npm - rush-ai - Versions diffs - 0.12.0 → 0.13.0 - Mend

rush-ai 0.12.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/README.md +23 -1
package/dist/{chunk-3X5X3ZTX.js → chunk-YKZIRW26.js} +23 -4
package/dist/chunk-YKZIRW26.js.map +1 -0
package/dist/index.js +77 -19
package/dist/index.js.map +1 -1
package/dist/{install-AGHG4XKQ.js → install-RTV2VWCC.js} +2 -2
package/dist/{server-GQMH2YN4.js → server-Y2CXHDCK.js} +2 -2
package/dist/skills/README.md +1 -3
package/dist/skills/deploy-to-prod.md +7 -8
package/dist/skills/hand-off.md +1 -2
package/dist/skills/project-setup.md +203 -0
package/dist/skills/push-local-project.md +6 -10
package/package.json +1 -1
package/skills/README.md +1 -3
package/skills/deploy-to-prod.md +7 -8
package/skills/hand-off.md +1 -2
package/skills/project-setup.md +203 -0
package/skills/push-local-project.md +6 -10
package/dist/chunk-3X5X3ZTX.js.map +0 -1
/package/dist/{install-AGHG4XKQ.js.map → install-RTV2VWCC.js.map} +0 -0
/package/dist/{server-GQMH2YN4.js.map → server-Y2CXHDCK.js.map} +0 -0

package/skills/project-setup.md ADDED Viewed

@@ -0,0 +1,203 @@
+# Skill: Wire a local project into Rush with its own DB and object storage
+Use this skill when the user has a **local codebase they've been developing** (typically a Next.js app or a Vite SPA with Supabase / file uploads wired up) and wants it running on Rush **with its own Supabase database and/or Rush-proxied object storage** — not just a throwaway preview. This is the J-3 full-setup path: `rush-ai task link` provisions the pod + DB + storage endpoint, writes credentials to `.rush/env.md`, and emits a machine-consumable checklist at `.rush/agent-handoff.md` telling you (the IDE agent) exactly which local files to edit to finish the wiring.
+## When this skill applies
+Triggers (not exhaustive — use judgement):
+- "帮我把这个项目接入 Rush，要带自己的数据库。"
+- "这个仓库要部署到 Rush，里面用到了 Supabase / 文件上传。"
+- "Set up this repo on Rush with a real database, not just a preview."
+- The user points at a working directory with `package.json` + a `dev` script AND any of: `supabase/migrations/`, an `.env.local` that references `DATABASE_URL` / `SUPABASE_URL` / `POSTGRES_URL`, or a `public/` directory heavy with user-upload-style assets.
+Do NOT use this skill for:
+- **"Just give me a shareable preview URL — no database needed."** → Use [`push-local-project.md`](./push-local-project.md) (`task push`). That path skips DB + OSS and gets the user a `{projectId}-preview.rush.zhenguanyu.com` URL in the fewest steps.
+- **"Build me a new site from scratch / from this prompt."** → There is no local project yet. Use [`hand-off.md`](./hand-off.md) with `-a web-builder`.
+- **"Publish an existing web-builder project to a custom domain."** → That's the J-4 path. Use [`deploy-to-prod.md`](./deploy-to-prod.md). Note: `task link` projects have `template = null`, so they **cannot** flow through `task deploy` today (see Limitations).
+- **First-time install / login (401, doctor)** → Use [`onboarding.md`](./onboarding.md); do not fall through to `task link` on a 401.
+- **Sub-agent or text-only work** → [`agent-shelf.md`](./agent-shelf.md) / [`general-task.md`](./general-task.md).
+## Decision
+Pick the **smallest** path that covers the user's actual need. DB + OSS provisioning is heavier than a preview push — don't invoke it reflexively.
+| Situation | Skill |
+|---|---|
+| Local project needs its own DB and/or OSS uploads to work | **this skill** (`task link --db --oss`) |
+| Local project just needs a shareable URL, no persistent storage | [`push-local-project.md`](./push-local-project.md) (`task push`) |
+| No local project yet; generate from a prompt | [`hand-off.md`](./hand-off.md) |
+| Existing web-builder project, want custom domain / production deploy | [`deploy-to-prod.md`](./deploy-to-prod.md) |
+Fast sanity check before any command runs:
+```bash
+# Is there a local project here at all?
+test -f package.json && grep -q '"dev"' package.json && echo "yes" || echo "no"
+# Does it want a database?
+grep -lE '\b(DATABASE_URL|SUPABASE_URL|POSTGRES_URL|USER_POSTGRESQL_URL)\s*=' .env .env.local .env.development 2>/dev/null || echo "no db signal"
+test -d supabase/migrations && echo "has migrations" || echo "no migrations"
+```
+If there is no local project → route to `hand-off.md`. If there's a project but no DB / upload signal → default to `push-local-project.md`; only escalate to this skill when the user explicitly asks for DB / OSS.
+## Playbook
+### 1. Detect what the project actually needs
+Run a quick survey of the working directory before touching the network. Surface what you found to the user so the `--db / --oss` decision is explicit, not a guess:
+```bash
+# DB signals
+ls -1 .env .env.local .env.development 2>/dev/null
+grep -lE '\b(DATABASE_URL|SUPABASE_URL|POSTGRES_URL|USER_POSTGRESQL_URL)\s*=' \
+    .env .env.local .env.development 2>/dev/null
+test -d supabase/migrations && ls supabase/migrations | head -3
+# OSS / upload signals
+du -sk public 2>/dev/null
+# heavy public/ OR an existing upload helper (oss-client, signed URL, etc.) → OSS worth provisioning
+```
+Report back to the user:
+> 检测到 `.env.local` 里有 `DATABASE_URL`，`supabase/migrations/` 下 3 个迁移脚本；public/ 2.1 MB（12 个 >50 KB 的资源）。建议 `--db --oss`。
+Let the user confirm or override before running step 3. `task link` is idempotent but it does provision real resources — don't guess.
+### 2. Verify auth + local-readiness preflight
+```bash
+npx rush-ai auth status --json
+npx rush-ai check --json
+```
+`auth status`:
+- **Authenticated** → proceed to step 3.
+- **Not authenticated** → STOP. Print this to the user and wait:
+  > Rush 还没登录。请在终端里跑 `npx rush-ai auth login`（会打开浏览器完成 CAS 登录），登录完告诉我一声。
+  Do NOT run `auth login` yourself (it opens a browser). Do NOT fall through to `task link` — it will 401.
+`check`:
+- Exit 0 → the project is ready for the pod (has `dev` script, reads `PORT`, lock file present, etc.).
+- Non-zero → fix the `checks[].fix` items first. `task link` itself will re-run `check` and abort on errors; running it now gives the user an actionable report up front.
+### 3. Provision with `task link`
+Invocation (include / omit `--db` / `--oss` to match the decision from step 1):
+```bash
+npx rush-ai task link --db --oss --name <slug>
+```
+Append the global `--json` flag when you need machine-readable output:
+```bash
+npx rush-ai task link --db --oss --name <slug> --json
+```
+Subcommand flags (the complete set — `task link` does not accept anything else):
+- `--db`: create a Supabase database for this project. Omit if the user's project doesn't need one.
+- `--oss`: record the Rush-proxied storage endpoint (`STORAGE_API_BASE`) in `.rush/env.md`. Authentication reuses the existing `RUSH_PLATFORM_TOKEN` — no per-project token is minted. Omit if the project doesn't upload files.
+- `-n, --name <slug>`: human-friendly project name. Defaults to the current directory's basename.
+- `-p, --path <dir>`: project directory. Defaults to `.` (cwd).
+- `-y, --yes`: skip interactive prompts; accept detected defaults.
+Global flags that apply (inherited from `rush-ai`, documented in `README.md` §Cheat sheet): `--json` for machine-readable output, `--no-color` for plain text.
+What `task link` does internally (so you can explain failures without guessing):
+1. **Detect** — same scan you did in step 1, plus reading any existing `.rush/env.md` (resume path).
+2. **Create pod** via `/api/tasks/deploy` → writes `PROJECT_ID`, `PREVIEW_URL`, masked `GIT_REMOTE`, `STATE=pod-only`.
+3. **Create DB** (if `--db`) via `/api/projects/:id/database/create` → writes `DATABASE_URL`, `SUPABASE_URL`, `STATE=pod-db`.
+4. **Record storage endpoint** (if `--oss`) → writes `STORAGE_API_BASE=https://rush.zhenguanyu.com/api/tasks/<projectId>/storage`, `STATE=pod-db-oss`. No server round-trip: the storage API is unconditionally available for any task and authentication reuses the existing `RUSH_PLATFORM_TOKEN`.
+5. **Finalize** — `STATE=complete`, write `.rush/agent-handoff.md`, ensure `.rush/` is in `.gitignore`.
+On success, `--json` prints:
+```json
+{
+  "projectId": "…",
+  "previewUrl": "https://…-preview.rush.zhenguanyu.com",
+  "state": "complete",
+  "db":      { "databaseUrl": "postgresql://…", "supabaseUrl": "https://…" },
+  "storage": { "storageApiBase": "https://rush.zhenguanyu.com/api/tasks/…/storage" },
+  "files":   { "env": "…/.rush/env.md", "handoff": "…/.rush/agent-handoff.md" }
+}
+```
+Failure modes to surface verbatim:
+- `Database create failed: <reason>` → DB step failed. The pod is already up (`STATE=pod-only` persisted). Re-run `task link --db` to resume from that checkpoint after the user fixes the cause.
+- Any error → `.rush/env.md` is preserved with the last good `STATE`. Re-running `task link` with the same flags picks up from there; it will not re-create pods / DBs that already exist.
+### 4. Consume the handoff (apply local edits)
+Open `.rush/agent-handoff.md` — `task link` wrote it fresh on success. It's a per-project checklist of the **local code changes** you need to make. You (the IDE agent), not the user, are expected to do these:
+- **Database** (if `--db` was used):
+  - Swap `DATABASE_URL` / `SUPABASE_URL` in `.env.local` to the values recorded in `.rush/env.md`.
+  - Run the migrations in `supabase/migrations/*.sql` against the new database (or `supabase db push` if the CLI is wired up).
+  - (Optional) Migrate local data.
+- **File uploads** (if `--oss` was used) — **double-hop proxy pattern**:
+  - Browser → user-app server route → rush-app storage API. The browser never holds a bearer credential.
+  - Add a server-side upload route in the user's app that forwards multipart form data to `${STORAGE_API_BASE}/upload` with `Authorization: Bearer ${RUSH_PLATFORM_TOKEN}`:
+    ```ts
+    // app/api/upload/route.ts (Next.js example)
+    export async function POST(req: Request) {
+      const formData = await req.formData();
+      const rushRes = await fetch(`${process.env.STORAGE_API_BASE}/upload`, {
+        method: 'POST',
+        headers: { Authorization: `Bearer ${process.env.RUSH_PLATFORM_TOKEN}` },
+        body: formData,
+      });
+      return Response.json(await rushRes.json());
+    }
+    ```
+  - In the browser, hit the user-app upload route (not Rush directly) with `FormData`. Display uploaded files with `<img src={url} />` — the returned URL is already a Rush-hosted proxy endpoint that serves the bytes.
+  - Delete / list endpoints follow the same proxy pattern: `DELETE ${STORAGE_API_BASE}/object/<key>` and `GET ${STORAGE_API_BASE}/list` (also server-side with the Platform Token).
+- **Verify**: open `PREVIEW_URL` and exercise the DB + upload paths.
+Read the actual handoff file for each project — it specializes the checklist to what `detectNeeds` found (e.g. it adds the migration line only if `supabase/migrations/` exists).
+### 5. Push the edited code and verify end-to-end
+```bash
+npx rush-ai task push --json
+```
+`task push` identifies the existing Rush project from `.git/remote.origin.url` (set by the initial push that `task link` performed) with `.rush/env.md` `PROJECT_ID` as fallback, pushes with the user's own git credentials, and triggers `POST /api/repository/sync/pull` so the pod's dev server picks up the change. It does **not** create projects (#1149): if neither source resolves to a Rush project, `task push` exits with `NO_RUSH_PROJECT` and points the user at `task create` / `task link`.
+Once `task push` returns `status: "ready"`:
+- Present the preview URL (same as the one `task link` emitted).
+- Tell the user to hit it and confirm DB + upload end-to-end.
+- If something's off, iterate via `task send <projectId> -p "…"` on the pod, or edit locally and `task push` again.
