localant 1.0.1 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.ja.md +185 -0
- package/README.md +137 -20
- package/SECURITY.md +63 -8
- package/assets/hero.png +0 -0
- package/assets/localant-icon.png +0 -0
- package/examples/skills/article-publisher/README.md +41 -0
- package/examples/skills/article-publisher/package.json +9 -0
- package/examples/skills/article-publisher/skill.json +134 -0
- package/examples/skills/article-publisher/src/index.ts +186 -0
- package/examples/skills/article-publisher/tests/skill.test.ts +72 -0
- package/package.json +26 -6
- package/packages/cli/dist/autostart.d.ts +14 -0
- package/packages/cli/dist/autostart.d.ts.map +1 -0
- package/packages/cli/dist/autostart.js +98 -0
- package/packages/cli/dist/autostart.js.map +1 -0
- package/packages/cli/dist/bin.js +214 -2
- package/packages/cli/dist/bin.js.map +1 -1
- package/packages/cli/dist/runtime.d.ts.map +1 -1
- package/packages/cli/dist/runtime.js +56 -8
- package/packages/cli/dist/runtime.js.map +1 -1
- package/packages/cli/dist/serveo-setup.d.ts +37 -0
- package/packages/cli/dist/serveo-setup.d.ts.map +1 -0
- package/packages/cli/dist/serveo-setup.js +168 -0
- package/packages/cli/dist/serveo-setup.js.map +1 -0
- package/packages/cli/dist/util.d.ts +6 -0
- package/packages/cli/dist/util.d.ts.map +1 -1
- package/packages/cli/dist/util.js +20 -0
- package/packages/cli/dist/util.js.map +1 -1
- package/packages/cli/package.json +1 -1
- package/packages/dashboard/dist/index.d.ts +5 -4
- package/packages/dashboard/dist/index.d.ts.map +1 -1
- package/packages/dashboard/dist/index.js +781 -44
- package/packages/dashboard/dist/index.js.map +1 -1
- package/packages/gateway/dist/gateway.d.ts +14 -1
- package/packages/gateway/dist/gateway.d.ts.map +1 -1
- package/packages/gateway/dist/gateway.js +59 -6
- package/packages/gateway/dist/gateway.js.map +1 -1
- package/packages/gateway/dist/index.d.ts +3 -0
- package/packages/gateway/dist/index.d.ts.map +1 -1
- package/packages/gateway/dist/index.js +3 -0
- package/packages/gateway/dist/index.js.map +1 -1
- package/packages/gateway/dist/managers/coding-agent-manager.d.ts +14 -0
- package/packages/gateway/dist/managers/coding-agent-manager.d.ts.map +1 -1
- package/packages/gateway/dist/managers/coding-agent-manager.js +21 -2
- package/packages/gateway/dist/managers/coding-agent-manager.js.map +1 -1
- package/packages/gateway/dist/managers/fs-manager.d.ts +73 -0
- package/packages/gateway/dist/managers/fs-manager.d.ts.map +1 -1
- package/packages/gateway/dist/managers/fs-manager.js +290 -6
- package/packages/gateway/dist/managers/fs-manager.js.map +1 -1
- package/packages/gateway/dist/managers/git-manager.d.ts +6 -0
- package/packages/gateway/dist/managers/git-manager.d.ts.map +1 -1
- package/packages/gateway/dist/managers/git-manager.js +24 -0
- package/packages/gateway/dist/managers/git-manager.js.map +1 -1
- package/packages/gateway/dist/managers/lsp-service.d.ts +88 -0
- package/packages/gateway/dist/managers/lsp-service.d.ts.map +1 -0
- package/packages/gateway/dist/managers/lsp-service.js +249 -0
- package/packages/gateway/dist/managers/lsp-service.js.map +1 -0
- package/packages/gateway/dist/managers/mcp-bridge.d.ts +2 -1
- package/packages/gateway/dist/managers/mcp-bridge.d.ts.map +1 -1
- package/packages/gateway/dist/managers/mcp-bridge.js +23 -2
- package/packages/gateway/dist/managers/mcp-bridge.js.map +1 -1
- package/packages/gateway/dist/managers/shell-manager.d.ts +19 -0
- package/packages/gateway/dist/managers/shell-manager.d.ts.map +1 -1
- package/packages/gateway/dist/managers/shell-manager.js +28 -0
- package/packages/gateway/dist/managers/shell-manager.js.map +1 -1
- package/packages/gateway/dist/managers/skill-runtime.d.ts +8 -0
- package/packages/gateway/dist/managers/skill-runtime.d.ts.map +1 -1
- package/packages/gateway/dist/managers/skill-runtime.js +15 -0
- package/packages/gateway/dist/managers/skill-runtime.js.map +1 -1
- package/packages/gateway/dist/managers/tunnel-manager.d.ts +19 -1
- package/packages/gateway/dist/managers/tunnel-manager.d.ts.map +1 -1
- package/packages/gateway/dist/managers/tunnel-manager.js +289 -8
- package/packages/gateway/dist/managers/tunnel-manager.js.map +1 -1
- package/packages/gateway/dist/security/command-guard.d.ts +3 -0
- package/packages/gateway/dist/security/command-guard.d.ts.map +1 -1
- package/packages/gateway/dist/security/command-guard.js +15 -7
- package/packages/gateway/dist/security/command-guard.js.map +1 -1
- package/packages/gateway/dist/security/path-guard.d.ts +3 -0
- package/packages/gateway/dist/security/path-guard.d.ts.map +1 -1
- package/packages/gateway/dist/security/path-guard.js +8 -2
- package/packages/gateway/dist/security/path-guard.js.map +1 -1
- package/packages/gateway/dist/stores/config-store.d.ts +10 -0
- package/packages/gateway/dist/stores/config-store.d.ts.map +1 -1
- package/packages/gateway/dist/stores/config-store.js +47 -3
- package/packages/gateway/dist/stores/config-store.js.map +1 -1
- package/packages/gateway/dist/stores/secret-vault.d.ts +19 -3
- package/packages/gateway/dist/stores/secret-vault.d.ts.map +1 -1
- package/packages/gateway/dist/stores/secret-vault.js +47 -6
- package/packages/gateway/dist/stores/secret-vault.js.map +1 -1
- package/packages/gateway/dist/tools/adapters.d.ts.map +1 -1
- package/packages/gateway/dist/tools/adapters.js +198 -7
- package/packages/gateway/dist/tools/adapters.js.map +1 -1
- package/packages/gateway/dist/tools/adb.d.ts.map +1 -1
- package/packages/gateway/dist/tools/adb.js +42 -0
- package/packages/gateway/dist/tools/adb.js.map +1 -1
- package/packages/gateway/dist/tools/agent.d.ts +10 -0
- package/packages/gateway/dist/tools/agent.d.ts.map +1 -0
- package/packages/gateway/dist/tools/agent.js +35 -0
- package/packages/gateway/dist/tools/agent.js.map +1 -0
- package/packages/gateway/dist/tools/aliases.d.ts +7 -0
- package/packages/gateway/dist/tools/aliases.d.ts.map +1 -0
- package/packages/gateway/dist/tools/aliases.js +64 -0
- package/packages/gateway/dist/tools/aliases.js.map +1 -0
- package/packages/gateway/dist/tools/bash.d.ts +10 -0
- package/packages/gateway/dist/tools/bash.d.ts.map +1 -0
- package/packages/gateway/dist/tools/bash.js +67 -0
- package/packages/gateway/dist/tools/bash.js.map +1 -0
- package/packages/gateway/dist/tools/browser.d.ts.map +1 -1
- package/packages/gateway/dist/tools/browser.js +9 -0
