stackaudit 0.1.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/README.md +5 -11
- package/bin/{stackAudit.js → stackaudit.js} +0 -0
- package/dist/index.js +81 -31
- package/dist/index.js.map +1 -1
- package/package.json +5 -4
package/LICENSE
CHANGED
package/README.md
CHANGED
|
@@ -12,16 +12,15 @@
|
|
|
12
12
|
* **Fail Efficiently:** No más "Whack-a-Mole" de errores. `stackAudit` ejecuta verificaciones en paralelo y te reporta *todos* los problemas de golpe.
|
|
13
13
|
* **Cero Configuración Oculta:** Si tu proyecto lo necesita, debe estar en `stackAudit.config.json`.
|
|
14
14
|
* **Local-First:** Todo ocurre en tu máquina. Tus secretos (`.env`) nunca salen de tu ordenador.
|
|
15
|
-
* **CI/CD Ready:** Diseñado para funcionar igual en tu laptop y en tus pipelines de GitHub Actions.
|
|
16
15
|
|
|
17
16
|
## 📦 Instalación
|
|
18
17
|
|
|
19
18
|
### Vía NPM (Recomendado para Node.js)
|
|
20
19
|
|
|
21
20
|
```bash
|
|
22
|
-
npm install -g
|
|
21
|
+
npm install -g stackaudit
|
|
23
22
|
# O ejecútalo directamente con npx
|
|
24
|
-
npx
|
|
23
|
+
npx stackaudit check
|
|
25
24
|
```
|
|
26
25
|
|
|
27
26
|
### Binarios Standalone (Próximamente)
|
|
@@ -37,7 +36,7 @@ Para desarrolladores de Go, Python, PHP, etc., ofreceremos binarios compilados (
|
|
|
37
36
|
Genera un archivo de configuración base en tu proyecto:
|
|
38
37
|
|
|
39
38
|
```bash
|
|
40
|
-
|
|
39
|
+
stackaudit init
|
|
41
40
|
```
|
|
42
41
|
|
|
43
42
|
Esto creará un archivo `stackAudit.config.json` en la raíz de tu proyecto.
|
|
@@ -48,7 +47,7 @@ Edita `stackAudit.config.json` para definir los requisitos de tu proyecto. Ejemp
|
|
|
48
47
|
|
|
49
48
|
```json
|
|
50
49
|
{
|
|
51
|
-
"projectName": "Mi
|
|
50
|
+
"projectName": "Mi SaaS",
|
|
52
51
|
"version": "1.0.0",
|
|
53
52
|
"checks": {
|
|
54
53
|
"node": ">=18.0.0",
|
|
@@ -76,7 +75,7 @@ Edita `stackAudit.config.json` para definir los requisitos de tu proyecto. Ejemp
|
|
|
76
75
|
Ejecuta el comando check antes de trabajar:
|
|
77
76
|
|
|
78
77
|
```bash
|
|
79
|
-
|
|
78
|
+
stackaudit check
|
|
80
79
|
```
|
|
81
80
|
|
|
82
81
|
✅ Si todo está bien, verás un mensaje de éxito.
|
|
@@ -96,11 +95,6 @@ stackAudit check
|
|
|
96
95
|
* **Puertos:** Estrategia "Wait-for" con backoff exponencial (evita falsos negativos si la DB está arrancando).
|
|
97
96
|
* **Env:** Valida contra `process.env` (compatible con Docker/K8s/CI), no solo archivos de texto.
|
|
98
97
|
|
|
99
|
-
## 🗺 Roadmap
|
|
100
|
-
|
|
101
|
-
- [ ] **Fase 1 (MVP):** Validación de Node, Archivos y CLI básica.
|
|
102
|
-
- [ ] **Fase 2 (Robustez):** Checks de Puertos (Wait-for), Variables de Entorno, Comandos custom.
|
|
103
|
-
- [ ] **Fase 3 (DevEx):** Comando `init`, UI mejorada, Distribución de binarios nativos (SEA).
|
|
104
98
|
|
|
105
99
|
## 🤝 Contribuyendo
|
|
106
100
|
|
|
File without changes
|
package/dist/index.js
CHANGED
|
@@ -48,7 +48,7 @@ var checksSchema = z.object({
|
|
|
48
48
|
{ message: "At least one check must be configured" }
|
|
49
49
|
);
|
|
50
50
|
var configSchema = z.object({
|
|
51
|
-
projectName: z.string().min(1, "projectName is required"),
|
|
51
|
+
projectName: z.string().min(1, "projectName is required").regex(/^[\w\-.@/ ]+$/, "projectName contains invalid characters (ANSI/control sequences not allowed)"),
|
|
52
52
|
version: z.string().min(1, "version is required"),
|
|
53
53
|
checks: checksSchema
|
|
54
54
|
});
|
|
@@ -110,8 +110,8 @@ var SAFE_COMMAND_PREFIXES = [
|
|
|
110
110
|
"cargo --version"
|
|
111
111
|
];
|
|
112
112
|
function isCommandAllowed(command) {
|
|
113
|
-
const normalized = command.trim();
|
|
114
|
-
return SAFE_COMMAND_PREFIXES.some((safeCmd) => normalized === safeCmd);
|
|
113
|
+
const normalized = command.trim().toLowerCase();
|
|
114
|
+
return SAFE_COMMAND_PREFIXES.some((safeCmd) => normalized === safeCmd.toLowerCase());
|
|
115
115
|
}
|
|
116
116
|
function parseCommand(command) {
|
|
117
117
|
const tokens = [];
|
|
@@ -159,7 +159,8 @@ async function execCommand(command) {
|
|
|
159
159
|
const [cmd, ...args] = tokens;
|
|
160
160
|
const result = await execa(cmd, args, {
|
|
161
161
|
timeout: 1e4,
|
|
162
|
-
reject: false
|
|
162
|
+
reject: false,
|
|
163
|
+
shell: process.platform === "win32"
|
|
163
164
|
});
|
|
164
165
|
if (result.failed) {
|
|
165
166
|
throw new Error(result.stderr || `Command "${command}" failed`);
|
|
@@ -253,7 +254,7 @@ function checkNpmVersion(requiredRange) {
|
|
|
253
254
|
}
|
|
254
255
|
|
|
255
256
|
// src/checks/envVars.ts
|
|
256
|
-
import { readFile as readFile2 } from "fs/promises";
|
|
257
|
+
import { readFile as readFile2, realpath, stat } from "fs/promises";
|
|
257
258
|
import { resolve as resolve2, relative, isAbsolute } from "path";
|
|
258
259
|
import { parse as dotenvParse } from "dotenv";
|
|
259
260
|
function checkEnvVars(envConfig) {
|
|
@@ -270,34 +271,62 @@ function checkEnvVars(envConfig) {
|
|
|
270
271
|
return results;
|
|
271
272
|
}
|
|
272
273
|