+## Limitations
+- **`.rush/env.md` must never be committed.** `task link` auto-appends `.rush/` to `.gitignore` and writes a `# DO NOT commit — contains credentials` banner at the top of the file on every save. If the user accidentally committed it, tell them to rotate credentials (new DB password / new Platform Token) — you cannot "undo" an exposed secret.
+- **`task link` is compensating, not atomic.** Each successful remote call writes a `STATE` checkpoint (`pod-only` → `pod-db` → `pod-db-oss` → `complete`). A failure mid-way leaves partial state on disk. **Do not** delete `.rush/env.md` to "start over" — re-run `task link` with the same flags and it will resume from the last good checkpoint without re-provisioning what already exists. Deleting the file means the next `task link` creates a fresh pod + leaks the old one.
+- **Platform Token is server-side only.** The `RUSH_PLATFORM_TOKEN` used to authenticate storage uploads lives on the user-app server (via the existing Rush CLI login flow). **Never** fetch the storage API directly from the browser carrying a bearer token — always go through a user-app server route that holds the token in `process.env`. The `task link` handoff enforces this pattern.
+- **Uploaded objects are publicly readable via their URL.** `GET /api/tasks/<id>/storage/object/<key>` is anonymous by design so the URL can be used in `<img src>` / `<a href>`. Do not store secrets, private user data, PII, or anything else that shouldn't be public through this path. If the project needs private storage, this skill is not the right fit today.
+- **Single-file upload size is capped at 30 MB; total per-task storage at 5 GB.** The Rush storage proxy responds `413 PAYLOAD_TOO_LARGE` / `507 INSUFFICIENT_STORAGE` when exceeded. Streaming uploads for larger files are on the Phase 2 roadmap but not shipped.
+- **Projects created via `task link` have `template = null`.** They CANNOT flow through `rush-ai task deploy` / custom-domain publish. The `{projectId}-preview.rush.zhenguanyu.com` URL is the only address. A "convert to template-backed project" flow is planned (epic #1096 Phase 2) but **not shipped**.
+- **`task link` never edits user code.** All local mutations happen via your application of `.rush/agent-handoff.md`. The command only writes under `.rush/` (env file + handoff) and touches `.gitignore` to append the ignore rule.
+## Anti-patterns
+- ❌ Running `task link --db --oss` without showing the user the detection summary first. They may not actually want a DB; you just provisioned real resources.
+- ❌ Committing `.rush/env.md`. Don't. If it happens, treat the credentials as compromised.
+- ❌ Deleting `.rush/env.md` to "retry" a failed `task link`. That orphans whatever was already created. Re-run `task link` with the same flags to resume.
+- ❌ Fetching the storage API directly from the browser with a bearer token. `RUSH_PLATFORM_TOKEN` is server-side only — always proxy through a user-app server route. Exposing it in a client bundle or public env var is a credential leak.
+- ❌ Hand-writing signed upload URLs or trying to use OSS SDKs directly — the new design is Rush-proxied. The only storage surface is `https://rush.zhenguanyu.com/api/tasks/<id>/storage/*`.
+- ❌ Calling `task deploy <id>` on a `task link`-produced project. `template = null` — it will reject at the gate. Use `task push` for iterative updates; route users to `hand-off.md` if they want a custom domain.
+- ❌ Inventing flags. `task link`'s subcommand flags are exactly `--db`, `--oss`, `-n/--name <slug>`, `-p/--path <dir>`, `-y/--yes` — plus the global `--json` / `--no-color`. No `--rotate`, no `--dry-run`, no `--force`, no `--env`.
+- ❌ Running `task push` straight away when the user asked for DB / storage. `task push` only syncs an existing Rush project (it exits with `NO_RUSH_PROJECT` if there isn't one) and never provisions a DB, never records the storage endpoint, never produces a handoff. For DB / OSS you must run `task link` first.

package/skills/push-local-project.md CHANGED Viewed

@@ -16,23 +16,19 @@ Triggers (not exhaustive — use judgement):
 Do NOT use this skill for:
 - **"Build me a new site from a prompt" / "Start a fresh project."** → Use [`hand-off.md`](./hand-off.md) with `-a web-builder`. `task push` will refuse with `NO_RUSH_PROJECT` because there's no Rush project yet.
-- **"Wire my existing (non-Rush) local repo into Rush with its own DB / OSS."** → This path (`task link`) is **currently not recommended** — see the banner below. For now, tell the user to start fresh with `task create -a web-builder` and ask the web-builder agent to rebuild their project.
+- **"Wire my existing (non-Rush) local repo into Rush with its own DB / OSS."** → Use [`project-setup.md`](./project-setup.md) (`task link --db --oss`). `task push` does not provision DB / storage.
 - **"Publish this web-builder project to a custom domain / production."** → Use [`deploy-to-prod.md`](./deploy-to-prod.md). `task push` only syncs the preview pod; it does not publish.
 - **First-time install / auth / login issues (401, `rush-ai doctor`).** → Use [`onboarding.md`](./onboarding.md).
 - **Sub-agent or text-only work.** → [`agent-shelf.md`](./agent-shelf.md) / [`general-task.md`](./general-task.md).
 - **Small local edits the user wants applied in the current repo.** → Just do them; don't round-trip to Rush for every tweak.
-### Banner: `task link` (接入非 Rush 本地项目) 暂不可用
-> ⚠️ `task link` 的 GitLab deploy-token 流程当前因 `write_repository` scope 被 test 实例拒绝而 block（#1147）。如果用户的本地项目**不是**从 Rush GitLab clone 出来的（例如他们在 GitHub 上已有一个项目想"接入 Rush"），暂时不要引导他们走 `task link`——会在 finalize 阶段 502。临时方案：让用户走 `task create -a web-builder` 从 prompt / 文件描述重新起一个 rush project，再把本地代码手工迁过去（或等 #1147 修复）。
 ## Decision: push vs. the other skills
 | Situation | Skill |
 |---|---|
 | User is already inside a Rush-originated working tree and just wants the pod to catch up with local commits | **this skill** (`task push`) |
 | User wants Rush to generate a new site from a prompt | [`hand-off.md`](./hand-off.md) (`task create -a web-builder`) |
-| User wants to wire an existing non-Rush local repo into Rush (with DB / OSS) | **Not recommended today — see banner above.** Fall back to `task create -a web-builder`. |
+| User wants to wire an existing non-Rush local repo into Rush with its own DB / OSS | [`project-setup.md`](./project-setup.md) (`task link --db --oss`) |
 | User wants a custom domain / production publish of an existing web-builder project | [`deploy-to-prod.md`](./deploy-to-prod.md) |
 Fast sanity check before any command runs:
@@ -102,7 +98,7 @@ What `task push` does internally (so you can explain failures without guessing):
    - Parse `.git/config` `remote.origin.url`. If it matches `gitlab-ee.zhenguanyu.com/rush/dev/<id>`, extract `<id>`.
    - `GET /api/tasks/:id` to verify the project exists and is owned by the current user.
    - Fallback: read `.rush/env.md` `PROJECT_ID` (also verified against `GET /api/tasks/:id`).
-   - Both failed → exit `1` with `NO_RUSH_PROJECT`. The CLI prints a hint pointing at `task create` (or, historically, `task init` — which is now `task link` and, as noted in the banner, currently blocked).
+   - Both failed → exit `1` with `NO_RUSH_PROJECT`. The CLI prints a hint pointing at `task create` (for new projects) or `task link` (to wire an existing local repo into Rush with DB / OSS).
 3. **Auto-commit** — if the working tree has uncommitted changes, `git add . && git commit -m "deploy to rush"`. Users who want a different message should commit manually first.
 4. **`git push`** — routed based on how identity was resolved:
    - `projectSource='git-remote'` (the common path) → push to `origin` with the user's own git credentials. If the origin push fails AND env.md has a usable `GIT_REMOTE` (tokenised Rush URL from a previous CLI run), the CLI falls back to pushing that URL — useful in CI where the user's SSO credentials aren't available. If env.md has no usable `GIT_REMOTE`, the origin failure is surfaced as-is.
@@ -160,9 +156,9 @@ If `task push` exits non-zero:
 - **`task push` does not create projects.** If there's no Rush project for this working tree, the command exits with `NO_RUSH_PROJECT`. Use `hand-off.md` (`task create`) to start one.
 - **Each push syncs the same project.** The `previewUrl` does not change across pushes — the same project ID keeps its domain. This is a deliberate change from earlier versions where `task push` would fresh-create on every invocation; that old behaviour is gone (#1149).
 - **No pod restart.** The new flow uses `sync/pull` + Vite HMR; there is no `/api/tasks/:id/restart` call. Most of the time this is invisible (HMR works), but if the user changed `package.json` dependencies, the pod's `node_modules` won't install — they'd need to trigger an install explicitly (e.g. via `task send` asking web-builder to run it).
-- **No production deploy from a pushed project unless the project is a web-builder project with a non-null `template`.** If the project originated from `task create -a web-builder` it's deployable; if it came from the (currently-blocked) `task link` path it has `template = null` and can't flow through `task deploy`. Check `task status <id> --json | jq '{agent, template}'` before promising a custom domain.
+- **No production deploy from a pushed project unless the project is a web-builder project with a non-null `template`.** If the project originated from `task create -a web-builder` it's deployable; if it came from the `task link` path it has `template = null` and can't flow through `task deploy` (the conversion-to-template flow is epic #1096 Phase 2, not shipped). Check `task status <id> --json | jq '{agent, template}'` before promising a custom domain.
 - **No custom domain on the preview URL.** `{projectId}-preview.rush.zhenguanyu.com` is fixed. Custom domains are a `task deploy` feature — see `deploy-to-prod.md`.
-- **`task link` / "adopt an existing non-Rush repo" is currently blocked** (#1147). Do not route users there. See the banner at the top.
+- **`task link` is the path for "adopt an existing non-Rush repo" with its own DB / OSS.** It is **not** the same as `task push` — `task push` only syncs commits to an existing Rush project. If the user needs DB / storage provisioning, route to [`project-setup.md`](./project-setup.md).
 ## Example end-to-end
@@ -199,7 +195,7 @@ npx rush-ai task push --json
 - ❌ Running `task push` without first checking auth — you'll eat a 401 and confuse the user.
 - ❌ Running `task push` on an empty folder / a non-Rush repo expecting it to "create" a Rush project. It won't — it'll exit with `NO_RUSH_PROJECT`. Route to `hand-off.md`.
-- ❌ Suggesting `task link` / `task init` as a way to "adopt" a GitHub-origin project into Rush. That path is blocked on #1147 — don't steer the user into a 502.
+- ❌ Confusing `task link` with `task push`. `task link` provisions a fresh pod + DB / OSS for a non-Rush local repo (J-3, see [`project-setup.md`](./project-setup.md)); `task push` only syncs commits onto an existing Rush project's pod (J-2). Pick the right skill before suggesting either.
 - ❌ Skipping `rush-ai check` and pushing a project that doesn't read `PORT` — pod boots but serves nothing.
 - ❌ Retrying `task push` reflexively after a `SYNC_PULL_CONFLICT`. The pod has local changes; the user needs to rebase first or they'll keep bouncing off the conflict.
 - ❌ Telling the user "this push will give you a new preview URL" — it won't, the URL is stable per project now.

