sigild 0.0.1 → 0.0.2

package/dist/src/daemon/runtime.d.ts

@@ -1,40 +0,0 @@
-import { type DaemonServerHandle, type LogEvent } from './server.js';
-export interface DaemonRuntimeOpts {
-    /** Sigil home directory. Defaults to $SIGIL_HOME or ~/.sigil. */
-    sigilHome: string;
-    /** Returns the unlock passphrase. Called once at startup; the runtime zeroes it after use. */
-    passphrase: () => Promise<Buffer> | Buffer;
-    /** Optional log sink for daemon and server events. */
-    onLog?: (event: LogEvent | RuntimeEvent) => void;
-}
-export type RuntimeEvent = {
-    kind: 'runtime_starting';
-    sigilHome: string;
-} | {
-    kind: 'runtime_ready';
-    portals: number;
-    socketPath: string;
-} | {
-    kind: 'runtime_shutdown_begin';
-} | {
-    kind: 'runtime_shutdown_complete';
-};
-export interface DaemonRuntimeHandle {
-    readonly socketPath: string;
-    readonly auditPath: string;
-    readonly portals: number;
-    readonly server: DaemonServerHandle;
-    shutdown: () => Promise<void>;
-}
-/**
- * Bring up the daemon: ensure directories exist, prompt for the passphrase,
- * load every keyfile from <sigilHome>/keys, open the audit log, and start
- * the Unix-socket server. The returned handle exposes a single `shutdown`
- * function that closes the server, closes the audit writer, and zeroes
- * every key in memory.
- *
- * The runtime is testable end-to-end by passing a `passphrase` callback that
- * returns a known buffer and pointing `sigilHome` at a tmpdir.
- */
-export declare function runDaemon(opts: DaemonRuntimeOpts): Promise<DaemonRuntimeHandle>;
-//# sourceMappingURL=runtime.d.ts.map

package/dist/src/daemon/runtime.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"runtime.d.ts","sourceRoot":"","sources":["../../../src/daemon/runtime.ts"],"names":[],"mappings":"AAIA,OAAO,EAAqB,KAAK,kBAAkB,EAAE,KAAK,QAAQ,EAAE,MAAM,aAAa,CAAC;AAExF,MAAM,WAAW,iBAAiB;IAChC,iEAAiE;IACjE,SAAS,EAAE,MAAM,CAAC;IAClB,8FAA8F;IAC9F,UAAU,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;IAC3C,sDAAsD;IACtD,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,GAAG,YAAY,KAAK,IAAI,CAAC;CAClD;AAED,MAAM,MAAM,YAAY,GACpB;IAAE,IAAI,EAAE,kBAAkB,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,GAC/C;IAAE,IAAI,EAAE,eAAe,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC9D;IAAE,IAAI,EAAE,wBAAwB,CAAA;CAAE,GAClC;IAAE,IAAI,EAAE,2BAA2B,CAAA;CAAE,CAAC;AAE1C,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC;IACpC,QAAQ,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/B;AAED;;;;;;;;;GASG;AACH,wBAAsB,SAAS,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAiDrF"}