- package/packages/gateway/dist/tools/browser.js.map +1 -1
- package/packages/gateway/dist/tools/control.d.ts +8 -0
- package/packages/gateway/dist/tools/control.d.ts.map +1 -0
- package/packages/gateway/dist/tools/control.js +134 -0
- package/packages/gateway/dist/tools/control.js.map +1 -0
- package/packages/gateway/dist/tools/editing.d.ts +8 -0
- package/packages/gateway/dist/tools/editing.d.ts.map +1 -0
- package/packages/gateway/dist/tools/editing.js +102 -0
- package/packages/gateway/dist/tools/editing.js.map +1 -0
- package/packages/gateway/dist/tools/git.d.ts.map +1 -1
- package/packages/gateway/dist/tools/git.js +67 -0
- package/packages/gateway/dist/tools/git.js.map +1 -1
- package/packages/gateway/dist/tools/index.d.ts.map +1 -1
- package/packages/gateway/dist/tools/index.js +17 -2
- package/packages/gateway/dist/tools/index.js.map +1 -1
- package/packages/gateway/dist/tools/lsp.d.ts +10 -0
- package/packages/gateway/dist/tools/lsp.d.ts.map +1 -0
- package/packages/gateway/dist/tools/lsp.js +111 -0
- package/packages/gateway/dist/tools/lsp.js.map +1 -0
- package/packages/gateway/dist/tools/question.d.ts +10 -0
- package/packages/gateway/dist/tools/question.d.ts.map +1 -0
- package/packages/gateway/dist/tools/question.js +30 -0
- package/packages/gateway/dist/tools/question.js.map +1 -0
- package/packages/gateway/dist/tools/shell.d.ts +1 -1
- package/packages/gateway/dist/tools/shell.d.ts.map +1 -1
- package/packages/gateway/dist/tools/shell.js +15 -0
- package/packages/gateway/dist/tools/shell.js.map +1 -1
- package/packages/gateway/dist/tools/skill.d.ts.map +1 -1
- package/packages/gateway/dist/tools/skill.js +2 -7
- package/packages/gateway/dist/tools/skill.js.map +1 -1
- package/packages/gateway/dist/tools/system.js +2 -2
- package/packages/gateway/dist/tools/system.js.map +1 -1
- package/packages/gateway/dist/tools/validation.d.ts +3 -0
- package/packages/gateway/dist/tools/validation.d.ts.map +1 -0
- package/packages/gateway/dist/tools/validation.js +120 -0
- package/packages/gateway/dist/tools/validation.js.map +1 -0
- package/packages/mcp/dist/http-server.d.ts +1 -1
- package/packages/mcp/dist/http-server.d.ts.map +1 -1
- package/packages/mcp/dist/http-server.js +544 -20
- package/packages/mcp/dist/http-server.js.map +1 -1
- package/packages/mcp/dist/mcp-server.d.ts.map +1 -1
- package/packages/mcp/dist/mcp-server.js +5 -1
- package/packages/mcp/dist/mcp-server.js.map +1 -1
- package/packages/shared/dist/config.d.ts +146 -16
- package/packages/shared/dist/config.d.ts.map +1 -1
- package/packages/shared/dist/config.js +93 -7
- package/packages/shared/dist/config.js.map +1 -1
- package/packages/shared/dist/index.d.ts +2 -0
- package/packages/shared/dist/index.d.ts.map +1 -1
- package/packages/shared/dist/index.js +2 -0
- package/packages/shared/dist/index.js.map +1 -1
- package/packages/shared/dist/paths.d.ts +19 -2
- package/packages/shared/dist/paths.d.ts.map +1 -1
- package/packages/shared/dist/paths.js +50 -3
- package/packages/shared/dist/paths.js.map +1 -1
- package/packages/shared/dist/tool-profiles.d.ts +34 -0
- package/packages/shared/dist/tool-profiles.d.ts.map +1 -0
- package/packages/shared/dist/tool-profiles.js +188 -0
- package/packages/shared/dist/tool-profiles.js.map +1 -0
- package/packages/shared/dist/version.d.ts +9 -0
- package/packages/shared/dist/version.d.ts.map +1 -0
- package/packages/shared/dist/version.js +9 -0
- package/packages/shared/dist/version.js.map +1 -0
- package/scripts/postinstall.mjs +56 -0
- package/assets/icon.svg +0 -25
- package/packages/gateway/dist/tools/article.d.ts +0 -3
- package/packages/gateway/dist/tools/article.d.ts.map +0 -1
- package/packages/gateway/dist/tools/article.js +0 -230
- package/packages/gateway/dist/tools/article.js.map +0 -1
|
@@ -8,15 +8,23 @@ const log = createLogger("tunnel");
|
|
|
8
8
|
*/
|
|
9
9
|
export class TunnelManager {
|
|
10
10
|
config;
|
|
11
|
+
updateConfig;
|
|
11
12
|
child;
|
|
12
13
|
info = { provider: "none", status: "stopped" };
|
|
13
|
-
|
|
14
|
+
timeoutId;
|
|
15
|
+
/** Set by stop() so an intentional shutdown is never auto-reconnected. */
|
|
16
|
+
stopped = false;
|
|
17
|
+
/** Pending serveo reconnect attempt, cleared on stop(). */
|
|
18
|
+
reconnectTimer;
|
|
19
|
+
constructor(config, updateConfig) {
|
|
14
20
|
this.config = config;
|
|
21
|
+
this.updateConfig = updateConfig;
|
|
15
22
|
}
|
|
16
23
|
current() {
|
|
17
24
|
return this.info;
|
|
18
25
|
}
|
|
19
26
|
async start(port) {
|
|
27
|
+
this.stopped = false;
|
|
20
28
|
const cfg = this.config().tunnel;
|
|
21
29
|
if (cfg.publicUrl) {
|
|
22
30
|
this.info = { provider: "user-provided", url: cfg.publicUrl, status: "running" };
|
|
@@ -28,11 +36,19 @@ export class TunnelManager {
|
|
|
28
36
|
if (cfg.provider === "ngrok" && (await commandExists("ngrok"))) {
|
|
29
37
|
return this.startNgrok(port);
|
|
30
38
|
}
|
|
39
|
+
if (cfg.provider === "localtunnel") {
|
|
40
|
+
return this.startLocaltunnel(port);
|
|
41
|
+
}
|
|
42
|
+
if (cfg.provider === "serveo" && (await commandExists("ssh"))) {
|
|
43
|
+
return this.startServeo(port);
|
|
44
|
+
}
|
|
31
45
|
// Fallbacks
|
|
32
46
|
if (await commandExists("cloudflared"))
|
|
33
47
|
return this.startCloudflared(port);
|
|
34
48
|
if (await commandExists("ngrok"))
|
|
35
49
|
return this.startNgrok(port);
|
|
50
|
+
if (await commandExists("ssh"))
|
|
51
|
+
return this.startServeo(port);
|
|
36
52
|
this.info = {
|
|
37
53
|
provider: "none",
|
|
38
54
|
status: "error",
|
|
@@ -43,8 +59,21 @@ export class TunnelManager {
|
|
|
43
59
|
startCloudflared(port) {
|
|
44
60
|
return new Promise((resolve) => {
|
|
45
61
|
this.info = { provider: "cloudflared", status: "starting" };
|
|
46
|
-
const
|
|
62
|
+
const cfg = this.config().tunnel;
|
|
63
|
+
let args;
|
|
64
|
+
if (cfg.token) {
|
|
65
|
+
args = ["tunnel", "run", "--token", cfg.token];
|
|
66
|
+
}
|
|
67
|
+
else {
|
|
68
|
+
args = ["tunnel", "--url", `http://127.0.0.1:${port}`];
|
|
69
|
+
}
|
|
70
|
+
const child = spawn("cloudflared", args, { shell: false });
|
|
47
71
|
this.child = child;
|
|
72
|
+
if (cfg.token) {
|
|
73
|
+
this.info = { provider: "cloudflared", url: cfg.publicUrl || "Zero Trust Tunnel", status: "running" };
|
|
74
|
+
resolve(this.info);
|
|
75
|
+
return;
|
|
76
|
+
}
|
|
48
77
|
const onData = (buf) => {
|
|
49
78
|
const text = buf.toString("utf8");
|
|
50
79
|
