npm - mates-fullstack - Versions diffs - 1.0.0-beta.1 - Mend

mates-fullstack 1.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (202) hide show

package/README.md +311 -0
package/dist/arctic-auth.d.ts +101 -0
package/dist/arctic-auth.d.ts.map +1 -0
package/dist/arctic-auth.js +538 -0
package/dist/arctic-auth.js.map +1 -0
package/dist/asset-manifest.d.ts +14 -0
package/dist/asset-manifest.d.ts.map +1 -0
package/dist/asset-manifest.js +102 -0
package/dist/asset-manifest.js.map +1 -0
package/dist/browser.d.ts +18 -0
package/dist/browser.d.ts.map +1 -0
package/dist/browser.js +25 -0
package/dist/browser.js.map +1 -0
package/dist/build-esbuild.d.ts +29 -0
package/dist/build-esbuild.d.ts.map +1 -0
package/dist/build-esbuild.js +699 -0
package/dist/build-esbuild.js.map +1 -0
package/dist/build-prod.d.ts +126 -0
package/dist/build-prod.d.ts.map +1 -0
package/dist/build-prod.js +1014 -0
package/dist/build-prod.js.map +1 -0
package/dist/cli-new.d.ts +14 -0
package/dist/cli-new.d.ts.map +1 -0
package/dist/cli-new.js +637 -0
package/dist/cli-new.js.map +1 -0
package/dist/client.d.ts +43 -0
package/dist/client.d.ts.map +1 -0
package/dist/client.js +130 -0
package/dist/client.js.map +1 -0
package/dist/cors.d.ts +16 -0
package/dist/cors.d.ts.map +1 -0
package/dist/cors.js +60 -0
package/dist/cors.js.map +1 -0
package/dist/ctx.d.ts +78 -0
package/dist/ctx.d.ts.map +1 -0
package/dist/ctx.js +280 -0
package/dist/ctx.js.map +1 -0
package/dist/dev-watcher.d.ts +23 -0
package/dist/dev-watcher.d.ts.map +1 -0
package/dist/dev-watcher.js +136 -0
package/dist/dev-watcher.js.map +1 -0
package/dist/docs-generator.d.ts +69 -0
package/dist/docs-generator.d.ts.map +1 -0
package/dist/docs-generator.js +557 -0
package/dist/docs-generator.js.map +1 -0
package/dist/docs-page.d.ts +20 -0
package/dist/docs-page.d.ts.map +1 -0
package/dist/docs-page.js +1152 -0
package/dist/docs-page.js.map +1 -0
package/dist/download.d.ts +78 -0
package/dist/download.d.ts.map +1 -0
package/dist/download.js +202 -0
package/dist/download.js.map +1 -0
package/dist/env-loader.d.ts +76 -0
package/dist/env-loader.d.ts.map +1 -0
package/dist/env-loader.js +213 -0
package/dist/env-loader.js.map +1 -0
package/dist/errors.d.ts +146 -0
package/dist/errors.d.ts.map +1 -0
package/dist/errors.js +386 -0
package/dist/errors.js.map +1 -0
package/dist/head.d.ts +31 -0
package/dist/head.d.ts.map +1 -0
package/dist/head.js +245 -0
package/dist/head.js.map +1 -0
package/dist/index.d.ts +30 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +30 -0
package/dist/index.js.map +1 -0
package/dist/internal-prefixes.d.ts +16 -0
package/dist/internal-prefixes.d.ts.map +1 -0
package/dist/internal-prefixes.js +16 -0
package/dist/internal-prefixes.js.map +1 -0
package/dist/internal.d.ts +25 -0
package/dist/internal.d.ts.map +1 -0
package/dist/internal.js +25 -0
package/dist/internal.js.map +1 -0
package/dist/jwt.d.ts +166 -0
package/dist/jwt.d.ts.map +1 -0
package/dist/jwt.js +261 -0
package/dist/jwt.js.map +1 -0
package/dist/log.d.ts +44 -0
package/dist/log.d.ts.map +1 -0
package/dist/log.js +66 -0
package/dist/log.js.map +1 -0
package/dist/logger.d.ts +76 -0
package/dist/logger.d.ts.map +1 -0
package/dist/logger.js +138 -0
package/dist/logger.js.map +1 -0
package/dist/main-runner.d.ts +59 -0
package/dist/main-runner.d.ts.map +1 -0
package/dist/main-runner.js +157 -0
package/dist/main-runner.js.map +1 -0
package/dist/mates-auth.d.ts +82 -0
