opencode-1password-auth 1.0.16 → 1.0.17

package/dist/src/desktop-detection.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Get home directory in a cross-platform way
+ */
+export declare const getHomeDir: () => string;
+/**
+ * Get the platform identifier
+ */
+export declare const getPlatform: () => string;
+/**
+ * Get the path to the 1Password mounted environments directory
+ * Cross-platform: uses ~/.1password/mounted/envs/ on all platforms
+ */
+export declare const getMountedEnvPath: () => string | null;
+/**
+ * Check if the 1Password desktop app is available by checking if the
+ * mounted environments directory exists
+ * Uses non-blocking detection with timeout
+ */
+export declare const isDesktopAppAvailable: () => boolean;
+//# sourceMappingURL=desktop-detection.d.ts.map

package/dist/src/desktop-detection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"desktop-detection.d.ts","sourceRoot":"","sources":["../../src/desktop-detection.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,eAAO,MAAM,UAAU,QAAO,MAE7B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,WAAW,QAAO,MAE9B,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,iBAAiB,QAAO,MAAM,GAAG,IAQ7C,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,qBAAqB,QAAO,OAexC,CAAC"}

package/dist/src/desktop-detection.js

@@ -0,0 +1,48 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+/**
+ * Get home directory in a cross-platform way
+ */
+export const getHomeDir = () => {
+    return process.env.HOME || process.env.USERPROFILE || "";
+};
+/**
+ * Get the platform identifier
+ */
+export const getPlatform = () => {
+    return process.platform;
+};
+/**
+ * Get the path to the 1Password mounted environments directory
+ * Cross-platform: uses ~/.1password/mounted/envs/ on all platforms
+ */
+export const getMountedEnvPath = () => {
+    const home = getHomeDir();
+    if (!home) {
+        return null;
+    }
+    // 1Password uses ~/.1password/mounted/envs/ on all platforms
+    return path.join(home, '.1password', 'mounted', 'envs');
+};
+/**
+ * Check if the 1Password desktop app is available by checking if the
+ * mounted environments directory exists
+ * Uses non-blocking detection with timeout
+ */
+export const isDesktopAppAvailable = () => {
+    try {
+        const mountedPath = getMountedEnvPath();
+        if (!mountedPath) {
+            return false;
+        }
+        // Check if directory exists using fs.existsSync (non-blocking approach)
+        // Note: We don't check for FIFOs directly as that could be blocking
+        // The existence of the directory itself indicates the desktop app is running
+        return fs.existsSync(mountedPath);
+    }
+    catch (err) {
+        // Ignore errors - directory doesn't exist or isn't accessible
+        return false;
+    }
+};
+//# sourceMappingURL=desktop-detection.js.map

package/dist/src/desktop-detection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"desktop-detection.js","sourceRoot":"","sources":["../../src/desktop-detection.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,GAAW,EAAE;IACrC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;AAC3D,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,GAAW,EAAE;IACtC,OAAO,OAAO,CAAC,QAAQ,CAAC;AAC1B,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAkB,EAAE;IACnD,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;IAC1B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6DAA6D;IAC7D,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;AAC1D,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,GAAY,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,iBAAiB,EAAE,CAAC;QACxC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,wEAAwE;QACxE,oEAAoE;QACpE,6EAA6E;QAC7E,OAAO,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IACpC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,8DAA8D;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC"}

package/dist/src/fallback.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Validate that Service Account can access required 1Password environments.
+ * This verifies that the fallback mechanism (Service Account) is functional
+ * when the 1Password desktop app is unavailable.
+ *
+ * Steps:
+ * 1. Create SDK client using OP_SERVICE_ACCOUNT_TOKEN
+ * 2. Read config environment (OP_CONFIG_ENV_ID) to get provider and MCP environment IDs
+ * 3. Verify we can read variables from those environments
+ * 4. Return true if all steps succeed, false otherwise
+ *
+ * @returns Promise<boolean> true if fallback validation succeeded, false otherwise
+ */
+export declare function fallbackToServiceAccount(): Promise<boolean>;
+//# sourceMappingURL=fallback.d.ts.map