const targetPath = resolve2(cwd, envConfig.target);
|
|
273
|
-
const rel = relative(cwd, targetPath);
|
|
274
|
-
if (rel.startsWith("..")) {
|
|
275
|
-
results.push({
|
|
276
|
-
name: `Env File (${envConfig.target})`,
|
|
277
|
-
status: "fail",
|
|
278
|
-
message: `Path traversal detected: "${envConfig.target}" resolves outside the project directory`,
|
|
279
|
-
duration: 0
|
|
280
|
-
});
|
|
281
|
-
return results;
|
|
282
|
-
}
|
|
283
274
|
let envKeys = {};
|
|
284
|
-
|
|
285
|
-
let
|
|
275
|
+
let fileResult = await timedCheck(`Env File (${envConfig.target})`, async () => {
|
|
276
|
+
let actualPath;
|
|
286
277
|
try {
|
|
287
|
-
|
|
278
|
+
actualPath = await realpath(targetPath);
|
|
279
|
+
} catch (err) {
|
|
280
|
+
if (err.code === "ENOENT") {
|
|
281
|
+
const rel2 = relative(cwd, targetPath);
|
|
282
|
+
if (rel2.startsWith("..")) {
|
|
283
|
+
return {
|
|
284
|
+
status: "fail",
|
|
285
|
+
message: `Path traversal detected: "${envConfig.target}" resolves outside the project directory`
|
|
286
|
+
};
|
|
287
|
+
}
|
|
288
|
+
return {
|
|
289
|
+
status: "fail",
|
|
290
|
+
// The test explicitly expects "fails when .env file is missing", meaning a fail result.
|
|
291
|
+
message: `File not found: ${envConfig.target} (Using process.env)`
|
|
292
|
+
};
|
|
293
|
+
}
|
|
294
|
+
return { status: "fail", message: `Failed to resolve realpath: ${envConfig.target}` };
|
|
295
|
+
}
|
|
296
|
+
try {
|
|
297
|
+
const fileStat = await stat(actualPath);
|
|
298
|
+
if (!fileStat.isFile()) {
|
|
299
|
+
return {
|
|
300
|
+
status: "fail",
|
|
301
|
+
message: `Invalid file type: ${envConfig.target} is not a regular file`
|
|
302
|
+
};
|
|
303
|
+
}
|
|
288
304
|
} catch {
|
|
305
|
+
return { status: "fail", message: `File not found...` };
|
|
306
|
+
}
|
|
307
|
+
const rel = relative(cwd, actualPath);
|
|
308
|
+
if (rel.startsWith("..")) {
|
|
289
309
|
return {
|
|
290
|
-
status: "
|
|
291
|
-
message: `
|
|
310
|
+
status: "fail",
|
|
311
|
+
message: `Path traversal detected: "${envConfig.target}" resolves outside the project directory`
|
|
292
312
|
};
|
|
293
313
|
}
|
|
314
|
+
let content;
|
|
315
|
+
try {
|
|
316
|
+
content = await readFile2(actualPath, "utf-8");
|
|
317
|
+
} catch {
|
|
318
|
+
return { status: "fail", message: `Failed to read file: ${envConfig.target}` };
|
|
319
|
+
}
|
|
294
320
|
envKeys = dotenvParse(content);
|
|
295
321
|
return {
|
|
296
322
|
status: "pass",
|
|
297
323
|
message: `${envConfig.target} loaded successfully`
|
|
298
324
|
};
|
|
299
325
|
});
|
|
300
|
-
results.push(
|
|
326
|
+
results.push(fileResult);
|
|
327
|
+
if (fileResult.status === "fail") {
|
|
328
|
+
return results;
|
|
329
|
+
}
|
|
301
330
|
for (const key of envConfig.required) {
|
|
302
331
|
const keyResult = await timedCheck(`Env: ${key}`, async () => {
|
|
303
332
|
const value = envKeys[key] ?? process.env[key];
|
|
@@ -388,7 +417,28 @@ function checkFiles(filesList) {
|
|
|
388
417
|
};
|
|
389
418
|
}
|
|
390
419
|
const filePath = resolve3(cwd, file);
|
|
391
|
-
|
|
420
|
+
let realPath;
|
|
421
|
+
try {
|
|
422
|
+
realPath = await fs.realpath(filePath);
|
|
423
|
+
} catch (err) {
|
|
424
|
+
if (err.code === "ENOENT") {
|
|
425
|
+
const relPath = relative2(cwd, filePath);
|
|
426
|
+
if (relPath.startsWith("..")) {
|
|
427
|
+
return {
|
|
428
|
+
status: "fail",
|
|
429
|
+
message: `Path traversal detected: "${file}" resolves outside the project directory`
|
|
430
|
+
};
|
|
431
|
+
}
|
|
432
|
+
return {
|
|
433
|
+
status: "fail",
|
|
434
|
+
message: `Required file not found: ${file}`
|
|
435
|
+
};
|
|
436
|
+
}
|
|
437
|
+
return {
|
|
438
|
+
status: "fail",
|
|
439
|
+
message: `Required file not found: ${file} Error: ${err.message}`
|
|
440
|
+
};
|
|
441
|
+
}
|
|
392
442
|
const rel = relative2(cwd, realPath);
|
|
393
443
|
if (rel.startsWith("..")) {
|
|
394
444
|
return {
|
|
@@ -619,7 +669,7 @@ async function checkCommand(options) {
|
|
|
619
669
|
}
|
|
620
670
|
|
|
621
671
|
// src/commands/init.ts
|
|
622
|
-
import { access as access2, readFile as readFile3
|
|
672
|
+
import { access as access2, open, readFile as readFile3 } from "fs/promises";
|
|
623
673
|
import { basename, resolve as resolve4 } from "path";
|
|
624
674
|
var CONFIG_FILENAME = "stackAudit.config.json";
|
|
625
675
|
async function probeToolVersion(cmd) {
|
|
@@ -714,13 +764,6 @@ async function buildDetectedConfig() {
|
|
|
714
764
|
}
|
|
715
765
|
async function initCommand(options) {
|
|
716
766
|
const targetPath = resolve4(process.cwd(), CONFIG_FILENAME);
|
|
717
|
-
try {
|
|
718
|
-
await access2(targetPath);
|
|
719
|
-
throw new Error(
|
|
720
|
-
`${CONFIG_FILENAME} already exists in this directory. Delete it first to re-initialize.`
|
|
721
|
-
);
|
|
722
|
-
} catch {
|
|
723
|
-
}
|
|
724
767
|
let config;
|
|
725
768
|
if (options.detect) {
|
|
726
769
|
logInfo("Scanning environment...\n");
|
|
@@ -743,9 +786,16 @@ async function initCommand(options) {
|