package/dist/mates-auth.d.ts.map +1 -0
package/dist/mates-auth.js +323 -0
package/dist/mates-auth.js.map +1 -0
package/dist/middleware.d.ts +30 -0
package/dist/middleware.d.ts.map +1 -0
package/dist/middleware.js +67 -0
package/dist/middleware.js.map +1 -0
package/dist/project-resolver.d.ts +102 -0
package/dist/project-resolver.d.ts.map +1 -0
package/dist/project-resolver.js +271 -0
package/dist/project-resolver.js.map +1 -0
package/dist/rate-limit.d.ts +37 -0
package/dist/rate-limit.d.ts.map +1 -0
package/dist/rate-limit.js +109 -0
package/dist/rate-limit.js.map +1 -0
package/dist/redirect.d.ts +84 -0
package/dist/redirect.d.ts.map +1 -0
package/dist/redirect.js +105 -0
package/dist/redirect.js.map +1 -0
package/dist/renderer.d.ts +91 -0
package/dist/renderer.d.ts.map +1 -0
package/dist/renderer.js +630 -0
package/dist/renderer.js.map +1 -0
package/dist/request-logger.d.ts +12 -0
package/dist/request-logger.d.ts.map +1 -0
package/dist/request-logger.js +55 -0
package/dist/request-logger.js.map +1 -0
package/dist/rest.d.ts +25 -0
package/dist/rest.d.ts.map +1 -0
package/dist/rest.js +93 -0
package/dist/rest.js.map +1 -0
package/dist/router.d.ts +71 -0
package/dist/router.d.ts.map +1 -0
package/dist/router.js +222 -0
package/dist/router.js.map +1 -0
package/dist/rpc-registry.d.ts +84 -0
package/dist/rpc-registry.d.ts.map +1 -0
package/dist/rpc-registry.js +271 -0
package/dist/rpc-registry.js.map +1 -0
package/dist/rpc-runner.d.ts +82 -0
package/dist/rpc-runner.d.ts.map +1 -0
package/dist/rpc-runner.js +564 -0
package/dist/rpc-runner.js.map +1 -0
package/dist/sanitize.d.ts +61 -0
package/dist/sanitize.d.ts.map +1 -0
package/dist/sanitize.js +193 -0
package/dist/sanitize.js.map +1 -0
package/dist/security-headers.d.ts +114 -0
package/dist/security-headers.d.ts.map +1 -0
package/dist/security-headers.js +121 -0
package/dist/security-headers.js.map +1 -0
package/dist/server-fn.d.ts +323 -0
package/dist/server-fn.d.ts.map +1 -0
package/dist/server-fn.js +373 -0
package/dist/server-fn.js.map +1 -0
package/dist/server-public.d.ts +13 -0
package/dist/server-public.d.ts.map +1 -0
package/dist/server-public.js +12 -0
package/dist/server-public.js.map +1 -0
package/dist/server-timeout.d.ts +38 -0
package/dist/server-timeout.d.ts.map +1 -0
package/dist/server-timeout.js +46 -0
package/dist/server-timeout.js.map +1 -0
package/dist/server.d.ts +100 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +1218 -0
package/dist/server.js.map +1 -0
package/dist/socket-router.d.ts +153 -0
package/dist/socket-router.d.ts.map +1 -0
package/dist/socket-router.js +612 -0
package/dist/socket-router.js.map +1 -0
package/dist/sso.d.ts +90 -0
package/dist/sso.d.ts.map +1 -0
package/dist/sso.js +261 -0
package/dist/sso.js.map +1 -0
package/dist/ssr-context.d.ts +49 -0
package/dist/ssr-context.d.ts.map +1 -0
package/dist/ssr-context.js +85 -0
package/dist/ssr-context.js.map +1 -0
package/dist/ssr-globals.d.ts +32 -0
package/dist/ssr-globals.d.ts.map +1 -0
package/dist/ssr-globals.js +1010 -0
package/dist/ssr-globals.js.map +1 -0
package/dist/ssr-template.d.ts +73 -0
package/dist/ssr-template.d.ts.map +1 -0
package/dist/ssr-template.js +507 -0
package/dist/ssr-template.js.map +1 -0
package/dist/stack-mapper.d.ts +25 -0
package/dist/stack-mapper.d.ts.map +1 -0
package/dist/stack-mapper.js +139 -0
package/dist/stack-mapper.js.map +1 -0
package/dist/stream.d.ts +89 -0
package/dist/stream.d.ts.map +1 -0
package/dist/stream.js +299 -0