package/dist/src/daemon/runtime.js

@@ -1,61 +0,0 @@
-import { mkdirSync } from 'node:fs';
-import { join } from 'node:path';
-import { AuditWriter } from '../audit/index.js';
-import { HandleTable } from './handles.js';
-import { startDaemonServer } from './server.js';
-/**
- * Bring up the daemon: ensure directories exist, prompt for the passphrase,
- * load every keyfile from <sigilHome>/keys, open the audit log, and start
- * the Unix-socket server. The returned handle exposes a single `shutdown`
- * function that closes the server, closes the audit writer, and zeroes
- * every key in memory.
- *
- * The runtime is testable end-to-end by passing a `passphrase` callback that
- * returns a known buffer and pointing `sigilHome` at a tmpdir.
- */
-export async function runDaemon(opts) {
-    const log = (e) => opts.onLog?.(e);
-    const sigilHome = opts.sigilHome;
-    const keysDir = join(sigilHome, 'keys');
-    const auditPath = join(sigilHome, 'audit.log');
-    const socketPath = join(sigilHome, 'sock');
-    log({ kind: 'runtime_starting', sigilHome });
-    mkdirSync(sigilHome, { recursive: true, mode: 0o700 });
-    mkdirSync(keysDir, { recursive: true, mode: 0o700 });
-    const passphrase = await opts.passphrase();
-    const handles = new HandleTable();
-    try {
-        handles.loadFromDir(keysDir, passphrase);
-    }
-    finally {
-        passphrase.fill(0);
-    }
-    const audit = new AuditWriter(auditPath);
-    const server = await startDaemonServer({
-        socketPath,
-        context: { handles, audit },
-        ...(opts.onLog ? { onLog: (e) => opts.onLog(e) } : {}),
-    });
-    log({ kind: 'runtime_ready', portals: handles.list().length, socketPath });
-    let shutdownPromise = null;
-    const shutdown = () => {
-        if (shutdownPromise)
-            return shutdownPromise;
-        log({ kind: 'runtime_shutdown_begin' });
-        shutdownPromise = (async () => {
-            await server.close();
-            audit.close();
-            handles.dispose();
-            log({ kind: 'runtime_shutdown_complete' });
-        })();
-        return shutdownPromise;
-    };
-    return {
-        socketPath,
-        auditPath,
-        portals: handles.list().length,
-        server,
-        shutdown,
-    };
-}
-//# sourceMappingURL=runtime.js.map

package/dist/src/daemon/runtime.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../../../src/daemon/runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAA0C,MAAM,aAAa,CAAC;AAyBxF;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,IAAuB;IACrD,MAAM,GAAG,GAAG,CAAC,CAA0B,EAAQ,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IACjC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAE3C,GAAG,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,SAAS,EAAE,CAAC,CAAC;IAE7C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAErD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3C,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,IAAI,CAAC;QACH,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC3C,CAAC;YAAS,CAAC;QACT,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC;QACrC,UAAU;QACV,OAAO,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;QAC3B,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAW,EAAE,EAAE,CAAC,IAAI,CAAC,KAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAClE,CAAC,CAAC;IAEH,GAAG,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;IAE3E,IAAI,eAAe,GAAyB,IAAI,CAAC;IACjD,MAAM,QAAQ,GAAG,GAAkB,EAAE;QACnC,IAAI,eAAe;YAAE,OAAO,eAAe,CAAC;QAC5C,GAAG,CAAC,EAAE,IAAI,EAAE,wBAAwB,EAAE,CAAC,CAAC;QACxC,eAAe,GAAG,CAAC,KAAK,IAAI,EAAE;YAC5B,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;YACrB,KAAK,CAAC,KAAK,EAAE,CAAC;YACd,OAAO,CAAC,OAAO,EAAE,CAAC;YAClB,GAAG,CAAC,EAAE,IAAI,EAAE,2BAA2B,EAAE,CAAC,CAAC;QAC7C,CAAC,CAAC,EAAE,CAAC;QACL,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC;IAEF,OAAO;QACL,UAAU;QACV,SAAS;QACT,OAAO,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM;QAC9B,MAAM;QACN,QAAQ;KACT,CAAC;AACJ,CAAC"}

package/dist/src/daemon/server.d.ts

@@ -1,53 +0,0 @@
-import { type Server, type Socket } from 'node:net';
-import { type MethodContext } from './methods.js';
-import { type RpcId } from './rpc.js';
-export interface DaemonServerOpts {
-    socketPath: string;
-    context: MethodContext;
-    /**
-     * Called for every connection that opens, with the peer socket. Useful for
-     * tests; in production we don't need it.
-     */
-    onConnection?: (socket: Socket) => void;
-    /**
-     * Called when the server logs an event. Receives a structured payload.
-     * Keep this lightweight; production wiring will swap in something real.
-     */
-    onLog?: (event: LogEvent) => void;
-}
-export type LogEvent = {
-    kind: 'listening';
-    path: string;
-} | {
-    kind: 'connection_open';
-} | {
-    kind: 'connection_close';
-} | {
-    kind: 'connection_error';
-    error: string;
-} | {
-    kind: 'request';
-    method: string;
-    id: RpcId;
-} | {
-    kind: 'response';
-    id: RpcId;
-    ok: boolean;
-} | {
-    kind: 'closed';
-};
-export interface DaemonServerHandle {
-    readonly server: Server;
-    close: () => Promise<void>;
-}
-/**
- * Start a Unix-socket JSON-RPC server. The socket file is created at
- * `socketPath` with mode 0o600 (owner read/write only). If a stale socket
- * file exists at that path we remove it first.
- *
- * Each connection is line-delimited JSON: one request per line, one response
- * per line. Pipelining is supported (multiple requests per connection); they
- * are processed in order.
- */
-export declare function startDaemonServer(opts: DaemonServerOpts): Promise<DaemonServerHandle>;
-//# sourceMappingURL=server.d.ts.map

