturn {\n\t\t\tsecretName: command.input.SecretId,\n\t\t\tvalue: \"**** redacted ****>\",\n\t\t};\n\t});\n\tif (updateSecretTasks.length) {\n\t\tinfo(emphasis(`AWS Secrets Manager Secrets: update`));\n\t\ttable(updateSecretTasks);\n\t}\n};\nexport const decryptRawDotSecValues = async (options: {\n\tdotSecKeysValues: Record<string, string>;\n\tcredentials: Credentials;\n\tregion: string;\n\tverbose?: boolean;\n\tkeyAlias?: string;\n\tsearchPath?: string;\n}): Promise<string> => {\n\tconst { info } = getLogger();\n\n\tconst {\n\t\tdotSecKeysValues: rawDotSec,\n\t\tcredentials,\n\t\tregion,\n\t\tverbose,\n\t\tkeyAlias,\n\t\tsearchPath,\n\t} = options;\n\n\tconst kmsClient = getKMSClient({\n\t\tconfiguration: {\n\t\t\tcredentials,\n\t\t\tregion,\n\t\t},\n\t\tverbose,\n\t});\n\n\tconst s = searchPath\n\t\t?.split(\".\")\n\t\t.map((part) => `${constantCase(part)}_`)\n\t\t.join(\"\");\n\tconst awsKeyAlias = keyAlias;\n\tif (!keyAlias) {\n\t\tthrow new Error(\"No key alias specified\");\n\t}\n\n\tconst encryptionAlgorithm = await getEncryptionAlgorithm(kmsClient, keyAlias);\n\tconst dotEnvLines: string[] = [];\n\n\tconst filtered = s\n\t\t? Object.fromEntries(\n\t\t\t\tObject.entries(rawDotSec)\n\t\t\t\t\t.filter(([key]) => key.startsWith(s))\n\t\t\t\t\t.map(([key, value]) => [key.replace(s, \"\"), value]),\n\t\t )\n\t\t: rawDotSec;\n\tfor (const [key, encryptedValue] of Object.entries(filtered)) {\n\t\tconst decryptCommand = new DecryptCommand({\n\t\t\tKeyId: awsKeyAlias,\n\t\t\tCiphertextBlob: Buffer.from(encryptedValue, \"base64\"),\n\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t});\n\n\t\tconst decryptionResult = await kmsClient.send(decryptCommand);\n\n\t\tif (!decryptionResult.Plaintext) {\n\t\t\tthrow new Error(\n\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\tkey,\n\t\t\t\t\tcipherText: encryptedValue,\n\t\t\t\t\tdecryptCommand: decryptCommand,\n\t\t\t\t})}`,\n\t\t\t);\n\t\t}\n\n\t\tif (verbose) {\n\t\t\tinfo(`Decrypting key ${emphasis(key)} ${strong(\"ok\")}`);\n\t\t}\n\n\t\tconst decryptedValue = Buffer.from(decryptionResult.Plaintext).toString();\n\t\t// this *is* json\n\t\tconst parsedValue = JSON.parse(decryptedValue) as {\n\t\t\tkey: string;\n\t\t\tvalue: string;\n\t\t};\n\n\t\tconst stringOrJson = maybeJson(parsedValue.value);\n\n\t\tif (isRegularParameter(stringOrJson)) {\n\t\t\tif (isRegularParameterObject(stringOrJson)) {\n\t\t\t\tdotEnvLines.push(`${key}=${JSON.stringify(stringOrJson.value)}`);\n\t\t\t} else {\n\t\t\t\tdotEnvLines.push(`${key}=${String(stringOrJson)}`);\n\t\t\t}\n\t\t} else if (isSSMParameter(stringOrJson)) {\n\t\t\t// if (isSSMParameterObject(stringOrJson)) {\n\t\t\tdotEnvLines.push(`${key}=${JSON.stringify(stringOrJson.value)}`);\n\t\t\t// } else {\n\t\t\t// dotEnvLines.push(`${key}=${String(stringOrJson)}`);\n\t\t\t// }\n\t\t} else if (isSecretsManagerParameter(stringOrJson)) {\n\t\t\tdotEnvLines.push(`${key}=${JSON.stringify(stringOrJson.value)}`);\n\t\t}\n\n\t\t// unbox values\n\t}\n\n\treturn dotEnvLines.join(\"\\n\");\n};\n", "import {\n DescribeKeyCommand,\n KMSClient,\n KMSClientConfig,\n} from '@aws-sdk/client-kms';\n\nexport const getKMSClient = ({\n configuration,\n}: {\n verbose?: boolean;\n configuration: KMSClientConfig;\n}) => {\n const kmsClient = new KMSClient(configuration);\n\n return kmsClient;\n};\n\nexport const getEncryptionAlgorithm = async (\n kmsClient: KMSClient,\n awsKeyAlias: string,\n) => {\n // describe key *once*\n const describeKeyCommand = new DescribeKeyCommand({\n KeyId: awsKeyAlias,\n });\n\n const describeKeyResult = await kmsClient.send(describeKeyCommand);\n const encryptionAlgorithm =\n describeKeyResult.KeyMetadata?.EncryptionAlgorithms?.[0];\n\n if (encryptionAlgorithm === undefined) {\n throw new Error(`Could not determine encryption algorithm`);\n }\n\n return encryptionAlgorithm;\n};\n", "import {\n SecretsManagerClient,\n SecretsManagerClientConfig,\n} from '@aws-sdk/client-secrets-manager';\n\nexport const getSecretsManagerClient = ({\n configuration,\n}: {\n verbose?: boolean;\n configuration: SecretsManagerClientConfig;\n}) => {\n const secretsManagerClient = new SecretsManagerClient(configuration);\n return secretsManagerClient;\n};\n", "import { SSMClient, SSMClientConfig } from '@aws-sdk/client-ssm';\n\nexport const getSSMClient = ({\n configuration,\n}: {\n verbose?: boolean;\n configuration: SSMClientConfig;\n}) => {\n const ssmClient = new SSMClient(configuration);\n return ssmClient;\n};\n", "import { ParameterTier, ParameterType } from \"@aws-sdk/client-ssm\";\n\n// type Not<T extends { [key: string]: unknown }> = Id<{ [P in keyof T]?: never }>;\ntype Id<T> = T extends { [key: string]: unknown }\n\t? Record<string, unknown> & { [P in keyof T]: Id<T[P]> }\n\t: T;\nexport const dotSecFileTypes = [\"json\", \"ts\", \"yaml\", \"yml\"] as const;\nexport type DotSecFileType = typeof dotSecFileTypes[number];\nexport type DotSecEncryptedEncoding = \"encrypted\";\nexport type DotSecPlaintextEncoding = \"plaintext\";\nexport type DotSecEncoding = DotSecPlaintextEncoding | DotSecEncryptedEncoding;\nexport type DotSecValue =\n\t| string\n\t| number\n\t| boolean\n\t| { [key: string]: DotSecValue }\n\t| Array<DotSecValue>;\nexport type SSMParameterObject = {\n\ttype: \"ssm\";\n\tdescription?: string;\n\tssm?: {\n\t\ttype?: ParameterType;\n\t\ttier?: ParameterTier;\n\t};\n\tvalue: DotSecValue;\n\tencryptedValue?: never;\n};\nexport type SSMEncryptedParameterObject = {\n\ttype: \"ssm\";\n\tdescription?: string;\n\tvalue?: never;\n\tencryptedValue: string;\n};\nexport type StandardParameterObject = {\n\ttype: \"standard\";\n\tdescription?: string;\n\tvalue: DotSecValue;\n\tdontStore?: boolean;\n\tencryptedValue?: never;\n};\nexport type StandardEncryptedParameterObject = {\n\ttype: \"standard\";\n\tdescription?: string;\n\tvalue?: never;\n\tencryptedValue: string;\n};\nexport type SSMParameter<\n\tEncoding extends DotSecEncoding = DotSecPlaintextEncoding,\n> = Encoding extends DotSecPlaintextEncoding\n\t? SSMParameterObject\n\t: SSMEncryptedParameterObject;\nexport type StandardParameter<\n\tEncoding extends DotSecEncoding = DotSecPlaintextEncoding,\n> = Encoding extends DotSecPlaintextEncoding\n\t? string | number | boolean | StandardParameterObject\n\t: StandardEncryptedParameterObject;\n\nexport type DotSecSecretsManagerParameter = {\n\tvalue: DotSecValue;\n\tencryptedValue?: never;\n};\n\nexport type SecretsManagerParameter<\n\tEncoding extends DotSecEncoding = DotSecPlaintextEncoding,\n> = {\n\ttype: \"secretsManager\";\n\tdescription?: string;\n} & (Encoding extends DotSecPlaintextEncoding\n\t? DotSecSecretsManagerParameter\n\t: {\n\t\t\ttype: \"secretsManager\";\n\n\t\t\tvalue?: never;\n\t\t\tencryptedValue: string;\n\t });\n\nexport type DotSecLeaf<\n\tEncoding extends DotSecEncoding /* = DotSecPlainTextEncoding */,\n> =\n\t| SSMParameter<Encoding>\n\t| SecretsManagerParameter<Encoding>\n\t| StandardParameter<Encoding>;\n\nexport type DotSecTree<\n\tEncoding extends DotSecEncoding,\n\tTreeShape extends DotSecTreeShape,\n> = {\n\t[key: string]: TreeShape extends DotSecExpandedTree\n\t\t? DotSecLeaf<Encoding> | DotSecTree<Encoding, TreeShape>\n\t\t: DotSecLeaf<Encoding>;\n};\ntype DotSecFlatTree<Encoding extends DotSecEncoding = DotSecPlaintextEncoding> =\n\tDotSecTree<Encoding, DotSecExpandedTree>;\n\nexport type DeepPartial<T> = T extends object\n\t? {\n\t\t\t[P in keyof T]?: DeepPartial<T[P]>;\n\t }\n\t: T;\n\nexport type OptionalDeepPartial<\n\tT,\n\tIgnorePartials extends boolean = false,\n> = IgnorePartials extends true\n\t? T\n\t: T extends object\n\t? {\n\t\t\t[P in keyof T]?: DeepPartial<T[P]>;\n\t }\n\t: T;\nexport type DotSecConfig<\n\tConfigDemand extends DotSecConfigDemand = DotSecWithOptionalConfig,\n> = OptionalDeepPartial<\n\t{\n\t\tconfig: {\n\t\t\tpathPrefix?: string;\n\t\t\tuseTopLevelsAsEnvironments?: boolean;\n\t\t\tstandardParameterStorageType?: \"none\" | \"ssm\" | \"secretsManager\";\n\t\t\taws: {\n\t\t\t\tkeyAlias: string;\n\t\t\t\tregions: Array<string>;\n\t\t\t\t// environmentMapping?: {\n\t\t\t\t// [awsEnvironment: string]: {\n\t\t\t\t// accountId: string;\n\t\t\t\t// accessKeyId: string;\n\t\t\t\t// secretAccessKey: string;\n\t\t\t\t// };\n\t\t\t\t// };\n\t\t\t};\n\t\t};\n\t},\n\tConfigDemand extends DotSecWithOptionalConfig ? false : true\n>;\nexport type DotSecPlainTextByFileType = {\n\tfileType: DotSecFileType;\n\tpath: string;\n\tdotSecPlainText: DotSecPlainText;\n\traw: string;\n};\nexport type DotSecEncryptedByFileType = {\n\tfileType: DotSecFileType;\n\tpath: string;\n\tdotSecEncrypted: DotSecEncrypted;\n};\nexport type DotSecRequiredConfig = DotSecConfig<DotSecWithRequiredConfig>;\nexport type DotSecTrees =\n\t| DotSecTree<DotSecPlaintextEncoding, DotSecExpandedTree>\n\t| DotSecTree<DotSecEncryptedEncoding, DotSecExpandedTree>\n\t| DotSecTree<DotSecPlaintextEncoding, DotSecFlattenedTree>\n\t| DotSecTree<DotSecEncryptedEncoding, DotSecFlattenedTree>;\n\nexport type DotSec<\n\tTree extends DotSecTrees = DotSecTree<\n\t\tDotSecPlaintextEncoding,\n\t\tDotSecExpandedTree\n\t>,\n\tEncoding extends DotSecEncoding = DotSecPlaintextEncoding,\n\tFlattened extends DotSecTreeShape = DotSecExpandedTree,\n\tWithRequiredConfig extends DotSecConfigDemand = DotSecWithOptionalConfig,\n> = DS<Tree, Encoding, Flattened, WithRequiredConfig>;\n\nexport type DS<\n\tTree extends DotSecTrees,\n\tEncoding extends DotSecEncoding = DotSecPlaintextEncoding,\n\tFlattened extends DotSecTreeShape = DotSecExpandedTree,\n\tWithRequiredConfig extends DotSecConfigDemand = DotSecWithOptionalConfig,\n> = DotSecConfig<WithRequiredConfig> &\n\t(Encoding extends DotSecPlaintextEncoding\n\t\t? {\n\t\t\t\tplaintext: Tree extends DotSecTree<DotSecPlaintextEncoding, Flattened>\n\t\t\t\t\t? Tree\n\t\t\t\t\t: never;\n\t\t\t\tencrypted?: never;\n\t\t }\n\t\t: {\n\t\t\t\tencrypted: Tree extends DotSecTree<DotSecEncryptedEncoding, Flattened>\n\t\t\t\t\t? Tree\n\t\t\t\t\t: never;\n\t\t\t\tplaintext?: never;\n\t\t });\n\nexport type DotSecFlattenedTree = \"flattened\";\nexport type DotSecExpandedTree = \"expanded\";\nexport type DotSecTreeShape = DotSecFlattenedTree | DotSecExpandedTree;\nexport type DotSecWithOptionalConfig = \"with-optional-config\";\nexport type DotSecWithRequiredConfig = \"with-required-config\";\nexport type DotSecConfigDemand =\n\t| DotSecWithOptionalConfig\n\t| DotSecWithRequiredConfig;\nexport type DotSecEncrypted<\n\tT extends DotSecTree<\n\t\tDotSecEncryptedEncoding,\n\t\tDotSecExpandedTree\n\t> = DotSecTree<DotSecEncryptedEncoding, DotSecExpandedTree>,\n> = DotSec<T, DotSecEncryptedEncoding>;\n\nexport type DotSecPlainText<\n\tT extends DotSecTree<\n\t\tDotSecPlaintextEncoding,\n\t\tDotSecExpandedTree\n\t> = DotSecTree<DotSecPlaintextEncoding, DotSecExpandedTree>,\n> = DotSec<T, DotSecPlaintextEncoding>;\n\nexport type DotSecPlainTextWithOptionalConfig<\n\tT extends DotSecTree<\n\t\tDotSecPlaintextEncoding,\n\t\tDotSecExpandedTree\n\t> = DotSecTree<DotSecPlaintextEncoding, DotSecExpandedTree>,\n> = DotSec<\n\tT,\n\tDotSecPlaintextEncoding,\n\tDotSecExpandedTree,\n\tDotSecWithOptionalConfig\n>;\nexport type DotSecEncryptedWithOptionalConfig<\n\tT extends DotSecTree<\n\t\tDotSecEncryptedEncoding,\n\t\tDotSecExpandedTree\n\t> = DotSecTree<DotSecEncryptedEncoding, DotSecExpandedTree>,\n> = DotSec<\n\tT,\n\tDotSecEncryptedEncoding,\n\tDotSecExpandedTree,\n\tDotSecWithOptionalConfig\n>;\n\n// user types\nexport type DotSecVariables<\n\tT extends DotSecTree<\n\t\tDotSecPlaintextEncoding,\n\t\tDotSecExpandedTree\n\t> = DotSecTree<DotSecPlaintextEncoding, DotSecExpandedTree>,\n> = DotSec<\n\tT,\n\tDotSecPlaintextEncoding,\n\tDotSecExpandedTree,\n\tDotSecWithOptionalConfig\n>;\n\nexport type DotSecPlainTextFlattened<\n\tT extends DotSecTree<\n\t\tDotSecPlaintextEncoding,\n\t\tDotSecFlattenedTree\n\t> = DotSecTree<DotSecPlaintextEncoding, DotSecFlattenedTree>,\n> = DotSec<T, DotSecPlaintextEncoding, DotSecFlattenedTree>;\n\nexport type DotSecEncryptedFlattened<\n\tT extends DotSecTree<\n\t\tDotSecEncryptedEncoding,\n\t\tDotSecFlattenedTree\n\t> = DotSecTree<DotSecEncryptedEncoding, DotSecFlattenedTree>,\n> = DotSec<T, DotSecEncryptedEncoding, DotSecFlattenedTree>;\n\nexport const environments = [\"dev\", \"prod\"] as const;\nexport type Environment = typeof environments[number];\nconst dotSecPlainText: DotSecPlainText = {\n\tplaintext: {\n\t\tfoo: { type: \"ssm\", value: \"asd\" },\n\t\tbar: { foo: { type: \"ssm\", value: \"asd\" } },\n\t},\n};\nconst dotSecEncrypted: DotSecEncrypted = {\n\tencrypted: {\n\t\tfoo: { type: \"ssm\", encryptedValue: \"asd\" },\n\t\tbar: { foo: { type: \"ssm\", encryptedValue: \"asd\" } },\n\t},\n};\nconst dotSecPlainTextFlattened: DotSecPlainTextFlattened = {\n\tplaintext: {\n\t\tfoo: { type: \"ssm\", value: \"asd\" },\n\t},\n};\nconst dotSecEncryptedFlattened: DotSecEncryptedFlattened = {\n\tencrypted: {\n\t\tfoo: { type: \"secretsManager\", encryptedValue: \"asd\" },\n\t},\n};\nconst t: DotSec<\n\t{\n\t\t[key in Environment]: {\n\t\t\tother: {\n\t\t\t\tfoo: StandardParameter;\n\t\t\t\tbar: SSMParameter;\n\t\t\t\tshit: {\n\t\t\t\t\tanother: SecretsManagerParameter;\n\t\t\t\t\tmekker: SSMParameter;\n\t\t\t\t};\n\t\t\t};\n\t\t};\n\t},\n\tDotSecPlaintextEncoding\n> = {\n\tplaintext: {\n\t\tdev: {\n\t\t\tother: {\n\t\t\t\tfoo: \"123\",\n\t\t\t\tbar: { type: \"ssm\", value: \"asd\" },\n\t\t\t\tshit: {\n\t\t\t\t\tanother: { type: \"secretsManager\", value: \"qasd\" },\n\t\t\t\t\tmekker: { type: \"ssm\", value: \"off\" },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tprod: {\n\t\t\tother: {\n\t\t\t\tfoo: \"123\",\n\t\t\t\tbar: { type: \"ssm\", value: \"asd\" },\n\t\t\t\tshit: {\n\t\t\t\t\tanother: {\n\t\t\t\t\t\ttype: \"secretsManager\",\n\t\t\t\t\t\tvalue: \"asdasd\",\n\t\t\t\t\t},\n\t\t\t\t\tmekker: { type: \"ssm\", value: \"on\" },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t},\n};\n\nconst tt: DotSec = {\n\tplaintext: {\n\t\tdev: {\n\t\t\tother: {\n\t\t\t\tfoo: \"123\",\n\t\t\t\tbar: { type: \"ssm\", value: \"asd\" },\n\t\t\t\tshit: {\n\t\t\t\t\tanother: { type: \"secretsManager\", value: \"qasd\" },\n\t\t\t\t\tmekker: 123,\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tprod: {\n\t\t\tother: {\n\t\t\t\tfoo: \"123\",\n\t\t\t\tbar: { type: \"ssm\", value: \"asd\" },\n\t\t\t\tshit: {\n\t\t\t\t\tanother: {\n\t\t\t\t\t\ttype: \"secretsManager\",\n\t\t\t\t\t\tvalue: \"asdasd\",\n\t\t\t\t\t},\n\t\t\t\t\tmekker: { type: \"ssm\", value: \"fuck off\" },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t},\n};\n\nexport const isString = (value: unknown): value is string => {\n\treturn typeof value === \"string\";\n};\n\nexport const isNumber = (value: unknown): value is number => {\n\treturn typeof value === \"number\";\n};\nexport const isBoolean = (value: unknown): value is boolean => {\n\treturn typeof value === \"boolean\";\n};\n\nexport const isSSMParameterObject = (\n\tvalue: unknown,\n): value is SSMParameterObject => {\n\tconst ssmParameter = value as SSMParameter;\n\treturn (\n\t\ttypeof ssmParameter === \"object\" &&\n\t\tssmParameter !== null &&\n\t\t\"type\" in ssmParameter &&\n\t\tssmParameter.type === \"ssm\"\n\t);\n};\n\nexport const isSSMParameter = <Encoding extends DotSecEncoding>(\n\tleafOrTree: unknown,\n): leafOrTree is SSMParameter<Encoding> => {\n\tconst ssmParameter = leafOrTree as SSMParameter<Encoding>;\n\treturn (\n\t\ttypeof ssmParameter === \"object\" &&\n\t\tssmParameter !== null &&\n\t\t\"type\" in ssmParameter &&\n\t\tssmParameter.type === \"ssm\"\n\t);\n};\n\nexport const isRegularParameterObject = (\n\tvalue: unknown,\n): value is StandardParameterObject => {\n\tconst regularParameter = value as StandardParameter;\n\treturn (\n\t\ttypeof regularParameter === \"object\" &&\n\t\tregularParameter !