dotsec 1.0.0-alpha.8 → 2.0.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
- "sources": ["../../src/cli/index.ts", "../../src/lib/aws/AwsKmsEncryptionEngine.ts", "../../src/lib/aws/getCredentialsProfileRegion.ts", "../../src/utils/logger.ts", "../../src/lib/aws/handleCredentialsAndRegion.ts", "../../src/lib/io.ts", "../../src/cli/commands/init.ts", "../../src/lib/transformer.ts", "../../src/constants.ts", "../../src/cli/options.ts", "../../src/cli/commands/run.ts", "../../src/lib/config/index.ts", "../../src/lib/json.ts", "../../src/cli/commands/decrypt.ts", "../../src/cli/commands/encrypt.ts", "../../src/types.ts", "../../src/cli/commands/push.ts", "../../src/utils/prompts.ts", "../../src/lib/aws/AwsSsm.ts", "../../src/lib/aws/AwsSecretsManager.ts"],
4
- "sourcesContent": ["import { Command } from \"commander\";\n\nimport addInitCommand from \"./commands/init\";\nimport addRunCommand from \"./commands/run\";\nimport addDecryptCommand from \"./commands/decrypt\";\nimport addEncryptCommand from \"./commands/encrypt\";\nimport addPushProgram from \"./commands/push\";\nimport { setProgramOptions } from \"./options\";\nconst program = new Command();\n\nprogram\n\t.name(\"dotsec\")\n\t.description(\".env, but secure\")\n\t.version(\"1.0.0\")\n\t.enablePositionalOptions()\n\t.action((_options, other: Command) => {\n\t\tother.help();\n\t});\n\nsetProgramOptions(program);\n(async () => {\n\tawait addInitCommand(program);\n\tawait addRunCommand(program);\n\tawait addDecryptCommand(program);\n\tawait addEncryptCommand(program);\n\tawait addPushProgram(program);\n\n\tprogram.parse();\n})();\n", "import {\n\tDecryptCommand,\n\tDescribeKeyCommand,\n\tEncryptCommand,\n\tKMSClient,\n} from \"@aws-sdk/client-kms\";\nimport { EncryptionEngineFactory } from \"../../types\";\nimport { handleCredentialsAndRegion } from \"./handleCredentialsAndRegion\";\n\nexport type AwsEncryptionEngineFactory = EncryptionEngineFactory<\n\t{ region?: string; kms?: { keyAlias?: string } },\n\t{ other: () => void }\n>;\n\nexport const awsEncryptionEngineFactory: AwsEncryptionEngineFactory = async (\n\toptions,\n) => {\n\tconst {\n\t\tkms: { keyAlias } = {},\n\t\tregion,\n\t} = options;\n\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst kmsClient = new KMSClient({\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: region || regionAndOrigin.value,\n\t});\n\n\tconst describeKeyCommand = new DescribeKeyCommand({\n\t\tKeyId: keyAlias,\n\t});\n\n\tconst describeKeyResult = await kmsClient.send(describeKeyCommand);\n\tconst encryptionAlgorithm =\n\t\tdescribeKeyResult.KeyMetadata?.EncryptionAlgorithms?.[0];\n\n\tif (encryptionAlgorithm === undefined) {\n\t\tthrow new Error(\"Could not determine encryption algorithm\");\n\t}\n\n\treturn {\n\t\tasync encrypt(plaintext: string): Promise<string> {\n\t\t\tconst encryptCommand = new EncryptCommand({\n\t\t\t\tKeyId: keyAlias,\n\t\t\t\tPlaintext: Buffer.from(plaintext),\n\t\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t\t});\n\t\t\tconst encryptionResult = await kmsClient.send(encryptCommand);\n\n\t\t\tif (!encryptionResult.CiphertextBlob) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\t\tencryptCommand,\n\t\t\t\t\t})}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst cipherText = Buffer.from(encryptionResult.CiphertextBlob).toString(\n\t\t\t\t\"base64\",\n\t\t\t);\n\n\t\t\treturn cipherText;\n\t\t},\n\t\tasync decrypt(cipherText: string): Promise<string> {\n\t\t\tconst decryptCommand = new DecryptCommand({\n\t\t\t\tKeyId: keyAlias,\n\t\t\t\tCiphertextBlob: Buffer.from(cipherText, \"base64\"),\n\t\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t\t});\n\n\t\t\tconst decryptionResult = await kmsClient.send(decryptCommand);\n\n\t\t\tif (!decryptionResult.Plaintext) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\t\tcipherText: cipherText,\n\t\t\t\t\t\tdecryptCommand: decryptCommand,\n\t\t\t\t\t})}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst decryptedValue = Buffer.from(decryptionResult.Plaintext).toString();\n\n\t\t\tif (this.verbose) {\n\t\t\t\tconsole.info(`Decrypting key '${cipherText}'`);\n\t\t\t}\n\n\t\t\treturn decryptedValue;\n\t\t},\n\t\tother: () => {},\n\t};\n};\n", "import {\n\tfromEnv,\n\tfromIni,\n\tfromTemporaryCredentials,\n} from \"@aws-sdk/credential-providers\";\nimport { loadSharedConfigFiles } from \"@aws-sdk/shared-ini-file-loader\";\nimport { emphasis, strong } from \"../../utils/logger\";\n\nimport {\n\tCredentialsAndOrigin,\n\tProfileAndOrigin,\n\tRegionAndOrigin,\n} from \"./types\";\n\nexport const getCredentialsProfileRegion = async ({\n\targv,\n\tenv,\n}: {\n\targv: {\n\t\tprofile?: string;\n\t\tregion?: string;\n\t\tassumeRoleArn?: string;\n\t\tassumeRoleSessionDuration?: number;\n\t};\n\tenv: {\n\t\tAWS_PROFILE?: string;\n\t\tAWS_ACCESS_KEY_ID?: string;\n\t\tAWS_SECRET_ACCESS_KEY?: string;\n\t\tAWS_REGION?: string;\n\t\tAWS_DEFAULT_REGION?: string;\n\t\tAWS_ASSUME_ROLE_ARN?: string | undefined;\n\t\tAWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n\t\tTZ?: string;\n\t};\n}) => {\n\tconst sharedConfigFiles = await loadSharedConfigFiles();\n\tlet credentialsAndOrigin: CredentialsAndOrigin | undefined = undefined;\n\tlet profileAndOrigin: ProfileAndOrigin | undefined = undefined;\n\tlet regionAndOrigin: RegionAndOrigin | undefined = undefined;\n\tif (argv.profile) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: argv.profile,\n\t\t\torigin: `command line option: ${emphasis(argv.profile)}`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: argv.profile,\n\t\t\t})(),\n\t\t\torigin: `${emphasis(`[${argv.profile}]`)} in credentials file`,\n\t\t};\n\t} else if (env.AWS_PROFILE) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: env.AWS_PROFILE,\n\t\t\torigin: `env variable ${emphasis(\"AWS_PROFILE\")}: ${strong(\n\t\t\t\tenv.AWS_PROFILE,\n\t\t\t)}`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: env.AWS_PROFILE,\n\t\t\t})(),\n\t\t\torigin: `env variable ${emphasis(\"AWS_PROFILE\")}: ${strong(\n\t\t\t\tenv.AWS_PROFILE,\n\t\t\t)}`,\n\t\t};\n\t} else if (env.AWS_ACCESS_KEY_ID && env.AWS_SECRET_ACCESS_KEY) {\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromEnv()(),\n\t\t\torigin: `env variables ${emphasis(\"AWS_ACCESS_KEY_ID\")} and ${emphasis(\n\t\t\t\t\"AWS_SECRET_ACCESS_KEY\",\n\t\t\t)}`,\n\t\t};\n\t} else if (sharedConfigFiles.credentialsFile?.default) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: \"default\",\n\t\t\torigin: `${emphasis(\"[default]\")} in credentials file`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: \"default\",\n\t\t\t})(),\n\t\t\torigin: `profile ${emphasis(\"[default]\")}`,\n\t\t};\n\t}\n\n\tif (argv.region) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: argv.region,\n\t\t\torigin: `command line option: ${emphasis(argv.region)}`,\n\t\t};\n\t} else if (env.AWS_REGION) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: env.AWS_REGION,\n\t\t\torigin: `env variable ${emphasis(\"AWS_REGION\")}: ${strong(\n\t\t\t\tenv.AWS_REGION,\n\t\t\t)}`,\n\t\t};\n\t} else if (env.AWS_DEFAULT_REGION) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: env.AWS_DEFAULT_REGION,\n\t\t\torigin: `env variable ${emphasis(\"AWS_DEFAULT_REGION\")}: ${strong(\n\t\t\t\tenv.AWS_DEFAULT_REGION,\n\t\t\t)}`,\n\t\t};\n\t} else if (profileAndOrigin) {\n\t\tconst foundRegion =\n\t\t\tsharedConfigFiles?.configFile?.[profileAndOrigin.value]?.region;\n\n\t\tif (foundRegion) {\n\t\t\tregionAndOrigin = {\n\t\t\t\tvalue: foundRegion,\n\t\t\t\torigin: `${emphasis(\n\t\t\t\t\t`[profile ${profileAndOrigin.value}]`,\n\t\t\t\t)} in config file`,\n\t\t\t};\n\t\t}\n\t}\n\n\tconst assumedRole = argv.assumeRoleArn || env.AWS_ASSUME_ROLE_ARN;\n\tif (assumedRole) {\n\t\tconst origin = argv.assumeRoleArn ? \"command line option\" : \"env variable\";\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromTemporaryCredentials({\n\t\t\t\tmasterCredentials: credentialsAndOrigin?.value,\n\n\t\t\t\tparams: {\n\t\t\t\t\tDurationSeconds:\n\t\t\t\t\t\targv.assumeRoleSessionDuration ||\n\t\t\t\t\t\tNumber(env.AWS_ASSUME_ROLE_SESSION_DURATION) ||\n\t\t\t\t\t\t3600,\n\t\t\t\t\tRoleArn: assumedRole,\n\t\t\t\t},\n\n\t\t\t\tclientConfig: {\n\t\t\t\t\tregion: regionAndOrigin?.value,\n\t\t\t\t},\n\t\t\t})(),\n\t\t\torigin: `${origin} ${emphasis(`[${assumedRole}]`)}`,\n\t\t};\n\t}\n\n\treturn { credentialsAndOrigin, regionAndOrigin, profileAndOrigin };\n};\n\nexport const printVerboseCredentialsProfileRegion = ({\n\tcredentialsAndOrigin,\n\tregionAndOrigin,\n\tprofileAndOrigin,\n}: {\n\tcredentialsAndOrigin?: CredentialsAndOrigin;\n\tregionAndOrigin?: RegionAndOrigin;\n\tprofileAndOrigin?: ProfileAndOrigin;\n}): string => {\n\tconst out: string[] = [];\n\tif (profileAndOrigin) {\n\t\tout.push(`Got profile name from ${profileAndOrigin.origin}`);\n\t}\n\tif (credentialsAndOrigin) {\n\t\tout.push(`Resolved credentials from ${credentialsAndOrigin.origin}`);\n\t}\n\tif (regionAndOrigin) {\n\t\tout.push(`Resolved region from ${regionAndOrigin.origin}`);\n\t}\n\treturn out.join(\"\\n\");\n};\n", "import chalk from \"chalk\";\nlet _logger: Pick<Console, \"info\" | \"error\" | \"table\">;\nexport const getLogger = () => {\n\tif (!_logger) {\n\t\t_logger = console;\n\t}\n\n\treturn _logger;\n};\nexport const writeLine = (str: string) => {\n\tprocess.stdout.write(str);\n};\nexport const emphasis = (str: string): string => chalk.yellowBright(str);\nexport const strong = (str: string): string => chalk.yellow.bold(str);\n\nexport const clientLogger = {\n\tdebug(content: object) {\n\t\tconsole.log(content);\n\t},\n\tinfo(content: object) {\n\t\tconsole.log(content);\n\t},\n\twarn(content: object) {\n\t\tconsole.log(content);\n\t},\n\terror(content: object) {\n\t\tconsole.error(content);\n\t},\n};\n", "import {\n\tgetCredentialsProfileRegion,\n\tprintVerboseCredentialsProfileRegion,\n} from \"./getCredentialsProfileRegion\";\n\nexport const handleCredentialsAndRegion = async ({\n\targv,\n\tenv,\n}: {\n\targv: {\n\t\tawsRegion?: string;\n\t\tawsProfile?: string;\n\t\tverbose?: boolean;\n\t\tawsAssumeRoleArn?: string;\n\t\tawsAssumeRoleSessionDuration?: number;\n\t};\n\tenv: {\n\t\tAWS_PROFILE?: string | undefined;\n\t\tAWS_ACCESS_KEY_ID?: string | undefined;\n\t\tAWS_SECRET_ACCESS_KEY?: string | undefined;\n\t\tAWS_REGION?: string | undefined;\n\t\tAWS_DEFAULT_REGION?: string | undefined;\n\t\tAWS_ASSUME_ROLE_ARN?: string | undefined;\n\t\tAWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n\t\tTZ?: string;\n\t};\n}) => {\n\tconst { credentialsAndOrigin, regionAndOrigin, profileAndOrigin } =\n\t\tawait getCredentialsProfileRegion({\n\t\t\targv: {\n\t\t\t\tregion: argv.awsRegion,\n\t\t\t\tprofile: argv.awsProfile,\n\t\t\t\tassumeRoleArn: argv.awsAssumeRoleArn,\n\t\t\t\tassumeRoleSessionDuration: argv.awsAssumeRoleSessionDuration,\n\t\t\t},\n\t\t\tenv: {\n\t\t\t\t...env,\n\t\t\t},\n\t\t});\n\n\tif (argv.verbose === true) {\n\t\tconsole.log(\n\t\t\tprintVerboseCredentialsProfileRegion({\n\t\t\t\tcredentialsAndOrigin,\n\t\t\t\tregionAndOrigin,\n\t\t\t\tprofileAndOrigin,\n\t\t\t}),\n\t\t);\n\t}\n\n\tif (!(credentialsAndOrigin && regionAndOrigin)) {\n\t\tif (!credentialsAndOrigin) {\n\t\t\tconsole.error(\"Could not find credentials\");\n\t\t\tthrow new Error(\"Could not find credentials\");\n\t\t}\n\t\tif (!regionAndOrigin) {\n\t\t\tconsole.error(\"Could not find region\");\n\t\t\tthrow new Error(\"Could not find region\");\n\t\t}\n\t}\n\n\treturn { credentialsAndOrigin, regionAndOrigin };\n};\n", "import fs, { stat } from \"node:fs/promises\";\nimport prompts from \"prompts\";\nimport path from \"node:path\";\n\nexport const readContentsFromFile = async (\n\tfilePath: string,\n): Promise<string> => {\n\treturn await fs.readFile(filePath, \"utf-8\");\n};\n\nexport const writeContentsToFile = async (\n\tfilePath: string,\n\tcontents: string,\n): Promise<void> => {\n\treturn await fs.writeFile(filePath, contents, \"utf-8\");\n};\n\nexport const fileExists = async (source: string): Promise<boolean> => {\n\ttry {\n\t\tawait stat(source);\n\t\treturn true;\n\t} catch {\n\t\treturn false;\n\t}\n};\n\nexport const promptOverwriteIfFileExists = async ({\n\tfilePath,\n\tskip,\n}: {\n\tfilePath: string;\n\tskip?: boolean;\n}) => {\n\tlet overwriteResponse: prompts.Answers<\"overwrite\"> | undefined;\n\n\tif ((await fileExists(filePath)) && skip !== true) {\n\t\toverwriteResponse = await prompts({\n\t\t\ttype: \"confirm\",\n\t\t\tname: \"overwrite\",\n\t\t\tmessage: () => {\n\t\t\t\treturn `Overwrite './${path.relative(process.cwd(), filePath)}' ?`;\n\t\t\t},\n\t\t});\n\t} else {\n\t\toverwriteResponse = undefined;\n\t}\n\treturn overwriteResponse;\n};\n", "import { Command } from \"commander\";\nimport { awsEncryptionEngineFactory } from \"../../lib/aws/AwsKmsEncryptionEngine\";\nimport {\n\tpromptOverwriteIfFileExists,\n\treadContentsFromFile,\n\twriteContentsToFile,\n} from \"../../lib/io\";\nimport { EncryptionEngine, Init2CommandOptions } from \"../../types\";\n\nimport path from \"node:path\";\nimport { patchConfigFile } from \"../../lib/transformer\";\nimport { setProgramOptions } from \"../options\";\nimport { strong } from \"../../utils/logger\";\nimport {\n\tdefaultConfig,\n\tDOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS,\n} from \"../../constants\";\ntype Formats = {\n\tenv?: string;\n\tawsKeyAlias?: string;\n};\n\nconst addInitProgram = async (program: Command) => {\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"init\")\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tconst {\n\t\t\t\tverbose,\n\t\t\t\tconfigFile,\n\t\t\t\tenv: dotenvFilename,\n\t\t\t\tsec: dotsecFilename,\n\t\t\t\tawskeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tyes,\n\t\t\t} = command.optsWithGlobals<Init2CommandOptions>();\n\t\t\t// get dotsec config\n\n\t\t\ttry {\n\t\t\t\tlet encryptionEngine: EncryptionEngine;\n\n\t\t\t\tencryptionEngine = await awsEncryptionEngineFactory({\n\t\t\t\t\tverbose,\n\t\t\t\t\tregion:\n\t\t\t\t\t\tawsRegion ||\n\t\t\t\t\t\tprocess.env.AWS_REGION ||\n\t\t\t\t\t\tdefaultConfig.config?.aws?.region,\n\t\t\t\t\tkms: {\n\t\t\t\t\t\tkeyAlias: awskeyAlias || defaultConfig?.config?.aws?.kms?.keyAlias,\n\t\t\t\t\t},\n\t\t\t\t});\n\n\t\t\t\t// get current dot env file\n\t\t\t\tconst dotenvString = await readContentsFromFile(dotenvFilename);\n\n\t\t\t\t// encrypt\n\t\t\t\tconst cipherText = await encryptionEngine.encrypt(dotenvString);\n\n\t\t\t\tconst dotsecOverwriteResponse = await promptOverwriteIfFileExists({\n\t\t\t\t\tfilePath: dotsecFilename,\n\t\t\t\t\tskip: yes,\n\t\t\t\t});\n\t\t\t\tif (\n\t\t\t\t\tdotsecOverwriteResponse === undefined ||\n\t\t\t\t\tdotsecOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(dotsecFilename, cipherText);\n\t\t\t\t\tconsole.log(\n\t\t\t\t\t\t`Wrote encrypted contents of ${strong(\n\t\t\t\t\t\t\tdotenvFilename,\n\t\t\t\t\t\t)} contents file to ${strong(dotsecFilename)}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\tconst patchedConfigTemplate = patchConfigFile({\n\t\t\t\t\tconfigFile: path.resolve(\n\t\t\t\t\t\t__dirname,\n\t\t\t\t\t\t\"../src/templates/dotsec.config.ts\",\n\t\t\t\t\t),\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\tkeyAlias: awskeyAlias || DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tregion: awsRegion || process.env.AWS_REGION,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t\tconst dotsecConfigOverwriteResponse = await promptOverwriteIfFileExists(\n\t\t\t\t\t{\n\t\t\t\t\t\tfilePath: configFile,\n\t\t\t\t\t\tskip: yes,\n\t\t\t\t\t},\n\t\t\t\t);\n\t\t\t\tif (\n\t\t\t\t\tdotsecConfigOverwriteResponse === undefined ||\n\t\t\t\t\tdotsecConfigOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(configFile, patchedConfigTemplate);\n\t\t\t\t\tconsole.log(`Wrote config file to ${strong(configFile)}`);\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tcommand.error(e);\n\t\t\t}\n\t\t});\n\n\tsetProgramOptions(subProgram);\n\n\treturn subProgram;\n};\n\nexport default addInitProgram;\n", "import * as ts from \"typescript\";\nimport fs from \"node:fs\";\n\nexport const patchConfigFile = (options: {\n\tconfigFile: string;\n\tconfig?: {\n\t\taws?: {\n\t\t\tregion?: string;\n\t\t\tkms?: {\n\t\t\t\tkeyAlias?: string;\n\t\t\t};\n\t\t};\n\t};\n}) => {\n\tconst printer: ts.Printer = ts.createPrinter();\n\tconst source = fs.readFileSync(options.configFile, \"utf8\");\n\n\tconst transformer =\n\t\t<T extends ts.Node>(context: ts.TransformationContext) =>\n\t\t(rootNode: T) => {\n\t\t\tfunction visit(node: ts.Node): ts.Node {\n\t\t\t\tnode = ts.visitEachChild(node, visit, context);\n\t\t\t\tif (node.kind === ts.SyntaxKind.StringLiteral) {\n\t\t\t\t\tconst kmsNode = node?.parent?.parent?.parent;\n\t\t\t\t\tif (options.config?.aws?.kms?.keyAlias) {\n\t\t\t\t\t\tif (kmsNode?.getChildAt(0)?.getText() === \"kms\") {\n\t\t\t\t\t\t\tconst awsNode = kmsNode?.parent?.parent;\n\t\t\t\t\t\t\tif (awsNode?.getChildAt(0).getText() === \"aws\") {\n\t\t\t\t\t\t\t\t// console.log(\n\t\t\t\t\t\t\t\t// \t\"parent is aws\",\n\t\t\t\t\t\t\t\t// \tnode.parent?.getChildAt(2).getText(),\n\t\t\t\t\t\t\t\t// );\n\t\t\t\t\t\t\t\treturn ts.createStringLiteral(\n\t\t\t\t\t\t\t\t\toptions.config?.aws?.kms?.keyAlias,\n\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (options.config?.aws?.region) {\n\t\t\t\t\t\tif (node?.parent?.getChildAt(0)?.getText() === \"region\") {\n\t\t\t\t\t\t\tconst awsNode = node?.parent?.parent?.parent;\n\n\t\t\t\t\t\t\t// const awsNode = kmsNode?.parent?.parent;\n\t\t\t\t\t\t\tif (awsNode?.getChildAt(0).getText() === \"aws\") {\n\t\t\t\t\t\t\t\treturn