package/dist/chunk-3X5X3ZTX.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/output/logger.ts","../src/version.ts","../src/util/config.ts","../src/util/auth.ts","../src/util/errors.ts","../src/util/verbosity.ts","../src/util/auth-session.ts","../src/util/retry.ts","../src/util/client.ts"],"sourcesContent":["import chalk from 'chalk';\n\n/**\n * Output utilities.\n *\n * Design principle: stdout is for **content** (data the user wants to pipe/redirect).\n * Status messages (success, warn, info, dim) go to **stderr** so they don't pollute pipes.\n *\n * rush-ai task create --agent rush --prompt \"generate HTML\" --json > task.json\n * # stdout → task.json (task data)\n * # stderr → \"Success! Task xxx created.\" (status info, visible in terminal)\n */\nexport const output = {\n /** Content output → stdout. Use for data the user may pipe/redirect. */\n log(message: string): void {\n console.log(message);\n },\n\n /** Status → stderr */\n success(message: string): void {\n console.error(chalk.green('Success!'), message);\n },\n\n /** Error → stderr */\n error(message: string): void {\n console.error(chalk.red('Error:'), message);\n },\n\n /** Warning → stderr */\n warn(message: string): void {\n console.error(chalk.yellow('Warning:'), message);\n },\n\n /** Info → stderr */\n info(message: string): void {\n console.error(chalk.cyan('Info:'), message);\n },\n\n /** Dim status → stderr */\n dim(message: string): void {\n console.error(chalk.dim(message));\n },\n\n table(data: Record<string, string>[]): void {\n console.table(data);\n },\n\n /** Newline → stderr (status separator) */\n newline(): void {\n console.error();\n },\n\n link(text: string, url: string): string {\n return chalk.cyan.underline(url);\n },\n\n bold(text: string): string {\n return chalk.bold(text);\n },\n};\n","import { readFileSync } from 'node:fs';\nimport { dirname, resolve } from 'node:path';\nimport { fileURLToPath } from 'node:url';\n\n/**\n * Dynamically read version from package.json.\n *\n * Path resolution:\n * - tsup bundle: dist/index.js → __dirname = dist/ → ../package.json\n * - vitest source: src/version.ts → __dirname = src/ → ../package.json\n */\nexport function loadVersion(): string {\n const __dirname = dirname(fileURLToPath(import.meta.url));\n\n const candidates = [\n resolve(__dirname, '..', 'package.json'),\n resolve(__dirname, '..', '..', 'package.json'),\n ];\n\n for (const candidate of candidates) {\n try {\n const pkg = JSON.parse(readFileSync(candidate, 'utf-8'));\n if (pkg.name === 'rush-ai' && pkg.version) {\n return pkg.version;\n }\n } catch {\n // try next candidate\n }\n }\n console.error('[rush-ai] Warning: Could not read version from package.json');\n return '0.0.0-unknown';\n}\n\nexport const VERSION: string = loadVersion();\n","import { homedir } from 'node:os';\nimport { resolve } from 'node:path';\nimport Conf from 'conf';\n\nexport interface AuthConfig {\n token: string | null;\n expiresAt: number | null;\n refreshToken: string | null;\n /** How the token was obtained */\n method: 'cas' | 'api_key' | 'platform_token' | null;\n /** Platform Token jti (for remote revocation via DELETE /api/platform-tokens?id={tokenId}) */\n tokenId: string | null;\n /**\n * API base URL the token was issued against. Stored at login so we can\n * detect when the current profile's API URL drifts from where the token\n * came from (e.g. `config set api` pointed at a different environment).\n * `null` for tokens migrated from the v2 schema — treated as \"unknown\n * origin\", so we don't flag false positives on upgrade.\n */\n sourceUrl: string | null;\n}\n\nexport interface GlobalConfig {\n currentTeam: string | null;\n api: string;\n collectMetrics: boolean;\n}\n\nexport interface ProjectConfig {\n projectId: string | null;\n orgId: string | null;\n}\n\n// --- Profile store types ---\n\ninterface ProfiledGlobalStore {\n _version: number;\n activeProfile: string;\n profiles: Record<string, GlobalConfig>;\n}\n\ninterface ProfiledAuthStore {\n _version: number;\n [profileName: string]: AuthConfig | number; // profile entries + _version\n}\n\nconst AUTH_CONFIG_DIR = resolve(homedir(), '.rush');\nconst DEFAULT_API = 'https://rush.zhenguanyu.com';\n\nconst AUTH_DEFAULTS: AuthConfig = {\n token: null,\n expiresAt: null,\n refreshToken: null,\n method: null,\n tokenId: null,\n sourceUrl: null,\n};\n\nconst GLOBAL_DEFAULTS: GlobalConfig = {\n currentTeam: null,\n api: DEFAULT_API,\n collectMetrics: true,\n};\n\n// --- Raw stores (untyped to support migration) ---\n\nconst globalStore = new Conf<Record<string, unknown>>({\n projectName: 'rush-ai',\n cwd: AUTH_CONFIG_DIR,\n configName: 'config',\n defaults: {},\n});\n\nconst authStore = new Conf<Record<string, unknown>>({\n projectName: 'rush-ai',\n cwd: AUTH_CONFIG_DIR,\n configName: 'auth',\n defaults: {},\n});\n\n// --- Migration ---\n\nfunction migrateGlobalStoreIfNeeded(): void {\n const version = globalStore.get('_version');\n if (version === 2) return; // Already migrated\n\n // Check if this is old format (has 'api' at top level but no 'profiles')\n const hasOldFormat = globalStore.has('api') && !globalStore.has('profiles');\n const isEmpty = globalStore.size === 0;\n\n if (hasOldFormat) {\n // Migrate old flat format → profile format\n const oldConfig: GlobalConfig = {\n currentTeam: (globalStore.get('currentTeam') as string | null) ?? null,\n api: (globalStore.get('api') as string) ?? DEFAULT_API,\n collectMetrics: (globalStore.get('collectMetrics') as boolean) ?? true,\n };\n\n globalStore.clear();\n globalStore.set('_version', 2);\n globalStore.set('activeProfile', 'default');\n globalStore.set('profiles', { default: oldConfig });\n } else if (isEmpty || !globalStore.has('profiles')) {\n // Fresh install or incomplete state — initialize\n globalStore.set('_version', 2);\n if (!globalStore.has('activeProfile')) {\n globalStore.set('activeProfile', 'default');\n }\n if (!globalStore.has('profiles')) {\n globalStore.set('profiles', { default: { ...GLOBAL_DEFAULTS } });\n }\n }\n}\n\nfunction migrateAuthStoreIfNeeded(): void {\n const version = authStore.get('_version');\n if (version === 3) return;\n\n // v1 → v3: legacy flat format (`token` at top level).\n const hasOldFormat = authStore.has('token') || authStore.has('method');\n const isEmpty = authStore.size === 0;\n\n if (hasOldFormat) {\n const oldAuth: AuthConfig = {\n token: (authStore.get('token') as string | null) ?? null,\n expiresAt: (authStore.get('expiresAt') as number | null) ?? null,\n refreshToken: (authStore.get('refreshToken') as string | null) ?? null,\n method: (authStore.get('method') as AuthConfig['method']) ?? null,\n tokenId: (authStore.get('tokenId') as string | null) ?? null,\n sourceUrl: null,\n };\n\n authStore.clear();\n authStore.set('_version', 3);\n authStore.set('default', oldAuth);\n return;\n }\n\n if (isEmpty) {\n authStore.set('_version', 3);\n return;\n }\n\n // v2 → v3: profile-shaped but missing `sourceUrl`. Backfill null.\n if (version === 2) {\n for (const key of Object.keys(authStore.store)) {\n if (key === '_version') continue;\n const entry = authStore.get(key);\n if (!entry || typeof entry !== 'object') continue;\n const asAuth = entry as Record<string, unknown>;\n if (!('sourceUrl' in asAuth)) {\n authStore.set(key, { ...asAuth, sourceUrl: null });\n }\n }\n authStore.set('_version', 3);\n }\n}\n\n// Run migrations on module load\nmigrateGlobalStoreIfNeeded();\nmigrateAuthStoreIfNeeded();\n\n// --- Profile helpers ---\n\n/**\n * Get the active profile name.\n * RUSH_PROFILE env var takes precedence over stored activeProfile.\n */\nexport function getActiveProfile(): string {\n return (\n process.env.RUSH_PROFILE ??\n (globalStore.get('activeProfile') as string) ??\n 'default'\n );\n}\n\nexport function setActiveProfile(name: string): void {\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n if (!profiles[name]) {\n throw new Error(\n `Profile '${name}' does not exist. Available: ${Object.keys(profiles).join(', ')}`\n );\n }\n globalStore.set('activeProfile', name);\n}\n\nexport function listProfiles(): string[] {\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n return Object.keys(profiles);\n}\n\nexport function createProfile(\n name: string,\n config?: Partial<GlobalConfig>\n): void {\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n if (profiles[name]) {\n throw new Error(`Profile '${name}' already exists.`);\n }\n // Inherit from default profile\n const defaultConfig = profiles.default ?? GLOBAL_DEFAULTS;\n profiles[name] = { ...defaultConfig, ...config };\n globalStore.set('profiles', profiles);\n}\n\nexport function deleteProfile(name: string): void {\n if (name === 'default') {\n throw new Error(\"Cannot delete the 'default' profile.\");\n }\n const active = getActiveProfile();\n if (name === active) {\n throw new Error(\n `Cannot delete the active profile '${name}'. Switch to another profile first.`\n );\n }\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n if (!profiles[name]) {\n throw new Error(`Profile '${name}' does not exist.