sapper-ai 0.6.2 → 0.8.0

package/dist/cli.d.ts

@@ -1,3 +1,6 @@
 #!/usr/bin/env node
 export declare function runCli(argv?: string[]): Promise<number>;
+type GuardModuleLoader = (modulePath: string) => Promise<Record<string, unknown>>;
+export declare function __setGuardModuleLoaderForTests(loader: GuardModuleLoader | null): void;
+export {};
 //# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAiBA,wBAAsB,MAAM,CAAC,IAAI,GAAE,MAAM,EAA0B,GAAG,OAAO,CAAC,MAAM,CAAC,CAmFpF"}
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAoBA,wBAAsB,MAAM,CAAC,IAAI,GAAE,MAAM,EAA0B,GAAG,OAAO,CAAC,MAAM,CAAC,CA+HpF;AA4WD,KAAK,iBAAiB,GAAG,CAAC,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAA;AASjF,wBAAgB,8BAA8B,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,GAAG,IAAI,CAErF"}

package/dist/cli.js

@@ -38,6 +38,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.runCli = runCli;
+exports.__setGuardModuleLoaderForTests = __setGuardModuleLoaderForTests;
 const node_fs_1 = require("node:fs");
 const node_os_1 = require("node:os");
 const node_path_1 = require("node:path");
@@ -49,7 +50,10 @@ const harden_1 = require("./harden");
 const quarantine_1 = require("./quarantine");
 const wrapConfig_1 = require("./mcp/wrapConfig");
 const scan_1 = require("./scan");
+const detect_1 = require("./openclaw/detect");
+const scanner_1 = require("./openclaw/scanner");
 const env_1 = require("./utils/env");
+const setup_1 = require("./guard/setup");
 async function runCli(argv = process.argv.slice(2)) {
     if (argv[0] === '--help' || argv[0] === '-h') {
         printUsage();
@@ -83,6 +87,41 @@ async function runCli(argv = process.argv.slice(2)) {
         }
         return scanExitCode;
     }
+    if (argv[0] === 'openclaw') {
+        if (argv[1] === '--help' || argv[1] === '-h') {
+            printUsage();
+            return 0;
+        }
+        if (argv.length > 1) {
+            printUsage();
+            return 1;
+        }
+        return runOpenClawWizard();
+    }
+    if (argv[0] === 'setup') {
+        if (argv[1] === '--help' || argv[1] === '-h') {
+            printUsage();
+            return 0;
+        }
+        const parsed = parseSetupArgs(argv.slice(1));
+        if (!parsed) {
+            printUsage();
+            return 1;
+        }
+        return runSetupCommand(parsed);
+    }
+    if (argv[0] === 'guard') {
+        if (argv[1] === '--help' || argv[1] === '-h') {
+            printUsage();
+            return 0;
+        }
+        const parsed = parseGuardArgs(argv.slice(1));
+        if (!parsed) {
+            printUsage();
+            return 1;
+        }
+        return runGuardCommand(parsed);
+    }
     if (argv[0] === 'harden') {
         const parsed = parseHardenArgs(argv.slice(1));
         if (!parsed) {
@@ -135,9 +174,19 @@ Usage:
   sapper-ai scan --harden     After scan, offer to apply recommended hardening
   sapper-ai scan --no-open    Skip opening report in browser
   sapper-ai scan --no-save    Skip saving scan results to ~/.sapperai/scans/
+  sapper-ai openclaw          OpenClaw skill security scanner
   sapper-ai harden            Plan recommended setup changes (no writes)
   sapper-ai harden --apply    Apply recommended project changes
   sapper-ai harden --include-system   Include system changes (home directory)
+  sapper-ai setup             Register Claude Code hooks for Skill Guard
+  sapper-ai setup --remove    Remove only sapper-ai Skill Guard hooks
+  sapper-ai setup --status    Show current Skill Guard hook registration status
+  sapper-ai guard scan        Run SessionStart guard scan hook
+  sapper-ai guard check       Run UserPromptSubmit guard check hook
+  sapper-ai guard dismiss <name>   Dismiss warning by skill name
+  sapper-ai guard rescan      Clear guard cache, then scan again
