monora-ai 2.0.0 → 2.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +441 -150
- package/dist/aims_governance.d.ts +238 -0
- package/dist/aims_governance.d.ts.map +1 -0
- package/dist/aims_governance.js +922 -0
- package/dist/alerts.d.ts +16 -0
- package/dist/alerts.d.ts.map +1 -1
- package/dist/alerts.js +16 -0
- package/dist/api.d.ts +6 -0
- package/dist/api.d.ts.map +1 -1
- package/dist/api.js +6 -0
- package/dist/assessment.d.ts +269 -0
- package/dist/assessment.d.ts.map +1 -0
- package/dist/assessment.js +1232 -0
- package/dist/attestation.js +23 -1
- package/dist/attribution.d.ts +349 -0
- package/dist/attribution.d.ts.map +1 -0
- package/dist/attribution.js +987 -0
- package/dist/autodetect.d.ts +69 -1
- package/dist/autodetect.d.ts.map +1 -1
- package/dist/autodetect.js +644 -1
- package/dist/bias.d.ts +130 -0
- package/dist/bias.d.ts.map +1 -0
- package/dist/bias.js +223 -0
- package/dist/circuit_breaker.js +3 -3
- package/dist/cli/diagnostics.d.ts +5 -1
- package/dist/cli/diagnostics.d.ts.map +1 -1
- package/dist/cli/diagnostics.js +31 -8
- package/dist/cli/doctor.d.ts +25 -0
- package/dist/cli/doctor.d.ts.map +1 -0
- package/dist/cli/doctor.js +381 -0
- package/dist/cli/fix.d.ts +16 -0
- package/dist/cli/fix.d.ts.map +1 -0
- package/dist/cli/fix.js +284 -0
- package/dist/cli/init.d.ts +57 -0
- package/dist/cli/init.d.ts.map +1 -0
- package/dist/cli/init.js +205 -0
- package/dist/cli.js +1611 -126
- package/dist/complianceTargets.d.ts +111 -0
- package/dist/complianceTargets.d.ts.map +1 -0
- package/dist/complianceTargets.js +521 -0
- package/dist/config.d.ts +301 -17
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +428 -36
- package/dist/config_migrations.d.ts +41 -0
- package/dist/config_migrations.d.ts.map +1 -1
- package/dist/config_migrations.js +205 -0
- package/dist/config_schema.d.ts +2900 -731
- package/dist/config_schema.d.ts.map +1 -1
- package/dist/config_schema.js +257 -55
- package/dist/context.d.ts +34 -0
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +118 -7
- package/dist/control_backbone.d.ts +122 -0
- package/dist/control_backbone.d.ts.map +1 -0
- package/dist/control_backbone.js +698 -0
- package/dist/data-governance.d.ts +187 -0
- package/dist/data-governance.d.ts.map +1 -0
- package/dist/data-governance.js +424 -0
- package/dist/dataResidency.d.ts +44 -0
- package/dist/dataResidency.d.ts.map +1 -0
- package/dist/dataResidency.js +203 -0
- package/dist/dispatcher.d.ts +32 -0
- package/dist/dispatcher.d.ts.map +1 -1
- package/dist/dispatcher.js +91 -4
- package/dist/events.d.ts.map +1 -1
- package/dist/events.js +38 -0
- package/dist/evidence_store.d.ts +103 -0
- package/dist/evidence_store.d.ts.map +1 -0
- package/dist/evidence_store.js +459 -0
- package/dist/executiveSummary.d.ts +65 -8
- package/dist/executiveSummary.d.ts.map +1 -1
- package/dist/executiveSummary.js +289 -26
- package/dist/identity.d.ts +143 -0
- package/dist/identity.d.ts.map +1 -0
- package/dist/identity.js +231 -0
- package/dist/impact-assessment.d.ts +350 -0
- package/dist/impact-assessment.d.ts.map +1 -0
- package/dist/impact-assessment.js +580 -0
- package/dist/index.d.ts +25 -5
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +300 -4
- package/dist/instrumentation.d.ts +1 -1
- package/dist/instrumentation.d.ts.map +1 -1
- package/dist/instrumentation.js +243 -27
- package/dist/integrations/anthropic.d.ts +3 -0
- package/dist/integrations/anthropic.d.ts.map +1 -1
- package/dist/integrations/anthropic.js +284 -79
- package/dist/integrations/governance.d.ts +33 -0
- package/dist/integrations/governance.d.ts.map +1 -0
- package/dist/integrations/governance.js +208 -0
- package/dist/integrations/langchain.d.ts +7 -0
- package/dist/integrations/langchain.d.ts.map +1 -1
- package/dist/integrations/langchain.js +387 -143
- package/dist/integrations/openai.d.ts +9 -0
- package/dist/integrations/openai.d.ts.map +1 -1
- package/dist/integrations/openai.js +673 -73
- package/dist/iso42001_consolidation.d.ts +16 -0
- package/dist/iso42001_consolidation.d.ts.map +1 -0
- package/dist/iso42001_consolidation.js +413 -0
- package/dist/iso42001_workflows.d.ts +263 -0
- package/dist/iso42001_workflows.d.ts.map +1 -0
- package/dist/iso42001_workflows.js +781 -0
- package/dist/lifecycle.d.ts +299 -0
- package/dist/lifecycle.d.ts.map +1 -0
- package/dist/lifecycle.js +624 -0
- package/dist/lineage.d.ts +2 -2
- package/dist/lineage.d.ts.map +1 -1