package/dist/src/fallback.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fallback.d.ts","sourceRoot":"","sources":["../../src/fallback.ts"],"names":[],"mappings":"AA8FA;;;;;;;;;;;;GAYG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,OAAO,CAAC,CA0BjE"}

package/dist/src/fallback.js

@@ -0,0 +1,184 @@
+import { createClient } from '@1password/sdk';
+import { validationWarn, validationError, validationInfo, validationDebug } from './logging.js';
+import config from './config.js';
+/**
+ * Helper to wrap a promise with a timeout.
+ * Returns the promise result if it resolves before timeout, otherwise throws.
+ */
+async function withTimeout(promise, timeoutMs, timeoutMessage) {
+    if (timeoutMs <= 0) {
+        return promise;
+    }
+    return Promise.race([
+        promise,
+        new Promise((_, reject) => {
+            setTimeout(() => reject(new Error(timeoutMessage)), timeoutMs);
+        }),
+    ]);
+}
+/**
+ * Initialize 1Password SDK client for fallback validation.
+ * Follows the same pattern as initClient in index.ts.
+ */
+async function initClient() {
+    const token = process.env.OP_SERVICE_ACCOUNT_TOKEN;
+    if (!token) {
+        validationWarn('Missing OP_SERVICE_ACCOUNT_TOKEN for fallback validation');
+        return null;
+    }
+    // Get createClient function, with fallback to dynamic import (same pattern as index.ts)
+    let createClientFunc = createClient;
+    if (typeof createClientFunc !== 'function') {
+        validationDebug('createClient from static import is not a function, trying dynamic import...');
+        try {
+            const sdkModule = await import('@1password/sdk');
+            // Try different export patterns
+            if (sdkModule.createClient && typeof sdkModule.createClient === 'function') {
+                createClientFunc = sdkModule.createClient;
+                validationDebug('Using createClient from dynamic import (named export)');
+            }
+            else if (sdkModule.default?.createClient && typeof sdkModule.default.createClient === 'function') {
+                createClientFunc = sdkModule.default.createClient;
+                validationDebug('Using createClient from dynamic import (default export)');
+            }
+            else if (typeof sdkModule === 'function') {
+                createClientFunc = sdkModule;
+                validationDebug('Using dynamic import module as function');
+            }
+            else {
+                validationDebug('Dynamic import failed: no createClient found');
+                return null;
+            }
+        }
+        catch (err) {
+            validationDebug(`Dynamic import failed: ${err}`);
+            return null;
+        }
+    }
+    try {
+        const client = await createClientFunc({
+            auth: token,
+            integrationName: "opencode-1password-env-fallback",
+            integrationVersion: "1.0.0",
+        });
+        validationDebug('1Password SDK client created successfully for fallback');
+        return client;
+    }
+    catch (err) {
+        validationError('Failed to create 1Password SDK client for fallback', err);
+        return null;
+    }
+}
+/**
+ * Read environment variables from a 1Password environment.
+ * Follows the same pattern as readEnvironmentVariables in index.ts.
+ */
+async function readEnvironmentVariables(client, envId) {
+    try {
+        const { variables } = await client.environments.getVariables(envId);
+        validationDebug(`Read ${variables?.length || 0} variables from environment ${envId.substring(0, 8)}...`);
+        return variables || [];
+    }
+    catch (err) {
+        validationError(`Failed to read environment ${envId.substring(0, 8)}...`, err);
+        throw err; // Propagate error to caller
+    }
+}
+/**
+ * Validate that Service Account can access required 1Password environments.
+ * This verifies that the fallback mechanism (Service Account) is functional
+ * when the 1Password desktop app is unavailable.
+ *
+ * Steps:
+ * 1. Create SDK client using OP_SERVICE_ACCOUNT_TOKEN
+ * 2. Read config environment (OP_CONFIG_ENV_ID) to get provider and MCP environment IDs
+ * 3. Verify we can read variables from those environments
+ * 4. Return true if all steps succeed, false otherwise