+  sapper-ai guard cache list  Show guard cache entries
+  sapper-ai guard cache clear Clear guard cache entries
   sapper-ai mcp wrap-config   Wrap MCP servers to run behind sapperai-proxy (defaults to Claude Code config)
   sapper-ai mcp unwrap-config Undo MCP wrapping
   sapper-ai quarantine list   List quarantined files
@@ -281,6 +330,239 @@ function parseHardenArgs(argv) {
         mcpVersion,
     };
 }
+function parseSetupArgs(argv) {
+    if (argv.length === 0) {
+        return { command: 'setup_register' };
+    }
+    if (argv.length > 1) {
+        return null;
+    }
+    if (argv[0] === '--remove') {
+        return { command: 'setup_remove' };
+    }
+    if (argv[0] === '--status') {
+        return { command: 'setup_status' };
+    }
+    return null;
+}
+function printSetupStatus() {
+    const status = (0, setup_1.getStatus)();
+    console.log('Skill Guard setup status:');
+    console.log(`  Claude directory: ${displayPath(status.claudeDirPath)} ${status.claudeDirExists ? '(found)' : '(missing)'}`);
+    console.log(`  Settings file: ${displayPath(status.settingsPath)} ${status.settingsExists ? '(found)' : '(missing)'}`);
+    for (const commandStatus of status.commands) {
+        const state = commandStatus.registered ? 'registered' : 'not registered';
+        console.log(`  ${commandStatus.event}: ${state} (${commandStatus.matchCount})`);
+    }
+}
+async function runSetupCommand(args) {
+    if (args.command === 'setup_status') {
+        printSetupStatus();
+        return 0;
+    }
+    if (args.command === 'setup_register') {
+        const result = (0, setup_1.registerHooks)();
+        if (!result.ok) {
+            console.error(`Claude directory not found: ${displayPath(result.status.claudeDirPath)}`);
+            return 1;
+        }
+        if (result.action === 'already_registered') {
+            console.log('Skill Guard hooks are already registered.');
+            return 0;
+        }
+        console.log(`Registered Skill Guard hooks in ${displayPath(result.status.settingsPath)}.`);
+        return 0;
+    }
+    const result = (0, setup_1.removeHooks)();
+    if (!result.ok) {
+        console.error(`Claude directory not found: ${displayPath(result.status.claudeDirPath)}`);
+        return 1;
+    }
+    if (result.removedCount === 0) {
+        console.log('No sapper-ai Skill Guard hooks were registered.');
+        return 0;
+    }
+    console.log(`Removed ${result.removedCount} sapper-ai Skill Guard hook(s).`);
+    return 0;
+}
+function parseGuardArgs(argv) {
+    const subcommand = argv[0];
+    if (!subcommand) {
+        return null;
+    }
+    if (subcommand === 'scan') {
+        return argv.length === 1 ? { command: 'guard_scan' } : null;
+    }
+    if (subcommand === 'check') {
+        return argv.length === 1 ? { command: 'guard_check' } : null;
+    }
+    if (subcommand === 'dismiss') {
+        if (argv.length !== 2)
+            return null;
+        const name = argv[1]?.trim();
+        if (!name)
+            return null;
+        return { command: 'guard_dismiss', name };
+    }
+    if (subcommand === 'rescan') {
+        return argv.length === 1 ? { command: 'guard_rescan' } : null;
+    }
+    if (subcommand === 'cache') {
+        if (argv.length !== 2)
+            return null;
+        if (argv[1] === 'list')
+            return { command: 'guard_cache_list' };
+        if (argv[1] === 'clear')
+            return { command: 'guard_cache_clear' };
+        return null;
+    }
+    return null;
+}
+function resolveNamedExport(moduleExports, names, label) {
+    for (const name of names) {
+        const candidate = moduleExports[name];
+        if (typeof candidate === 'function') {
+            return candidate;
+        }