- package/dist/lineage.js +12 -17
- package/dist/middleware/express.d.ts.map +1 -1
- package/dist/middleware/express.js +33 -3
- package/dist/middleware/nextjs.d.ts.map +1 -1
- package/dist/middleware/nextjs.js +42 -68
- package/dist/model.d.ts +143 -0
- package/dist/model.d.ts.map +1 -0
- package/dist/model.js +371 -0
- package/dist/onboarding.d.ts +42 -0
- package/dist/onboarding.d.ts.map +1 -0
- package/dist/onboarding.js +1022 -0
- package/dist/oversight.d.ts +264 -0
- package/dist/oversight.d.ts.map +1 -0
- package/dist/oversight.js +497 -0
- package/dist/pdf_report.d.ts.map +1 -1
- package/dist/pdf_report.js +42 -21
- package/dist/presets.d.ts +88 -0
- package/dist/presets.d.ts.map +1 -0
- package/dist/presets.js +520 -0
- package/dist/propagation.d.ts.map +1 -1
- package/dist/propagation.js +34 -2
- package/dist/quotas.d.ts +171 -0
- package/dist/quotas.d.ts.map +1 -0
- package/dist/quotas.js +259 -0
- package/dist/register.d.ts +13 -0
- package/dist/register.d.ts.map +1 -0
- package/dist/register.js +99 -0
- package/dist/registry.d.ts +1 -0
- package/dist/registry.d.ts.map +1 -1
- package/dist/registry.js +7 -0
- package/dist/registryData.json +43 -6
- package/dist/report.d.ts +2 -1
- package/dist/report.d.ts.map +1 -1
- package/dist/report.js +189 -2
- package/dist/reporting.d.ts +125 -0
- package/dist/reporting.d.ts.map +1 -1
- package/dist/reporting.js +196 -5
- package/dist/resources.d.ts +285 -0
- package/dist/resources.d.ts.map +1 -0
- package/dist/resources.js +643 -0
- package/dist/risk.d.ts +120 -0
- package/dist/risk.d.ts.map +1 -0
- package/dist/risk.js +220 -0
- package/dist/runtime.d.ts +74 -1
- package/dist/runtime.d.ts.map +1 -1
- package/dist/runtime.js +598 -22
- package/dist/schemaInference.d.ts +92 -0
- package/dist/schemaInference.d.ts.map +1 -0
- package/dist/schemaInference.js +466 -0
- package/dist/schema_validation.js +2 -2
- package/dist/schemas/config.schema.json +169 -6
- package/dist/schemas/event.schema.json +4 -0
- package/dist/security_report.js +4 -4
- package/dist/signing.d.ts +1 -1
- package/dist/signing.d.ts.map +1 -1
- package/dist/signing.js +4 -0
- package/dist/sinks/file.d.ts +19 -1
- package/dist/sinks/file.d.ts.map +1 -1
- package/dist/sinks/file.js +82 -13
- package/dist/sinks/https.d.ts +10 -0
- package/dist/sinks/https.d.ts.map +1 -1
- package/dist/sinks/https.js +76 -16
- package/dist/sinks/stdout.d.ts +1 -0
- package/dist/sinks/stdout.d.ts.map +1 -1
- package/dist/sinks/stdout.js +12 -1
- package/dist/spec.d.ts +159 -0
- package/dist/spec.d.ts.map +1 -0
- package/dist/spec.js +391 -0
- package/dist/stakeholders.d.ts +199 -0
- package/dist/stakeholders.d.ts.map +1 -0
- package/dist/stakeholders.js +398 -0
- package/dist/standards.d.ts.map +1 -1
- package/dist/standards.js +160 -2
- package/dist/standards_ingest.d.ts +2 -2
- package/dist/standards_ingest.d.ts.map +1 -1
- package/dist/standards_ingest.js +105 -23
- package/dist/streaming.d.ts.map +1 -1
- package/dist/streaming.js +7 -2
- package/dist/telemetry.d.ts +16 -2
- package/dist/telemetry.d.ts.map +1 -1
- package/dist/telemetry.js +79 -14
- package/dist/templates/controls/iso42001_control_catalog.json +1443 -0
- package/dist/traced_emitter.d.ts +3 -0
- package/dist/traced_emitter.d.ts.map +1 -1
- package/dist/traced_emitter.js +142 -25
- package/dist/trust_package.d.ts +21 -1
- package/dist/trust_package.d.ts.map +1 -1
- package/dist/trust_package.js +101 -4
- package/dist/verify.d.ts.map +1 -1
- package/dist/verify.js +9 -2
- package/dist/wal.d.ts.map +1 -1
- package/dist/wal.js +2 -1
- package/package.json +14 -1
- package/scripts/postinstall.js +119 -97
- package/templates/controls/iso42001_control_catalog.json +1443 -0
|
@@ -0,0 +1,203 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Data residency validation for sinks.
|
|
4
|
+
*
|
|
5
|
+
* Validates that endpoint URLs match configured data residency requirements
|
|
6
|
+
* based on domain patterns for different geographic regions.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.detectEndpointRegion = detectEndpointRegion;
|
|
10
|
+
exports.validateDataResidency = validateDataResidency;
|
|
11
|
+
exports.enforceDataResidency = enforceDataResidency;
|
|
12
|
+
const logger_1 = require("./logger");
|
|
13
|
+
/**
|
|
14
|
+
* Known GDPR-adequate region domain patterns (not limited to EU member states).
|
|
15
|
+
* These patterns indicate endpoints that may store/process data in GDPR-adequate regions.