`);\n }\n delete profiles[name];\n globalStore.set('profiles', profiles);\n\n // Also clear auth for this profile\n authStore.delete(name);\n}\n\n// --- Auth config (profile-aware) ---\n\nexport function getAuthConfig(): AuthConfig {\n const profile = getActiveProfile();\n const profileAuth = authStore.get(profile) as AuthConfig | undefined;\n return {\n token: profileAuth?.token ?? null,\n expiresAt: profileAuth?.expiresAt ?? null,\n refreshToken: profileAuth?.refreshToken ?? null,\n method: profileAuth?.method ?? null,\n tokenId: profileAuth?.tokenId ?? null,\n sourceUrl: profileAuth?.sourceUrl ?? null,\n };\n}\n\nexport function setAuthConfig(config: Partial<AuthConfig>): void {\n const profile = getActiveProfile();\n const current = (authStore.get(profile) as AuthConfig) ?? {\n ...AUTH_DEFAULTS,\n };\n authStore.set(profile, { ...current, ...config });\n}\n\n/** Clear auth for the current profile only */\nexport function clearAuthConfig(): void {\n const profile = getActiveProfile();\n authStore.set(profile, { ...AUTH_DEFAULTS });\n}\n\n/** Clear auth for ALL profiles */\nexport function clearAllAuthConfig(): void {\n const profiles = listProfiles();\n for (const profile of profiles) {\n authStore.set(profile, { ...AUTH_DEFAULTS });\n }\n}\n\n// --- Global config (profile-aware) ---\n\nexport function getGlobalConfig(): GlobalConfig {\n const profile = getActiveProfile();\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n const profileConfig = profiles[profile] ?? GLOBAL_DEFAULTS;\n return {\n currentTeam: profileConfig.currentTeam ?? null,\n api: profileConfig.api ?? DEFAULT_API,\n collectMetrics: profileConfig.collectMetrics ?? true,\n };\n}\n\nexport function setGlobalConfig(config: Partial<GlobalConfig>): void {\n const profile = getActiveProfile();\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n const current = profiles[profile] ?? { ...GLOBAL_DEFAULTS };\n profiles[profile] = { ...current, ...config };\n globalStore.set('profiles', profiles);\n}\n\nexport function getConfigDir(): string {\n return AUTH_CONFIG_DIR;\n}\n\nexport function isLoggedIn(): boolean {\n const auth = getAuthConfig();\n if (!auth.token) return false;\n if (auth.expiresAt && Date.now() > auth.expiresAt) {\n // CAS tokens with refresh_token can still be renewed lazily by the client.\n return auth.method === 'cas' && Boolean(auth.refreshToken);\n }\n return true;\n}\n\n/** Normalize an API URL for comparison — strips trailing slashes + lowercases. */\nexport function normalizeApiUrl(url: string): string {\n return url.replace(/\\/+$/, '').toLowerCase();\n}\n\n/**\n * If the current profile's token was issued against a different API URL than\n * the profile currently points to, return both sides so the caller can prompt\n * the user to re-authenticate. Returns null when no mismatch (or when the\n * stored `sourceUrl` is null — migrated tokens with unknown origin). The\n * caller decides what to do; this function does NOT mutate or clear anything.\n *\n * @param overrideCurrentUrl use this URL instead of reading the current\n * global config. Useful when evaluating mismatch BEFORE writing a new API\n * URL in `config set`.\n */\nexport function checkAuthSourceMismatch(\n overrideCurrentUrl?: string\n): { stored: string; current: string } | null {\n const auth = getAuthConfig();\n if (!auth.token || !auth.sourceUrl) return null;\n const current = overrideCurrentUrl ?? getGlobalConfig().api;\n if (normalizeApiUrl(auth.sourceUrl) === normalizeApiUrl(current)) return null;\n return { stored: auth.sourceUrl, current };\n}\n\n/**\n * Get the config for a specific profile (for display purposes).\n */\nexport function getProfileConfig(name: string): GlobalConfig | null {\n const profiles =\n (globalStore.get('profiles') as Record<string, GlobalConfig>) ?? {};\n return profiles[name] ?? null;\n}\n\n/**\n * Get auth config for a specific profile (for display purposes).\n */\nexport function getProfileAuth(name: string): AuthConfig {\n const profileAuth = authStore.get(name) as AuthConfig | undefined;\n return {\n token: profileAuth?.token ?? null,\n expiresAt: profileAuth?.expiresAt ?? null,\n refreshToken: profileAuth?.refreshToken ?? null,\n method: profileAuth?.method ?? null,\n tokenId: profileAuth?.tokenId ?? null,\n sourceUrl: profileAuth?.sourceUrl ?? null,\n };\n}\n","import { getAuthConfig, getGlobalConfig } from './config.js';\n\nexport type AuthMethod = 'api_key' | 'cas' | 'platform_token' | null;\n\n/**\n * Determine the current authentication method.\n * Priority: RUSH_API_KEY env > stored CAS token > null\n */\nexport function getAuthMethod(): AuthMethod {\n if (process.env.RUSH_API_KEY) {\n return 'api_key';\n }\n const auth = getAuthConfig();\n if (auth.token) {\n // Use stored method if available; detect rush_sk_ prefix as fallback\n if (auth.method === 'api_key' || auth.token.startsWith('rush_sk_')) {\n return 'api_key';\n }\n if (auth.method === 'platform_token') {\n return 'platform_token';\n }\n return auth.method ?? 'cas';\n }\n return null;\n}\n\n/**\n * Get the active auth token.\n * Priority: RUSH_API_KEY env > stored token\n */\nexport function getAuthToken(): string | null {\n if (process.env.RUSH_API_KEY) {\n return process.env.RUSH_API_KEY;\n }\n const auth = getAuthConfig();\n return auth.token;\n}\n\nexport interface CasConfig {\n authorizeEndpoint: string;\n tokenEndpoint: string;\n revokeEndpoint: string;\n clientId: string;\n}\n\n/**\n * Get CAS PKCE configuration.\n * Supports env overrides for private deployments.\n */\nexport function getCasConfig(): CasConfig {\n const config = getGlobalConfig();\n const baseUrl = process.env.RUSH_API_URL ?? config.api;\n\n return {\n authorizeEndpoint:\n process.env.RUSH_CAS_AUTHORIZE_ENDPOINT ??\n `${baseUrl}/cas/oauth2/authorize`,\n tokenEndpoint:\n process.env.RUSH_CAS_TOKEN_ENDPOINT ?? `${baseUrl}/cas/oauth2/token`,\n revokeEndpoint:\n process.env.RUSH_CAS_REVOKE_ENDPOINT ?? `${baseUrl}/cas/oauth2/revoke`,\n clientId: process.env.RUSH_CAS_CLIENT_ID ?? 'rush-ai',\n };\n}\n\nexport interface Principal {\n provider: 'ldap' | 'service';\n subject: string;\n}\n\n/**\n * Build a Principal object from the current auth context.\n * M1: only ldap is supported.\n */\nexport function getPrincipal(subject: string): Principal {\n const method = getAuthMethod();\n return {\n provider: method === 'api_key' ? 'service' : 'ldap',\n subject,\n };\n}\n","export class RushError extends Error {\n public code: string;\n public meta: Record<string, unknown>;\n public exitCode: number;\n\n constructor(\n message: string,\n meta: Record<string, unknown> = {},\n code = 'RUSH_ERROR',\n exitCode = 2\n ) {\n super(message);\n this.name = 'RushError';\n this.code = code;\n this.meta = meta;\n this.exitCode = exitCode;\n }\n}\n\nexport class AuthError extends RushError {\n constructor(message = 'Not authenticated. Run `rush-ai auth login` first.') {\n super(message, {}, 'AUTH_ERROR', 3);\n this.name = 'AuthError';\n }\n}\n\nexport class TaskFailedError extends RushError {\n constructor(message: string, meta: Record<string, unknown> = {}) {\n super(message, meta, 'TASK_FAILED', 1);\n this.name = 'TaskFailedError';\n }\n}\n\n/**\n * Generate a user-friendly error message based on HTTP status.\n * Server-provided error messages take priority.\n */\nfunction friendlyMessage(status: number, serverMessage?: string): string {\n if (serverMessage) return serverMessage;\n\n switch (status) {\n case 401:\n return 'Authentication expired. Run `rush-ai auth login` to re-authenticate.';\n case 403:\n return 'Permission denied. You may not have access to this resource.';\n case 404:\n return 'Resource not found.';\n case 429:\n return 'Rate limited. The server is busy, please try again later.';\n case 502:\n case 503:\n case 504:\n return 'Service temporarily unavailable. Please try again in a moment.';\n default:\n return `Request failed with status ${status}.`;\n }\n}\n\nexport class ApiError extends RushError {\n public status: number;\n public retryAfter?: string;\n\n constructor(\n message: string,\n status: number,\n body?: string,\n retryAfter?: string\n ) {\n // Try to extract server error message from body\n let serverMessage: string | undefined;\n if (body) {\n try {\n const parsed = JSON.parse(body);\n if (parsed.error && typeof parsed.error === 'string') {\n serverMessage = parsed.error;\n }\n } catch {\n // Not JSON\n }\n }\n\n super(\n friendlyMessage(status, serverMessage),\n { status, body },\n 'API_ERROR'\n );\n this.name = 'ApiError';\n this.status = status;\n this.retryAfter = retryAfter;\n }\n}\n\nexport function isRushError(error: unknown): error is RushError {\n return error instanceof RushError;\n}\n","let _verbose = false;\nlet _debug = false;\n\nexport function setVerbosity(verbose: boolean, debug: boolean): void {\n _debug = debug;\n _verbose = verbose || debug;\n}\n\nexport const isVerbose = (): boolean => _verbose;\nexport const isDebug = (): boolean => _debug;\n","import { getAuthToken, getCasConfig } from './auth.js';\nimport { getAuthConfig, getGlobalConfig, setAuthConfig } from './config.js';\n\nconst VERIFY_PATH = '/api/skill-auth/me';\nconst REFRESH_SKEW_MS = 60_000;\nconst AUTH_REQUEST_TIMEOUT_MS = 8_000;\n\ninterface RefreshTokenResponse {\n access_token: string;\n expires_in?: number;\n refresh_token?: string;\n}\n\nexport interface AuthVerificationResult {\n valid: boolean;\n status: number | null;\n message?: string;\n}\n\nexport interface RefreshOptions {\n force?: boolean;\n refreshWindowMs?: number;\n}\n\nfunction getApiBaseUrl(): string {\n return process.env.RUSH_API_URL ?? getGlobalConfig().api;\n}\n\nfunction buildBearerHeaders(token: string): Record<string, string> {\n return {\n Authorization: `Bearer ${token}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'rush-ai/0.2.0',\n };\n}\n\nfunction shouldRefreshToken(options?: RefreshOptions): boolean {\n const auth = getAuthConfig();\n // Platform tokens don't support refresh; only CAS tokens do\n if (!auth.token || auth.method !