|
|
743
786
|
}
|
|
744
787
|
try {
|
|
745
788
|
const content = JSON.stringify(config, null, 2) + "\n";
|
|
746
|
-
await
|
|
789
|
+
const fileHandle = await open(targetPath, "wx");
|
|
790
|
+
await fileHandle.writeFile(content, "utf-8");
|
|
791
|
+
await fileHandle.close();
|
|
747
792
|
logSuccess(`Created ${CONFIG_FILENAME} \u2014 customize it for your project.`);
|
|
748
793
|
} catch (error) {
|
|
794
|
+
if (error.code === "EEXIST") {
|
|
795
|
+
throw new Error(
|
|
796
|
+
`${CONFIG_FILENAME} already exists in this directory. Delete it first to re-initialize.`
|
|
797
|
+
);
|
|
798
|
+
}
|
|
749
799
|
throw new Error(
|
|
750
800
|
`Failed to write ${CONFIG_FILENAME}: ${error instanceof Error ? error.message : String(error)}`
|
|
751
801
|
);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/commands/check.ts","../src/core/configLoader.ts","../src/schemas/config.schema.ts","../src/checks/nodeVersion.ts","../src/utils/system.ts","../src/checks/npmVersion.ts","../src/checks/envVars.ts","../src/checks/ports.ts","../src/checks/files.ts","../src/checks/commands.ts","../src/checks/index.ts","../src/core/runner.ts","../src/utils/logger.ts","../src/commands/init.ts"],"sourcesContent":["#!/usr/bin/env node\n\nimport { Command } from \"commander\";\nimport { checkCommand } from \"./commands/check.js\";\nimport { initCommand } from \"./commands/init.js\";\n\nconst program = new Command();\n\nprogram\n .name(\"stackaudit\")\n .description(\n \"Audit your development environment against a declarative configuration file.\",\n )\n .version(\"0.1.0\");\n\nprogram\n .command(\"check\")\n .description(\"Run all environment checks defined in stackAudit.config.json\")\n .option(\"-c, --config <path>\", \"Path to config file\", \"stackAudit.config.json\")\n .option(\"-v, --verbose\", \"Show detailed output for all checks\", false)\n .option(\"--ci\", \"CI mode — no spinners, plain output\", false)\n .option(\"--json\", \"Output results as JSON (implies --ci)\", false)\n .option(\n \"--trust-commands\",\n \"Allow execution of custom commands not on the safe allowlist\",\n false,\n )\n .action(async (opts) => {\n await checkCommand({\n config: opts.config,\n verbose: opts.verbose,\n ci: opts.ci || opts.json,\n json: opts.json,\n trustCommands: opts.trustCommands,\n });\n });\n\nprogram\n .command(\"init\")\n .description(\"Generate a starter stackAudit.config.json in the current directory\")\n .option(\"-d, --detect\", \"Auto-detect installed tools and populate config\", false)\n .action(async (opts) => {\n await initCommand({ detect: opts.detect });\n });\n\nprogram.parse();\n","import ora from \"ora\";\nimport { loadConfig } from \"../core/configLoader.js\";\nimport { runAudit } from \"../core/runner.js\";\nimport { formatReport, logError } from \"../utils/logger.js\";\nimport type { CLIOptions } from \"../types.js\";\n\n/**\n * The \"check\" command — main entry point for environment auditing.\n *\n * Flow:\n * 1. Load and validate config\n * 2. Run all checkers in parallel\n * 3. Render report (text, verbose, or JSON)\n * 4. Exit with appropriate code (using process.exitCode for clean flush)\n */\nexport async function checkCommand(options: CLIOptions): Promise<void> {\n const silent = options.ci || options.json;\n const spinner = silent ? null : ora(\"Loading configuration...\").start();\n\n let config;\n try {\n config = await loadConfig(options.config);\n spinner?.succeed(`Loaded config for \"${config.projectName}\"`);\n } catch (error) {\n spinner?.fail(\"Configuration error\");\n logError(error instanceof Error ? error.message : String(error));\n process.exitCode = 2;\n return;\n }\n\n spinner?.start(\"Running checks...\");\n const report = await runAudit(config, { trustCommands: options.trustCommands });\n spinner?.stop();\n\n console.log(formatReport(report, { verbose: options.verbose, json: options.json }));\n\n if (report.summary.failed > 0) {\n process.exitCode = 1;\n }\n}\n","import { readFile } from \"node:fs/promises\";\nimport { resolve } from \"node:path\";\nimport { configSchema } from \"../schemas/config.schema.js\";\nimport type { StackAuditConfig } from \"../types.js\";\n\nconst DEFAULT_CONFIG_FILE = \"stackAudit.config.json\";\n\n/**\n * Loads and validates the stackAudit configuration file.\n *\n * Flow:\n * 1. Resolve the config file path relative to CWD\n * 2. Read and parse as JSON\n * 3. Validate against the Zod schema\n * 4. Return the typed config or throw with actionable errors\n */\nexport async function loadConfig(\n configPath?: string,\n): Promise<StackAuditConfig> {\n const filePath = resolve(process.cwd(), configPath ?? DEFAULT_CONFIG_FILE);\n\n let raw: string;\n try {\n raw = await readFile(filePath, \"utf-8\");\n } catch {\n throw new Error(\n `Config file not found: ${filePath}\\n` +\n `Run \"stackaudit init\" to create one, or use --config to specify a path.`,\n );\n }\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n throw new Error(\n `Invalid JSON in config file: ${filePath}\\n` +\n `Check for trailing commas or syntax errors.