== null &&\n\t\t\"type\" in regularParameter &&\n\t\tregularParameter.type === \"standard\"\n\t);\n};\n\nexport const isRegularParameter = <Encoding extends DotSecEncoding>(\n\tleafOrTree: unknown,\n): leafOrTree is StandardParameter<Encoding> => {\n\tconst leaf = leafOrTree as StandardParameter<Encoding>;\n\treturn (\n\t\tisString(leaf) ||\n\t\tisNumber(leaf) ||\n\t\tisBoolean(leaf) ||\n\t\tisRegularParameterObject(leaf)\n\t);\n};\n\nexport const isEncryptedSSMParameter = (\n\tleafOrTree: unknown,\n): leafOrTree is SSMParameter<DotSecEncryptedEncoding> => {\n\tconst leaf = leafOrTree as SSMParameter<DotSecEncryptedEncoding>;\n\treturn (\n\t\tleaf.type !== undefined &&\n\t\tleaf.type === \"ssm\" &&\n\t\tleaf.encryptedValue !== undefined\n\t);\n};\n\nexport const isEncryptedRegularParameter = (\n\tleafOrTree: unknown,\n): leafOrTree is StandardParameter<DotSecEncryptedEncoding> => {\n\tconst leaf = leafOrTree as StandardParameter<DotSecEncryptedEncoding>;\n\treturn (\n\t\tleaf.type !== undefined &&\n\t\tleaf.type === \"standard\" &&\n\t\tleaf.encryptedValue !== undefined\n\t);\n};\n\nexport const isSecretsManagerParameter = <Encoding extends DotSecEncoding>(\n\tleafOrTree: unknown,\n): leafOrTree is SecretsManagerParameter<Encoding> => {\n\tconst leaf = leafOrTree as SecretsManagerParameter<Encoding>;\n\treturn (\n\t\tleaf.type !== undefined &&\n\t\tleaf.type === \"secretsManager\" &&\n\t\t!(isString(leaf) || isNumber(leaf) || isBoolean(leaf))\n\t);\n};\n\nexport const isDotSecTree = <Encoding extends DotSecEncoding>(\n\tleafOrTree: unknown,\n): leafOrTree is DotSecTree<Encoding, DotSecExpandedTree> => {\n\tif (\n\t\ttypeof leafOrTree === \"object\" &&\n\t\t!Array.isArray(leafOrTree) &&\n\t\tleafOrTree !== null &&\n\t\t!isSSMParameter(leafOrTree) &&\n\t\t!isRegularParameter(leafOrTree) &&\n\t\t!isEncryptedSSMParameter(leafOrTree) &&\n\t\t!isEncryptedRegularParameter(leafOrTree) &&\n\t\t!isSecretsManagerParameter(leafOrTree)\n\t) {\n\t\treturn true;\n\t}\n\n\treturn false;\n};\n\nexport const isDotSecPlaintTextTree = <Encoding extends DotSecEncoding>(\n\tleafOrTree: unknown,\n): leafOrTree is DotSecTree<Encoding, DotSecExpandedTree> => {\n\tif (\n\t\ttypeof leafOrTree === \"object\" &&\n\t\t!Array.isArray(leafOrTree) &&\n\t\tleafOrTree !== null &&\n\t\t!isSSMParameter(leafOrTree) &&\n\t\t!isRegularParameter(leafOrTree) &&\n\t\t!isSecretsManagerParameter(leafOrTree)\n\t) {\n\t\treturn true;\n\t}\n\n\treturn false;\n};\n", "import {\n\tDotSecEncoding,\n\tDotSecEncrypted,\n\tDotSecEncryptedFlattened,\n\tDotSecExpandedTree,\n\tDotSecFlattenedTree,\n\tDotSecLeaf,\n\tDotSecPlainText,\n\tDotSecPlainTextFlattened,\n\tDotSecTree,\n\tisDotSecTree,\n} from \"./types\";\nexport const flattenTree = <\n\tEncoding extends DotSecEncoding,\n\tTree extends DotSecTree<Encoding, DotSecExpandedTree> | DotSecLeaf<Encoding>,\n>(\n\ttree: Tree,\n): DotSecTree<Encoding, DotSecFlattenedTree> => {\n\tconst lazy: DotSecTree<Encoding, DotSecFlattenedTree> = {};\n\n\tconst innerParser = (\n\t\tleafOrTree: DotSecTree<Encoding, DotSecExpandedTree> | DotSecLeaf<Encoding>,\n\t\tpaths: Array<string> = [],\n\t) => {\n\t\tif (isDotSecTree(leafOrTree)) {\n\t\t\tObject.entries(leafOrTree).map(([key, value]) => {\n\t\t\t\tinnerParser(value, [...paths, key]);\n\t\t\t});\n\t\t} else {\n\t\t\tlazy[paths.join(\"/\")] = leafOrTree;\n\t\t}\n\t};\n\n\tinnerParser(tree);\n\treturn lazy;\n};\n\nexport const flattenPlainText = (\n\tdotSec: DotSecPlainText,\n): DotSecPlainTextFlattened => {\n\treturn { ...dotSec, plaintext: flattenTree(dotSec.plaintext) };\n};\n\nexport const flattenEncrypted = (\n\tdotSec: DotSecEncrypted,\n): DotSecEncryptedFlattened => {\n\treturn { ...dotSec, encrypted: flattenTree(dotSec.encrypted) };\n};\n\nconst expandTree = <\n\tEncoding extends DotSecEncoding,\n\tTree extends DotSecTree<Encoding, DotSecFlattenedTree>,\n>(\n\ttree: Tree,\n): DotSecTree<Encoding, DotSecExpandedTree> => {\n\tconst lazy: DotSecTree<Encoding, DotSecExpandedTree> = {};\n\tObject.entries(tree).map(([key, value]) => {\n\t\tconst paths = key.split(\"/\");\n\t\tlet current = lazy;\n\t\tpaths.forEach((pathKey, index) => {\n\t\t\tif (!current[pathKey]) {\n\t\t\t\tif (index === paths.length - 1) {\n\t\t\t\t\tcurrent[pathKey] = value;\n\t\t\t\t} else {\n\t\t\t\t\tcurrent[pathKey] = {};\n\t\t\t\t}\n\t\t\t}\n\t\t\t// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n\t\t\t// @ts-ignore\n\t\t\tcurrent = current[pathKey];\n\t\t});\n\t});\n\n\treturn lazy;\n};\n\nexport const expandPlainText = (\n\tdotSec: DotSecPlainTextFlattened,\n): DotSecPlainText => {\n\treturn { ...dotSec, plaintext: expandTree(dotSec.plaintext) };\n};\n\nexport const expandEncrypted = (\n\tdotSec: DotSecEncryptedFlattened,\n): DotSecEncrypted => {\n\treturn { ...dotSec, encrypted: expandTree(dotSec.encrypted) };\n};\n", "import { constantCase } from 'constant-case';\n\nimport { getLogger, strong } from '../../utils/logger';\nimport { flattenTree } from './flat';\nimport {\n DotSecExpandedTree,\n DotSecPlainText,\n DotSecPlaintextEncoding,\n DotSecTree,\n DotSecValue,\n isBoolean,\n isNumber,\n isRegularParameter,\n isRegularParameterObject,\n isSecretsManagerParameter,\n isSSMParameter,\n isString,\n} from './types';\n\nconst fromPlainTextLeafsToEnvEntries = (\n leafs: DotSecTree<'plaintext', 'flattened'>,\n) => {\n return Object.entries(leafs).map(([key, plainTextValue]) => {\n const parts = key.split('/');\n\n const dotEnvKeyPath = parts.map((k) => constantCase(k)).join('_');\n\n let storageValue: DotSecValue;\n if (isRegularParameter(plainTextValue)) {\n if (isRegularParameterObject(plainTextValue)) {\n storageValue = plainTextValue.value;\n } else {\n storageValue = plainTextValue;\n }\n } else if (isSSMParameter(plainTextValue)) {\n storageValue = plainTextValue.value;\n } else if (isSecretsManagerParameter(plainTextValue)) {\n storageValue = plainTextValue.value;\n } else {\n throw new Error('Invalid parameter type');\n }\n // check if parameter is string, number or boolean, if not, encode to json\n if (\n !isString(storageValue) &&\n !isNumber(storageValue) &&\n !isBoolean(storageValue)\n ) {\n storageValue = JSON.stringify(storageValue);\n }\n\n return `${dotEnvKeyPath}=${String(storageValue)}`;\n });\n};\n\nexport const toDotEnv = (options: {\n dotSecPlainText: DotSecPlainText;\n verbose?: boolean;\n searchPath?: string;\n}) => {\n const { info } = getLogger();\n const { dotSecPlainText, searchPath, verbose } = options;\n let tree = dotSecPlainText.plaintext;\n if (searchPath) {\n if (verbose) {\n info(`Searching for path: ${strong(searchPath)}`);\n }\n const pathParts = searchPath.split('/');\n for (const pathPart of pathParts) {\n // questionable cast\n tree = tree[pathPart] as DotSecTree<\n DotSecPlaintextEncoding,\n DotSecExpandedTree\n >;\n\n if (tree === undefined) {\n throw new Error(\n `Invalid search path: '${searchPath}', part: '${pathPart}' could not be found`,\n );\n }\n }\n }\n\n const flattenedTree = flattenTree(tree);\n\n return fromPlainTextLeafsToEnvEntries(flattenedTree).join('\\n');\n};\n\nexport const toDotEnvPerEnvironment = (options: {\n dotSecPlainText: DotSecPlainText;\n verbose?: boolean;\n searchPath?: string;\n}) => {\n const { info } = getLogger();\n const { dotSecPlainText, searchPath, verbose } = options;\n\n const environments = Object.keys(dotSecPlainText.plaintext);\n\n return Object.fromEntries(\n environments.map((environment) => {\n let tree = dotSecPlainText.plaintext[environment];\n if (searchPath) {\n if (verbose) {\n info(`Searching for path: ${strong(searchPath)}`);\n }\n const pathParts = searchPath.split('/');\n for (const pathPart of pathParts) {\n // questionable cast\n tree = tree[pathPart] as DotSecTree<\n DotSecPlaintextEncoding,\n DotSecExpandedTree\n >;\n\n if (tree === undefined) {\n throw new Error(\n `Invalid search path: '${searchPath}', part: '${pathPart}' could not be found`,\n );\n }\n }\n }\n return [\n environment,\n fromPlainTextLeafsToEnvEntries(flattenTree(tree)).join('\\n'),\n ];\n }),\n );\n};\n", "import { Command } from \"commander\";\nimport { handleCredentialsAndRegion } from \"../../lib/partial-commands/handleCredentialsAndRegion\";\nimport { encryptPlainText } from \"../../lib/wtf/crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport { DotSecPlainText } from \"../../lib/wtf/types\";\nimport { DotsecConfig } from \"../../lib/config/types\";\nimport { getLogger, prettyCode, strong } from \"../../utils/logger\";\nimport { promptOverwriteIfFileExists } from \"../../utils/io\";\nimport { toDotSec } from \"../../lib/wtf/dotsec\";\ntype Formats = {\n\tenv?: string;\n\tsec?: string;\n\tsecrets?: string;\n\tencryptedSecrets?: string;\n};\n\nconst writeOut = async (options: {\n\ttargetFile: string;\n\tconverted: string;\n\tskipPromptForOverride: boolean;\n}) => {\n\tconst { info } = getLogger();\n\tconst {\n\t\ttargetFile: encryptedSecretsPath,\n\t\tconverted,\n\t\tskipPromptForOverride,\n\t} = options;\n\n\tinfo(`target: ${strong(encryptedSecretsPath)}\\n`);\n\tinfo(prettyCode(converted));\n\tinfo(\"\\n\");\n\tconst overwriteResponse = await promptOverwriteIfFileExists({\n\t\tfilePath: encryptedSecretsPath,\n\t\tskip: skipPromptForOverride,\n\t});\n\t// easy peasy, write json\n\n\tif (overwriteResponse === undefined || overwriteResponse.overwrite === true) {\n\t\tfs.writeFileSync(encryptedSecretsPath, converted);\n\t\tinfo(\n\t\t\t`Wrote encrypted secrets to ${strong(\n\t\t\t\t`./${path.relative(process.cwd(), encryptedSecretsPath)}`,\n\t\t\t)}`,\n\t\t);\n\t}\n};\nconst encrypt = async (\n\toptions: {\n\t\tawsKeyAlias?: string;\n\t\tawsRegion?: string;\n\t\tverbose: boolean;\n\t\tconfig: DotsecConfig;\n\t\tsecrets: string;\n\t\tskipPromptForOverride: boolean;\n\t} & (\n\t\t| { encryptedSecrets: string; sec?: never }\n\t\t| { encryptedSecrets?: never; sec: string }\n\t),\n) => {\n\tconsole.log(\"options\", options);\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst {\n\t\tsecrets,\n\t\tawsKeyAlias,\n\t\tawsRegion,\n\t\tverbose,\n\t\tencryptedSecrets,\n\t\tsec,\n\t\tskipPromptForOverride,\n\t} = options;\n\tconst dotSecPlainText = JSON.parse(\n\t\tfs.readFileSync(secrets, \"utf8\"),\n\t) as DotSecPlainText;\n\tconst dotSecEncrypted = await encryptPlainText({\n\t\tdotSecPlainText,\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: awsRegion || regionAndOrigin.value,\n\t\tkeyAlias: awsKeyAlias,\n\t\tverbose: verbose,\n\t});\n\n\tif (encryptedSecrets) {\n\t\tconst targetFile = path.resolve(process.cwd(), encryptedSecrets);\n\t\tconst converted = JSON.stringify(dotSecEncrypted, null, 2);\n\n\t\tawait writeOut({\n\t\t\ttargetFile,\n\t\t\tconverted,\n\t\t\tskipPromptForOverride,\n\t\t});\n\t} else if (sec) {\n\t\tconst dotSec = toDotSec({\n\t\t\tdotSecEncrypted,\n\t\t\tverbose: verbose,\n\t\t});\n\n\t\tconst targetFile = path.resolve(process.cwd(), sec);\n\t\tawait writeOut({\n\t\t\ttargetFile,\n\t\t\tconverted: dotSec,\n\t\t\tskipPromptForOverride,\n\t\t});\n\t} else {\n\t\tthrow new Error(\"Must provide either encryptedSecrets or sec\");\n\t}\n};\nexport default (program: Command) => {\n\tconst encryptProgram = program\n\t\t.enablePositionalOptions()\n\t\t.command(\"encrypt\")\n\t\t.option(\n\t\t\t\"--secrets [secrets]\",\n\t\t\t\"Run command with secrets.json file\",\n\t\t\t\"secrets.json\",\n\t\t)\n\t\t.option(\"--awsKeyAlias, --aws-key-alias [awsKeyAlias]\")\n\t\t.option(\"--awsRegion, --aws-region [awsRegion]\")\n\t\t.usage(\"encrypt [--secrets secrets.json] [to]\")\n\t\t.summary(\"Encrypt secrets.json file\")\n\t\t.description(\"Encrypts secrets.json to secrets.encrypted.json.\\n1123\")\n\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\t//\n\t\t\tconst verbose = Boolean(command.getOptionValue(\"verbose\"));\n\t\t\tconst secrets = command.getOptionValue(\"secrets\") as string;\n\t\t\tconst config = command.getOptionValue(\"dotsecConfig\") as DotsecConfig;\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.getOptionValue(\"awsKeyAlias\") as string) ||\n\t\t\t\tconfig.aws.keyAlias;\n\t\t\tconst awsRegion =\n\t\t\t\t(command.getOptionValue(\"awsRegion\") as string) || config.aws.region;\n\n\t\t\tawait encrypt({\n\t\t\t\tconfig,\n\t\t\t\tverbose,\n\t\t\t\tsecrets,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tencryptedSecrets: \"encrypted.secrets.json\",\n\t\t\t\tskipPromptForOverride: false,\n\t\t\t});\n\t\t});\n\n\tconst toProgram = encryptProgram\n\t\t.command(\"to\")\n\t\t.usage(\"[--encryptedSecrets [encrypted.secrets.json]] [--sec [.sec]]\")\n\t\t.summary(\"specifies encryption output format\")\n\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tcommand.help();\n\t\t});\n\ttoProgram\n\t\t.command(\"dotsec\")\n\t\t.option(\"--sec, [sec]\", \"Target dotsec file\", \".sec\")\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tconst config = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"dotsecConfig\",\n\t\t\t) as DotsecConfig;\n\t\t\tconst verbose = Boolean(\n\t\t\t\tcommand.parent?.parent?.parent?.getOptionValue(\"verbose\"),\n\t\t\t);\n\t\t\tconst secrets = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"secrets\",\n\t\t\t) as string;\n\t\t\tconst sec = command.getOptionValue(\"sec\") as string;\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsKeyAlias\",\n\t\t\t\t) as string) || config.aws.keyAlias;\n\t\t\tconst awsRegion =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsRegion\",\n\t\t\t\t) as string) || config.aws.region;\n\n\t\t\tawait encrypt({\n\t\t\t\tconfig,\n\t\t\t\tverbose,\n\t\t\t\tsecrets,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tsec,\n\t\t\t\tskipPromptForOverride: false,\n\t\t\t});\n\t\t});\n\ttoProgram\n\t\t.command(\"encryptedSecrets\")\n\t\t.option(\n\t\t\t\"--encryptedSecrets,--encrypted-secrets [encryptedSecrets]\",\n\t\t\t\"Target encrypted secrets file\",\n\t\t\t\"encrypted.secrets.json\",\n\t\t)\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tconst config = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"dotsecConfig\",\n\t\t\t) as DotsecConfig;\n\t\t\tconst verbose = Boolean(\n\t\t\t\tcommand.parent?.parent?.parent?.getOptionValue(\"verbose\"),\n\t\t\t);\n\t\t\tconst secrets = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"secrets\",\n\t\t\t) as string;\n\t\t\tconst encryptedSecrets = command.getOptionValue(\n\t\t\t\t\"encryptedSecrets\",\n\t\t\t) as string;\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsKeyAlias\",\n\t\t\t\t) as string) || config.aws.keyAlias;\n\t\t\tconst awsRegion =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsRegion\",\n\t\t\t\t) as string) || config.aws.region;\n\n\t\t\tawait encrypt({\n\t\t\t\tconfig,\n\t\t\t\tverbose,\n\t\t\t\tsecrets,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tencryptedSecrets,\n\t\t\t\tskipPromptForOverride: false,\n\t\t\t});\n\t\t});\n\treturn encryptProgram;\n};\n", "import { stat } from \"fs/promises\";\n\nimport prompts from \"prompts\";\nimport path from \"node:path\";\n\nexport const fileExists = async (source: string): Promise<boolean> => {\n\ttry {\n\t\tawait stat(source);\n\t\treturn true;\n\t} catch {\n\t\treturn false;\n\t}\n};\n\nexport const promptOverwriteIfFileExists = async ({\n\tfilePath,\n\tskip,\n}: {\n\tfilePath: string;\n\tskip?: boolean;\n}) => {\n\tlet overwriteResponse: prompts.Answers<\"overwrite\"> | undefined;\n\n\tif ((await fileExists(filePath)) && skip !== true) {\n\t\toverwriteResponse = await prompts({\n\t\t\ttype: \"confirm\",\n\t\t\tname: \"overwrite\",\n\t\t\tmessage: () => {\n\t\t\t\treturn `Overwrite './${path.relative(process.cwd(), filePath)}' ?