+ *
+ * @returns Promise<boolean> true if fallback validation succeeded, false otherwise
+ */
+export async function fallbackToServiceAccount() {
+    const startTime = Date.now();
+    validationInfo('Starting Service Account fallback validation');
+    // Use validation timeout with buffer for the entire fallback operation
+    const fallbackTimeoutMs = config.validationTimeout + 5000;
+    try {
+        const result = await withTimeout(executeFallbackValidation(), fallbackTimeoutMs, `Fallback validation timeout after ${fallbackTimeoutMs}ms`);
+        const durationMs = Date.now() - startTime;
+        if (result) {
+            validationInfo(`Service Account fallback validation succeeded in ${durationMs}ms`);
+        }
+        else {
+            validationWarn(`Service Account fallback validation failed in ${durationMs}ms`);
+        }
+        return result;
+    }
+    catch (error) {
+        const durationMs = Date.now() - startTime;
+        validationError(`Service Account fallback validation error after ${durationMs}ms`, error);
+        return false;
+    }
+}
+/**
+ * Core fallback validation logic that can be wrapped with timeout.
+ */
+async function executeFallbackValidation() {
+    // 1. Initialize SDK client
+    const client = await initClient();
+    if (!client) {
+        validationWarn('Cannot perform fallback validation: no 1Password SDK client available');
+        return false;
+    }
+    // 2. Get config environment ID
+    const configEnvId = process.env.OP_CONFIG_ENV_ID;
+    if (!configEnvId) {
+        validationWarn('Cannot perform fallback validation: OP_CONFIG_ENV_ID not set');
+        return false;
+    }
+    // 3. Read config environment to get provider and MCP environment IDs
+    validationDebug(`Reading config environment ${configEnvId.substring(0, 8)}...`);
+    const configVars = await readEnvironmentVariables(client, configEnvId);
+    const configEnvIds = {};
+    for (const v of configVars) {
+        if (v.name.endsWith("_ENV_ID") && v.value) {
+            configEnvIds[v.name] = v.value;
+            validationDebug(`Found ${v.name} = ${v.value.substring(0, 10)}...`);
+        }
+    }
+    const providersEnvId = configEnvIds.OPENCODE_PROVIDERS_ENV_ID;
+    const mcpsEnvId = configEnvIds.OPENCODE_MCPS_ENV_ID;
+    if (!providersEnvId && !mcpsEnvId) {
+        validationWarn('Cannot perform fallback validation: no provider or MCP environment IDs found in config');
+        // We might still consider fallback successful if at least we can read the config environment
+        // But for security, we want to verify we can read the actual secret environments
+        return false;
+    }
+    // 4. Verify we can read from the environments
+    let allEnvironmentsAccessible = true;
+    if (providersEnvId) {
+        validationDebug(`Verifying access to providers environment ${providersEnvId.substring(0, 8)}...`);
+        const providerVars = await readEnvironmentVariables(client, providersEnvId);
+        if (providerVars.length === 0) {
+            validationWarn(`No variables found in providers environment ${providersEnvId.substring(0, 8)}... (environment may be empty)`);
+            // Don't fail for empty environments - only fail if we couldn't read at all
+            // readEnvironmentVariables already logs errors if there's a real failure
+        }
+        else {
+            validationDebug(`Successfully read ${providerVars.length} variables from providers environment`);
+        }
+    }
+    if (mcpsEnvId) {
+        validationDebug(`Verifying access to MCP environment ${mcpsEnvId.substring(0, 8)}...`);
+        const mcpVars = await readEnvironmentVariables(client, mcpsEnvId);
+        if (mcpVars.length === 0) {
+            validationWarn(`No variables found in MCP environment ${mcpsEnvId.substring(0, 8)}... (environment may be empty)`);
+            // Don't fail for empty environments - only fail if we couldn't read at all
+            // readEnvironmentVariables already logs errors if there's a real failure
+        }
+        else {
+            validationDebug(`Successfully read ${mcpVars.length} variables from MCP environment`);
+        }
+    }
+    return allEnvironmentsAccessible;
+}
+//# sourceMappingURL=fallback.js.map

