native-update 1.0.0

package/dist/esm/core/security.js

@@ -0,0 +1,315 @@
+import { ConfigManager } from './config';
+import { ValidationError, ErrorCode } from './errors';
+import { Logger } from './logger';
+export class SecurityValidator {
+    constructor() {
+        this.configManager = ConfigManager.getInstance();
+        this.logger = Logger.getInstance();
+    }
+    static getInstance() {
+        if (!SecurityValidator.instance) {
+            SecurityValidator.instance = new SecurityValidator();
+        }
+        return SecurityValidator.instance;
+    }
+    /**
+     * Validate URL is HTTPS
+     */
+    static validateUrl(url) {
+        try {
+            const parsed = new URL(url);
+            return parsed.protocol === 'https:';
+        }
+        catch (_a) {
+            return false;
+        }
+    }
+    /**
+     * Validate checksum format
+     */
+    static validateChecksum(checksum) {
+        return /^[a-f0-9]{64}$/i.test(checksum);
+    }
+    /**
+     * Sanitize input string
+     */
+    static sanitizeInput(input) {
+        if (!input)
+            return '';
+        return input.replace(/<[^>]*>/g, '').replace(/[^\w\s/.-]/g, '');
+    }
+    /**
+     * Validate bundle size
+     */
+    static validateBundleSize(size) {
+        const MAX_SIZE = 100 * 1024 * 1024; // 100MB
+        return size > 0 && size <= MAX_SIZE;
+    }
+    /**
+     * Calculate SHA-256 checksum of data
+     */
+    async calculateChecksum(data) {
+        const hashBuffer = await crypto.subtle.digest('SHA-256', data);
+        const hashArray = Array.from(new Uint8Array(hashBuffer));
+        return hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
+    }
+    /**
+     * Verify checksum matches expected value
+     */
+    async verifyChecksum(data, expectedChecksum) {
+        if (!expectedChecksum) {
+            this.logger.warn('No checksum provided for verification');
+            return true; // Allow if no checksum provided
+        }
+        const actualChecksum = await this.calculateChecksum(data);
+        const isValid = actualChecksum === expectedChecksum.toLowerCase();
+        if (!isValid) {
+            this.logger.error('Checksum verification failed', {
+                expected: expectedChecksum,
+                actual: actualChecksum,
+            });
+        }
+        return isValid;
+    }
+    /**
+     * Alias for verifyChecksum for backward compatibility
+     */
+    async validateChecksum(data, expectedChecksum) {
+        return this.verifyChecksum(data, expectedChecksum);
+    }
+    /**
+     * Verify digital signature using Web Crypto API
+     */
+    async verifySignature(data, signature) {
+        if (!this.configManager.get('enableSignatureValidation')) {
+            return true;
+        }
+        const publicKey = this.configManager.get('publicKey');
+        if (!publicKey) {
+            throw new ValidationError(ErrorCode.SIGNATURE_INVALID, 'Public key not configured for signature validation');
+        }
+        try {
+            // Import public key
+            const cryptoKey = await crypto.subtle.importKey('spki', this.pemToArrayBuffer(publicKey), {
+                name: 'RSA-PSS',
+                hash: 'SHA-256',
+            }, false, ['verify']);
+            // Verify signature
+            const isValid = await crypto.subtle.verify({
+                name: 'RSA-PSS',
+                saltLength: 32,
+            }, cryptoKey, this.base64ToArrayBuffer(signature), data);
+            if (!isValid) {
+                this.logger.error('Signature verification failed');
+            }
+            return isValid;
+        }
+        catch (error) {
+            this.logger.error('Signature verification error', error);
+            return false;
+        }
+    }
+    /**
+     * Convert PEM to ArrayBuffer
+     */
+    pemToArrayBuffer(pem) {
+        const base64 = pem
+            .replace(/-----BEGIN PUBLIC KEY-----/g, '')
+            .replace(/-----END PUBLIC KEY-----/g, '')
+            .replace(/\s/g, '');
+        return this.base64ToArrayBuffer(base64);
+    }
+    /**
+     * Convert base64 to ArrayBuffer
+     */
+    base64ToArrayBuffer(base64) {
+        const binaryString = atob(base64);
+        const bytes = new Uint8Array(binaryString.length);
+        for (let i = 0; i < binaryString.length; i++) {
+            bytes[i] = binaryString.charCodeAt(i);
+        }
+        return bytes.buffer;
+    }
+    /**
+     * Sanitize file path to prevent directory traversal
+     */
+    sanitizePath(path) {
+        // Remove any parent directory references
+        const sanitized = path
+            .split('/')
+            .filter((part) => part !== '..' && part !== '.')
