monora-ai 2.1.0 → 2.1.3

package/dist/assessment.js

@@ -56,6 +56,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.runComplianceCheck = runComplianceCheck;
 exports.reportUsageProfile = reportUsageProfile;
 exports.onComplianceCheck = onComplianceCheck;
+exports.generateRemediationPlan = generateRemediationPlan;
 exports.generateAssessmentReport = generateAssessmentReport;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
@@ -63,7 +64,7 @@ const attribution_1 = require("./attribution");
 const config_1 = require("./config");
 const verify_1 = require("./verify");
 // Get version
-let SDK_VERSION = '1.9.0';
+let SDK_VERSION = '2.1.3';
 try {
     const pkgPath = path.join(__dirname, '..', 'package.json');
     if (fs.existsSync(pkgPath)) {
@@ -509,6 +510,271 @@ function buildFrameworkChecks(config, frameworks) {
         addCheck('iso42001_policy_enforcement', 'ISO 42001: policy enforcement is enabled', Boolean(policies.enforce), 'governance', 'Enable policy enforcement for ISO 42001 governance controls');
         addCheck('iso42001_data_handling_enabled', 'ISO 42001: data handling/redaction is enabled', dataHandlingEnabled, 'privacy', 'Enable data_handling to support ISO 42001 risk controls');
         addCheck('iso42001_review_documented', 'ISO 42001: compliance review metadata is documented', reviewDocumented, 'governance', 'Record review_date or reviewer in audit metadata for ISO 42001');
+        // A.5.x - Impact Assessment checks
+        const impactConfig = (config.impact_assessment || {});
+        const impactEnabled = Boolean(impactConfig.enabled);
+        addCheck('iso42001_impact_assessment_enabled', 'ISO 42001 A.5: Impact assessment module is enabled', impactEnabled, 'governance', 'Enable impact_assessment in config for ISO 42001 A.5.x compliance');
+        // Check for registered impact assessments
+        let hasImpactAssessments = false;
+        let hasApprovedAssessment = false;
+        try {
+            const { getRegistry: getImpactRegistry } = require('./impact-assessment');
+            const impactRegistry = getImpactRegistry();
+            const assessments = impactRegistry.listAssessments();
+            hasImpactAssessments = assessments.length > 0;
+            hasApprovedAssessment = assessments.some((a) => a.status === 'approved');
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_impact_assessment_registered', 'ISO 42001 A.5.2: At least one impact assessment is registered', hasImpactAssessments, 'governance', 'Create and register an AI impact assessment using createImpactAssessment()');
+        addCheck('iso42001_impact_assessment_approved', 'ISO 42001 A.5.3: At least one impact assessment is approved', hasApprovedAssessment, 'governance', 'Complete impact assessment approval workflow using finalizeAssessment()');
+        // A.6.x - Lifecycle checks
+        const lifecycleConfig = (config.lifecycle || {});
+        const lifecycleEnabled = Boolean(lifecycleConfig.enabled);
+        addCheck('iso42001_lifecycle_enabled', 'ISO 42001 A.6: Lifecycle management module is enabled', lifecycleEnabled, 'governance', 'Enable lifecycle in config for ISO 42001 A.6.x compliance');
+        // Check for registered system records
+        let hasSystemRecords = false;
+        let hasRequirements = false;
+        let hasVerification = false;
+        try {
+            const { getRegistry: getLifecycleRegistry } = require('./lifecycle');
+            const lifecycleRegistry = getLifecycleRegistry();
+            const systemRecords = lifecycleRegistry.listRecords();
+            hasSystemRecords = systemRecords.length > 0;
+            hasRequirements = systemRecords.some((r) => r.requirements && r.requirements.length > 0);
+            hasVerification = systemRecords.some((r) => r.verificationResults && r.verificationResults.length > 0);
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_system_record_registered', 'ISO 42001 A.6.1: At least one AI system record is registered', hasSystemRecords, 'governance', 'Create AI system record using createSystemRecord()');
+        addCheck('iso42001_requirements_defined', 'ISO 42001 A.6.2.2: System has defined requirements', hasRequirements, 'governance', 'Define system requirements using addRequirement()');
+        addCheck('iso42001_verification_recorded', 'ISO 42001 A.6.2.4: Verification results are recorded', hasVerification, 'governance', 'Record verification results using recordVerification()');
+        // A.7.x - Data Governance checks
+        const dataGovConfig = (config.data_governance || {});
+        const dataGovEnabled = Boolean(dataGovConfig.enabled);
+        addCheck('iso42001_data_governance_enabled', 'ISO 42001 A.7: Data governance module is enabled', dataGovEnabled, 'privacy', 'Enable data_governance in config for ISO 42001 A.7.x compliance');
+        // Check for registered datasets
+        let hasDatasets = false;
+        let hasQualityMetrics = false;
+        let hasBiasAssessment = false;
+        try {
+            const { getRegistry: getDataGovRegistry } = require('./data-governance');
+            const dataRegistry = getDataGovRegistry();
+            const datasets = dataRegistry.listRecords();
+            hasDatasets = datasets.length > 0;