package/dist/src/daemon/server.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../src/daemon/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,KAAK,MAAM,EAAE,KAAK,MAAM,EAAE,MAAM,UAAU,CAAC;AAElE,OAAO,EAA4B,KAAK,aAAa,EAAE,MAAM,cAAc,CAAC;AAC5E,OAAO,EAOL,KAAK,KAAK,EACX,MAAM,UAAU,CAAC;AAElB,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,aAAa,CAAC;IACvB;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IACxC;;;OAGG;IACH,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,KAAK,IAAI,CAAC;CACnC;AAED,MAAM,MAAM,QAAQ,GAChB;IAAE,IAAI,EAAE,WAAW,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GACnC;IAAE,IAAI,EAAE,iBAAiB,CAAA;CAAE,GAC3B;IAAE,IAAI,EAAE,kBAAkB,CAAA;CAAE,GAC5B;IAAE,IAAI,EAAE,kBAAkB,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAC3C;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,KAAK,CAAA;CAAE,GAC9C;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,EAAE,EAAE,KAAK,CAAC;IAAC,EAAE,EAAE,OAAO,CAAA;CAAE,GAC5C;IAAE,IAAI,EAAE,QAAQ,CAAA;CAAE,CAAC;AAEvB,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC5B;AAED;;;;;;;;GAQG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAiErF"}

package/dist/src/daemon/server.js

@@ -1,103 +0,0 @@
-import { createServer } from 'node:net';
-import { chmodSync, existsSync, unlinkSync } from 'node:fs';
-import { dispatch, RpcMethodError } from './methods.js';
-import { encodeError, encodeResponse, parseRequest, RPC_INTERNAL_ERROR, RPC_INVALID_REQUEST, RPC_PARSE_ERROR, } from './rpc.js';
-/**
- * Start a Unix-socket JSON-RPC server. The socket file is created at
- * `socketPath` with mode 0o600 (owner read/write only). If a stale socket
- * file exists at that path we remove it first.
- *
- * Each connection is line-delimited JSON: one request per line, one response
- * per line. Pipelining is supported (multiple requests per connection); they
- * are processed in order.
- */
-export function startDaemonServer(opts) {
-    const { socketPath, context } = opts;
-    const log = (e) => opts.onLog?.(e);
-    // If a stale file (e.g. from a crashed previous run) sits at the path,
-    // remove it before binding. We don't check whether a process is actually
-    // listening — that would need OS-specific calls. The 0o600 perms make it
-    // impossible for another user to drop a file here.
-    if (existsSync(socketPath)) {
-        try {
-            unlinkSync(socketPath);
-        }
-        catch { /* let listen() report the bind failure */ }
-    }
-    const server = createServer((socket) => {
-        log({ kind: 'connection_open' });
-        opts.onConnection?.(socket);
-        let buf = '';
-        socket.setEncoding('utf8');
-        socket.on('data', (chunk) => {
-            buf += chunk;
-            let nl;
-            while ((nl = buf.indexOf('\n')) !== -1) {
-                const line = buf.slice(0, nl);
-                buf = buf.slice(nl + 1);
-                if (line.length === 0)
-                    continue;
-                const response = handleLine(line, context, log);
-                socket.write(response + '\n');
-            }
-        });
-        socket.on('error', (err) => {
-            log({ kind: 'connection_error', error: err.message });
-        });
-        socket.on('close', () => {
-            log({ kind: 'connection_close' });
-        });
-    });
-    return new Promise((resolve, reject) => {
-        server.once('error', reject);
-        server.listen(socketPath, () => {
-            // Tighten perms — Node's default may be 0o755 depending on umask.
-            try {
-                chmodSync(socketPath, 0o600);
-            }
-            catch (err) {
-                server.close();
-                reject(err);
-                return;
-            }
-            log({ kind: 'listening', path: socketPath });
-            server.removeListener('error', reject);
-            resolve({
-                server,
-                close: () => new Promise((res) => {
-                    server.close(() => {
-                        log({ kind: 'closed' });
-                        res();
-                    });
-                }),
-            });
-        });
-    });
-}
-function handleLine(line, context, log) {
-    const parsed = parseRequest(line);
-    if (parsed.kind === 'parse_error') {
-        log({ kind: 'response', id: null, ok: false });
-        return encodeError(null, RPC_PARSE_ERROR, 'parse error');
-    }
-    if (parsed.kind === 'invalid') {
-        log({ kind: 'response', id: parsed.id, ok: false });
-        return encodeError(parsed.id, RPC_INVALID_REQUEST, parsed.reason);
-    }
-    const { request } = parsed;
-    log({ kind: 'request', method: request.method, id: request.id });
-    try {
-        const result = dispatch(request.method, request.params, context);
-        log({ kind: 'response', id: request.id, ok: true });
-        return encodeResponse(request.id, result);
-    }
-    catch (err) {
-        if (err instanceof RpcMethodError) {
-            log({ kind: 'response', id: request.id, ok: false });
-            return encodeError(request.id, err.code, err.message, err.data);
-        }
-        log({ kind: 'response', id: request.id, ok: false });
-        return encodeError(request.id, RPC_INTERNAL_ERROR, `internal error: ${err.message}`);
-    }
-}
-//# sourceMappingURL=server.js.map