|
|
16
|
+
*/
|
|
17
|
+
const GDPR_ADEQUATE_PATTERNS = [
|
|
18
|
+
// Explicit EU subdomains
|
|
19
|
+
/\.eu\./i,
|
|
20
|
+
/\-eu\./i,
|
|
21
|
+
/eu\-/i,
|
|
22
|
+
/\.europe\./i,
|
|
23
|
+
/\-europe\./i,
|
|
24
|
+
// Country-specific EU TLDs
|
|
25
|
+
/\.eu$/i,
|
|
26
|
+
/\.de$/i,
|
|
27
|
+
/\.fr$/i,
|
|
28
|
+
/\.nl$/i,
|
|
29
|
+
/\.ie$/i,
|
|
30
|
+
/\.it$/i,
|
|
31
|
+
/\.es$/i,
|
|
32
|
+
/\.pl$/i,
|
|
33
|
+
/\.at$/i,
|
|
34
|
+
/\.be$/i,
|
|
35
|
+
/\.se$/i,
|
|
36
|
+
/\.dk$/i,
|
|
37
|
+
/\.fi$/i,
|
|
38
|
+
/\.pt$/i,
|
|
39
|
+
/\.cz$/i,
|
|
40
|
+
/\.ro$/i,
|
|
41
|
+
/\.hu$/i,
|
|
42
|
+
/\.sk$/i,
|
|
43
|
+
/\.bg$/i,
|
|
44
|
+
/\.hr$/i,
|
|
45
|
+
/\.si$/i,
|
|
46
|
+
/\.lt$/i,
|
|
47
|
+
/\.lv$/i,
|
|
48
|
+
/\.ee$/i,
|
|
49
|
+
/\.lu$/i,
|
|
50
|
+
/\.mt$/i,
|
|
51
|
+
/\.cy$/i,
|
|
52
|
+
/\.gr$/i,
|
|
53
|
+
// Cloud provider EU regions
|
|
54
|
+
/eu-west/i,
|
|
55
|
+
/eu-central/i,
|
|
56
|
+
/eu-north/i,
|
|
57
|
+
/eu-south/i,
|
|
58
|
+
/europe-west/i,
|
|
59
|
+
/europe-north/i,
|
|
60
|
+
/europewest/i,
|
|
61
|
+
/frankfurt/i,
|
|
62
|
+
/ireland/i,
|
|
63
|
+
/london/i,
|
|
64
|
+
/paris/i,
|
|
65
|
+
/amsterdam/i,
|
|
66
|
+
/stockholm/i,
|
|
67
|
+
/milan/i,
|
|
68
|
+
/zurich/i,
|
|
69
|
+
];
|
|
70
|
+
/**
|
|
71
|
+
* Known US region domain patterns.
|
|
72
|
+
* These patterns indicate endpoints that store/process data in the US.
|
|
73
|
+
*/
|
|
74
|
+
const US_PATTERNS = [
|
|
75
|
+
// Explicit US subdomains
|
|
76
|
+
/\.us\./i,
|
|
77
|
+
/\-us\./i,
|
|
78
|
+
/us\-/i,
|
|
79
|
+
/\.usa\./i,
|
|
80
|
+
/\-usa\./i,
|
|
81
|
+
// US TLD
|
|
82
|
+
/\.us$/i,
|
|
83
|
+
// Cloud provider US regions
|
|
84
|
+
/us-east/i,
|
|
85
|
+
/us-west/i,
|
|
86
|
+
/us-central/i,
|
|
87
|
+
/useast/i,
|
|
88
|
+
/uswest/i,
|
|
89
|
+
/america/i,
|
|
90
|
+
/virginia/i,
|
|
91
|
+
/ohio/i,
|
|
92
|
+
/oregon/i,
|
|
93
|
+
/california/i,
|
|
94
|
+
/n-virginia/i,
|
|
95
|
+
// Common US-based service patterns
|
|
96
|
+
/\.com$/i, // Treated as potentially US unless EU pattern matches
|
|
97
|
+
];
|
|
98
|
+
/**
|
|
99
|
+
* Extract the hostname from a URL.
|
|
100
|
+
*/
|
|
101
|
+
function extractHostname(url) {
|
|
102
|
+
try {
|
|
103
|
+
const parsed = new URL(url);
|
|
104
|
+
return parsed.hostname.toLowerCase();
|
|
105
|
+
}
|
|
106
|
+
catch {
|
|
107
|
+
// If URL parsing fails, try to extract hostname manually
|
|
108
|
+
const match = url.match(/^(?:https?:\/\/)?([^\/\?#:]+)/i);
|
|
109
|
+
return match ? match[1].toLowerCase() : url.toLowerCase();
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Detect the likely data residency region of an endpoint URL.
|
|
114
|
+
*/
|
|
115
|
+
function detectEndpointRegion(endpoint) {
|
|
116
|
+
const hostname = extractHostname(endpoint);
|
|
117
|
+
const fullUrl = endpoint.toLowerCase();
|
|
118
|
+
// Check GDPR-adequate patterns first (more specific)
|
|
119
|
+
for (const pattern of GDPR_ADEQUATE_PATTERNS) {
|
|
120
|
+
if (pattern.test(hostname) || pattern.test(fullUrl)) {
|
|
121
|
+
return 'eu';
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
// Check US patterns
|
|
125
|
+
for (const pattern of US_PATTERNS) {
|
|
126
|
+
if (pattern.test(hostname) || pattern.test(fullUrl)) {
|
|
127
|
+
// .com is ambiguous - only count as US if no EU indicators
|
|
128
|
+
if (pattern.source === '\\.com$') {
|
|
129
|
+
continue; // Skip .com as it's too ambiguous
|
|
130
|
+
}
|
|
131
|
+
return 'us';
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
return 'unknown';
|
|
135
|
+
}
|
|
136
|
+
/**
|
|
137
|
+
* Validate that an endpoint URL matches the required data residency.