+            hasQualityMetrics = datasets.some((d) => d.qualityMetrics !== undefined);
+            hasBiasAssessment = datasets.some((d) => d.biasAssessments && d.biasAssessments.length > 0);
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_dataset_registered', 'ISO 42001 A.7.2: At least one dataset is registered', hasDatasets, 'privacy', 'Register datasets using createDatasetRecord()');
+        addCheck('iso42001_data_quality_recorded', 'ISO 42001 A.7.4: Data quality metrics are recorded', hasQualityMetrics, 'privacy', 'Record data quality metrics using recordQualityMetrics()');
+        addCheck('iso42001_data_bias_assessed', 'ISO 42001 A.7.6: Dataset bias assessments are recorded', hasBiasAssessment, 'privacy', 'Record bias assessments using recordDatasetBiasAssessment()');
+        // A.8.x/A.10.x - Stakeholder checks
+        const stakeholdersConfig = (config.stakeholders || {});
+        const stakeholdersEnabled = Boolean(stakeholdersConfig.enabled);
+        addCheck('iso42001_stakeholders_enabled', 'ISO 42001 A.8/A.10: Stakeholder management module is enabled', stakeholdersEnabled, 'governance', 'Enable stakeholders in config for ISO 42001 A.8/A.10 compliance');
+        // Check for registered stakeholders/suppliers
+        let hasStakeholders = false;
+        let hasSuppliers = false;
+        let hasApprovedSuppliers = false;
+        try {
+            const { getRegistry: getStakeholderRegistry } = require('./stakeholders');
+            const stakeholderRegistry = getStakeholderRegistry();
+            const stakeholdersList = stakeholderRegistry.listStakeholders();
+            const suppliersList = stakeholderRegistry.listSuppliers();
+            hasStakeholders = stakeholdersList.length > 0;
+            hasSuppliers = suppliersList.length > 0;
+            hasApprovedSuppliers = suppliersList.some((s) => s.status === 'approved');
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_stakeholders_registered', 'ISO 42001 A.8.2: Stakeholders are registered', hasStakeholders, 'governance', 'Register stakeholders using registerStakeholder()');
+        addCheck('iso42001_suppliers_registered', 'ISO 42001 A.10.3: Suppliers are registered', hasSuppliers, 'governance', 'Register suppliers using registerSupplier()');
+        addCheck('iso42001_suppliers_approved', 'ISO 42001 A.10.3: Suppliers are assessed and approved', hasApprovedSuppliers, 'governance', 'Approve suppliers after assessment using updateSupplierStatus()');
+        // A.4.x/A.2.4 - Resource Inventory checks
+        const resourcesConfig = (config.resources || {});
+        const resourcesEnabled = Boolean(resourcesConfig.enabled);
+        addCheck('iso42001_resources_enabled', 'ISO 42001 A.4: Resource inventory module is enabled', resourcesEnabled, 'governance', 'Enable resources in config for ISO 42001 A.4.x compliance');
+        // Check for resource inventories and policy reviews
+        let hasInventories = false;
+        let hasTooling = false;
+        let hasPolicyReviews = false;
+        try {
+            const { getRegistry: getResourceRegistry } = require('./resources');
+            const resourceRegistry = getResourceRegistry();
+            const inventories = resourceRegistry.listInventories();
+            const policyReviews = resourceRegistry.listPolicyReviews();
+            hasInventories = inventories.length > 0;
+            hasTooling = inventories.some((i) => i.toolingResources && i.toolingResources.length > 0);
+            hasPolicyReviews = policyReviews.length > 0;
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_resource_inventory_exists', 'ISO 42001 A.4.2: Resource inventory exists', hasInventories, 'governance', 'Create resource inventory using createResourceInventory()');
+        addCheck('iso42001_tooling_resources_tracked', 'ISO 42001 A.4.4: Tooling resources are tracked', hasTooling, 'governance', 'Track tooling resources using addToolingResource()');
+        addCheck('iso42001_policy_reviews_scheduled', 'ISO 42001 A.2.4: Policy reviews are scheduled', hasPolicyReviews, 'governance', 'Schedule policy reviews using schedulePolicyReview()');
+        // ============================================================
+        // NEW ISO 42001 CHECKS - Phase 2 Gap Closure (39 checks)
+        // ============================================================
+        // Query ISO 42001 workflow records for checks
+        let workflowTypes = new Set();
+        try {
+            const { listWorkflowRecords } = require('./iso42001-workflows');
+            const workflowRecords = listWorkflowRecords();
+            workflowTypes = new Set(workflowRecords.map((r) => r.workflowType));
+        }
+        catch {
+            // Module not available
+        }
+        // ----------------------------------------------------------
+        // A.2 Policy & Governance (4 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_policy_alignment_recorded', 'ISO 42001 A.2.3: Policy alignment workflow is recorded', workflowTypes.has('policy_alignment'), 'governance', 'Record policy alignment using recordPolicyAlignment()');
+        const iso42001Config = (config.iso42001 || {});
+        const aimsContext = iso42001Config.aims_context || '';