ts.createStringLiteral(options.config?.aws?.region);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\treturn node;\n\t\t\t}\n\t\t\treturn ts.visitNode(rootNode, visit);\n\t\t};\n\n\tconst sourceFile: ts.SourceFile = ts.createSourceFile(\n\t\t\"test.ts\",\n\t\tsource,\n\t\tts.ScriptTarget.ES2015,\n\t\ttrue,\n\t\tts.ScriptKind.TS,\n\t);\n\n\t// Options may be passed to transform\n\tconst result: ts.TransformationResult<ts.SourceFile> =\n\t\tts.transform<ts.SourceFile>(sourceFile, [transformer]);\n\n\tconst transformedSourceFile: ts.SourceFile = result.transformed[0];\n\n\tconst transformedSource = printer.printFile(transformedSourceFile);\n\tresult.dispose();\n\n\treturn transformedSource;\n};\n", "import { DotsecConfig } from \"./types\";\n\nexport const DOTSEC_DEFAULT_CONFIG_FILE = \"dotsec.config.ts\";\nexport const DOTSEC_CONFIG_FILES = [DOTSEC_DEFAULT_CONFIG_FILE];\nexport const DOTSEC_DEFAULT_DOTSEC_FILENAME = \".sec\";\nexport const DOTSEC_DEFAULT_DOTENV_FILENAME = \".env\";\nexport const DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS = \"alias/dotsec\";\nexport const DOTSEC_DEFAULT_AWS_SSM_PARAMETER_TYPE = \"SecureString\";\n\nexport const defaultConfig: DotsecConfig = {\n\tconfig: {\n\t\taws: {\n\t\t\tkms: {\n\t\t\t\tkeyAlias: DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS,\n\t\t\t},\n\t\t\tssm: {\n\t\t\t\tparameterType: DOTSEC_DEFAULT_AWS_SSM_PARAMETER_TYPE,\n\t\t\t},\n\t\t},\n\t},\n};\n", "import { Command } from \"commander\";\nimport {\n\tDOTSEC_DEFAULT_CONFIG_FILE,\n\tDOTSEC_DEFAULT_DOTENV_FILENAME,\n\tDOTSEC_DEFAULT_DOTSEC_FILENAME,\n} from \"../constants\";\n\ntype Options = {\n\t[optionName: string]:\n\t\t| [string, string]\n\t\t| [string, string, string | boolean | string[]];\n};\n\ntype CommandOptions = {\n\t[commandName: string]: {\n\t\tinheritsFrom?: string[];\n\t\toptions?: Options;\n\t\trequiredOptions?: Options;\n\t};\n};\nexport const commandOptions: CommandOptions = {\n\tdotsec: {\n\t\toptions: {\n\t\t\tverbose: [\"--verbose\", \"Verbose output\", false],\n\t\t\tconfigFile: [\n\t\t\t\t\"-c, --config-file, --configFile <configFile>\",\n\t\t\t\t\"Config file\",\n\t\t\t\tDOTSEC_DEFAULT_CONFIG_FILE,\n\t\t\t],\n\t\t},\n\t},\n\tinit: {\n\t\toptions: {\n\t\t\tverbose: [\"--verbose\", \"Verbose output\", false],\n\t\t\tconfigFile: [\n\t\t\t\t\"-c, --config-file, --configFile <configFile>\",\n\t\t\t\t\"Config file\",\n\t\t\t\tDOTSEC_DEFAULT_CONFIG_FILE,\n\t\t\t],\n\n\t\t\tenv: [\"--env\", \"Path to .env file\", DOTSEC_DEFAULT_DOTENV_FILENAME],\n\t\t\tsec: [\"--sec\", \"Path to .sec file\", DOTSEC_DEFAULT_DOTSEC_FILENAME],\n\t\t\tyes: [\"--yes\", \"Skip confirmation prompts\", false],\n\t\t\tawsKeyAlias: [\n\t\t\t\t\"--aws-key-alias <awsKeyAlias>\",\n\t\t\t\t\"AWS KMS key alias, overrides the value provided in dotsec.config (config.aws.kms.keyAlias)\",\n\t\t\t\t\"alias/dotsec\",\n\t\t\t],\n\t\t\tawsRegion: [\n\t\t\t\t\"--aws-region <awsRegion>\",\n\t\t\t\t\"AWS region, overrides the value provided in dotsec.config (config.aws.region) and AWS_REGION\",\n\t\t\t],\n\t\t},\n\t},\n\tdecrypt: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\tenv: [\"--env <env>\", \"Path to .env file\", DOTSEC_DEFAULT_DOTENV_FILENAME],\n\t\t\tsec: [\"--sec <sec>\", \"Path to .sec file\", DOTSEC_DEFAULT_DOTSEC_FILENAME],\n\t\t\tyes: [\"--yes\", \"Skip confirmation prompts\", false],\n\t\t\tawsKeyAlias: [\n\t\t\t\t\"--aws-key-alias <awsKeyAlias>\",\n\t\t\t\t\"AWS KMS key alias, overrides the value provided in dotsec.config (config.aws.kms.keyAlias)\",\n\t\t\t\t\"alias/dotsec\",\n\t\t\t],\n\t\t\tawsRegion: [\n\t\t\t\t\"--aws-region <awsRegion>\",\n\t\t\t\t\"AWS region, overrides the value provided in dotsec.config (config.aws.region) and AWS_REGION\",\n\t\t\t],\n\t\t},\n\t},\n\tencrypt: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\tenv: [\"--env <env>\", \"Path to .env file\", DOTSEC_DEFAULT_DOTENV_FILENAME],\n\t\t\tsec: [\"--sec <sec>\", \"Path to .sec file\", DOTSEC_DEFAULT_DOTSEC_FILENAME],\n\t\t\tyes: [\"--yes\", \"Skip confirmation prompts\", false],\n\t\t\tawsKeyAlias: [\n\t\t\t\t\"--aws-key-alias <awsKeyAlias>\",\n\t\t\t\t\"AWS KMS key alias, overrides the value provided in dotsec.config (config.aws.kms.keyAlias)\",\n\t\t\t\t\"alias/dotsec\",\n\t\t\t],\n\t\t\tawsRegion: [\n\t\t\t\t\"--aws-region <awsRegion>\",\n\t\t\t\t\"AWS region, overrides the value provided in dotsec.config (config.aws.region) and AWS_REGION\",\n\t\t\t],\n\t\t},\n\t},\n\n\trun: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\tenv: [\"--env <env>\", \"Path to .env file\"],\n\t\t\tsec: [\"--sec [sec]\", \"Path to .sec file\"],\n\t\t\tawsKeyAlias: [\n\t\t\t\t\"--aws-key-alias <awsKeyAlias>\",\n\t\t\t\t\"AWS KMS key alias, overrides the value provided in dotsec.config (config.aws.kms.keyAlias)\",\n\t\t\t\t\"alias/dotsec\",\n\t\t\t],\n\t\t\tawsRegion: [\n\t\t\t\t\"--aws-region <awsRegion>\",\n\t\t\t\t\"AWS region, overrides the value provided in dotsec.config (config.aws.region) and AWS_REGION\",\n\t\t\t],\n\t\t},\n\t},\n\tpush: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\ttoAwsSsm: [\"--to-aws-ssm, --toAwsSsm\", \"Push to AWS SSM\"],\n\t\t\ttoAwsSecretsManager: [\n\t\t\t\t\"--to-aws-secrets-manager, --toAwsSecretsManager\",\n\t\t\t\t\"Push to AWS Secrets Manager\",\n\t\t\t],\n\n\t\t\t// toGitHubSecrets: [\n\t\t\t// \t\"--to-github-secrets, --toGitHubSecrets <toGitHubSecrets>\",\n\t\t\t// \t\"Push to GitHub Secrets\",\n\t\t\t// ],\n\n\t\t\tenv: [\"--env [env]\", \"Path to .env file\"],\n\t\t\tsec: [\"--sec [sec]\", \"Path to .sec file\"],\n\t\t\tyes: [\"--yes\", \"Skip confirmation prompts\", false],\n\t\t\tawsKeyAlias: [\n\t\t\t\t\"--aws-key-alias <awsKeyAlias>\",\n\t\t\t\t\"AWS KMS key alias, overrides the value provided in dotsec.config (config.aws.kms.keyAlias)\",\n\t\t\t\t\"alias/dotsec\",\n\t\t\t],\n\t\t\tawsRegion: [\n\t\t\t\t\"--aws-region <awsRegion>\",\n\t\t\t\t\"AWS region, overrides the value provided in dotsec.config (config.aws.region) and AWS_REGION\",\n\t\t\t],\n\t\t},\n\t},\n};\n\nconst getInheritedOptions = (\n\tcopts: CommandOptions,\n\tcommandName: string,\n\tresult: { options?: Options; requiredOptions?: Options } = {},\n): { options?: Options; requiredOptions?: Options } | undefined => {\n\tconst command = copts[commandName];\n\tif (command) {\n\t\tif (command.inheritsFrom) {\n\t\t\treturn command?.inheritsFrom.reduce(\n\t\t\t\t(acc, inheritedCommandName) => {\n\t\t\t\t\tconst r = getInheritedOptions(copts, inheritedCommandName, acc);\n\t\t\t\t\treturn { ...r };\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\toptions: { ...result.options, ...command.options },\n\t\t\t\t\trequiredOptions: {\n\t\t\t\t\t\t...result.requiredOptions,\n\t\t\t\t\t\t...command.requiredOptions,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t} else {\n\t\t\treturn {\n\t\t\t\toptions: { ...result.options, ...command.options },\n\t\t\t\trequiredOptions: {\n\t\t\t\t\t...result.requiredOptions,\n\t\t\t\t\t...command.requiredOptions,\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\t}\n};\n\nexport const setProgramOptions = (program: Command, commandName?: string) => {\n\tconst programOptions = getInheritedOptions(\n\t\tcommandOptions,\n\t\tcommandName || program.name(),\n\t);\n\n\tif (programOptions?.options) {\n\t\tObject.values(programOptions.options).forEach(\n\t\t\t([option, description, defaultValue]) => {\n\t\t\t\tprogram.option(option, description, defaultValue);\n\t\t\t},\n\t\t);\n\t}\n\tif (programOptions?.requiredOptions) {\n\t\tObject.values(programOptions.requiredOptions).forEach(\n\t\t\t([option, description, defaultValue]) => {\n\t\t\t\tprogram.requiredOption(option, description, defaultValue);\n\t\t\t},\n\t\t);\n\t}\n};\n", "import fs from \"node:fs\";\n\nimport { Command } from \"commander\";\nimport spawn from \"cross-spawn\";\nimport { parse } from \"dotenv\";\n\nimport { DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS } from \"../../constants\";\nimport { awsEncryptionEngineFactory } from \"../../lib/aws/AwsKmsEncryptionEngine\";\nimport { RunCommandOptions } from \"../../types\";\nimport { setProgramOptions } from \"../options\";\nimport { getConfig } from \"../../lib/config\";\nconst addRunProgam = (program: Command) => {\n\tconst subProgram = program\n\t\t.command(\"run <command...>\")\n\t\t.allowUnknownOption()\n\t\t.description(\n\t\t\t\"Run a command in a separate process and populate env with decrypted .env or encrypted .sec values\",\n\t\t)\n\t\t.action(\n\t\t\tasync (\n\t\t\t\tcommands: string[],\n\t\t\t\t_options: Record<string, string>,\n\t\t\t\tcommand: Command,\n\t\t\t) => {\n\t\t\t\tconst {\n\t\t\t\t\tconfigFile,\n\t\t\t\t\tenv: dotenv,\n\t\t\t\t\tsec: dotsec,\n\t\t\t\t\tkeyAlias,\n\t\t\t\t\tregion,\n\t\t\t\t} = command.optsWithGlobals<RunCommandOptions>();\n\n\t\t\t\tconst {\n\t\t\t\t\tcontents: { config } = {},\n\t\t\t\t} = await getConfig(configFile);\n\n\t\t\t\tconst encryptionPlugin = await awsEncryptionEngineFactory({\n\t\t\t\t\tverbose: true,\n\t\t\t\t\tkms: {\n\t\t\t\t\t\tkeyAlias:\n\t\t\t\t\t\t\tkeyAlias ||\n\t\t\t\t\t\t\tconfig?.aws?.kms?.keyAlias ||\n\t\t\t\t\t\t\tDOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS,\n\t\t\t\t\t},\n\t\t\t\t\tregion: region || config?.aws?.region,\n\t\t\t\t});\n\n\t\t\t\tlet envContents: string | undefined;\n\n\t\t\t\tif (dotenv) {\n\t\t\t\t\tenvContents = fs.readFileSync(dotenv, \"utf8\");\n\t\t\t\t} else if (dotsec) {\n\t\t\t\t\tconst dotSecContents = fs.readFileSync(dotsec, \"utf8\");\n\t\t\t\t\tenvContents = await encryptionPlugin.decrypt(dotSecContents);\n\t\t\t\t} else {\n\t\t\t\t\tthrow new Error('Must provide either \"--env\" or \"--sec\"');\n\t\t\t\t}\n\t\t\t\tif (envContents) {\n\t\t\t\t\tconst dotenvVars = parse(envContents);\n\t\t\t\t\tconst [userCommand, ...userCommandArgs] = commands;\n\t\t\t\t\tspawn(userCommand, [...userCommandArgs], {\n\t\t\t\t\t\tstdio: \"inherit\",\n\t\t\t\t\t\tshell: false,\n\t\t\t\t\t\tenv: {\n\t\t\t\t\t\t\t...process.env,\n\t\t\t\t\t\t\t...dotenvVars,\n\t\t\t\t\t\t\t__DOTSEC_ENV__: JSON.stringify(Object.keys(dotenvVars)),\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\tcommand.help();\n\t\t\t\t} else {\n\t\t\t\t\tthrow new Error(\"No .env or .sec file provided\");\n\t\t\t\t}\n\t\t\t},\n\t\t);\n\n\tsetProgramOptions(subProgram, \"run\");\n\n\treturn subProgram;\n};\n\nexport default addRunProgam;\n", "import path from \"node:path\";\n\nimport { bundleRequire } from \"bundle-require\";\nimport JoyCon from \"joycon\";\n\nimport { loadJson } from \"../json\";\nimport { DotsecConfig, DotsecConfigAndSource } from \"../../types\";\nimport { defaultConfig, DOTSEC_CONFIG_FILES } from \"../../constants\";\n\nexport const getConfig = async (\n\tfilename?: string,\n): Promise<DotsecConfigAndSource> => {\n\tconst cwd = process.cwd();\n\tconst configJoycon = new JoyCon();\n\tconst configPath = await configJoycon.resolve({\n\t\tfiles: filename ? [filename] : [...DOTSEC_CONFIG_FILES, \"package.json\"],\n\t\tcwd,\n\t\tstopDir: path.parse(cwd).root,\n\t\tpackageKey: \"dotsec\",\n\t});\n\tif (filename && configPath === null) {\n\t\tthrow new Error(`Could not find config file ${filename}`);\n\t}\n\tif (configPath) {\n\t\tif (configPath.endsWith(\".json\")) {\n\t\t\tconst rawData = (await loadJson(configPath)) as Partial<DotsecConfig>;\n\n\t\t\tlet data: Partial<DotsecConfig>;\n\n\t\t\tif (\n\t\t\t\tconfigPath.endsWith(\"package.json\") &&\n\t\t\t\t(rawData as { dotsec: Partial<DotsecConfig> }).dotsec !== undefined\n\t\t\t) {\n\t\t\t\tdata = (rawData as { dotsec: Partial<DotsecConfig> }).dotsec;\n\t\t\t} else {\n\t\t\t\tdata = rawData as Partial<DotsecConfig>;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tsource: \"json\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\t...data?.config,\n\t\t\t\t\t\t...defaultConfig.config,\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\t...data?.config?.aws,\n\t\t\t\t\t\t\t...defaultConfig?.config?.aws,\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.kms,\n\t\t\t\t\t\t\t\t...data.config?.aws?.kms,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tssm: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.ssm,\n\t\t\t\t\t\t\t\t...data.config?.aws?.ssm,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tsecretsManager: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t\t...data.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t} else if (configPath.endsWith(\".ts\")) {\n\t\t\tconst bundleRequireResult = await bundleRequire({\n\t\t\t\tfilepath: configPath,\n\t\t\t});\n\t\t\tconst data = (bundleRequireResult.mod.dotsec ||\n\t\t\t\tbundleRequireResult.mod.default ||\n\t\t\t\tbundleRequireResult.mod) as Partial<DotsecConfig>;\n\n\t\t\treturn {\n\t\t\t\tsource: \"ts\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\t...data?.config,\n\t\t\t\t\t\t...defaultConfig.config,\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\t...data?.config?.aws,\n\t\t\t\t\t\t\t...defaultConfig?.config?.aws,\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.kms,\n\t\t\t\t\t\t\t\t...data.config?.aws?.kms,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tssm: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.ssm,\n\t\t\t\t\t\t\t\t...data.config?.aws?.ssm,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tsecretsManager: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t\t...data.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\t}\n\n\treturn { source: \"defaultConfig\", contents: defaultConfig };\n};\n", "import fs from \"fs\";\nimport path from \"node:path\";\n\nexport function jsoncParse(data: string) {\n\ttry {\n\t\treturn new Function(`return ${data.trim()}`)();\n\t} catch {\n\t\t// Silently ignore any error\n\t\t// That's what tsc/jsonc-parser did after all\n\t\treturn {};\n\t}\n}\n\nexport const loadJson = async (filepath: string) => {\n\ttry {\n\t\treturn jsoncParse(await fs.promises.readFile(filepath, \"utf8\"));\n\t} catch (error) {\n\t\tif (error instanceof Error) {\n\t\t\tthrow new Error(\n\t\t\t\t`Failed to parse ${path.relative(process.cwd(), filepath)}: ${\n\t\t\t\t\terror.message\n\t\t\t\t}`,\n\t\t\t);\n\t\t} else {\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n", "import { Command } from \"commander\";\nimport { awsEncryptionEngineFactory } from \"../../lib/aws/AwsKmsEncryptionEngine\";\nimport {\n\tpromptOverwriteIfFileExists,\n\treadContentsFromFile,\n\twriteContentsToFile,\n} from \"../../lib/io\";\nimport { EncryptionEngine, Init2CommandOptions } from \"../../types\";\n\nimport { getConfig } from \"../../lib/config\";\nimport { setProgramOptions } from \"../options\";\nimport { strong } from \"../../utils/logger\";\n\nconst addDecryptProgram = async (program: Command) => {\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"decrypt\")\n\t\t.action(async (_options, command: Command) => {\n\t\t\tconst {\n\t\t\t\tconfigFile,\n\t\t\t\tverbose,\n\t\t\t\tenv: dotenvFilename,\n\t\t\t\tsec: dotsecFilename,\n\t\t\t\tawskeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tyes,\n\t\t\t} = command.optsWithGlobals<Init2CommandOptions>();\n\n\t\t\t// get dotsec config\n\t\t\tconst { contents: dotsecConfig } = await getConfig(configFile);\n\t\t\ttry {\n\t\t\t\tlet encryptionEngine: EncryptionEngine;\n\n\t\t\t\tencryptionEngine = await awsEncryptionEngineFactory({\n\t\t\t\t\tverbose,\n\t\t\t\t\tregion:\n\t\t\t\t\t\tawsRegion ||\n\t\t\t\t\t\tprocess.env.AWS_REGION ||\n\t\t\t\t\t\tdotsecConfig.config?.aws?.region,\n\t\t\t\t\tkms: {\n\t\t\t\t\t\tkeyAlias: awskeyAlias || dotsecConfig?.config?.aws?.kms?.keyAlias,\n\t\t\t\t\t},\n\t\t\t\t});\n\n\t\t\t\t// get current dot env file\n\t\t\t\tconst dotsecString = await readContentsFromFile(dotsecFilename);\n\n\t\t\t\t// encrypt\n\t\t\t\tconst plaintext = await encryptionEngine.decrypt(dotsecString);\n\n\t\t\t\tconst dotenvOverwriteResponse = await promptOverwriteIfFileExists({\n\t\t\t\t\tfilePath: dotenvFilename,\n\t\t\t\t\tskip: yes,\n\t\t\t\t});\n\t\t\t\tif (\n\t\t\t\t\tdotenvOverwriteResponse === undefined ||\n\t\t\t\t\tdotenvOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(dotenvFilename, plaintext);\n\t\t\t\t\tconsole.log(\n\t\t\t\t\t\t`Wrote plaintext contents of ${strong(\n\t\t\t\t\t\t\tdotsecFilename,\n\t\t\t\t\t\t)} file to ${strong(dotenvFilename)}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tcommand.error(e);\n\t\t\t}\n\t\t});\n\n\tsetProgramOptions(subProgram);\n\n\treturn subProgram;\n};\n\nexport default addDecryptProgram;\n", "import { Command } from \"commander\";\nimport { awsEncryptionEngineFactory } from \"../../lib/aws/AwsKmsEncryptionEngine\";\nimport {\n\tpromptOverwriteIfFileExists,\n\treadContentsFromFile,\n\twriteContentsToFile,\n} from \"../../lib/io\";\nimport { EncryptionEngine, Init2CommandOptions } from \"../../types\";\n\nimport { getConfig } from \"../../lib/config\";\nimport { setProgramOptions } from \"../options\";\nimport { strong } from \"../../utils/logger\";\n\nconst addEncryptProgram = async (program: Command) => {\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"encrypt\")\n\t\t.action(async (_options, command: Command) => {\n\t\t\tconst {\n\t\t\t\tverbose,\n\t\t\t\tconfigFile,\n\t\t\t\tenv: dotenvFilename,\n\t\t\t\tsec: dotsecFilename,\n\t\t\t\tawskeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tyes,\n\t\t\t} = command.optsWithGlobals<Init2CommandOptions>();\n\n\t\t\t// get dotsec config\n\t\t\tconst { contents: dotsecConfig } = await getConfig(configFile);\n\t\t\ttry {\n\t\t\t\tlet encryptionEngine: EncryptionEngine;\n\n\t\t\t\tencryptionEngine = await awsEncryptionEngineFactory({\n\t\t\t\t\tverbose,\n\t\t\t\t\tregion:\n\t\t\t\t\t\tawsRegion ||\n\t\t\t\t\t\tprocess.env.AWS_REGION ||\n\t\t\t\t\t\tdotsecConfig.config?.aws?.region,\n\t\t\t\t\tkms: {\n\t\t\t\t\t\tkeyAlias: awskeyAlias || dotsecConfig?.config?.aws?.kms?.keyAlias,\n\t\t\t\t\t},\n\t\t\t\t});\n\n\t\t\t\t// get current dot env file\n\t\t\t\tconst dotenvString = await readContentsFromFile(dotenvFilename);\n\n\t\t\t\t// encrypt\n\t\t\t\tconst cipherText = await encryptionEngine.encrypt(dotenvString);\n\n\t\t\t\tconst dotsecOverwriteResponse = await promptOverwriteIfFileExists({\n\t\t\t\t\tfilePath: dotsecFilename,\n\t\t\t\t\tskip: yes,\n\t\t\t\t});\n\t\t\t\tif (\n\t\t\t\t\tdotsecOverwriteResponse === undefined ||\n\t\t\t\t\tdotsecOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(dotsecFilename, cipherText);\n\t\t\t\t\tconsole.log(\n\t\t\t\t\t\t`Wrote encrypted contents of ${strong(\n\t\t\t\t\t\t\tdotenvFilename,\n\t\t\t\t\t\t)} file to ${strong(dotsecFilename)}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tcommand.error(e);\n\t\t\t}\n\t\t});\n\n\tsetProgramOptions(subProgram);\n\n\treturn subProgram;\n};\n\nexport default addEncryptProgram;\n", "import { PutParameterRequest } from \"@aws-sdk/client-ssm\";\n\n// utility types\nexport type DeepPartial<T> = T extends object\n\t? {\n\t\t\t[P in keyof T]?: DeepPartial<T[P]>;\n\t }\n\t: T;\n\nexport type EncryptionEngineFactoryProps = { verbose?: boolean };\nexport type EncryptionEngine<T = {}> = {\n\tencrypt(plaintext: string): Promise<string>;\n\tdecrypt(ciphertext: string): Promise<string>;\n} & T;\n\nexport type EncryptionEngineFactory<\n\tT = {},\n\tV extends Record<string, unknown> = {},\n> = {\n\t(options: EncryptionEngineFactoryProps & T): Promise<EncryptionEngine<V>>;\n};\n\nexport abstract class EncryptionPlugin {\n\tprotected verbose: boolean | undefined;\n\tconstructor(options: EncryptionEngineFactoryProps) {\n\t\tthis.verbose = options?.verbose;\n\t}\n\tabstract encrypt(plaintext: string): Promise<string>;\n\tabstract decrypt(ciphertext: string): Promise<string>;\n}\n\nexport type DotsecConfig = {\n\tconfig?: {\n\t\taws?: {\n\t\t\tregion?: string;\n\t\t\tkms?: {\n\t\t\t\tkeyAlias?: string;\n\t\t\t\tencryptionAlgorithm?:\n\t\t\t\t\t| \"RSAES_OAEP_SHA_1\"\n\t\t\t\t\t| \"RSAES_OAEP_SHA_256\"\n\t\t\t\t\t| \"SYMMETRIC_DEFAULT\";\n\t\t\t};\n\t\t\tssm?: {\n\t\t\t\tpathPrefix?: string;\n\t\t\t\tparameterType?: \"String\" | \"SecureString\";\n\t\t\t};\n\t\t\tsecretsManager?: {\n\t\t\t\tpathPrefix?: string;\n\t\t\t};\n\t\t};\n\t};\n\tvariables?: {\n\t\t[key: string]: {\n\t\t\tpush?: {\n\t\t\t\taws?: {\n\t\t\t\t\tssm?:\n\t\t\t\t\t\t| boolean\n\t\t\t\t\t\t| (Omit<PutParameterRequest, \"Name\" | \"Value\"> & { Name?: string });\n\t\t\t\t\tsecretsManager?: boolean;\n\t\t\t\t};\n\t\t\t\t// githubSecrets?: boolean;\n\t\t\t};\n\t\t};\n\t};\n};\n\n// Dotsec config file\nexport type DotsecConfigAndSource = {\n\tsource: \"json\" | \"ts\" | \"defaultConfig\";\n\tcontents: DotsecConfig;\n};\n\n// CLI types\nexport type GlobalCommandOptions = {\n\tconfigFile: string;\n\tverbose: false;\n};\n\nexport type Init2CommandOptions = {\n\tconfigFile: string;\n\tverbose: false;\n\tenv: string;\n\tsec: string;\n\tyes: boolean;\n\tawskeyAlias: string;\n\tawsRegion?: string;\n\tperformInit: (encryptionEngine: EncryptionEngine) => Promise<void>;\n};\n\nexport type RunCommandOptions = GlobalCommandOptions & {\n\tenv?: string;\n\tsec?: string;\n\tkeyAlias?: string;\n\tregion?: string;\n};\n\nexport type PushCommandOptions = {\n\tconfigFile: string;\n\tverbose: false;\n\tenv: string | boolean;\n\tsec: string | boolean;\n\tyes: boolean;\n\tawskeyAlias: string;\n\tawsRegion?: string;\n\ttoAwsSsm?: boolean;\n\ttoAwsSecretsManager?: boolean;\n};\n\nexport const isString = (value: unknown): value is string => {\n\treturn typeof value === \"string\";\n};\n\nexport const isNumber = (value: unknown): value is number => {\n\treturn typeof value === \"number\";\n};\nexport const isBoolean = (value: unknown): value is boolean => {\n\treturn typeof value === \"boolean\";\n};\n", "import { Command } from \"commander\";\nimport { awsEncryptionEngineFactory } from \"../../lib/aws/AwsKmsEncryptionEngine\";\nimport { EncryptionEngine, isBoolean, PushCommandOptions } from \"../../types\";\nimport fs from \"node:fs\";\n\nimport { getConfig } from \"../../lib/config\";\nimport { setProgramOptions } from \"../options\";\nimport {\n\tDOTSEC_DEFAULT_DOTENV_FILENAME,\n\tDOTSEC_DEFAULT_DOTSEC_FILENAME,\n} from \"../../constants\";\nimport { parse } from \"dotenv\";\nimport { PutParameterRequest } from \"@aws-sdk/client-ssm\";\nimport { strong } from \"../../utils/logger\";\nimport { promptConfirm } from \"../../utils/prompts\";\nimport { AwsSsm } from \"../../lib/aws/AwsSsm\";\nimport { AwsSecretsManager } from \"../../lib/aws/AwsSecretsManager\";\nimport { CreateSecretRequest } from \"@aws-sdk/client-secrets-manager\";\n\nconst addPushProgram = async (program: Command) => {\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"push\")\n\t\t.action(async (_options, command: Command) => {\n\t\t\tconst {\n\t\t\t\tconfigFile,\n\t\t\t\tverbose,\n\t\t\t\tenv,\n\t\t\t\tsec,\n\t\t\t\tawskeyAlias,\n\t\t\t\tawsRegion,\n\t\t\t\tyes,\n\t\t\t\ttoAwsSsm,\n\t\t\t\ttoAwsSecretsManager,\n\t\t\t} = command.optsWithGlobals<PushCommandOptions>();\n\n\t\t\tif (!(toAwsSsm || toAwsSecretsManager)) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t\"You must specify at least one of --to-aws-ssm or --to-aws-secrets-manager\",\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst { contents: dotsecConfig } = await getConfig(configFile);\n\n\t\t\tlet encryptionEngine: EncryptionEngine;\n\t\t\tlet envContents: string | undefined;\n\t\t\tencryptionEngine = await awsEncryptionEngineFactory({\n\t\t\t\tverbose,\n\t\t\t\tregion:\n\t\t\t\t\tawsRegion ||\n\t\t\t\t\tprocess.env.AWS_REGION ||\n\t\t\t\t\tdotsecConfig.config?.aws?.region,\n\t\t\t\tkms: {\n\t\t\t\t\tkeyAlias: awskeyAlias || dotsecConfig?.config?.aws?.kms?.keyAlias,\n\t\t\t\t},\n\t\t\t});\n\t\t\tif (env) {\n\t\t\t\tconst dotenvFilename = isBoolean(env)\n\t\t\t\t\t? DOTSEC_DEFAULT_DOTENV_FILENAME\n\t\t\t\t\t: env;\n\t\t\t\tenvContents = fs.readFileSync(dotenvFilename, \"utf8\");\n\t\t\t} else if (sec) {\n\t\t\t\tconst dotsecFilename = isBoolean(sec)\n\t\t\t\t\t? DOTSEC_DEFAULT_DOTSEC_FILENAME\n\t\t\t\t\t: sec;\n\t\t\t\tconst dotSecContents = fs.readFileSync(dotsecFilename, \"utf8\");\n\t\t\t\tenvContents = await encryptionEngine.decrypt(dotSecContents);\n\t\t\t} else {\n\t\t\t\tthrow new Error('Must provide either \"--env\" or \"--sec\"');\n\t\t\t}\n\n\t\t\tconst envObject = parse(envContents);\n\n\t\t\t// get dotsec config\n\t\t\ttry {\n\t\t\t\tif (toAwsSsm) {\n\t\t\t\t\tconst ssmDefaults = dotsecConfig?.config?.aws?.ssm;\n\t\t\t\t\tconst ssmType = ssmDefaults?.parameterType || \"SecureString\";\n\n\t\t\t\t\tconst pathPrefix = ssmDefaults?.pathPrefix || \"\";\n\t\t\t\t\tconst putParameterRequests = Object.entries(envObject).reduce<\n\t\t\t\t\t\tPutParameterRequest[]\n\t\t\t\t\t>((acc, [key, value]) => {\n\t\t\t\t\t\tif (dotsecConfig.variables?.[key]) {\n\t\t\t\t\t\t\tconst entry = dotsecConfig.variables?.[key];\n\t\t\t\t\t\t\tif (entry) {\n\t\t\t\t\t\t\t\tconst keyName = `${pathPrefix}${key}`;\n\t\t\t\t\t\t\t\tif (entry.push?.aws?.ssm) {\n\t\t\t\t\t\t\t\t\tconst putParameterRequest: PutParameterRequest = isBoolean(\n\t\t\t\t\t\t\t\t\t\tentry.push.aws.ssm,\n\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t? {\n\t\t\t\t\t\t\t\t\t\t\t\tName: keyName,\n\t\t\t\t\t\t\t\t\t\t\t\tValue: value,\n\t\t\t\t\t\t\t\t\t\t\t\tType: ssmType,\n\t\t\t\t\t\t\t\t\t\t }\n\t\t\t\t\t\t\t\t\t\t: {\n\t\t\t\t\t\t\t\t\t\t\t\tName: keyName,\n\t\t\t\t\t\t\t\t\t\t\t\tType: ssmType,\n\t\t\t\t\t\t\t\t\t\t\t\t...entry.push.aws.ssm,\n\t\t\t\t\t\t\t\t\t\t\t\tValue: value,\n\t\t\t\t\t\t\t\t\t\t };\n\n\t\t\t\t\t\t\t\t\tacc.push(putParameterRequest);\n\t\t\t\t\t\t\t\t\t// return putParameterRequest;\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\treturn acc;\n\t\t\t\t\t}, []);\n\n\t\t\t\t\tconst { confirm } = await promptConfirm({\n\t\t\t\t\t\tmessage: `Are you sure you want to push the following variables to AWS SSM Parameter Store?\n${putParameterRequests\n\t.map(({ Name }) => `- ${strong(Name || \"[no name]\")}`)\n\t.join(\"\\n\")}`,\n\t\t\t\t\t\tskip: yes,\n\t\t\t\t\t});\n\n\t\t\t\t\tif (confirm === true) {\n\t\t\t\t\t\tconsole.log(\"pushing to AWS SSM Parameter Store\");\n\t\t\t\t\t\tconst meh = await AwsSsm({\n\t\t\t\t\t\t\tregion: awsRegion || dotsecConfig?.config?.aws?.region,\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tawait meh.put(putParameterRequests);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\t// secrets manager\n\t\t\t\tif (toAwsSecretsManager) {\n\t\t\t\t\t// create secretss\n\t\t\t\t\tconst secretsManagerDefaults =\n\t\t\t\t\t\tdotsecConfig?.config?.aws?.secretsManager;\n\t\t\t\t\tconst pathPrefix = secretsManagerDefaults?.pathPrefix || \"\";\n\t\t\t\t\tconst awsSecretsMananger = await AwsSecretsManager({\n\t\t\t\t\t\tregion:\n\t\t\t\t\t\t\tawsRegion ||\n\t\t\t\t\t\t\tprocess.env.AWS_REGION ||\n\t\t\t\t\t\t\tdotsecConfig.config?.aws?.region,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst createSecretRequests = Object.entries(envObject).reduce<\n\t\t\t\t\t\tCreateSecretRequest[]\n\t\t\t\t\t>((acc, [key, value]) => {\n\t\t\t\t\t\tif (dotsecConfig.variables?.[key]) {\n\t\t\t\t\t\t\tconst entry = dotsecConfig.variables?.[key];\n\t\t\t\t\t\t\tif (entry) {\n\t\t\t\t\t\t\t\tconst keyName = `${pathPrefix}${key}`;\n\t\t\t\t\t\t\t\tif (entry.push?.aws?.ssm) {\n\t\t\t\t\t\t\t\t\tconst createSecretRequest: CreateSecretRequest = isBoolean(\n\t\t\t\t\t\t\t\t\t\tentry.push.aws.ssm,\n\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t\t? {\n\t\t\t\t\t\t\t\t\t\t\t\tName: keyName,\n\t\t\t\t\t\t\t\t\t\t\t\tSecretString: value,\n\t\t\t\t\t\t\t\t\t\t }\n\t\t\t\t\t\t\t\t\t\t: {\n\t\t\t\t\t\t\t\t\t\t\t\tName: keyName,\n\t\t\t\t\t\t\t\t\t\t\t\t...entry.push.aws.ssm,\n\t\t\t\t\t\t\t\t\t\t\t\tSecretString: value,\n\t\t\t\t\t\t\t\t\t\t };\n\n\t\t\t\t\t\t\t\t\tacc.push(createSecretRequest);\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\treturn acc;\n\t\t\t\t\t}, []);\n\t\t\t\t\tconst { push, updateSecretCommands, createSecretCommands } =\n\t\t\t\t\t\tawait awsSecretsMananger.push(createSecretRequests);\n\t\t\t\t\tconst confirmations: boolean[] = [];\n\t\t\t\t\tif (updateSecretCommands.length > 0) {\n\t\t\t\t\t\tconst { confirm: confirmUpdate } = await promptConfirm({\n\t\t\t\t\t\t\tmessage: `Are you sure you want to update the following variables to AWS SSM Secrets Manager?\n${updateSecretCommands\n\t.map(({ input: { SecretId } }) => `- ${strong(SecretId || \"[no name]\")}`)\n\t.join(\"\\n\")}`,\n\t\t\t\t\t\t\tskip: yes,\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tconfirmations.push(confirmUpdate);\n\t\t\t\t\t}\n\n\t\t\t\t\tif (createSecretCommands.length > 0) {\n\t\t\t\t\t\tconst { confirm: confirmCreate } = await promptConfirm({\n\t\t\t\t\t\t\tmessage: `Are you sure you want to create the following variables to AWS SSM Secrets Manager?\n${createSecretCommands\n\t.map(({ input: { Name } }) => `- ${strong(Name || \"[no name]\")}`)\n\t.join(\"\\n\")}`,\n\t\t\t\t\t\t\tskip: yes,\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tconfirmations.push(confirmCreate);\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!confirmations.find((c) => c === false)) {\n\t\t\t\t\t\tconsole.log(\"pushing to AWS Secrets Manager\");\n\n\t\t\t\t\t\tawait push();\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tcommand.error(e);\n\t\t\t}\n\t\t});\n\n\tsetProgramOptions(subProgram);\n\n\treturn subProgram;\n};\n\nexport default addPushProgram;\n", "import prompts from \"prompts\";\nexport const promptConfirm = async ({\n\tpredicate,\n\tskip,\n\tmessage,\n}: {\n\tpredicate?: (...args: unknown[]) => Promise<boolean> | boolean;\n\tskip?: boolean;\n\tmessage: string;\n}): Promise<{ confirm: boolean }> => {\n\tif (skip === true) {\n\t\treturn { confirm: true };\n\t} else {\n\t\tconst result = predicate ? await predicate() : true;\n\t\tif (result) {\n\t\t\treturn await prompts({\n\t\t\t\ttype: \"confirm\",\n\t\t\t\tname: \"confirm\",\n\t\t\t\tmessage: () => {\n\t\t\t\t\treturn message;\n\t\t\t\t},\n\t\t\t});\n\t\t}\n\t}\n\treturn { confirm: true };\n};\n", "import {\n\tPutParameterCommand,\n\tPutParameterRequest,\n\tSSMClient,\n} from \"@aws-sdk/client-ssm\";\nimport { handleCredentialsAndRegion } from \"./handleCredentialsAndRegion\";\n\nexport const AwsSsm = async (options?: {\n\tregion?: string;\n}) => {\n\tconst { region } = options || {};\n\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst ssmClient = new SSMClient({\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: region || regionAndOrigin.value,\n\t});\n\n\treturn {\n\t\tasync put(putParameterRequests: PutParameterRequest[]): Promise<void> {\n\t\t\tfor (const putParameterRequest of putParameterRequests) {\n\t\t\t\tconst command = new PutParameterCommand({\n\t\t\t\t\t...putParameterRequest,\n\t\t\t\t\tOverwrite: true,\n\t\t\t\t});\n\t\t\t\tawait ssmClient.send(command);\n\t\t\t}\n\t\t},\n\t};\n};\n", "import {\n\tCreateSecretCommand,\n\tDescribeSecretCommand,\n\tUpdateSecretCommand,\n\tCreateSecretRequest,\n\tSecretsManagerClient,\n\tResourceNotFoundException,\n} from \"@aws-sdk/client-secrets-manager\";\nimport { handleCredentialsAndRegion } from \"./handleCredentialsAndRegion\";\n\nexport const AwsSecretsManager = async (options?: {\n\tregion?: string;\n}) => {\n\tconst { region } = options || {};\n\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst secretsManagerClient = new SecretsManagerClient({\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: region || regionAndOrigin.value,\n\t});\n\n\treturn {\n\t\tasync push(createSecretRequests: CreateSecretRequest[]) {\n\t\t\tconst createSecretCommands: CreateSecretCommand[] = [];\n\n\t\t\tconst updateSecretCommands: UpdateSecretCommand[] = [];\n\t\t\tfor (const createSecretRequest of createSecretRequests) {\n\t\t\t\t// create secret\n\t\t\t\t// check if secret exists\n\t\t\t\tconst describeSecretCommand = new DescribeSecretCommand({\n\t\t\t\t\tSecretId: createSecretRequest.Name,\n\t\t\t\t});\n\t\t\t\ttry {\n\t\t\t\t\tconst result = await secretsManagerClient.send(describeSecretCommand);\n\t\t\t\t\t// update secret\n\t\t\t\t\tupdateSecretCommands.push(\n\t\t\t\t\t\tnew UpdateSecretCommand({\n\t\t\t\t\t\t\tSecretId: result.ARN,\n\t\t\t\t\t\t\tSecretString: createSecretRequest.SecretString,\n\t\t\t\t\t\t}),\n\t\t\t\t\t);\n\t\t\t\t} catch (e) {\n\t\t\t\t\tif (e instanceof ResourceNotFoundException) {\n\t\t\t\t\t\t// create secret\n\t\t\t\t\t\tcreateSecretCommands.push(\n\t\t\t\t\t\t\tnew CreateSecretCommand({\n\t\t\t\t\t\t\t\tName: createSecretRequest.Name,\n\t\t\t\t\t\t\t\tSecretString: createSecretRequest.SecretString,\n\t\t\t\t\t\t\t}),\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tcreateSecretCommands,\n\t\t\t\tupdateSecretCommands,\n\t\t\t\tpush: async () => {\n\t\t\t\t\tfor (const createSecretCommand of createSecretCommands) {\n\t\t\t\t\t\tawait secretsManagerClient.send(createSecretCommand);\n\t\t\t\t\t}\n\n\t\t\t\t\tfor (const updateSecretCommand of updateSecretCommands) {\n\t\t\t\t\t\tawait secretsManagerClient.send(updateSecretCommand);\n\t\t\t\t\t}\n\t\t\t\t},\n\t\t\t};\n\t\t},\n\t};\n};\n"],
5