const m = text.match(/https:\/\/[a-z0-9-]+\.trycloudflare\.com/i);
|
|
@@ -59,7 +88,7 @@ export class TunnelManager {
|
|
|
59
88
|
this.info = { provider: "cloudflared", status: "error", error: e.message };
|
|
60
89
|
resolve(this.info);
|
|
61
90
|
});
|
|
62
|
-
setTimeout(() => {
|
|
91
|
+
this.timeoutId = setTimeout(() => {
|
|
63
92
|
if (this.info.status !== "running") {
|
|
64
93
|
this.info = { provider: "cloudflared", status: "error", error: "Timed out waiting for tunnel URL." };
|
|
65
94
|
resolve(this.info);
|
|
@@ -70,7 +99,15 @@ export class TunnelManager {
|
|
|
70
99
|
startNgrok(port) {
|
|
71
100
|
return new Promise((resolve) => {
|
|
72
101
|
this.info = { provider: "ngrok", status: "starting" };
|
|
73
|
-
const
|
|
102
|
+
const cfg = this.config().tunnel;
|
|
103
|
+
const args = ["http", String(port), "--log", "stdout"];
|
|
104
|
+
if (cfg.domain) {
|
|
105
|
+
args.push("--domain", cfg.domain);
|
|
106
|
+
}
|
|
107
|
+
if (cfg.token) {
|
|
108
|
+
args.push("--authtoken", cfg.token);
|
|
109
|
+
}
|
|
110
|
+
const child = spawn("ngrok", args, { shell: false });
|
|
74
111
|
this.child = child;
|
|
75
112
|
const onData = (buf) => {
|
|
76
113
|
const text = buf.toString("utf8");
|
|
@@ -86,19 +123,263 @@ export class TunnelManager {
|
|
|
86
123
|
this.info = { provider: "ngrok", status: "error", error: e.message };
|
|
87
124
|
resolve(this.info);
|
|
88
125
|
});
|
|
89
|
-
setTimeout(() => {
|
|
126
|
+
this.timeoutId = setTimeout(() => {
|
|
90
127
|
if (this.info.status !== "running") {
|
|
91
|
-
|
|
128
|
+
if (cfg.domain) {
|
|
129
|
+
this.info = { provider: "ngrok", url: cfg.publicUrl || `https://${cfg.domain}`, status: "running" };
|
|
130
|
+
resolve(this.info);
|
|
131
|
+
}
|
|
132
|
+
else {
|
|
133
|
+
this.info = { provider: "ngrok", status: "error", error: "Timed out waiting for ngrok URL." };
|
|
134
|
+
resolve(this.info);
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
}, 20_000);
|
|
138
|
+
});
|
|
139
|
+
}
|
|
140
|
+
async startLocaltunnel(port) {
|
|
141
|
+
const maxDurationMs = 5 * 60 * 1000; // 5 minutes
|
|
142
|
+
const intervalMs = 10000; // 10 seconds
|
|
143
|
+
const startTime = Date.now();
|
|
144
|
+
let attempt = 0;
|
|
145
|
+
while (true) {
|
|
146
|
+
attempt++;
|
|
147
|
+
log.info(`Starting localtunnel attempt ${attempt}...`);
|
|
148
|
+
try {
|
|
149
|
+
const tunnelInfo = await this.tryStartLocaltunnelOnce(port);
|
|
150
|
+
if (tunnelInfo.status === "running" && tunnelInfo.url) {
|
|
151
|
+
const cfg = this.config().tunnel;
|
|
152
|
+
const assignedUrl = tunnelInfo.url;
|
|
153
|
+
const assignedSubdomain = assignedUrl.match(/https:\/\/([a-z0-9-]+)\./i)?.[1];
|
|
154
|
+
const requestedSubdomain = cfg.subdomain;
|
|
155
|
+
if (requestedSubdomain && assignedSubdomain && assignedSubdomain !== requestedSubdomain) {
|
|
156
|
+
// We asked for our fixed subdomain but localtunnel handed back a
|
|
157
|
+
// different one — the requested name is still held, almost always by
|
|
158
|
+
// our own just-killed previous session (a quick restart). The public
|
|
159
|
+
// URL must stay stable so the ChatGPT connector keeps working across
|
|
160
|
+
// restarts, so we never regenerate: drop this throwaway tunnel and
|
|
161
|
+
// keep retrying the SAME subdomain until the server releases it.
|
|
162
|
+
log.warn(`Subdomain "${requestedSubdomain}" not yet available (got "${assignedSubdomain}"). ` +
|
|
163
|
+
`Waiting for the previous session to release it, retrying in ${intervalMs / 1000}s...`);
|
|
164
|
+
this.stop();
|
|
165
|
+
if (Date.now() - startTime >= maxDurationMs) {
|
|
166
|
+
return {
|
|
167
|
+
provider: "localtunnel",
|
|
168
|
+
status: "error",
|
|
169
|
+
error: `Subdomain "${requestedSubdomain}" did not become available within ${maxDurationMs / 1000}s.`,
|
|
170
|
+
};
|
|
171
|
+
}
|
|
172
|
+
await new Promise((r) => setTimeout(r, intervalMs));
|
|
173
|
+
continue;
|
|
174
|
+
}
|
|
175
|
+
return tunnelInfo;
|
|
176
|
+
}
|
|
177
|
+
throw new Error(tunnelInfo.error || "Unknown error starting tunnel");
|
|
178
|
+
}
|
|
179
|
+
catch (err) {
|
|
180
|
+
log.warn(`Localtunnel start failed: ${err.message}. Retrying in 10s...`);
|
|
181
|
+
this.stop();
|
|
182
|
+
if (Date.now() - startTime >= maxDurationMs) {
|
|
183
|
+
this.info = { provider: "localtunnel", status: "error", error: `Timed out trying to start tunnel: ${err.message}` };
|
|
184
|
+
return this.info;
|
|
185
|
+
}
|
|
186
|
+
await new Promise((r) => setTimeout(r, intervalMs));
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
tryStartLocaltunnelOnce(port) {
|
|
191
|
+
return new Promise((resolve) => {
|
|
192
|
+
this.info = { provider: "localtunnel", status: "starting" };
|
|
193
|
+
const cfg = this.config().tunnel;
|
|
194
|
+
const args = ["localtunnel", "--port", String(port)];
|
|
195
|
+
if (cfg.subdomain) {
|
|
196
|
+
args.push("--subdomain", cfg.subdomain);
|
|
197
|
+
}
|
|
198
|
+
const child = spawn("npx", args, { shell: true });
|
|
199
|
+
this.child = child;
|
|
200
|
+
const onData = (buf) => {
|
|
201
|
+
const text = buf.toString("utf8");
|
|
202
|
+
const m = text.match(/https:\/\/[a-z0-9-]+\.(localtunnel\.me|loca\.lt)/i);
|
|
203
|
+
if (m && this.info.status !== "running") {
|
|
204
|
+
this.info = { provider: "localtunnel", url: m[0], status: "running" };
|
|
92
205
|
resolve(this.info);
|
|
93
206
|
}
|
|
207
|
+
};
|
|
208
|
+
child.stdout.on("data", onData);
|
|
209
|
+
child.stderr.on("data", onData);
|
|
210
|
+
child.on("error", (e) => {
|
|
211
|
+
this.info = { provider: "localtunnel", status: "error", error: e.message };
|
|
212
|
+
resolve(this.info);
|
|
213
|
+
});
|
|
214
|
+
this.timeoutId = setTimeout(() => {
|
|
215
|
+
if (this.info.status !== "running") {
|
|
216
|
+
if (cfg.subdomain) {
|
|
217
|
+
this.info = { provider: "localtunnel", url: cfg.publicUrl || `https://${cfg.subdomain}.loca.lt`, status: "running" };
|
|
218
|
+
resolve(this.info);
|
|
219
|
+
}
|
|
220
|
+
else {
|
|
221
|
+
this.info = { provider: "localtunnel", status: "error", error: "Timed out waiting for localtunnel URL." };
|
|
222
|
+
resolve(this.info);
|
|
223
|
+
}
|
|
224
|
+
}
|
|
94
225
|
}, 20_000);
|
|
95
226
|
});
|
|
96
227
|
}
|
|
228
|
+
startServeo(port) {
|
|
229
|
+
// Resolve the caller's promise exactly once on first outcome, then keep the
|
|
230
|
+
// tunnel alive in the background by reconnecting if the ssh process dies.