package/dist/src/daemon/server.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../src/daemon/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAA4B,MAAM,UAAU,CAAC;AAClE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAsB,MAAM,cAAc,CAAC;AAC5E,OAAO,EACL,WAAW,EACX,cAAc,EACd,YAAY,EACZ,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,GAEhB,MAAM,UAAU,CAAC;AA+BlB;;;;;;;;GAQG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAsB;IACtD,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAW,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;IAE7C,uEAAuE;IACvE,yEAAyE;IACzE,yEAAyE;IACzE,mDAAmD;IACnD,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,0CAA0C,CAAC,CAAC;IACtF,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,MAAM,EAAE,EAAE;QACrC,GAAG,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;QACjC,IAAI,CAAC,YAAY,EAAE,CAAC,MAAM,CAAC,CAAC;QAE5B,IAAI,GAAG,GAAG,EAAE,CAAC;QAEb,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAE3B,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;YAC1B,GAAG,IAAI,KAAK,CAAC;YACb,IAAI,EAAU,CAAC;YACf,OAAO,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC9B,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;gBACxB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;oBAAE,SAAS;gBAChC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;gBAChD,MAAM,CAAC,KAAK,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;YAChC,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACzB,GAAG,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACtB,GAAG,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC7B,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,GAAG,EAAE;YAC7B,kEAAkE;YAClE,IAAI,CAAC;gBACH,SAAS,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,GAAG,CAAC,CAAC;gBACZ,OAAO;YACT,CAAC;YACD,GAAG,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;YAC7C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACvC,OAAO,CAAC;gBACN,MAAM;gBACN,KAAK,EAAE,GAAG,EAAE,CACV,IAAI,OAAO,CAAO,CAAC,GAAG,EAAE,EAAE;oBACxB,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE;wBAChB,GAAG,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;wBACxB,GAAG,EAAE,CAAC;oBACR,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC;aACL,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU,CACjB,IAAY,EACZ,OAAsB,EACtB,GAA0B;IAE1B,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IAClC,IAAI,MAAM,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QAClC,GAAG,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/C,OAAO,WAAW,CAAC,IAAI,EAAE,eAAe,EAAE,aAAa,CAAC,CAAC;IAC3D,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC9B,GAAG,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,WAAW,CAAC,MAAM,CAAC,EAAE,EAAE,mBAAmB,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACpE,CAAC;IACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAC3B,GAAG,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;IACjE,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjE,GAAG,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,OAAO,cAAc,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,cAAc,EAAE,CAAC;YAClC,GAAG,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,OAAO,WAAW,CAAC,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAClE,CAAC;QACD,GAAG,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACrD,OAAO,WAAW,CAChB,OAAO,CAAC,EAAE,EACV,kBAAkB,EAClB,mBAAoB,GAAa,CAAC,OAAO,EAAE,CAC5C,CAAC;IACJ,CAAC;AACH,CAAC"}