|
|
138
|
+
*
|
|
139
|
+
* @param endpoint - The endpoint URL to validate
|
|
140
|
+
* @param requiredResidency - The required data residency ('us', 'eu', 'any', or null)
|
|
141
|
+
* @returns Validation result with details
|
|
142
|
+
*/
|
|
143
|
+
function validateDataResidency(endpoint, requiredResidency) {
|
|
144
|
+
// No requirement means always valid
|
|
145
|
+
if (!requiredResidency || requiredResidency === 'any') {
|
|
146
|
+
return {
|
|
147
|
+
valid: true,
|
|
148
|
+
detectedRegion: detectEndpointRegion(endpoint),
|
|
149
|
+
requiredRegion: requiredResidency,
|
|
150
|
+
endpoint,
|
|
151
|
+
message: 'No data residency requirement configured',
|
|
152
|
+
};
|
|
153
|
+
}
|
|
154
|
+
const detectedRegion = detectEndpointRegion(endpoint);
|
|
155
|
+
// If we can't determine the region, we can't validate
|
|
156
|
+
if (detectedRegion === 'unknown') {
|
|
157
|
+
return {
|
|
158
|
+
valid: false,
|
|
159
|
+
detectedRegion,
|
|
160
|
+
requiredRegion: requiredResidency,
|
|
161
|
+
endpoint,
|
|
162
|
+
message: `Cannot determine data residency for endpoint '${endpoint}'. Required: ${requiredResidency.toUpperCase()}. Consider using an endpoint with explicit region indicators.`,
|
|
163
|
+
};
|
|
164
|
+
}
|
|
165
|
+
// Check if detected region matches required
|
|
166
|
+
if (detectedRegion === requiredResidency) {
|
|
167
|
+
return {
|
|
168
|
+
valid: true,
|
|
169
|
+
detectedRegion,
|
|
170
|
+
requiredRegion: requiredResidency,
|
|
171
|
+
endpoint,
|
|
172
|
+
message: `Endpoint matches ${requiredResidency.toUpperCase()} data residency requirement`,
|
|
173
|
+
};
|
|
174
|
+
}
|
|
175
|
+
// Mismatch
|
|
176
|
+
return {
|
|
177
|
+
valid: false,
|
|
178
|
+
detectedRegion,
|
|
179
|
+
requiredRegion: requiredResidency,
|
|
180
|
+
endpoint,
|
|
181
|
+
message: `Data residency mismatch: endpoint '${endpoint}' appears to be in ${detectedRegion.toUpperCase()}, but ${requiredResidency.toUpperCase()} is required`,
|
|
182
|
+
};
|
|
183
|
+
}
|
|
184
|
+
/**
|
|
185
|
+
* Enforce data residency requirements for a sink endpoint.
|
|
186
|
+
*
|
|
187
|
+
* @param endpoint - The endpoint URL to validate
|
|
188
|
+
* @param residency - The required data residency
|
|
189
|
+
* @param action - Action on failure: 'block' throws error, 'warn' logs warning
|
|
190
|
+
* @throws Error if action is 'block' and validation fails
|
|
191
|
+
*/
|
|
192
|
+
function enforceDataResidency(endpoint, residency, action = 'warn') {
|
|
193
|
+
const result = validateDataResidency(endpoint, residency);
|
|
194
|
+
if (!result.valid) {
|
|
195
|
+
if (action === 'block') {
|
|
196
|
+
throw new Error(`Data residency enforcement failed: ${result.message}`);
|
|
197
|
+
}
|
|
198
|
+
else {
|
|
199
|
+
logger_1.logger.warning('Data residency warning: %s', result.message);
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
return result;
|
|
203
|
+
}
|
package/dist/dispatcher.d.ts
CHANGED
|
@@ -3,6 +3,38 @@
|
|
|
3
3
|
*/
|
|
4
4
|
import { Sink } from './sinks/base';
|
|
5
5
|
import { MonoraConfig } from './config';
|
|
6
|
+
/**
|
|
7
|
+
* Callback function for audit hooks.
|
|
8
|
+
*/
|
|
9
|
+
export type AuditCallback = (event: Record<string, unknown>) => void | Promise<void>;
|
|
10
|
+
/**
|
|
11
|
+
* Register an audit callback that is invoked for every emitted event.
|
|
12
|
+
*
|
|
13
|
+
* Use this to integrate with external audit systems, SIEM tools, or
|
|
14
|
+
* compliance logging infrastructure.
|
|
15
|
+
*
|
|
16
|
+
* @param callback - Function to call with each event.
|
|
17
|
+
* @returns Unsubscribe function.
|
|
18
|
+
*
|
|
19
|
+
* @example
|
|
20
|
+
* ```typescript
|
|
21
|
+
* const unsubscribe = onEvent((event) => {
|
|
22
|
+
* console.log('Audit:', event.event_type, event.event_id);
|
|
23
|
+
* // Send to external audit system
|
|
24
|
+
* });
|
|
25
|
+
*
|
|
26
|
+
* // Later: unsubscribe();
|
|
27
|
+
* ```
|
|
28
|
+
*/
|
|
29
|
+
export declare function onEvent(callback: AuditCallback): () => void;
|
|
30
|
+
/**
|
|
31
|
+
* Clear all registered audit callbacks.