package/dist/stream.js.map +1 -0
package/dist/upload.d.ts +69 -0
package/dist/upload.d.ts.map +1 -0
package/dist/upload.js +110 -0
package/dist/upload.js.map +1 -0
package/dist/validate.d.ts +58 -0
package/dist/validate.d.ts.map +1 -0
package/dist/validate.js +89 -0
package/dist/validate.js.map +1 -0
package/dist/verify-package.d.ts +3 -0
package/dist/verify-package.d.ts.map +1 -0
package/dist/verify-package.js +128 -0
package/dist/verify-package.js.map +1 -0
package/package.json +79 -0

package/README.md ADDED Viewed

@@ -0,0 +1,311 @@
+# mates-fullstack
+TypeScript-first full-stack framework for Mates apps. It adds SSR, direct RPC-style server functions, raw HTTP escape hatches, WebSockets, static assets, and production builds without requiring a compiler in production.
+**Custom SSR engine** — no DOM, no happy-dom, no per-request global patching, fully concurrent. `TemplateResult` objects are serialized directly to HTML using a 300-line pure-JS serializer. No virtual DOM, no fake browser, no overhead per request.
+No JSX. No virtual DOM. No Express/Hono/Fastify. Runtime server is pure Node.js (`node:http`). Bundling and TypeScript transforms use esbuild.
+---
+## Install
+```bash
+npm install mates-fullstack-beta mates
+```
+Add scripts to your app:
+```json
+{
+  "scripts": {
+    "dev": "mates-fullstack dev",
+    "build": "mates-fullstack build",
+    "start": "mates-fullstack start"
+  }
+}
+```
+---
+## Project structure
+`mates-fullstack` is convention-based; no config file is required.
+```txt
+my-app/
+  client/
+    App.ts          # SSR root component and client router
+    client.ts       # browser entry; calls renderX(App, ...)
+  server/
+    api/            # RPC functions callable from client imports
+    helpers/        # server-only utilities; never bundled for browser
+    main.ts         # optional middleware registration
+    socket/         # optional WebSocket handlers
+  shared/           # code/types used by both sides
+  public/           # static files copied to dist/public in production
+  package.json
+```
+---
+## Minimal app
+### `client/App.ts`
+```ts
+import { html } from "mates";
+export default () => {
+  return () => html`<h1>Hello from mates-fullstack</h1>`;
+};
+```
+### `client/client.ts`
+```ts
+import { renderX } from "mates";
+import App from "./App";
+renderX(App, document.getElementById("app")!);
+```
+### `server/api/todos.ts`
+```ts
+import type { ServerCtx } from "mates-fullstack";
+import { ValidationError } from "mates-fullstack";
+export async function listTodos(_payload: {}, _ctx: ServerCtx) {
+  return [{ id: 1, title: "Write docs" }];
+}
+export async function addTodo(payload: { title: string }, _ctx: ServerCtx) {
+  if (!payload.title.trim()) {
+    throw new ValidationError("Invalid todo", {
+      fields: { title: "Required" },
+    });
+  }
+  return { id: Date.now(), title: payload.title };
+}
+```
+### Client code calls server functions directly
+```ts
+import { asyncAction, html } from "mates";
+import { listTodos } from "../server/api/todos";
+const TodoPage = () => {
+  const load = asyncAction(() => listTodos({}));
+  load();
+  return () => html`
+    <pre>${JSON.stringify(load.data(), null, 2)}</pre>
+  `;
+};
+```
+During development and production builds, imports from `server/api/**` are converted into browser-safe RPC stubs. Imports from any other `server/**` path are blocked from client code.