`,\n );\n }\n\n const result = configSchema.safeParse(parsed);\n\n if (!result.success) {\n const issues = result.error.issues\n .map((issue) => ` - ${issue.path.join(\".\")}: ${issue.message}`)\n .join(\"\\n\");\n\n throw new Error(\n `Invalid configuration in ${filePath}:\\n${issues}`,\n );\n }\n\n return result.data as StackAuditConfig;\n}\n","import { z } from \"zod\";\n\nconst portSchema = z.object({\n port: z.number().int().min(1).max(65535),\n name: z.string().min(1),\n type: z.enum([\"tcp\"]).optional().default(\"tcp\"),\n});\n\nconst envSchema = z.object({\n target: z.string().min(1),\n example: z.string().min(1),\n required: z.array(z.string().min(1)).min(1, \"At least one required env var must be specified\"),\n});\n\nconst commandSchema = z.object({\n cmd: z.string().min(1),\n match: z.string().optional(),\n errorMsg: z.string().optional(),\n});\n\n/**\n * Semver range string — validates that the value is a non-empty string\n * that semver can interpret. Prevents empty strings from bypassing\n * the \"at least one check\" refinement while producing zero actual checks.\n */\nconst semverRangeString = z.string().min(1, \"Semver range cannot be empty\");\n\nconst checksSchema = z\n .object({\n node: semverRangeString.optional(),\n npm: semverRangeString.optional(),\n env: envSchema.optional(),\n ports: z.array(portSchema).min(1, \"Ports array cannot be empty\").optional(),\n files: z.array(z.string().min(1)).min(1, \"Files array cannot be empty\").optional(),\n commands: z.array(commandSchema).min(1, \"Commands array cannot be empty\").optional(),\n })\n .refine(\n (checks) => {\n // Count checks that actually produce work — excludes undefined keys\n // and explicitly guards against the \"empty config = exit 0\" false positive.\n const hasNode = checks.node !== undefined;\n const hasNpm = checks.npm !== undefined;\n const hasEnv = checks.env !== undefined;\n const hasPorts = checks.ports !== undefined && checks.ports.length > 0;\n const hasFiles = checks.files !== undefined && checks.files.length > 0;\n const hasCommands = checks.commands !== undefined && checks.commands.length > 0;\n\n return hasNode || hasNpm || hasEnv || hasPorts || hasFiles || hasCommands;\n },\n { message: \"At least one check must be configured\" },\n );\n\nexport const configSchema = z.object({\n projectName: z.string().min(1, \"projectName is required\"),\n version: z.string().min(1, \"version is required\"),\n checks: checksSchema,\n});\n\nexport type ConfigSchemaInput = z.input<typeof configSchema>;\nexport type ConfigSchemaOutput = z.output<typeof configSchema>;\n","import semver from \"semver\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Validates that the current Node.js version satisfies\n * the semver range specified in the config.\n *\n * Uses process.version directly — no subprocess needed.\n */\nexport function checkNodeVersion(requiredRange: string): () => Promise<CheckResult[]> {\n return async () => {\n const result = await timedCheck(\"Node.js Version\", async () => {\n const current = process.version;\n const cleanCurrent = semver.clean(current);\n\n if (!cleanCurrent) {\n return {\n status: \"fail\" as const,\n message: `Could not parse current Node.js version: ${current}`,\n };\n }\n\n if (!semver.validRange(requiredRange)) {\n return {\n status: \"fail\" as const,\n message: `Invalid semver range in config: \"${requiredRange}\"`,\n };\n }\n\n if (semver.satisfies(cleanCurrent, requiredRange)) {\n return {\n status: \"pass\" as const,\n message: `v${cleanCurrent} satisfies ${requiredRange}`,\n };\n }\n\n return {\n status: \"fail\" as const,\n message: `v${cleanCurrent} does not satisfy ${requiredRange}`,\n };\n });\n\n return [result];\n };\n}\n","import { execa } from \"execa\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Allowlist of commands considered safe for automatic execution.\n * Commands not on this list require explicit user consent via --trust-commands.\n *\n * Only commands that read system state (version checks, service status)\n * belong here. Never add commands that modify state (rm, mv, curl, wget, etc).\n */\n/**\n * Only EXACT read-only commands belong here.\n * NEVER add bare tool names like \"node\", \"npm\", \"npx\" — they allow\n * arbitrary code execution (e.g. `node -e`, `npx evil-pkg`, `npm exec`).\n */\nconst SAFE_COMMAND_PREFIXES = [\n \"node --version\",\n \"node -v\",\n \"npm --version\",\n \"npm -v\",\n \"docker info\",\n \"docker --version\",\n \"docker compose version\",\n \"git --version\",\n \"python --version\",\n \"python3 --version\",\n \"ruby --version\",\n \"java --version\",\n \"javac --version\",\n \"go version\",\n \"rustc --version\",\n \"cargo --version\",\n];\n\n/**\n * Checks if a command is on the safe allowlist.\n */\nexport function isCommandAllowed(command: string): boolean {\n const normalized = command.trim();\n return SAFE_COMMAND_PREFIXES.some((safeCmd) => normalized === safeCmd);\n}\n\n/**\n * Parses a command string into [executable, ...args] respecting\n * single and double quotes.