+    }
+    throw new Error(`Missing export for ${label}`);
+}
+const defaultGuardModuleLoader = async (modulePath) => {
+    const fullModulePath = `./guard/${modulePath}`;
+    return (await Promise.resolve(`${fullModulePath}`).then(s => __importStar(require(s))));
+};
+let guardModuleLoader = defaultGuardModuleLoader;
+function __setGuardModuleLoaderForTests(loader) {
+    guardModuleLoader = loader ?? defaultGuardModuleLoader;
+}
+async function loadGuardModule(modulePath) {
+    if (modulePath.includes('..')) {
+        throw new Error(`Invalid guard module path: ${modulePath}`);
+    }
+    return guardModuleLoader(modulePath);
+}
+function toExitCode(value) {
+    if (typeof value === 'number' && Number.isInteger(value)) {
+        return value;
+    }
+    if (isObject(value) && typeof value.exitCode === 'number' && Number.isInteger(value.exitCode)) {
+        return value.exitCode;
+    }
+    return 0;
+}
+function isObject(value) {
+    return typeof value === 'object' && value !== null && !Array.isArray(value);
+}
+async function runGuardScanHook() {
+    const moduleExports = await loadGuardModule('hooks/guardScan');
+    const hook = resolveNamedExport(moduleExports, ['guardScan', 'runGuardScan', 'default'], 'guard scan hook');
+    const result = await hook();
+    return toExitCode(result);
+}
+async function runGuardCheckHook() {
+    const moduleExports = await loadGuardModule('hooks/guardCheck');
+    const hook = resolveNamedExport(moduleExports, ['guardCheck', 'runGuardCheck', 'default'], 'guard check hook');
+    const result = await hook();
+    return toExitCode(result);
+}
+async function createGuardClassInstance(modulePath, classNames) {
+    const moduleExports = await loadGuardModule(modulePath);
+    const Constructor = resolveNamedExport(moduleExports, classNames, modulePath);
+    const GuardConstructor = Constructor;
+    return new GuardConstructor();
+}
+async function clearGuardCache() {
+    const scanCache = await createGuardClassInstance('ScanCache', ['ScanCache', 'default']);
+    const clearMethod = scanCache.clear;
+    if (typeof clearMethod !== 'function') {
+        throw new Error('ScanCache.clear() is not available');
+    }
+    await clearMethod.call(scanCache);
+}
+async function listGuardCacheEntries() {
+    const scanCache = await createGuardClassInstance('ScanCache', ['ScanCache', 'default']);
+    const listMethod = scanCache.list;
+    if (typeof listMethod !== 'function') {
+        throw new Error('ScanCache.list() is not available');
+    }
+    const listResult = await listMethod.call(scanCache);
+    return Array.isArray(listResult) ? listResult : [];
+}
+async function dismissGuardWarning(name) {
+    const warningStore = await createGuardClassInstance('WarningStore', ['WarningStore', 'default']);
+    const dismissMethod = warningStore.dismiss;
+    if (typeof dismissMethod !== 'function') {
+        throw new Error('WarningStore.dismiss() is not available');
+    }
+    return dismissMethod.call(warningStore, name);
+}
+function printGuardCacheList(entries) {
+    if (entries.length === 0) {
+        console.log('Guard cache is empty.');
+        return;
+    }
+    console.log('Guard cache entries:');
+    for (const entry of entries) {
+        if (!isObject(entry)) {
+            console.log(`  - ${String(entry)}`);
+            continue;
+        }
+        const nestedEntry = isObject(entry.entry) ? entry.entry : undefined;
+        const pathValue = typeof entry.path === 'string'
+            ? entry.path
+            : nestedEntry && typeof nestedEntry.path === 'string'
+                ? nestedEntry.path
+                : undefined;
+        const skillName = typeof entry.skillName === 'string'
+            ? entry.skillName