|
|
32
|
+
*/
|
|
33
|
+
export declare function clearAuditCallbacks(): void;
|
|
34
|
+
/**
|
|
35
|
+
* Get the number of registered audit callbacks.
|
|
36
|
+
*/
|
|
37
|
+
export declare function getAuditCallbackCount(): number;
|
|
6
38
|
export declare class EventDispatcher {
|
|
7
39
|
private sinks;
|
|
8
40
|
private queue;
|
package/dist/dispatcher.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dispatcher.d.ts","sourceRoot":"","sources":["../src/dispatcher.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,IAAI,EAAa,MAAM,cAAc,CAAC;AAG/C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"dispatcher.d.ts","sourceRoot":"","sources":["../src/dispatcher.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,IAAI,EAAa,MAAM,cAAc,CAAC;AAG/C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AASxC;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAKrF;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,OAAO,CAAC,QAAQ,EAAE,aAAa,GAAG,MAAM,IAAI,CAQ3D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,CAE9C;AA4BD,qBAAa,eAAe;IAC1B,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,gBAAgB,CAAC,CAAS;IAClC,OAAO,CAAC,eAAe,CAA8B;IACrD,OAAO,CAAC,aAAa,CAA6B;IAClD,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,YAAY,CAAC,CAAW;IAChC,OAAO,CAAC,mBAAmB,CAAC,CAA6B;IACzD,OAAO,CAAC,SAAS,CAAe;IAChC,OAAO,CAAC,MAAM,CAAC,CAAiB;IAChC,OAAO,CAAC,UAAU,CAAC,CAAQ;IAC3B,OAAO,CAAC,KAAK,CAA6B;IAC1C,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,OAAO,CAAU;IACzB,OAAO,CAAC,iBAAiB,CAAC,CAAa;IACvC,OAAO,CAAC,gBAAgB,CAAU;IAClC,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,YAAY,CAAS;gBAEjB,KAAK,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,YAAY;IAyD/C,KAAK,IAAI,IAAI;IAkBb,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAoCtC,OAAO,CAAC,iBAAiB;IA4BzB,KAAK,IAAI,IAAI;IAoBb,KAAK,IAAI,IAAI;IA8Db,OAAO,CAAC,wBAAwB;IAoBhC,OAAO,CAAC,iBAAiB,CAAa;IAEtC,OAAO,CAAC,YAAY;IA+BpB,OAAO,CAAC,UAAU;IAmBlB,OAAO,CAAC,WAAW;IA8BnB,OAAO,CAAC,eAAe;IAiBvB,OAAO,CAAC,eAAe;IAmBvB,OAAO,CAAC,cAAc;CAwBvB"}
|
package/dist/dispatcher.js
CHANGED
|
@@ -4,12 +4,78 @@
|
|
|
4
4
|
*/
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.EventDispatcher = void 0;
|
|
7
|
+
exports.onEvent = onEvent;
|
|
8
|
+
exports.clearAuditCallbacks = clearAuditCallbacks;
|
|
9
|
+
exports.getAuditCallbackCount = getAuditCallbackCount;
|
|
7
10
|
const events_1 = require("events");
|
|
8
11
|
const base_1 = require("./sinks/base");
|
|
9
12
|
const file_1 = require("./sinks/file");
|
|
10
13
|
const alerts_1 = require("./alerts");
|
|
11
14
|
const logger_1 = require("./logger");
|
|
15
|
+
const streaming_1 = require("./streaming");
|
|
12
16
|
const telemetry_1 = require("./telemetry");
|
|
17
|
+
// Global audit callbacks registry
|
|
18
|
+
const auditCallbacks = [];
|
|
19
|
+
/**
|
|
20
|
+
* Register an audit callback that is invoked for every emitted event.
|
|
21
|
+
*
|
|
22
|
+
* Use this to integrate with external audit systems, SIEM tools, or
|
|
23
|
+
* compliance logging infrastructure.
|
|
24
|
+
*
|
|
25
|
+
* @param callback - Function to call with each event.
|
|
26
|
+
* @returns Unsubscribe function.
|
|
27
|
+
*
|
|
28
|
+
* @example
|
|
29
|
+
* ```typescript
|
|
30
|
+
* const unsubscribe = onEvent((event) => {
|
|
31
|
+
* console.log('Audit:', event.event_type, event.event_id);
|
|
32
|
+
* // Send to external audit system
|
|
33
|
+
* });
|
|
34
|
+
*
|
|
35
|
+
* // Later: unsubscribe();
|
|
36
|
+
* ```
|
|
37
|
+
*/
|
|
38
|
+
function onEvent(callback) {
|
|
39
|
+
auditCallbacks.push(callback);
|
|
40
|
+
return () => {
|
|
41
|
+
const index = auditCallbacks.indexOf(callback);
|
|
42
|
+
if (index !== -1) {
|
|
43
|
+
auditCallbacks.splice(index, 1);
|
|
44
|
+
}
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Clear all registered audit callbacks.
|
|
49
|
+
*/
|
|
50
|
+
function clearAuditCallbacks() {
|
|
51
|
+
auditCallbacks.length = 0;
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Get the number of registered audit callbacks.