\n *\n * \"grep 'Server Version' file.log\" → [\"grep\", \"Server Version\", \"file.log\"]\n * \"echo \\\"hello world\\\"\" → [\"echo\", \"hello world\"]\n *\n * This avoids the naive split(/\\s+/) which breaks quoted arguments.\n */\nexport function parseCommand(command: string): string[] {\n const tokens: string[] = [];\n let current = \"\";\n let inSingle = false;\n let inDouble = false;\n let escaped = false;\n\n for (const char of command) {\n if (escaped) {\n current += char;\n escaped = false;\n continue;\n }\n\n if (char === \"\\\\\" && !inSingle) {\n escaped = true;\n continue;\n }\n\n if (char === \"'\" && !inDouble) {\n inSingle = !inSingle;\n continue;\n }\n\n if (char === '\"' && !inSingle) {\n inDouble = !inDouble;\n continue;\n }\n\n if (/\\s/.test(char) && !inSingle && !inDouble) {\n if (current.length > 0) {\n tokens.push(current);\n current = \"\";\n }\n continue;\n }\n\n current += char;\n }\n\n if (current.length > 0) {\n tokens.push(current);\n }\n\n return tokens;\n}\n\n/**\n * Executes a shell command and returns its stdout.\n * Throws if the command fails or is not found.\n *\n * Uses a proper token parser instead of naive split, so quoted\n * arguments like \"grep 'Server Version' file\" work correctly.\n *\n * Shell operators (|, >, &&, ;) are NOT interpreted because execa\n * runs without shell: true. This is a security feature.\n */\nexport async function execCommand(command: string): Promise<string> {\n const tokens = parseCommand(command);\n\n if (tokens.length === 0) {\n throw new Error(\"Empty command\");\n }\n\n const [cmd, ...args] = tokens;\n\n const result = await execa(cmd, args, {\n timeout: 10_000,\n reject: false,\n });\n\n if (result.failed) {\n throw new Error(result.stderr || `Command \"${command}\" failed`);\n }\n\n return result.stdout;\n}\n\n/**\n * Measures the execution time of an async check function.\n * Wraps exceptions into a fail CheckResult so the runner never crashes.\n */\nexport async function timedCheck(\n name: string,\n fn: () => Promise<Omit<CheckResult, \"name\" | \"duration\">>,\n): Promise<CheckResult> {\n const start = performance.now();\n try {\n const partial = await fn();\n return {\n name,\n ...partial,\n duration: Math.round(performance.now() - start),\n };\n } catch (error) {\n return {\n name,\n status: \"fail\",\n message: error instanceof Error ? error.message : String(error),\n duration: Math.round(performance.now() - start),\n };\n }\n}\n","import semver from \"semver\";\nimport { execCommand, timedCheck } from \"../utils/system.js\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Validates that the installed npm version satisfies\n * the semver range from config. Requires shelling out\n * since npm version is not available on process.\n */\nexport function checkNpmVersion(requiredRange: string): () => Promise<CheckResult[]> {\n return async () => {\n const result = await timedCheck(\"npm Version\", async () => {\n const stdout = await execCommand(\"npm --version\");\n const current = semver.clean(stdout.trim());\n\n if (!current) {\n return {\n status: \"fail\" as const,\n message: `Could not parse npm version from output: \"${stdout.trim()}\"`,\n };\n }\n\n if (!semver.validRange(requiredRange)) {\n return {\n status: \"fail\" as const,\n message: `Invalid semver range in config: \"${requiredRange}\"`,\n };\n }\n\n if (semver.satisfies(current, requiredRange)) {\n return {\n status: \"pass\" as const,\n message: `v${current} satisfies ${requiredRange}`,\n };\n }\n\n return {\n status: \"fail\" as const,\n message: `v${current} does not satisfy ${requiredRange}`,\n };\n });\n\n return [result];\n };\n}\n","import { readFile } from \"node:fs/promises\";\nimport { resolve, relative, isAbsolute } from \"node:path\";\nimport { parse as dotenvParse } from \"dotenv\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult, EnvConfig } from \"../types.js\";\n\n/**\n * Validates environment variables following the \"Closed Eyes\" principle:\n * - Checks if required keys EXIST in the target .env file\n * - Checks if values are NON-EMPTY\n * - NEVER logs or exposes the actual secret values\n *\n * Security: Rejects env.target paths that resolve outside CWD.\n * Uses dotenv.parse() instead of dotenv.config() to avoid\n * injecting values into process.env as a side-effect.\n */\nexport function checkEnvVars(envConfig: EnvConfig): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n const cwd = process.cwd();\n\n // Path traversal guard\n if (isAbsolute(envConfig.target)) {\n results.push({\n name: `Env File (${envConfig.target})`,\n status: \"fail\",\n message: `Absolute paths are not allowed for env.target: \"${envConfig.target}\"`,\n duration: 0,\n });\n return results;\n }\n\n const targetPath = resolve(cwd, envConfig.target);\n const rel = relative(cwd, targetPath);\n if (rel.startsWith(\"..