+            : nestedEntry && typeof nestedEntry.skillName === 'string'
+                ? nestedEntry.skillName
+                : undefined;
+        const path = typeof pathValue === 'string' ? displayPath(pathValue) : undefined;
+        const hash = typeof entry.contentHash === 'string' ? entry.contentHash.slice(0, 12) : undefined;
+        const display = [skillName, path, hash].filter(Boolean).join(' | ');
+        if (display.length > 0) {
+            console.log(`  - ${display}`);
+            continue;
+        }
+        console.log(`  - ${JSON.stringify(entry)}`);
+    }
+}
+function toErrorMessage(error) {
+    return error instanceof Error ? error.message : String(error);
+}
+async function runGuardCommand(args) {
+    try {
+        if (args.command === 'guard_scan') {
+            return runGuardScanHook();
+        }
+        if (args.command === 'guard_check') {
+            return runGuardCheckHook();
+        }
+        if (args.command === 'guard_dismiss') {
+            await dismissGuardWarning(args.name);
+            console.log(`Dismissed warning for "${args.name}".`);
+            return 0;
+        }
+        if (args.command === 'guard_rescan') {
+            await clearGuardCache();
+            console.log('Guard cache cleared.');
+            return runGuardScanHook();
+        }
+        if (args.command === 'guard_cache_list') {
+            const entries = await listGuardCacheEntries();
+            printGuardCacheList(entries);
+            return 0;
+        }
+        await clearGuardCache();
+        console.log('Guard cache cleared.');
+        return 0;
+    }
+    catch (error) {
+        console.error(`Guard command failed: ${toErrorMessage(error)}`);
+        return 1;
+    }
+}
 function parseMcpArgs(argv) {
     const subcommand = argv[0];
     const rest = argv.slice(1);
@@ -440,6 +722,140 @@ function displayPath(path) {
         return '~';
     return path.startsWith(home + '/') ? `~/${path.slice(home.length + 1)}` : path;
 }
+function defaultOpenClawAction(dockerAvailable) {
+    return dockerAvailable ? 'scan_static_dynamic' : 'scan_static_only';
+}
+function isOpenClawPromptEnabled() {
+    return process.stdout.isTTY === true && process.stdin.isTTY === true && (0, env_1.isCiEnv)(process.env) !== true;
+}
+async function promptOpenClawAction(dockerAvailable) {
+    if (!isOpenClawPromptEnabled()) {
+        return defaultOpenClawAction(dockerAvailable);
+    }
+    const choices = [];
+    if (dockerAvailable) {
+        choices.push({
+            name: 'Scan all skills (static + dynamic analysis)',
+            value: 'scan_static_dynamic',
+        });
+    }
+    choices.push({
+        name: 'Scan all skills (static only)',
+        value: 'scan_static_only',
+    });
+    choices.push({
+        name: 'Harden configuration',
+        value: 'harden',
+    });
+    return (0, select_1.default)({
+        message: 'What would you like to do?',
+        choices,
+        default: defaultOpenClawAction(dockerAvailable),
+    });
+}
+function createOpenClawProgressHandler() {
+    if (process.stdout.isTTY !== true) {
+        return () => { };
+    }
+    let previousPhase = null;
+    return (event) => {
+        const label = event.phase === 'static' ? '  Phase 1 - Static analysis' : '  Phase 2 - Dynamic analysis';
+        if (previousPhase !== null && previousPhase !== event.phase) {
+            process.stdout.write('\n');
+        }
+        previousPhase = event.phase;
+        process.stdout.write(`\r${label}: ${event.completed}/${event.total}`);
+        if (event.completed >= event.total) {
+            process.stdout.write('\n');
+        }
+    };
+}
+async function runOpenClawWizard() {
+    console.log('\n  Detecting your environment...\n');