+            .join('/');
+        // Ensure path doesn't start with /
+        return sanitized.replace(/^\/+/, '');
+    }
+    /**
+     * Validate bundle ID format
+     */
+    validateBundleId(bundleId) {
+        if (!bundleId || typeof bundleId !== 'string') {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Bundle ID must be a non-empty string');
+        }
+        // Allow alphanumeric, hyphens, underscores, and dots
+        const validPattern = /^[a-zA-Z0-9\-_.]+$/;
+        if (!validPattern.test(bundleId)) {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Bundle ID contains invalid characters');
+        }
+        if (bundleId.length > 100) {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Bundle ID is too long (max 100 characters)');
+        }
+    }
+    /**
+     * Validate semantic version format
+     */
+    validateVersion(version) {
+        if (!version || typeof version !== 'string') {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Version must be a non-empty string');
+        }
+        // Basic semantic versioning pattern
+        const semverPattern = /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/;
+        if (!semverPattern.test(version)) {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Version must follow semantic versioning format (e.g., 1.2.3)');
+        }
+    }
+    /**
+     * Check if version is a downgrade
+     */
+    isVersionDowngrade(currentVersion, newVersion) {
+        const current = this.parseVersion(currentVersion);
+        const next = this.parseVersion(newVersion);
+        if (next.major < current.major)
+            return true;
+        if (next.major > current.major)
+            return false;
+        if (next.minor < current.minor)
+            return true;
+        if (next.minor > current.minor)
+            return false;
+        return next.patch < current.patch;
+    }
+    /**
+     * Parse semantic version
+     */
+    parseVersion(version) {
+        const parts = version.split('-')[0].split('.'); // Ignore pre-release
+        return {
+            major: parseInt(parts[0], 10) || 0,
+            minor: parseInt(parts[1], 10) || 0,
+            patch: parseInt(parts[2], 10) || 0,
+        };
+    }
+    /**
+     * Validate URL format and security
+     */
+    validateUrl(url) {
+        if (!url || typeof url !== 'string') {
+            throw new ValidationError(ErrorCode.INVALID_URL, 'URL must be a non-empty string');
+        }
+        let parsedUrl;
+        try {
+            parsedUrl = new URL(url);
+        }
+        catch (_a) {
+            throw new ValidationError(ErrorCode.INVALID_URL, 'Invalid URL format');
+        }
+        // Enforce HTTPS
+        if (parsedUrl.protocol !== 'https:') {
+            throw new ValidationError(ErrorCode.INVALID_URL, 'Only HTTPS URLs are allowed');
+        }
+        // Check against allowed hosts
+        const allowedHosts = this.configManager.get('allowedHosts');
+        if (allowedHosts.length > 0 && !allowedHosts.includes(parsedUrl.hostname)) {
+            throw new ValidationError(ErrorCode.UNAUTHORIZED_HOST, `Host ${parsedUrl.hostname} is not in the allowed hosts list`);
+        }
+        // Prevent localhost/private IPs in production
+        const privatePatterns = [
+            /^localhost$/i,
+            /^127\./,
+            /^10\./,
+            /^172\.(1[6-9]|2[0-9]|3[0-1])\./,
+            /^192\.168\./,
+            /^::1$/,
+            /^fc00:/i,
+            /^fe80:/i,
+        ];
+        if (privatePatterns.some((pattern) => pattern.test(parsedUrl.hostname))) {
+            throw new ValidationError(ErrorCode.UNAUTHORIZED_HOST, 'Private/local addresses are not allowed');
+        }
+    }
+    /**
+     * Validate file size
+     */
+    validateFileSize(size) {
+        if (typeof size !== 'number' || size < 0) {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'File size must be a non-negative number');
+        }
+        const maxSize = this.configManager.get('maxBundleSize');
+        if (size > maxSize) {
+            throw new ValidationError(ErrorCode.BUNDLE_TOO_LARGE, `File size ${size} exceeds maximum allowed size of ${maxSize} bytes`);
+        }
+    }
+    /**
+     * Generate a secure random ID
+     */
+    generateSecureId() {
+        const array = new Uint8Array(16);
+        crypto.getRandomValues(array);
+        return Array.from(array, (byte) => byte.toString(16).padStart(2, '0')).join('');
+    }
+    /**
+     * Validate certificate pinning for HTTPS connections
+     * Note: This is a placeholder for web implementation as certificate pinning
+     * is primarily implemented at the native layer
+     */
+    async validateCertificatePin(hostname, certificate) {
+        // Certificate pinning is not available in PluginConfig type