+        addCheck('iso42001_aims_context_established', 'ISO 42001 A.2.2: AIMS context is established', Boolean(aimsContext), 'governance', 'Set iso42001.aims_context in config to document AIMS context');
+        const aimsScope = iso42001Config.aims_scope || '';
+        addCheck('iso42001_aims_scope_defined', 'ISO 42001 A.2: AIMS scope is defined', Boolean(aimsScope), 'governance', 'Set iso42001.aims_scope in config to define scope');
+        // Check for interested parties via stakeholders module
+        addCheck('iso42001_interested_parties_identified', 'ISO 42001 A.2: Interested parties are identified', hasStakeholders, 'governance', 'Register stakeholders using registerStakeholder()');
+        // ----------------------------------------------------------
+        // A.4 Resources (4 new checks)
+        // ----------------------------------------------------------
+        let hasHumanResources = false;
+        let hasComputeResources = false;
+        let hasDataResources = false;
+        try {
+            const { getRegistry: getResRegistry } = require('./resources');
+            const resReg = getResRegistry();
+            const allInventories = resReg.listInventories();
+            hasHumanResources = allInventories.some((i) => i.humanResources && i.humanResources.length > 0);
+            hasComputeResources = allInventories.some((i) => i.computeResources && i.computeResources.length > 0);
+            hasDataResources = allInventories.some((i) => i.metadata && i.metadata.data_resources);
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_human_resources_tracked', 'ISO 42001 A.4: Human resources are tracked', hasHumanResources, 'governance', 'Track human resources using addHumanResource()');
+        addCheck('iso42001_compute_resources_tracked', 'ISO 42001 A.4: Compute resources are tracked', hasComputeResources, 'governance', 'Track compute resources using addComputeResource()');
+        addCheck('iso42001_data_resources_tracked', 'ISO 42001 A.4: Data resources are documented', hasDataResources, 'governance', 'Document data resources in resource inventory metadata');
+        const hasCompetencyRecords = workflowTypes.has('resource_competency');
+        addCheck('iso42001_competency_training_documented', 'ISO 42001 A.4: Competency and training is documented', hasCompetencyRecords, 'governance', 'Record competency requirements using recordResourceCompetency()');
+        // ----------------------------------------------------------
+        // A.5 Impact Assessment (5 new checks)
+        // ----------------------------------------------------------
+        let hasCurrentAssessment = false;
+        let hasSocietalImpacts = false;
+        let hasIndividualImpacts = false;
+        let hasMitigations = false;
+        let hasRevalidation = false;
+        try {
+            const { getRegistry: getImpRegistry } = require('./impact-assessment');
+            const impReg = getImpRegistry();
+            const allAssessments = impReg.listAssessments();
+            const now = new Date().toISOString();
+            hasCurrentAssessment = allAssessments.some((a) => !a.validUntil || a.validUntil > now);
+            hasSocietalImpacts = allAssessments.some((a) => a.impacts && a.impacts.some((i) => i.impactType === 'societal'));
+            hasIndividualImpacts = allAssessments.some((a) => a.impacts && a.impacts.some((i) => i.impactType === 'individual'));
+            hasMitigations = allAssessments.some((a) => a.impacts && a.impacts.some((i) => i.mitigations && i.mitigations.length > 0));
+            hasRevalidation = allAssessments.some((a) => a.revalidationFrequency);
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_impact_assessment_current', 'ISO 42001 A.5.2: Impact assessment is current (not expired)', hasCurrentAssessment, 'governance', 'Ensure impact assessment validUntil is in the future');
+        addCheck('iso42001_societal_impacts_assessed', 'ISO 42001 A.5.5: Societal impacts are assessed', hasSocietalImpacts, 'governance', "Add societal impact records using addImpactRecord({impactType: 'societal'})");
+        addCheck('iso42001_individual_impacts_assessed', 'ISO 42001 A.5.4: Individual impacts are assessed', hasIndividualImpacts, 'governance', "Add individual impact records using addImpactRecord({impactType: 'individual'})");
+        addCheck('iso42001_impact_mitigations_documented', 'ISO 42001 A.5: Impact mitigations are documented', hasMitigations, 'governance', 'Document mitigations using addMitigation() on impact records');
+        addCheck('iso42001_impact_revalidation_scheduled', 'ISO 42001 A.5: Impact revalidation frequency is set', hasRevalidation, 'governance', 'Set revalidationFrequency on impact assessments');
+        // ----------------------------------------------------------
+        // A.6 Lifecycle (8 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_development_objectives_defined', 'ISO 42001 A.6.1.2: Development objectives are defined', workflowTypes.has('responsible_development_objectives'), 'governance', 'Record objectives using recordResponsibleDevelopmentObjectives()');
+        addCheck('iso42001_development_process_defined', 'ISO 42001 A.6.1.3: Development process is defined', workflowTypes.has('responsible_development_process'), 'governance', 'Record process using recordResponsibleDevelopmentProcess()');