package/dist/src/fallback.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fallback.js","sourceRoot":"","sources":["../../src/fallback.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAChG,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC;;;GAGG;AACH,KAAK,UAAU,WAAW,CACxB,OAAmB,EACnB,SAAiB,EACjB,cAAsB;IAEtB,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,CAAC;QAClB,OAAO;QACP,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;YAC/B,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC;KACH,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,UAAU;IACvB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC;IACnD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,cAAc,CAAC,0DAA0D,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wFAAwF;IACxF,IAAI,gBAAgB,GAAG,YAAY,CAAC;IACpC,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE,CAAC;QAC3C,eAAe,CAAC,6EAA6E,CAAC,CAAC;QAC/F,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;YACjD,gCAAgC;YAChC,IAAI,SAAS,CAAC,YAAY,IAAI,OAAO,SAAS,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;gBAC3E,gBAAgB,GAAG,SAAS,CAAC,YAAY,CAAC;gBAC1C,eAAe,CAAC,uDAAuD,CAAC,CAAC;YAC3E,CAAC;iBAAM,IAAI,SAAS,CAAC,OAAO,EAAE,YAAY,IAAI,OAAO,SAAS,CAAC,OAAO,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;gBACnG,gBAAgB,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC;gBAClD,eAAe,CAAC,yDAAyD,CAAC,CAAC;YAC7E,CAAC;iBAAM,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;gBAC3C,gBAAgB,GAAG,SAAS,CAAC;gBAC7B,eAAe,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;iBAAM,CAAC;gBACN,eAAe,CAAC,8CAA8C,CAAC,CAAC;gBAChE,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAe,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAC;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,IAAI,EAAE,KAAK;YACX,eAAe,EAAE,iCAAiC;YAClD,kBAAkB,EAAE,OAAO;SAC5B,CAAC,CAAC;QACH,eAAe,CAAC,wDAAwD,CAAC,CAAC;QAC1E,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAe,CAAC,oDAAoD,EAAE,GAAG,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,wBAAwB,CACrC,MAAgD,EAChD,KAAa;IAEb,IAAI,CAAC;QACH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QACpE,eAAe,CAAC,QAAQ,SAAS,EAAE,MAAM,IAAI,CAAC,+BAA+B,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;QACzG,OAAO,SAAS,IAAI,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAe,CAAC,8BAA8B,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC/E,MAAM,GAAG,CAAC,CAAC,4BAA4B;IACzC,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,cAAc,CAAC,8CAA8C,CAAC,CAAC;IAE/D,uEAAuE;IACvE,MAAM,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAE1D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,yBAAyB,EAAE,EAC3B,iBAAiB,EACjB,qCAAqC,iBAAiB,IAAI,CAC3D,CAAC;QAEF,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAC1C,IAAI,MAAM,EAAE,CAAC;YACX,cAAc,CAAC,oDAAoD,UAAU,IAAI,CAAC,CAAC;QACrF,CAAC;aAAM,CAAC;YACN,cAAc,CAAC,iDAAiD,UAAU,IAAI,CAAC,CAAC;QAClF,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAC1C,eAAe,CAAC,mDAAmD,UAAU,IAAI,EAAE,KAAK,CAAC,CAAC;QAC1F,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,yBAAyB;IACtC,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,cAAc,CAAC,uEAAuE,CAAC,CAAC;QACxF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,+BAA+B;IAC/B,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;IACjD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,cAAc,CAAC,8DAA8D,CAAC,CAAC;QAC/E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,qEAAqE;IACrE,eAAe,CAAC,8BAA8B,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;IAChF,MAAM,UAAU,GAAG,MAAM,wBAAwB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAEvE,MAAM,YAAY,GAA2B,EAAE,CAAC;IAChD,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YAC1C,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC;YAC/B,eAAe,CAAC,SAAS,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,YAAY,CAAC,yBAAyB,CAAC;IAC9D,MAAM,SAAS,GAAG,YAAY,CAAC,oBAAoB,CAAC;IAEpD,IAAI,CAAC,cAAc,IAAI,CAAC,SAAS,EAAE,CAAC;QAClC,cAAc,CAAC,wFAAwF,CAAC,CAAC;QACzG,6FAA6F;QAC7F,iFAAiF;QACjF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,8CAA8C;IAC9C,IAAI,yBAAyB,GAAG,IAAI,CAAC;IAErC,IAAI,cAAc,EAAE,CAAC;QACnB,eAAe,CAAC,6CAA6C,cAAc,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;QAClG,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAC5E,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,cAAc,CAAC,+CAA+C,cAAc,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,gCAAgC,CAAC,CAAC;YAC9H,2EAA2E;YAC3E,yEAAyE;QAC3E,CAAC;aAAM,CAAC;YACN,eAAe,CAAC,qBAAqB,YAAY,CAAC,MAAM,uCAAuC,CAAC,CAAC;QACnG,CAAC;IACH,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,eAAe,CAAC,uCAAuC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;QACvF,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,cAAc,CAAC,yCAAyC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,gCAAgC,CAAC,CAAC;YACnH,2EAA2E;YAC3E,yEAAyE;QAC3E,CAAC;aAAM,CAAC;YACN,eAAe,CAAC,qBAAqB,OAAO,CAAC,MAAM,iCAAiC,CAAC,CAAC;QACxF,CAAC;IACH,CAAC;IAED,OAAO,yBAAyB,CAAC;AACnC,CAAC"}