== 'cas' || !auth.refreshToken) {\n return false;\n }\n if (options?.force) {\n return true;\n }\n if (!auth.expiresAt) {\n return false;\n }\n const refreshWindowMs = options?.refreshWindowMs ?? REFRESH_SKEW_MS;\n return Date.now() >= auth.expiresAt - refreshWindowMs;\n}\n\nexport async function refreshCasAccessToken(\n options?: RefreshOptions\n): Promise<boolean> {\n if (process.env.RUSH_API_KEY || !shouldRefreshToken(options)) {\n return false;\n }\n\n const auth = getAuthConfig();\n if (!auth.refreshToken) {\n return false;\n }\n\n const cas = getCasConfig();\n const body = new URLSearchParams({\n grant_type: 'refresh_token',\n refresh_token: auth.refreshToken,\n client_id: cas.clientId,\n }).toString();\n\n try {\n const response = await fetch(cas.tokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body,\n signal: AbortSignal.timeout(AUTH_REQUEST_TIMEOUT_MS),\n });\n\n if (!response.ok) {\n return false;\n }\n\n const tokenData = (await response.json()) as RefreshTokenResponse;\n if (!tokenData.access_token) {\n return false;\n }\n\n const expiresAt = tokenData.expires_in\n ? Date.now() + tokenData.expires_in * 1000\n : auth.expiresAt;\n\n setAuthConfig({\n token: tokenData.access_token,\n expiresAt,\n refreshToken: tokenData.refresh_token ?? auth.refreshToken,\n method: 'cas',\n });\n\n return true;\n } catch {\n return false;\n }\n}\n\nexport async function verifyTokenOnline(\n token: string\n): Promise<AuthVerificationResult> {\n const url = `${getApiBaseUrl()}${VERIFY_PATH}`;\n\n try {\n const response = await fetch(url, {\n method: 'GET',\n headers: buildBearerHeaders(token),\n signal: AbortSignal.timeout(AUTH_REQUEST_TIMEOUT_MS),\n });\n\n if (response.ok) {\n return { valid: true, status: response.status };\n }\n\n const message = await response.text().catch(() => undefined);\n return {\n valid: false,\n status: response.status,\n message: message || `Server rejected token (${response.status})`,\n };\n } catch (error) {\n return {\n valid: false,\n status: null,\n message: `Network error: ${error instanceof Error ? error.message : 'unknown'}`,\n };\n }\n}\n\nexport async function verifyCurrentAuthSession(): Promise<AuthVerificationResult> {\n const token = getAuthToken();\n if (!token) {\n return {\n valid: false,\n status: null,\n message: 'Not authenticated',\n };\n }\n\n await refreshCasAccessToken();\n\n let activeToken = getAuthToken();\n if (!activeToken) {\n return {\n valid: false,\n status: null,\n message: 'Not authenticated',\n };\n }\n\n const result = await verifyTokenOnline(activeToken);\n if (result.valid || result.status !== 401 || process.env.RUSH_API_KEY) {\n return result;\n }\n\n const refreshed = await refreshCasAccessToken({ force: true });\n if (!refreshed) {\n return result;\n }\n\n activeToken = getAuthToken();\n if (!activeToken) {\n return result;\n }\n return verifyTokenOnline(activeToken);\n}\n\nasync function revokeToken(\n revokeEndpoint: string,\n clientId: string,\n token: string,\n tokenTypeHint: 'access_token' | 'refresh_token'\n): Promise<boolean> {\n const body = new URLSearchParams({\n token,\n token_type_hint: tokenTypeHint,\n client_id: clientId,\n }).toString();\n\n try {\n const response = await fetch(revokeEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body,\n signal: AbortSignal.timeout(AUTH_REQUEST_TIMEOUT_MS),\n });\n return response.ok;\n } catch {\n return false;\n }\n}\n\nexport async function revokeCurrentSession(): Promise<boolean> {\n if (process.env.RUSH_API_KEY) {\n return false;\n }\n\n const auth = getAuthConfig();\n\n if (auth.method === 'platform_token') {\n return revokePlatformToken();\n }\n\n if (auth.method !== 'cas') {\n return false;\n }\n\n const cas = getCasConfig();\n const candidates: Array<{\n token: string;\n hint: 'access_token' | 'refresh_token';\n }> = [];\n if (auth.refreshToken) {\n candidates.push({ token: auth.refreshToken, hint: 'refresh_token' });\n }\n if (auth.token) {\n candidates.push({ token: auth.token, hint: 'access_token' });\n }\n\n if (candidates.length === 0) {\n return false;\n }\n\n let anyRevoked = false;\n for (const candidate of candidates) {\n const revoked = await revokeToken(\n cas.revokeEndpoint,\n cas.clientId,\n candidate.token,\n candidate.hint\n );\n if (revoked) {\n anyRevoked = true;\n }\n }\n\n return anyRevoked;\n}\n\n/** @deprecated Use revokeCurrentSession instead */\nexport const revokeCurrentCasSession = revokeCurrentSession;\n\nasync function revokePlatformToken(): Promise<boolean> {\n const auth = getAuthConfig();\n if (!auth.tokenId || !auth.token) {\n return false;\n }\n\n const baseUrl = getApiBaseUrl();\n const url = `${baseUrl}/api/platform-tokens?id=${encodeURIComponent(auth.tokenId)}`;\n\n try {\n const response = await fetch(url, {\n method: 'DELETE',\n headers: {\n Authorization: `Bearer ${auth.token}`,\n 'User-Agent': 'rush-ai/0.2.0',\n },\n signal: AbortSignal.timeout(AUTH_REQUEST_TIMEOUT_MS),\n });\n return response.ok;\n } catch {\n return false;\n }\n}\n","import { ApiError, RushError } from './errors.js';\n\nexport interface RetryOptions {\n /** Maximum number of retries (default: 3, total attempts = maxRetries + 1) */\n maxRetries?: number;\n /** Base delay in ms for exponential backoff (default: 1000) */\n baseDelay?: number;\n /** Maximum delay in ms (default: 30000) */\n maxDelay?: number;\n /** HTTP status codes eligible for retry (default: [429, 502, 503, 504]) */\n retryableStatuses?: number[];\n /** AbortSignal to cancel retries */\n signal?: AbortSignal;\n /** Called before each retry with attempt number (1-based) and delay in ms */\n onRetry?: (attempt: number, delayMs: number, status?: number) => void;\n}\n\n/**\n * Parse the Retry-After HTTP header value.\n * Supports both seconds (integer) and HTTP-date formats.\n * Returns delay in milliseconds, or null if unparseable.\n */\nexport function parseRetryAfter(value: string): number | null {\n // Try as integer seconds first\n const seconds = Number(value);\n if (!Number.isNaN(seconds) && seconds >= 0) {\n return seconds * 1000;\n }\n\n // Try as HTTP-date\n const date = new Date(value);\n if (!Number.isNaN(date.getTime())) {\n const delayMs = date.getTime() - Date.now();\n return delayMs > 0 ? delayMs : 0;\n }\n\n return null;\n}\n\n/**\n * Calculate delay with exponential backoff and jitter.\n */\nfunction calculateDelay(\n attempt: number,\n baseDelay: number,\n maxDelay: number\n): number {\n const exponential = baseDelay * 2 ** attempt;\n const jitter = Math.random() * baseDelay * 0.5;\n return Math.min(exponential + jitter, maxDelay);\n}\n\nfunction isRetryableError(\n error: unknown,\n retryableStatuses: number[]\n): boolean {\n // Network errors (fetch failures) are retryable\n if (error instanceof RushError && error.code === 'NETWORK_ERROR') {\n return true;\n }\n\n // API errors with retryable status codes\n if (error instanceof ApiError && retryableStatuses.includes(error.status)) {\n return true;\n }\n\n return false;\n}\n\nfunction getRetryAfterFromError(error: unknown): number | null {\n if (error instanceof ApiError && error.status === 429) {\n // Use Retry-After HTTP header (propagated via ApiError.retryAfter)\n if (error.retryAfter) {\n return parseRetryAfter(error.retryAfter);\n }\n }\n return null;\n}\n\n/**\n * Wrap an async function with retry logic using exponential backoff.\n *\n * Important: This should only be used for idempotent operations.\n * The caller (RushClient) is responsible for only wrapping GET/HEAD/DELETE.\n */\nexport async function withRetry<T>(\n fn: () => Promise<T>,\n options: RetryOptions = {}\n): Promise<T> {\n const {\n maxRetries = 3,\n baseDelay = 1000,\n maxDelay = 30_000,\n retryableStatuses = [429, 502, 503, 504],\n signal,\n onRetry,\n } = options;\n\n let lastError: unknown;\n\n for (let attempt = 0; attempt <= maxRetries; attempt++) {\n // Check abort before each attempt\n if (signal?.aborted) {\n throw lastError ?? new RushError('Request aborted', {}, 'ABORT_ERROR');\n }\n\n try {\n return await fn();\n } catch (error) {\n lastError = error;\n\n // Don't retry if this is the last attempt\n if (attempt >= maxRetries) {\n throw error;\n }\n\n // Don't retry non-retryable errors\n if (!isRetryableError(error, retryableStatuses)) {\n throw error;\n }\n\n // Check abort before waiting\n if (signal?.aborted) {\n throw error;\n }\n\n // Calculate delay: use Retry-After if available (for 429), otherwise backoff\n let delayMs: number;\n const retryAfterMs = getRetryAfterFromError(error);\n if (retryAfterMs !