+        // Check for design documents via lifecycle
+        let hasDesignDocs = false;
+        let hasValidation = false;
+        let hasDeploymentApproval = false;
+        let hasMonitoring = false;
+        try {
+            const { getRegistry: getLcRegistry } = require('./lifecycle');
+            const lcReg = getLcRegistry();
+            const lcRecords = lcReg.listRecords();
+            hasDesignDocs = lcRecords.some((r) => r.metadata && r.metadata.design_documents);
+            hasValidation = lcRecords.some((r) => r.validationResults && r.validationResults.length > 0);
+            hasDeploymentApproval = lcRecords.some((r) => (r.stage === 'staging' || r.stage === 'production') &&
+                r.metadata &&
+                r.metadata.deployment_approved);
+            hasMonitoring = lcRecords.some((r) => r.metadata && r.metadata.monitoring_configured);
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_design_documents_current', 'ISO 42001 A.6.2.1: Design documents are maintained', hasDesignDocs || workflowTypes.has('requirements_specification'), 'governance', 'Record requirements using recordRequirementsSpecification() or add design_documents to lifecycle metadata');
+        addCheck('iso42001_verification_validation_complete', 'ISO 42001 A.6.2.4: Verification and validation is complete', hasValidation || workflowTypes.has('verification_validation'), 'governance', 'Record V&V using recordVerificationValidation() or recordValidation()');
+        addCheck('iso42001_deployment_approval_documented', 'ISO 42001 A.6.2.5: Deployment approval is documented', hasDeploymentApproval || workflowTypes.has('deployment_plan'), 'governance', 'Record deployment approval using recordDeploymentPlan() or set deployment_approved in metadata');
+        addCheck('iso42001_operations_monitoring_active', 'ISO 42001 A.6.2.6: Operations monitoring is configured', hasMonitoring || workflowTypes.has('operations_monitoring'), 'governance', 'Record monitoring using recordOperationsMonitoring() or set monitoring_configured in metadata');
+        addCheck('iso42001_stakeholder_docs_communicated', 'ISO 42001 A.6.2.7: Stakeholder documentation is communicated', workflowTypes.has('stakeholder_documentation'), 'governance', 'Record documentation using recordStakeholderDocumentation()');
+        // Check hash chain for event logging integrity
+        const immutabilityConfig = (config.immutability || {});
+        const hashChainEnabled = Boolean(immutabilityConfig.enabled);
+        addCheck('iso42001_event_logging_integrity', 'ISO 42001 A.6.2.8: Event logging integrity controls are enabled', hashChainEnabled || workflowTypes.has('lifecycle_event_logging'), 'integrity', 'Enable immutability.enabled=true or recordLifecycleEventLogging()');
+        // ----------------------------------------------------------
+        // A.7 Data (5 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_data_sources_documented', 'ISO 42001 A.7.2: Data sources are documented', workflowTypes.has('data_acquisition'), 'privacy', 'Record data sources using recordDataAcquisition()');
+        // Check for consent basis in data governance
+        let hasConsentBasis = false;
+        let hasQualityDimensions = false;
+        let hasProvenance = false;
+        let hasPreparation = false;
+        try {
+            const { getRegistry: getDataReg } = require('./data-governance');
+            const dataReg = getDataReg();
+            const allDatasets = dataReg.listRecords();
+            hasConsentBasis = allDatasets.some((d) => d.metadata && (d.metadata.consent_basis || d.metadata.legal_basis));
+            hasQualityDimensions = allDatasets.some((d) => d.qualityMetrics);
+            hasProvenance = allDatasets.some((d) => d.provenance);
+            hasPreparation = allDatasets.some((d) => d.preparationSteps && d.preparationSteps.length > 0);
+        }
+        catch {
+            // Module not available
+        }
+        addCheck('iso42001_data_consent_basis_valid', 'ISO 42001 A.7.3: Data consent/legal basis is documented', hasConsentBasis || workflowTypes.has('data_acquisition'), 'privacy', 'Set consent_basis or legal_basis in dataset metadata');
+        addCheck('iso42001_data_quality_dimensions', 'ISO 42001 A.7.4: Data quality dimensions are defined', hasQualityDimensions || workflowTypes.has('data_quality'), 'privacy', 'Record quality metrics using recordQualityMetrics() or recordDataQuality()');
+        addCheck('iso42001_data_provenance_traceable', 'ISO 42001 A.7.5: Data provenance is traceable', hasProvenance || workflowTypes.has('data_provenance'), 'privacy', 'Record provenance using recordProvenance() or recordDataProvenance()');
+        addCheck('iso42001_data_preparation_documented', 'ISO 42001 A.7.6: Data preparation is documented', hasPreparation || workflowTypes.has('data_preparation'), 'privacy', 'Record preparation using recordPreparationStep() or recordDataPreparation()');
+        // ----------------------------------------------------------
+        // A.8 Transparency (4 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_transparency_channels', 'ISO 42001 A.8.2: Transparency disclosure channels are established', workflowTypes.has('transparency_disclosure'), 'transparency', 'Record transparency using recordTransparencyDisclosure()');