|
|
55
|
+
*/
|
|
56
|
+
function getAuditCallbackCount() {
|
|
57
|
+
return auditCallbacks.length;
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Invoke all registered audit callbacks for an event.
|
|
61
|
+
* Errors are logged but don't propagate.
|
|
62
|
+
*/
|
|
63
|
+
function invokeAuditCallbacks(event) {
|
|
64
|
+
const callbacks = auditCallbacks.slice();
|
|
65
|
+
for (const callback of callbacks) {
|
|
66
|
+
try {
|
|
67
|
+
const result = callback(event);
|
|
68
|
+
if (result && typeof result === 'object' && 'then' in result) {
|
|
69
|
+
result.catch((error) => {
|
|
70
|
+
logger_1.logger.debug('Audit callback error: %s', error);
|
|
71
|
+
});
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
catch (error) {
|
|
75
|
+
logger_1.logger.debug('Audit callback error: %s', error);
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
}
|
|
13
79
|
class EventDispatcher {
|
|
14
80
|
constructor(sinks, config) {
|
|
15
81
|
this.lastMetricsUpdate = 0;
|
|
@@ -20,10 +86,12 @@ class EventDispatcher {
|
|
|
20
86
|
this.maxQueueSize = buffering.queue_size || 1000;
|
|
21
87
|
this.batchSize = buffering.batch_size || 50;
|
|
22
88
|
this.flushInterval = buffering.flush_interval_sec || 1.0;
|
|
23
|
-
this.queueFullTimeout = buffering.queue_full_timeout_sec !== null
|
|
89
|
+
this.queueFullTimeout = buffering.queue_full_timeout_sec !== null
|
|
90
|
+
? buffering.queue_full_timeout_sec
|
|
91
|
+
: undefined;
|
|
24
92
|
this.sinkFailureMode = errorHandling.sink_failure_mode || 'warn';
|
|
25
93
|
this.queueFullMode = errorHandling.queue_full_mode || 'warn';
|
|
26
|
-
this.fallbackPath = errorHandling.fallback_path;
|
|
94
|
+
this.fallbackPath = errorHandling.fallback_path ?? undefined;
|
|
27
95
|
const alerts = config.alerts || {};
|
|
28
96
|
if (alerts.violation_webhook) {
|
|
29
97
|
// ViolationWebhookDispatcher doesn't support 'block' mode, map to 'warn'
|
|
@@ -46,8 +114,17 @@ class EventDispatcher {
|
|
|
46
114
|
this.running = false;
|
|
47
115
|
// Adaptive batching config
|
|
48
116
|
this.adaptiveBatching = buffering.adaptive_batching ?? true;
|
|
49
|
-
|
|
50
|
-
|
|
117
|
+
const minBatchSize = buffering.min_batch_size ?? 10;
|
|
118
|
+
const maxBatchSize = buffering.max_batch_size ?? 500;
|
|
119
|
+
if (!Number.isInteger(minBatchSize)
|
|
120
|
+
|| !Number.isInteger(maxBatchSize)
|
|
121
|
+
|| minBatchSize <= 0
|
|
122
|
+
|| maxBatchSize <= 0
|
|
123
|
+
|| minBatchSize > maxBatchSize) {
|
|
124
|
+
throw new Error(`Invalid adaptive batching configuration: minBatchSize (${minBatchSize}) and maxBatchSize (${maxBatchSize}) must be positive integers with minBatchSize <= maxBatchSize.`);
|
|
125
|
+
}
|
|
126
|
+
this.minBatchSize = minBatchSize;
|
|
127
|
+
this.maxBatchSize = maxBatchSize;
|
|
51
128
|
}
|
|
52
129
|
start() {
|
|
53
130
|
if (this.running) {
|
|
@@ -265,6 +342,16 @@ class EventDispatcher {
|
|
|
265
342
|
if (events.length === 0) {
|
|
266
343
|
return;
|
|
267
344
|
}
|
|
345
|
+
for (const event of events) {
|
|
346
|
+
// Invoke audit callbacks for each event
|
|
347
|
+
invokeAuditCallbacks(event);
|
|
348
|
+
try {
|
|
349
|
+
(0, streaming_1.publishEvent)(event);
|
|
350
|
+
}
|
|
351
|
+
catch {
|
|
352
|
+
// Ignore subscriber errors
|
|
353
|
+
}
|
|
354
|
+
}
|
|
268
355
|
for (const sink of this.sinks) {
|
|
269
356
|
try {
|
|
270
357
|
const result = sink.emit(events);
|
package/dist/events.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AA2KxC,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAA2B;IAC3C,OAAO,CAAC,SAAS,CAAa;gBAElB,MAAM,EAAE,YAAY;IAWhC,KAAK,CACH,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,OAAO,CAAC,EAAE;QACR,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;KAC1B,GACA,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CAgDvB"}
|
package/dist/events.js
CHANGED
|
@@ -40,6 +40,7 @@ exports.EventBuilder = void 0;
|
|
|
40
40
|
const os = __importStar(require("os"));
|
|
41
41
|
const context_1 = require("./context");
|
|
42
42
|
const ids_1 = require("./ids");
|
|
43
|
+
const attribution_1 = require("./attribution");
|
|
43
44
|
const lineage_1 = require("./lineage");
|
|
44
45
|
class TimestampEnricher {
|
|
45
46
|
enrich(event) {
|
|
@@ -143,6 +144,39 @@ class ProcessEnricher {
|
|
|
143
144
|
event.process_id = this.processId;
|
|
144
145
|
}
|
|
145
146
|
}
|
|
147
|
+
function buildAuditMetadata() {