+---
+## Commands
+```bash
+npm run dev      # native ESM dev server, no browser bundle
+npm run build    # production client bundle + compiled server runtime
+npm run start    # start production server from dist/
+```
+### Development mode
+Development intentionally serves source modules instead of a client bundle:
+- app source modules: `/_src/**`
+- package modules: `/_pkg/**`
+- framework helpers: `/_mates/**`
+- import map injected into the HTML shell
+- chokidar watches `client/`, `server/`, `shared/`, `public/`, `.env*`, and config files
+- reload generation is owned by the parent dev process and delivered through SSE
+This makes stack traces point at source-like module URLs and keeps rebuilds fast.
+---
+## Authentication
+### Email/Password + Social Login
+`mates-fullstack` provides a complete auth system out of the box. Access tokens are short-lived (15 min default), stored in httpOnly cookies. Refresh tokens (30 days) live in a separate httpOnly cookie and rotate automatically, with JTI replay detection.
+```ts
+// server/main.ts
+import { matesAuth, auth, useArctic } from "mates-fullstack";
+matesAuth({ secret: process.env.AUTH_JWT_SECRET! });
+useArctic({
+  google: {
+    clientId: process.env.GOOGLE_CLIENT_ID!,
+    clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
+    onSuccess: async (profile, ctx) => {
+      const user = await db.users.upsert({ ... });
+      await auth.login(ctx, { userId: user.id, email: user.email });
+    },
+  },
+});
+```
+Routes `/auth/google` and `/auth/google/callback` are registered automatically. `onSuccess` gives you full control — call `auth.login()` to issue tokens, or skip it to just link accounts.
+10 built-in OAuth providers: Google, GitHub, Discord, Microsoft, Twitter, LinkedIn, Facebook, Apple, Spotify, GitLab. Custom providers via `arcticProvider({ handler, ... })`.
+### Cross-Domain SSO
+For apps on different domains sharing one auth server. The auth server signs a 30-second code JWT with a shared secret — each app verifies it locally, no round-trip needed.
+```ts
+// auth.com/server/main.ts
+import { useSsoProvider } from "mates-fullstack";
+useSsoProvider({
+  secret: process.env.SSO_SECRET!,
+  login: "/login",
+  allowedOrigins: ["https://app1.com", "https://app2.com"],
+});
+// app1.com/server/main.ts
+import { useSsoClient } from "mates-fullstack";
+useSsoClient({
+  authUrl: "https://auth.com",
+  secret: process.env.SSO_SECRET!,
+  protected: ["/dashboard", "/settings"],
+});
+```
+Each app issues its own httpOnly session cookies. Works with social login — put `useArctic()` on the auth server, `useSsoClient()` on every app.
+---
+## Middleware
+All middleware registers globally in `server/main.ts` and runs in registration order.