+        addCheck('iso42001_adverse_impact_process', 'ISO 42001 A.8.3: Adverse impact reporting process is defined', workflowTypes.has('adverse_impact_reporting'), 'transparency', 'Record process using recordAdverseImpactReporting()');
+        addCheck('iso42001_incident_escalation_defined', 'ISO 42001 A.8.4: Incident escalation plan is defined', workflowTypes.has('incident_communication'), 'transparency', 'Record plan using recordIncidentCommunication()');
+        addCheck('iso42001_regulatory_reporting_compliant', 'ISO 42001 A.8.5: Regulatory reporting obligations are tracked', workflowTypes.has('reporting_obligations'), 'transparency', 'Record obligations using recordReportingObligations()');
+        // ----------------------------------------------------------
+        // A.9 Responsible Use (3 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_use_process_documented', 'ISO 42001 A.9.2: Responsible use process is documented', workflowTypes.has('responsible_use_process'), 'governance', 'Record process using recordResponsibleUseProcess()');
+        addCheck('iso42001_use_objectives_measurable', 'ISO 42001 A.9.3: Responsible use objectives are measurable', workflowTypes.has('responsible_use_objectives'), 'governance', 'Record objectives using recordResponsibleUseObjectives()');
+        addCheck('iso42001_intended_use_defined', 'ISO 42001 A.9.4: Intended use statement is defined', workflowTypes.has('intended_use_statement'), 'governance', 'Record statement using recordIntendedUseStatement()');
+        // ----------------------------------------------------------
+        // A.10 Third-Party (3 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_responsibility_allocation', 'ISO 42001 A.10.1: Third-party responsibility allocation is clear', workflowTypes.has('third_party_responsibility'), 'governance', 'Record allocation using recordThirdPartyResponsibility()');
+        addCheck('iso42001_supplier_assessment_documented', 'ISO 42001 A.10.2: Supplier assessments are documented', workflowTypes.has('supplier_assurance'), 'governance', 'Record assessments using recordSupplierAssurance()');
+        addCheck('iso42001_customer_requirements_mapped', 'ISO 42001 A.10.3: Customer requirements are mapped', workflowTypes.has('customer_alignment'), 'governance', 'Record requirements using recordCustomerAlignment()');
+        // ----------------------------------------------------------
+        // Clause 9-10 Management (3 new checks)
+        // ----------------------------------------------------------
+        addCheck('iso42001_audit_findings_addressed', 'ISO 42001 Clause 9: Internal audit findings are addressed', workflowTypes.has('internal_audit'), 'governance', 'Record audits using recordInternalAudit()');
+        addCheck('iso42001_management_review_complete', 'ISO 42001 Clause 9: Management review is complete', workflowTypes.has('management_review'), 'governance', 'Record reviews using recordManagementReview()');
+        addCheck('iso42001_capa_effectiveness_verified', 'ISO 42001 Clause 10: Corrective action effectiveness is verified', workflowTypes.has('corrective_action'), 'governance', 'Record CAPA using recordCorrectiveAction()');
     }
     return { checks, warnings, recommendations };
 }
@@ -520,10 +786,17 @@ function loadEvents(eventsPath) {
     }
     try {
         const content = fs.readFileSync(eventsPath, 'utf8');
-        const events = content
-            .split('\n')
-            .filter((line) => line.trim())
-            .map((line) => JSON.parse(line));
+        const events = [];
+        const lines = content.split('\n').filter((line) => line.trim());
+        lines.forEach((line, index) => {
+            try {
+                events.push(JSON.parse(line));
+            }
+            catch (err) {
+                const snippet = line.length > 120 ? `${line.slice(0, 120)}...` : line;
+                errors.push(`Failed to parse events line ${index + 1}: ${err} (${snippet})`);
+            }
+        });
         return { events, errors };
     }
     catch (e) {
@@ -677,23 +950,243 @@ function onComplianceCheck(callback) {
     };
 }
 /**
- * Generate a comprehensive assessment report.
+ * Category priority weights for remediation ordering.
+ */
+const CATEGORY_PRIORITY = {
+    security: 100,
+    integrity: 90,
+    privacy: 85,
+    governance: 70,
+    auditability: 60,
+    reliability: 50,
+    completeness: 40,
+};
+/**
+ * Effort estimates based on check name patterns.
+ */
+const EFFORT_ESTIMATES = {
+    // Configuration changes - minimal effort
+    immutability_enabled: 'minimal',
+    verify_on_emit: 'minimal',
+    policies_enforce: 'minimal',
+    wal_enabled: 'minimal',
+    signing_enabled: 'low',
+    data_handling_enabled: 'minimal',
+    reporting_enabled: 'minimal',
+    // Metadata documentation - low effort
+    framework_declared: 'low',
+    audit_metadata: 'low',
+    use_case_documented: 'low',
+    review_documented: 'low',
+    data_categories_declared: 'low',
+    data_classification_set: 'low',
+    // Infrastructure changes - medium/high effort
+    logging_configured: 'medium',
+    incident_alerts: 'medium',
+    redaction_rules_configured: 'medium',
+};
+/**
+ * Get effort estimate for a check.