|
|
231
|
+
return new Promise((resolve) => {
|
|
232
|
+
let settled = false;
|
|
233
|
+
const settle = () => {
|
|
234
|
+
if (settled)
|
|
235
|
+
return;
|
|
236
|
+
settled = true;
|
|
237
|
+
resolve(this.info);
|
|
238
|
+
};
|
|
239
|
+
this.spawnServeo(port, settle);
|
|
240
|
+
});
|
|
241
|
+
}
|
|
242
|
+
/**
|
|
243
|
+
* Spawn the serveo ssh tunnel and wire up its handlers. On unexpected exit
|
|
244
|
+
* (network drop, serveo restart, idle timeout) it schedules a reconnect so a
|
|
245
|
+
* long-running gateway never ends up alive-but-unreachable. `settle` is
|
|
246
|
+
* invoked once the first connection result is known.
|
|
247
|
+
*/
|
|
248
|
+
spawnServeo(port, settle) {
|
|
249
|
+
if (this.stopped)
|
|
250
|
+
return;
|
|
251
|
+
this.info = { provider: "serveo", status: "starting" };
|
|
252
|
+
const cfg = this.config().tunnel;
|
|
253
|
+
const subdomain = cfg.subdomain ? `${cfg.subdomain}:` : "";
|
|
254
|
+
const args = [
|
|
255
|
+
"-R",
|
|
256
|
+
`${subdomain}80:127.0.0.1:${port}`,
|
|
257
|
+
"-o",
|
|
258
|
+
"StrictHostKeyChecking=no",
|
|
259
|
+
// Detect dead connections quickly and exit so we can reconnect.
|
|
260
|
+
"-o",
|
|
261
|
+
"ServerAliveInterval=30",
|
|
262
|
+
"-o",
|
|
263
|
+
"ServerAliveCountMax=3",
|
|
264
|
+
"-o",
|
|
265
|
+
"ExitOnForwardFailure=yes",
|
|
266
|
+
"serveo.net",
|
|
267
|
+
];
|
|
268
|
+
const child = spawn("ssh", args, { shell: false });
|
|
269
|
+
this.child = child;
|
|
270
|
+
// A fatal config error (subdomain taken / key not registered) must not be
|
|
271
|
+
// retried in a tight loop — only transient drops should reconnect.
|
|
272
|
+
let fatal = false;
|
|
273
|
+
const onData = (buf) => {
|
|
274
|
+
const text = buf.toString("utf8");
|
|
275
|
+
// ポートフォワーディング失敗を検出
|
|
276
|
+
if (text.includes("remote port forwarding failed") && this.info.status !== "error") {
|
|
277
|
+
log.warn("Serveo port forwarding failed. Subdomain might be in use.");
|
|
278
|
+
fatal = true;
|
|
279
|
+
this.info = {
|
|
280
|
+
provider: "serveo",
|
|
281
|
+
status: "error",
|
|
282
|
+
error: "Serveo port forwarding failed. Subdomain might be in use. Please try restarting the tunnel in a few seconds.",
|
|
283
|
+
};
|
|
284
|
+
this.clearTunnelTimeout();
|
|
285
|
+
this.killChild();
|
|
286
|
+
settle();
|
|
287
|
+
return;
|
|
288
|
+
}
|
|
289
|
+
// 固定サブドメインの利用には SSH 公開鍵の登録が必要。未登録だと毎回ランダムな
|
|
290
|
+
// ホストが割り当てられ、再起動のたびに URL が変わってしまう(ChatGPT コネクタが壊れる)。
|
|
291
|
+
// 登録用 URL を添えてエラーにし、ユーザーに一度きりの登録を促す。
|
|
292
|
+
if (cfg.subdomain &&
|
|
293
|
+
/register your SSH public key/i.test(text) &&
|
|
294
|
+
this.info.status !== "running" &&
|
|
295
|
+
this.info.status !== "error") {
|
|
296
|
+
const consoleUrl = text.match(/https:\/\/console\.serveo\.net\/ssh\/keys\?add=\S+/i)?.[0];
|
|
297
|
+
fatal = true;
|
|
298
|
+
this.info = {
|
|
299
|
+
provider: "serveo",
|
|
300
|
+
status: "error",
|
|
301
|
+
error: `Serveo requires a one-time SSH key registration to reserve the fixed subdomain "${cfg.subdomain}". ` +
|
|
302
|
+
(consoleUrl
|
|
303
|
+
? `Open ${consoleUrl} and sign in with Google/GitHub, then restart the tunnel.`
|
|
304
|
+
: "Visit https://console.serveo.net/ssh/keys and register your SSH public key, then restart the tunnel."),
|
|
305
|
+
};
|
|
306
|
+
this.clearTunnelTimeout();
|
|
307
|
+
settle();
|
|
308
|
+
return;
|
|
309
|
+
}
|
|
310
|
+
// Serveo が出力する転送 URL をそのまま使う。実際の公開ホストは
|
|
311
|
+
// <subdomain>.serveousercontent.com で、ここを .serveo.net に書き換えると
|
|
312
|
+
// 警告ページ (302) に飛んでしまい /healthz が到達不能になる。
|
|
313
|
+
const m = text.match(/Forwarding HTTP traffic from (https:\/\/\S+)/i);
|
|
314
|
+
if (m && this.info.status !== "running" && this.info.status !== "error") {
|
|
315
|
+
this.info = { provider: "serveo", url: m[1], status: "running" };
|
|
316
|
+
this.clearTunnelTimeout();
|
|
317
|
+
settle();
|
|
318
|
+
}
|
|
319
|
+
};
|
|
320
|
+
child.stdout.on("data", onData);
|
|
321
|
+
child.stderr.on("data", onData);
|
|
322
|
+
child.on("error", (e) => {
|
|
323
|
+
this.info = { provider: "serveo", status: "error", error: e.message };
|
|
324
|
+
settle();
|
|
325
|
+
});
|
|
326
|
+
child.on("close", () => {
|
|
327
|
+
if (this.stopped || fatal)
|
|
328
|
+
return;
|
|
329
|
+
// The ssh process exited unexpectedly while we should be serving — the
|
|
330
|
+
// gateway is still up, so reconnect to restore the public URL.