|
|
148
|
+
const audit = (0, attribution_1.getAuditMetadata)();
|
|
149
|
+
if (!audit) {
|
|
150
|
+
return null;
|
|
151
|
+
}
|
|
152
|
+
const payload = {
|
|
153
|
+
use_case_name: audit.useCaseName,
|
|
154
|
+
business_owner: audit.businessOwner,
|
|
155
|
+
data_categories: audit.dataCategories,
|
|
156
|
+
risk_level: audit.riskLevel,
|
|
157
|
+
compliance_frameworks: audit.complianceFrameworks,
|
|
158
|
+
review_date: audit.reviewDate,
|
|
159
|
+
reviewer: audit.reviewer,
|
|
160
|
+
notes: audit.notes,
|
|
161
|
+
};
|
|
162
|
+
const cleaned = {};
|
|
163
|
+
for (const [key, value] of Object.entries(payload)) {
|
|
164
|
+
if (value === undefined || value === null) {
|
|
165
|
+
continue;
|
|
166
|
+
}
|
|
167
|
+
if (typeof value === 'string' && value.trim() === '') {
|
|
168
|
+
continue;
|
|
169
|
+
}
|
|
170
|
+
if (Array.isArray(value) && value.length === 0) {
|
|
171
|
+
continue;
|
|
172
|
+
}
|
|
173
|
+
if (typeof value === 'object' && !Array.isArray(value) && Object.keys(value).length === 0) {
|
|
174
|
+
continue;
|
|
175
|
+
}
|
|
176
|
+
cleaned[key] = value;
|
|
177
|
+
}
|
|
178
|
+
return Object.keys(cleaned).length > 0 ? cleaned : null;
|
|
179
|
+
}
|
|
146
180
|
class EventBuilder {
|
|
147
181
|
constructor(config) {
|
|
148
182
|
this.defaults = config.defaults || {};
|
|
@@ -180,6 +214,10 @@ class EventBuilder {
|
|
|
180
214
|
reason: options?.reason || null,
|
|
181
215
|
body,
|
|
182
216
|
};
|
|
217
|
+
const auditMetadata = buildAuditMetadata();
|
|
218
|
+
if (auditMetadata) {
|
|
219
|
+
event.audit_metadata = auditMetadata;
|
|
220
|
+
}
|
|
183
221
|
const sequence = (0, context_1.nextEventSequence)();
|
|
184
222
|
if (sequence !== null) {
|
|
185
223
|
event.event_sequence = sequence;
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Evidence store with hash chaining and lineage graph support.
|
|
3
|
+
*/
|
|
4
|
+
export interface EvidenceHashRecord {
|
|
5
|
+
evidence_id: string;
|
|
6
|
+
evidence_hash: string;
|
|
7
|
+
prev_hash: string | null;
|
|
8
|
+
recorded_at: string;
|
|
9
|
+
collected_at?: string | null;
|
|
10
|
+
}
|
|
11
|
+
export interface EvidenceHashChain {
|
|
12
|
+
chain_type: 'evidence_hash_chain';
|
|
13
|
+
algorithm: string;
|
|
14
|
+
generated_at: string;
|
|
15
|
+
item_count: number;
|
|
16
|
+
first_hash: string | null;
|
|
17
|
+
last_hash: string | null;
|
|
18
|
+
verification_status: 'verified' | 'invalid';
|
|
19
|
+
verification_error?: string | null;
|
|
20
|
+
records: EvidenceHashRecord[];
|
|
21
|
+
}
|
|
22
|
+
export interface EvidenceLineageGraph {
|
|
23
|
+
graph_type: 'evidence_lineage';
|
|
24
|
+
generated_at: string;
|
|
25
|
+
node_counts: Record<string, number>;
|
|
26
|
+
nodes: Array<Record<string, any>>;
|
|
27
|
+
edges: Array<Record<string, any>>;
|
|
28
|
+
}
|
|
29
|
+
export interface EvidenceManifest {
|
|
30
|
+
manifest_type: 'evidence_manifest';
|
|
31
|
+
manifest_version: string;
|
|
32
|
+
standard: string;
|
|
33
|
+
generated_at: string;
|
|
34
|
+
scope?: string | null;
|
|
35
|
+
generated_by?: string | null;
|
|
36
|
+
notes?: string | null;
|
|
37
|
+
evidence_items: Array<Record<string, any>>;
|
|
38
|
+
hash_chain?: EvidenceHashChain;
|
|
39
|
+
lineage_graph?: EvidenceLineageGraph;
|
|
40
|
+
control_workflow_state?: Record<string, any>;
|
|
41
|
+
aims_governance_state?: Record<string, any>;
|
|
42
|
+
}
|
|
43
|
+
export interface EvidenceStoreOptions {
|
|
44
|
+
hashAlgorithm?: string;
|
|
45
|
+
}
|
|
46
|
+
export declare function computeEvidenceItemHash(item: Record<string, any>, options?: {
|
|
47
|
+
prevHash?: string | null;
|
|
48
|
+
algorithm?: string;
|
|
49
|
+
}): string;
|
|
50
|
+
export declare function verifyEvidenceHashChain(evidenceItems: Array<Record<string, any>>, records: EvidenceHashRecord[], algorithm?: string): {
|
|
51
|
+
valid: boolean;
|
|
52
|
+
error?: string;
|
|
53
|
+
};
|
|
54
|
+
export declare function buildEvidenceHashChain(evidenceItems: Array<Record<string, any>>, options?: {
|
|
55
|
+
algorithm?: string;
|
|
56
|
+
sortBy?: (item: Record<string, any>) => string;
|
|
57
|
+
}): EvidenceHashChain;
|
|
58
|
+
export declare function buildEvidenceLineageGraph(evidenceItems: Array<Record<string, any>>): EvidenceLineageGraph;
|
|
59
|
+
export declare function buildHashedEvidenceManifest(options: {
|
|
60
|
+
standard: string;