+ */
+function getEffortEstimate(checkName) {
+    for (const [pattern, effort] of Object.entries(EFFORT_ESTIMATES)) {
+        if (checkName.includes(pattern)) {
+            return effort;
+        }
+    }
+    return 'medium';
+}
+/**
+ * Determine priority based on category and framework context.
+ */
+function determinePriority(category, frameworks, checkName) {
+    const basePriority = CATEGORY_PRIORITY[category] || 50;
+    // Boost priority for certain patterns
+    let priorityScore = basePriority;
+    // Security and integrity issues are always high priority
+    if (category === 'security' || category === 'integrity') {
+        priorityScore += 20;
+    }
+    // Framework-specific boosts
+    if (frameworks.includes('SOC2') && (category === 'auditability' || category === 'integrity')) {
+        priorityScore += 15;
+    }
+    if (frameworks.includes('GDPR') && category === 'privacy') {
+        priorityScore += 20;
+    }
+    if (frameworks.includes('ISO27001') && category === 'security') {
+        priorityScore += 15;
+    }
+    if (frameworks.includes('ISO42001') && category === 'governance') {
+        priorityScore += 15;
+    }
+    // Chain integrity failures are critical
+    if (checkName.includes('chain') && checkName.includes('valid')) {
+        return 'critical';
+    }
+    // Signing for security frameworks
+    if (checkName.includes('signing') && frameworks.includes('ISO27001')) {
+        priorityScore += 10;
+    }
+    if (priorityScore >= 100)
+        return 'critical';
+    if (priorityScore >= 80)
+        return 'high';
+    if (priorityScore >= 50)
+        return 'medium';
+    return 'low';
+}
+/**
+ * Extract framework prefix from check name.
+ */
+function extractFrameworkFromCheck(checkName) {
+    const frameworks = [];
+    if (checkName.startsWith('soc2_'))
+        frameworks.push('SOC2');
+    if (checkName.startsWith('gdpr_'))
+        frameworks.push('GDPR');
+    if (checkName.startsWith('iso27001_'))
+        frameworks.push('ISO27001');
+    if (checkName.startsWith('iso42001_'))
+        frameworks.push('ISO42001');
+    return frameworks;
+}
+/**
+ * Generate a remediation plan from compliance check results.
  *
- * This combines compliance checks, usage profile, and audit metadata
- * into a single report suitable for certification processes.
+ * This function analyzes failed compliance checks and generates an
+ * actionable remediation plan with prioritized fixes.
  *
- * @param options - Report options.
- * @returns Assessment report object.
+ * @param result - Compliance check result from runComplianceCheck().
+ * @returns RemediationPlan with prioritized fixes.
  *
  * @example
  * ```typescript
- * const report = await generateAssessmentReport({
- *   eventsPath: './monora_events.jsonl',
+ * const checkResult = await runComplianceCheck({
  *   configPath: './monora.yml',
- *   outputPath: './assessment_report.json',
+ *   frameworks: ['SOC2', 'GDPR'],
  * });
+ *
+ * const plan = generateRemediationPlan(checkResult);
+ *
+ * console.log(`Total issues: ${plan.summary.totalIssues}`);
+ * console.log(`Critical: ${plan.summary.criticalCount}`);
+ *
+ * for (const issue of plan.orderedFixes) {
+ *   console.log(`[${issue.priority}] ${issue.title}: ${issue.fix}`);
+ * }
  * ```
  */
+function generateRemediationPlan(result) {
+    const items = [];
+    const frameworks = result.frameworksAssessed || [];
+    // Process failed checks
+    for (const check of result.checks) {
+        if (check.passed)
+            continue;
+        const checkFrameworks = extractFrameworkFromCheck(check.name);
+        const affectedFrameworks = checkFrameworks.length > 0 ? checkFrameworks : frameworks;
+        // Find matching recommendation
+        const recommendation = result.recommendations.find((rec) => rec.toLowerCase().includes(check.name.replace(/_/g, ' ').toLowerCase()) ||
+            rec.toLowerCase().includes(check.description.toLowerCase().slice(0, 30)));
+        const item = {
+            id: check.name,
+            title: check.description,
+            description: `Compliance check "${check.name}" failed for category: ${check.category}`,
+            category: check.category,
+            priority: determinePriority(check.category, affectedFrameworks, check.name),
+            effort: getEffortEstimate(check.name),
+            fix: recommendation || `Enable or configure ${check.name.replace(/_/g, ' ')} in your monora.yml`,
+            frameworks: affectedFrameworks,
+        };
+        items.push(item);
+    }
+    // Add items from errors (critical issues)
+    for (const error of result.errors) {
+        const item = {
+            id: `error_${items.length}`,
+            title: 'Critical Error',
+            description: error,
+            category: 'integrity',
+            priority: 'critical',
+            effort: 'high',
+            fix: error.includes('chain')
+                ? 'Investigate hash chain integrity. Events may have been tampered with or corrupted.'