- "mappings": "6bAAA,qCCAA,oHCAA,sGAKA,yECLA,sBAYO,GAAM,GAAW,AAAC,GAAwB,GAAM,aAAa,GACvD,EAAS,AAAC,GAAwB,GAAM,OAAO,KAAK,GDC1D,GAAM,IAA8B,MAAO,CACjD,OACA,SAkBK,CAlCN,UAmCC,GAAM,GAAoB,KAAM,MAC5B,EACA,EACA,EA+CJ,GA9CA,AAAI,EAAK,QACR,GAAmB,CAClB,MAAO,EAAK,QACZ,OAAQ,wBAAwB,EAAS,EAAK,YAE/C,EAAuB,CACtB,MAAO,KAAM,IAAQ,CACpB,QAAS,EAAK,YAEf,OAAQ,GAAG,EAAS,IAAI,EAAK,oCAExB,AAAI,EAAI,YACd,GAAmB,CAClB,MAAO,EAAI,YACX,OAAQ,gBAAgB,EAAS,mBAAmB,EACnD,EAAI,gBAGN,EAAuB,CACtB,MAAO,KAAM,IAAQ,CACpB,QAAS,EAAI,gBAEd,OAAQ,gBAAgB,EAAS,mBAAmB,EACnD,EAAI,iBAGA,AAAI,EAAI,mBAAqB,EAAI,sBACvC,EAAuB,CACtB,MAAO,KAAM,QACb,OAAQ,iBAAiB,EAAS,4BAA4B,EAC7D,4BAGQ,MAAkB,kBAAlB,cAAmC,UAC7C,GAAmB,CAClB,MAAO,UACP,OAAQ,GAAG,EAAS,oCAErB,EAAuB,CACtB,MAAO,KAAM,IAAQ,CACpB,QAAS,cAEV,OAAQ,WAAW,EAAS,iBAI1B,EAAK,OACR,EAAkB,CACjB,MAAO,EAAK,OACZ,OAAQ,wBAAwB,EAAS,EAAK,mBAErC,EAAI,WACd,EAAkB,CACjB,MAAO,EAAI,WACX,OAAQ,gBAAgB,EAAS,kBAAkB,EAClD,EAAI,uBAGI,EAAI,mBACd,EAAkB,CACjB,MAAO,EAAI,mBACX,OAAQ,gBAAgB,EAAS,0BAA0B,EAC1D,EAAI,+BAGI,EAAkB,CAC5B,GAAM,GACL,uBAAmB,aAAnB,cAAgC,EAAiB,SAAjD,cAAyD,OAE1D,AAAI,GACH,GAAkB,CACjB,MAAO,EACP,OAAQ,GAAG,EACV,YAAY,EAAiB,6BAMjC,GAAM,GAAc,EAAK,eAAiB,EAAI,oBAC9C,GAAI,EAAa,CAChB,GAAM,GAAS,EAAK,cAAgB,sBAAwB,eAC5D,EAAuB,CACtB,MAAO,KAAM,IAAyB,CACrC,kBAAmB,iBAAsB,MAEzC,OAAQ,CACP,gBACC,EAAK,2BACL,OAAO,EAAI,mCACX,KACD,QAAS,GAGV,aAAc,CACb,OAAQ,iBAAiB,WAG3B,OAAQ,GAAG,KAAU,EAAS,IAAI,SAIpC,MAAO,CAAE,uBAAsB,kBAAiB,qBAGpC,GAAuC,CAAC,CACpD,uBACA,kBACA,sBAKa,CACb,GAAM,GAAgB,GACtB,MAAI,IACH,EAAI,KAAK,yBAAyB,EAAiB,UAEhD,GACH,EAAI,KAAK,6BAA6B,EAAqB,UAExD,GACH,EAAI,KAAK,wBAAwB,EAAgB,UAE3C,EAAI,KAAK;IE9JV,GAAM,IAA6B,MAAO,CAChD,OACA,SAmBK,CACL,GAAM,CAAE,uBAAsB,kBAAiB,oBAC9C,KAAM,IAA4B,CACjC,KAAM,CACL,OAAQ,EAAK,UACb,QAAS,EAAK,WACd,cAAe,EAAK,iBACpB,0BAA2B,EAAK,8BAEjC,IAAK,KACD,KAcN,GAVI,EAAK,UAAY,IACpB,QAAQ,IACP,GAAqC,CACpC,uBACA,kBACA,sBAKC,CAAE,IAAwB,GAAkB,CAC/C,GAAI,CAAC,EACJ,cAAQ,MAAM,8BACR,GAAI,OAAM,8BAEjB,GAAI,CAAC,EACJ,cAAQ,MAAM,yBACR,GAAI,OAAM,yBAIlB,MAAO,CAAE,uBAAsB,oBH/CzB,GAAM,GAAyD,KACrE,IACI,CAhBL,QAiBC,GAAM,CACL,IAAK,CAAE,YAAa,GACpB,UACG,EAEE,CAAE,uBAAsB,mBAC7B,KAAM,IAA2B,CAChC,KAAM,GACN,IAAK,KAAK,QAAQ,OAGd,EAAY,GAAI,IAAU,CAC/B,YAAa,EAAqB,MAClC,OAAQ,GAAU,EAAgB,QAG7B,EAAqB,GAAI,IAAmB,CACjD,MAAO,IAIF,EACL,MAFyB,MAAM,GAAU,KAAK,IAE5B,cAAlB,cAA+B,uBAA/B,cAAsD,GAEvD,GAAI,IAAwB,OAC3B,KAAM,IAAI,OAAM,4CAGjB,MAAO,MACA,SAAQ,EAAoC,CACjD,GAAM,GAAiB,GAAI,IAAe,CACzC,MAAO,EACP,UAAW,OAAO,KAAK,GACvB,oBAAqB,IAEhB,EAAmB,KAAM,GAAU,KAAK,GAE9C,GAAI,CAAC,EAAiB,eACrB,KAAM,IAAI,OACT,2BAA2B,KAAK,UAAU,CACzC,sBASH,MAJmB,QAAO,KAAK,EAAiB,gBAAgB,SAC/D,gBAKI,SAAQ,EAAqC,CAClD,GAAM,GAAiB,GAAI,IAAe,CACzC,MAAO,EACP,eAAgB,OAAO,KAAK,EAAY,UACxC,oBAAqB,IAGhB,EAAmB,KAAM,GAAU,KAAK,GAE9C,GAAI,CAAC,EAAiB,UACrB,KAAM,IAAI,OACT,2BAA2B,KAAK,UAAU,CACzC,WAAY,EACZ,eAAgB,OAKnB,GAAM,GAAiB,OAAO,KAAK,EAAiB,WAAW,WAE/D,MAAI,MAAK,SACR,QAAQ,KAAK,mBAAmB,MAG1B,GAER,MAAO,IAAM,KI9Ff,6CACA,wBACA,0BAEO,GAAM,IAAuB,KACnC,IAEO,KAAM,IAAG,SAAS,EAAU,SAGvB,EAAsB,MAClC,EACA,IAEO,KAAM,IAAG,UAAU,EAAU,EAAU,SAGlC,GAAa,KAAO,IAAqC,CACrE,GAAI,CACH,YAAM,IAAK,GACJ,QACN,CACD,MAAO,KAII,EAA8B,MAAO,CACjD,WACA,UAIK,CACL,GAAI,GAEJ,MAAK,MAAM,IAAW,IAAc,IAAS,GAC5C,EAAoB,KAAM,IAAQ,CACjC,KAAM,UACN,KAAM,YACN,QAAS,IACD,gBAAgB,GAAK,SAAS,QAAQ,MAAO,UAItD,EAAoB,OAEd,GCrCR,0BCTA,uMACA,wBAEO,GAAM,IAAkB,AAAC,GAU1B,CACL,GAAM,GAAsB,AAAG,KACzB,EAAS,GAAG,aAAa,EAAQ,WAAY,QAE7C,EACL,AAAoB,GACpB,AAAC,GAAgB,CAChB,WAAe,EAAwB,CApB1C,wCAsBI,GADA,EAAO,AAAG,GAAe,EAAM,EAAO,GAClC,EAAK,OAAS,AAAG,GAAW,cAAe,CAC9C,GAAM,GAAU,uBAAM,SAAN,cAAc,SAAd,cAAsB,OACtC,GAAI,YAAQ,SAAR,cAAgB,MAAhB,cAAqB,MAArB,cAA0B,WACzB,qBAAS,WAAW,KAApB,cAAwB,aAAc,MAAO,CAChD,GAAM,GAAU,oBAAS,SAAT,cAAiB,OACjC,GAAI,kBAAS,WAAW,GAAG,aAAc,MAKxC,MAAO,AAAG,IACT,WAAQ,SAAR,cAAgB,MAAhB,cAAqB,MAArB,cAA0B,UAK9B,GAAI,SAAQ,SAAR,cAAgB,MAAhB,cAAqB,SACpB,wBAAM,SAAN,cAAc,WAAW,KAAzB,cAA6B,aAAc,SAAU,CACxD,GAAM,GAAU,uBAAM,SAAN,cAAc,SAAd,cAAsB,OAGtC,GAAI,kBAAS,WAAW,GAAG,aAAc,MACxC,MAAO,AAAG,IAAoB,QAAQ,SAAR,cAAgB,MAAhB,cAAqB,SAMvD,MAAO,GAER,MAAO,AAAG,IAAU,EAAU,IAG1B,EAA4B,AAAG,GACpC,UACA,EACA,AAAG,GAAa,OAChB,GACA,AAAG,GAAW,IAIT,EACL,AAAG,GAAyB,EAAY,CAAC,IAEpC,EAAuC,EAAO,YAAY,GAE1D,EAAoB,EAAQ,UAAU,GAC5C,SAAO,UAEA,GCtED,GAAM,IAA6B,mBAC7B,GAAsB,CAAC,IACvB,GAAiC,OACjC,GAAiC,OACjC,GAAmC,eACnC,GAAwC,eAExC,EAA8B,CAC1C,OAAQ,CACP,IAAK,CACJ,IAAK,CACJ,SAAU,IAEX,IAAK,CACJ,cAAe,OCIZ,GAAM,IAAiC,CAC7C,OAAQ,CACP,QAAS,CACR,QAAS,CAAC,YAAa,iBAAkB,IACzC,WAAY,CACX,+CACA,cACA,MAIH,KAAM,CACL,QAAS,CACR,QAAS,CAAC,YAAa,iBAAkB,IACzC,WAAY,CACX,+CACA,cACA,IAGD,IAAK,CAAC,QAAS,oBAAqB,IACpC,IAAK,CAAC,QAAS,oBAAqB,IACpC,IAAK,CAAC,QAAS,4BAA6B,IAC5C,YAAa,CACZ,gCACA,6FACA,gBAED,UAAW,CACV,2BACA,kGAIH,QAAS,CACR,aAAc,CAAC,UACf,QAAS,CACR,IAAK,CAAC,cAAe,oBAAqB,IAC1C,IAAK,CAAC,cAAe,oBAAqB,IAC1C,IAAK,CAAC,QAAS,4BAA6B,IAC5C,YAAa,CACZ,gCACA,6FACA,gBAED,UAAW,CACV,2BACA,kGAIH,QAAS,CACR,aAAc,CAAC,UACf,QAAS,CACR,IAAK,CAAC,cAAe,oBAAqB,IAC1C,IAAK,CAAC,cAAe,oBAAqB,IAC1C,IAAK,CAAC,QAAS,4BAA6B,IAC5C,YAAa,CACZ,gCACA,6FACA,gBAED,UAAW,CACV,2BACA,kGAKH,IAAK,CACJ,aAAc,CAAC,UACf,QAAS,CACR,IAAK,CAAC,cAAe,qBACrB,IAAK,CAAC,cAAe,qBACrB,YAAa,CACZ,gCACA,6FACA,gBAED,UAAW,CACV,2BACA,kGAIH,KAAM,CACL,aAAc,CAAC,UACf,QAAS,CACR,SAAU,CAAC,2BAA4B,mBACvC,oBAAqB,CACpB,kDACA,+BAQD,IAAK,CAAC,cAAe,qBACrB,IAAK,CAAC,cAAe,qBACrB,IAAK,CAAC,QAAS,4BAA6B,IAC5C,YAAa,CACZ,gCACA,6FACA,gBAED,UAAW,CACV,2BACA,mGAME,GAAsB,CAC3B,EACA,EACA,EAA2D,KACO,CAClE,GAAM,GAAU,EAAM,GACtB,GAAI,EACH,MAAI,GAAQ,aACJ,iBAAS,aAAa,OAC5B,CAAC,EAAK,IAAyB,CAC9B,GAAM,GAAI,GAAoB,EAAO,EAAsB,GAC3D,MAAO,MAAK,IAEb,CACC,QAAS,OAAK,EAAO,SAAY,EAAQ,SACzC,gBAAiB,OACb,EAAO,iBACP,EAAQ,mBAKP,CACN,QAAS,OAAK,EAAO,SAAY,EAAQ,SACzC,gBAAiB,OACb,EAAO,iBACP,EAAQ,mBAOH,EAAoB,CAAC,EAAkB,IAAyB,CAC5E,GAAM,GAAiB,GACtB,GACA,GAAe,EAAQ,QAGxB,AAAI,kBAAgB,UACnB,OAAO,OAAO,EAAe,SAAS,QACrC,CAAC,CAAC,EAAQ,EAAa,KAAkB,CACxC,EAAQ,OAAO,EAAQ,EAAa,KAInC,kBAAgB,kBACnB,OAAO,OAAO,EAAe,iBAAiB,QAC7C,CAAC,CAAC,EAAQ,EAAa,KAAkB,CACxC,EAAQ,eAAe,EAAQ,EAAa,MHlKhD,GAAM,IAAiB,KAAO,IAAqB,CAClD,GAAM,GAAa,EACjB,0BACA,qBACA,QAAQ,QACR,OAAO,MAAO,EAAmB,IAAqB,CA3BzD,gBA4BG,GAAM,CACL,UACA,aACA,IAAK,EACL,IAAK,EACL,cACA,YACA,OACG,EAAQ,kBAGZ,GAAI,CACH,GAAI,GAEJ,EAAmB,KAAM,GAA2B,CACnD,UACA,OACC,GACA,QAAQ,IAAI,YACZ,SAAc,SAAd,cAAsB,MAAtB,cAA2B,QAC5B,IAAK,CACJ,SAAU,GAAe,+BAAe,SAAf,cAAuB,MAAvB,cAA4B,MAA5B,cAAiC,aAK5D,GAAM,GAAe,KAAM,IAAqB,GAG1C,EAAa,KAAM,GAAiB,QAAQ,GAE5C,EAA0B,KAAM,GAA4B,CACjE,SAAU,EACV,KAAM,IAEP,AACC,KAA4B,QAC5B,EAAwB,YAAc,KAEtC,MAAM,GAAoB,EAAgB,GAC1C,QAAQ,IACP,+BAA+B,EAC9B,uBACqB,EAAO,OAI/B,GAAM,GAAwB,GAAgB,CAC7C,WAAY,GAAK,QAChB,UACA,qCAED,OAAQ,CACP,IAAK,CACJ,IAAK,CACJ,SAAU,GAAe,IAE1B,OAAQ,GAAa,QAAQ,IAAI,eAI9B,EAAgC,KAAM,GAC3C,CACC,SAAU,EACV,KAAM,IAGR,AACC,KAAkC,QAClC,EAA8B,YAAc,KAE5C,MAAM,GAAoB,EAAY,GACtC,QAAQ,IAAI,wBAAwB,EAAO,aAEpC,EAAP,CACD,EAAQ,MAAM,MAIjB,SAAkB,GAEX,GAGD,GAAQ,GIhHf,wBAGA,4BACA,gCCJA,0BAEA,gDACA,uBCHA,mBACA,0BAEO,YAAoB,EAAc,CACxC,GAAI,CACH,MAAO,IAAI,UAAS,UAAU,EAAK,iBAClC,CAGD,MAAO,IAIF,GAAM,IAAW,KAAO,IAAqB,CACnD,GAAI,CACH,MAAO,IAAW,KAAM,IAAG,SAAS,SAAS,EAAU,eAC/C,EAAP,CACD,KAAI,aAAiB,OACd,GAAI,OACT,mBAAmB,GAAK,SAAS,QAAQ,MAAO,OAC/C,EAAM,WAIF,IDfF,GAAM,GAAY,KACxB,IACoC,CAXrC,4EAYC,GAAM,GAAM,QAAQ,MAEd,EAAa,KAAM,AADJ,IAAI,MACa,QAAQ,CAC7C,MAAO,EAAW,CAAC,GAAY,CAAC,GAAG,GAAqB,gBACxD,MACA,QAAS,GAAK,MAAM,GAAK,KACzB,WAAY,WAEb,GAAI,GAAY,IAAe,KAC9B,KAAM,IAAI,OAAM,8BAA8B,KAE/C,GAAI,GACH,GAAI,EAAW,SAAS,SAAU,CACjC,GAAM,GAAW,KAAM,IAAS,GAE5B,EAEJ,MACC,GAAW,SAAS,iBACnB,EAA8C,SAAW,OAE1D,EAAQ,EAA8C,OAEtD,EAAO,EAGD,CACN,OAAQ,OACR,SAAU,SACN,GACA,GAFM,CAGT,OAAQ,SACJ,iBAAM,QACN,EAAc,QAFV,CAGP,IAAK,SACD,oBAAM,SAAN,cAAc,KACd,wBAAe,SAAf,cAAuB,KAFtB,CAGJ,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,eAAgB,OACZ,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,gBAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,+BAMhB,EAAW,SAAS,OAAQ,CACtC,GAAM,GAAsB,KAAM,IAAc,CAC/C,SAAU,IAEL,EAAQ,EAAoB,IAAI,QACrC,EAAoB,IAAI,SACxB,EAAoB,IAErB,MAAO,CACN,OAAQ,KACR,SAAU,SACN,GACA,GAFM,CAGT,OAAQ,SACJ,iBAAM,QACN,EAAc,QAFV,CAGP,IAAK,SACD,oBAAM,SAAN,cAAc,KACd,wBAAe,SAAf,cAAuB,KAFtB,CAGJ,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,eAAgB,OACZ,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,gBAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,wBAS5B,MAAO,CAAE,OAAQ,gBAAiB,SAAU,ID5F7C,GAAM,IAAe,AAAC,GAAqB,CAC1C,GAAM,GAAa,EACjB,QAAQ,oBACR,qBACA,YACA,qGAEA,OACA,MACC,EACA,EACA,IACI,CAvBR,UAwBI,GAAM,CACL,aACA,IAAK,EACL,IAAK,EACL,WACA,UACG,EAAQ,kBAEN,CACL,SAAU,CAAE,UAAW,IACpB,KAAM,GAAU,GAEd,EAAmB,KAAM,GAA2B,CACzD,QAAS,GACT,IAAK,CACJ,SACC,GACA,wBAAQ,MAAR,cAAa,MAAb,cAAkB,WAClB,IAEF,OAAQ,GAAU,qBAAQ,MAAR,cAAa,UAG5B,EAEJ,GAAI,EACH,EAAc,GAAG,aAAa,EAAQ,gBAC5B,EAAQ,CAClB,GAAM,GAAiB,GAAG,aAAa,EAAQ,QAC/C,EAAc,KAAM,GAAiB,QAAQ,OAE7C,MAAM,IAAI,OAAM,0CAEjB,GAAI,EAAa,CAChB,GAAM,GAAa,GAAM,GACnB,CAAC,KAAgB,GAAmB,EAC1C,GAAM,EAAa,CAAC,GAAG,GAAkB,CACxC,MAAO,UACP,MAAO,GACP,IAAK,SACD,QAAQ,KACR,GAFC,CAGJ,eAAgB,KAAK,UAAU,OAAO,KAAK,QAI7C,EAAQ,WAER,MAAM,IAAI,OAAM,mCAKpB,SAAkB,EAAY,OAEvB,GAGD,GAAQ,GGrEf,GAAM,IAAoB,KAAO,IAAqB,CACrD,GAAM,GAAa,EACjB,0BACA,qBACA,QAAQ,WACR,OAAO,MAAO,EAAU,IAAqB,CAlBhD,cAmBG,GAAM,CACL,aACA,UACA,IAAK,EACL,IAAK,EACL,cACA,YACA,OACG,EAAQ,kBAGN,CAAE,SAAU,GAAiB,KAAM,GAAU,GACnD,GAAI,CACH,GAAI,GAEJ,EAAmB,KAAM,GAA2B,CACnD,UACA,OACC,GACA,QAAQ,IAAI,YACZ,SAAa,SAAb,cAAqB,MAArB,cAA0B,QAC3B,IAAK,CACJ,SAAU,GAAe,2BAAc,SAAd,cAAsB,MAAtB,cAA2B,MAA3B,cAAgC,aAK3D,GAAM,GAAe,KAAM,IAAqB,GAG1C,EAAY,KAAM,GAAiB,QAAQ,GAE3C,EAA0B,KAAM,GAA4B,CACjE,SAAU,EACV,KAAM,IAEP,AACC,KAA4B,QAC5B,EAAwB,YAAc,KAEtC,MAAM,GAAoB,EAAgB,GAC1C,QAAQ,IACP,+BAA+B,EAC9B,cACY,EAAO,aAGd,EAAP,CACD,EAAQ,MAAM,MAIjB,SAAkB,GAEX,GAGD,GAAQ,GC/Df,GAAM,IAAoB,KAAO,IAAqB,CACrD,GAAM,GAAa,EACjB,0BACA,qBACA,QAAQ,WACR,OAAO,MAAO,EAAU,IAAqB,CAlBhD,cAmBG,GAAM,CACL,UACA,aACA,IAAK,EACL,IAAK,EACL,cACA,YACA,OACG,EAAQ,kBAGN,CAAE,SAAU,GAAiB,KAAM,GAAU,GACnD,GAAI,CACH,GAAI,GAEJ,EAAmB,KAAM,GAA2B,CACnD,UACA,OACC,GACA,QAAQ,IAAI,YACZ,SAAa,SAAb,cAAqB,MAArB,cAA0B,QAC3B,IAAK,CACJ,SAAU,GAAe,2BAAc,SAAd,cAAsB,MAAtB,cAA2B,MAA3B,cAAgC,aAK3D,GAAM,GAAe,KAAM,IAAqB,GAG1C,EAAa,KAAM,GAAiB,QAAQ,GAE5C,EAA0B,KAAM,GAA4B,CACjE,SAAU,EACV,KAAM,IAEP,AACC,KAA4B,QAC5B,EAAwB,YAAc,KAEtC,MAAM,GAAoB,EAAgB,GAC1C,QAAQ,IACP,+BAA+B,EAC9B,cACY,EAAO,aAGd,EAAP,CACD,EAAQ,MAAM,MAIjB,SAAkB,GAEX,GAGD,GAAQ,GCuCR,GAAM,IAAY,AAAC,GAClB,MAAO,IAAU,UCjHzB,wBAQA,gCCXA,wBACO,GAAM,IAAgB,MAAO,CACnC,YACA,OACA,aAMI,IAAS,GACL,CAAE,QAAS,IAEH,GAAY,KAAM,KAAc,IAEvC,KAAM,IAAQ,CACpB,KAAM,UACN,KAAM,UACN,QAAS,IACD,IAKJ,CAAE,QAAS,ICxBnB,2EAOO,GAAM,IAAS,KAAO,IAEvB,CACL,GAAM,CAAE,UAAW,GAAW,GAExB,CAAE,uBAAsB,mBAC7B,KAAM,IAA2B,CAChC,KAAM,GACN,IAAK,KAAK,QAAQ,OAGd,EAAY,GAAI,IAAU,CAC/B,YAAa,EAAqB,MAClC,OAAQ,GAAU,EAAgB,QAGnC,MAAO,MACA,KAAI,EAA4D,CACrE,OAAW,KAAuB,GAAsB,CACvD,GAAM,GAAU,GAAI,IAAoB,OACpC,GADoC,CAEvC,UAAW,MAEZ,KAAM,GAAU,KAAK,OC9BzB,wLAUO,GAAM,IAAoB,KAAO,IAElC,CACL,GAAM,CAAE,UAAW,GAAW,GAExB,CAAE,uBAAsB,mBAC7B,KAAM,IAA2B,CAChC,KAAM,GACN,IAAK,KAAK,QAAQ,OAGd,EAAuB,GAAI,IAAqB,CACrD,YAAa,EAAqB,MAClC,OAAQ,GAAU,EAAgB,QAGnC,MAAO,MACA,MAAK,EAA6C,CACvD,GAAM,GAA8C,GAE9C,EAA8C,GACpD,OAAW,KAAuB,GAAsB,CAGvD,GAAM,GAAwB,GAAI,IAAsB,CACvD,SAAU,EAAoB,OAE/B,GAAI,CACH,GAAM,GAAS,KAAM,GAAqB,KAAK,GAE/C,EAAqB,KACpB,GAAI,IAAoB,CACvB,SAAU,EAAO,IACjB,aAAc,EAAoB,sBAG5B,EAAP,CACD,AAAI,YAAa,KAEhB,EAAqB,KACpB,GAAI,IAAoB,CACvB,KAAM,EAAoB,KAC1B,aAAc,EAAoB,iBAOvC,MAAO,CACN,uBACA,uBACA,KAAM,SAAY,CACjB,OAAW,KAAuB,GACjC,KAAM,GAAqB,KAAK,GAGjC,OAAW,KAAuB,GACjC,KAAM,GAAqB,KAAK,QHjDtC,GAAM,IAAiB,KAAO,IAAqB,CAClD,GAAM,GAAa,EACjB,0BACA,qBACA,QAAQ,QACR,OAAO,MAAO,EAAU,IAAqB,CAxBhD,8BAyBG,GAAM,CACL,aACA,UACA,MACA,MACA,cACA,YACA,MACA,WACA,uBACG,EAAQ,kBAEZ,GAAI,CAAE,IAAY,GACjB,KAAM,IAAI,OACT,6EAGF,GAAM,CAAE,SAAU,GAAiB,KAAM,GAAU,GAE/C,EACA,EAWJ,GAVA,EAAmB,KAAM,GAA2B,CACnD,UACA,OACC,GACA,QAAQ,IAAI,YACZ,SAAa,SAAb,cAAqB,MAArB,cAA0B,QAC3B,IAAK,CACJ,SAAU,GAAe,2BAAc,SAAd,cAAsB,MAAtB,cAA2B,MAA3B,cAAgC,aAGvD,EAAK,CACR,GAAM,GAAiB,GAAU,GAC9B,GACA,EACH,EAAc,GAAG,aAAa,EAAgB,gBACpC,EAAK,CACf,GAAM,GAAiB,GAAU,GAC9B,GACA,EACG,EAAiB,GAAG,aAAa,EAAgB,QACvD,EAAc,KAAM,GAAiB,QAAQ,OAE7C,MAAM,IAAI,OAAM,0CAGjB,GAAM,GAAY,GAAM,GAGxB,GAAI,CACH,GAAI,EAAU,CACb,GAAM,GAAc,uBAAc,SAAd,cAAsB,MAAtB,cAA2B,IACzC,EAAU,kBAAa,gBAAiB,eAExC,EAAa,kBAAa,aAAc,GACxC,EAAuB,OAAO,QAAQ,GAAW,OAErD,CAAC,EAAK,CAAC,EAAK,KAAW,CAlF9B,YAmFM,GAAI,KAAa,YAAb,cAAyB,GAAM,CAClC,GAAM,GAAQ,KAAa,YAAb,cAAyB,GACvC,GAAI,EAAO,CACV,GAAM,IAAU,GAAG,IAAa,IAChC,GAAI,QAAM,OAAN,cAAY,MAAZ,cAAiB,IAAK,CACzB,GAAM,IAA2C,GAChD,EAAM,KAAK,IAAI,KAEb,CACA,KAAM,GACN,MAAO,EACP,KAAM,GAEN,KACA,KAAM,GACN,KAAM,GACH,EAAM,KAAK,IAAI,KAHlB,CAIA,MAAO,IAGV,EAAI,KAAK,MAMZ,MAAO,IACL,IAEG,CAAE,WAAY,KAAM,IAAc,CACvC,QAAS;AAAA,EACb,EACA,IAAI,CAAC,CAAE,UAAW,KAAK,EAAO,GAAQ,gBACtC,KAAK;AAAA,KACD,KAAM,IAGP,AAAI,IAAY,IACf,SAAQ,IAAI,sCAKZ,KAAM,AAJM,MAAM,IAAO,CACxB,OAAQ,GAAa,wBAAc,SAAd,cAAsB,MAAtB,cAA2B,WAGvC,IAAI,IAKhB,GAAI,EAAqB,CAExB,GAAM,GACL,uBAAc,SAAd,cAAsB,MAAtB,cAA2B,eACtB,EAAa,kBAAwB,aAAc,GACnD,EAAqB,KAAM,IAAkB,CAClD,OACC,GACA,QAAQ,IAAI,YACZ,SAAa,SAAb,cAAqB,MAArB,cAA0B,UAGtB,EAAuB,OAAO,QAAQ,GAAW,OAErD,CAAC,EAAK,CAAC,EAAK,KAAW,CAjJ9B,cAkJM,GAAI,KAAa,YAAb,cAAyB,GAAM,CAClC,GAAM,IAAQ,KAAa,YAAb,cAAyB,GACvC,GAAI,GAAO,CACV,GAAM,IAAU,GAAG,IAAa,IAChC,GAAI,WAAM,OAAN,eAAY,MAAZ,eAAiB,IAAK,CACzB,GAAM,IAA2C,GAChD,GAAM,KAAK,IAAI,KAEb,CACA,KAAM,GACN,aAAc,GAEd,KACA,KAAM,IACH,GAAM,KAAK,IAAI,KAFlB,CAGA,aAAc,IAGjB,EAAI,KAAK,MAKZ,MAAO,IACL,IACG,CAAE,OAAM,uBAAsB,wBACnC,KAAM,GAAmB,KAAK,GACzB,EAA2B,GACjC,GAAI,EAAqB,OAAS,EAAG,CACpC,GAAM,CAAE,QAAS,GAAkB,KAAM,IAAc,CACtD,QAAS;AAAA,EACd,EACA,IAAI,CAAC,CAAE,MAAO,CAAE,eAAiB,KAAK,EAAO,GAAY,gBACzD,KAAK;AAAA,KACA,KAAM,IAGP,EAAc,KAAK,GAGpB,GAAI,EAAqB,OAAS,EAAG,CACpC,GAAM,CAAE,QAAS,GAAkB,KAAM,IAAc,CACtD,QAAS;AAAA,EACd,EACA,IAAI,CAAC,CAAE,MAAO,CAAE,WAAa,KAAK,EAAO,GAAQ,gBACjD,KAAK;AAAA,KACA,KAAM,IAGP,EAAc,KAAK,GAGpB,AAAK,EAAc,KAAK,AAAC,GAAM,IAAM,KACpC,SAAQ,IAAI,kCAEZ,KAAM,aAGA,EAAP,CACD,EAAQ,MAAM,MAIjB,SAAkB,GAEX,GAGD,GAAQ,GhB9Mf,GAAM,GAAU,GAAI,IAEpB,EACE,KAAK,UACL,YAAY,oBACZ,QAAQ,SACR,0BACA,OAAO,CAAC,EAAU,IAAmB,CACrC,EAAM,SAGR,EAAkB,GAClB,AAAC,UAAY,CACZ,KAAM,IAAe,GACrB,KAAM,IAAc,GACpB,KAAM,IAAkB,GACxB,KAAM,IAAkB,GACxB,KAAM,IAAe,GAErB,EAAQ",
3
+ "sources": ["../../src/cli/index.ts", "../../src/constants.ts", "../../src/lib/json.ts", "../../src/lib/getConfig.ts", "../../src/lib/loadDotsecPlugin.ts", "../../src/lib/addPluginOptions.ts", "../../src/lib/io.ts", "../../src/utils/logging.ts", "../../src/cli/options/index.ts", "../../src/cli/options/sharedOptions.ts", "../../src/cli/options/decrypt.ts", "../../src/cli/options/dotsec.ts", "../../src/cli/options/encrypt.ts", "../../src/cli/options/init.ts", "../../src/cli/options/push.ts", "../../src/cli/options/run.ts", "../../src/cli/commands/decrypt.ts", "../../src/cli/commands/encrypt.ts", "../../src/lib/transformer.ts", "../../src/cli/commands/init.ts", "../../src/cli/commands/push.ts", "../../src/cli/commands/run.ts"],
4
+ "sourcesContent": ["import { Command } from \"commander\";\n\nimport { getMagicalConfig } from \"../lib/getConfig\";\nimport { loadDotsecPlugin } from \"../lib/loadDotsecPlugin\";\nimport {\n\tDotsecCliPluginDecryptHandler,\n\tDotsecCliPluginEncryptHandler,\n\tDotsecCliPluginPushHandler,\n\tDotsecPluginConfig,\n} from \"../types/plugin\";\nimport addDecryptProgram from \"./commands/decrypt\";\nimport addEncryptProgram from \"./commands/encrypt\";\nimport addInitCommand from \"./commands/init\";\nimport addPushProgram from \"./commands/push\";\nimport addRunCommand from \"./commands/run\";\nimport { setProgramOptions } from \"./options\";\nimport Ajv, { KeywordDefinition } from \"ajv\";\nimport yargsParser from \"yargs-parser\";\n\nconst separator: KeywordDefinition = {\n\tkeyword: \"separator\",\n\ttype: \"string\",\n\tmetaSchema: {\n\t\ttype: \"string\",\n\t\tdescription: \"value separator\",\n\t},\n\tmodifying: true,\n\tvalid: true,\n\terrors: false,\n\tcompile: (schema) => (data, ctx) => {\n\t\tif (ctx) {\n\t\t\tconst { parentData, parentDataProperty } = ctx;\n\t\t\tparentData[parentDataProperty] = data === \"\" ? [] : data.split(schema);\n\t\t\treturn true;\n\t\t} else {\n\t\t\treturn false;\n\t\t}\n\t},\n};\n\nconst program = new Command();\n\n(async () => {\n\tconst parsedOptions = yargsParser(process.argv);\n\tconst argvPluginModules: string[] = [];\n\tif (parsedOptions.plugin) {\n\t\tif (Array.isArray(parsedOptions.plugin)) {\n\t\t\targvPluginModules.push(...parsedOptions.plugin);\n\t\t} else {\n\t\t\targvPluginModules.push(parsedOptions.plugin);\n\t\t}\n\t}\n\t// if (parsedOptions.p) {\n\t// \tif (Array.isArray(parsedOptions.p)) {\n\t// \t\targvPluginModules.push(...parsedOptions.p);\n\t// \t} else {\n\t// \t\targvPluginModules.push(parsedOptions.p);\n\t// \t}\n\t// }\n\tconst configFile = [\n\t\t...(Array.isArray(parsedOptions.config)\n\t\t\t? parsedOptions.config\n\t\t\t: [parsedOptions.config]),\n\t\t...(Array.isArray(parsedOptions.c) ? parsedOptions.c : [parsedOptions.c]),\n\t]?.[0];\n\n\tconst { contents: dotsecConfig = {} } = await getMagicalConfig(configFile);\n\tconst { defaults, push: pushVariables } = dotsecConfig;\n\n\tprogram\n\t\t.name(\"dotsec\")\n\t\t.description(\".env, but secure\")\n\t\t.version(\"1.0.0\")\n\t\t.enablePositionalOptions()\n\t\t.action((_options, other: Command) => {\n\t\t\tother.help();\n\t\t});\n\tsetProgramOptions({ program, dotsecConfig: dotsecConfig });\n\tconst ajv = new Ajv({\n\t\tallErrors: true,\n\t\tremoveAdditional: true,\n\t\tuseDefaults: true,\n\t\tcoerceTypes: true,\n\t\tallowUnionTypes: true,\n\t\taddUsedSchema: false,\n\t\tkeywords: [separator],\n\t});\n\t// if we have plugins in the cli, we need to define them in pluginModules\n\tconst pluginModules: { [key: string]: string } = {};\n\tif (argvPluginModules.length > 0) {\n\t\tfor (const pluginModule of argvPluginModules) {\n\t\t\t// let's load em up\n\t\t\tconst plugin = await loadDotsecPlugin({ name: pluginModule });\n\n\t\t\t// good, let's fire 'em up\n\t\t\tconst loadedPlugin = await plugin({\n\t\t\t\tdotsecConfig: dotsecConfig,\n\t\t\t\tajv,\n\t\t\t\tconfigFile,\n\t\t\t});\n\t\t\tpluginModules[loadedPlugin.name] = pluginModule;\n\n\t\t\tif (argvPluginModules.length === 1) {\n\t\t\t\t// if we only have one plugin, let's set it as the default\n\t\t\t\tdotsecConfig.defaults = {\n\t\t\t\t\t...dotsecConfig.defaults,\n\t\t\t\t\tencryptionEngine: String(loadedPlugin.name),\n\t\t\t\t\tplugins: {\n\t\t\t\t\t\t...dotsecConfig.defaults?.plugins,\n\t\t\t\t\t\t[loadedPlugin.name]: {\n\t\t\t\t\t\t\t...dotsecConfig.defaults?.plugins?.[loadedPlugin.name],\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t};\n\t\t\t}\n\t\t}\n\t}\n\n\tif (defaults?.encryptionEngine) {\n\t\tif (!defaults?.plugins?.