+**Recommended `server/main.ts`:**
+```ts
+import {
+  matesAuth, requestLogger, useSecurityHeaders, useCors, rateLimit,
+} from "mates-fullstack";
+matesAuth({ secret: process.env.AUTH_JWT_SECRET! });
+requestLogger({ skip: [/^\/health$/, /^\/_mates\//] });
+useSecurityHeaders();
+useCors({ origins: "https://app.example.com" });
+rateLimit({ max: 10, window: "15m", pathPrefix: "/auth" });
+rateLimit({ max: 300, window: "1m" });
+```
+### Request Logger
+```ts
+requestLogger({ skip: [/^\/health$/, /^\/assets\//] });
+```
+Logs every request (method, path, IP) on arrival and every RPC response (status, ms) on completion. Stamps `x-request-id` on every response. Structured logging — NDJSON in production, pretty-printed in dev.
+### Security Headers
+```ts
+useSecurityHeaders();
+useSecurityHeaders({ contentSecurityPolicy: "default-src 'self'", xFrameOptions: "DENY" });
+```
+Sets 14 standard security headers on every response — complete helmet-equivalent coverage. Every header individually overridable or disableable. HSTS auto-enabled in production, skipped in dev. CSP and Permissions-Policy are opt-in.
+### CORS
+```ts
+useCors({ origins: "https://app.example.com", credentials: true });
+useCors({ origins: (origin) => origin.endsWith(".example.com") });
+```
+Handles preflight `OPTIONS` automatically (returns 204). Reflects origin when `credentials: true` as required by the CORS spec. Sets `Vary: Origin`.
+### Rate Limiting
+```ts
+rateLimit({ max: 100, window: "1m" });                             // all routes
+rateLimit({ max: 10, window: "15m", pathPrefix: "/auth" });        // auth only
+rateLimit({ max: 5, window: "1h", key: (_req, ctx) => String(ctx.auth.userId) }); // per-user
+```
+Sliding-window counter, in-memory. Returns 429 with `Retry-After` and `X-RateLimit-*` headers. Auto-evicts expired entries. Custom key function for per-user or per-endpoint limiting.
+### Raw HTTP hooks
+For cases where an external service dictates the HTTP contract (webhooks, custom OAuth flows):
+```ts
+import { onHttpRequest } from "mates-fullstack";
+onHttpRequest(async (req, ctx) => {
+  const url = new URL(req.url);
+  if (req.method === "POST" && url.pathname === "/stripe-webhook") {
+    const body = await req.text();
+    await handleWebhook(body, ctx.reqHeaders["stripe-signature"]);
+    return new Response("ok");
+  }
+});
+```
+---
+## Request Limits / Resource Protection
+Built-in limits prevent CPU and memory exhaustion. All have safe defaults — override only to tune for your app.
+```ts
+// server/main.ts — at the top, before middleware
+import { configureRpcRunner } from "mates-fullstack/internal";
+configureRpcRunner({
+  maxJsonBytes: 5 * 1024 * 1024,     // default 1MB
+  maxJsonDepth: 30,                    // default 50
+  maxArrayLength: 5000,                // default 10_000
+  maxStringLength: 50_000,             // default 100_000
+  maxUploadBytes: 50 * 1024 * 1024,   // default 10MB
+  maxMultipartParts: 100,              // default 200
+});
+```
+Or set server-level limits when starting:
+```ts
+await startServer({
+  maxConnections: 2000,           // default 1000
+  staticStreamTimeout: 120_000,   // default 60s
+  maxSseClients: 1000,            // default 500
+});
+```
+All defaults are active without any configuration call. See `DOCS.md` for full details.