|
|
331
|
+
log.warn("Serveo tunnel dropped; reconnecting in 3s…");
|
|
332
|
+
this.child = undefined;
|
|
333
|
+
this.reconnectTimer = setTimeout(() => this.spawnServeo(port, settle), 3000);
|
|
334
|
+
});
|
|
335
|
+
this.clearTunnelTimeout();
|
|
336
|
+
this.timeoutId = setTimeout(() => {
|
|
337
|
+
if (this.info.status !== "running" && this.info.status !== "error") {
|
|
338
|
+
if (cfg.subdomain) {
|
|
339
|
+
this.info = {
|
|
340
|
+
provider: "serveo",
|
|
341
|
+
url: cfg.publicUrl || `https://${cfg.subdomain}.serveousercontent.com`,
|
|
342
|
+
status: "running",
|
|
343
|
+
};
|
|
344
|
+
settle();
|
|
345
|
+
}
|
|
346
|
+
else {
|
|
347
|
+
this.info = { provider: "serveo", status: "error", error: "Timed out waiting for serveo URL." };
|
|
348
|
+
settle();
|
|
349
|
+
}
|
|
350
|
+
}
|
|
351
|
+
}, 20_000);
|
|
352
|
+
}
|
|
353
|
+
clearTunnelTimeout() {
|
|
354
|
+
if (this.timeoutId) {
|
|
355
|
+
clearTimeout(this.timeoutId);
|
|
356
|
+
this.timeoutId = undefined;
|
|
357
|
+
}
|
|
358
|
+
}
|
|
359
|
+
killChild() {
|
|
360
|
+
if (!this.child)
|
|
361
|
+
return;
|
|
362
|
+
try {
|
|
363
|
+
this.child.stdout?.removeAllListeners();
|
|
364
|
+
this.child.stderr?.removeAllListeners();
|
|
365
|
+
this.child.removeAllListeners();
|
|
366
|
+
this.child.kill("SIGTERM");
|
|
367
|
+
}
|
|
368
|
+
catch {
|
|
369
|
+
// ignore
|
|
370
|
+
}
|
|
371
|
+
this.child = undefined;
|
|
372
|
+
}
|
|
97
373
|
stop() {
|
|
374
|
+
this.stopped = true;
|
|
375
|
+
if (this.reconnectTimer) {
|
|
376
|
+
clearTimeout(this.reconnectTimer);
|
|
377
|
+
this.reconnectTimer = undefined;
|
|
378
|
+
}
|
|
379
|
+
this.clearTunnelTimeout();
|
|
98
380
|
if (this.child) {
|
|
99
381
|
log.info("stopping tunnel");
|
|
100
|
-
this.
|
|
101
|
-
this.child = undefined;
|
|
382
|
+
this.killChild();
|
|
102
383
|
}
|
|
103
384
|
this.info = { provider: this.info.provider, status: "stopped" };
|
|
104
385
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tunnel-manager.js","sourceRoot":"","sources":["../../src/managers/tunnel-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAqB,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAe,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;AASnC;;;GAGG;AACH,MAAM,OAAO,aAAa;IAIK;IAHrB,KAAK,CAAgB;IACrB,IAAI,GAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAEnE,YAA6B,MAAoB;QAApB,WAAM,GAAN,MAAM,CAAc;IAAG,CAAC;IAErD,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,IAAY;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;QACjC,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;YAClB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,eAAe,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;YACjF,OAAO,IAAI,CAAC,IAAI,CAAC;QACnB,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,aAAa,IAAI,CAAC,MAAM,aAAa,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAC/D,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QACD,YAAY;QACZ,IAAI,MAAM,aAAa,CAAC,aAAa,CAAC;YAAE,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC3E,IAAI,MAAM,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAE/D,IAAI,CAAC,IAAI,GAAG;YACV,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,OAAO;YACf,KAAK,EACH,kHAAkH;SACrH,CAAC;QACF,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAEO,gBAAgB,CAAC,IAAY;QACnC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YAC5D,MAAM,KAAK,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,oBAAoB,IAAI,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YACtG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YACnB,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;gBAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBAClE,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACxC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;oBACtE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,CAAC;YACF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC3E,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC,CAAC,CAAC;YACH,UAAU,CAAC,GAAG,EAAE;gBACd,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;oBACrG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,EAAE,MAAM,CAAC,CAAC;QACb,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,UAAU,CAAC,IAAY;QAC7B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YACtD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YAC1F,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YACnB,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;gBAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAC1E,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACxC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;oBAChE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,CAAC;YACF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBACrE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC,CAAC,CAAC;YACH,UAAU,CAAC,GAAG,EAAE;gBACd,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC;oBAC9F,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,EAAE,MAAM,CAAC,CAAC;QACb,CAAC,CAAC,CAAC;IACL,CAAC;IAED,IAAI;QACF,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC;QACzB,CAAC;QACD,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAClE,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"tunnel-manager.js","sourceRoot":"","sources":["../../src/managers/tunnel-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAqB,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAe,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;AASnC;;;GAGG;AACH,MAAM,OAAO,aAAa;IAUL;IACA;IAVX,KAAK,CAAgB;IACrB,IAAI,GAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAC3D,SAAS,CAAkB;IACnC,0EAA0E;IAClE,OAAO,GAAG,KAAK,CAAC;IACxB,2DAA2D;IACnD,cAAc,CAAkB;IAExC,YACmB,MAAoB,EACpB,YAA+C;QAD/C,WAAM,GAAN,MAAM,CAAc;QACpB,iBAAY,GAAZ,YAAY,CAAmC;IAC/D,CAAC;IAEJ,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,IAAY;QACtB,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;QACjC,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;YAClB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,eAAe,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;YACjF,OAAO,IAAI,CAAC,IAAI,CAAC;QACnB,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,aAAa,IAAI,CAAC,MAAM,aAAa,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAC/D,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,aAAa,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YAC9D,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,YAAY;QACZ,IAAI,MAAM,aAAa,CAAC,aAAa,CAAC;YAAE,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC3E,IAAI,MAAM,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC/D,IAAI,MAAM,aAAa,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAE9D,IAAI,CAAC,IAAI,GAAG;YACV,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,OAAO;YACf,KAAK,EACH,kHAAkH;SACrH,CAAC;QACF,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAEO,gBAAgB,CAAC,IAAY;QACnC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;YACjC,IAAI,IAAc,CAAC;YACnB,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gBACd,IAAI,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACjD,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,oBAAoB,IAAI,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YAC3D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YAEnB,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gBACd,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,IAAI,mBAAmB,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;gBACtG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACnB,OAAO;YACT,CAAC;YAED,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;gBAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBAClE,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACxC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;oBACtE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,CAAC;YACF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC3E,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC/B,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;oBACrG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,EAAE,MAAM,CAAC,CAAC;QACb,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,UAAU,CAAC,IAAY;QAC7B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YACtD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACvD,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;gBACf,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YACpC,CAAC;YACD,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gBACd,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YACnB,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;gBAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAC1E,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACxC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;oBAChE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,CAAC;YACF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBACrE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC/B,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACnC,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;wBACf,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,IAAI,WAAW,GAAG,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;wBACpG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACrB,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC;wBAC9F,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACrB,CAAC;gBACH,CAAC;YACH,CAAC,EAAE,MAAM,CAAC,CAAC;QACb,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,IAAY;QACzC,MAAM,aAAa,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,YAAY;QACjD