[defaults.encryptionEngine]) {\n\t\t\tdefaults.plugins = {\n\t\t\t\t...defaults.plugins,\n\t\t\t\t[defaults.encryptionEngine]: {},\n\t\t\t};\n\t\t}\n\t}\n\tif (defaults?.plugins) {\n\t\tObject.entries(defaults?.plugins).forEach(\n\t\t\t([pluginName, pluginModule]: [string, DotsecPluginConfig]) => {\n\t\t\t\tif (pluginModule?.module) {\n\t\t\t\t\tpluginModules[pluginName] = pluginModule?.module;\n\t\t\t\t} else {\n\t\t\t\t\tpluginModules[pluginName] = `@dotsec/plugin-${pluginName}`;\n\t\t\t\t}\n\t\t\t},\n\t\t);\n\t}\n\n\tObject.values(pushVariables || {}).forEach((pushVariable) => {\n\t\tObject.keys(pushVariable).forEach((pluginName) => {\n\t\t\tif (!pluginModules[pluginName]) {\n\t\t\t\tpluginModules[pluginName] = `@dotsec/plugin-${pluginName}`;\n\t\t\t}\n\t\t});\n\t});\n\n\t// configure encryption command\n\tconst cliPluginEncryptHandlers: DotsecCliPluginEncryptHandler[] = [];\n\tconst cliPluginDecryptHandlers: DotsecCliPluginDecryptHandler[] = [];\n\tconst cliPluginPushHandlers: {\n\t\tpush: DotsecCliPluginPushHandler;\n\t\tdecrypt: DotsecCliPluginDecryptHandler;\n\t}[] = [];\n\n\tfor (const pluginName of Object.keys(pluginModules)) {\n\t\tconst pluginModule = pluginModules[pluginName];\n\t\tconst initDotsecPlugin = await loadDotsecPlugin({ name: pluginModule });\n\t\tconst { addCliCommand, cliHandlers: cli } = await initDotsecPlugin({\n\t\t\tajv,\n\t\t\tdotsecConfig: dotsecConfig,\n\t\t\tconfigFile,\n\t\t});\n\n\t\tif (cli?.encrypt) {\n\t\t\tcliPluginEncryptHandlers.push(cli.encrypt);\n\t\t}\n\t\tif (cli?.decrypt) {\n\t\t\tcliPluginDecryptHandlers.push(cli.decrypt);\n\t\t\tif (cli?.push) {\n\t\t\t\tcliPluginPushHandlers.push({ push: cli.push, decrypt: cli.decrypt });\n\t\t\t}\n\t\t}\n\n\t\tif (addCliCommand) {\n\t\t\taddCliCommand({ program });\n\t\t}\n\t}\n\tif (cliPluginEncryptHandlers.length) {\n\t\tawait addEncryptProgram(program, {\n\t\t\tdotsecConfig: dotsecConfig,\n\t\t\tencryptHandlers: cliPluginEncryptHandlers,\n\t\t});\n\t}\n\tif (cliPluginDecryptHandlers.length) {\n\t\tawait addDecryptProgram(program, {\n\t\t\tdotsecConfig: dotsecConfig,\n\t\t\tdecryptHandlers: cliPluginDecryptHandlers,\n\t\t});\n\t}\n\tif (cliPluginPushHandlers.length) {\n\t\tawait addPushProgram(program, {\n\t\t\tdotsecConfig: dotsecConfig,\n\t\t\thandlers: cliPluginPushHandlers,\n\t\t});\n\t}\n\n\t// add other commands\n\tawait addInitCommand(program, { dotsecConfig: dotsecConfig });\n\tawait addRunCommand(program, {\n\t\tdotsecConfig: dotsecConfig,\n\t\tdecryptHandlers: cliPluginDecryptHandlers,\n\t});\n\tawait program.parse();\n})();\n", "import { DotsecConfig } from \"./types/config\";\n\nexport const DOTSEC_DEFAULT_CONFIG_FILE = \"dotsec.config.ts\";\nexport const DOTSEC_CONFIG_FILES = [DOTSEC_DEFAULT_CONFIG_FILE];\nexport const DOTSEC_DEFAULT_DOTSEC_FILENAME = \".sec\";\nexport const DOTSEC_DEFAULT_DOTENV_FILENAME = \".env\";\nexport const defaultConfig: DotsecConfig = {};\n", "import fs from \"fs\";\nimport path from \"node:path\";\n\n/**\n * Parse JSONC\n * @date 12/7/2022 - 12:48:45 PM\n *\n * @export\n * @param {string} data\n * @returns {*}\n */\nexport function jsoncParse(data: string) {\n\ttry {\n\t\treturn new Function(`return ${data.trim()}`)();\n\t} catch {\n\t\t// Silently ignore any error\n\t\t// That's what tsc/jsonc-parser did after all\n\t\treturn {};\n\t}\n}\n\n/**\n * Load JSON\n * @date 12/7/2022 - 12:48:57 PM\n *\n * @async\n * @param {string} filepath\n * @returns {unknown}\n */\nexport const loadJson = async (filepath: string) => {\n\ttry {\n\t\treturn jsoncParse(await fs.promises.readFile(filepath, \"utf8\"));\n\t} catch (error) {\n\t\tif (error instanceof Error) {\n\t\t\tthrow new Error(\n\t\t\t\t`Failed to parse ${path.relative(process.cwd(), filepath)}: ${\n\t\t\t\t\terror.message\n\t\t\t\t}`,\n\t\t\t);\n\t\t} else {\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n", "import { DOTSEC_CONFIG_FILES, defaultConfig } from \"../constants\";\nimport { DotsecConfig } from \"../types/config\";\nimport { DotsecConfigAndSource } from \"../types/plugin\";\nimport { loadJson } from \"./json\";\nimport { bundleRequire } from \"bundle-require\";\nimport JoyCon from \"joycon\";\nimport path from \"path\";\n\nexport const getMagicalConfig = async (\n\tfilename?: string,\n): Promise<DotsecConfigAndSource> => {\n\tconst cwd = process.cwd();\n\tconst configJoycon = new JoyCon();\n\tconst configPath = await configJoycon.resolve({\n\t\tfiles: filename ? [filename] : [...DOTSEC_CONFIG_FILES, \"package.json\"],\n\t\tcwd,\n\t\tstopDir: path.parse(cwd).root,\n\t\tpackageKey: \"dotsec\",\n\t});\n\tif (filename && configPath === null) {\n\t\tthrow new Error(`Could not find config file ${filename}`);\n\t}\n\tif (configPath) {\n\t\tif (configPath.endsWith(\".json\")) {\n\t\t\tconst rawData = (await loadJson(configPath)) as Partial<DotsecConfig>;\n\n\t\t\tlet data: Partial<DotsecConfig>;\n\n\t\t\tif (\n\t\t\t\tconfigPath.endsWith(\"package.json\") &&\n\t\t\t\t(rawData as { dotsec: Partial<DotsecConfig> }).dotsec !== undefined\n\t\t\t) {\n\t\t\t\tdata = (rawData as { dotsec: Partial<DotsecConfig> }).dotsec;\n\t\t\t} else {\n\t\t\t\tdata = rawData as Partial<DotsecConfig>;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tsource: \"json\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tdefaults: {\n\t\t\t\t\t\t...data?.defaults,\n\t\t\t\t\t\t...defaultConfig.defaults,\n\t\t\t\t\t\tplugins: {\n\t\t\t\t\t\t\t...data?.defaults?.plugins,\n\t\t\t\t\t\t\t...defaultConfig.defaults?.plugins,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tpush: {\n\t\t\t\t\t\t...data?.push,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t} else if (configPath.endsWith(\".ts\")) {\n\t\t\tconst bundleRequireResult = await bundleRequire({\n\t\t\t\tfilepath: configPath,\n\t\t\t});\n\t\t\tconst data = (bundleRequireResult.mod.dotsec ||\n\t\t\t\tbundleRequireResult.mod.default ||\n\t\t\t\tbundleRequireResult.mod) as Partial<DotsecConfig>;\n\n\t\t\treturn {\n\t\t\t\tsource: \"ts\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tdefaults: {\n\t\t\t\t\t\t...data?.defaults,\n\t\t\t\t\t\t...defaultConfig.defaults,\n\t\t\t\t\t\tplugins: {\n\t\t\t\t\t\t\t...data?.defaults?.plugins,\n\t\t\t\t\t\t\t...defaultConfig.defaults?.plugins,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tpush: {\n\t\t\t\t\t\t...data?.push,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\t}\n\n\treturn { source: \"defaultConfig\", contents: defaultConfig };\n};\n", "import { DotsecPluginModule } from \"../types/plugin\";\n\nexport const loadDotsecPlugin = async (options: {\n\tname: string;\n}): Promise<DotsecPluginModule> => {\n\treturn import(options.name).then((imported) => {\n\t\treturn imported.default;\n\t});\n};\n", "import { DotsecCliOption } from \"../types/plugin\";\nimport { Command, Option } from \"commander\";\n\nexport const addPluginOptions = (\n\toptions:\n\t\t| {\n\t\t\t\t[x: string]: DotsecCliOption;\n\t\t }\n\t\t| undefined,\n\tcommand: Command,\n\tmandatory?: boolean,\n) => {\n\tif (options) {\n\t\tObject.values(options).map((option) => {\n\t\t\tlet optionProps:\n\t\t\t\t| {\n\t\t\t\t\t\tflags: string;\n\t\t\t\t\t\tdescription?: string;\n\t\t\t\t\t\tdefaultValue?: string | boolean | string[];\n\t\t\t\t\t\tfn?: (value: string, previous: unknown) => unknown;\n\t\t\t\t\t\tregexp?: RegExp;\n\t\t\t\t\t\tenv?: string;\n\t\t\t\t }\n\t\t\t\t| undefined;\n\t\t\tif (Array.isArray(option)) {\n\t\t\t\tconst [flags, description, defaultValue] = option;\n\t\t\t\toptionProps = {\n\t\t\t\t\tflags,\n\t\t\t\t\tdescription,\n\t\t\t\t\tdefaultValue,\n\t\t\t\t};\n\t\t\t} else {\n\t\t\t\tconst { flags, description, defaultValue, env, fn } = option;\n\t\t\t\toptionProps = {\n\t\t\t\t\tflags,\n\t\t\t\t\tdescription,\n\t\t\t\t\tdefaultValue,\n\t\t\t\t\tenv,\n\t\t\t\t\tfn,\n\t\t\t\t};\n\t\t\t}\n\n\t\t\tif (optionProps) {\n\t\t\t\tconst newOption = new Option(\n\t\t\t\t\toptionProps.flags,\n\t\t\t\t\toptionProps.description,\n\t\t\t\t);\n\t\t\t\tif (optionProps.fn) {\n\t\t\t\t\tnewOption.argParser(optionProps.fn);\n\t\t\t\t}\n\t\t\t\tif (optionProps.defaultValue) {\n\t\t\t\t\tnewOption.default(optionProps.defaultValue);\n\t\t\t\t}\n\t\t\t\tif (optionProps.env) {\n\t\t\t\t\tnewOption.env(optionProps.env);\n\t\t\t\t}\n\t\t\t\tif (mandatory) {\n\t\t\t\t\tnewOption.makeOptionMandatory(true);\n\t\t\t\t}\n\t\t\t\tcommand.addOption(newOption);\n\t\t\t}\n\t\t});\n\t}\n};\n", "import fs, { stat } from \"node:fs/promises\";\nimport path from \"node:path\";\nimport prompts from \"prompts\";\n\nexport const readContentsFromFile = async (\n\tfilePath: string,\n): Promise<string> => {\n\treturn await fs.readFile(filePath, \"utf-8\");\n};\n\nexport const writeContentsToFile = async (\n\tfilePath: string,\n\tcontents: string,\n): Promise<void> => {\n\treturn await fs.writeFile(filePath, contents, \"utf-8\");\n};\n\nexport const fileExists = async (source: string): Promise<boolean> => {\n\ttry {\n\t\tawait stat(source);\n\t\treturn true;\n\t} catch {\n\t\treturn false;\n\t}\n};\n\nexport const promptOverwriteIfFileExists = async ({\n\tfilePath,\n\tskip,\n}: {\n\tfilePath: string;\n\tskip?: boolean;\n}) => {\n\tlet overwriteResponse: prompts.Answers<\"overwrite\"> | undefined;\n\n\tif ((await fileExists(filePath)) && skip !== true) {\n\t\toverwriteResponse = await prompts({\n\t\t\ttype: \"confirm\",\n\t\t\tname: \"overwrite\",\n\t\t\tmessage: () => {\n\t\t\t\treturn `Overwrite './${path.relative(process.cwd(), filePath)}' ?`;\n\t\t\t},\n\t\t});\n\t} else {\n\t\toverwriteResponse = undefined;\n\t}\n\treturn overwriteResponse;\n};\n", "import chalk from \"chalk\"\nimport Table = require(\"cli-table\")\nexport { Table }\n\nlet _logger: Pick<Console, \"info\" | \"error\" | \"table\">\nexport const getLogger = () => {\n\tif (!_logger) {\n\t\t_logger = console\n\t}\n\n\treturn _logger\n}\nexport const writeLine = (str: string) => {\n\tprocess.stdout.write(str)\n}\nexport const emphasis = (str: string): string => chalk.yellowBright(str)\nexport const strong = (str: string): string => chalk.yellow.bold(str)\n\nexport const clientLogger = {\n\tdebug(content: object) {\n\t\tconsole.log(content)\n\t},\n\tinfo(content: object) {\n\t\tconsole.log(content)\n\t},\n\twarn(content: object) {\n\t\tconsole.log(content)\n\t},\n\terror(content: object) {\n\t\tconsole.error(content)\n\t},\n}\n", "import { DotsecConfig } from \"../../types/index\";\nimport { Command, Option } from \"commander\";\n\nimport decryptCommandDefaults from \"./decrypt\";\nimport dotsecCommandDefaults from \"./dotsec\";\nimport encryptCommandDefaults from \"./encrypt\";\nimport initCommandDefaults from \"./init\";\nimport pullCommandDefaults from \"./push\";\nimport pushCommandDefaults from \"./push\";\nimport runCommandDefaults from \"./run\";\nimport {\n\tCommandOption,\n\tDotSecCommandDefaults,\n\tDotSecCommandOptions,\n\tDotSecCommandsDefaults,\n\tExpandedCommandOption,\n} from \"./types\";\n\nexport const commandOptions: DotSecCommandsDefaults = {\n\t...dotsecCommandDefaults,\n\t...initCommandDefaults,\n\t...encryptCommandDefaults,\n\t...decryptCommandDefaults,\n\t...runCommandDefaults,\n\t...pushCommandDefaults,\n\t...pullCommandDefaults,\n};\n\nconst getInheritedOptions = (\n\tcopts: DotSecCommandsDefaults,\n\tcommandName: string,\n\tresult: {\n\t\toptions?: DotSecCommandOptions;\n\t\trequiredOptions?: DotSecCommandOptions;\n\t} = {},\n): DotSecCommandDefaults | undefined => {\n\tconst command = copts[commandName];\n\tif (command) {\n\t\tif (command.inheritsFrom) {\n\t\t\treturn command?.inheritsFrom.reduce(\n\t\t\t\t(acc, inheritedCommandName) => {\n\t\t\t\t\treturn getInheritedOptions(copts, inheritedCommandName, acc);\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\t...command,\n\t\t\t\t\toptions: { ...result.options, ...command.options },\n\t\t\t\t\trequiredOptions: {\n\t\t\t\t\t\t...result.requiredOptions,\n\t\t\t\t\t\t...command.requiredOptions,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t);\n\t\t} else {\n\t\t\treturn {\n\t\t\t\t...command,\n\t\t\t\toptions: { ...result.options, ...command.options },\n\t\t\t\trequiredOptions: {\n\t\t\t\t\t...result.requiredOptions,\n\t\t\t\t\t...command.requiredOptions,\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\t}\n};\n\nconst expandCommandOption = (\n\tcommandOption: CommandOption | ExpandedCommandOption,\n): ExpandedCommandOption => {\n\tif (Array.isArray(commandOption)) {\n\t\treturn {\n\t\t\toption: commandOption,\n\t\t};\n\t} else {\n\t\treturn commandOption;\n\t}\n};\n\nconst createOption = (\n\tcommandOption: CommandOption | ExpandedCommandOption,\n\toptions: {\n\t\trequired?: boolean;\n\t\tdotsecConfig?: DotsecConfig;\n\t\toptionKey: string;\n\t},\n): Option => {\n\tconst expandedCommandOption = expandCommandOption(commandOption);\n\tconst [option, description, defaultValue] = expandedCommandOption.option;\n\tconst defaultOptionValueFromConfig =\n\t\toptions?.dotsecConfig?.defaults?.options?.[options?.optionKey];\n\n\tconst newOption = new Option(\n\t\toption,\n\t\tdescription +\n\t\t\t(defaultOptionValueFromConfig ? \". Default from config.\" : \"\"),\n\t);\n\tif (defaultValue) {\n\t\tnewOption.default(defaultOptionValueFromConfig || defaultValue);\n\t}\n\tif (expandedCommandOption.env) {\n\t\tnewOption.env(expandedCommandOption.env);\n\t}\n\tif (options?.required) {\n\t\tnewOption.makeOptionMandatory(true);\n\t}\n\treturn newOption;\n};\nexport const setProgramOptions = (params: {\n\tprogram: Command;\n\tcommandName?: string;\n\tdotsecConfig: DotsecConfig;\n}) => {\n\tconst { program, commandName, dotsecConfig } = params;\n\tconst programOptions = commandOptions[commandName || program.name()];\n\n\tif (programOptions) {\n\t\tconst { options, requiredOptions, description, usage, helpText } =\n\t\t\tprogramOptions;\n\t\tif (options) {\n\t\t\tObject.keys(options).forEach((optionKey) => {\n\t\t\t\tconst commandOption = options[optionKey];\n\t\t\t\tconst newOption = createOption(commandOption, {\n\t\t\t\t\tdotsecConfig,\n\t\t\t\t\toptionKey,\n\t\t\t\t});\n\n\t\t\t\tprogram.addOption(newOption);\n\t\t\t});\n\t\t}\n\t\tif (requiredOptions) {\n\t\t\tObject.keys(requiredOptions).forEach((requiredOptionKey) => {\n\t\t\t\tconst requiredOption = requiredOptions[requiredOptionKey];\n\t\t\t\tconst newOption = createOption(requiredOption, {\n\t\t\t\t\trequired: true,\n\t\t\t\t\tdotsecConfig,\n\t\t\t\t\toptionKey: requiredOptionKey,\n\t\t\t\t});\n\n\t\t\t\tprogram.addOption(newOption);\n\t\t\t});\n\t\t}\n\t\tif (description) {\n\t\t\tprogram.description(description);\n\t\t}\n\t\tif (usage) {\n\t\t\tprogram.description(usage);\n\t\t}\n\t\tif (helpText) {\n\t\t\tprogram.description(helpText);\n\t\t}\n\t}\n};\n", "import {\n\tDOTSEC_DEFAULT_DOTENV_FILENAME,\n\tDOTSEC_DEFAULT_DOTSEC_FILENAME,\n} from \"../../constants\";\nimport { ExpandedCommandOption } from \"./types\";\n\nexport const envFileOption: ExpandedCommandOption = {\n\toption: [\n\t\t\"--env-file <envFile>\",\n\t\t`Path to .env file. If not provided, will look for value in 'ENV_FILE' environment variable. If not provided, will look for '${DOTSEC_DEFAULT_DOTENV_FILENAME}' file in current directory.`,\n\t\tDOTSEC_DEFAULT_DOTENV_FILENAME,\n\t],\n\tenv: \"ENV_FILE\",\n};\nexport const secFileOption: ExpandedCommandOption = {\n\toption: [\n\t\t\"--sec-file, <secFile>\",\n\t\t`Path to .sec file. If not provided, will look for value in 'SEC_FILE' environment variable. If not provided, will look for '${DOTSEC_DEFAULT_DOTSEC_FILENAME}' file in current directory.`,\n\t\tDOTSEC_DEFAULT_DOTSEC_FILENAME,\n\t],\n\tenv: \"SEC_FILE\",\n};\n\nexport const withEnvOption: ExpandedCommandOption = {\n\toption: [\"--with-env, --withEnv\", \"Run command using a dot env file\"],\n};\n\nexport const withSecOption: ExpandedCommandOption = {\n\toption: [\"--with-sec, --withSec\", \"Run command with a dotsec file\"],\n};\n\nexport const yesOption: ExpandedCommandOption = {\n\toption: [\"--yes\", \"Skip confirmation prompts\"],\n};\n", "import { envFileOption, secFileOption, yesOption } from \"./sharedOptions\";\nimport { DotSecCommandsDefaults } from \"./types\";\n\nconst decryptCommandDefaults: DotSecCommandsDefaults = {\n\tdecrypt: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\tenvFile: envFileOption,\n\t\t\tsecFile: secFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\t},\n};\n\nexport default decryptCommandDefaults;\n", "import { DOTSEC_DEFAULT_CONFIG_FILE } from \"../../constants\";\nimport { DotSecCommandsDefaults } from \"./types\";\n\nconst dotsecCommandDefaults: DotSecCommandsDefaults = {\n\tdotsec: {\n\t\toptions: {\n\t\t\tverbose: [\"--verbose\", \"Verbose output\", false],\n\t\t\tconfigFile: [\n\t\t\t\t\"-c, --config-file, --configFile <configFile>\",\n\t\t\t\t\"Config file\",\n\t\t\t\tDOTSEC_DEFAULT_CONFIG_FILE,\n\t\t\t],\n\t\t\tplugin: [\"--plugin <plugin>\", \"Comma-separated list of plugins to use\"],\n\t\t},\n\t},\n};\n\nexport default dotsecCommandDefaults;\n", "import { envFileOption, secFileOption, yesOption } from \"./sharedOptions\";\nimport { DotSecCommandsDefaults } from \"./types\";\n\nconst encryptCommandDefaults: DotSecCommandsDefaults = {\n\tencrypt: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\tenvFile: envFileOption,\n\t\t\tsecFile: secFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\t},\n};\n\nexport default encryptCommandDefaults;\n", "import { DOTSEC_DEFAULT_CONFIG_FILE } from \"../../constants\";\nimport { envFileOption, secFileOption, yesOption } from \"./sharedOptions\";\nimport { DotSecCommandsDefaults } from \"./types\";\n\nconst initCommandDefaults: DotSecCommandsDefaults = {\n\tinit: {\n\t\toptions: {\n\t\t\tverbose: [\"--verbose\", \"Verbose output\", false],\n\t\t\tconfigFile: [\n\t\t\t\t\"-c, --config-file, --configFile <configFile>\",\n\t\t\t\t\"Config file\",\n\t\t\t\tDOTSEC_DEFAULT_CONFIG_FILE,\n\t\t\t],\n\n\t\t\tenvFile: envFileOption,\n\t\t\tsecFile: secFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\t},\n};\n\nexport default initCommandDefaults;\n", "import {\n\tenvFileOption,\n\tsecFileOption,\n\twithEnvOption,\n\twithSecOption,\n\tyesOption,\n} from \"./sharedOptions\";\nimport { DotSecCommandsDefaults } from \"./types\";\n\nconst pullCommandDefaults: DotSecCommandsDefaults = {\n\tpull: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\toptions: {\n\t\t\twithEnv: withEnvOption,\n\t\t\twithSec: withSecOption,\n\t\t\tenvFile: envFileOption,\n\t\t\tsecFile: secFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\t},\n};\n\nexport default pullCommandDefaults;\n", "import dotsecCommandDefaults from \"./dotsec\";\nimport {\n\tenvFileOption,\n\tsecFileOption,\n\twithEnvOption,\n\twithSecOption,\n\tyesOption,\n} from \"./sharedOptions\";\nimport { DotSecCommandsDefaults } from \"./types\";\n\nconst runCommandDefaults: DotSecCommandsDefaults = {\n\trunEnvOnly: {\n\t\tinheritsFrom: [\"dotsec\"],\n\t\tusage: \"[commandArgs...]\",\n\t\toptions: {\n\t\t\tenvFile: envFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\n\t\tdescription:\n\t\t\t\"Run a command in a separate process and populate env with contents of a dotenv file.