package/dist/src/logging.d.ts

@@ -0,0 +1,21 @@
+export declare enum LogLevel {
+    DEBUG = 0,
+    INFO = 1,
+    WARN = 2,
+    ERROR = 3
+}
+export declare function setLogLevel(level: LogLevel): void;
+export declare function getLogLevel(): LogLevel;
+export declare function logDebug(message: string): void;
+export declare function logInfo(message: string): void;
+export declare function logWarn(message: string): void;
+export declare function logError(message: string): void;
+export declare function validationDebug(message: string, context?: Record<string, unknown>): void;
+export declare function validationInfo(message: string, context?: Record<string, unknown>): void;
+export declare function validationWarn(message: string, context?: Record<string, unknown>): void;
+export declare function validationError(message: string, error?: Error | unknown, context?: Record<string, unknown>): void;
+export declare function logValidationAttempt(provider: string, command: string, validated: boolean): void;
+export declare function logValidationResult(provider: string, success: boolean, durationMs: number, error?: Error | unknown): void;
+export declare function logValidationFallback(provider: string, reason: string, fallbackValue?: string): void;
+export { logDebug as debugLog, logInfo as infoLog, logWarn as warnLog, logError as errorLog };
+//# sourceMappingURL=logging.d.ts.map

package/dist/src/logging.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logging.d.ts","sourceRoot":"","sources":["../../src/logging.ts"],"names":[],"mappings":"AAIA,oBAAY,QAAQ;IAClB,KAAK,IAAI;IACT,IAAI,IAAI;IACR,IAAI,IAAI;IACR,KAAK,IAAI;CACV;AAmDD,wBAAgB,WAAW,CAAC,KAAK,EAAE,QAAQ,GAAG,IAAI,CAEjD;AAGD,wBAAgB,WAAW,IAAI,QAAQ,CAEtC;AAQD,wBAAgB,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAI9C;AAED,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAI7C;AAED,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAI7C;AAED,wBAAgB,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAI9C;AAGD,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAKxF;AAED,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAKvF;AAED,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAKvF;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,GAAG,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAgBjH;AAGD,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,OAAO,GACjB,IAAI,CAEN;AAED,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,MAAM,EAClB,KAAK,CAAC,EAAE,KAAK,GAAG,OAAO,GACtB,IAAI,CASN;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,aAAa,CAAC,EAAE,MAAM,GACrB,IAAI,CAGN;AAGD,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,OAAO,IAAI,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,CAAC"}