+---
+## Public entrypoints
+| Import | Use for |
+|---|---|
+| `mates-fullstack` | stable app API: errors, redirects, middleware registration, `ServerCtx`, validation/sanitize/upload helpers |
+| `mates-fullstack/client` | browser hydration and RPC helpers |
+| `mates-fullstack/browser` | browser-safe error/redirect/stream/download helpers |
+| `mates-fullstack/server` | server-safe helpers and middleware runners |
+| `mates-fullstack/internal` | unstable build/runtime/scanner internals for tooling |
+---
+## License
+MIT

package/dist/arctic-auth.d.ts ADDED Viewed

@@ -0,0 +1,101 @@
+import { type OAuth2Tokens } from "arctic";
+import type { CookieOptions, Context } from "./ctx.js";
+export type ArcticBuiltInProvider = "apple" | "discord" | "facebook" | "github" | "gitlab" | "google" | "linkedin" | "microsoft" | "spotify" | "twitter";
+export interface ArcticTokenSet {
+    accessToken: string | null;
+    refreshToken: string | null;
+    idToken: string | null;
+    tokenType: string | null;
+    expiresAt: Date | null;
+    scopes: string[] | null;
+    raw: object;
+}
+export interface ArcticProfile<Raw = unknown> {
+    provider: string;
+    id: string;
+    email: string | null;
+    name: string | null;
+    avatar: string | null;
+    username?: string | null;
+    raw: Raw;
+    tokens: ArcticTokenSet;
+}
+export interface ArcticProviderConfig {
+    clientId: string;
+    clientSecret?: string | null;
+    redirectUri?: string;
+    scopes?: string[];
+    /** Microsoft Entra ID tenant. Defaults to "common". */
+    tenant?: string;
+    /** Apple Team ID. */
+    teamId?: string;
+    /** Apple Key ID. */
+    keyId?: string;
+    /** Apple private key in PKCS#8 PEM format. */
+    privateKey?: string;
+    /** GitLab base URL. Defaults to https://gitlab.com. */
+    baseURL?: string;
+    /** Override the built-in profile fetcher or add one for custom providers. */
+    profile?: ArcticProfileLoader;
+    /** Override whether this provider uses PKCE. */
+    usesPKCE?: boolean;
+    /**
+     * Called after the provider returns a profile.
+     * Return the claims to bake into the JWT — typically after an upsert in your DB.
+     */
+    onSuccess: ArcticSuccessHandler;
+}
+export type ArcticProvidersConfig = Partial<Record<ArcticBuiltInProvider | string, ArcticProviderConfig | ArcticCustomProvider>>;
+/**
+ * Called after the provider returns a verified profile.
+ * You are fully in control — call `auth.login(ctx, claims)` to issue tokens,
+ * update the DB to link an account, or do nothing at all.
+ * Return a path string to override the post-OAuth redirect.
+ */
+export type ArcticSuccessHandler = (profile: ArcticProfile, ctx: Context) => string | void | Promise<string | void>;
+export interface ArcticUseOptions {
+    /** Route base for OAuth endpoints. Default: "/auth". */
+    basePath?: string;
+    /** Default redirect after login. Default: "/". */
+    afterLogin?: string;
+    /** Redirect after OAuth failure. If omitted, failures return JSON. */
+    onErrorRedirect?: string;
+    /** Cookie path/domain/sameSite/secure controls for temporary OAuth cookies. */
+    cookie?: Pick<CookieOptions, "path" | "domain" | "sameSite" | "secure">;
+    /** Temporary OAuth state cookie lifetime in seconds. Default: 10 minutes. */
+    stateMaxAge?: number;
+}
+export interface ArcticProviderHandler {
+    defaultScopes: string[];
+    usesPKCE: boolean;
+    start(config: ArcticProviderConfig, redirectUri: string, state: string, codeVerifier: string | null): Promise<URL> | URL;
+    callback(config: ArcticProviderConfig, redirectUri: string, code: string, codeVerifier: string | null, providerName: string): Promise<ArcticProfile>;
+}
+export interface ArcticCustomProvider extends ArcticProviderConfig {
+    handler: ArcticProviderHandler;
+}
+export type ArcticProfileLoader = (tokens: OAuth2Tokens, providerName: string) => Promise<Omit<ArcticProfile, "provider" | "tokens">>;
+/**
+ * Register social login routes for every configured provider.