\",\n\t\thelpText: `${\"Examples:\"}\n\n${\"Run a command with a .env file\"}\n\n$ dotsec run echo \"hello world\"\n\n\n${\"Run a command with a specific .env file\"}\n\n$ dotsec run --env-file .env.dev echo \"hello world\"\n\n${\"Run a command with a specific ENV_FILE variable\"}\n\n$ ENV_FILE=.env.dev dotsec run echo \"hello world\"\n\n`,\n\t},\n\trun: {\n\t\tinheritsFrom: [\"dotsec\"],\n\n\t\toptions: {\n\t\t\twithEnv: withEnvOption,\n\t\t\twithSec: withSecOption,\n\t\t\tenvFile: envFileOption,\n\t\t\tsecFile: secFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\n\t\tusage:\n\t\t\t\"[--with-env --env-file .env] [--with-sec --sec-file .sec] [commandArgs...]\",\n\t\tdescription: `Run a command in a separate process and populate env with either \n\t\t\t- contents of a dotenv file\n\t\t\t- decrypted values of a dotsec file.\n\nThe --withEnv option will take precedence over the --withSec option. If neither are specified, the --withEnv option will be used by default.`,\n\t\thelpText: `${\"Examples:\"}\n\n${\"Run a command with a .env file\"}\n\n$ dotsec run echo \"hello world\"\n\n\n${\"Run a command with a specific .env file\"}\n\n$ dotsec run --with-env --env-file .env.dev echo \"hello world\"\n\n\n${\"Run a command with a .sec file\"}\n\n$ dotsec run --with-sec echo \"hello world\"\n\n\n${\"Run a command with a specific .sec file\"}\n\n$ dotsec run --with-sec --sec-file .sec.dev echo \"hello world\"\n`,\n\t},\n\tpush: {\n\t\toptions: {\n\t\t\t...dotsecCommandDefaults.dotsec.options,\n\t\t\twithEnv: withEnvOption,\n\t\t\twithSec: withSecOption,\n\t\t\tenvFile: envFileOption,\n\t\t\tsecFile: secFileOption,\n\t\t\tyes: yesOption,\n\t\t},\n\t\trequiredOptions: {\n\t\t\t...dotsecCommandDefaults.dotsec.requiredOptions,\n\t\t},\n\t},\n};\n\nexport default runCommandDefaults;\n", "import { addPluginOptions } from \"../../lib/addPluginOptions\";\nimport {\n\tpromptOverwriteIfFileExists,\n\treadContentsFromFile,\n\twriteContentsToFile,\n} from \"../../lib/io\";\nimport { DecryptCommandOptions } from \"../../types\";\nimport { DotsecConfig } from \"../../types/config\";\nimport { DotsecCliPluginDecryptHandler } from \"../../types/plugin\";\nimport { strong } from \"../../utils/logging\";\nimport { setProgramOptions } from \"../options\";\nimport { Command } from \"commander\";\n\ntype Formats = {\n\tenv?: string;\n\tawsKeyAlias?: string;\n} & Record<string, unknown>;\n\nconst addEncryptProgram = async (\n\tprogram: Command,\n\toptions: {\n\t\tdotsecConfig: DotsecConfig;\n\t\tdecryptHandlers: DotsecCliPluginDecryptHandler[];\n\t},\n) => {\n\tconst { dotsecConfig, decryptHandlers } = options;\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"decrypt\")\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\ttry {\n\t\t\t\tconst {\n\t\t\t\t\t// verbose,\n\t\t\t\t\tenvFile,\n\t\t\t\t\tsecFile,\n\t\t\t\t\tengine,\n\t\t\t\t\tyes,\n\t\t\t\t} = command.optsWithGlobals<DecryptCommandOptions>();\n\n\t\t\t\tconst encryptionEngine =\n\t\t\t\t\tengine || dotsecConfig?.defaults?.encryptionEngine;\n\n\t\t\t\tconst pluginCliDecrypt = (decryptHandlers || []).find((handler) => {\n\t\t\t\t\treturn handler.triggerOptionValue === encryptionEngine;\n\t\t\t\t});\n\n\t\t\t\tif (!pluginCliDecrypt) {\n\t\t\t\t\tthrow new Error(\n\t\t\t\t\t\t`No decryption plugin found, available decryption engine(s): ${options.decryptHandlers\n\t\t\t\t\t\t\t.map((e) => `--${e.triggerOptionValue}`)\n\t\t\t\t\t\t\t.join(\", \")}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\tconsole.log(\n\t\t\t\t\t\"Decrypting with\",\n\t\t\t\t\tstrong(\n\t\t\t\t\t\tpluginCliDecrypt.encryptionEngineName ||\n\t\t\t\t\t\t\tpluginCliDecrypt.triggerOptionValue,\n\t\t\t\t\t),\n\t\t\t\t\t\"engine\",\n\t\t\t\t);\n\n\t\t\t\tconst allOptionKeys = [\n\t\t\t\t\t...Object.keys(pluginCliDecrypt.options || {}),\n\t\t\t\t\t...Object.keys(pluginCliDecrypt.requiredOptions || {}),\n\t\t\t\t];\n\n\t\t\t\tconst allOptionsValues = Object.fromEntries(\n\t\t\t\t\tallOptionKeys.map((key) => {\n\t\t\t\t\t\treturn [key, _options[key]];\n\t\t\t\t\t}),\n\t\t\t\t);\n\t\t\t\t// get current dot env file\n\t\t\t\tconst dotsecString = await readContentsFromFile(secFile);\n\n\t\t\t\tconst plaintext = await pluginCliDecrypt.handler({\n\t\t\t\t\tciphertext: dotsecString,\n\t\t\t\t\t...allOptionsValues,\n\t\t\t\t});\n\n\t\t\t\tconst dotenvOverwriteResponse = await promptOverwriteIfFileExists({\n\t\t\t\t\tfilePath: envFile,\n\t\t\t\t\tskip: yes,\n\t\t\t\t});\n\t\t\t\tif (\n\t\t\t\t\tdotenvOverwriteResponse === undefined ||\n\t\t\t\t\tdotenvOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(envFile, plaintext);\n\t\t\t\t\tconsole.log(\n\t\t\t\t\t\t`Wrote plaintext contents of ${strong(secFile)} file to ${strong(\n\t\t\t\t\t\t\tenvFile,\n\t\t\t\t\t\t)}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tconsole.error(strong(e.message));\n\t\t\t\tcommand.help();\n\t\t\t}\n\t\t});\n\n\toptions.decryptHandlers.map((decryption) => {\n\t\tconst { options, requiredOptions } = decryption;\n\t\taddPluginOptions(options, subProgram);\n\t\taddPluginOptions(requiredOptions, subProgram, true);\n\t});\n\n\tconst engines = options.decryptHandlers.map((e) => e.triggerOptionValue);\n\tsubProgram.option(\n\t\t\"--engine <engine>\",\n\t\t`Encryption engine${engines.length > 0 ? \"s\" : \"\"} to use: ${\n\t\t\tengines.length === 1 ? engines[0] : engines.join(\", \")\n\t\t}`,\n\t\tengines.length === 1 ? engines[0] : undefined,\n\t);\n\tsetProgramOptions({ program: subProgram, dotsecConfig });\n\n\treturn subProgram;\n};\n\nexport default addEncryptProgram;\n", "import { addPluginOptions } from \"../../lib/addPluginOptions\";\nimport {\n\tpromptOverwriteIfFileExists,\n\treadContentsFromFile,\n\twriteContentsToFile,\n} from \"../../lib/io\";\nimport { EncryptCommandOptions } from \"../../types\";\nimport { DotsecConfig } from \"../../types/config\";\nimport { DotsecCliPluginEncryptHandler } from \"../../types/plugin\";\nimport { strong } from \"../../utils/logging\";\nimport { setProgramOptions } from \"../options\";\nimport { Command } from \"commander\";\n\ntype Formats = {\n\tenv?: string;\n\tawsKeyAlias?: string;\n} & Record<string, unknown>;\n\nconst addEncryptProgram = async (\n\tprogram: Command,\n\toptions: {\n\t\tencryptHandlers: DotsecCliPluginEncryptHandler[];\n\t\tdotsecConfig: DotsecConfig;\n\t},\n) => {\n\tconst { encryptHandlers, dotsecConfig } = options;\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"encrypt\")\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\ttry {\n\t\t\t\tconst {\n\t\t\t\t\t// verbose,\n\t\t\t\t\tenvFile,\n\t\t\t\t\tsecFile,\n\t\t\t\t\tengine,\n\t\t\t\t\tyes,\n\t\t\t\t} = command.optsWithGlobals<EncryptCommandOptions>();\n\n\t\t\t\tconst encryptionEngine =\n\t\t\t\t\tengine || dotsecConfig?.defaults?.encryptionEngine;\n\t\t\t\tconst pluginCliEncrypt = (encryptHandlers || []).find((handler) => {\n\t\t\t\t\treturn handler.triggerOptionValue === encryptionEngine;\n\t\t\t\t});\n\n\t\t\t\tif (!pluginCliEncrypt) {\n\t\t\t\t\tthrow new Error(\n\t\t\t\t\t\t`No encryption plugin found, available encryption engine(s): ${options.encryptHandlers\n\t\t\t\t\t\t\t.map((e) => e.triggerOptionValue)\n\t\t\t\t\t\t\t.join(\", \")}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\tconsole.log(\n\t\t\t\t\t\"Encrypting with\",\n\t\t\t\t\tstrong(\n\t\t\t\t\t\tpluginCliEncrypt.encryptionEngineName ||\n\t\t\t\t\t\t\tpluginCliEncrypt.triggerOptionValue,\n\t\t\t\t\t),\n\t\t\t\t\t\"engine\",\n\t\t\t\t);\n\t\t\t\tconst allOptionKeys = [\n\t\t\t\t\t...Object.keys(pluginCliEncrypt.options || {}),\n\t\t\t\t\t...Object.keys(pluginCliEncrypt.requiredOptions || {}),\n\t\t\t\t];\n\n\t\t\t\tconst allOptionsValues = Object.fromEntries(\n\t\t\t\t\tallOptionKeys.map((key) => {\n\t\t\t\t\t\treturn [key, _options[key]];\n\t\t\t\t\t}),\n\t\t\t\t);\n\n\t\t\t\tconst dotenvString = await readContentsFromFile(envFile);\n\n\t\t\t\tconst cipherText = await pluginCliEncrypt.handler({\n\t\t\t\t\tplaintext: dotenvString,\n\t\t\t\t\t...allOptionsValues,\n\t\t\t\t});\n\n\t\t\t\tconst dotsecOverwriteResponse = await promptOverwriteIfFileExists({\n\t\t\t\t\tfilePath: secFile,\n\t\t\t\t\tskip: yes,\n\t\t\t\t});\n\t\t\t\tif (\n\t\t\t\t\tdotsecOverwriteResponse === undefined ||\n\t\t\t\t\tdotsecOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(secFile, cipherText);\n\t\t\t\t\tconsole.log(\n\t\t\t\t\t\t`Wrote encrypted contents of ${strong(envFile)} file to ${strong(\n\t\t\t\t\t\t\tsecFile,\n\t\t\t\t\t\t)}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tconsole.error(strong(e.message));\n\t\t\t\tcommand.help();\n\t\t\t}\n\t\t});\n\n\toptions.encryptHandlers.map((encryptionHandler) => {\n\t\tconst { options, requiredOptions } = encryptionHandler;\n\t\taddPluginOptions(options, subProgram);\n\t\taddPluginOptions(requiredOptions, subProgram, true);\n\t});\n\tconst engines = options.encryptHandlers.map((e) => e.triggerOptionValue);\n\tconst encryptionEngineNames = options.encryptHandlers.map(\n\t\t(e) => e.encryptionEngineName,\n\t);\n\n\tsubProgram.option(\n\t\t\"--engine <engine>\",\n\t\t`Encryption engine${engines.length > 0 ? \"s\" : \"\"}: ${\n\t\t\tengines.length === 1 ? engines[0] : engines.join(\", \")\n\t\t}`,\n\t);\n\tsetProgramOptions({ program: subProgram, dotsecConfig });\n\tsubProgram.description(\n\t\t`Encrypt .env file using ${encryptionEngineNames.join(\", \")}`,\n\t);\n\treturn subProgram;\n};\n\nexport default addEncryptProgram;\n", "import fs from \"node:fs\";\nimport * as ts from \"typescript\";\n\nexport const patchConfigFile = (options: {\n\tconfigFile: string;\n\tconfig?: {\n\t\taws?: {\n\t\t\tregion?: string;\n\t\t\tkms?: {\n\t\t\t\tkeyAlias?: string;\n\t\t\t};\n\t\t};\n\t};\n}) => {\n\tconst printer: ts.Printer = ts.createPrinter();\n\tconst source = fs.readFileSync(options.configFile, \"utf8\");\n\n\tconst transformer =\n\t\t<T extends ts.Node>(context: ts.TransformationContext) =>\n\t\t(rootNode: T) => {\n\t\t\tfunction visit(node: ts.Node): ts.Node {\n\t\t\t\tnode = ts.visitEachChild(node, visit, context);\n\t\t\t\tif (node.kind === ts.SyntaxKind.StringLiteral) {\n\t\t\t\t\tconst kmsNode = node?.parent?.parent?.parent;\n\t\t\t\t\tif (options.config?.aws?.kms?.keyAlias) {\n\t\t\t\t\t\tif (kmsNode?.getChildAt(0)?.getText() === \"kms\") {\n\t\t\t\t\t\t\tconst awsNode = kmsNode?.parent?.parent;\n\t\t\t\t\t\t\tif (awsNode?.getChildAt(0).getText() === \"aws\") {\n\t\t\t\t\t\t\t\treturn ts.createStringLiteral(\n\t\t\t\t\t\t\t\t\toptions.config?.aws?.kms?.keyAlias,\n\t\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (options.config?.aws?.region) {\n\t\t\t\t\t\tif (node?.parent?.getChildAt(0)?.getText() === \"region\") {\n\t\t\t\t\t\t\tconst awsNode = node?.parent?.parent?.parent;\n\n\t\t\t\t\t\t\t// const awsNode = kmsNode?.parent?.parent;\n\t\t\t\t\t\t\tif (awsNode?.getChildAt(0).getText() === \"aws\") {\n\t\t\t\t\t\t\t\treturn ts.createStringLiteral(options.config?.aws?.region);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\treturn node;\n\t\t\t}\n\t\t\treturn ts.visitNode(rootNode, visit);\n\t\t};\n\n\tconst sourceFile: ts.SourceFile = ts.createSourceFile(\n\t\t\"test.ts\",\n\t\tsource,\n\t\tts.ScriptTarget.ES2015,\n\t\ttrue,\n\t\tts.ScriptKind.TS,\n\t);\n\n\t// Options may be passed to transform\n\tconst result: ts.TransformationResult<ts.SourceFile> =\n\t\tts.transform<ts.SourceFile>(sourceFile, [transformer]);\n\n\tconst transformedSourceFile: ts.SourceFile = result.transformed[0];\n\n\tconst transformedSource = printer.printFile(transformedSourceFile);\n\tresult.dispose();\n\n\treturn transformedSource;\n};\n", "import { promptOverwriteIfFileExists, writeContentsToFile } from \"../../lib/io\";\nimport { DotsecConfig, InitCommandOptions } from \"../../types\";\nimport { Command } from \"commander\";\n\nimport { patchConfigFile } from \"../../lib/transformer\";\nimport { strong } from \"../../utils/logging\";\nimport { setProgramOptions } from \"../options\";\nimport path from \"node:path\";\ntype Formats = {\n\tenv?: string;\n\tawsKeyAlias?: string;\n};\n\nconst addInitProgram = async (\n\tprogram: Command,\n\toptions: { dotsecConfig: DotsecConfig },\n) => {\n\tconst { dotsecConfig } = options;\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"init\")\n\t\t.action(async (_options: Formats, command: Command) => {\n\t\t\tconst { configFile, yes } = command.optsWithGlobals<InitCommandOptions>();\n\n\t\t\ttry {\n\t\t\t\tconst patchedConfigTemplate = patchConfigFile({\n\t\t\t\t\tconfigFile: path.resolve(\n\t\t\t\t\t\t__dirname,\n\t\t\t\t\t\t\"../../src/templates/dotsec.config.ts\",\n\t\t\t\t\t),\n\t\t\t\t});\n\t\t\t\tconst dotsecConfigOverwriteResponse = await promptOverwriteIfFileExists(\n\t\t\t\t\t{\n\t\t\t\t\t\tfilePath: configFile,\n\t\t\t\t\t\tskip: yes,\n\t\t\t\t\t},\n\t\t\t\t);\n\t\t\t\tif (\n\t\t\t\t\tdotsecConfigOverwriteResponse === undefined ||\n\t\t\t\t\tdotsecConfigOverwriteResponse.overwrite === true\n\t\t\t\t) {\n\t\t\t\t\tawait writeContentsToFile(configFile, patchedConfigTemplate);\n\t\t\t\t\tconsole.log(`Wrote config file to ${strong(configFile)}`);\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tcommand.error(e);\n\t\t\t}\n\t\t});\n\n\tsetProgramOptions({ program: subProgram, dotsecConfig });\n\n\treturn subProgram;\n};\n\nexport default addInitProgram;\n", "import { PushCommandOptions } from \"../../types\";\nimport { DotsecConfig } from \"../../types/config\";\nimport {\n\tDotsecCliPluginDecryptHandler,\n\tDotsecCliPluginPushHandler,\n} from \"../../types/plugin\";\nimport { setProgramOptions } from \"../options\";\nimport { Command } from \"commander\";\nimport { parse } from \"dotenv\";\nimport { expand } from \"dotenv-expand\";\nimport fs from \"node:fs\";\n\n/**\n * Decrypts, and pushes the contents of a .env file to AWS SSM, AWS Secrets Manager or GitHub Actions Secrets\n * @date 12/7/2022 - 9:16:48 AM\n *\n * @async\n * @param {Command} program\n * @returns {unknown}\n */\nconst addPushProgram = async (\n\tprogram: Command,\n\toptions: {\n\t\tdotsecConfig: DotsecConfig;\n\t\thandlers: {\n\t\t\tpush: DotsecCliPluginPushHandler;\n\t\t\tdecrypt: DotsecCliPluginDecryptHandler;\n\t\t}[];\n\t},\n) => {\n\tconst { dotsecConfig, handlers } = options;\n\n\tconst subProgram = program\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.command(\"push\")\n\t\t.action(async (_options: Record<string, string>, command: Command) => {\n\t\t\ttry {\n\t\t\t\tconst {\n\t\t\t\t\t// verbose,\n\t\t\t\t\tenvFile,\n\t\t\t\t\tsecFile,\n\t\t\t\t\twithEnv,\n\t\t\t\t\twithSec,\n\t\t\t\t\tengine,\n\t\t\t\t\tyes,\n\t\t\t\t} = command.optsWithGlobals<PushCommandOptions>();\n\n\t\t\t\tconst encryptionEngine =\n\t\t\t\t\tengine || dotsecConfig?.defaults?.encryptionEngine;\n\n\t\t\t\tconst pluginCliDecrypt = (handlers || []).find((handler) => {\n\t\t\t\t\treturn handler.decrypt?.triggerOptionValue === encryptionEngine;\n\t\t\t\t})?.decrypt;\n\n\t\t\t\tconst pluginCliPush = (handlers || []).find((handler) => {\n\t\t\t\t\treturn handler.push?.triggerOptionValue === encryptionEngine;\n\t\t\t\t})?.push;\n\n\t\t\t\tif (!pluginCliPush) {\n\t\t\t\t\tthrow new Error(\"No push plugin found!\");\n\t\t\t\t}\n\n\t\t\t\tconst allOptionKeys = [\n\t\t\t\t\t...Object.keys(pluginCliDecrypt?.options || {}),\n\t\t\t\t\t...Object.keys(pluginCliDecrypt?.requiredOptions || {}),\n\t\t\t\t\t...Object.keys(pluginCliPush?.options || {}),\n\t\t\t\t\t...Object.keys(pluginCliPush?.requiredOptions || {}),\n\t\t\t\t];\n\n\t\t\t\tconst allOptionsValues = Object.fromEntries(\n\t\t\t\t\tallOptionKeys.map((key) => {\n\t\t\t\t\t\treturn [key, _options[key]];\n\t\t\t\t\t}),\n\t\t\t\t);\n\n\t\t\t\tif (withEnv && withSec) {\n\t\t\t\t\tthrow new Error(\"Cannot use both --with-env and --with-sec\");\n\t\t\t\t}\n\n\t\t\t\tlet envContents: string | undefined;\n\n\t\t\t\tif (withEnv || !(withEnv || withSec)) {\n\t\t\t\t\tif (!envFile) {\n\t\t\t\t\t\tthrow new Error(\"No dotenv file specified in --env-file option\");\n\t\t\t\t\t}\n\t\t\t\t\tenvContents = fs.readFileSync(envFile, \"utf8\");\n\t\t\t\t} else if (withSec) {\n\t\t\t\t\tif (!secFile) {\n\t\t\t\t\t\tthrow new Error(\"No dotsec file specified in --sec-file option\");\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!pluginCliDecrypt) {\n\t\t\t\t\t\tthrow new Error(\n\t\t\t\t\t\t\t`No decryption plugin found, available decryption engine(s): ${handlers\n\t\t\t\t\t\t\t\t.map((e) => `--${e.decrypt?.triggerOptionValue}`)\n\t\t\t\t\t\t\t\t.join(\", \")}`,\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst dotSecContents = fs.readFileSync(secFile, \"utf8\");\n\t\t\t\t\tenvContents = await pluginCliDecrypt.handler({\n\t\t\t\t\t\tciphertext: dotSecContents,\n\t\t\t\t\t\t...allOptionsValues,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t\tif (envContents) {\n\t\t\t\t\t// convert to object\n\t\t\t\t\tconst dotenvVars = parse(envContents);\n\t\t\t\t\t// expand env vars\n\t\t\t\t\tconst expandedEnvVars = expand({\n\t\t\t\t\t\tignoreProcessEnv: true,\n\t\t\t\t\t\tparsed: {\n\t\t\t\t\t\t\t// add standard env variables\n\t\t\t\t\t\t\t...(process.env as Record<string, string>),\n\t\t\t\t\t\t\t// add custom env variables, either from .env or .sec, (or empty object if none)\n\t\t\t\t\t\t\t...dotenvVars,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\tif (expandedEnvVars.parsed) {\n\t\t\t\t\t\tawait pluginCliPush.handler({\n\t\t\t\t\t\t\tpush: expandedEnvVars.parsed,\n\t\t\t\t\t\t\tyes,\n\t\t\t\t\t\t\t...allOptionsValues,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\tthrow new Error(\"No .env or .sec file provided\");\n\t\t\t\t}\n\t\t\t} catch (e) {\n\t\t\t\tconsole.error(e);\n\t\t\t\tprocess.exit(1);\n\t\t\t}\n\t\t});\n\n\tsetProgramOptions({ program: subProgram, dotsecConfig });\n\n\treturn subProgram;\n};\n\nexport default addPushProgram;\n", "import fs from \"node:fs\";\n\nimport { Command } from \"commander\";\nimport { parse } from \"dotenv\";\nimport { expand } from \"dotenv-expand\";\n\nimport { addPluginOptions } from \"../../lib/addPluginOptions\";\nimport { RunCommandOptions } from \"../../types\";\nimport { DotsecConfig } from \"../../types/config\";\nimport { DotsecCliPluginDecryptHandler } from \"../../types/plugin\";\nimport { strong } from \"../../utils/logging\";\nimport { setProgramOptions } from \"../options\";\nimport { spawnSync } from \"node:child_process\";\nconst addRunProgam = (\n\tprogram: Command,\n\toptions: {\n\t\tdotsecConfig: DotsecConfig;\n\t\tdecryptHandlers?: DotsecCliPluginDecryptHandler[];\n\t},\n) => {\n\tconst { dotsecConfig, decryptHandlers } = options || {};\n\n\t// is there an encryption engine?