== null) {\n // Cap Retry-After at 120 seconds\n delayMs = Math.min(retryAfterMs, 120_000);\n } else {\n delayMs = calculateDelay(attempt, baseDelay, maxDelay);\n }\n\n const status = error instanceof ApiError ? error.status : undefined;\n onRetry?.(attempt + 1, delayMs, status);\n\n // Wait with abort support\n await new Promise<void>((resolve, reject) => {\n const timer = setTimeout(resolve, delayMs);\n if (signal) {\n const onAbort = () => {\n clearTimeout(timer);\n reject(lastError);\n };\n signal.addEventListener('abort', onAbort, { once: true });\n // Clean up listener after timer fires\n const origResolve = resolve;\n setTimeout(() => {\n signal.removeEventListener('abort', onAbort);\n origResolve();\n }, delayMs);\n }\n });\n }\n }\n\n // Should never reach here, but TypeScript needs it\n throw lastError;\n}\n","import { output } from '../output/logger.js';\nimport { VERSION } from '../version.js';\nimport { getAuthToken } from './auth.js';\nimport { refreshCasAccessToken } from './auth-session.js';\nimport { getAuthConfig, getGlobalConfig } from './config.js';\nimport { ApiError, RushError } from './errors.js';\nimport { withRetry } from './retry.js';\nimport { isDebug, isVerbose } from './verbosity.js';\n\nconst SENSITIVE_HEADERS = [\n 'authorization',\n 'cookie',\n 'set-cookie',\n 'x-api-key',\n];\n\nfunction maskSensitiveHeaders(headers: Headers): Record<string, string> {\n const result: Record<string, string> = {};\n headers.forEach((value, key) => {\n result[key] = SENSITIVE_HEADERS.includes(key.toLowerCase())\n ? '[REDACTED]'\n : value;\n });\n return result;\n}\n\nexport interface FetchOptions extends RequestInit {\n json?: boolean;\n}\n\nexport interface ApiResponse<T = unknown> {\n ok: boolean;\n status: number;\n data: T;\n}\n\nexport interface ApiErrorBody {\n error: string;\n code: string;\n retryable: boolean;\n}\n\nexport class RushClient {\n private baseUrl: string;\n\n constructor() {\n const config = getGlobalConfig();\n const raw = process.env.RUSH_API_URL ?? config.api;\n this.baseUrl = raw.replace(/\\/+$/, '');\n }\n\n private async getHeaders(): Promise<Record<string, string>> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'User-Agent': `rush-ai/${VERSION}`,\n };\n\n if (!process.env.RUSH_API_KEY) {\n await refreshCasAccessToken();\n }\n\n const token = getAuthToken();\n if (token) {\n // Both CAS token and service account API key (rush_sk_*) use Bearer.\n // Backend distinguishes by the rush_sk_ prefix.\n headers.Authorization = `Bearer ${token}`;\n }\n\n // Test mode: skip CAS auth in non-production environments\n if (process.env.RUSH_TEST_MODE === 'integration-test') {\n headers['X-Test-Mode'] = 'integration-test';\n }\n\n return headers;\n }\n\n /**\n * Merge default headers with per-request overrides. A `null` override value\n * drops the default entirely — used by multipart POSTs that need fetch to\n * synthesize its own Content-Type with a boundary. An empty string stays as\n * an empty-value header so callers can still send one intentionally.\n */\n private mergeHeaders(\n base: Record<string, string>,\n overrides: Record<string, string | null>\n ): Record<string, string> {\n const merged: Record<string, string> = { ...base };\n for (const [key, value] of Object.entries(overrides)) {\n if (value === null) {\n delete merged[key];\n } else {\n merged[key] = value;\n }\n }\n return merged;\n }\n\n private async performRequest(\n url: string,\n options: RequestInit,\n retryOnUnauthorized = true\n ): Promise<Response> {\n // Override headers may use `null` as a sentinel to drop a default\n // (see mergeHeaders). The public fetch signature doesn't know about this,\n // so we cast narrowly here.\n const requestHeaders =\n (options.headers as Record<string, string | null>) ?? {};\n const headers = await this.getHeaders();\n\n try {\n const response = await fetch(url, {\n ...options,\n headers: this.mergeHeaders(headers, requestHeaders),\n });\n\n if (\n response.status === 401 &&\n retryOnUnauthorized &&\n !process.env.RUSH_API_KEY\n ) {\n const auth = getAuthConfig();\n const canRefresh = auth.method === 'cas' && Boolean(auth.refreshToken);\n if (canRefresh && (await refreshCasAccessToken({ force: true }))) {\n const retryHeaders = await this.getHeaders();\n return await fetch(url, {\n ...options,\n headers: this.mergeHeaders(retryHeaders, requestHeaders),\n });\n }\n }\n\n return response;\n } catch (err) {\n throw new RushError(\n `Network error: ${err instanceof Error ? err.message : 'Failed to connect'}`,\n { url },\n 'NETWORK_ERROR'\n );\n }\n }\n\n /** Idempotent HTTP methods eligible for automatic retry */\n private static readonly RETRYABLE_METHODS = ['GET', 'HEAD', 'DELETE'];\n\n /**\n * Internal fetch with response parsing and error handling (no retry).\n */\n private async _doFetch<T = unknown>(\n path: string,\n options: FetchOptions = {}\n ): Promise<ApiResponse<T>> {\n const { json = true, ...fetchOptions } = options;\n const url = `${this.baseUrl}${path}`;\n const method = (fetchOptions.method ?? 'GET').toUpperCase();\n const startTime = Date.now();\n\n if (isVerbose()) {\n output.dim(`→ ${method} ${url}`);\n }\n\n const response = await this.performRequest(url, fetchOptions);\n\n if (isVerbose()) {\n output.dim(\n `← ${response.status} ${response.statusText} (${Date.now() - startTime}ms)`\n );\n }\n\n if (isDebug()) {\n output.dim(\n ` Response headers: ${JSON.stringify(maskSensitiveHeaders(response.headers))}`\n );\n }\n\n if (!response.ok) {\n const errorBody = await response.text().catch(() => 'Unknown error');\n const retryAfter = response.headers.get('retry-after') ?? undefined;\n\n throw new ApiError(\n `API request failed: ${response.status} ${response.statusText}`,\n response.status,\n errorBody,\n retryAfter\n );\n }\n\n const data = json\n ? ((await response.json()) as T)\n : ((await response.text()) as T);\n\n return {\n ok: true,\n status: response.status,\n data,\n };\n }\n\n /**\n * Fetch with response parsing, error handling, and automatic retry\n * for idempotent methods (GET, HEAD, DELETE).\n */\n async fetch<T = unknown>(\n path: string,\n options: FetchOptions = {}\n ): Promise<ApiResponse<T>> {\n const method = (options.method ?? 'GET').toUpperCase();\n const isRetryable = RushClient.RETRYABLE_METHODS.includes(method);\n\n if (!isRetryable) {\n return this._doFetch<T>(path, options);\n }\n\n return withRetry(() => this._doFetch<T>(path, options), {\n signal: options.signal ?? undefined,\n onRetry: (attempt, delayMs, status) => {\n const statusInfo = status ? ` (${status})` : '';\n console.error(\n `\\u27F3 Retrying ${method} ${path}${statusInfo} (attempt ${attempt}) in ${(delayMs / 1000).toFixed(1)}s...`\n );\n },\n });\n }\n\n /**\n * Raw fetch for streaming (SSE) responses.\n * Returns the raw Response object.\n */\n async fetchRaw(path: string, options: RequestInit = {}): Promise<Response> {\n const url = `${this.baseUrl}${path}`;\n\n const response = await this.performRequest(url, options);\n\n if (!response.ok) {\n const errorBody = await response.text().catch(() => 'Unknown error');\n throw new ApiError(\n `API request failed: ${response.status} ${response.statusText}`,\n response.status,\n errorBody\n );\n }\n\n return response;\n }\n\n async get<T = unknown>(path: string): Promise<ApiResponse<T>> {\n return this.fetch<T>(path, { method: 'GET' });\n }\n\n async post<T = unknown>(\n path: string,\n body?: unknown\n ): Promise<ApiResponse<T>> {\n return this.fetch<T>(path, {\n method: 'POST',\n body: body ? JSON.stringify(body) : undefined,\n });\n }\n\n /**\n * POST multipart/form-data. The default `Content-Type: application/json`\n * must be removed so fetch can set its own multipart boundary — passing\n * `null` as the header value tells mergeHeaders to drop the key.\n */\n async postFormData<T = unknown>(\n path: string,\n formData: FormData\n ): Promise<ApiResponse<T>> {\n return this._doFetch<T>(path, {\n method: 'POST',\n body: formData,\n // Cast: RequestInit.headers doesn't include null; mergeHeaders handles it.