|
|
61
|
+
evidenceItems: Array<Record<string, any>>;
|
|
62
|
+
scope?: string;
|
|
63
|
+
generatedBy?: string;
|
|
64
|
+
notes?: string;
|
|
65
|
+
generatedAt?: string;
|
|
66
|
+
includeLineage?: boolean;
|
|
67
|
+
includeHashChain?: boolean;
|
|
68
|
+
hashAlgorithm?: string;
|
|
69
|
+
}): EvidenceManifest;
|
|
70
|
+
export declare class EvidenceStore {
|
|
71
|
+
private items;
|
|
72
|
+
private algorithm;
|
|
73
|
+
constructor(options?: EvidenceStoreOptions);
|
|
74
|
+
clear(): void;
|
|
75
|
+
addEvidence(item: Record<string, any>): Record<string, any>;
|
|
76
|
+
addMany(items: Array<Record<string, any>>): Array<Record<string, any>>;
|
|
77
|
+
listItems(): Array<Record<string, any>>;
|
|
78
|
+
get(evidenceId: string): Record<string, any> | null;
|
|
79
|
+
buildManifest(options: {
|
|
80
|
+
standard: string;
|
|
81
|
+
scope?: string;
|
|
82
|
+
generatedBy?: string;
|
|
83
|
+
notes?: string;
|
|
84
|
+
includeLineage?: boolean;
|
|
85
|
+
includeHashChain?: boolean;
|
|
86
|
+
}): EvidenceManifest;
|
|
87
|
+
getHashAlgorithm(): string;
|
|
88
|
+
}
|
|
89
|
+
export declare function getRuntimeEvidenceStore(): EvidenceStore;
|
|
90
|
+
export declare function clearRuntimeEvidenceStore(): void;
|
|
91
|
+
export declare function recordRuntimeEvidence(item: Record<string, any>): Record<string, any>;
|
|
92
|
+
export declare function buildRuntimeEvidenceManifest(options?: {
|
|
93
|
+
standard?: string;
|
|
94
|
+
scope?: string;
|
|
95
|
+
generatedBy?: string;
|
|
96
|
+
notes?: string;
|
|
97
|
+
includeLineage?: boolean;
|
|
98
|
+
includeHashChain?: boolean;
|
|
99
|
+
includeControlWorkflowState?: boolean;
|
|
100
|
+
includeAimsGovernanceState?: boolean;
|
|
101
|
+
controlCatalog?: Record<string, any> | null;
|
|
102
|
+
}): EvidenceManifest;
|
|
103
|
+
//# sourceMappingURL=evidence_store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"evidence_store.d.ts","sourceRoot":"","sources":["../src/evidence_store.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9B;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,qBAAqB,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,mBAAmB,EAAE,UAAU,GAAG,SAAS,CAAC;IAC5C,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,OAAO,EAAE,kBAAkB,EAAE,CAAC;CAC/B;AAED,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE,kBAAkB,CAAC;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAClC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,mBAAmB,CAAC;IACnC,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,cAAc,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAC3C,UAAU,CAAC,EAAE,iBAAiB,CAAC;IAC/B,aAAa,CAAC,EAAE,oBAAoB,CAAC;IACrC,sBAAsB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC7C,qBAAqB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAC7C;AAED,MAAM,WAAW,oBAAoB;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AA6ED,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,GACzD,MAAM,CAWR;AAED,wBAAgB,uBAAuB,CACrC,aAAa,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,EACzC,OAAO,EAAE,kBAAkB,EAAE,EAC7B,SAAS,CAAC,EAAE,MAAM,GACjB;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAmCpC;AAED,wBAAgB,sBAAsB,CACpC,aAAa,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,EACzC,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,MAAM,CAAA;CAAE,GAC/E,iBAAiB,CAuCnB;AAYD,wBAAgB,yBAAyB,CACvC,aAAa,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,GACxC,oBAAoB,CAsItB;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,GAAG,gBAAgB,CAwBnB;AAiCD,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAAmC;IAChD,OAAO,CAAC,SAAS,CAAS;gBAEd,OAAO,CAAC,EAAE,oBAAoB;IAK1C,KAAK,IAAI,IAAI;IAIb,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAM3D,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAItE,SAAS,IAAI,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAIvC,GAAG,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAKnD,aAAa,CAAC,OAAO,EAAE;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,gBAAgB,CAAC,EAAE,OAAO,CAAC;KAC5B,GAAG,gBAAgB;IAapB,gBAAgB,IAAI,MAAM;CAG3B;AAID,wBAAgB,uBAAuB,IAAI,aAAa,CAEvD;AAED,wBAAgB,yBAAyB,IAAI,IAAI,CAEhD;AAED,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAEpF;AAED,wBAAgB,4BAA4B,CAAC,OAAO,CAAC,EAAE;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,2BAA2B,CAAC,EAAE,OAAO,CAAC;IACtC,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI,CAAC;CAC7C,GAAG,gBAAgB,CA6BnB"}
|