\n\tconst hasDecryptEngine =\n\t\tdecryptHandlers !== undefined && decryptHandlers.length > 0;\n\n\tconst subProgram = program\n\t\t.command(\"run <command...>\")\n\t\t.allowUnknownOption(true)\n\t\t.enablePositionalOptions()\n\t\t.passThroughOptions()\n\t\t.showHelpAfterError(true)\n\t\t.action(\n\t\t\tasync (\n\t\t\t\tcommands: string[],\n\t\t\t\t_options: Record<string, string>,\n\t\t\t\tcommand: Command,\n\t\t\t) => {\n\t\t\t\ttry {\n\t\t\t\t\tconst { envFile, secFile, withEnv, withSec, engine } =\n\t\t\t\t\t\tcommand.optsWithGlobals<RunCommandOptions>();\n\t\t\t\t\tif (withEnv && withSec) {\n\t\t\t\t\t\tthrow new Error(\"Cannot use both --with-env and --with-sec\");\n\t\t\t\t\t}\n\n\t\t\t\t\tlet envContents: string | undefined;\n\n\t\t\t\t\tif (withEnv || !(withEnv || withSec) || hasDecryptEngine === false) {\n\t\t\t\t\t\tif (!envFile) {\n\t\t\t\t\t\t\tthrow new Error(\"No dotenv file specified in --env-file option\");\n\t\t\t\t\t\t}\n\t\t\t\t\t\tenvContents = fs.readFileSync(envFile, \"utf8\");\n\t\t\t\t\t} else if (withSec) {\n\t\t\t\t\t\tif (!secFile) {\n\t\t\t\t\t\t\tthrow new Error(\"No dotsec file specified in --sec-file option\");\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tconst encryptionEngine =\n\t\t\t\t\t\t\tengine || dotsecConfig?.defaults?.encryptionEngine;\n\n\t\t\t\t\t\tconst pluginCliDecrypt = (decryptHandlers || []).find((handler) => {\n\t\t\t\t\t\t\treturn handler.triggerOptionValue === encryptionEngine;\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tif (!pluginCliDecrypt) {\n\t\t\t\t\t\t\tthrow new Error(\n\t\t\t\t\t\t\t\t`No decryption plugin found, available decryption engine(s): ${(\n\t\t\t\t\t\t\t\t\tdecryptHandlers || []\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\t.map((e) => `--${e.triggerOptionValue}`)\n\t\t\t\t\t\t\t\t\t.join(\", \")}`,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\tconst allOptionKeys = [\n\t\t\t\t\t\t\t...Object.keys(pluginCliDecrypt.options || {}),\n\t\t\t\t\t\t\t...Object.keys(pluginCliDecrypt.requiredOptions || {}),\n\t\t\t\t\t\t];\n\n\t\t\t\t\t\tconst allOptionsValues = Object.fromEntries(\n\t\t\t\t\t\t\tallOptionKeys.map((key) => {\n\t\t\t\t\t\t\t\treturn [key, _options[key]];\n\t\t\t\t\t\t\t}),\n\t\t\t\t\t\t);\n\n\t\t\t\t\t\tconst dotSecContents = fs.readFileSync(secFile, \"utf8\");\n\t\t\t\t\t\tenvContents = await pluginCliDecrypt.handler({\n\t\t\t\t\t\t\tciphertext: dotSecContents,\n\t\t\t\t\t\t\t...allOptionsValues,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t\tif (envContents) {\n\t\t\t\t\t\tconst dotenvVars = parse(envContents);\n\t\t\t\t\t\t// expand env vars\n\t\t\t\t\t\tconst expandedEnvVars = expand({\n\t\t\t\t\t\t\tignoreProcessEnv: true,\n\t\t\t\t\t\t\tparsed: {\n\t\t\t\t\t\t\t\t// add standard env variables\n\t\t\t\t\t\t\t\t...(process.env as Record<string, string>),\n\t\t\t\t\t\t\t\t// add custom env variables, either from .env or .sec, (or empty object if none)\n\t\t\t\t\t\t\t\t...dotenvVars,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tconst [userCommand, ...userCommandArgs] = commands;\n\t\t\t\t\t\tconst spawn = spawnSync(userCommand, [...userCommandArgs], {\n\t\t\t\t\t\t\tstdio: \"inherit\",\n\t\t\t\t\t\t\tshell: false,\n\t\t\t\t\t\t\tencoding: \"utf-8\",\n\t\t\t\t\t\t\tenv: {\n\t\t\t\t\t\t\t\t...expandedEnvVars.parsed,\n\t\t\t\t\t\t\t\t...process.env,\n\t\t\t\t\t\t\t\t__DOTSEC_ENV__: JSON.stringify(Object.keys(dotenvVars)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tif (spawn.status !== 0) {\n\t\t\t\t\t\t\tprocess.exit(spawn.status || 1);\n\t\t\t\t\t\t}\n\t\t\t\t\t} else {\n\t\t\t\t\t\tthrow new Error(\"No .env or .sec file provided\");\n\t\t\t\t\t}\n\t\t\t\t} catch (e) {\n\t\t\t\t\tconsole.error(strong(e.message));\n\t\t\t\t\tcommand.help();\n\t\t\t\t}\n\t\t\t},\n\t\t);\n\n\tsetProgramOptions({\n\t\tprogram: subProgram,\n\t\tcommandName: hasDecryptEngine ? \"run\" : \"runEnvOnly\",\n\t\tdotsecConfig,\n\t});\n\n\tif (hasDecryptEngine) {\n\t\tdecryptHandlers?.map((run) => {\n\t\t\tconst { options, requiredOptions } = run;\n\t\t\taddPluginOptions(options, subProgram);\n\t\t\taddPluginOptions(requiredOptions, subProgram, true);\n\t\t});\n\t\tconst engines = decryptHandlers?.map((e) => e.triggerOptionValue);\n\n\t\tsubProgram.option(\n\t\t\t\"--engine <engine>\",\n\t\t\t`Encryption engine${engines.length > 0 ? \"s\" : \"\"}: ${\n\t\t\t\t(engines.join(\", \"), engines.length === 1 ? engines[0] : undefined)\n\t\t\t}`,\n\t\t\t// engines.length === 1 ? engines[0] : undefined,\n\t\t);\n\t}\n\treturn subProgram;\n};\n\nexport default addRunProgam;\n"],
5
+ "mappings": "oqCAAA,qCCEO,GAAM,GAA6B,mBAC7B,GAAsB,CAAC,GACvB,EAAiC,OACjC,EAAiC,OACjC,EAA8B,GCN3C,mBACA,0BAUO,YAAoB,EAAc,CACxC,GAAI,CACH,MAAO,IAAI,UAAS,UAAU,EAAK,iBAClC,CAGD,MAAO,IAYF,GAAM,IAAW,KAAO,IAAqB,CACnD,GAAI,CACH,MAAO,IAAW,KAAM,IAAG,SAAS,SAAS,EAAU,eAC/C,EAAP,CACD,KAAI,aAAiB,OACd,GAAI,OACT,mBAAmB,GAAK,SAAS,QAAQ,MAAO,OAC/C,EAAM,WAIF,ICpCT,gDACA,uBACA,qBAEO,GAAM,IAAmB,KAC/B,IACoC,CAVrC,YAWC,GAAM,GAAM,QAAQ,MAEd,EAAa,KAAM,AADJ,IAAI,MACa,QAAQ,CAC7C,MAAO,EAAW,CAAC,GAAY,CAAC,GAAG,GAAqB,gBACxD,MACA,QAAS,GAAK,MAAM,GAAK,KACzB,WAAY,WAEb,GAAI,GAAY,IAAe,KAC9B,KAAM,IAAI,OAAM,8BAA8B,KAE/C,GAAI,GACH,GAAI,EAAW,SAAS,SAAU,CACjC,GAAM,GAAW,KAAM,IAAS,GAE5B,EAEJ,MACC,GAAW,SAAS,iBACnB,EAA8C,SAAW,OAE1D,EAAQ,EAA8C,OAEtD,EAAO,EAGD,CACN,OAAQ,OACR,SAAU,SACN,GACA,GAFM,CAGT,SAAU,SACN,iBAAM,UACN,EAAc,UAFR,CAGT,QAAS,OACL,oBAAM,WAAN,cAAgB,SAChB,KAAc,WAAd,cAAwB,WAG7B,KAAM,KACF,iBAAM,iBAIF,EAAW,SAAS,OAAQ,CACtC,GAAM,GAAsB,KAAM,IAAc,CAC/C,SAAU,IAEL,EAAQ,EAAoB,IAAI,QACrC,EAAoB,IAAI,SACxB,EAAoB,IAErB,MAAO,CACN,OAAQ,KACR,SAAU,SACN,GACA,GAFM,CAGT,SAAU,SACN,iBAAM,UACN,EAAc,UAFR,CAGT,QAAS,OACL,oBAAM,WAAN,cAAgB,SAChB,KAAc,WAAd,cAAwB,WAG7B,KAAM,KACF,iBAAM,UAOd,MAAO,CAAE,OAAQ,gBAAiB,SAAU,IClFtC,GAAM,GAAmB,KAAO,IAG/B,2BAAO,GAAP,EAAO,EAAQ,QAAM,KAAK,AAAC,GAC1B,EAAS,SCLlB,oCAEO,GAAM,GAAmB,CAC/B,EAKA,EACA,IACI,CACJ,AAAI,GACH,OAAO,OAAO,GAAS,IAAI,AAAC,GAAW,CACtC,GAAI,GAUJ,GAAI,MAAM,QAAQ,GAAS,CAC1B,GAAM,CAAC,EAAO,EAAa,GAAgB,EAC3C,EAAc,CACb,QACA,cACA,oBAEK,CACN,GAAM,CAAE,QAAO,cAAa,eAAc,MAAK,MAAO,EACtD,EAAc,CACb,QACA,cACA,eACA,MACA,MAIF,GAAI,EAAa,CAChB,GAAM,GAAY,GAAI,IACrB,EAAY,MACZ,EAAY,aAEb,AAAI,EAAY,IACf,EAAU,UAAU,EAAY,IAE7B,EAAY,cACf,EAAU,QAAQ,EAAY,cAE3B,EAAY,KACf,EAAU,IAAI,EAAY,KAEvB,GACH,EAAU,oBAAoB,IAE/B,EAAQ,UAAU,OC3DtB,6CACA,0BACA,wBAEO,GAAM,GAAuB,KACnC,IAEO,KAAM,IAAG,SAAS,EAAU,SAGvB,EAAsB,MAClC,EACA,IAEO,KAAM,IAAG,UAAU,EAAU,EAAU,SAGlC,GAAa,KAAO,IAAqC,CACrE,GAAI,CACH,YAAM,IAAK,GACJ,QACN,CACD,MAAO,KAII,EAA8B,MAAO,CACjD,WACA,UAIK,CACL,GAAI,GAEJ,MAAK,MAAM,IAAW,IAAc,IAAS,GAC5C,EAAoB,KAAM,IAAQ,CACjC,KAAM,UACN,KAAM,YACN,QAAS,IACD,gBAAgB,GAAK,SAAS,QAAQ,MAAO,UAItD,EAAoB,OAEd,GC9CR,sBACA,GAAO,IAAQ,EAAQ,aAehB,GAAM,GAAS,AAAC,GAAwB,GAAM,OAAO,KAAK,GCfjE,oCCKO,GAAM,GAAuC,CACnD,OAAQ,CACP,uBACA,+HAA+H,gCAC/H,GAED,IAAK,YAEO,EAAuC,CACnD,OAAQ,CACP,wBACA,+HAA+H,gCAC/H,GAED,IAAK,YAGO,EAAuC,CACnD,OAAQ,CAAC,wBAAyB,qCAGtB,EAAuC,CACnD,OAAQ,CAAC,wBAAyB,mCAGtB,EAAmC,CAC/C,OAAQ,CAAC,QAAS,8BC7BnB,GAAM,IAAiD,CACtD,QAAS,CACR,aAAc,CAAC,UACf,QAAS,CACR,QAAS,EACT,QAAS,EACT,IAAK,KAKD,GAAQ,GCXf,GAAM,IAAgD,CACrD,OAAQ,CACP,QAAS,CACR,QAAS,CAAC,YAAa,iBAAkB,IACzC,WAAY,CACX,+CACA,cACA,GAED,OAAQ,CAAC,oBAAqB,6CAK1B,EAAQ,GCdf,GAAM,IAAiD,CACtD,QAAS,CACR,aAAc,CAAC,UACf,QAAS,CACR,QAAS,EACT,QAAS,EACT,IAAK,KAKD,GAAQ,GCVf,GAAM,IAA8C,CACnD,KAAM,CACL,QAAS,CACR,QAAS,CAAC,YAAa,iBAAkB,IACzC,WAAY,CACX,+CACA,cACA,GAGD,QAAS,EACT,QAAS,EACT,IAAK,KAKD,GAAQ,GCZf,GAAM,IAA8C,CACnD,KAAM,CACL,aAAc,CAAC,UACf,QAAS,CACR,QAAS,EACT,QAAS,EACT,QAAS,EACT,QAAS,EACT,IAAK,KAKD,EAAQ,GCZf,GAAM,IAA6C,CAClD,WAAY,CACX,aAAc,CAAC,UACf,MAAO,mBACP,QAAS,CACR,QAAS,EACT,IAAK,GAGN,YACC,uFACD,SAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,GAiBX,IAAK,CACJ,aAAc,CAAC,UAEf,QAAS,CACR,QAAS,EACT,QAAS,EACT,QAAS,EACT,QAAS,EACT,IAAK,GAGN,MACC,6EACD,YAAa;AAAA;AAAA;AAAA;AAAA,8IAKb,SAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,GAsBX,KAAM,CACL,QAAS,OACL,EAAsB,OAAO,SADxB,CAER,QAAS,EACT,QAAS,EACT,QAAS,EACT,QAAS,EACT,IAAK,IAEN,gBAAiB,KACb,EAAsB,OAAO,mBAK5B,GAAQ,GP3ER,GAAM,IAAyC,iBAClD,GACA,IACA,IACA,IACA,IACA,GACA,GAwCJ,GAAM,IAAsB,AAC3B,GAEI,MAAM,QAAQ,GACV,CACN,OAAQ,GAGF,EAIH,GAAe,CACpB,EACA,IAKY,CApFb,UAqFC,GAAM,GAAwB,GAAoB,GAC5C,CAAC,EAAQ,EAAa,GAAgB,EAAsB,OAC5D,EACL,0BAAS,eAAT,cAAuB,WAAvB,cAAiC,UAAjC,cAA2C,iBAAS,WAE/C,EAAY,GAAI,IACrB,EACA,EACE,GAA+B,yBAA2B,KAE7D,MAAI,IACH,EAAU,QAAQ,GAAgC,GAE/C,EAAsB,KACzB,EAAU,IAAI,EAAsB,KAEjC,kBAAS,WACZ,EAAU,oBAAoB,IAExB,GAEK,EAAoB,AAAC,GAI5B,CACL,GAAM,CAAE,UAAS,cAAa,gBAAiB,EACzC,EAAiB,GAAe,GAAe,EAAQ,QAE7D,GAAI,EAAgB,CACnB,GAAM,CAAE,UAAS,kBAAiB,cAAa,QAAO,YACrD,EACD,AAAI,GACH,OAAO,KAAK,GAAS,QAAQ,AAAC,GAAc,CAC3C,GAAM,GAAgB,EAAQ,GACxB,EAAY,GAAa,EAAe,CAC7C,eACA,cAGD,EAAQ,UAAU,KAGhB,GACH,OAAO,KAAK,GAAiB,QAAQ,AAAC,GAAsB,CAC3D,GAAM,GAAiB,EAAgB,GACjC,EAAY,GAAa,EAAgB,CAC9C,SAAU,GACV,eACA,UAAW,IAGZ,EAAQ,UAAU,KAGhB,GACH,EAAQ,YAAY,GAEjB,GACH,EAAQ,YAAY,GAEjB,GACH,EAAQ,YAAY,KQjIvB,GAAM,IAAoB,MACzB,EACA,IAII,CACJ,GAAM,CAAE,eAAc,mBAAoB,EACpC,EAAa,EACjB,0BACA,qBACA,QAAQ,WACR,OAAO,MAAO,EAAmB,IAAqB,CA9BzD,MA+BG,GAAI,CACH,GAAM,CAEL,UACA,UACA,SACA,OACG,EAAQ,kBAEN,EACL,GAAU,qBAAc,WAAd,cAAwB,kBAE7B,EAAoB,IAAmB,IAAI,KAAK,AAAC,GAC/C,EAAQ,qBAAuB,GAGvC,GAAI,CAAC,EACJ,KAAM,IAAI,OACT,+DAA+D,EAAQ,gBACrE,IAAI,AAAC,GAAM,KAAK,EAAE,sBAClB,KAAK,SAIT,QAAQ,IACP,kBACA,EACC,EAAiB,sBAChB,EAAiB,oBAEnB,UAGD,GAAM,GAAgB,CACrB,GAAG,OAAO,KAAK,EAAiB,SAAW,IAC3C,GAAG,OAAO,KAAK,EAAiB,iBAAmB,KAG9C,EAAmB,OAAO,YAC/B,EAAc,IAAI,AAAC,GACX,CAAC,EAAK,EAAS,MAIlB,EAAe,KAAM,GAAqB,GAE1C,EAAY,KAAM,GAAiB,QAAQ,GAChD,WAAY,GACT,IAGE,EAA0B,KAAM,GAA4B,CACjE,SAAU,EACV,KAAM,IAEP,AACC,KAA4B,QAC5B,EAAwB,YAAc,KAEtC,MAAM,GAAoB,EAAS,GACnC,QAAQ,IACP,+BAA+B,EAAO,cAAoB,EACzD,aAIK,EAAP,CACD,QAAQ,MAAM,EAAO,EAAE,UACvB,EAAQ,UAIX,EAAQ,gBAAgB,IAAI,AAAC,GAAe,CAC3C,GAAM,CAAE,UAAS,mBAAoB,EACrC,EAAiB,EAAS,GAC1B,EAAiB,EAAiB,EAAY,MAG/C,GAAM,GAAU,EAAQ,gBAAgB,IAAI,AAAC,GAAM,EAAE,oBACrD,SAAW,OACV,oBACA,oBAAoB,EAAQ,OAAS,EAAI,IAAM,cAC9C,EAAQ,SAAW,EAAI,EAAQ,GAAK,EAAQ,KAAK,QAElD,EAAQ,SAAW,EAAI,EAAQ,GAAK,QAErC,EAAkB,CAAE,QAAS,EAAY,iBAElC,GAGD,GAAQ,GCxGf,GAAM,IAAoB,MACzB,EACA,IAII,CACJ,GAAM,CAAE,kBAAiB,gBAAiB,EACpC,EAAa,EACjB,0BACA,qBACA,QAAQ,WACR,OAAO,MAAO,EAAmB,IAAqB,CA9BzD,MA+BG,GAAI,CACH,GAAM,CAEL,UACA,UACA,SACA,OACG,EAAQ,kBAEN,EACL,GAAU,qBAAc,WAAd,cAAwB,kBAC7B,EAAoB,IAAmB,IAAI,KAAK,AAAC,GAC/C,EAAQ,qBAAuB,GAGvC,GAAI,CAAC,EACJ,KAAM,IAAI,OACT,+DAA+D,EAAQ,gBACrE,IAAI,AAAC,GAAM,EAAE,oBACb,KAAK,SAIT,QAAQ,IACP,kBACA,EACC,EAAiB,sBAChB,EAAiB,oBAEnB,UAED,GAAM,GAAgB,CACrB,GAAG,OAAO,KAAK,EAAiB,SAAW,IAC3C,GAAG,OAAO,KAAK,EAAiB,iBAAmB,KAG9C,EAAmB,OAAO,YAC/B,EAAc,IAAI,AAAC,GACX,CAAC,EAAK,EAAS,MAIlB,EAAe,KAAM,GAAqB,GAE1C,EAAa,KAAM,GAAiB,QAAQ,GACjD,UAAW,GACR,IAGE,EAA0B,KAAM,GAA4B,CACjE,SAAU,EACV,KAAM,IAEP,AACC,KAA4B,QAC5B,EAAwB,YAAc,KAEtC,MAAM,GAAoB,EAAS,GACnC,QAAQ,IACP,+BAA+B,EAAO,cAAoB,EACzD,aAIK,EAAP,CACD,QAAQ,MAAM,EAAO,EAAE,UACvB,EAAQ,UAIX,EAAQ,gBAAgB,IAAI,AAAC,GAAsB,CAClD,GAAM,CAAE,UAAS,mBAAoB,EACrC,EAAiB,EAAS,GAC1B,EAAiB,EAAiB,EAAY,MAE/C,GAAM,GAAU,EAAQ,gBAAgB,IAAI,AAAC,GAAM,EAAE,oBAC/C,EAAwB,EAAQ,gBAAgB,IACrD,AAAC,GAAM,EAAE,sBAGV,SAAW,OACV,oBACA,oBAAoB,EAAQ,OAAS,EAAI,IAAM,OAC9C,EAAQ,SAAW,EAAI,EAAQ,GAAK,EAAQ,KAAK,SAGnD,EAAkB,CAAE,QAAS,EAAY,iBACzC,EAAW,YACV,2BAA2B,EAAsB,KAAK,SAEhD,GAGD,GAAQ,GC5Hf,wBACA,uMAEO,GAAM,IAAkB,AAAC,GAU1B,CACL,GAAM,GAAsB,AAAG,KACzB,EAAS,GAAG,aAAa,EAAQ,WAAY,QAE7C,EACL,AAAoB,GACpB,AAAC,GAAgB,CAChB,WAAe,EAAwB,CApB1C,yCAsBI,GADA,EAAO,AAAG,GAAe,EAAM,EAAO,GAClC,EAAK,OAAS,AAAG,GAAW,cAAe,CAC9C,GAAM,GAAU,uBAAM,SAAN,cAAc,SAAd,cAAsB,OACtC,GAAI,YAAQ,SAAR,cAAgB,MAAhB,cAAqB,MAArB,cAA0B,WACzB,qBAAS,WAAW,KAApB,cAAwB,aAAc,MAAO,CAChD,GAAM,GAAU,oBAAS,SAAT,cAAiB,OACjC,GAAI,kBAAS,WAAW,GAAG,aAAc,MACxC,MAAO,AAAG,IACT,WAAQ,SAAR,cAAgB,MAAhB,cAAqB,MAArB,cAA0B,UAK9B,GAAI,SAAQ,SAAR,cAAgB,MAAhB,cAAqB,SACpB,wBAAM,SAAN,cAAc,WAAW,KAAzB,cAA6B,aAAc,SAAU,CACxD,GAAM,GAAU,uBAAM,SAAN,cAAc,SAAd,cAAsB,OAGtC,GAAI,kBAAS,WAAW,GAAG,aAAc,MACxC,MAAO,AAAG,IAAoB,SAAQ,SAAR,cAAgB,MAAhB,eAAqB,SAMvD,MAAO,GAER,MAAO,AAAG,IAAU,EAAU,IAG1B,EAA4B,AAAG,GACpC,UACA,EACA,AAAG,GAAa,OAChB,GACA,AAAG,GAAW,IAIT,EACL,AAAG,GAAyB,EAAY,CAAC,IAEpC,EAAuC,EAAO,YAAY,GAE1D,EAAoB,EAAQ,UAAU,GAC5C,SAAO,UAEA,GC7DR,0BAMA,GAAM,IAAiB,MACtB,EACA,IACI,CACJ,GAAM,CAAE,gBAAiB,EACnB,EAAa,EACjB,0BACA,qBACA,QAAQ,QACR,OAAO,MAAO,EAAmB,IAAqB,CACtD,GAAM,CAAE,aAAY,OAAQ,EAAQ,kBAEpC,GAAI,CACH,GAAM,GAAwB,GAAgB,CAC7C,WAAY,GAAK,QAChB,UACA,0CAGI,EAAgC,KAAM,GAC3C,CACC,SAAU,EACV,KAAM,IAGR,AACC,KAAkC,QAClC,EAA8B,YAAc,KAE5C,MAAM,GAAoB,EAAY,GACtC,QAAQ,IAAI,wBAAwB,EAAO,aAEpC,EAAP,CACD,EAAQ,MAAM,MAIjB,SAAkB,CAAE,QAAS,EAAY,iBAElC,GAGD,GAAQ,GC/Cf,gCACA,wCACA,wBAUA,GAAM,IAAiB,MACtB,EACA,IAOI,CACJ,GAAM,CAAE,eAAc,YAAa,EAE7B,EAAa,EACjB,0BACA,qBACA,QAAQ,QACR,OAAO,MAAO,EAAkC,IAAqB,CApCxE,UAqCG,GAAI,CACH,GAAM,CAEL,UACA,UACA,UACA,UACA,SACA,OACG,EAAQ,kBAEN,EACL,GAAU,qBAAc,WAAd,cAAwB,kBAE7B,EAAoB,OAAY,IAAI,KAAK,AAAC,GAAY,CAnDhE,MAoDK,MAAO,MAAQ,UAAR,cAAiB,sBAAuB,MADtB,cAEtB,QAEE,EAAiB,OAAY,IAAI,KAAK,AAAC,GAAY,CAvD7D,MAwDK,MAAO,MAAQ,OAAR,cAAc,sBAAuB,MADtB,cAEnB,KAEJ,GAAI,CAAC,EACJ,KAAM,IAAI,OAAM,yBAGjB,GAAM,GAAgB,CACrB,GAAG,OAAO,KAAK,kBAAkB,UAAW,IAC5C,GAAG,OAAO,KAAK,kBAAkB,kBAAmB,IACpD,GAAG,OAAO,KAAK,kBAAe,UAAW,IACzC,GAAG,OAAO,KAAK,kBAAe,kBAAmB,KAG5C,EAAmB,OAAO,YAC/B,EAAc,IAAI,AAAC,GACX,CAAC,EAAK,EAAS,MAIxB,GAAI,GAAW,EACd,KAAM,IAAI,OAAM,6CAGjB,GAAI,GAEJ,GAAI,GAAW,CAAE,IAAW,GAAU,CACrC,GAAI,CAAC,EACJ,KAAM,IAAI,OAAM,iDAEjB,EAAc,GAAG,aAAa,EAAS,gBAC7B,EAAS,CACnB,GAAI,CAAC,EACJ,KAAM,IAAI,OAAM,iDAGjB,GAAI,CAAC,EACJ,KAAM,IAAI,OACT,+DAA+D,EAC7D,IAAI,AAAC,GAAG,CA/FjB,MA+FoB,WAAK,KAAE,UAAF,cAAW,uBAC3B,KAAK,SAIT,GAAM,GAAiB,GAAG,aAAa,EAAS,QAChD,EAAc,KAAM,GAAiB,QAAQ,GAC5C,WAAY,GACT,IAGL,GAAI,EAAa,CAEhB,GAAM,GAAa,GAAM,GAEnB,EAAkB,GAAO,CAC9B,iBAAkB,GAClB,OAAQ,OAEH,QAAQ,KAET,KAIL,AAAI,EAAgB,QACnB,KAAM,GAAc,QAAQ,GAC3B,KAAM,EAAgB,OACtB,OACG,QAIL,MAAM,IAAI,OAAM,uCAET,EAAP,CACD,QAAQ,MAAM,GACd,QAAQ,KAAK,MAIhB,SAAkB,CAAE,QAAS,EAAY,iBAElC,GAGD,GAAQ,GC7If,wBAGA,gCACA,wCAQA,gDACA,GAAM,IAAe,CACpB,EACA,IAII,CACJ,GAAM,CAAE,eAAc,mBAAoB,GAAW,GAG/C,EACL,IAAoB,QAAa,EAAgB,OAAS,EAErD,EAAa,EACjB,QAAQ,oBACR,mBAAmB,IACnB,0BACA,qBACA,mBAAmB,IACnB,OACA,MACC,EACA,EACA,IACI,CArCR,MAsCI,GAAI,CACH,GAAM,CAAE,UAAS,UAAS,UAAS,UAAS,UAC3C,EAAQ,kBACT,GAAI,GAAW,EACd,KAAM,IAAI,OAAM,6CAGjB,GAAI,GAEJ,GAAI,GAAW,CAAE,IAAW,IAAY,IAAqB,GAAO,CACnE,GAAI,CAAC,EACJ,KAAM,IAAI,OAAM,iDAEjB,EAAc,GAAG,aAAa,EAAS,gBAC7B,EAAS,CACnB,GAAI,CAAC,EACJ,KAAM,IAAI,OAAM,iDAGjB,GAAM,GACL,GAAU,qBAAc,WAAd,cAAwB,kBAE7B,EAAoB,IAAmB,IAAI,KAAK,AAAC,GAC/C,EAAQ,qBAAuB,GAGvC,GAAI,CAAC,EACJ,KAAM,IAAI,OACT,+DACC,IAAmB,IAElB,IAAI,AAAC,GAAM,KAAK,EAAE,sBAClB,KAAK,SAIT,GAAM,GAAgB,CACrB,GAAG,OAAO,KAAK,EAAiB,SAAW,IAC3C,GAAG,OAAO,KAAK,EAAiB,iBAAmB,KAG9C,EAAmB,OAAO,YAC/B,EAAc,IAAI,AAAC,GACX,CAAC,EAAK,EAAS,MAIlB,EAAiB,GAAG,aAAa,EAAS,QAChD,EAAc,KAAM,GAAiB,QAAQ,GAC5C,WAAY,GACT,IAGL,GAAI,EAAa,CAChB,GAAM,GAAa,GAAM,GAEnB,EAAkB,GAAO,CAC9B,iBAAkB,GAClB,OAAQ,OAEH,QAAQ,KAET,KAIC,CAAC,KAAgB,GAAmB,EACpC,EAAQ,GAAU,EAAa,CAAC,GAAG,GAAkB,CAC1D,MAAO,UACP,MAAO,GACP,SAAU,QACV,IAAK,SACD,EAAgB,QAChB,QAAQ,KAFP,CAGJ,eAAgB,KAAK,UAAU,OAAO,KAAK,QAI7C,AAAI,EAAM,SAAW,GACpB,QAAQ,KAAK,EAAM,QAAU,OAG9B,MAAM,IAAI,OAAM,uCAET,EAAP,CACD,QAAQ,MAAM,EAAO,EAAE,UACvB,EAAQ,UAWZ,GANA,EAAkB,CACjB,QAAS,EACT,YAAa,EAAmB,MAAQ,aACxC,iBAGG,EAAkB,CACrB,WAAiB,IAAI,AAAC,GAAQ,CAC7B,GAAM,CAAE,UAAS,mBAAoB,EACrC,EAAiB,EAAS,GAC1B,EAAiB,EAAiB,EAAY,MAE/C,GAAM,GAAU,iBAAiB,IAAI,AAAC,GAAM,EAAE,oBAE9C,EAAW,OACV,oBACA,oBAAoB,EAAQ,OAAS,EAAI,IAAM,OAC7C,EAAQ,KAAK,MAAO,EAAQ,SAAW,EAAI,EAAQ,GAAK,UAK5D,MAAO,IAGD,GAAQ,GrB1If,oBACA,6BAEA,GAAM,IAA+B,CACpC,QAAS,YACT,KAAM,SACN,WAAY,CACX,KAAM,SACN,YAAa,mBAEd,UAAW,GACX,MAAO,GACP,OAAQ,GACR,QAAS,AAAC,GAAW,CAAC,EAAM,IAAQ,CACnC,GAAI,EAAK,CACR,GAAM,CAAE,aAAY,sBAAuB,EAC3C,SAAW,GAAsB,IAAS,GAAK,GAAK,EAAK,MAAM,GACxD,OAEP,OAAO,KAKJ,EAAU,GAAI,IAEpB,AAAC,UAAY,CA1Cb,YA2CC,GAAM,GAAgB,GAAY,QAAQ,MACpC,EAA8B,GACpC,AAAI,EAAc,QACjB,CAAI,MAAM,QAAQ,EAAc,QAC/B,EAAkB,KAAK,GAAG,EAAc,QAExC,EAAkB,KAAK,EAAc,SAUvC,GAAM,GAAa,CAClB,GAAI,MAAM,QAAQ,EAAc,QAC7B,EAAc,OACd,CAAC,EAAc,QAClB,GAAI,MAAM,QAAQ,EAAc,GAAK,EAAc,EAAI,CAAC,EAAc,IACnE,GAEE,CAAE,SAAU,EAAe,IAAO,KAAM,IAAiB,GACzD,CAAE,WAAU,KAAM,GAAkB,EAE1C,EACE,KAAK,UACL,YAAY,oBACZ,QAAQ,SACR,0BACA,OAAO,CAAC,EAAU,IAAmB,CACrC,EAAM,SAER,EAAkB,CAAE,UAAS,aAAc,IAC3C,GAAM,GAAM,GAAI,IAAI,CACnB,UAAW,GACX,iBAAkB,GAClB,YAAa,GACb,YAAa,GACb,gBAAiB,GACjB,cAAe,GACf,SAAU,CAAC,MAGN,EAA2C,GACjD,GAAI,EAAkB,OAAS,EAC9B,OAAW,KAAgB,GAAmB,CAK7C,GAAM,GAAe,KAAM,AAHZ,MAAM,GAAiB,CAAE,KAAM,KAGZ,CACjC,aAAc,EACd,MACA,eAED,EAAc,EAAa,MAAQ,EAE/B,EAAkB,SAAW,GAEhC,GAAa,SAAW,OACpB,EAAa,UADO,CAEvB,iBAAkB,OAAO,EAAa,MACtC,QAAS,OACL,KAAa,WAAb,cAAuB,SADlB,EAEP,EAAa,MAAO,KACjB,QAAa,WAAb,cAAuB,UAAvB,cAAiC,EAAa,YAQvD,AAAI,kBAAU,mBACR,sBAAU,UAAV,cAAoB,EAAS,oBACjC,GAAS,QAAU,OACf,EAAS,SADM,EAEjB,EAAS,kBAAmB,OAI5B,kBAAU,UACb,OAAO,QAAQ,iBAAU,SAAS,QACjC,CAAC,CAAC,EAAY,KAAgD,CAC7D,AAAI,kBAAc,QACjB,EAAc,GAAc,iBAAc,OAE1C,EAAc,GAAc,kBAAkB,MAMlD,OAAO,OAAO,GAAiB,IAAI,QAAQ,AAAC,GAAiB,CAC5D,OAAO,KAAK,GAAc,QAAQ,AAAC,GAAe,CACjD,AAAK,EAAc,IAClB,GAAc,GAAc,kBAAkB,SAMjD,GAAM,GAA4D,GAC5D,EAA4D,GAC5D,EAGA,GAEN,OAAW,KAAc,QAAO,KAAK,GAAgB,CACpD,GAAM,GAAe,EAAc,GAC7B,EAAmB,KAAM,GAAiB,CAAE,KAAM,IAClD,CAAE,gBAAe,YAAa,GAAQ,KAAM,GAAiB,CAClE,MACA,aAAc,EACd,eAGD,AAAI,kBAAK,UACR,EAAyB,KAAK,EAAI,SAE/B,kBAAK,UACR,GAAyB,KAAK,EAAI,SAC9B,kBAAK,OACR,EAAsB,KAAK,CAAE,KAAM,EAAI,KAAM,QAAS,EAAI,WAIxD,GACH,EAAc,CAAE,YAGlB,AAAI,EAAyB,QAC5B,KAAM,IAAkB,EAAS,CAChC,aAAc,EACd,gBAAiB,IAGf,EAAyB,QAC5B,KAAM,IAAkB,EAAS,CAChC,aAAc,EACd,gBAAiB,IAGf,EAAsB,QACzB,KAAM,IAAe,EAAS,CAC7B,aAAc,EACd,SAAU,IAKZ,KAAM,IAAe,EAAS,CAAE,aAAc,IAC9C,KAAM,IAAc,EAAS,CAC5B,aAAc,EACd,gBAAiB,IAElB,KAAM,GAAQ",