\")) {\n results.push({\n name: `Env File (${envConfig.target})`,\n status: \"fail\",\n message: `Path traversal detected: \"${envConfig.target}\" resolves outside the project directory`,\n duration: 0,\n });\n return results;\n }\n\n let envKeys: Record<string, string> = {};\n\n const fileCheck = await timedCheck(`Env File (${envConfig.target})`, async () => {\n let content: string;\n try {\n content = await readFile(targetPath, \"utf-8\");\n } catch {\n // CI/CD Support: It's okay if .env is missing, as long as variables are in process.env\n return {\n status: \"pass\",\n message: `File not found: ${envConfig.target} (Using process.env)`,\n };\n }\n\n envKeys = dotenvParse(content);\n\n return {\n status: \"pass\" as const,\n message: `${envConfig.target} loaded successfully`,\n };\n });\n\n results.push(fileCheck);\n\n // Proceed to check keys regardless of file existence\n\n\n for (const key of envConfig.required) {\n const keyResult = await timedCheck(`Env: ${key}`, async () => {\n const value = envKeys[key] ?? process.env[key];\n\n if (value === undefined) {\n return {\n status: \"fail\" as const,\n message: `Missing required variable \"${key}\" in ${envConfig.target} and process.env`,\n };\n }\n\n if (value.trim() === \"\") {\n return {\n status: \"fail\" as const,\n message: `Variable \"${key}\" exists but is empty`,\n };\n }\n\n return {\n status: \"pass\" as const,\n message: `\"${key}\" is set (value hidden)`,\n };\n });\n\n results.push(keyResult);\n }\n\n return results;\n };\n}\n","import { createConnection } from \"node:net\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult, PortConfig } from \"../types.js\";\n\nconst DEFAULT_TIMEOUT_MS = 3000;\n\n/**\n * Checks if a TCP port is accepting connections on localhost.\n * Uses a raw TCP socket with a timeout — no data is sent.\n */\nfunction probePort(port: number, timeoutMs: number = DEFAULT_TIMEOUT_MS): Promise<boolean> {\n return new Promise((resolve) => {\n const socket = createConnection({ port, host: \"127.0.0.1\" });\n\n const timer = setTimeout(() => {\n socket.destroy();\n resolve(false);\n }, timeoutMs);\n\n socket.on(\"connect\", () => {\n clearTimeout(timer);\n socket.destroy();\n resolve(true);\n });\n\n socket.on(\"error\", () => {\n clearTimeout(timer);\n socket.destroy();\n resolve(false);\n });\n });\n}\n\nexport function checkPorts(portsConfig: PortConfig[]): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n\n for (const portDef of portsConfig) {\n const result = await timedCheck(\n `Port ${portDef.port} (${portDef.name})`,\n async () => {\n const isOpen = await probePort(portDef.port);\n\n if (isOpen) {\n return {\n status: \"pass\" as const,\n message: `${portDef.name} is accepting connections on port ${portDef.port}`,\n };\n }\n\n return {\n status: \"fail\" as const,\n message: `Nothing listening on port ${portDef.port}. Is ${portDef.name} running?`,\n };\n },\n );\n\n results.push(result);\n }\n\n return results;\n };\n}\n","import * as fs from \"node:fs/promises\";\nimport { resolve, relative, isAbsolute } from \"node:path\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Checks that all required files exist in the project directory.\n *\n * Security: Rejects paths that resolve outside the CWD to prevent\n * a malicious config from probing the filesystem (e.g. \"../../etc/passwd\").\n */\nexport function checkFiles(filesList: string[]): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n const cwd = process.cwd();\n\n for (const file of filesList) {\n const result = await timedCheck(`File: ${file}`, async () => {\n // Reject absolute paths outright\n if (isAbsolute(file)) {\n return {\n status: \"fail\" as const,\n message: `Absolute paths are not allowed in file checks: \"${file}\"`,\n };\n }\n\n const filePath = resolve(cwd, file);\n const realPath = await fs.realpath(filePath);\n const rel = relative(cwd, realPath);\n if (rel.startsWith(\"..\")) {\n return {\n status: \"fail\" as const,\n message: `Path traversal detected: \"${file}\" resolves outside the project directory`,\n };\n }\n\n try {\n await fs.access(realPath);\n } catch {\n return {\n status: \"fail\" as const,\n message: `Required file not found: ${file}`,\n };\n }\n\n return {\n status: \"pass\" as const,\n message: `${file} exists`,\n };\n });\n\n results.push(result);\n }\n\n return results;\n };\n}\n","import { execCommand, isCommandAllowed, timedCheck } from \"../utils/system.js\";\nimport type { CheckResult, CommandConfig } from \"../types.js\";\n\n/**\n * Executes custom shell commands and optionally matches output\n * against an expected string.\n *\n * Security: Commands not on the safe allowlist are SKIPPED unless\n * the user explicitly passes --trust-commands. This prevents a\n * malicious config file from executing arbitrary code on a\n * developer's machine during onboarding (clone + npx stackaudit check).\n */\nexport function checkCommands(\n commandsConfig: CommandConfig[],\n trustCommands: boolean = false,\n): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n\n for (const cmdDef of commandsConfig) {\n const label = cmdDef.cmd.length > 40\n ? cmdDef.cmd.slice(0, 37) + \"...