package/dist/src/logging.js

@@ -0,0 +1,141 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+// Log levels enum
+export var LogLevel;
+(function (LogLevel) {
+    LogLevel[LogLevel["DEBUG"] = 0] = "DEBUG";
+    LogLevel[LogLevel["INFO"] = 1] = "INFO";
+    LogLevel[LogLevel["WARN"] = 2] = "WARN";
+    LogLevel[LogLevel["ERROR"] = 3] = "ERROR";
+})(LogLevel || (LogLevel = {}));
+// Current log level - default to DEBUG for development
+let currentLogLevel = LogLevel.DEBUG;
+// Get log directory path
+function getLogDir() {
+    const home = process.env.HOME || process.env.USERPROFILE || '';
+    return path.join(home, '.opencode-1password-debug');
+}
+// Get log file path
+function getLogFile() {
+    return path.join(getLogDir(), 'debug.log');
+}
+// Ensure log directory exists
+function ensureLogDir() {
+    const logDir = getLogDir();
+    if (!fs.existsSync(logDir)) {
+        fs.mkdirSync(logDir, { recursive: true });
+    }
+}
+// Format log message with timestamp and prefix
+function formatMessage(level, message) {
+    const timestamp = new Date().toISOString();
+    return `[${timestamp}] 1Password:${level} ${message}`;
+}
+// Write to file and console
+function writeLog(level, message) {
+    const formattedMessage = formatMessage(level, message);
+    // Always output to console
+    if (level === 'ERROR') {
+        console.error(formattedMessage);
+    }
+    else {
+        console.log(formattedMessage);
+    }
+    // Write to file
+    try {
+        ensureLogDir();
+        fs.appendFileSync(getLogFile(), formattedMessage + '\n');
+    }
+    catch (err) {
+        // Ignore file logging errors
+    }
+}
+// Set log level
+export function setLogLevel(level) {
+    currentLogLevel = level;
+}
+// Get current log level
+export function getLogLevel() {
+    return currentLogLevel;
+}
+// Check if a level should be logged based on current log level
+function shouldLog(level) {
+    return level >= currentLogLevel;
+}
+// Base logging functions
+export function logDebug(message) {
+    if (shouldLog(LogLevel.DEBUG)) {
+        writeLog('DEBUG', message);
+    }
+}
+export function logInfo(message) {
+    if (shouldLog(LogLevel.INFO)) {
+        writeLog('INFO', message);
+    }
+}
+export function logWarn(message) {
+    if (shouldLog(LogLevel.WARN)) {
+        writeLog('WARN', message);
+    }
+}
+export function logError(message) {
+    if (shouldLog(LogLevel.ERROR)) {
+        writeLog('ERROR', message);
+    }
+}
+// Validation-specific logging functions
+export function validationDebug(message, context) {
+    if (shouldLog(LogLevel.DEBUG)) {
+        const ctxStr = context ? ` ${JSON.stringify(context)}` : '';
+        writeLog('DEBUG', `[VALIDATION]${ctxStr} ${message}`);
+    }
+}
+export function validationInfo(message, context) {
+    if (shouldLog(LogLevel.INFO)) {
+        const ctxStr = context ? ` ${JSON.stringify(context)}` : '';
+        writeLog('INFO', `[VALIDATION]${ctxStr} ${message}`);
+    }
+}
+export function validationWarn(message, context) {
+    if (shouldLog(LogLevel.WARN)) {
+        const ctxStr = context ? ` ${JSON.stringify(context)}` : '';
+        writeLog('WARN', `[VALIDATION]${ctxStr} ${message}`);
+    }
+}
+export function validationError(message, error, context) {
+    if (shouldLog(LogLevel.ERROR)) {
+        let errorStr = '';
+        if (error) {
+            if (error instanceof Error) {
+                errorStr = ` Error: ${error.message}`;
+                if (error.stack) {
+                    errorStr += ` Stack: ${error.stack}`;
+                }
+            }
+            else {
+                errorStr = ` Error: ${String(error)}`;
+            }
+        }
+        const ctxStr = context ? ` ${JSON.stringify(context)}` : '';
+        writeLog('ERROR', `[VALIDATION]${ctxStr} ${message}${errorStr}`);
+    }
+}
+// Validation event logging helpers
+export function logValidationAttempt(provider, command, validated) {
+    validationInfo(`Validation attempt: provider=${provider}, command=${command}, validated=${validated}`);
+}
+export function logValidationResult(provider, success, durationMs, error) {
+    if (success) {
+        validationInfo(`Validation result: provider=${provider}, success=true, duration=${durationMs}ms`);
+    }
+    else {
+        validationError(`Validation result: provider=${provider}, success=false, duration=${durationMs}ms`, error);
+    }
+}
+export function logValidationFallback(provider, reason, fallbackValue) {
+    const ctx = fallbackValue ? { reason, fallbackValue } : { reason };
+    validationWarn(`Validation fallback: provider=${provider}`, ctx);
+}
+// Re-export base logging functions for convenience
+export { logDebug as debugLog, logInfo as infoLog, logWarn as warnLog, logError as errorLog };
+//# sourceMappingURL=logging.js.map