+    const environment = await (0, detect_1.detectOpenClawEnvironment)({ cwd: process.cwd() });
+    console.log('  Found:');
+    if (environment.installed) {
+        const versionSuffix = environment.version ? ` (v${environment.version})` : '';
+        console.log(`    OpenClaw Gateway${versionSuffix}`);
+    }
+    else {
+        console.log('    OpenClaw Gateway: not detected');
+    }
+    if (environment.skillsPaths.length === 0) {
+        console.log('    Skills directory: not detected');
+    }
+    else {
+        console.log(`    Skills directories: ${environment.skillsPaths.length}`);
+        for (const skillPath of environment.skillsPaths) {
+            console.log(`      - ${displayPath(skillPath)}`);
+        }
+    }
+    console.log(`    Skills discovered: ${environment.skillCount}`);
+    if (environment.dockerAvailable) {
+        const composeStatus = environment.dockerComposeAvailable ? 'yes' : 'no';
+        console.log(`    Docker: available (compose: ${composeStatus})`);
+    }
+    else {
+        console.log('    Docker: not available');
+    }
+    console.log();
+    if (!environment.installed && environment.skillsPaths.length === 0) {
+        console.log('  OpenClaw not detected. Add skills under ~/.openclaw/skills or ./skills and rerun.\n');
+        return 1;
+    }
+    const action = await promptOpenClawAction(environment.dockerAvailable);
+    if (action === 'harden') {
+        return (0, harden_1.runHarden)({
+            apply: true,
+            includeSystem: true,
+        });
+    }
+    if (environment.skillCount === 0) {
+        console.log('  No skill markdown files found in detected paths.\n');
+        return 0;
+    }
+    const dynamicRequested = action === 'scan_static_dynamic' && environment.dockerAvailable;
+    const policy = (0, scanner_1.resolveOpenClawPolicy)({ cwd: process.cwd() });
+    const scanResult = await (0, scanner_1.scanSkills)(environment.skillsPaths, policy, {
+        dynamicAnalysis: dynamicRequested,
+        quarantineOnRisk: true,
+        quarantineDir: process.env.SAPPERAI_QUARANTINE_DIR ?? (0, node_path_1.join)((0, node_os_1.homedir)(), '.openclaw', 'quarantine'),
+        onProgress: createOpenClawProgressHandler(),
+    });
+    const safeCount = scanResult.results.filter((entry) => entry.decision === 'safe').length;
+    const suspiciousCount = scanResult.results.filter((entry) => entry.decision === 'suspicious').length;
+    const quarantinedCount = scanResult.results.filter((entry) => entry.decision === 'quarantined').length;
+    console.log('\n  Results:');
+    console.log(`    ${safeCount} skills safe`);
+    console.log(`    ${suspiciousCount} skills suspicious`);
+    console.log(`    ${quarantinedCount} skills quarantined`);
+    if (dynamicRequested && scanResult.dynamicStatus === 'skipped_unconfigured') {
+        console.log('\n  Dynamic analysis requested but no dynamic analyzer is configured yet.');
+        console.log('  Static analysis results are shown.\n');
+    }
+    if (dynamicRequested && scanResult.dynamicStatus === 'skipped_unavailable') {
+        console.log('\n  Dynamic analysis requested but the dynamic analyzer is unavailable in this environment.');
+        console.log('  Static analysis results are shown.\n');
+    }
+    if (quarantinedCount > 0) {
+        console.log('\n  Quarantined skills:');
+        const quarantined = scanResult.results.filter((entry) => entry.decision === 'quarantined');
+        for (const entry of quarantined) {
+            const reasons = entry.dynamicResult?.findings?.length
+                ? entry.dynamicResult.findings.map((finding) => `${finding.honeytoken.envVar} -> ${finding.destination}`)
+                : entry.staticResult?.reasons ?? [];