+                : 'Address the error before proceeding with compliance certification.',
+            frameworks,
+        };
+        items.push(item);
+    }
+    // Group by priority
+    const issuesByPriority = {
+        critical: items.filter((i) => i.priority === 'critical'),
+        high: items.filter((i) => i.priority === 'high'),
+        medium: items.filter((i) => i.priority === 'medium'),
+        low: items.filter((i) => i.priority === 'low'),
+    };
+    // Group by category
+    const issuesByCategory = {};
+    for (const item of items) {
+        if (!issuesByCategory[item.category]) {
+            issuesByCategory[item.category] = [];
+        }
+        issuesByCategory[item.category].push(item);
+    }
+    // Order fixes: critical first, then by category priority, then by effort (easiest first within priority)
+    const effortOrder = {
+        minimal: 0,
+        low: 1,
+        medium: 2,
+        high: 3,
+    };
+    const orderedFixes = [...items].sort((a, b) => {
+        // First by priority
+        const priorityOrder = { critical: 0, high: 1, medium: 2, low: 3 };
+        const priorityDiff = priorityOrder[a.priority] - priorityOrder[b.priority];
+        if (priorityDiff !== 0)
+            return priorityDiff;
+        // Then by category importance
+        const categoryDiff = (CATEGORY_PRIORITY[b.category] || 50) - (CATEGORY_PRIORITY[a.category] || 50);
+        if (categoryDiff !== 0)
+            return categoryDiff;
+        // Finally by effort (easier first)
+        return effortOrder[a.effort] - effortOrder[b.effort];
+    });
+    // Calculate estimated total effort
+    const effortCounts = { minimal: 0, low: 0, medium: 0, high: 0 };
+    for (const item of items) {
+        effortCounts[item.effort]++;
+    }
+    let estimatedEffort = 'None';
+    if (items.length > 0) {
+        if (effortCounts.high > 2 || items.length > 10) {
+            estimatedEffort = 'Significant (multiple sessions)';
+        }
+        else if (effortCounts.high > 0 || effortCounts.medium > 3) {
+            estimatedEffort = 'Moderate (few hours)';
+        }
+        else if (effortCounts.medium > 0 || effortCounts.low > 3) {
+            estimatedEffort = 'Low (under an hour)';
+        }
+        else {
+            estimatedEffort = 'Minimal (quick config changes)';
+        }
+    }
+    return {
+        summary: {
+            totalIssues: items.length,
+            criticalCount: issuesByPriority.critical.length,
+            highCount: issuesByPriority.high.length,
+            mediumCount: issuesByPriority.medium.length,
+            lowCount: issuesByPriority.low.length,
+            estimatedEffort,
+        },
+        issuesByPriority,
+        issuesByCategory,
+        orderedFixes,
+        generatedAt: new Date().toISOString(),
+    };
+}
 async function generateAssessmentReport(options = {}) {
     // Run compliance check
     const checkResult = await runComplianceCheck({

package/dist/attribution.d.ts

@@ -30,7 +30,7 @@ export interface ProjectRegistration {
     company?: string;
     /** Your role (e.g., "ML Engineer", "DevOps", "CTO") */
     role?: string;
-    /** Work email for best practices updates (never shared) */
+    /** Work email for best practices updates (included in registration payload when enabled) */
     email?: string;
     /** How you found Monora (npm, pypi, github, blog, referral) */
     source?: string;
@@ -260,9 +260,9 @@ export declare function configureHttp(config: {
         eu?: string;
     };
     apiKeyEnv?: string;
-    timeoutMs?: number;
+    timeoutSec?: number;
     retryAttempts?: number;
-    backoffBaseMs?: number;
+    backoffBaseSec?: number;
 }): void;
 /**
  * Send a telemetry event (e.g., startup, shutdown, error).
@@ -305,4 +305,45 @@ export declare function setAuditMetadata(metadata: AuditMetadata): AuditMetadata
  * @returns AuditMetadata object or null.
  */
 export declare function getAuditMetadata(): AuditMetadata | null;
+/**
+ * Check if first-run registration prompt has been shown.
+ *
+ * @returns True if already prompted, false otherwise.
+ */
+export declare function hasShownFirstRunPrompt(): boolean;
+/**
+ * Check if user has registered (either via postinstall or programmatically).
+ *
+ * @returns True if registered, false otherwise.
+ */
+export declare function hasRegistration(): boolean;
+/**
+ * Prompt the user to register their project (interactive, optional).
+ *
+ * @param options - Optional context about the environment.
+ * @returns True if registration was completed, false otherwise.
+ */
+export declare function promptForRegistration(options?: {
+    environment?: string;
+    force?: boolean;
+    silent?: boolean;
+}): Promise<boolean>;
+/**
+ * Show first-run registration prompt if needed.
+ *
+ * This logs a one-time message suggesting the user run `npx monora init`
+ * to register their project for best practices updates. The message is
+ * only shown once per installation.
+ *
+ * @param options - Optional context about the environment.
+ * @returns True if prompt was shown, false if skipped.
+ */
+export declare function showFirstRunPromptIfNeeded(options?: {
+    environment?: string;
+    silent?: boolean;
+}): boolean;
+/**
+ * Reset the first-run prompt state (for testing).