6
6
  "names": []
7
7
  }
package/dist/index.d.ts CHANGED
@@ -1,60 +1,148 @@
1
- import { PutParameterRequest } from '@aws-sdk/client-ssm';
1
+ import Ajv from 'ajv';
2
+ import { Command } from 'commander';
3
+ export { default as Table } from 'cli-table';
2
4
 
3
- declare type DotsecConfig = {
5
+ type DotsecCliPluginHandler<HandlerArgs extends Record<string, unknown>, HandlerResult, T extends Record<string, unknown> = Record<string, unknown>> = {
6
+ encryptionEngineName?: string;
7
+ triggerOptionValue: string;
8
+ options?: {
9
+ [key in keyof T]: DotsecCliOption;
10
+ };
11
+ requiredOptions?: {
12
+ [key in keyof T]: DotsecCliOption;
13
+ };
14
+ handler: (options: HandlerArgs & T) => Promise<HandlerResult>;
15
+ };
16
+ type DotsecCliPluginEncryptHandler<HandlerPluginArgs extends Record<string, unknown> = Record<string, unknown>> = DotsecCliPluginHandler<{
17
+ plaintext: string;
18
+ }, string, HandlerPluginArgs>;
19
+ type DotsecCliPluginDecryptHandler<HandlerPluginArgs extends Record<string, unknown> = Record<string, unknown>> = DotsecCliPluginHandler<{
20
+ ciphertext: string;
21
+ }, string, HandlerPluginArgs>;
22
+ type DotsecCliPluginRunHandler<HandlerPluginArgs extends Record<string, unknown> = Record<string, unknown>> = DotsecCliPluginHandler<{
23
+ ciphertext: string;
24
+ }, string, HandlerPluginArgs>;
25
+ type DotsecCliPluginPushHandler<HandlerPluginArgs extends Record<string, unknown> = Record<string, unknown>> = DotsecCliPluginHandler<{
26
+ push: Record<string, string>;
27
+ yes?: boolean;
28
+ }, string, HandlerPluginArgs>;
29
+ type DotsecCliOption = [
30
+ flags: string,
31
+ description?: string,
32
+ defaultValue?: string | boolean | string[]
33
+ ] | {
34
+ flags: string;
35
+ description?: string;
36
+ defaultValue?: string | boolean | string[];
37
+ fn?: (value: string, previous: unknown) => unknown;
38
+ regexp?: RegExp;
39
+ env?: string;
40
+ };
41
+ type DotsecPluginConfig = {
42
+ module?: string;
4
43
  config?: {
5
- aws?: {
6
- region?: string;
7
- kms?: {
8
- keyAlias?: string;
9
- encryptionAlgorithm?: "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SYMMETRIC_DEFAULT";
10
- };
11
- ssm?: {
12
- pathPrefix?: string;
13
- parameterType?: "String" | "SecureString";
14
- };
15
- secretsManager?: {
16
- pathPrefix?: string;
17
- };
44
+ [key: string]: unknown;
45
+ };
46
+ push?: {
47
+ [key: string]: unknown;
48
+ };
49
+ };
50
+ type DotsecPlugins = {
51
+ plugins: DotsecPlugin;
52
+ };
53
+ type Meh<T extends DotsecPluginModuleConfig> = T extends DotsecPluginModuleConfig ? T : never;
54
+ type DotsecPluginModuleConfig = {
55
+ plugin: DotsecPlugin;
56
+ api?: Record<string, unknown>;
57
+ cliHandlersOptions?: {
58
+ encrypt?: Record<string, unknown>;
59
+ decrypt?: Record<string, unknown>;
60
+ run?: Record<string, unknown>;
61
+ push?: Record<string, unknown>;
62
+ };
63
+ };
64
+ type DotsecPluginModule<T extends DotsecPluginModuleConfig = DotsecPluginModuleConfig> = (options: {
65
+ dotsecConfig: DotsecConfig;
66
+ ajv: Ajv;
67
+ configFile: string;
68
+ }) => Promise<{
69
+ name: keyof T["plugin"] | string;
70
+ encryptionEngineName?: string;
71
+ api?: T["api"] extends Record<string, unknown> ? T["api"] : never;
72
+ addCliCommand?: (options: {
73
+ program: Command;
74
+ }) => Promise<void>;
75
+ cliHandlers?: {
76
+ encrypt?: DotsecCliPluginEncryptHandler<T["cliHandlersOptions"] extends {
77
+ encrypt: Record<string, unknown>;
78
+ } ? T["cliHandlersOptions"]["encrypt"] : Record<string, unknown>>;
79
+ decrypt?: DotsecCliPluginDecryptHandler<T["cliHandlersOptions"] extends {
80
+ decrypt: Record<string, unknown>;
81
+ } ? T["cliHandlersOptions"]["decrypt"] : Record<string, unknown>>;
82
+ run?: DotsecCliPluginRunHandler<T["cliHandlersOptions"] extends {
83
+ run: Record<string, unknown>;
84
+ } ? T["cliHandlersOptions"]["run"] : Record<string, unknown>>;
85
+ push?: DotsecCliPluginPushHandler<T["cliHandlersOptions"] extends {
86
+ push: Record<string, unknown>;
87
+ } ? T["cliHandlersOptions"]["push"] : Record<string, unknown>>;
88
+ };
89
+ }>;
90
+ type DotsecPlugin<T extends {
91
+ [key: string]: DotsecPluginConfig;
92
+ } = {
93
+ [key: string]: DotsecPluginConfig;
94
+ }> = T;
95
+
96
+ type DotsecConfig<T extends DotsecPlugins = DotsecPlugins> = {
97
+ defaults?: {
98
+ encryptionEngine?: keyof T["plugins"] | string;
99
+ plugins?: {
100
+ [PluginKey in keyof T["plugins"]]?: {
101
+ module?: T["plugins"][PluginKey]["module"];
102
+ } & T["plugins"][PluginKey]["config"];
103
+ };
104
+ options?: {
105
+ envFile?: string;
106
+ secFile?: string;
18
107
  };
19
108
  };
20
- variables?: {
109
+ push?: {
21
110
  [key: string]: {
22
- push?: {
23
- aws?: {
24
- ssm?: boolean | (Omit<PutParameterRequest, "Name" | "Value"> & {
25
- Name?: string;
26
- });
27
- secretsManager?: boolean;
28
- };
29
- };
111
+ [PluginKey in keyof T["plugins"]]?: T["plugins"][PluginKey]["push"];
30
112
  };
31
113
  };
32
114
  };
33
115
 
34
- declare const dotsec: {
35
- config: (options: {
36
- aws?: {
37
- region?: string;
38
- kms?: {
39
- keyAlias?: string;
40
- };
41
- };
42
- } & ({
43
- sec: true | string;
44
- env?: never;
45
- } | {
46
- env: true | string;
47
- sec?: never;
48
- }) & ({
49
- dotsecConfig: DotsecConfig;
50
- configFile?: never;
51
- } | {
52
- dotsecConfig?: never;
53
- configFile: string;
54
- } | {
55
- dotsecConfig?: never;
56
- configFile?: never;
57
- })) => Promise<void>;
58
- };
59
-
60
- export { DotsecConfig as Dotsec, DotsecConfig, dotsec as default };
116
+ type DotsecEncryptionEngineFactoryProps = {
117
+ verbose?: boolean;
118
+ };
119
+ type DotsecEncryptionEngine<T = Record<string, unknown>> = {
120
+ encrypt(plaintext: string): Promise<string>;
121
+ decrypt(ciphertext: string): Promise<string>;
122
+ } & T;
123
+ type DotsecEncryptionEngineFactory<T = Record<string, unknown>, V extends Record<string, unknown> = Record<string, unknown>> = {
124
+ (options: DotsecEncryptionEngineFactoryProps & T): Promise<DotsecEncryptionEngine<V>>;
125
+ };
126
+
127
+ type FromEnv<T extends string = string> = T | {
128
+ fromEnv: string;
129
+ required?: boolean;
130
+ };
131
+
132
+ declare const promptExecute: ({ skip, message, execute, }: {
133
+ skip?: boolean | undefined;
134
+ message: string;
135
+ execute: () => unknown | Promise<unknown>;
136
+ }) => Promise<void>;
137
+
138
+ declare const resolveFromEnv: (options: {
139
+ fromEnvValue?: string;
140
+ env: NodeJS.ProcessEnv;
141
+ variables: Record<string, string>;
142
+ }) => string | undefined;
143
+
144
+ declare const writeLine: (str: string) => void;
145
+ declare const emphasis: (str: string) => string;
146
+ declare const strong: (str: string) => string;
147
+
148
+ export { DotsecConfig, DotsecEncryptionEngine, DotsecEncryptionEngineFactory, DotsecEncryptionEngineFactoryProps, DotsecPlugin, DotsecPluginModule, FromEnv, Meh, emphasis, promptExecute, resolveFromEnv, strong, writeLine };
package/dist/index.js CHANGED
@@ -1,3 +1,2 @@
1
- var _e=Object.create;var I=Object.defineProperty,we=Object.defineProperties,Ce=Object.getOwnPropertyDescriptor,ye=Object.getOwnPropertyDescriptors,Re=Object.getOwnPropertyNames,ee=Object.getOwnPropertySymbols,Oe=Object.getPrototypeOf,ne=Object.prototype.hasOwnProperty,De=Object.prototype.propertyIsEnumerable;var oe=(e,n,i)=>n in e?I(e,n,{enumerable:!0,configurable:!0,writable:!0,value:i}):e[n]=i,r=(e,n)=>{for(var i in n||(n={}))ne.call(n,i)&&oe(e,i,n[i]);if(ee)for(var i of ee(n))De.call(n,i)&&oe(e,i,n[i]);return e},O=(e,n)=>we(e,ye(n)),ie=e=>I(e,"__esModule",{value:!0});var he=(e,n)=>{ie(e);for(var i in n)I(e,i,{get:n[i],enumerable:!0})},ve=(e,n,i)=>{if(n&&typeof n=="object"||typeof n=="function")for(let o of Re(n))!ne.call(e,o)&&o!=="default"&&I(e,o,{get:()=>n[o],enumerable:!(i=Ce(n,o))||i.enumerable});return e},A=e=>ve(ie(I(e!=null?_e(Oe(e)):{},"default",e&&e.__esModule&&"default"in e?{get:()=>e.default,enumerable:!0}:{value:e,enumerable:!0})),e);he(exports,{default:()=>Pe});var Ee=A(require("dotenv"));var Fe="dotsec.config.ts",re=[Fe];var L="alias/dotsec",Ie="SecureString",g={config:{aws:{kms:{keyAlias:L},ssm:{parameterType:Ie}}}};var y=A(require("@aws-sdk/client-kms"));var C=A(require("@aws-sdk/credential-providers")),te=A(require("@aws-sdk/shared-ini-file-loader"));var P=A(require("chalk"));var d=e=>P.default.yellowBright(e),w=e=>P.default.yellow.bold(e);var se=async({argv:e,env:n})=>{var S,m,l;let i=await(0,te.loadSharedConfigFiles)(),o,a,s;if(e.profile?(a={value:e.profile,origin:`command line option: ${d(e.profile)}`},o={value:await(0,C.fromIni)({profile:e.profile})(),origin:`${d(`[${e.profile}]`)} in credentials file`}):n.AWS_PROFILE?(a={value:n.AWS_PROFILE,origin:`env variable ${d("AWS_PROFILE")}: ${w(n.AWS_PROFILE)}`},o={value:await(0,C.fromIni)({profile:n.AWS_PROFILE})(),origin:`env variable ${d("AWS_PROFILE")}: ${w(n.AWS_PROFILE)}`}):n.AWS_ACCESS_KEY_ID&&n.AWS_SECRET_ACCESS_KEY?o={value:await(0,C.fromEnv)()(),origin:`env variables ${d("AWS_ACCESS_KEY_ID")} and ${d("AWS_SECRET_ACCESS_KEY")}`}:((S=i.credentialsFile)==null?void 0:S.default)&&(a={value:"default",origin:`${d("[default]")} in credentials file`},o={value:await(0,C.fromIni)({profile:"default"})(),origin:`profile ${d("[default]")}`}),e.region)s={value:e.region,origin:`command line option: ${d(e.region)}`};else if(n.AWS_REGION)s={value:n.AWS_REGION,origin:`env variable ${d("AWS_REGION")}: ${w(n.AWS_REGION)}`};else if(n.AWS_DEFAULT_REGION)s={value:n.AWS_DEFAULT_REGION,origin:`env variable ${d("AWS_DEFAULT_REGION")}: ${w(n.AWS_DEFAULT_REGION)}`};else if(a){let c=(l=(m=i==null?void 0:i.configFile)==null?void 0:m[a.value])==null?void 0:l.region;c&&(s={value:c,origin:`${d(`[profile ${a.value}]`)} in config file`})}let E=e.assumeRoleArn||n.AWS_ASSUME_ROLE_ARN;if(E){let c=e.assumeRoleArn?"command line option":"env variable";o={value:await(0,C.fromTemporaryCredentials)({masterCredentials:o==null?void 0:o.value,params:{DurationSeconds:e.assumeRoleSessionDuration||Number(n.AWS_ASSUME_ROLE_SESSION_DURATION)||3600,RoleArn:E},clientConfig:{region:s==null?void 0:s.value}})(),origin:`${c} ${d(`[${E}]`)}`}}return{credentialsAndOrigin:o,regionAndOrigin:s,profileAndOrigin:a}},ae=({credentialsAndOrigin:e,regionAndOrigin:n,profileAndOrigin:i})=>{let o=[];return i&&o.push(`Got profile name from ${i.origin}`),e&&o.push(`Resolved credentials from ${e.origin}`),n&&o.push(`Resolved region from ${n.origin}`),o.join(`
2
- `)};var ce=async({argv:e,env:n})=>{let{credentialsAndOrigin:i,regionAndOrigin:o,profileAndOrigin:a}=await se({argv:{region:e.awsRegion,profile:e.awsProfile,assumeRoleArn:e.awsAssumeRoleArn,assumeRoleSessionDuration:e.awsAssumeRoleSessionDuration},env:r({},n)});if(e.verbose===!0&&console.log(ae({credentialsAndOrigin:i,regionAndOrigin:o,profileAndOrigin:a})),!(i&&o)){if(!i)throw console.error("Could not find credentials"),new Error("Could not find credentials");if(!o)throw console.error("Could not find region"),new Error("Could not find region")}return{credentialsAndOrigin:i,regionAndOrigin:o}};var le=async e=>{var l,c;let{kms:{keyAlias:n}={},region:i}=e,{credentialsAndOrigin:o,regionAndOrigin:a}=await ce({argv:{},env:r({},process.env)}),s=new y.KMSClient({credentials:o.value,region:i||a.value}),E=new y.DescribeKeyCommand({KeyId:n}),m=(c=(l=(await s.send(E)).KeyMetadata)==null?void 0:l.EncryptionAlgorithms)==null?void 0:c[0];if(m===void 0)throw new Error("Could not determine encryption algorithm");return{async encrypt(f){let p=new y.EncryptCommand({KeyId:n,Plaintext:Buffer.from(f),EncryptionAlgorithm:m}),u=await s.send(p);if(!u.CiphertextBlob)throw new Error(`Something bad happened: ${JSON.stringify({encryptCommand:p})}`);return Buffer.from(u.CiphertextBlob).toString("base64")},async decrypt(f){let p=new y.DecryptCommand({KeyId:n,CiphertextBlob:Buffer.from(f,"base64"),EncryptionAlgorithm:m}),u=await s.send(p);if(!u.Plaintext)throw new Error(`Something bad happened: ${JSON.stringify({cipherText:f,decryptCommand:p})}`);let _=Buffer.from(u.Plaintext).toString();return this.verbose&&console.info(`Decrypting key '${f}'`),_},other:()=>{}}};var me=A(require("node:path")),pe=A(require("bundle-require")),ue=A(require("joycon"));var fe=A(require("fs")),ge=A(require("node:path"));function be(e){try{return new Function(`return ${e.trim()}`)()}catch{return{}}}var de=async e=>{try{return be(await fe.default.promises.readFile(e,"utf8"))}catch(n){throw n instanceof Error?new Error(`Failed to parse ${ge.default.relative(process.cwd(),e)}: ${n.message}`):n}};var Ae=async e=>{var a,s,E,S,m,l,c,f,p,u,_,h,v,F,D,b,W,k,$,x,N,K,U,M,G,j,Y,B,J,V,q,Z,z,H,Q,X;let n=process.cwd(),o=await new ue.default().resolve({files:e?[e]:[...re,"package.json"],cwd:n,stopDir:me.default.parse(n).root,packageKey:"dotsec"});if(e&&o===null)throw new Error(`Could not find config file ${e}`);if(o){if(o.endsWith(".json")){let R=await de(o),t;return o.endsWith("package.json")&&R.dotsec!==void 0?t=R.dotsec:t=R,{source:"json",contents:O(r(r({},g),t),{config:O(r(r({},t==null?void 0:t.config),g.config),{aws:O(r(r({},(a=t==null?void 0:t.config)==null?void 0:a.aws),(E=(s=g)==null?void 0:s.config)==null?void 0:E.aws),{kms:r(r({},(l=(m=(S=g)==null?void 0:S.config)==null?void 0:m.aws)==null?void 0:l.kms),(f=(c=t.config)==null?void 0:c.aws)==null?void 0:f.kms),ssm:r(r({},(_=(u=(p=g)==null?void 0:p.config)==null?void 0:u.aws)==null?void 0:_.ssm),(v=(h=t.config)==null?void 0:h.aws)==null?void 0:v.ssm),secretsManager:r(r({},(b=(D=(F=g)==null?void 0:F.config)==null?void 0:D.aws)==null?void 0:b.secretsManager),(k=(W=t.config)==null?void 0:W.aws)==null?void 0:k.secretsManager)})})})}}else if(o.endsWith(".ts")){let R=await(0,pe.bundleRequire)({filepath:o}),t=R.mod.dotsec||R.mod.default||R.mod;return{source:"ts",contents:O(r(r({},g),t),{config:O(r(r({},t==null?void 0:t.config),g.config),{aws:O(r(r({},($=t==null?void 0:t.config)==null?void 0:$.aws),(N=(x=g)==null?void 0:x.config)==null?void 0:N.aws),{kms:r(r({},(M=(U=(K=g)==null?void 0:K.config)==null?void 0:U.aws)==null?void 0:M.kms),(j=(G=t.config)==null?void 0:G.aws)==null?void 0:j.kms),ssm:r(r({},(J=(B=(Y=g)==null?void 0:Y.config)==null?void 0:B.aws)==null?void 0:J.ssm),(q=(V=t.config)==null?void 0:V.aws)==null?void 0:q.ssm),secretsManager:r(r({},(H=(z=(Z=g)==null?void 0:Z.config)==null?void 0:z.aws)==null?void 0:H.secretsManager),(X=(Q=t.config)==null?void 0:Q.aws)==null?void 0:X.secretsManager)})})})}}}return{source:"defaultConfig",contents:g}};var T=A(require("node:fs"));var We=async e=>{var p,u,_,h,v,F;let{configFile:n,sec:i,env:o,dotsecConfig:a}=e,{contents:{config:s}={config:{}}}=a?{contents:a}:await Ae(n),E=((u=(p=e.aws)==null?void 0:p.kms)==null?void 0:u.keyAlias)||((h=(_=s==null?void 0:s.aws)==null?void 0:_.kms)==null?void 0:h.keyAlias)||L,S=((v=e.aws)==null?void 0:v.region)||((F=s==null?void 0:s.aws)==null?void 0:F.region),m=await le({verbose:!0,kms:{keyAlias:E},region:S}),l,c;i?typeof i=="string"?l=i:typeof e.sec=="boolean"&&e.sec===!0&&(l=".sec"):o?typeof o=="string"?c=o:typeof e.env=="boolean"&&e.env===!0&&(c=".env"):(l=".sec",console.warn(`Since no value is set for neither ${w("sec")} nor ${w("env")}, we use default value for sec which is .sec`));let f;if(c)f=T.default.readFileSync(c,"utf8");else if(l){let D=T.default.readFileSync(l,"utf8");f=await m.decrypt(D),console.log("envContents",f)}if(f){let D=(0,Ee.parse)(f);Object.entries(D).map(([b,W])=>{process.env[b]=W})}else throw new Error("No .env or .sec file provided")},Le={config:We},Se=Le;var Pe=Se;0&&(module.exports={});
1
+ var D=Object.create;var n=Object.defineProperty,P=Object.defineProperties,R=Object.getOwnPropertyDescriptor,k=Object.getOwnPropertyDescriptors,h=Object.getOwnPropertyNames,l=Object.getOwnPropertySymbols,L=Object.getPrototypeOf,a=Object.prototype.hasOwnProperty,F=Object.prototype.propertyIsEnumerable;var m=(e,o,r)=>o in e?n(e,o,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[o]=r,i=(e,o)=>{for(var r in o||(o={}))a.call(o,r)&&m(e,r,o[r]);if(l)for(var r of l(o))F.call(o,r)&&m(e,r,o[r]);return e},g=(e,o)=>P(e,k(o)),u=e=>n(e,"__esModule",{value:!0});var V=(e,o)=>{u(e);for(var r in o)n(e,r,{get:o[r],enumerable:!0})},j=(e,o,r)=>{if(o&&typeof o=="object"||typeof o=="function")for(let t of h(o))!a.call(e,t)&&t!=="default"&&n(e,t,{get:()=>o[t],enumerable:!(r=R(o,t))||r.enumerable});return e},c=e=>j(u(n(e!=null?D(L(e)):{},"default",e&&e.__esModule&&"default"in e?{get:()=>e.default,enumerable:!0}:{value:e,enumerable:!0})),e);V(exports,{Table:()=>v,emphasis:()=>w,promptExecute:()=>E,resolveFromEnv:()=>b,strong:()=>y,writeLine:()=>d});var f=c(require("prompts"));var E=async({skip:e,message:o,execute:r})=>{let t=!1;(e||(await(0,f.default)({type:"confirm",name:"confirm",message:o})).confirm===!0)&&(t=!0),t&&await r()};var x=c(require("dotenv-expand")),b=e=>{var s;let{fromEnvValue:o,env:r,variables:t}=e;return o?(s=(0,x.expand)({ignoreProcessEnv:!0,parsed:g(i(i({},r),t),{RESOLVED:o||""})}).parsed)==null?void 0:s.RESOLVED:""};var p=c(require("chalk")),v=require("cli-table");var d=e=>{process.stdout.write(e)},w=e=>p.default.yellowBright(e),y=e=>p.default.yellow.bold(e);0&&(module.exports={Table,emphasis,promptExecute,resolveFromEnv,strong,writeLine});
3
2
  //# sourceMappingURL=index.js.map