package/dist/src/logging.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../src/logging.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,kBAAkB;AAClB,MAAM,CAAN,IAAY,QAKX;AALD,WAAY,QAAQ;IAClB,yCAAS,CAAA;IACT,uCAAQ,CAAA;IACR,uCAAQ,CAAA;IACR,yCAAS,CAAA;AACX,CAAC,EALW,QAAQ,KAAR,QAAQ,QAKnB;AAED,uDAAuD;AACvD,IAAI,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC;AAErC,yBAAyB;AACzB,SAAS,SAAS;IAChB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;IAC/D,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,2BAA2B,CAAC,CAAC;AACtD,CAAC;AAED,oBAAoB;AACpB,SAAS,UAAU;IACjB,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,WAAW,CAAC,CAAC;AAC7C,CAAC;AAED,8BAA8B;AAC9B,SAAS,YAAY;IACnB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,+CAA+C;AAC/C,SAAS,aAAa,CAAC,KAAa,EAAE,OAAe;IACnD,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,OAAO,IAAI,SAAS,eAAe,KAAK,IAAI,OAAO,EAAE,CAAC;AACxD,CAAC;AAED,4BAA4B;AAC5B,SAAS,QAAQ,CAAC,KAAa,EAAE,OAAe;IAC9C,MAAM,gBAAgB,GAAG,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAEvD,2BAA2B;IAC3B,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;QACtB,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAClC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAChC,CAAC;IAED,gBAAgB;IAChB,IAAI,CAAC;QACH,YAAY,EAAE,CAAC;QACf,EAAE,CAAC,cAAc,CAAC,UAAU,EAAE,EAAE,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAC3D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6BAA6B;IAC/B,CAAC;AACH,CAAC;AAED,gBAAgB;AAChB,MAAM,UAAU,WAAW,CAAC,KAAe;IACzC,eAAe,GAAG,KAAK,CAAC;AAC1B,CAAC;AAED,wBAAwB;AACxB,MAAM,UAAU,WAAW;IACzB,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,+DAA+D;AAC/D,SAAS,SAAS,CAAC,KAAe;IAChC,OAAO,KAAK,IAAI,eAAe,CAAC;AAClC,CAAC;AAED,yBAAyB;AACzB,MAAM,UAAU,QAAQ,CAAC,OAAe;IACtC,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,OAAe;IACrC,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5B,CAAC;AACH,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,OAAe;IACrC,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5B,CAAC;AACH,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,OAAe;IACtC,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,eAAe,CAAC,OAAe,EAAE,OAAiC;IAChF,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,QAAQ,CAAC,OAAO,EAAE,eAAe,MAAM,IAAI,OAAO,EAAE,CAAC,CAAC;IACxD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,OAAe,EAAE,OAAiC;IAC/E,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,QAAQ,CAAC,MAAM,EAAE,eAAe,MAAM,IAAI,OAAO,EAAE,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,OAAe,EAAE,OAAiC;IAC/E,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,QAAQ,CAAC,MAAM,EAAE,eAAe,MAAM,IAAI,OAAO,EAAE,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAe,EAAE,KAAuB,EAAE,OAAiC;IACzG,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9B,IAAI,QAAQ,GAAG,EAAE,CAAC;QAClB,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,QAAQ,GAAG,WAAW,KAAK,CAAC,OAAO,EAAE,CAAC;gBACtC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;oBAChB,QAAQ,IAAI,WAAW,KAAK,CAAC,KAAK,EAAE,CAAC;gBACvC,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,WAAW,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YACxC,CAAC;QACH,CAAC;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,QAAQ,CAAC,OAAO,EAAE,eAAe,MAAM,IAAI,OAAO,GAAG,QAAQ,EAAE,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED,mCAAmC;AACnC,MAAM,UAAU,oBAAoB,CAClC,QAAgB,EAChB,OAAe,EACf,SAAkB;IAElB,cAAc,CAAC,gCAAgC,QAAQ,aAAa,OAAO,eAAe,SAAS,EAAE,CAAC,CAAC;AACzG,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,OAAgB,EAChB,UAAkB,EAClB,KAAuB;IAEvB,IAAI,OAAO,EAAE,CAAC;QACZ,cAAc,CAAC,+BAA+B,QAAQ,4BAA4B,UAAU,IAAI,CAAC,CAAC;IACpG,CAAC;SAAM,CAAC;QACN,eAAe,CACb,+BAA+B,QAAQ,6BAA6B,UAAU,IAAI,EAClF,KAAK,CACN,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,QAAgB,EAChB,MAAc,EACd,aAAsB;IAEtB,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC;IACnE,cAAc,CAAC,iCAAiC,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC;AACnE,CAAC;AAED,mDAAmD;AACnD,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,OAAO,IAAI,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,QAAQ,IAAI,QAAQ,EAAE,CAAC"}