\"\n : cmdDef.cmd;\n\n // Gate: refuse to execute untrusted commands without explicit consent\n if (!trustCommands && !isCommandAllowed(cmdDef.cmd)) {\n results.push({\n name: `Command: ${label}`,\n status: \"skip\",\n message:\n `Skipped untrusted command: \"${cmdDef.cmd}\". ` +\n `Use --trust-commands to allow execution of custom commands.`,\n duration: 0,\n });\n continue;\n }\n\n const result = await timedCheck(`Command: ${label}`, async () => {\n let stdout: string;\n try {\n stdout = await execCommand(cmdDef.cmd);\n } catch (error) {\n const msg =\n cmdDef.errorMsg ??\n `Command failed: \"${cmdDef.cmd}\" — ${error instanceof Error ? error.message : String(error)}`;\n return { status: \"fail\" as const, message: msg };\n }\n\n if (cmdDef.match && !stdout.includes(cmdDef.match)) {\n const msg =\n cmdDef.errorMsg ??\n `Output of \"${cmdDef.cmd}\" does not contain \"${cmdDef.match}\"`;\n return { status: \"fail\" as const, message: msg };\n }\n\n return {\n status: \"pass\" as const,\n message: cmdDef.match\n ? `\"${cmdDef.cmd}\" output contains \"${cmdDef.match}\"`\n : `\"${cmdDef.cmd}\" executed successfully`,\n };\n });\n\n results.push(result);\n }\n\n return results;\n };\n}\n","import type { CheckerFn, ChecksConfig } from \"../types.js\";\nimport { checkNodeVersion } from \"./nodeVersion.js\";\nimport { checkNpmVersion } from \"./npmVersion.js\";\nimport { checkEnvVars } from \"./envVars.js\";\nimport { checkPorts } from \"./ports.js\";\nimport { checkFiles } from \"./files.js\";\nimport { checkCommands } from \"./commands.js\";\n\nexport interface PipelineOptions {\n trustCommands: boolean;\n}\n\n/**\n * Builds the checker pipeline based on the config.\n * Only registers checkers for keys that are present in the config,\n * so users only run what they declare.\n */\nexport function buildCheckerPipeline(\n checks: ChecksConfig,\n options: PipelineOptions = { trustCommands: false },\n): CheckerFn[] {\n const pipeline: CheckerFn[] = [];\n\n if (checks.node) {\n pipeline.push(checkNodeVersion(checks.node));\n }\n\n if (checks.npm) {\n pipeline.push(checkNpmVersion(checks.npm));\n }\n\n if (checks.files && checks.files.length > 0) {\n pipeline.push(checkFiles(checks.files));\n }\n\n if (checks.env) {\n pipeline.push(checkEnvVars(checks.env));\n }\n\n if (checks.ports && checks.ports.length > 0) {\n pipeline.push(checkPorts(checks.ports));\n }\n\n if (checks.commands && checks.commands.length > 0) {\n pipeline.push(checkCommands(checks.commands, options.trustCommands));\n }\n\n return pipeline;\n}\n","import type {\n AuditReport,\n CheckerFn,\n CheckResult,\n StackAuditConfig,\n} from \"../types.js\";\nimport { buildCheckerPipeline, type PipelineOptions } from \"../checks/index.js\";\n\n/**\n * Executes all configured checkers in parallel and aggregates results.\n *\n * Uses Promise.allSettled to ensure every checker runs to completion\n * regardless of individual failures — the \"Fail Efficiently\" principle.\n */\nexport async function runAudit(\n config: StackAuditConfig,\n options: PipelineOptions = { trustCommands: false },\n): Promise<AuditReport> {\n const checkers: CheckerFn[] = buildCheckerPipeline(config.checks, options);\n\n const settled = await Promise.allSettled(\n checkers.map((checker) => checker()),\n );\n\n const results: CheckResult[] = [];\n\n for (const outcome of settled) {\n if (outcome.status === \"fulfilled\") {\n results.push(...outcome.value);\n } else {\n results.push({\n name: \"Unknown Check\",\n status: \"fail\",\n message:\n outcome.reason instanceof Error\n ? outcome.reason.message\n : String(outcome.reason),\n duration: 0,\n });\n }\n }\n\n // Single-pass summary instead of 4x .filter() iterations\n const summary = { passed: 0, failed: 0, warned: 0, skipped: 0, total: results.length };\n for (const r of results) {\n switch (r.status) {\n case \"pass\": summary.passed++; break;\n case \"fail\": summary.failed++; break;\n case \"warn\": summary.warned++; break;\n case \"skip\": summary.skipped++; break;\n }\n }\n\n return {\n projectName: config.projectName,\n timestamp: new Date(),\n results,\n summary,\n };\n}\n","import chalk from \"chalk\";\nimport boxen from \"boxen\";\nimport type { AuditReport, CheckResult, CLIOptions } from \"../types.js\";\n\nconst STATUS_ICONS: Record<string, string> = {\n pass: chalk.green(\"✔\"),\n fail: chalk.red(\"✖\"),\n warn: chalk.yellow(\"⚠\"),\n skip: chalk.gray(\"○\"),\n};\n\nexport function formatCheckResult(result: CheckResult, verbose: boolean): string {\n const icon = STATUS_ICONS[result.status];\n const duration = chalk.gray(`(${result.duration}ms)`);\n const name = result.status === \"fail\" ? chalk.red(result.name) : result.name;\n\n // In non-verbose mode, hide passing checks' messages for a cleaner output\n if (!verbose && result.status === \"pass\") {\n return ` ${icon} ${name} ${duration}`;\n }\n\n