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,aAAa;QACvC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,OAAO,IAAI,EAAE,CAAC;YACZ,OAAO,EAAE,CAAC;YACV,GAAG,CAAC,IAAI,CAAC,gCAAgC,OAAO,KAAK,CAAC,CAAC;YACvD,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;gBAE5D,IAAI,UAAU,CAAC,MAAM,KAAK,SAAS,IAAI,UAAU,CAAC,GAAG,EAAE,CAAC;oBACtD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;oBACjC,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC;oBACnC,MAAM,iBAAiB,GAAG,WAAW,CAAC,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;oBAC9E,MAAM,kBAAkB,GAAG,GAAG,CAAC,SAAS,CAAC;oBAEzC,IAAI,kBAAkB,IAAI,iBAAiB,IAAI,iBAAiB,KAAK,kBAAkB,EAAE,CAAC;wBACxF,iEAAiE;wBACjE,qEAAqE;wBACrE,qEAAqE;wBACrE,qEAAqE;wBACrE,mEAAmE;wBACnE,iEAAiE;wBACjE,GAAG,CAAC,IAAI,CACN,cAAc,kBAAkB,6BAA6B,iBAAiB,MAAM;4BAClF,+DAA+D,UAAU,GAAG,IAAI,MAAM,CACzF,CAAC;wBACF,IAAI,CAAC,IAAI,EAAE,CAAC;wBACZ,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,IAAI,aAAa,EAAE,CAAC;4BAC5C,OAAO;gCACL,QAAQ,EAAE,aAAa;gCACvB,MAAM,EAAE,OAAO;gCACf,KAAK,EAAE,cAAc,kBAAkB,qCAAqC,aAAa,GAAG,IAAI,IAAI;6BACrG,CAAC;wBACJ,CAAC;wBACD,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;wBACpD,SAAS;oBACX,CAAC;oBAED,OAAO,UAAU,CAAC;gBACpB,CAAC;gBAED,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC,KAAK,IAAI,+BAA+B,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,GAAG,CAAC,IAAI,CAAC,6BAA6B,GAAG,CAAC,OAAO,sBAAsB,CAAC,CAAC;gBACzE,IAAI,CAAC,IAAI,EAAE,CAAC;gBACZ,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,IAAI,aAAa,EAAE,CAAC;oBAC5C,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,qCAAqC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC;oBACpH,OAAO,IAAI,CAAC,IAAI,CAAC;gBACnB,CAAC;gBACD,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;IACH,CAAC;IAEO,uBAAuB,CAAC,IAAY;QAC1C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;YACrD,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;gBAClB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;YAC1C,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YAClD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YACnB,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;gBAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAC1E,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACxC,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;oBACtE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC,CAAC;YACF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAChC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC3E,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC/B,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACnC,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;wBAClB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,IAAI,WAAW,GAAG,CAAC,SAAS,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;wBACrH,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACrB,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,wCAAwC,EAAE,CAAC;wBAC1G,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACrB,CAAC;gBACH,CAAC;YACH,CAAC,EAAE,MAAM,CAAC,CAAC;QACb,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,WAAW,CAAC,IAAY;QAC9B,4EAA4E;QAC5E,0EAA0E;QAC1E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,MAAM,MAAM,GAAG,GAAG,EAAE;gBAClB,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrB,CAAC,CAAC;YACF,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACK,WAAW,CAAC,IAAY,EAAE,MAAkB;QAClD,IAAI,IAAI,CAAC,OAAO;YAAE,OAAO;QACzB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QACvD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC;QACjC,MAAM,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,GAAG;YACX,IAAI;YACJ,GAAG,SAAS,gBAAgB,IAAI,EAAE;YAClC,IAAI;YACJ,0BAA0B;YAC1B,gEAAgE;YAChE,IAAI;YACJ,wBAAwB;YACxB,IAAI;YACJ,uBAAuB;YACvB,IAAI;YACJ,0BAA0B;YAC1B,YAAY;SACb,CAAC;QACF,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,0EAA0E;QAC1E,mEAAmE;QACnE,IAAI,KAAK,GAAG,KAAK,CAAC;QAElB,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAElC,mBAAmB;YACnB,IAAI,IAAI,CAAC,QAAQ,CAAC,+BAA+B,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBACnF,GAAG,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAC;gBACtE,KAAK,GAAG,IAAI,CAAC;gBACb,IAAI,CAAC,IAAI,GAAG;oBACV,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,OAAO;oBACf,KAAK,EAAE,8GAA8G;iBACtH,CAAC;gBACF,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC1B,IAAI,CAAC,SAAS,EAAE,CAAC;gBACjB,MAAM,EAAE,CAAC;gBACT,OAAO;YACT,CAAC;YAED,2CAA2C;YAC3C,qDAAqD;YACrD,qCAAqC;YACrC,IACE,GAAG,CAAC,SAAS;gBACb,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC;gBAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS;gBAC9B,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAC5B,CAAC;gBACD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,qDAAqD,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC1F,KAAK,GAAG,IAAI,CAAC;gBACb,IAAI,CAAC,IAAI,GAAG;oBACV,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,OAAO;oBACf,KAAK,EACH,mFAAmF,GAAG,CAAC,SAAS,KAAK;wBACrG,CAAC,UAAU;4BACT,CAAC,CAAC,QAAQ,UAAU,2DAA2D;4BAC/E,CAAC,CAAC,sGAAsG,CAAC;iBAC9G,CAAC;gBACF,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC1B,MAAM,EAAE,CAAC;gBACT,OAAO;YACT,CAAC;YAED,uCAAuC;YACvC,8DAA8D;YAC9D,yCAAyC;YACzC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACtE,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBACxE,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;gBACjE,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC1B,MAAM,EAAE,CAAC;YACX,CAAC;QACH,CAAC,CAAC;QAEF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAChC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAChC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE;YACtB,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;YACtE,MAAM,EAAE,CAAC;QACX,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACrB,IAAI,IAAI,CAAC,OAAO,IAAI,KAAK;gBAAE,OAAO;YAClC,uEAAuE;YACvE,+DAA+D;YAC/D,GAAG,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;YACvD,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC;YACvB,IAAI,CAAC,cAAc,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;QAC/E,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC1B,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;YAC/B,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBACnE,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;oBAClB,IAAI,CAAC,IAAI,GAAG;wBACV,QAAQ,EAAE,QAAQ;wBAClB,GAAG,EAAE,GAAG,CAAC,SAAS,IAAI,WAAW,GAAG,CAAC,SAAS,wBAAwB;wBACtE,MAAM,EAAE,SAAS;qBAClB,CAAC;oBACF,MAAM,EAAE,CAAC;gBACX,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;oBAChG,MAAM,EAAE,CAAC;gBACX,CAAC;YACH,CAAC;QACH,CAAC,EAAE,MAAM,CAAC,CAAC;IACb,CAAC;IAEO,kBAAkB;QACxB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC7B,CAAC;IACH,CAAC;IAEO,SAAS;QACf,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO;QACxB,IAAI,CAAC;YACH,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,kBAAkB,EAAE,CAAC;YACxC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,kBAAkB,EAAE,CAAC;YACxC,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC;IACzB,CAAC;IAED,IAAI;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAClC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAC;QAClC,CAAC;QACD,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC5B,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAClE,CAAC;CACF"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import type { SecurityMode } from "@localant/shared";
|
|
1
2
|
export declare class CommandRejectedError extends Error {
|
|
2
3
|
constructor(message: string);
|
|
3
4
|
}
|
|
@@ -16,7 +17,9 @@ export declare function parseCommand(input: string): ParsedCommand;
|
|
|
16
17
|
export declare class CommandGuard {
|
|
17
18
|
private allowedCommands;
|
|
18
19
|
private blockedTokens;
|
|
20
|
+
private mode;
|
|
19
21
|
constructor(allowedCommands: string[], blockedTokens: string[]);
|
|
22
|
+
setMode(mode: SecurityMode): void;
|
|
20
23
|
setAllowed(commands: string[]): void;
|
|
21
24
|
setBlocked(tokens: string[]): void;
|
|
22
25
|
allowed(): string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"command-guard.d.ts","sourceRoot":"","sources":["../../src/security/command-guard.ts"],"names":[],"mappings":"AAAA,qBAAa,oBAAqB,SAAQ,KAAK;gBACjC,OAAO,EAAE,MAAM;CAI5B;AAED,MAAM,WAAW,aAAa;IAC5B,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,8EAA8E;IAC9E,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,aAAa,CAWzD;AAQD,qBAAa,YAAY;
|
|
1
|
+
{"version":3,"file":"command-guard.d.ts","sourceRoot":"","sources":["../../src/security/command-guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,qBAAa,oBAAqB,SAAQ,KAAK;gBACjC,OAAO,EAAE,MAAM;CAI5B;AAED,MAAM,WAAW,aAAa;IAC5B,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,8EAA8E;IAC9E,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,aAAa,CAWzD;AAQD,qBAAa,YAAY;IAMrB,OAAO,CAAC,eAAe;IACvB,OAAO,CAAC,aAAa;IAJvB,OAAO,CAAC,IAAI,CAA0B;gBAG5B,eAAe,EAAE,MAAM,EAAE,EACzB,aAAa,EAAE,MAAM,EAAE;IAGjC,OAAO,CAAC,IAAI,EAAE,YAAY,GAAG,IAAI;IAIjC,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI;IAGpC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI;IAGlC,OAAO,IAAI,MAAM,EAAE;IAInB;;;;;;;OAOG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IA4CpC,0FAA0F;IAC1F,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;CAaxC"}
|
|
@@ -30,10 +30,16 @@ function hasDangerousMetachars(input) {
|
|
|
30
30
|
export class CommandGuard {
|
|
31
31
|
allowedCommands;
|
|
32
32
|
blockedTokens;
|
|
33
|
+
// Fail closed: a freshly constructed guard is strict until the gateway applies
|
|
34
|
+
// the configured mode. The product-level default (`open`) lives in the config.