+        const certificatePins = this.configManager.certificatePins;
+        if (!certificatePins ||
+            !Array.isArray(certificatePins) ||
+            certificatePins.length === 0) {
+            // No pins configured, allow connection
+            return true;
+        }
+        const hostPins = certificatePins.filter((pin) => pin.hostname === hostname);
+        if (hostPins.length === 0) {
+            // No pins for this host, allow connection
+            return true;
+        }
+        // Check if certificate matches any of the pins
+        const certificateHash = await this.calculateCertificateHash(certificate);
+        const isValid = hostPins.some((pin) => pin.sha256 === certificateHash);
+        if (!isValid) {
+            this.logger.error('Certificate pinning validation failed', {
+                hostname,
+                expectedPins: hostPins.map((p) => p.sha256),
+                actualHash: certificateHash,
+            });
+        }
+        return isValid;
+    }
+    /**
+     * Calculate SHA-256 hash of certificate
+     */
+    async calculateCertificateHash(certificate) {
+        const encoder = new TextEncoder();
+        const data = encoder.encode(certificate);
+        const hashBuffer = await crypto.subtle.digest('SHA-256', data);
+        const hashArray = Array.from(new Uint8Array(hashBuffer));
+        return 'sha256/' + btoa(String.fromCharCode(...hashArray));
+    }
+    /**
+     * Validate metadata object
+     */
+    validateMetadata(metadata) {
+        if (metadata && typeof metadata !== 'object') {
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Metadata must be an object');
+        }
+        // Limit metadata size to prevent abuse
+        const metadataStr = JSON.stringify(metadata || {});
+        if (metadataStr.length > 10240) {
+            // 10KB limit
+            throw new ValidationError(ErrorCode.INVALID_BUNDLE_FORMAT, 'Metadata is too large (max 10KB)');
+        }
+    }
+}
+//# sourceMappingURL=security.js.map

package/dist/esm/core/security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../../../src/core/security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAElC,MAAM,OAAO,iBAAiB;IAK5B;QACE,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC,WAAW,EAAE,CAAC;QACjD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,CAAC,WAAW;QAChB,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC;YAChC,iBAAiB,CAAC,QAAQ,GAAG,IAAI,iBAAiB,EAAE,CAAC;QACvD,CAAC;QACD,OAAO,iBAAiB,CAAC,QAAQ,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,WAAW,CAAC,GAAW;QAC5B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC5B,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACtC,CAAC;QAAC,WAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,QAAgB;QACtC,OAAO,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,KAAa;QAChC,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,kBAAkB,CAAC,IAAY;QACpC,MAAM,QAAQ,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,QAAQ;QAC5C,OAAO,IAAI,GAAG,CAAC,IAAI,IAAI,IAAI,QAAQ,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,IAAiB;QACvC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC/D,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;QACzD,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAClB,IAAiB,EACjB,gBAAwB;QAExB,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;YAC1D,OAAO,IAAI,CAAC,CAAC,gCAAgC;QAC/C,CAAC;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC1D,MAAM,OAAO,GAAG,cAAc,KAAK,gBAAgB,CAAC,WAAW,EAAE,CAAC;QAElE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE;gBAChD,QAAQ,EAAE,gBAAgB;gBAC1B,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CACpB,IAAiB,EACjB,gBAAwB;QAExB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CACnB,IAAiB,EACjB,SAAiB;QAEjB,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,2BAA2B,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,iBAAiB,EAC3B,oDAAoD,CACrD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,oBAAoB;YACpB,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7C,MAAM,EACN,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAChC;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,SAAS;aAChB,EACD,KAAK,EACL,CAAC,QAAQ,CAAC,CACX,CAAC;YAEF,mBAAmB;YACnB,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CACxC;gBACE,IAAI,EAAE,SAAS;gBACf,UAAU,EAAE,EAAE;aACf,EACD,SAAS,EACT,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,EACnC,IAAI,CACL,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACrD,CAAC;YAED,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YACzD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,GAAW;QAClC,MAAM,MAAM,GAAG,GAAG;aACf,OAAO,CAAC,6BAA6B,EAAE,EAAE,CAAC;aAC1C,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC;aACxC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACtB,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,MAAc;QACxC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7C,KAAK,CAAC,CAAC,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,KAAK,CAAC,MAAM,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAY;QACvB,yCAAyC;QACzC,MAAM,SAAS,GAAG,IAAI;aACnB,KAAK,CAAC,GAAG,CAAC;aACV,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,GAAG,CAAC;aAC/C,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,mCAAmC;QACnC,OAAO,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAAgB;QAC/B,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC9C,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,sCAAsC,CACvC,CAAC;QACJ,CAAC;QAED,qDAAqD;QACrD,MAAM,YAAY,GAAG,oBAAoB,CAAC;QAC1C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC1B,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,4CAA4C,CAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAAe;QAC7B,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,oCAAoC,CACrC,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,MAAM,aAAa,GACjB,qLAAqL,CAAC;QAExL,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,8DAA8D,CAC/D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,cAAsB,EAAE,UAAkB;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;QAClD,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAE3C,IAAI,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAC5C,IAAI,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAE7C,IAAI,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAC5C,IAAI,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAE7C,OAAO,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IACpC,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,OAAe;QAKlC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,qBAAqB;QACrE,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;YAClC,KAAK,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;YAClC,KAAK,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC;SACnC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,GAAW;QACrB,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,WAAW,EACrB,gCAAgC,CACjC,CAAC;QACJ,CAAC;QAED,IAAI,SAAc,CAAC;QACnB,IAAI,CAAC;YACH,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAAC,WAAM,CAAC;YACP,MAAM,IAAI,eAAe,CAAC,SAAS,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;QACzE,CAAC;QAED,gBAAgB;QAChB,IAAI,SAAS,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,WAAW,EACrB,6BAA6B,CAC9B,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC5D,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1E,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,iBAAiB,EAC3B,QAAQ,SAAS,CAAC,QAAQ,mCAAmC,CAC9D,CAAC;QACJ,CAAC;QAED,8CAA8C;QAC9C,MAAM,eAAe,GAAG;YACtB,cAAc;YACd,QAAQ;YACR,OAAO;YACP,gCAAgC;YAChC,aAAa;YACb,OAAO;YACP,SAAS;YACT,SAAS;SACV,CAAC;QAEF,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACxE,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,iBAAiB,EAC3B,yCAAyC,CAC1C,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,IAAY;QAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,yCAAyC,CAC1C,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACxD,IAAI,IAAI,GAAG,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,gBAAgB,EAC1B,aAAa,IAAI,oCAAoC,OAAO,QAAQ,CACrE,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CACzE,EAAE,CACH,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAC1B,QAAgB,EAChB,WAAmB;QAEnB,4DAA4D;QAC5D,MAAM,eAAe,GAAI,IAAI,CAAC,aAAqB,CAAC,eAAe,CAAC;QACpE,IACE,CAAC,eAAe;YAChB,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC;YAC/B,eAAe,CAAC,MAAM,KAAK,CAAC,EAC5B,CAAC;YACD,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CACrC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,KAAK,QAAQ,CACxC,CAAC;QACF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,0CAA0C;YAC1C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,+CAA+C;QAC/C,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,WAAW,CAAC,CAAC;QACzE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,eAAe,CAAC,CAAC;QAE5E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBACzD,QAAQ;gBACR,YAAY,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;gBAChD,UAAU,EAAE,eAAe;aAC5B,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,wBAAwB,CAAC,WAAmB;QACxD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC/D,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;QACzD,OAAO,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAAiB;QAChC,IAAI,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC7C,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,4BAA4B,CAC7B,CAAC;QACJ,CAAC;QAED,uCAAuC;QACvC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;QACnD,IAAI,WAAW,CAAC,MAAM,GAAG,KAAK,EAAE,CAAC;YAC/B,aAAa;YACb,MAAM,IAAI,eAAe,CACvB,SAAS,CAAC,qBAAqB,EAC/B,kCAAkC,CACnC,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}