+ *
+ * The framework automatically handles:
+ *   GET /auth/:provider          — redirect to provider
+ *   GET /auth/:provider/callback — exchange code, call onSuccess, set cookies
+ *
+ * @example
+ * useArctic({
+ *   google: {
+ *     clientId: process.env.GOOGLE_CLIENT_ID!,
+ *     clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
+ *     onSuccess: async (profile) => {
+ *       const user = await db.upsert({ provider: profile.provider, providerId: profile.id, ... });
+ *       return { userId: user.id, email: user.email, roles: user.roles };
+ *     },
+ *   },
+ * });
+ */
+export declare function useArctic(providers: ArcticProvidersConfig, options?: ArcticUseOptions): void;
+/** Define a custom Arctic provider adapter for providers without a built-in profile normalizer. */
+export declare function arcticProvider(config: ArcticCustomProvider): ArcticCustomProvider;
+export declare function listArcticProviders(): ArcticBuiltInProvider[];
+//# sourceMappingURL=arctic-auth.d.ts.map

package/dist/arctic-auth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"arctic-auth.d.ts","sourceRoot":"","sources":["../src/arctic-auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAcL,KAAK,YAAY,EAClB,MAAM,QAAQ,CAAC;AAChB,OAAO,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AAGvD,MAAM,MAAM,qBAAqB,GAC7B,OAAO,GACP,SAAS,GACT,UAAU,GACV,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,UAAU,GACV,WAAW,GACX,SAAS,GACT,SAAS,CAAC;AAEd,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACxB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,aAAa,CAAC,GAAG,GAAG,OAAO;IAC1C,QAAQ,EAAE,MAAM,CAAC;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,GAAG,EAAE,GAAG,CAAC;IACT,MAAM,EAAE,cAAc,CAAC;CACxB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,uDAAuD;IACvD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qBAAqB;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,8CAA8C;IAC9C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6EAA6E;IAC7E,OAAO,CAAC,EAAE,mBAAmB,CAAC;IAC9B,gDAAgD;IAChD,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;OAGG;IACH,SAAS,EAAE,oBAAoB,CAAC;CACjC;AAED,MAAM,MAAM,qBAAqB,GAAG,OAAO,CACzC,MAAM,CACJ,qBAAqB,GAAG,MAAM,EAC9B,oBAAoB,GAAG,oBAAoB,CAC5C,CACF,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,GAAG,CACjC,OAAO,EAAE,aAAa,EACtB,GAAG,EAAE,OAAO,KACT,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;AAE5C,MAAM,WAAW,gBAAgB;IAC/B,wDAAwD;IACxD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kDAAkD;IAClD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sEAAsE;IACtE,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,+EAA+E;IAC/E,MAAM,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,QAAQ,GAAG,UAAU,GAAG,QAAQ,CAAC,CAAC;IACxE,6EAA6E;IAC7E,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,qBAAqB;IACpC,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,KAAK,CACH,MAAM,EAAE,oBAAoB,EAC5B,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,YAAY,EAAE,MAAM,GAAG,IAAI,GAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IACtB,QAAQ,CACN,MAAM,EAAE,oBAAoB,EAC5B,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,GAAG,IAAI,EAC3B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,aAAa,CAAC,CAAC;CAC3B;AAED,MAAM,WAAW,oBAAqB,SAAQ,oBAAoB;IAChE,OAAO,EAAE,qBAAqB,CAAC;CAChC;AAED,MAAM,MAAM,mBAAmB,GAAG,CAChC,MAAM,EAAE,YAAY,EACpB,YAAY,EAAE,MAAM,KACjB,OAAO,CAAC,IAAI,CAAC,aAAa,EAAE,UAAU,GAAG,QAAQ,CAAC,CAAC,CAAC;AAYzD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,SAAS,CACvB,SAAS,EAAE,qBAAqB,EAChC,OAAO,GAAE,gBAAqB,GAC7B,IAAI,CA6BN;AAED,mGAAmG;AACnG,wBAAgB,cAAc,CAC5B,MAAM,EAAE,oBAAoB,GAC3B,oBAAoB,CAEtB;AAED,wBAAgB,mBAAmB,IAAI,qBAAqB,EAAE,CAE7D"}