|
|
35
|
+
mode = "strict";
|
|
33
36
|
constructor(allowedCommands, blockedTokens) {
|
|
34
37
|
this.allowedCommands = allowedCommands;
|
|
35
38
|
this.blockedTokens = blockedTokens;
|
|
36
39
|
}
|
|
40
|
+
setMode(mode) {
|
|
41
|
+
this.mode = mode;
|
|
42
|
+
}
|
|
37
43
|
setAllowed(commands) {
|
|
38
44
|
this.allowedCommands = commands;
|
|
39
45
|
}
|
|
@@ -77,13 +83,15 @@ export class CommandGuard {
|
|
|
77
83
|
throw new CommandRejectedError("Command rejected: 'chmod 777' is blocked.");
|
|
78
84
|
}
|
|
79
85
|
// Must match an allowlisted prefix.
|
|
80
|
-
|
|
81
|
-
const
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
86
|
+
if (this.mode === "strict") {
|
|
87
|
+
const ok = this.allowedCommands.some((cmd) => {
|
|
88
|
+
const c = cmd.trim().replace(/\s+/g, " ").toLowerCase();
|
|
89
|
+
const n = normalized.toLowerCase();
|
|
90
|
+
return n === c || n.startsWith(c + " ");
|
|
91
|
+
});
|
|
92
|
+
if (!ok) {
|
|
93
|
+
throw new CommandRejectedError(`Command rejected: '${normalized}' is not in the allowed command list. Use shell_request_command_approval to request it.`);
|
|
94
|
+
}
|
|
87
95
|
}
|
|
88
96
|
return normalized;
|
|
89
97
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"command-guard.js","sourceRoot":"","sources":["../../src/security/command-guard.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"command-guard.js","sourceRoot":"","sources":["../../src/security/command-guard.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAC7C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AASD;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACrD,yDAAyD;IACzD,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpE,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YACzC,IAAI,IAAI;gBAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IACD,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;AAChC,CAAC;AAED,+EAA+E;AAC/E,SAAS,qBAAqB,CAAC,KAAa;IAC1C,oEAAoE;IACpE,OAAO,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,OAAO,YAAY;IAMb;IACA;IANV,+EAA+E;IAC/E,+EAA+E;IACvE,IAAI,GAAiB,QAAQ,CAAC;IAEtC,YACU,eAAyB,EACzB,aAAuB;QADvB,oBAAe,GAAf,eAAe,CAAU;QACzB,kBAAa,GAAb,aAAa,CAAU;IAC9B,CAAC;IAEJ,OAAO,CAAC,IAAkB;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,UAAU,CAAC,QAAkB;QAC3B,IAAI,CAAC,eAAe,GAAG,QAAQ,CAAC;IAClC,CAAC;IACD,UAAU,CAAC,MAAgB;QACzB,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC;IAC9B,CAAC;IACD,OAAO;QACL,OAAO,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAED;;;;;;;OAOG;IACH,aAAa,CAAC,KAAa;QACzB,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnD,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;QAElE,IAAI,qBAAqB,CAAC,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,oBAAoB,CAAC,+EAA+E,CAAC,CAAC;QAClH,CAAC;QAED,qEAAqE;QACrE,IAAI,sBAAsB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,oBAAoB,CAAC,wEAAwE,CAAC,CAAC;QAC3G,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAC/D,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACzB,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,IAAI,oBAAoB,CAAC,sBAAsB,GAAG,yBAAyB,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;QACD,mEAAmE;QACnE,IAAI,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,sDAAsD,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACzG,MAAM,IAAI,oBAAoB,CAAC,qDAAqD,CAAC,CAAC;QACxF,CAAC;QACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,oBAAoB,CAAC,2CAA2C,CAAC,CAAC;QAC9E,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC3B,MAAM,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;gBAC3C,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBACxD,MAAM,CAAC,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;gBACnC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC;YAC1C,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,EAAE,EAAE,CAAC;gBACR,MAAM,IAAI,oBAAoB,CAC5B,sBAAsB,UAAU,yFAAyF,CAC1H,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,0FAA0F;IAC1F,gBAAgB,CAAC,KAAa;QAC5B,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAC/D,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACzB,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,IAAI,oBAAoB,CAAC,sBAAsB,GAAG,6CAA6C,CAAC,CAAC;YACzG,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACrE,MAAM,IAAI,oBAAoB,CAAC,4DAA4D,CAAC,CAAC;QAC/F,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;CACF"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { type SecurityMode } from "@localant/shared";
|
|
1
2
|
export declare class PathAccessError extends Error {
|
|
2
3
|
constructor(message: string);
|
|
3
4
|
}
|
|
@@ -11,7 +12,9 @@ export declare class PathAccessError extends Error {
|
|
|
11
12
|
export declare class PathGuard {
|
|
12
13
|
private allowedDirs;
|
|
13
14
|
private readonly blocklist;
|
|
15
|
+
private mode;
|
|
14
16
|
constructor(allowedDirs: string[]);
|
|
17
|
+
setMode(mode: SecurityMode): void;
|
|
15
18
|
setAllowedDirectories(dirs: string[]): void;
|
|
16
19
|
allowed(): string[];
|
|
17
20
|
private inBlocklist;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"path-guard.d.ts","sourceRoot":"","sources":["../../src/security/path-guard.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"path-guard.d.ts","sourceRoot":"","sources":["../../src/security/path-guard.ts"],"names":[],"mappings":"AAGA,OAAO,EAAsB,KAAK,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEzE,qBAAa,eAAgB,SAAQ,KAAK;gBAC5B,OAAO,EAAE,MAAM;CAI5B;AAkBD;;;;;;GAMG;AACH,qBAAa,SAAS;IAMR,OAAO,CAAC,WAAW;IAL/B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAW;IAGrC,OAAO,CAAC,IAAI,CAA0B;gBAElB,WAAW,EAAE,MAAM,EAAE;IAIzC,OAAO,CAAC,IAAI,EAAE,YAAY,GAAG,IAAI;IAIjC,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI;IAI3C,OAAO,IAAI,MAAM,EAAE;IAInB,OAAO,CAAC,WAAW;IAInB,OAAO,CAAC,WAAW;IAInB;;;;OAIG;IACH,OAAO,CAAC,mBAAmB;IAmB3B;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,MAAM;CAwBhE"}
|
|
@@ -33,10 +33,16 @@ function isWithin(parent, child) {
|
|
|
33
33
|
export class PathGuard {
|
|
34
34
|
allowedDirs;
|
|
35
35
|
blocklist;
|
|
36
|
+
// Fail closed: a freshly constructed guard is strict until the gateway applies
|
|
37
|
+
// the configured mode. The product-level default (`open`) lives in the config.