\n headers: { 'Content-Type': null } as unknown as HeadersInit,\n });\n }\n\n async put<T = unknown>(\n path: string,\n body?: unknown\n ): Promise<ApiResponse<T>> {\n return this.fetch<T>(path, {\n method: 'PUT',\n body: body ? JSON.stringify(body) : undefined,\n });\n }\n\n async delete<T = unknown>(path: string): Promise<ApiResponse<T>> {\n return this.fetch<T>(path, { method: 'DELETE' });\n }\n}\n\nexport function createClient(): RushClient {\n return new RushClient();\n}\n"],"mappings":";;;AAAA,OAAO,WAAW;AAYX,IAAM,SAAS;AAAA;AAAA,EAEpB,IAAI,SAAuB;AACzB,YAAQ,IAAI,OAAO;AAAA,EACrB;AAAA;AAAA,EAGA,QAAQ,SAAuB;AAC7B,YAAQ,MAAM,MAAM,MAAM,UAAU,GAAG,OAAO;AAAA,EAChD;AAAA;AAAA,EAGA,MAAM,SAAuB;AAC3B,YAAQ,MAAM,MAAM,IAAI,QAAQ,GAAG,OAAO;AAAA,EAC5C;AAAA;AAAA,EAGA,KAAK,SAAuB;AAC1B,YAAQ,MAAM,MAAM,OAAO,UAAU,GAAG,OAAO;AAAA,EACjD;AAAA;AAAA,EAGA,KAAK,SAAuB;AAC1B,YAAQ,MAAM,MAAM,KAAK,OAAO,GAAG,OAAO;AAAA,EAC5C;AAAA;AAAA,EAGA,IAAI,SAAuB;AACzB,YAAQ,MAAM,MAAM,IAAI,OAAO,CAAC;AAAA,EAClC;AAAA,EAEA,MAAM,MAAsC;AAC1C,YAAQ,MAAM,IAAI;AAAA,EACpB;AAAA;AAAA,EAGA,UAAgB;AACd,YAAQ,MAAM;AAAA,EAChB;AAAA,EAEA,KAAK,MAAc,KAAqB;AACtC,WAAO,MAAM,KAAK,UAAU,GAAG;AAAA,EACjC;AAAA,EAEA,KAAK,MAAsB;AACzB,WAAO,MAAM,KAAK,IAAI;AAAA,EACxB;AACF;;;AC3DA,SAAS,oBAAoB;AAC7B,SAAS,SAAS,eAAe;AACjC,SAAS,qBAAqB;AASvB,SAAS,cAAsB;AACpC,QAAM,YAAY,QAAQ,cAAc,YAAY,GAAG,CAAC;AAExD,QAAM,aAAa;AAAA,IACjB,QAAQ,WAAW,MAAM,cAAc;AAAA,IACvC,QAAQ,WAAW,MAAM,MAAM,cAAc;AAAA,EAC/C;AAEA,aAAW,aAAa,YAAY;AAClC,QAAI;AACF,YAAM,MAAM,KAAK,MAAM,aAAa,WAAW,OAAO,CAAC;AACvD,UAAI,IAAI,SAAS,aAAa,IAAI,SAAS;AACzC,eAAO,IAAI;AAAA,MACb;AAAA,IACF,QAAQ;AAAA,IAER;AAAA,EACF;AACA,UAAQ,MAAM,6DAA6D;AAC3E,SAAO;AACT;AAEO,IAAM,UAAkB,YAAY;;;ACjC3C,SAAS,eAAe;AACxB,SAAS,WAAAA,gBAAe;AACxB,OAAO,UAAU;AA4CjB,IAAM,kBAAkBA,SAAQ,QAAQ,GAAG,OAAO;AAClD,IAAM,cAAc;AAEpB,IAAM,gBAA4B;AAAA,EAChC,OAAO;AAAA,EACP,WAAW;AAAA,EACX,cAAc;AAAA,EACd,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,WAAW;AACb;AAEA,IAAM,kBAAgC;AAAA,EACpC,aAAa;AAAA,EACb,KAAK;AAAA,EACL,gBAAgB;AAClB;AAIA,IAAM,cAAc,IAAI,KAA8B;AAAA,EACpD,aAAa;AAAA,EACb,KAAK;AAAA,EACL,YAAY;AAAA,EACZ,UAAU,CAAC;AACb,CAAC;AAED,IAAM,YAAY,IAAI,KAA8B;AAAA,EAClD,aAAa;AAAA,EACb,KAAK;AAAA,EACL,YAAY;AAAA,EACZ,UAAU,CAAC;AACb,CAAC;AAID,SAAS,6BAAmC;AAC1C,QAAM,UAAU,YAAY,IAAI,UAAU;AAC1C,MAAI,YAAY,EAAG;AAGnB,QAAM,eAAe,YAAY,IAAI,KAAK,KAAK,CAAC,YAAY,IAAI,UAAU;AAC1E,QAAM,UAAU,YAAY,SAAS;AAErC,MAAI,cAAc;AAEhB,UAAM,YAA0B;AAAA,MAC9B,aAAc,YAAY,IAAI,aAAa,KAAuB;AAAA,MAClE,KAAM,YAAY,IAAI,KAAK,KAAgB;AAAA,MAC3C,gBAAiB,YAAY,IAAI,gBAAgB,KAAiB;AAAA,IACpE;AAEA,gBAAY,MAAM;AAClB,gBAAY,IAAI,YAAY,CAAC;AAC7B,gBAAY,IAAI,iBAAiB,SAAS;AAC1C,gBAAY,IAAI,YAAY,EAAE,SAAS,UAAU,CAAC;AAAA,EACpD,WAAW,WAAW,CAAC,YAAY,IAAI,UAAU,GAAG;AAElD,gBAAY,IAAI,YAAY,CAAC;AAC7B,QAAI,CAAC,YAAY,IAAI,eAAe,GAAG;AACrC,kBAAY,IAAI,iBAAiB,SAAS;AAAA,IAC5C;AACA,QAAI,CAAC,YAAY,IAAI,UAAU,GAAG;AAChC,kBAAY,IAAI,YAAY,EAAE,SAAS,EAAE,GAAG,gBAAgB,EAAE,CAAC;AAAA,IACjE;AAAA,EACF;AACF;AAEA,SAAS,2BAAiC;AACxC,QAAM,UAAU,UAAU,IAAI,UAAU;AACxC,MAAI,YAAY,EAAG;AAGnB,QAAM,eAAe,UAAU,IAAI,OAAO,KAAK,UAAU,IAAI,QAAQ;AACrE,QAAM,UAAU,UAAU,SAAS;AAEnC,MAAI,cAAc;AAChB,UAAM,UAAsB;AAAA,MAC1B,OAAQ,UAAU,IAAI,OAAO,KAAuB;AAAA,MACpD,WAAY,UAAU,IAAI,WAAW,KAAuB;AAAA,MAC5D,cAAe,UAAU,IAAI,cAAc,KAAuB;AAAA,MAClE,QAAS,UAAU,IAAI,QAAQ,KAA8B;AAAA,MAC7D,SAAU,UAAU,IAAI,SAAS,KAAuB;AAAA,MACxD,WAAW;AAAA,IACb;AAEA,cAAU,MAAM;AAChB,cAAU,IAAI,YAAY,CAAC;AAC3B,cAAU,IAAI,WAAW,OAAO;AAChC;AAAA,EACF;AAEA,MAAI,SAAS;AACX,cAAU,IAAI,YAAY,CAAC;AAC3B;AAAA,EACF;AAGA,MAAI,YAAY,GAAG;AACjB,eAAW,OAAO,OAAO,KAAK,UAAU,KAAK,GAAG;AAC9C,UAAI,QAAQ,WAAY;AACxB,YAAM,QAAQ,UAAU,IAAI,GAAG;AAC/B,UAAI,CAAC,SAAS,OAAO,UAAU,SAAU;AACzC,YAAM,SAAS;AACf,UAAI,EAAE,eAAe,SAAS;AAC5B,kBAAU,IAAI,KAAK,EAAE,GAAG,QAAQ,WAAW,KAAK,CAAC;AAAA,MACnD;AAAA,IACF;AACA,cAAU,IAAI,YAAY,CAAC;AAAA,EAC7B;AACF;AAGA,2BAA2B;AAC3B,yBAAyB;AAQlB,SAAS,mBAA2B;AACzC,SACE,QAAQ,IAAI,gBACX,YAAY,IAAI,eAAe,KAChC;AAEJ;AAEO,SAAS,iBAAiB,MAAoB;AACnD,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,MAAI,CAAC,SAAS,IAAI,GAAG;AACnB,UAAM,IAAI;AAAA,MACR,YAAY,IAAI,gCAAgC,OAAO,KAAK,QAAQ,EAAE,KAAK,IAAI,CAAC;AAAA,IAClF;AAAA,EACF;AACA,cAAY,IAAI,iBAAiB,IAAI;AACvC;AAEO,SAAS,eAAyB;AACvC,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,SAAO,OAAO,KAAK,QAAQ;AAC7B;AAEO,SAAS,cACd,MACA,QACM;AACN,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,MAAI,SAAS,IAAI,GAAG;AAClB,UAAM,IAAI,MAAM,YAAY,IAAI,mBAAmB;AAAA,EACrD;AAEA,QAAM,gBAAgB,SAAS,WAAW;AAC1C,WAAS,IAAI,IAAI,EAAE,GAAG,eAAe,GAAG,OAAO;AAC/C,cAAY,IAAI,YAAY,QAAQ;AACtC;AAEO,SAAS,cAAc,MAAoB;AAChD,MAAI,SAAS,WAAW;AACtB,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AACA,QAAM,SAAS,iBAAiB;AAChC,MAAI,SAAS,QAAQ;AACnB,UAAM,IAAI;AAAA,MACR,qCAAqC,IAAI;AAAA,IAC3C;AAAA,EACF;AACA,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,MAAI,CAAC,SAAS,IAAI,GAAG;AACnB,UAAM,IAAI,MAAM,YAAY,IAAI,mBAAmB;AAAA,EACrD;AACA,SAAO,SAAS,IAAI;AACpB,cAAY,IAAI,YAAY,QAAQ;AAGpC,YAAU,OAAO,IAAI;AACvB;AAIO,SAAS,gBAA4B;AAC1C,QAAM,UAAU,iBAAiB;AACjC,QAAM,cAAc,UAAU,IAAI,OAAO;AACzC,SAAO;AAAA,IACL,OAAO,aAAa,SAAS;AAAA,IAC7B,WAAW,aAAa,aAAa;AAAA,IACrC,cAAc,aAAa,gBAAgB;AAAA,IAC3C,QAAQ,aAAa,UAAU;AAAA,IAC/B,SAAS,aAAa,WAAW;AAAA,IACjC,WAAW,aAAa,aAAa;AAAA,EACvC;AACF;AAEO,SAAS,cAAc,QAAmC;AAC/D,QAAM,UAAU,iBAAiB;AACjC,QAAM,UAAW,UAAU,IAAI,OAAO,KAAoB;AAAA,IACxD,GAAG;AAAA,EACL;AACA,YAAU,IAAI,SAAS,EAAE,GAAG,SAAS,GAAG,OAAO,CAAC;AAClD;AAGO,SAAS,kBAAwB;AACtC,QAAM,UAAU,iBAAiB;AACjC,YAAU,IAAI,SAAS,EAAE,GAAG,cAAc,CAAC;AAC7C;AAYO,SAAS,kBAAgC;AAC9C,QAAM,UAAU,iBAAiB;AACjC,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,QAAM,gBAAgB,SAAS,OAAO,KAAK;AAC3C,SAAO;AAAA,IACL,aAAa,cAAc,eAAe;AAAA,IAC1C,KAAK,cAAc,OAAO;AAAA,IAC1B,gBAAgB,cAAc,kBAAkB;AAAA,EAClD;AACF;AAEO,SAAS,gBAAgB,QAAqC;AACnE,QAAM,UAAU,iBAAiB;AACjC,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,QAAM,UAAU,SAAS,OAAO,KAAK,EAAE,GAAG,gBAAgB;AAC1D,WAAS,OAAO,IAAI,EAAE,GAAG,SAAS,GAAG,OAAO;AAC5C,cAAY,IAAI,YAAY,QAAQ;AACtC;AAEO,SAAS,eAAuB;AACrC,SAAO;AACT;AAEO,SAAS,aAAsB;AACpC,QAAM,OAAO,cAAc;AAC3B,MAAI,CAAC,KAAK,MAAO,QAAO;AACxB,MAAI,KAAK,aAAa,KAAK,IAAI,IAAI,KAAK,WAAW;AAEjD,WAAO,KAAK,WAAW,SAAS,QAAQ,KAAK,YAAY;AAAA,EAC3D;AACA,SAAO;AACT;AAGO,SAAS,gBAAgB,KAAqB;AACnD,SAAO,IAAI,QAAQ,QAAQ,EAAE,EAAE,YAAY;AAC7C;AAaO,SAAS,wBACd,oBAC4C;AAC5C,QAAM,OAAO,cAAc;AAC3B,MAAI,CAAC,KAAK,SAAS,CAAC,KAAK,UAAW,QAAO;AAC3C,QAAM,UAAU,sBAAsB,gBAAgB,EAAE;AACxD,MAAI,gBAAgB,KAAK,SAAS,MAAM,gBAAgB,OAAO,EAAG,QAAO;AACzE,SAAO,EAAE,QAAQ,KAAK,WAAW,QAAQ;AAC3C;AAKO,SAAS,iBAAiB,MAAmC;AAClE,QAAM,WACH,YAAY,IAAI,UAAU,KAAsC,CAAC;AACpE,SAAO,SAAS,IAAI,KAAK;AAC3B;AAKO,SAAS,eAAe,MAA0B;AACvD,QAAM,cAAc,UAAU,IAAI,IAAI;AACtC,SAAO;AAAA,IACL,OAAO,aAAa,SAAS;AAAA,IAC7B,WAAW,aAAa,aAAa;AAAA,IACrC,cAAc,aAAa,gBAAgB;AAAA,IAC3C,QAAQ,aAAa,UAAU;AAAA,IAC/B,SAAS,aAAa,WAAW;AAAA,IACjC,WAAW,aAAa,aAAa;AAAA,EACvC;AACF;;;ACxVO,SAAS,gBAA4B;AAC1C,MAAI,QAAQ,IAAI,cAAc;AAC5B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,cAAc;AAC3B,MAAI,KAAK,OAAO;AAEd,QAAI,KAAK,WAAW,aAAa,KAAK,MAAM,WAAW,UAAU,GAAG;AAClE,aAAO;AAAA,IACT;AACA,QAAI,KAAK,WAAW,kBAAkB;AACpC,aAAO;AAAA,IACT;AACA,WAAO,KAAK,UAAU;AAAA,EACxB;AACA,SAAO;AACT;AAMO,SAAS,eAA8B;AAC5C,MAAI,QAAQ,IAAI,cAAc;AAC5B,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,QAAM,OAAO,cAAc;AAC3B,SAAO,KAAK;AACd;AAaO,SAAS,eAA0B;AACxC,QAAM,SAAS,gBAAgB;AAC/B,QAAM,UAAU,QAAQ,IAAI,gBAAgB,OAAO;AAEnD,SAAO;AAAA,IACL,mBACE,QAAQ,IAAI,+BACZ,GAAG,OAAO;AAAA,IACZ,eACE,QAAQ,IAAI,2BAA2B,GAAG,OAAO;AAAA,IACnD,gBACE,QAAQ,IAAI,4BAA4B,GAAG,OAAO;AAAA,IACpD,UAAU,QAAQ,IAAI,sBAAsB;AAAA,EAC9C;AACF;;;AC/DO,IAAM,YAAN,cAAwB,MAAM;AAAA,EAC5B;AAAA,EACA;AAAA,EACA;AAAA,EAEP,YACE,SACA,OAAgC,CAAC,GACjC,OAAO,cACP,WAAW,GACX;AACA,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,WAAW;AAAA,EAClB;AACF;AAEO,IAAM,YAAN,cAAwB,UAAU;AAAA,EACvC,YAAY,UAAU,sDAAsD;AAC1E,UAAM,SAAS,CAAC,GAAG,cAAc,CAAC;AAClC,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,UAAU;AAAA,EAC7C,YAAY,SAAiB,OAAgC,CAAC,GAAG;AAC/D,UAAM,SAAS,MAAM,eAAe,CAAC;AACrC,SAAK,OAAO;AAAA,EACd;AACF;AAMA,SAAS,gBAAgB,QAAgB,eAAgC;AACvE,MAAI,cAAe,QAAO;AAE1B,UAAQ,QAAQ;AAAA,IACd,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO,8BAA8B,MAAM;AAAA,EAC/C;AACF;AAEO,IAAM,WAAN,cAAuB,UAAU;AAAA,EAC/B;AAAA,EACA;AAAA,EAEP,YACE,SACA,QACA,MACA,YACA;AAEA,QAAI;AACJ,QAAI,MAAM;AACR,UAAI;AACF,cAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,YAAI,OAAO,SAAS,OAAO,OAAO,UAAU,UAAU;AACpD,0BAAgB,OAAO;AAAA,QACzB;AAAA,MACF,QAAQ;AAAA,MAER;AAAA,IACF;AAEA;AAAA,MACE,gBAAgB,QAAQ,aAAa;AAAA,MACrC,EAAE,QAAQ,KAAK;AAAA,MACf;AAAA,IACF;AACA,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,aAAa;AAAA,EACpB;AACF;AAEO,SAAS,YAAY,OAAoC;AAC9D,SAAO,iBAAiB;AAC1B;;;AC9FA,IAAI,WAAW;AACf,IAAI,SAAS;AAEN,SAAS,aAAa,SAAkB,OAAsB;AACnE,WAAS;AACT,aAAW,WAAW;AACxB;AAEO,IAAM,YAAY,MAAe;AACjC,IAAM,UAAU,MAAe;;;ACNtC,IAAM,cAAc;AACpB,IAAM,kBAAkB;AACxB,IAAM,0BAA0B;AAmBhC,SAAS,gBAAwB;AAC/B,SAAO,QAAQ,IAAI,gBAAgB,gBAAgB,EAAE;AACvD;AAEA,SAAS,mBAAmB,OAAuC;AACjE,SAAO;AAAA,IACL,eAAe,UAAU,KAAK;AAAA,IAC9B,gBAAgB;AAAA,IAChB,cAAc;AAAA,EAChB;AACF;AAEA,SAAS,mBAAmB,SAAmC;AAC7D,QAAM,OAAO,cAAc;AAE3B,MAAI,CAAC,KAAK,SAAS,KAAK,WAAW,SAAS,CAAC,KAAK,cAAc;AAC9D,WAAO;AAAA,EACT;AACA,MAAI,SAAS,OAAO;AAClB,WAAO;AAAA,EACT;AACA,MAAI,CAAC,KAAK,WAAW;AACnB,WAAO;AAAA,EACT;AACA,QAAM,kBAAkB,SAAS,mBAAmB;AACpD,SAAO,KAAK,IAAI,KAAK,KAAK,YAAY;AACxC;AAEA,eAAsB,sBACpB,SACkB;AAClB,MAAI,QAAQ,IAAI,gBAAgB,CAAC,mBAAmB,OAAO,GAAG;AAC5D,WAAO;AAAA,EACT;AAEA,QAAM,OAAO,cAAc;AAC3B,MAAI,CAAC,KAAK,cAAc;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,aAAa;AACzB,QAAM,OAAO,IAAI,gBAAgB;AAAA,IAC/B,YAAY;AAAA,IACZ,eAAe,KAAK;AAAA,IACpB,WAAW,IAAI;AAAA,EACjB,CAAC,EAAE,SAAS;AAEZ,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,IAAI,eAAe;AAAA,MAC9C,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA;AAAA,MACA,QAAQ,YAAY,QAAQ,uBAAuB;AAAA,IACrD,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,aAAO;AAAA,IACT;AAEA,UAAM,YAAa,MAAM,SAAS,KAAK;AACvC,QAAI,CAAC,UAAU,cAAc;AAC3B,aAAO;AAAA,IACT;AAEA,UAAM,YAAY,UAAU,aACxB,KAAK,IAAI,IAAI,UAAU,aAAa,MACpC,KAAK;AAET,kBAAc;AAAA,MACZ,OAAO,UAAU;AAAA,MACjB;AAAA,MACA,cAAc,UAAU,iBAAiB,KAAK;AAAA,MAC9C,QAAQ;AAAA,IACV,CAAC;AAED,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACiC;AACjC,QAAM,MAAM,GAAG,cAAc,CAAC,GAAG,WAAW;AAE5C,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR,SAAS,mBAAmB,KAAK;AAAA,MACjC,QAAQ,YAAY,QAAQ,uBAAuB;AAAA,IACrD,CAAC;AAED,QAAI,SAAS,IAAI;AACf,aAAO,EAAE,OAAO,MAAM,QAAQ,SAAS,OAAO;AAAA,IAChD;AAEA,UAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,MAAS;AAC3D,WAAO;AAAA,MACL,OAAO;AAAA,MACP,QAAQ,SAAS;AAAA,MACjB,SAAS,WAAW,0BAA0B,SAAS,MAAM;AAAA,IAC/D;AAAA,EACF,SAAS,OAAO;AACd,WAAO;AAAA,MACL,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,SAAS,kBAAkB,iBAAiB,QAAQ,MAAM,UAAU,SAAS;AAAA,IAC/E;AAAA,EACF;AACF;AAEA,eAAsB,2BAA4D;AAChF,QAAM,QAAQ,aAAa;AAC3B,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,MACL,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,SAAS;AAAA,IACX;AAAA,EACF;AAEA,QAAM,sBAAsB;AAE5B,MAAI,cAAc,aAAa;AAC/B,MAAI,CAAC,aAAa;AAChB,WAAO;AAAA,MACL,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,SAAS;AAAA,IACX;AAAA,EACF;AAEA,QAAM,SAAS,MAAM,kBAAkB,WAAW;AAClD,MAAI,OAAO,SAAS,OAAO,WAAW,OAAO,QAAQ,IAAI,cAAc;AACrE,WAAO;AAAA,EACT;AAEA,QAAM,YAAY,MAAM,sBAAsB,EAAE,OAAO,KAAK,CAAC;AAC7D,MAAI,CAAC,WAAW;AACd,WAAO;AAAA,EACT;AAEA,gBAAc,aAAa;AAC3B,MAAI,CAAC,aAAa;AAChB,WAAO;AAAA,EACT;AACA,SAAO,kBAAkB,WAAW;AACtC;AAEA,eAAe,YACb,gBACA,UACA,OACA,eACkB;AAClB,QAAM,OAAO,IAAI,gBAAgB;AAAA,IAC/B;AAAA,IACA,iBAAiB;AAAA,IACjB,WAAW;AAAA,EACb,CAAC,EAAE,SAAS;AAEZ,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,gBAAgB;AAAA,MAC3C,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA;AAAA,MACA,QAAQ,YAAY,QAAQ,uBAAuB;AAAA,IACrD,CAAC;AACD,WAAO,SAAS;AAAA,EAClB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,uBAAyC;AAC7D,MAAI,QAAQ,IAAI,cAAc;AAC5B,WAAO;AAAA,EACT;AAEA,QAAM,OAAO,cAAc;AAE3B,MAAI,KAAK,WAAW,kBAAkB;AACpC,WAAO,oBAAoB;AAAA,EAC7B;AAEA,MAAI,KAAK,WAAW,OAAO;AACzB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,aAAa;AACzB,QAAM,aAGD,CAAC;AACN,MAAI,KAAK,cAAc;AACrB,eAAW,KAAK,EAAE,OAAO,KAAK,cAAc,MAAM,gBAAgB,CAAC;AAAA,EACrE;AACA,MAAI,KAAK,OAAO;AACd,eAAW,KAAK,EAAE,OAAO,KAAK,OAAO,MAAM,eAAe,CAAC;AAAA,EAC7D;AAEA,MAAI,WAAW,WAAW,GAAG;AAC3B,WAAO;AAAA,EACT;AAEA,MAAI,aAAa;AACjB,aAAW,aAAa,YAAY;AAClC,UAAM,UAAU,MAAM;AAAA,MACpB,IAAI;AAAA,MACJ,IAAI;AAAA,MACJ,UAAU;AAAA,MACV,UAAU;AAAA,IACZ;AACA,QAAI,SAAS;AACX,mBAAa;AAAA,IACf;AAAA,EACF;AAEA,SAAO;AACT;AAKA,eAAe,sBAAwC;AACrD,QAAM,OAAO,cAAc;AAC3B,MAAI,CAAC,KAAK,WAAW,CAAC,KAAK,OAAO;AAChC,WAAO;AAAA,EACT;AAEA,QAAM,UAAU,cAAc;AAC9B,QAAM,MAAM,GAAG,OAAO,2BAA2B,mBAAmB,KAAK,OAAO,CAAC;AAEjF,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe,UAAU,KAAK,KAAK;AAAA,QACnC,cAAc;AAAA,MAChB;AAAA,MACA,QAAQ,YAAY,QAAQ,uBAAuB;AAAA,IACrD,CAAC;AACD,WAAO,SAAS;AAAA,EAClB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;;;AC7PO,SAAS,gBAAgB,OAA8B;AAE5D,QAAM,UAAU,OAAO,KAAK;AAC5B,MAAI,CAAC,OAAO,MAAM,OAAO,KAAK,WAAW,GAAG;AAC1C,WAAO,UAAU;AAAA,EACnB;AAGA,QAAM,OAAO,IAAI,KAAK,KAAK;AAC3B,MAAI,CAAC,OAAO,MAAM,KAAK,QAAQ,CAAC,GAAG;AACjC,UAAM,UAAU,KAAK,QAAQ,IAAI,KAAK,IAAI;AAC1C,WAAO,UAAU,IAAI,UAAU;AAAA,EACjC;AAEA,SAAO;AACT;AAKA,SAAS,eACP,SACA,WACA,UACQ;AACR,QAAM,cAAc,YAAY,KAAK;AACrC,QAAM,SAAS,KAAK,OAAO,IAAI,YAAY;AAC3C,SAAO,KAAK,IAAI,cAAc,QAAQ,QAAQ;AAChD;AAEA,SAAS,iBACP,OACA,mBACS;AAET,MAAI,iBAAiB,aAAa,MAAM,SAAS,iBAAiB;AAChE,WAAO;AAAA,EACT;AAGA,MAAI,iBAAiB,YAAY,kBAAkB,SAAS,MAAM,MAAM,GAAG;AACzE,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAEA,SAAS,uBAAuB,OAA+B;AAC7D,MAAI,iBAAiB,YAAY,MAAM,WAAW,KAAK;AAErD,QAAI,MAAM,YAAY;AACpB,aAAO,gBAAgB,MAAM,UAAU;AAAA,IACzC;AAAA,EACF;AACA,SAAO;AACT;AAQA,eAAsB,UACpB,IACA,UAAwB,CAAC,GACb;AACZ,QAAM;AAAA,IACJ,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,WAAW;AAAA,IACX,oBAAoB,CAAC,KAAK,KAAK,KAAK,GAAG;AAAA,IACvC;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,MAAI;AAEJ,WAAS,UAAU,GAAG,WAAW,YAAY,WAAW;AAEtD,QAAI,QAAQ,SAAS;AACnB,YAAM,aAAa,IAAI,UAAU,mBAAmB,CAAC,GAAG,aAAa;AAAA,IACvE;AAEA,QAAI;AACF,aAAO,MAAM,GAAG;AAAA,IAClB,SAAS,OAAO;AACd,kBAAY;AAGZ,UAAI,WAAW,YAAY;AACzB,cAAM;AAAA,MACR;AAGA,UAAI,CAAC,iBAAiB,OAAO,iBAAiB,GAAG;AAC/C,cAAM;AAAA,MACR;AAGA,UAAI,QAAQ,SAAS;AACnB,cAAM;AAAA,MACR;AAGA,UAAI;AACJ,YAAM,eAAe,uBAAuB,KAAK;AACjD,UAAI,iBAAiB,MAAM;AAEzB,kBAAU,KAAK,IAAI,cAAc,IAAO;AAAA,MAC1C,OAAO;AACL,kBAAU,eAAe,SAAS,WAAW,QAAQ;AAAA,MACvD;AAEA,YAAM,SAAS,iBAAiB,WAAW,MAAM,SAAS;AAC1D,gBAAU,UAAU,GAAG,SAAS,MAAM;AAGtC,YAAM,IAAI,QAAc,CAACC,UAAS,WAAW;AAC3C,cAAM,QAAQ,WAAWA,UAAS,OAAO;AACzC,YAAI,QAAQ;AACV,gBAAM,UAAU,MAAM;AACpB,yBAAa,KAAK;AAClB,mBAAO,SAAS;AAAA,UAClB;AACA,iBAAO,iBAAiB,SAAS,SAAS,EAAE,MAAM,KAAK,CAAC;AAExD,gBAAM,cAAcA;AACpB,qBAAW,MAAM;AACf,mBAAO,oBAAoB,SAAS,OAAO;AAC3C,wBAAY;AAAA,UACd,GAAG,OAAO;AAAA,QACZ;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAGA,QAAM;AACR;;;ACxJA,IAAM,oBAAoB;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,SAAS,qBAAqB,SAA0C;AACtE,QAAM,SAAiC,CAAC;AACxC,UAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC9B,WAAO,GAAG,IAAI,kBAAkB,SAAS,IAAI,YAAY,CAAC,IACtD,eACA;AAAA,EACN,CAAC;AACD,SAAO;AACT;AAkBO,IAAM,aAAN,MAAM,YAAW;AAAA,EACd;AAAA,EAER,cAAc;AACZ,UAAM,SAAS,gBAAgB;AAC/B,UAAM,MAAM,QAAQ,IAAI,gBAAgB,OAAO;AAC/C,SAAK,UAAU,IAAI,QAAQ,QAAQ,EAAE;AAAA,EACvC;AAAA,EAEA,MAAc,aAA8C;AAC1D,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,cAAc,WAAW,OAAO;AAAA,IAClC;AAEA,QAAI,CAAC,QAAQ,IAAI,cAAc;AAC7B,YAAM,sBAAsB;AAAA,IAC9B;AAEA,UAAM,QAAQ,aAAa;AAC3B,QAAI,OAAO;AAGT,cAAQ,gBAAgB,UAAU,KAAK;AAAA,IACzC;AAGA,QAAI,QAAQ,IAAI,mBAAmB,oBAAoB;AACrD,cAAQ,aAAa,IAAI;AAAA,IAC3B;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQQ,aACN,MACA,WACwB;AACxB,UAAM,SAAiC,EAAE,GAAG,KAAK;AACjD,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,SAAS,GAAG;AACpD,UAAI,UAAU,MAAM;AAClB,eAAO,OAAO,GAAG;AAAA,MACnB,OAAO;AACL,eAAO,GAAG,IAAI;AAAA,MAChB;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,eACZ,KACA,SACA,sBAAsB,MACH;AAInB,UAAM,iBACH,QAAQ,WAA6C,CAAC;AACzD,UAAM,UAAU,MAAM,KAAK,WAAW;AAEtC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAChC,GAAG;AAAA,QACH,SAAS,KAAK,aAAa,SAAS,cAAc;AAAA,MACpD,CAAC;AAED,UACE,SAAS,WAAW,OACpB,uBACA,CAAC,QAAQ,IAAI,cACb;AACA,cAAM,OAAO,cAAc;AAC3B,cAAM,aAAa,KAAK,WAAW,SAAS,QAAQ,KAAK,YAAY;AACrE,YAAI,cAAe,MAAM,sBAAsB,EAAE,OAAO,KAAK,CAAC,GAAI;AAChE,gBAAM,eAAe,MAAM,KAAK,WAAW;AAC3C,iBAAO,MAAM,MAAM,KAAK;AAAA,YACtB,GAAG;AAAA,YACH,SAAS,KAAK,aAAa,cAAc,cAAc;AAAA,UACzD,CAAC;AAAA,QACH;AAAA,MACF;AAEA,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,YAAM,IAAI;AAAA,QACR,kBAAkB,eAAe,QAAQ,IAAI,UAAU,mBAAmB;AAAA,QAC1E,EAAE,IAAI;AAAA,QACN;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,OAAwB,oBAAoB,CAAC,OAAO,QAAQ,QAAQ;AAAA;AAAA;AAAA;AAAA,EAKpE,MAAc,SACZ,MACA,UAAwB,CAAC,GACA;AACzB,UAAM,EAAE,OAAO,MAAM,GAAG,aAAa,IAAI;AACzC,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI;AAClC,UAAM,UAAU,aAAa,UAAU,OAAO,YAAY;AAC1D,UAAM,YAAY,KAAK,IAAI;AAE3B,QAAI,UAAU,GAAG;AACf,aAAO,IAAI,UAAK,MAAM,IAAI,GAAG,EAAE;AAAA,IACjC;AAEA,UAAM,WAAW,MAAM,KAAK,eAAe,KAAK,YAAY;AAE5D,QAAI,UAAU,GAAG;AACf,aAAO;AAAA,QACL,UAAK,SAAS,MAAM,IAAI,SAAS,UAAU,KAAK,KAAK,IAAI,IAAI,SAAS;AAAA,MACxE;AAAA,IACF;AAEA,QAAI,QAAQ,GAAG;AACb,aAAO;AAAA,QACL,uBAAuB,KAAK,UAAU,qBAAqB,SAAS,OAAO,CAAC,CAAC;AAAA,MAC/E;AAAA,IACF;AAEA,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,YAAM,aAAa,SAAS,QAAQ,IAAI,aAAa,KAAK;AAE1D,YAAM,IAAI;AAAA,QACR,uBAAuB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,QAC7D,SAAS;AAAA,QACT;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,UAAM,OAAO,OACP,MAAM,SAAS,KAAK,IACpB,MAAM,SAAS,KAAK;AAE1B,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,QAAQ,SAAS;AAAA,MACjB;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,MACJ,MACA,UAAwB,CAAC,GACA;AACzB,UAAM,UAAU,QAAQ,UAAU,OAAO,YAAY;AACrD,UAAM,cAAc,YAAW,kBAAkB,SAAS,MAAM;AAEhE,QAAI,CAAC,aAAa;AAChB,aAAO,KAAK,SAAY,MAAM,OAAO;AAAA,IACvC;AAEA,WAAO,UAAU,MAAM,KAAK,SAAY,MAAM,OAAO,GAAG;AAAA,MACtD,QAAQ,QAAQ,UAAU;AAAA,MAC1B,SAAS,CAAC,SAAS,SAAS,WAAW;AACrC,cAAM,aAAa,SAAS,KAAK,MAAM,MAAM;AAC7C,gBAAQ;AAAA,UACN,mBAAmB,MAAM,IAAI,IAAI,GAAG,UAAU,aAAa,OAAO,SAAS,UAAU,KAAM,QAAQ,CAAC,CAAC;AAAA,QACvG;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,SAAS,MAAc,UAAuB,CAAC,GAAsB;AACzE,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI;AAElC,UAAM,WAAW,MAAM,KAAK,eAAe,KAAK,OAAO;AAEvD,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,YAAY,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,eAAe;AACnE,YAAM,IAAI;AAAA,QACR,uBAAuB,SAAS,MAAM,IAAI,SAAS,UAAU;AAAA,QAC7D,SAAS;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,IAAiB,MAAuC;AAC5D,WAAO,KAAK,MAAS,MAAM,EAAE,QAAQ,MAAM,CAAC;AAAA,EAC9C;AAAA,EAEA,MAAM,KACJ,MACA,MACyB;AACzB,WAAO,KAAK,MAAS,MAAM;AAAA,MACzB,QAAQ;AAAA,MACR,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,IACtC,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aACJ,MACA,UACyB;AACzB,WAAO,KAAK,SAAY,MAAM;AAAA,MAC5B,QAAQ;AAAA,MACR,MAAM;AAAA;AAAA,MAEN,SAAS,EAAE,gBAAgB,KAAK;AAAA,IAClC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,IACJ,MACA,MACyB;AACzB,WAAO,KAAK,MAAS,MAAM;AAAA,MACzB,QAAQ;AAAA,MACR,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,IACtC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,OAAoB,MAAuC;AAC/D,WAAO,KAAK,MAAS,MAAM,EAAE,QAAQ,SAAS,CAAC;AAAA,EACjD;AACF;AAEO,SAAS,eAA2B;AACzC,SAAO,IAAI,WAAW;AACxB;","names":["resolve","resolve"]}

/package/dist/{install-AGHG4XKQ.js.map → install-RTV2VWCC.js.map} RENAMED Viewed

File without changes

/package/dist/{server-GQMH2YN4.js.map → server-Y2CXHDCK.js.map} RENAMED Viewed

File without changes