+ */
+export declare function resetFirstRunPrompt(): void;
 //# sourceMappingURL=attribution.d.ts.map

package/dist/attribution.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"attribution.d.ts","sourceRoot":"","sources":["../src/attribution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAiDH;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,mCAAmC;IACnC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uDAAuD;IACvD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,2DAA2D;IAC3D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,+DAA+D;IAC/D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,CAAC;IAC1D,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,2DAA2D;IAC3D,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,+BAA+B;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,6BAA6B;IAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,sBAAsB;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,+BAA+B;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oCAAoC;IACpC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,6BAA6B;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,8BAA8B;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mCAAmC;IACnC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,iBAAiB;IACjB,SAAS,CAAC,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACnD,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,qCAAqC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uBAAuB;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,oBAAoB,GAAG,gBAAgB,CAAC;IAC9C,IAAI,EAAE,mBAAmB,GAAG,WAAW,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,KAAK,EAAE,gBAAgB,KAAK,IAAI,CAAC;AA4LpE;;;;;;;GAOG;AACH,wBAAgB,YAAY,IAAI,MAAM,CAuBrC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mBAAmB,EAAE,cAAc,CAAC,GAAG,mBAAmB,CA2BvG;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,mBAAmB,GAAG,IAAI,CAG5D;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,+CAA+C;IAC/C,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,kDAAkD;IAClD,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,eAAe,CAAC,OAAO,GAAE,gBAAqB,GAAG,IAAI,CAUpE;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,IAAI,CAKvC;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAG5C;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAExD;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,MAAM,EAAE,CAE1C;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,uDAAuD;IACvD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,6BAA6B;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,GAAE,kBAAuB,GAAG,WAAW,CAa9E;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,WAAW,CAAC,OAAO,GAAE,kBAAuB,GAAG,WAAW,CAmBzE;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,MAAM,IAAI,CAS5E;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAIrD;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,GAAG,IAAI,CAGhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE;IACpC,SAAS,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,GAAG,IAAI,CAWP;AAgND;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE;IAC1C,SAAS,EAAE,SAAS,GAAG,UAAU,GAAG,WAAW,GAAG,OAAO,CAAC;IAC1D,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,GAAG,IAAI,CAoBP;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,aAAa,GAAG,aAAa,CAKvE;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,aAAa,GAAG,IAAI,CAGvD"}
+{"version":3,"file":"attribution.d.ts","sourceRoot":"","sources":["../src/attribution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAmDH;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,mCAAmC;IACnC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uDAAuD;IACvD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,4FAA4F;IAC5F,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,+DAA+D;IAC/D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,CAAC;IAC1D,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,2DAA2D;IAC3D,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,+BAA+B;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,6BAA6B;IAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,sBAAsB;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,+BAA+B;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oCAAoC;IACpC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,6BAA6B;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,8BAA8B;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mCAAmC;IACnC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,iBAAiB;IACjB,SAAS,CAAC,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACnD,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,qCAAqC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uBAAuB;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,oBAAoB,GAAG,gBAAgB,CAAC;IAC9C,IAAI,EAAE,mBAAmB,GAAG,WAAW,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,KAAK,EAAE,gBAAgB,KAAK,IAAI,CAAC;AA8LpE;;;;;;;GAOG;AACH,wBAAgB,YAAY,IAAI,MAAM,CAuBrC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mBAAmB,EAAE,cAAc,CAAC,GAAG,mBAAmB,CA2BvG;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,mBAAmB,GAAG,IAAI,CAG5D;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,+CAA+C;IAC/C,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,kDAAkD;IAClD,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,eAAe,CAAC,OAAO,GAAE,gBAAqB,GAAG,IAAI,CAUpE;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,IAAI,CAKvC;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAG5C;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAExD;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,MAAM,EAAE,CAE1C;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,uDAAuD;IACvD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,6BAA6B;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,GAAE,kBAAuB,GAAG,WAAW,CAa9E;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,WAAW,CAAC,OAAO,GAAE,kBAAuB,GAAG,WAAW,CAmBzE;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,MAAM,IAAI,CAS5E;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAIrD;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,GAAG,IAAI,CAGhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE;IACpC,SAAS,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,IAAI,CAWP;AAoND;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE;IAC1C,SAAS,EAAE,SAAS,GAAG,UAAU,GAAG,WAAW,GAAG,OAAO,CAAC;IAC1D,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,GAAG,IAAI,CAoBP;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,aAAa,GAAG,aAAa,CAKvE;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,IAAI,aAAa,GAAG,IAAI,CAGvD;AA0CD;;;;GAIG;AACH,wBAAgB,sBAAsB,IAAI,OAAO,CAGhD;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAGzC;AAED;;;;;GAKG;AACH,wBAAsB,qBAAqB,CAAC,OAAO,CAAC,EAAE;IACpD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,GAAG,OAAO,CAAC,OAAO,CAAC,CAkEnB;AAED;;;;;;;;;GASG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,CAAC,EAAE;IACnD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,GAAG,OAAO,CA4CV;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAQ1C"}