+            const reasonText = reasons.length > 0 ? reasons[0] : 'High-risk behavior detected';
+            console.log(`    - ${entry.skillName} (${displayPath(entry.skillPath)}): ${reasonText}`);
+        }
+    }
+    if (suspiciousCount > 0) {
+        console.log('\n  Suspicious skills require manual review.\n');
+    }
+    else {
+        console.log('\n  Scan complete.\n');
+    }
+    return quarantinedCount > 0 || suspiciousCount > 0 ? 1 : 0;
+}
 async function promptScanScope(cwd) {
     const answer = await (0, select_1.default)({
         message: 'Scan scope:',

package/dist/guard/ScanCache.d.ts

@@ -0,0 +1,42 @@
+import type { ScanCacheEntry, ScanCacheVerificationResult } from './types';
+export interface ScanCacheOptions {
+    filePath?: string;
+    homeDir?: string;
+    keyPath?: string;
+    hostName?: string;
+    userId?: string;
+    readFileFn?: (filePath: string, encoding: BufferEncoding) => Promise<string>;
+    writeFileFn?: (filePath: string, content: string) => Promise<void>;
+    readBufferFileFn?: (filePath: string) => Promise<Buffer>;
+    writeBufferFileFn?: (filePath: string, content: Buffer) => Promise<void>;
+    randomBytesFn?: (size: number) => Buffer;
+}
+export declare class ScanCache {
+    private readonly cachePath;
+    private readonly hmacKeyPath;
+    private readonly readFileFn;
+    private readonly writeFileFn;
+    private readonly readBufferFileFn;
+    private readonly writeBufferFileFn;
+    private readonly randomBytesFn;
+    private state;
+    private hmacKey;
+    constructor(options?: ScanCacheOptions);
+    has(contentHash: string): Promise<boolean>;
+    get(contentHash: string): Promise<ScanCacheEntry | null>;
+    set(contentHash: string, entry: ScanCacheEntry): Promise<void>;
+    list(): Promise<Array<{
+        contentHash: string;
+        entry: ScanCacheEntry;
+    }>>;
+    clear(): Promise<void>;
+    verify(): Promise<ScanCacheVerificationResult>;
+    private loadState;
+    private normalizeState;
+    private createEmptyState;
+    private persist;
+    private computeHmac;
+    private getOrCreateHmacKey;
+    private readExistingHmacKey;
+}
+//# sourceMappingURL=ScanCache.d.ts.map

package/dist/guard/ScanCache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ScanCache.d.ts","sourceRoot":"","sources":["../../src/guard/ScanCache.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,cAAc,EAAE,2BAA2B,EAAE,MAAM,SAAS,CAAA;AAiB1E,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAEhB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,cAAc,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IAC5E,WAAW,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAClE,gBAAgB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IACxD,iBAAiB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACxE,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAA;CACzC;AA8GD,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAQ;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAQ;IACpC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAiE;IAC5F,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAsD;IAClF,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAuC;IACxE,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAsD;IACxF,OAAO,CAAC,QAAQ,CAAC,aAAa,CAA0B;IAExD,OAAO,CAAC,KAAK,CAAiC;IAC9C,OAAO,CAAC,OAAO,CAAsB;gBAEzB,OAAO,GAAE,gBAAqB;IAoBpC,GAAG,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK1C,GAAG,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAaxD,GAAG,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAa9D,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,cAAc,CAAA;KAAE,CAAC,CAAC;IAatE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAMtB,MAAM,IAAI,OAAO,CAAC,2BAA2B,CAAC;YActC,SAAS;IAkBvB,OAAO,CAAC,cAAc;YA0BR,gBAAgB;YAShB,OAAO;YAmBP,WAAW;YAMX,kBAAkB;YAiBlB,mBAAmB;CAWlC"}