`;\n\t\t\t},\n\t\t});\n\t} else {\n\t\toverwriteResponse = undefined;\n\t}\n\treturn overwriteResponse;\n};\n", "import { constantCase } from 'constant-case';\n\nimport { getLogger, strong } from '../../utils/logger';\nimport { flattenTree } from './flat';\nimport {\n DotSecEncrypted,\n DotSecEncryptedEncoding,\n DotSecExpandedTree,\n DotSecTree,\n isEncryptedRegularParameter,\n isEncryptedSSMParameter,\n isSecretsManagerParameter,\n} from './types';\n\nconst fromEncryptedLeafsToEnvEntries = (\n leafs: DotSecTree<'encrypted', 'flattened'>,\n) => {\n return Object.entries(leafs).map(([key, plainTextValue]) => {\n const parts = key.split('/');\n\n const dotEnvKeyPath = parts.map((k) => constantCase(k)).join('_');\n\n let storageValue: string;\n if (isEncryptedRegularParameter(plainTextValue)) {\n storageValue = plainTextValue.encryptedValue;\n } else if (isEncryptedSSMParameter(plainTextValue)) {\n storageValue = plainTextValue.encryptedValue;\n } else if (isSecretsManagerParameter(plainTextValue)) {\n storageValue = plainTextValue.encryptedValue;\n } else {\n throw new Error('Invalid parameter type');\n }\n\n return `${dotEnvKeyPath}=${String(storageValue)}`;\n });\n};\n\nexport const toDotSec = (options: {\n dotSecEncrypted: DotSecEncrypted;\n verbose?: boolean;\n searchPath?: string;\n}) => {\n const { info } = getLogger();\n const { dotSecEncrypted, searchPath, verbose } = options;\n\n let tree = dotSecEncrypted.encrypted;\n if (searchPath) {\n if (verbose) {\n info(`Searching for path: ${strong(searchPath)}`);\n }\n const pathParts = searchPath.split('/');\n for (const pathPart of pathParts) {\n // questionable cast\n tree = tree[pathPart] as DotSecTree<\n DotSecEncryptedEncoding,\n DotSecExpandedTree\n >;\n }\n }\n\n const flattenedTree = flattenTree(tree);\n\n return fromEncryptedLeafsToEnvEntries(flattenedTree).join('\\n');\n};\n\nexport const toDotSecPerEnvironment = (options: {\n dotSecEncrypted: DotSecEncrypted;\n verbose?: boolean;\n searchPath?: string;\n}) => {\n const { info } = getLogger();\n\n const { dotSecEncrypted, searchPath, verbose } = options;\n\n const environments = Object.keys(dotSecEncrypted.encrypted);\n\n return Object.fromEntries(\n environments.map((environment) => {\n let tree = dotSecEncrypted.encrypted[environment];\n if (searchPath) {\n if (verbose) {\n info(`Searching for path: ${strong(searchPath)}`);\n }\n const pathParts = searchPath.split('/');\n for (const pathPart of pathParts) {\n // questionable cast\n tree = tree[pathPart] as DotSecTree<\n DotSecEncryptedEncoding,\n DotSecExpandedTree\n >;\n }\n }\n\n return [\n environment,\n fromEncryptedLeafsToEnvEntries(flattenTree(tree)).join('\\n'),\n ];\n }),\n );\n};\n", "import { Command } from \"commander\";\nimport { handleCredentialsAndRegion } from \"../../lib/partial-commands/handleCredentialsAndRegion\";\nimport { encryptPlainText } from \"../../lib/wtf/crypto\";\nimport fs from \"node:fs\";\nimport path from \"node:path\";\nimport { DotSecPlainText } from \"../../lib/wtf/types\";\nimport { DotsecConfig } from \"../../lib/config/types\";\nimport { getLogger, prettyCode, strong } from \"../../utils/logger\";\nimport { promptOverwriteIfFileExists } from \"../../utils/io\";\nimport { toDotSec } from \"../../lib/wtf/dotsec\";\ntype Formats = {\n\tenv?: string;\n\tsec?: string;\n\tsecrets?: string;\n\tencryptedSecrets?: string;\n};\n\nconst writeOut = async (options: {\n\ttargetFile: string;\n\tconverted: string;\n\tskipPromptForOverride: boolean;\n}) => {\n\tconst { info } = getLogger();\n\tconst {\n\t\ttargetFile: encryptedSecretsPath,\n\t\tconverted,\n\t\tskipPromptForOverride,\n\t} = options;\n\n\tinfo(`target: ${strong(encryptedSecretsPath)}\\n`);\n\tinfo(prettyCode(converted));\n\tinfo(\"\\n\");\n\tconst overwriteResponse = await promptOverwriteIfFileExists({\n\t\tfilePath: encryptedSecretsPath,\n\t\tskip: skipPromptForOverride,\n\t});\n\t// easy peasy, write json\n\n\tif (overwriteResponse === undefined || overwriteResponse.overwrite === true) {\n\t\tfs.writeFileSync(encryptedSecretsPath, converted);\n\t\tinfo(\n\t\t\t`Wrote encrypted secrets to ${strong(\n\t\t\t\t`./${path.relative(process.cwd(), encryptedSecretsPath)}`,\n\t\t\t)}`,\n\t\t);\n\t}\n};\nconst decrypt = async (\n\toptions: {\n\t\tawsKeyAlias?: string;\n\t\tawsRegion?: string;\n\t\tverbose: boolean;\n\t\tconfig: DotsecConfig;\n\t\tsecrets: string;\n\t\tskipPromptForOverride: boolean;\n\t} & (\n\t\t| { encryptedSecrets: string; sec?: never }\n\t\t| { encryptedSecrets?: never; sec: string }\n\t),\n) => {\n\tconsole.log(\"options\", options);\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst {\n\t\tsecrets,\n\t\tawsKeyAlias,\n\t\tawsRegion,\n\t\tverbose,\n\t\tencryptedSecrets,\n\t\tsec,\n\t\tskipPromptForOverride,\n\t} = options;\n\tconst dotSecPlainText = JSON.parse(\n\t\tfs.readFileSync(secrets, \"utf8\"),\n\t) as DotSecPlainText;\n\tconst dotSecEncrypted = await encryptPlainText({\n\t\tdotSecPlainText,\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: awsRegion || regionAndOrigin.value,\n\t\tkeyAlias: awsKeyAlias,\n\t\tverbose: verbose,\n\t});\n\n\tif (encryptedSecrets) {\n\t\tconst targetFile = path.resolve(process.cwd(), encryptedSecrets);\n\t\tconst converted = JSON.stringify(dotSecEncrypted, null, 2);\n\n\t\tawait writeOut({\n\t\t\ttargetFile,\n\t\t\tconverted,\n\t\t\tskipPromptForOverride,\n\t\t});\n\t} else if (sec) {\n\t\tconst dotSec = toDotSec({\n\t\t\tdotSecEncrypted,\n\t\t\tverbose: verbose,\n\t\t});\n\n\t\tconst targetFile = path.resolve(process.cwd(), sec);\n\t\tawait writeOut({\n\t\t\ttargetFile,\n\t\t\tconverted: dotSec,\n\t\t\tskipPromptForOverride,\n\t\t});\n\t} else {\n\t\tthrow new Error(\"Must provide either encryptedSecrets or sec\");\n\t}\n};\nexport default (program: Command) => {\n\tconst encryptProgram = program\n\t\t.enablePositionalOptions()\n\t\t.command(\"decrypt\")\n\t\t.option(\n\t\t\t\"--secrets [secrets]\",\n\t\t\t\"Run command with secrets.json file\",\n\t\t\t\"secrets.json\",\n\t\t)\n\t\t.option(\"--awsKeyAlias, --aws-key-alias [awsKeyAlias]\")\n\t\t.option(\"--awsRegion, --aws-region [awsRegion]\")\n\t\t.usage(\"encrypt [--secrets secrets.json] [to]\")\n\t\t.summary(\"Encrypt secrets.json file\")\n\t\t.description(\"Encrypts secrets.json to secrets.encrypted.json.\\n1123\")\n\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\t//\n\t\t\tconst verbose = Boolean(command.getOptionValue(\"verbose\"));\n\t\t\tconst secrets = command.getOptionValue(\"secrets\") as string;\n\t\t\tconst config = command.getOptionValue(\"dotsecConfig\") as DotsecConfig;\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.getOptionValue(\"awsKeyAlias\") as string) ||\n\t\t\t\tconfig.aws.keyAlias;\n\t\t\tconst awsRegion =\n\t\t\t\t(command.getOptionValue(\"awsRegion\") as string) || config.aws.region;\n\n\t\t\tawait decrypt({\n\t\t\t\tconfig,\n\t\t\t\tverbose,\n\t\t\t\tsecrets,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tencryptedSecrets: \"encrypted.secrets.json\",\n\t\t\t\tskipPromptForOverride: false,\n\t\t\t});\n\t\t});\n\n\tconst toProgram = encryptProgram\n\t\t.command(\"to\")\n\t\t.usage(\"[--encryptedSecrets [encrypted.secrets.json]] [--sec [.sec]]\")\n\t\t.summary(\"specifies encryption output format\")\n\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tcommand.help();\n\t\t});\n\ttoProgram\n\t\t.command(\"dotsec\")\n\t\t.option(\"--sec, [sec]\", \"Target dotsec file\", \".sec\")\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tconst config = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"dotsecConfig\",\n\t\t\t) as DotsecConfig;\n\t\t\tconst verbose = Boolean(\n\t\t\t\tcommand.parent?.parent?.parent?.getOptionValue(\"verbose\"),\n\t\t\t);\n\t\t\tconst secrets = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"secrets\",\n\t\t\t) as string;\n\t\t\tconst sec = command.getOptionValue(\"sec\") as string;\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsKeyAlias\",\n\t\t\t\t) as string) || config.aws.keyAlias;\n\t\t\tconst awsRegion =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsRegion\",\n\t\t\t\t) as string) || config.aws.region;\n\n\t\t\tawait decrypt({\n\t\t\t\tconfig,\n\t\t\t\tverbose,\n\t\t\t\tsecrets,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tsec,\n\t\t\t\tskipPromptForOverride: false,\n\t\t\t});\n\t\t});\n\ttoProgram\n\t\t.command(\"encryptedSecrets\")\n\t\t.option(\n\t\t\t\"--encryptedSecrets,--encrypted-secrets [encryptedSecrets]\",\n\t\t\t\"Target encrypted secrets file\",\n\t\t\t\"encrypted.secrets.json\",\n\t\t)\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tconst config = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"dotsecConfig\",\n\t\t\t) as DotsecConfig;\n\t\t\tconst verbose = Boolean(\n\t\t\t\tcommand.parent?.parent?.parent?.getOptionValue(\"verbose\"),\n\t\t\t);\n\t\t\tconst secrets = command.parent?.parent?.getOptionValue(\n\t\t\t\t\"secrets\",\n\t\t\t) as