package/dist/src/orchestration.d.ts

@@ -0,0 +1,37 @@
+import { ValidationResult as FIFOValidationResult } from './validation.js';
+/**
+ * Extended validation result with orchestration metadata.
+ */
+export interface OrchestrationResult extends FIFOValidationResult {
+    /** Why validation was skipped, if applicable */
+    skippedReason?: 'desktop_app_unavailable' | 'no_mounted_path' | 'command_not_matched' | 'fallback_failed' | 'validation_disabled';
+    /** Whether the 1Password desktop app was detected as available */
+    desktopAppAvailable: boolean;
+    /** Path to mounted environments directory, if available */
+    mountedEnvPath?: string;
+    /** Whether fallback to Service Account was attempted */
+    fallbackAttempted: boolean;
+    /** Whether fallback succeeded (only relevant if fallbackAttempted is true) */
+    fallbackSuccess?: boolean;
+}
+/**
+ * Orchestrates validation of a shell command against 1Password secrets.
+ *
+ * Follows the orchestration pattern from index.ts:162-173 (readEnvironmentVariables)
+ * and error handling pattern from index.ts:117-160 (multiple fallback strategies).
+ *
+ * Steps:
+ * 1. Check if command matches validation patterns (using shouldValidateCommand)
+ * 2. If not, returns skipped result with reason 'command_not_matched'
+ * 3. Check if desktop app is available (isDesktopAppAvailable)
+ * 4. If not, attempts fallback to Service Account validation (fallbackToServiceAccount)
+ * 5. If desktop app available, get mounted environment path (getMountedEnvPath)
+ * 6. Validate FIFO files at that path (validateMountedEnvFiles)
+ * 7. Handle timeouts and errors gracefully
+ * 8. Return comprehensive result with status and metadata
+ *
+ * @param command - The shell command to validate
+ * @returns Promise<OrchestrationResult> Validation result with metadata
+ */
+export declare function validateCommand(command: string): Promise<OrchestrationResult>;
+//# sourceMappingURL=orchestration.d.ts.map

package/dist/src/orchestration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"orchestration.d.ts","sourceRoot":"","sources":["../../src/orchestration.ts"],"names":[],"mappings":"AAGA,OAAO,EAA2B,gBAAgB,IAAI,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AA8BpG;;GAEG;AACH,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D,gDAAgD;IAChD,aAAa,CAAC,EAAE,yBAAyB,GAAG,iBAAiB,GAAG,qBAAqB,GAAG,iBAAiB,GAAG,qBAAqB,CAAC;IAClI,kEAAkE;IAClE,mBAAmB,EAAE,OAAO,CAAC;IAC7B,2DAA2D;IAC3D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,wDAAwD;IACxD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,8EAA8E;IAC9E,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAsHnF"}