|
|
38
|
+
mode = "strict";
|
|
36
39
|
constructor(allowedDirs) {
|
|
37
40
|
this.allowedDirs = allowedDirs;
|
|
38
41
|
this.blocklist = sensitiveBlocklist().map(normalizeAbs);
|
|
39
42
|
}
|
|
43
|
+
setMode(mode) {
|
|
44
|
+
this.mode = mode;
|
|
45
|
+
}
|
|
40
46
|
setAllowedDirectories(dirs) {
|
|
41
47
|
this.allowedDirs = dirs;
|
|
42
48
|
}
|
|
@@ -83,7 +89,7 @@ export class PathGuard {
|
|
|
83
89
|
if (this.inBlocklist(resolved)) {
|
|
84
90
|
throw new PathAccessError(`Access denied: '${requested}' is in the sensitive blocklist.`);
|
|
85
91
|
}
|
|
86
|
-
if (!this.inAllowlist(resolved)) {
|
|
92
|
+
if (this.mode === "strict" && !this.inAllowlist(resolved)) {
|
|
87
93
|
throw new PathAccessError(`Access denied: '${requested}' is outside the allowed directories. Add it with fs_add_allowed_directory.`);
|
|
88
94
|
}
|
|
89
95
|
// Re-check after resolving symlinks on existing ancestors.
|
|
@@ -91,7 +97,7 @@ export class PathGuard {
|
|
|
91
97
|
if (this.inBlocklist(real)) {
|
|
92
98
|
throw new PathAccessError(`Access denied: '${requested}' resolves (via symlink) into a sensitive path.`);
|
|
93
99
|
}
|
|
94
|
-
if (!this.inAllowlist(real)) {
|
|
100
|
+
if (this.mode === "strict" && !this.inAllowlist(real)) {
|
|
95
101
|
throw new PathAccessError(`Access denied: '${requested}' resolves (via symlink) outside allowed directories.`);
|
|
96
102
|
}
|
|
97
103
|
void mode; // mode-specific policy is enforced by callers / permission engine.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"path-guard.js","sourceRoot":"","sources":["../../src/security/path-guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,kBAAkB,
|
|
1
|
+
{"version":3,"file":"path-guard.js","sourceRoot":"","sources":["../../src/security/path-guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,kBAAkB,EAAqB,MAAM,kBAAkB,CAAC;AAEzE,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,IAAI,CAAC,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC,OAAO,EAAE,CAAC;IACnC,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1F,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AAED,iFAAiF;AACjF,SAAS,QAAQ,CAAC,MAAc,EAAE,KAAa;IAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACzC,OAAO,GAAG,KAAK,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;AACxE,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,SAAS;IAMA;IALH,SAAS,CAAW;IACrC,+EAA+E;IAC/E,+EAA+E;IACvE,IAAI,GAAiB,QAAQ,CAAC;IAEtC,YAAoB,WAAqB;QAArB,gBAAW,GAAX,WAAW,CAAU;QACvC,IAAI,CAAC,SAAS,GAAG,kBAAkB,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,CAAC,IAAkB;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,qBAAqB,CAAC,IAAc;QAClC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;IAED,OAAO;QACL,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC5C,CAAC;IAEO,WAAW,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC3D,CAAC;IAEO,WAAW,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC/D,CAAC;IAED;;;;OAIG;IACK,mBAAmB,CAAC,QAAgB;QAC1C,IAAI,OAAO,GAAG,QAAQ,CAAC;QACvB,MAAM,IAAI,GAAa,EAAE,CAAC;QAC1B,oDAAoD;QACpD,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACrC,IAAI,MAAM,KAAK,OAAO;gBAAE,MAAM;YAC9B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YACrC,OAAO,GAAG,MAAM,CAAC;QACnB,CAAC;QACD,IAAI,IAAY,CAAC;QACjB,IAAI,CAAC;YACH,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,GAAG,OAAO,CAAC;QACjB,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACvD,CAAC;IAED;;;OAGG;IACH,YAAY,CAAC,SAAiB,EAAE,IAAsB;QACpD,MAAM,QAAQ,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,eAAe,CAAC,mBAAmB,SAAS,kCAAkC,CAAC,CAAC;QAC5F,CAAC;QACD,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,eAAe,CACvB,mBAAmB,SAAS,6EAA6E,CAC1G,CAAC;QACJ,CAAC;QAED,2DAA2D;QAC3D,MAAM,IAAI,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAChD,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,eAAe,CAAC,mBAAmB,SAAS,iDAAiD,CAAC,CAAC;QAC3G,CAAC;QACD,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,eAAe,CAAC,mBAAmB,SAAS,uDAAuD,CAAC,CAAC;QACjH,CAAC;QAED,KAAK,IAAI,CAAC,CAAC,mEAAmE;QAC9E,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}
|
|
@@ -2,6 +2,8 @@ import { type Config, type AppPaths } from "@localant/shared";
|
|
|
2
2
|
/** Loads, persists and initializes on-disk configuration and identity files. */
|
|
3
3
|
export declare class ConfigStore {
|
|
4
4
|
readonly paths: AppPaths;
|
|
5
|
+
/** True only when using the real default location (not an explicit test base). */
|
|
6
|
+
private readonly isDefaultLocation;
|
|
5
7
|
constructor(base?: string);
|
|
6
8
|
/** Create config dir tree and default files if missing. Idempotent. */
|
|
7
9
|
ensureInitialized(): void;
|
|
@@ -10,5 +12,13 @@ export declare class ConfigStore {
|
|
|
10
12
|
/** Immutably merge a partial patch into config and persist. */
|
|
11
13
|
update(patch: Partial<Config>): Config;
|
|
12
14
|
getToken(): string;
|
|
15
|
+
/** Read the dedicated vault key (base64). Independent of the auth token. */
|
|
16
|
+
getVaultKey(): Buffer;
|
|
17
|
+
/**
|
|
18
|
+
* Generate a fresh auth token and persist it. Returns the new token. Because
|
|
19
|
+
* the vault key is stored separately, rotating the token does NOT invalidate
|
|
20
|
+
* stored secrets.
|
|
21
|
+
*/
|
|
22
|
+
rotateToken(): string;
|
|
13
23
|
}
|
|
14
24
|
//# sourceMappingURL=config-store.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config-store.d.ts","sourceRoot":"","sources":["../../src/stores/config-store.ts"],"names":[],"mappings":"AAGA,OAAO,EAAgB,KAAK,MAAM,
|
|
1
|
+
{"version":3,"file":"config-store.d.ts","sourceRoot":"","sources":["../../src/stores/config-store.ts"],"names":[],"mappings":"AAGA,OAAO,EAAgB,KAAK,MAAM,EAAmD,KAAK,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE7H,gFAAgF;AAChF,qBAAa,WAAW;IACtB,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC;IACzB,kFAAkF;IAClF,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAU;gBAEhC,IAAI,CAAC,EAAE,MAAM;IAKzB,uEAAuE;IACvE,iBAAiB,IAAI,IAAI;IAqCzB,IAAI,IAAI,MAAM;IAwBd,IAAI,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM;IAM5B,+DAA+D;IAC/D,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM;IAKtC,QAAQ,IAAI,MAAM;IAIlB,4EAA4E;IAC5E,WAAW,IAAI,MAAM;IAIrB;;;;OAIG;IACH,WAAW,IAAI,MAAM;CAKtB"}
|