string;\n\t\t\tconst encryptedSecrets = command.getOptionValue(\n\t\t\t\t\"encryptedSecrets\",\n\t\t\t) as string;\n\t\t\tconst awsKeyAlias =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsKeyAlias\",\n\t\t\t\t) as string) || config.aws.keyAlias;\n\t\t\tconst awsRegion =\n\t\t\t\t(command.parent?.parent?.parent?.getOptionValue(\n\t\t\t\t\t\"awsRegion\",\n\t\t\t\t) as string) || config.aws.region;\n\n\t\t\tawait decrypt({\n\t\t\t\tconfig,\n\t\t\t\tverbose,\n\t\t\t\tsecrets,\n\t\t\t\tawsKeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tencryptedSecrets,\n\t\t\t\tskipPromptForOverride: false,\n\t\t\t});\n\t\t});\n\treturn encryptProgram;\n};\n", "import path from \"node:path\";\n\nimport { bundleRequire } from \"bundle-require\";\nimport JoyCon from \"joycon\";\n\nimport { loadJson } from \"../json\";\nimport { defaultConfig } from \"./constants\";\nimport { DotsecConfig, PartialConfig } from \"./types\";\n\nexport const getConfig = async (filename?: string): Promise<DotsecConfig> => {\n\tconst cwd = process.cwd();\n\tconst configJoycon = new JoyCon();\n\tconst configPath = await configJoycon.resolve({\n\t\tfiles: filename\n\t\t\t? [filename]\n\t\t\t: [\n\t\t\t\t\t\"dotsec.config.ts\",\n\t\t\t\t\t\"dotsec.config.js\",\n\t\t\t\t\t\"dotsec.config.cjs\",\n\t\t\t\t\t\"dotsec.config.mjs\",\n\t\t\t\t\t\"dotsec.config.json\",\n\t\t\t\t\t\"package.json\",\n\t\t\t ],\n\t\tcwd,\n\t\tstopDir: path.parse(cwd).root,\n\t\tpackageKey: \"dotsec\",\n\t});\n\tif (filename && configPath === null) {\n\t\tthrow new Error(`Could not find config file ${filename}`);\n\t}\n\tif (configPath) {\n\t\tif (configPath.endsWith(\".json\")) {\n\t\t\tconst rawData = (await loadJson(configPath)) as PartialConfig;\n\n\t\t\tlet data: Partial<DotsecConfig>;\n\n\t\t\tif (\n\t\t\t\tconfigPath.endsWith(\"package.json\") &&\n\t\t\t\t(rawData as { dotsec: Partial<DotsecConfig> }).dotsec !== undefined\n\t\t\t) {\n\t\t\t\tdata = (rawData as { dotsec: Partial<DotsecConfig> }).dotsec;\n\t\t\t} else {\n\t\t\t\tdata = rawData as Partial<DotsecConfig>;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\t...defaultConfig,\n\t\t\t\t...data,\n\t\t\t\taws: { ...defaultConfig.aws, ...data.aws },\n\t\t\t};\n\t\t}\n\n\t\tconst config = await bundleRequire({\n\t\t\tfilepath: configPath,\n\t\t});\n\n\t\tconst retrievedConfig =\n\t\t\t// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access\n\t\t\t(config.mod.dotsec as Partial<DotsecConfig>) ||\n\t\t\t// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access\n\t\t\t(config.mod.default as Partial<DotsecConfig>) ||\n\t\t\tconfig.mod;\n\t\treturn {\n\t\t\t...defaultConfig,\n\t\t\t// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access\n\t\t\t...retrievedConfig,\n\t\t};\n\t}\n\n\treturn { ...defaultConfig };\n};\n", "import fs from 'fs';\nimport path from 'node:path';\n\nexport function jsoncParse(data: string) {\n try {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-implied-eval\n return new Function('return ' + data.trim())();\n } catch {\n // Silently ignore any error\n // That's what tsc/jsonc-parser did after all\n return {};\n }\n}\n\nexport const loadJson = async (filepath: string) => {\n try {\n // eslint-disable-next-line @typescript-eslint/no-unsafe-return\n return jsoncParse(await fs.promises.readFile(filepath, 'utf8'));\n } catch (error) {\n if (error instanceof Error) {\n throw new Error(\n `Failed to parse ${path.relative(process.cwd(), filepath)}: ${\n error.message\n }`,\n );\n } else {\n throw error;\n }\n }\n};\n", "import { DotsecConfig } from './types';\n\nexport const defaultConfig: DotsecConfig = {\n aws: {\n keyAlias: 'alias/top-secret',\n },\n} as const;\n"],
5
- "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wBAAwB;;;ACAxB,qBAAe;AAEf,uBAAmC;AACnC,yBAAkB;AAClB,oBAAsB;;;ACJtB,kCAIO;AACP,oCAAsC;;;ACLtC,mBAAkB;AAClB,2BAAwC;AAExC,IAAI;AACG,IAAM,YAAY,MAAM;AAC3B,MAAI,CAAC,SAAS;AACV,cAAU;AAAA;AAGd,SAAO;AAAA;AAKJ,IAAM,WAAW,CAAC,QAAwB,qBAAM,aAAa;AAC7D,IAAM,SAAS,CAAC,QAAwB,qBAAM,OAAO,KAAK;AAEjE,IAAM,UAAiB;AAAA,EACnB,MAAM,qBAAM,OAAO;AAAA,EACnB,QAAQ,qBAAM,aAAa;AAAA,EAC3B,QAAQ,qBAAM;AAAA,EACd,UAAU,qBAAM,IAAI;AAAA,EACpB,QAAQ;AAAA;AAGL,IAAM,aAAa,CAAC,QAAwB;AAC/C,SAAO,oCAAU,KAAK,EAAE,OAAO;AAAA;;;ADZ5B,IAAM,8BAA8B,OAAO;AAAA,EAC9C;AAAA,EACA;AAAA,MAkBE;AAlCN;AAmCI,QAAM,oBAAoB,MAAM;AAChC,MAAI,uBAAyD;AAC7D,MAAI,mBAAiD;AACrD,MAAI,kBAA+C;AACnD,MAAI,KAAK,SAAS;AACd,uBAAmB;AAAA,MACf,OAAO,KAAK;AAAA,MACZ,QAAQ,wBAAwB,SAAS,KAAK;AAAA;AAElD,2BAAuB;AAAA,MACnB,OAAO,MAAM,yCAAQ;AAAA,QACjB,SAAS,KAAK;AAAA;AAAA,MAElB,QAAQ,GAAG,SAAS,IAAI,KAAK;AAAA;AAAA,aAE1B,IAAI,aAAa;AACxB,uBAAmB;AAAA,MACf,OAAO,IAAI;AAAA,MACX,QAAQ,gBAAgB,SAAS,mBAAmB,OAChD,IAAI;AAAA;AAGZ,2BAAuB;AAAA,MACnB,OAAO,MAAM,yCAAQ;AAAA,QACjB,SAAS,IAAI;AAAA;AAAA,MAEjB,QAAQ,gBAAgB,SAAS,mBAAmB,OAChD,IAAI;AAAA;AAAA,aAGL,IAAI,qBAAqB,IAAI,uBAAuB;AAC3D,2BAAuB;AAAA,MACnB,OAAO,MAAM;AAAA,MACb,QAAQ,iBAAiB,SACrB,4BACK,SAAS;AAAA;AAAA,aAEf,wBAAkB,oBAAlB,mBAAmC,SAAS;AACnD,uBAAmB;AAAA,MACf,OAAO;AAAA,MACP,QAAQ,GAAG,SAAS;AAAA;AAExB,2BAAuB;AAAA,MACnB,OAAO,MAAM,yCAAQ;AAAA,QACjB,SAAS;AAAA;AAAA,MAEb,QAAQ,WAAW,SAAS;AAAA;AAAA;AAIpC,MAAI,KAAK,QAAQ;AACb,sBAAkB;AAAA,MACd,OAAO,KAAK;AAAA,MACZ,QAAQ,wBAAwB,SAAS,KAAK;AAAA;AAAA,aAE3C,IAAI,YAAY;AACvB,sBAAkB;AAAA,MACd,OAAO,IAAI;AAAA,MACX,QAAQ,gBAAgB,SAAS,kBAAkB,OAC/C,IAAI;AAAA;AAAA,aAGL,IAAI,oBAAoB;AAC/B,sBAAkB;AAAA,MACd,OAAO,IAAI;AAAA,MACX,QAAQ,gBAAgB,SAAS,0BAA0B,OACvD,IAAI;AAAA;AAAA,aAGL,kBAAkB;AACzB,UAAM,cACF,mEAAmB,eAAnB,mBAAgC,iBAAiB,WAAjD,mBAAyD;AAE7D,QAAI,aAAa;AACb,wBAAkB;AAAA,QACd,OAAO;AAAA,QACP,QAAQ,GAAG,SACP,YAAY,iBAAiB;AAAA;AAAA;AAAA;AAM7C,QAAM,cAAc,KAAK,iBAAiB,IAAI;AAC9C,MAAI,aAAa;AACb,UAAM,SAAS,KAAK,gBACd,wBACA;AACN,2BAAuB;AAAA,MACnB,OAAO,MAAM,0DAAyB;AAAA,QAClC,mBAAmB,6DAAsB;AAAA,QAEzC,QAAQ;AAAA,UACJ,iBACI,KAAK,6BACL,OAAO,IAAI,qCACX;AAAA,UACJ,SAAS;AAAA;AAAA,QAGb,cAAc;AAAA,UACV,QAAQ,mDAAiB;AAAA;AAAA;AAAA,MAGjC,QAAQ,GAAG,UAAU,SAAS,IAAI;AAAA;AAAA;AAI1C,SAAO,EAAE,sBAAsB,iBAAiB;AAAA;AAG7C,IAAM,uCAAuC,CAAC;AAAA,EACjD;AAAA,EACA;AAAA,EACA;AAAA,MAKU;AACV,QAAM,MAAgB;AACtB,MAAI,kBAAkB;AAClB,QAAI,KAAK,yBAAyB,iBAAiB;AAAA;AAEvD,MAAI,sBAAsB;AACtB,QAAI,KAAK,6BAA6B,qBAAqB;AAAA;AAE/D,MAAI,iBAAiB;AACjB,QAAI,KAAK,wBAAwB,gBAAgB;AAAA;AAErD,SAAO,IAAI,KAAK;AAAA;;;AEhKb,IAAM,6BAA6B,OAAO;AAAA,EAC7C;AAAA,EACA;AAAA,MAmBE;AACF,QAAM,EAAE,sBAAsB,iBAAiB,qBAC3C,MAAM,4BAA4B;AAAA,IAC9B,MAAM;AAAA,MACF,QAAQ,KAAK;AAAA,MACb,SAAS,KAAK;AAAA,MACd,eAAe,KAAK;AAAA,MACpB,2BAA2B,KAAK;AAAA;AAAA,IAEpC,KAAK,mBACE;AAAA;AAIf,MAAI,KAAK,YAAY,MAAM;AACvB,YAAQ,IACJ,qCAAqC;AAAA,MACjC;AAAA,MACA;AAAA,MACA;AAAA;AAAA;AAKZ,MAAI,CAAC,wBAAwB,CAAC,iBAAiB;AAC3C,QAAI,CAAC,sBAAsB;AACvB,cAAQ,MAAM;AACd,YAAM,IAAI,MAAM;AAAA;AAEpB,QAAI,CAAC,iBAAiB;AAClB,cAAQ,MAAM;AACd,YAAM,IAAI,MAAM;AAAA;AAAA;AAIxB,SAAO,EAAE,sBAAsB;AAAA;;;AC7DnC,yBAIO;AACP,qCAIO;AACP,yBAIO;AAEP,2BAA6B;;;AChB7B,wBAIO;AAEA,IAAM,eAAe,CAAC;AAAA,EACzB;AAAA,MAIE;AACF,QAAM,YAAY,IAAI,4BAAU;AAEhC,SAAO;AAAA;AAGJ,IAAM,yBAAyB,OAClC,WACA,gBACC;AApBL;AAsBI,QAAM,qBAAqB,IAAI,qCAAmB;AAAA,IAC9C,OAAO;AAAA;AAGX,QAAM,oBAAoB,MAAM,UAAU,KAAK;AAC/C,QAAM,sBACF,8BAAkB,gBAAlB,mBAA+B,yBAA/B,mBAAsD;AAE1D,MAAI,wBAAwB,QAAW;AACnC,UAAM,IAAI,MAAM;AAAA;AAGpB,SAAO;AAAA;;;AClCX,oCAGO;;;ACHP,wBAA2C;;;AC2VpC,IAAM,WAAW,CAAC,UAAoC;AAC5D,SAAO,OAAO,UAAU;AAAA;AAGlB,IAAM,WAAW,CAAC,UAAoC;AAC5D,SAAO,OAAO,UAAU;AAAA;AAElB,IAAM,YAAY,CAAC,UAAqC;AAC9D,SAAO,OAAO,UAAU;AAAA;AAelB,IAAM,iBAAiB,CAC7B,eAC0C;AAC1C,QAAM,eAAe;AACrB,SACC,OAAO,iBAAiB,YACxB,iBAAiB,QACjB,UAAU,gBACV,aAAa,SAAS;AAAA;AAIjB,IAAM,2BAA2B,CACvC,UACsC;AACtC,QAAM,mBAAmB;AACzB,SACC,OAAO,qBAAqB,YAC5B,qBAAqB,QACrB,UAAU,oBACV,iBAAiB,SAAS;AAAA;AAIrB,IAAM,qBAAqB,CACjC,eAC+C;AAC/C,QAAM,OAAO;AACb,SACC,SAAS,SACT,SAAS,SACT,UAAU,SACV,yBAAyB;AAAA;AAIpB,IAAM,0BAA0B,CACtC,eACyD;AACzD,QAAM,OAAO;AACb,SACC,KAAK,SAAS,UACd,KAAK,SAAS,SACd,KAAK,mBAAmB;AAAA;AAInB,IAAM,8BAA8B,CAC1C,eAC8D;AAC9D,QAAM,OAAO;AACb,SACC,KAAK,SAAS,UACd,KAAK,SAAS,cACd,KAAK,mBAAmB;AAAA;AAInB,IAAM,4BAA4B,CACxC,eACqD;AACrD,QAAM,OAAO;AACb,SACC,KAAK,SAAS,UACd,KAAK,SAAS,oBACd,CAAE,UAAS,SAAS,SAAS,SAAS,UAAU;AAAA;AAI3C,IAAM,eAAe,CAC3B,eAC4D;AAC5D,MACC,OAAO,eAAe,YACtB,CAAC,MAAM,QAAQ,eACf,eAAe,QACf,CAAC,eAAe,eAChB,CAAC,mBAAmB,eACpB,CAAC,wBAAwB,eACzB,CAAC,4BAA4B,eAC7B,CAAC,0BAA0B,aAC1B;AACD,WAAO;AAAA;AAGR,SAAO;AAAA;;;AC3bD,IAAM,cAAc,CAI1B,SAC+C;AAC/C,QAAM,OAAkD;AAExD,QAAM,cAAc,CACnB,YACA,QAAuB,OACnB;AACJ,QAAI,aAAa,aAAa;AAC7B,aAAO,QAAQ,YAAY,IAAI,CAAC,CAAC,KAAK,WAAW;AAChD,oBAAY,OAAO,CAAC,GAAG,OAAO;AAAA;AAAA,WAEzB;AACN,WAAK,MAAM,KAAK,QAAQ;AAAA;AAAA;AAI1B,cAAY;AACZ,SAAO;AAAA;AAGD,IAAM,mBAAmB,CAC/B,WAC8B;AAC9B,SAAO,iCAAK,SAAL,EAAa,WAAW,YAAY,OAAO;AAAA;AAG5C,IAAM,mBAAmB,CAC/B,WAC8B;AAC9B,SAAO,iCAAK,SAAL,EAAa,WAAW,YAAY,OAAO;AAAA;AAGnD,IAAM,aAAa,CAIlB,SAC8C;AAC9C,QAAM,OAAiD;AACvD,SAAO,QAAQ,MAAM,IAAI,CAAC,CAAC,KAAK,WAAW;AAC1C,UAAM,QAAQ,IAAI,MAAM;AACxB,QAAI,UAAU;AACd,UAAM,QAAQ,CAAC,SAAS,UAAU;AACjC,UAAI,CAAC,QAAQ,UAAU;AACtB,YAAI,UAAU,MAAM,SAAS,GAAG;AAC/B,kBAAQ,WAAW;AAAA,eACb;AACN,kBAAQ,WAAW;AAAA;AAAA;AAKrB,gBAAU,QAAQ;AAAA;AAAA;AAIpB,SAAO;AAAA;AAGD,IAAM,kBAAkB,CAC9B,WACqB;AACrB,SAAO,iCAAK,SAAL,EAAa,WAAW,WAAW,OAAO;AAAA;AAG3C,IAAM,kBAAkB,CAC9B,WACqB;AACrB,SAAO,iCAAK,SAAL,EAAa,WAAW,WAAW,OAAO;AAAA;;;AL1ClD,IAAM,YAAY,CAAC,UAAiC;AACnD,MAAI;AACH,WAAO,KAAK,MAAM;AAAA,WACV,GAAP;AACD,WAAO;AAAA;AAAA;AAGF,IAAM,qBAAqB,OAAO,YAMT;AAxDhC;AAyDC,QAAM,EAAE,iBAAiB,aAAa,QAAQ,SAAS,aAAa;AACpE,QAAM,2BAA2B,iBAAiB;AAElD,QAAM,EAAE,MAAM,UAAU;AAExB,QAAM,YAAY,aAAa;AAAA,IAC9B,eAAe;AAAA,MACd;AAAA,MACA;AAAA;AAAA,IAED;AAAA;AAGD,QAAM,cAAc,YAAY,6BAAgB,WAAhB,mBAAwB,QAAxB,mBAA6B;AAC7D,MAAI,CAAC,aAAa;AACjB,UAAM,IAAI,MAAM;AAAA;AAEjB,MAAI,SAAS;AACZ,SACC,8BAA8B,SAAS,mBAAmB,SACzD,MAAM,UAAU,OAAO;AAMzB,UAAM,qBAAqB,IAAI,sCAAmB;AAAA,MACjD,OAAO;AAAA;AAGR,UAAM,oBAAoB,MAAM,UAAU,KAAK;AAE/C,SAAK,eAAe,mBAAK,kBAAkB;AAAA;AAG5C,QAAM,sBAAsB,MAAM,uBACjC,WACA;AAGD,QAAM,kBAA4C;AAAA,IACjD,QAAQ,mBAAK,gBAAgB;AAAA,IAC7B,WAAW;AAAA;AAEZ,aAAW,CAAC,KAAK,mBAAmB,OAAO,QAC1C,yBAAyB,YACvB;AACF,UAAM,iBAAiB,IAAI,kCAAe;AAAA,MACzC,OAAO;AAAA,MACP,gBAAgB,OAAO,KAAK,eAAe,gBAAgB;AAAA,MAC3D,qBAAqB;AAAA;AAGtB,UAAM,mBAAmB,MAAM,UAAU,KAAK;AAE9C,QAAI,CAAC,iBAAiB,WAAW;AAChC,YAAM,IAAI,MACT,2BAA2B,KAAK,UAAU;AAAA,QACzC;AAAA,QACA,YAAY;AAAA,QACZ;AAAA;AAAA;AAKH,QAAI,SAAS;AACZ,WAAK,kBAAkB,SAAS,QAAQ,OAAO;AAAA;AAGhD,UAAM,iBAAiB,OAAO,KAAK,iBAAiB,WAAW;AAC/D,UAAM,oBAAoB,KAAK,MAAM;AAUrC,oBAAgB,UAAU,OAAO,UAAU,kBAAkB;AAAA;AAE9D,SAAO,gBAAgB;AAAA;AAGjB,IAAM,mBAAmB,OAAO,YAMP;AApJhC;AAqJC,QAAM,EAAE,iBAAiB,aAAa,QAAQ,SAAS,aAAa;AACpE,QAAM,kBAAkB,iBAAiB;AACzC,QAAM,EAAE,SAAS;AAEjB,QAAM,YAAY,aAAa;AAAA,IAC9B,eAAe;AAAA,MACd;AAAA,MACA;AAAA;AAAA,IAED;AAAA;AAGD,QAAM,cAAc,YAAY,6BAAgB,WAAhB,mBAAwB,QAAxB,mBAA6B;AAC7D,MAAI,CAAC,aAAa;AACjB,UAAM,IAAI,MAAM;AAAA;AAEjB,MAAI,SAAS;AACZ,SACC,8BAA8B,SAAS,mBAAmB,SACzD,MAAM,UAAU,OAAO;AAMzB,UAAM,qBAAqB,IAAI,sCAAmB;AAAA,MACjD,OAAO;AAAA;AAGR,UAAM,oBAAoB,MAAM,UAAU,KAAK;AAE/C,SAAK,eAAe,mBAAK,kBAAkB;AAAA;AAG5C,QAAM,sBAAsB,MAAM,uBACjC,WACA;AAGD,QAAM,2BAAqD;AAAA,IAC1D,QAAQ,mBAAK,gBAAgB;AAAA,IAC7B,WAAW;AAAA;AAEZ,aAAW,CAAC,KAAK,mBAAmB,OAAO,QAC1C,gBAAgB,YACd;AACF,QAAI,qBAAqB;AAEzB,QACC,OAAO,uBAAuB,YAC9B,OAAO,uBAAuB,YAC9B,OAAO,uBAAuB,WAC7B;AACD,2BAAqB,KAAK,UAAU;AAAA;AAGrC,UAAM,OAAO,KAAK,UAAU,EAAE,KAAK,OAAO;AAC1C,UAAM,iBAAiB,IAAI,kCAAe;AAAA,MACzC,OAAO;AAAA,MACP,WAAW,OAAO,KAAK,OAAO;AAAA,MAC9B,qBAAqB;AAAA;AAGtB,UAAM,mBAAmB,MAAM,UAAU,KAAK;AAE9C,QAAI,CAAC,iBAAiB,gBAAgB;AACrC,YAAM,IAAI,MACT,2BAA2B,KAAK,UAAU;AAAA,QACzC;AAAA,QACA,OAAO;AAAA,QACP;AAAA;AAAA;AAKH,QAAI,SAAS;AACZ,WAAK,kBAAkB,SAAS,QAAQ,OAAO;AAAA;AAGhD,UAAM,aAAa,OAAO,KAAK,iBAAiB,gBAAgB,SAC/D;AAGD,QAAI,mBAAmB,iBAAiB;AACvC,+BAAyB,UAAU,OAAO;AAAA,QACzC,MAAM;AAAA,QACN,gBAAgB;AAAA;AAAA,eAGP,eAAe,iBAAiB;AAC1C,+BAAyB,UAAU,OAAO;AAAA,QACzC,MAAM;AAAA,QACN,gBAAgB;AAAA;AAAA,eAGP,0BAA0B,iBAAiB;AACrD,+BAAyB,UAAU,OAAO;AAAA,QACzC,MAAM;AAAA,QACN,gBAAgB;AAAA;AAAA;AAAA;AAInB,SAAO,gBAAgB;AAAA;AA6PjB,IAAM,yBAAyB,OAAO,YAOtB;AACtB,QAAM,EAAE,SAAS;AAEjB,QAAM;AAAA,IACL,kBAAkB;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,MACG;AAEJ,QAAM,YAAY,aAAa;AAAA,IAC9B,eAAe;AAAA,MACd;AAAA,MACA;AAAA;AAAA,IAED;AAAA;AAGD,QAAM,IAAI,yCACP,MAAM,KACP,IAAI,CAAC,SAAS,GAAG,uCAAa,UAC9B,KAAK;AACP,QAAM,cAAc;AACpB,MAAI,CAAC,UAAU;AACd,UAAM,IAAI,MAAM;AAAA;AAGjB,QAAM,sBAAsB,MAAM,uBAAuB,WAAW;AACpE,QAAM,cAAwB;AAE9B,QAAM,WAAW,IACd,OAAO,YACP,OAAO,QAAQ,WACb,OAAO,CAAC,CAAC,SAAS,IAAI,WAAW,IACjC,IAAI,CAAC,CAAC,KAAK,WAAW,CAAC,IAAI,QAAQ,GAAG,KAAK,WAE7C;AACH,aAAW,CAAC,KAAK,mBAAmB,OAAO,QAAQ,WAAW;AAC7D,UAAM,iBAAiB,IAAI,kCAAe;AAAA,MACzC,OAAO;AAAA,MACP,gBAAgB,OAAO,KAAK,gBAAgB;AAAA,MAC5C,qBAAqB;AAAA;AAGtB,UAAM,mBAAmB,MAAM,UAAU,KAAK;AAE9C,QAAI,CAAC,iBAAiB,WAAW;AAChC,YAAM,IAAI,MACT,2BAA2B,KAAK,UAAU;AAAA,QACzC;AAAA,QACA,YAAY;AAAA,QACZ;AAAA;AAAA;AAKH,QAAI,SAAS;AACZ,WAAK,kBAAkB,SAAS,QAAQ,OAAO;AAAA;AAGhD,UAAM,iBAAiB,OAAO,KAAK,iBAAiB,WAAW;AAE/D,UAAM,cAAc,KAAK,MAAM;AAK/B,UAAM,eAAe,UAAU,YAAY;AAE3C,QAAI,mBAAmB,eAAe;AACrC,UAAI,yBAAyB,eAAe;AAC3C,oBAAY,KAAK,GAAG,OAAO,KAAK,UAAU,aAAa;AAAA,aACjD;AACN,oBAAY,KAAK,GAAG,OAAO,OAAO;AAAA;AAAA,eAEzB,eAAe,eAAe;AAExC,kBAAY,KAAK,GAAG,OAAO,KAAK,UAAU,aAAa;AAAA,eAI7C,0BAA0B,eAAe;AACnD,kBAAY,KAAK,GAAG,OAAO,KAAK,UAAU,aAAa;AAAA;AAAA;AAMzD,SAAO,YAAY,KAAK;AAAA;;;AMzlBzB,4BAA6B;AAmB7B,IAAM,iCAAiC,CACnC,UACC;AACD,SAAO,OAAO,QAAQ,OAAO,IAAI,CAAC,CAAC,KAAK,oBAAoB;AACxD,UAAM,QAAQ,IAAI,MAAM;AAExB,UAAM,gBAAgB,MAAM,IAAI,CAAC,MAAM,wCAAa,IAAI,KAAK;AAE7D,QAAI;AACJ,QAAI,mBAAmB,iBAAiB;AACpC,UAAI,yBAAyB,iBAAiB;AAC1C,uBAAe,eAAe;AAAA,aAC3B;AACH,uBAAe;AAAA;AAAA,eAEZ,eAAe,iBAAiB;AACvC,qBAAe,eAAe;AAAA,eACvB,0BAA0B,iBAAiB;AAClD,qBAAe,eAAe;AAAA,WAC3B;AACH,YAAM,IAAI,MAAM;AAAA;AAGpB,QACI,CAAC,SAAS,iBACV,CAAC,SAAS,iBACV,CAAC,UAAU,eACb;AACE,qBAAe,KAAK,UAAU;AAAA;AAGlC,WAAO,GAAG,iBAAiB,OAAO;AAAA;AAAA;AAInC,IAAM,WAAW,CAAC,YAInB;AACF,QAAM,EAAE,SAAS;AACjB,QAAM,EAAE,iBAAiB,YAAY,YAAY;AACjD,MAAI,OAAO,gBAAgB;AAC3B,MAAI,YAAY;AACZ,QAAI,SAAS;AACT,WAAK,uBAAuB,OAAO;AAAA;AAEvC,UAAM,YAAY,WAAW,MAAM;AACnC,eAAW,YAAY,WAAW;AAE9B,aAAO,KAAK;AAKZ,UAAI,SAAS,QAAW;AACpB,cAAM,IAAI,MACN,yBAAyB,uBAAuB;AAAA;AAAA;AAAA;AAMhE,QAAM,gBAAgB,YAAY;AAElC,SAAO,+BAA+B,eAAe,KAAK;AAAA;;;AVtE9D,IAAO,cAAQ,CAAC,aAAqB;AACpC,QAAM,aAAa,SACjB,QAAQ,OACR,YACA,oHAEA,QACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,GAsBA,OAAO,eAAe,8BACtB,OAAO,eAAe,8BACtB,OAAO,uBAAuB,sCAC9B,OACA,6DACA,gDAGA,OAAO,gDACP,OAAO,yCACP,OAAO,4CACP,OAAO,CAAC,UAAkC,YAAqB;AAC/D,YAAQ;AAAA;AAGV,aACE,QAAQ,wBACR,qBACA,qBACA,OAAO,OAAO,UAAoB,UAAU,YAAqB;AA9DpE;AA+DG,UAAM,SAAS,cAAQ,WAAR,mBAAgB,eAC9B;AAED,UAAM,UAAU,QAAQ,cAAQ,WAAR,mBAAgB,eAAe;AACvD,UAAM,cACJ,eAAQ,WAAR,mBAAgB,eAAe,mBAChC,OAAO,IAAI;AAEZ,UAAM,YACJ,eAAQ,WAAR,mBAAgB,eAAe,iBAChC,OAAO,IAAI;AACZ,UAAM,aAAa,cAAQ,WAAR,mBAAgB,eAAe;AAClD,UAAM,MAAM,cAAQ,WAAR,mBAAgB,eAAe;AAC3C,UAAM,MAAM,cAAQ,WAAR,mBAAgB,eAAe;AAC3C,YAAQ,IAAI,eAAe;AAAA,MAC1B;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA;AAGD,UAAM,aAAa,CAAC,OAAO,OAAO,WAAW,oBAC3C,IAAI,CAAC,aAAa;AAvFvB;AAwFK,YAAM,WAAW,eAAQ,WAAR,oBAAgB,eAAe;AAChD,UAAI,UAAU;AACb,eAAO,CAAC,UAAU;AAAA;AAAA,OAGnB,OAAO,CAAC,MAAM,CAAC,CAAC;AAElB,QAAI;AACJ,QAAI,WAAW,UAAU,GAAG;AAE3B,UAAI;AACH,cAAM,EAAE,sBAAsB,oBAC7B,MAAM,2BAA2B;AAAA,UAChC,MAAM;AAAA,UACN,KAAK,mBAAK,QAAQ;AAAA;AAGpB,cAAM,WAAW,WAAW,WAAW,IAAI,QAAQ,iBAAW,OAAX,mBAAgB;AACnE,cAAM,WACL,WAAW,WAAW,IAAI,SAAS,iBAAW,OAAX,mBAAgB;AACpD,gBAAQ,IAAI,YAAY;AACxB,YAAI,YAAY,UAAU;AACzB,gBAAM,MAAM,uBAAG,aAAa,UAAU;AACtC,cAAI,aAAa,OAAO;AACvB,wBAAY,MAAM,uBAAuB;AAAA,cACxC,kBAAkB,yBAAM;AAAA,cACxB,aAAa,qBAAqB;AAAA,cAClC,QAAQ,aAAa,gBAAgB;AAAA,cACrC,UAAU;AAAA,cACV;AAAA,cACA;AAAA;AAAA,qBAES,aAAa,OAAO;AAC9B,wBAAY;AAAA,qBACF,aAAa,WAAW;AAClC,kBAAM,kBAAkB,KAAK,MAAM;AAEnC,wBAAY,SAAS;AAAA,cACpB;AAAA,cACA;AAAA,cACA;AAAA;AAAA,qBAES,aAAa,oBAAoB;AAC3C,wBAAY;AACZ,kBAAM,kBAAkB,KAAK,MAAM;AACnC,kBAAM,kBAAkB,MAAM,mBAAmB;AAAA,cAChD;AAAA,cACA,aAAa,qBAAqB;AAAA,cAClC,QAAQ,aAAa,gBAAgB;AAAA,cACrC,UAAU;AAAA,cACV;AAAA;AAED,wBAAY,SAAS;AAAA,cACpB;AAAA,cACA;AAAA,cACA;AAAA;AAAA;AAAA;AAIH,YAAI,WAAW;AACd,gBAAM,CAAC,gBAAgB,mBAAmB;AAC1C,gBAAM,eAAe,yBAAM;AAC3B,0CAAM,aAAa,CAAC,GAAG,kBAAkB;AAAA,YACxC,OAAO;AAAA,YACP,OAAO;AAAA,YACP,KAAK,gDACD,QAAQ,MACR,eAFC;AAAA,cAGJ,eAAe,KAAK,UAAU,OAAO,KAAK;AAAA;AAAA;AAAA;AAAA,eAIrC,GAAP;AACD,YAAI,aAAa,OAAO;AACvB,kBAAQ,MAAM,EAAE;AAEhB,cAAI,SAAS;AACZ,oBAAQ,MAAM,EAAE,MAAM,EAAE;AAAA;AAAA;AAAA;AAAA,WAIrB;AAEN,YAAM,IAAI,yBAAU,2BACnB;AAAA;AAAA;AAKJ,SAAO;AAAA;;;AW9KR,sBAAe;AACf,wBAAiB;;;ACJjB,sBAAqB;AAErB,qBAAoB;AACpB,uBAAiB;AAEV,IAAM,aAAa,OAAO,WAAqC;AACrE,MAAI;AACH,UAAM,0BAAK;AACX,WAAO;AAAA,UACN;AACD,WAAO;AAAA;AAAA;AAIF,IAAM,8BAA8B,OAAO;AAAA,EACjD;AAAA,EACA;AAAA,MAIK;AACL,MAAI;AAEJ,MAAK,MAAM,WAAW,aAAc,SAAS,MAAM;AAClD,wBAAoB,MAAM,4BAAQ;AAAA,MACjC,MAAM;AAAA,MACN,MAAM;AAAA,MACN,SAAS,MAAM;AACd,eAAO,gBAAgB,yBAAK,SAAS,QAAQ,OAAO;AAAA;AAAA;AAAA,SAGhD;AACN,wBAAoB;AAAA;AAErB,SAAO;AAAA;;;AClCR,4BAA6B;AAc7B,IAAM,iCAAiC,CACnC,UACC;AACD,SAAO,OAAO,QAAQ,OAAO,IAAI,CAAC,CAAC,KAAK,oBAAoB;AACxD,UAAM,QAAQ,IAAI,MAAM;AAExB,UAAM,gBAAgB,MAAM,IAAI,CAAC,MAAM,wCAAa,IAAI,KAAK;AAE7D,QAAI;AACJ,QAAI,4BAA4B,iBAAiB;AAC7C,qBAAe,eAAe;AAAA,eACvB,wBAAwB,iBAAiB;AAChD,qBAAe,eAAe;AAAA,eACvB,0BAA0B,iBAAiB;AAClD,qBAAe,eAAe;AAAA,WAC3B;AACH,YAAM,IAAI,MAAM;AAAA;AAGpB,WAAO,GAAG,iBAAiB,OAAO;AAAA;AAAA;AAInC,IAAM,WAAW,CAAC,YAInB;AACF,QAAM,EAAE,SAAS;AACjB,QAAM,EAAE,iBAAiB,YAAY,YAAY;AAEjD,MAAI,OAAO,gBAAgB;AAC3B,MAAI,YAAY;AACZ,QAAI,SAAS;AACT,WAAK,uBAAuB,OAAO;AAAA;AAEvC,UAAM,YAAY,WAAW,MAAM;AACnC,eAAW,YAAY,WAAW;AAE9B,aAAO,KAAK;AAAA;AAAA;AAOpB,QAAM,gBAAgB,YAAY;AAElC,SAAO,+BAA+B,eAAe,KAAK;AAAA;;;AF7C9D,IAAM,WAAW,OAAO,YAIlB;AACL,QAAM,EAAE,SAAS;AACjB,QAAM;AAAA,IACL,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,MACG;AAEJ,OAAK,WAAW,OAAO;AAAA;AACvB,OAAK,WAAW;AAChB,OAAK;AACL,QAAM,oBAAoB,MAAM,4BAA4B;AAAA,IAC3D,UAAU;AAAA,IACV,MAAM;AAAA;AAIP,MAAI,sBAAsB,UAAa,kBAAkB,cAAc,MAAM;AAC5E,4BAAG,cAAc,sBAAsB;AACvC,SACC,8BAA8B,OAC7B,KAAK,0BAAK,SAAS,QAAQ,OAAO;AAAA;AAAA;AAKtC,IAAM,UAAU,OACf,YAWI;AACJ,UAAQ,IAAI,WAAW;AACvB,QAAM,EAAE,sBAAsB,oBAC7B,MAAM,2BAA2B;AAAA,IAChC,MAAM;AAAA,IACN,KAAK,mBAAK,QAAQ;AAAA;AAGpB,QAAM;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,MACG;AACJ,QAAM,kBAAkB,KAAK,MAC5B,wBAAG,aAAa,SAAS;AAE1B,QAAM,kBAAkB,MAAM,iBAAiB;AAAA,IAC9C;AAAA,IACA,aAAa,qBAAqB;AAAA,IAClC,QAAQ,aAAa,gBAAgB;AAAA,IACrC,UAAU;AAAA,IACV;AAAA;AAGD,MAAI,kBAAkB;AACrB,UAAM,aAAa,0BAAK,QAAQ,QAAQ,OAAO;AAC/C,UAAM,YAAY,KAAK,UAAU,iBAAiB,MAAM;AAExD,UAAM,SAAS;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA;AAAA,aAES,KAAK;AACf,UAAM,SAAS,SAAS;AAAA,MACvB;AAAA,MACA;AAAA;AAGD,UAAM,aAAa,0BAAK,QAAQ,QAAQ,OAAO;AAC/C,UAAM,SAAS;AAAA,MACd;AAAA,MACA,WAAW;AAAA,MACX;AAAA;AAAA,SAEK;AACN,UAAM,IAAI,MAAM;AAAA;AAAA;AAGlB,IAAO,kBAAQ,CAAC,aAAqB;AACpC,QAAM,iBAAiB,SACrB,0BACA,QAAQ,WACR,OACA,uBACA,sCACA,gBAEA,OAAO,gDACP,OAAO,yCACP,MAAM,yCACN,QAAQ,6BACR,YAAY,0DAEZ,OAAO,OAAO,UAAmB,YAAqB;AAEtD,UAAM,UAAU,QAAQ,QAAQ,eAAe;AAC/C,UAAM,UAAU,QAAQ,eAAe;AACvC,UAAM,SAAS,QAAQ,eAAe;AACtC,UAAM,cACJ,QAAQ,eAAe,kBACxB,OAAO,IAAI;AACZ,UAAM,YACJ,QAAQ,eAAe,gBAA2B,OAAO,IAAI;AAE/D,UAAM,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,kBAAkB;AAAA,MAClB,uBAAuB;AAAA;AAAA;AAI1B,QAAM,YAAY,eAChB,QAAQ,MACR,MAAM,gEACN,QAAQ,sCAER,OAAO,OAAO,UAAmB,YAAqB;AACtD,YAAQ;AAAA;AAEV,YACE,QAAQ,UACR,OAAO,gBAAgB,sBAAsB,QAC7C,OAAO,OAAO,UAAmB,YAAqB;AAhKzD;AAiKG,UAAM,SAAS,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACtC;AAED,UAAM,UAAU,QACf,0BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAAe;AAEhD,UAAM,UAAU,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACvC;AAED,UAAM,MAAM,QAAQ,eAAe;AACnC,UAAM,cACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,mBACe,OAAO,IAAI;AAC5B,UAAM,YACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,iBACe,OAAO,IAAI;AAE5B,UAAM,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,uBAAuB;AAAA;AAAA;AAG1B,YACE,QAAQ,oBACR,OACA,6DACA,iCACA,0BAEA,OAAO,OAAO,UAAmB,YAAqB;AArMzD;AAsMG,UAAM,SAAS,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACtC;AAED,UAAM,UAAU,QACf,0BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAAe;AAEhD,UAAM,UAAU,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACvC;AAED,UAAM,mBAAmB,QAAQ,eAChC;AAED,UAAM,cACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,mBACe,OAAO,IAAI;AAC5B,UAAM,YACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,iBACe,OAAO,IAAI;AAE5B,UAAM,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,uBAAuB;AAAA;AAAA;AAG1B,SAAO;AAAA;;;AGlOR,sBAAe;AACf,wBAAiB;AAajB,IAAM,YAAW,OAAO,YAIlB;AACL,QAAM,EAAE,SAAS;AACjB,QAAM;AAAA,IACL,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,MACG;AAEJ,OAAK,WAAW,OAAO;AAAA;AACvB,OAAK,WAAW;AAChB,OAAK;AACL,QAAM,oBAAoB,MAAM,4BAA4B;AAAA,IAC3D,UAAU;AAAA,IACV,MAAM;AAAA;AAIP,MAAI,sBAAsB,UAAa,kBAAkB,cAAc,MAAM;AAC5E,4BAAG,cAAc,sBAAsB;AACvC,SACC,8BAA8B,OAC7B,KAAK,0BAAK,SAAS,QAAQ,OAAO;AAAA;AAAA;AAKtC,IAAM,UAAU,OACf,YAWI;AACJ,UAAQ,IAAI,WAAW;AACvB,QAAM,EAAE,sBAAsB,oBAC7B,MAAM,2BAA2B;AAAA,IAChC,MAAM;AAAA,IACN,KAAK,mBAAK,QAAQ;AAAA;AAGpB,QAAM;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,MACG;AACJ,QAAM,kBAAkB,KAAK,MAC5B,wBAAG,aAAa,SAAS;AAE1B,QAAM,kBAAkB,MAAM,iBAAiB;AAAA,IAC9C;AAAA,IACA,aAAa,qBAAqB;AAAA,IAClC,QAAQ,aAAa,gBAAgB;AAAA,IACrC,UAAU;AAAA,IACV;AAAA;AAGD,MAAI,kBAAkB;AACrB,UAAM,aAAa,0BAAK,QAAQ,QAAQ,OAAO;AAC/C,UAAM,YAAY,KAAK,UAAU,iBAAiB,MAAM;AAExD,UAAM,UAAS;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA;AAAA,aAES,KAAK;AACf,UAAM,SAAS,SAAS;AAAA,MACvB;AAAA,MACA;AAAA;AAGD,UAAM,aAAa,0BAAK,QAAQ,QAAQ,OAAO;AAC/C,UAAM,UAAS;AAAA,MACd;AAAA,MACA,WAAW;AAAA,MACX;AAAA;AAAA,SAEK;AACN,UAAM,IAAI,MAAM;AAAA;AAAA;AAGlB,IAAO,kBAAQ,CAAC,aAAqB;AACpC,QAAM,iBAAiB,SACrB,0BACA,QAAQ,WACR,OACA,uBACA,sCACA,gBAEA,OAAO,gDACP,OAAO,yCACP,MAAM,yCACN,QAAQ,6BACR,YAAY,0DAEZ,OAAO,OAAO,UAAmB,YAAqB;AAEtD,UAAM,UAAU,QAAQ,QAAQ,eAAe;AAC/C,UAAM,UAAU,QAAQ,eAAe;AACvC,UAAM,SAAS,QAAQ,eAAe;AACtC,UAAM,cACJ,QAAQ,eAAe,kBACxB,OAAO,IAAI;AACZ,UAAM,YACJ,QAAQ,eAAe,gBAA2B,OAAO,IAAI;AAE/D,UAAM,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,kBAAkB;AAAA,MAClB,uBAAuB;AAAA;AAAA;AAI1B,QAAM,YAAY,eAChB,QAAQ,MACR,MAAM,gEACN,QAAQ,sCAER,OAAO,OAAO,UAAmB,YAAqB;AACtD,YAAQ;AAAA;AAEV,YACE,QAAQ,UACR,OAAO,gBAAgB,sBAAsB,QAC7C,OAAO,OAAO,UAAmB,YAAqB;AAhKzD;AAiKG,UAAM,SAAS,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACtC;AAED,UAAM,UAAU,QACf,0BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAAe;AAEhD,UAAM,UAAU,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACvC;AAED,UAAM,MAAM,QAAQ,eAAe;AACnC,UAAM,cACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,mBACe,OAAO,IAAI;AAC5B,UAAM,YACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,iBACe,OAAO,IAAI;AAE5B,UAAM,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,uBAAuB;AAAA;AAAA;AAG1B,YACE,QAAQ,oBACR,OACA,6DACA,iCACA,0BAEA,OAAO,OAAO,UAAmB,YAAqB;AArMzD;AAsMG,UAAM,SAAS,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACtC;AAED,UAAM,UAAU,QACf,0BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAAe;AAEhD,UAAM,UAAU,oBAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,eACvC;AAED,UAAM,mBAAmB,QAAQ,eAChC;AAED,UAAM,cACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,mBACe,OAAO,IAAI;AAC5B,UAAM,YACJ,2BAAQ,WAAR,mBAAgB,WAAhB,mBAAwB,WAAxB,mBAAgC,eAChC,iBACe,OAAO,IAAI;AAE5B,UAAM,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,uBAAuB;AAAA;AAAA;AAG1B,SAAO;AAAA;;;ACrOR,wBAAiB;AAEjB,4BAA8B;AAC9B,oBAAmB;;;ACHnB,gBAAe;AACf,wBAAiB;AAEV,oBAAoB,MAAc;AACrC,MAAI;AAEA,WAAO,IAAI,SAAS,YAAY,KAAK;AAAA,UACvC;AAGE,WAAO;AAAA;AAAA;AAIR,IAAM,WAAW,OAAO,aAAqB;AAChD,MAAI;AAEA,WAAO,WAAW,MAAM,kBAAG,SAAS,SAAS,UAAU;AAAA,WAClD,OAAP;AACE,QAAI,iBAAiB,OAAO;AACxB,YAAM,IAAI,MACN,mBAAmB,0BAAK,SAAS,QAAQ,OAAO,cAC5C,MAAM;AAAA,WAGX;AACH,YAAM;AAAA;AAAA;AAAA;;;ACxBX,IAAM,gBAA8B;AAAA,EACvC,KAAK;AAAA,IACD,UAAU;AAAA;AAAA;;;AFKX,IAAM,YAAY,OAAO,aAA6C;AAC5E,QAAM,MAAM,QAAQ;AACpB,QAAM,eAAe,IAAI;AACzB,QAAM,aAAa,MAAM,aAAa,QAAQ;AAAA,IAC7C,OAAO,WACJ,CAAC,YACD;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA;AAAA,IAEH;AAAA,IACA,SAAS,0BAAK,MAAM,KAAK;AAAA,IACzB,YAAY;AAAA;AAEb,MAAI,YAAY,eAAe,MAAM;AACpC,UAAM,IAAI,MAAM,8BAA8B;AAAA;AAE/C,MAAI,YAAY;AACf,QAAI,WAAW,SAAS,UAAU;AACjC,YAAM,UAAW,MAAM,SAAS;AAEhC,UAAI;AAEJ,UACC,WAAW,SAAS,mBACnB,QAA8C,WAAW,QACzD;AACD,eAAQ,QAA8C;AAAA,aAChD;AACN,eAAO;AAAA;AAGR,aAAO,gDACH,gBACA,OAFG;AAAA,QAGN,KAAK,kCAAK,cAAc,MAAQ,KAAK;AAAA;AAAA;AAIvC,UAAM,SAAS,MAAM,yCAAc;AAAA,MAClC,UAAU;AAAA;AAGX,UAAM,kBAEJ,OAAO,IAAI,UAEX,OAAO,IAAI,WACZ,OAAO;AACR,WAAO,kCACH,gBAEA;AAAA;AAIL,SAAO,mBAAK;AAAA;;;AhB/Db,IAAM,UAAU,IAAI;AAEpB,QACE,KAAK,UACL,YAAY,oBACZ,QAAQ,SACR,0BACA,OAAO,aACP,OAAO,kCACP,OAAO,CAAC,UAAU,UAAmB;AAErC,QAAM;AAAA,GAEN,KACA,iBACA,OAAO,aAAsB,kBAA2B;AACvD,QAAM,aAAa,YAAY,eAAe;AAC9C,QAAM,eAAe,MAAM,UAAU;AAErC,gBAAc,eAAe,gBAAgB;AAC7C,gBAAc,eACb,WACA,QAAQ,YAAY,eAAe;AAAA;AAIvC,YAAc;AACd,gBAAkB;AAClB,gBAAkB;AAClB,QAAQ;",
6
- "names": []
7
- }