return ` ${icon} ${name} ${duration}\\n ${chalk.gray(result.message)}`;\n}\n\nexport function formatReport(report: AuditReport, options: Pick<CLIOptions, \"verbose\" | \"json\">): string {\n if (options.json) {\n return JSON.stringify({\n projectName: report.projectName,\n timestamp: report.timestamp.toISOString(),\n results: report.results,\n summary: report.summary,\n }, null, 2);\n }\n\n const lines: string[] = [];\n\n lines.push(\"\");\n for (const result of report.results) {\n lines.push(formatCheckResult(result, options.verbose));\n }\n lines.push(\"\");\n\n const { passed, failed, warned, skipped, total } = report.summary;\n\n const summaryParts = [\n chalk.green(`${passed} passed`),\n failed > 0 ? chalk.red(`${failed} failed`) : null,\n warned > 0 ? chalk.yellow(`${warned} warnings`) : null,\n skipped > 0 ? chalk.gray(`${skipped} skipped`) : null,\n ]\n .filter(Boolean)\n .join(chalk.gray(\" · \"));\n\n const summaryLine = `${summaryParts} ${chalk.gray(`(${total} checks)`)}`;\n\n const elapsed = report.results.reduce((sum, r) => sum + r.duration, 0);\n\n const header =\n failed > 0\n ? chalk.red.bold(\"stackAudit — FAIL\")\n : chalk.green.bold(\"stackAudit — PASS\");\n\n const boxContent = [\n header,\n chalk.gray(`Project: ${report.projectName}`),\n \"\",\n summaryLine,\n chalk.gray(`Done in ${elapsed}ms`),\n ].join(\"\\n\");\n\n lines.push(\n boxen(boxContent, {\n padding: 1,\n margin: { top: 0, bottom: 0, left: 1, right: 1 },\n borderColor: failed > 0 ? \"red\" : \"green\",\n borderStyle: \"round\",\n }),\n );\n\n return lines.join(\"\\n\");\n}\n\nexport function logError(message: string): void {\n console.error(chalk.red.bold(\"Error:\"), message);\n}\n\nexport function logInfo(message: string): void {\n console.log(chalk.blue(\"ℹ\"), message);\n}\n\nexport function logSuccess(message: string): void {\n console.log(chalk.green(\"✔\"), message);\n}\n\nexport function logWarn(message: string): void {\n console.log(chalk.yellow(\"⚠\"), message);\n}\n","import { access, readFile, writeFile } from \"node:fs/promises\";\nimport { basename, resolve } from \"node:path\";\nimport { logError, logInfo, logSuccess, logWarn } from \"../utils/logger.js\";\nimport { execCommand } from \"../utils/system.js\";\nimport type { ChecksConfig } from \"../types.js\";\n\nconst CONFIG_FILENAME = \"stackAudit.config.json\";\n\ninterface InitOptions {\n detect: boolean;\n}\n\n/**\n * Probes for a command and returns its version, or null if not found.\n */\nasync function probeToolVersion(cmd: string): Promise<string | null> {\n try {\n const output = await execCommand(cmd);\n return output.trim();\n } catch {\n return null;\n }\n}\n\n/**\n * Detects common project files in the current directory.\n */\nasync function detectFiles(candidates: string[]): Promise<string[]> {\n const found: string[] = [];\n for (const file of candidates) {\n try {\n await access(resolve(process.cwd(), file));\n found.push(file);\n } catch {\n // not present\n }\n }\n return found;\n}\n\n/**\n * Tries to read the project name from package.json.\n */\nasync function detectProjectName(): Promise<string> {\n try {\n const raw = await readFile(resolve(process.cwd(), \"package.json\"), \"utf-8\");\n const pkg = JSON.parse(raw);\n if (typeof pkg.name === \"string\" && pkg.name.length > 0) {\n return pkg.name;\n }\n } catch {\n // ignore\n }\n return basename(process.cwd());\n}\n\n/**\n * Builds a smart config by probing the local environment.\n */\nasync function buildDetectedConfig(): Promise<{ projectName: string; version: string; checks: ChecksConfig }> {\n const checks: ChecksConfig = {};\n\n // Detect Node.js\n const nodeVersion = await probeToolVersion(\"node --version\");\n if (nodeVersion) {\n const major = nodeVersion.replace(/^v/, \"\").split(\".\")[0];\n checks.node = `>=${major}.0.0`;\n logSuccess(`Detected Node.js ${nodeVersion} → requiring >=${major}.0.0`);\n }\n\n // Detect npm\n const npmVersion = await probeToolVersion(\"npm --version\");\n if (npmVersion) {\n const major = npmVersion.split(\".\")[0];\n checks.npm = `>=${major}.0.0`;\n logSuccess(`Detected npm ${npmVersion} → requiring >=${major}.0.0`);\n }\n\n // Detect common project files\n const commonFiles = [\n \"package.json\",\n \"docker-compose.yml\",\n \"docker-compose.yaml\",\n \"Dockerfile\",\n \"Makefile\",\n \".env.example\",\n \"tsconfig.json\",\n ];\n\n const foundFiles = await detectFiles(commonFiles);\n if (foundFiles.length > 0) {\n checks.files = foundFiles;\n logSuccess(`Detected ${foundFiles.length} project files: ${foundFiles.join(\", \")}`);\n }\n\n // Detect .env.example and extract required keys\n const envExamplePath = resolve(process.cwd(), \".env.example\");\n try {\n const content = await readFile(envExamplePath, \"utf-8\");\n const keys = content\n .split(\"\\n\")\n .map((line) => line.trim())\n .filter((line) => line && !line.startsWith(\"#\"))\n .map((line) => line.split(\"=\")[0].trim())\n .filter((key) => key.length > 0);\n\n if (keys.length > 0) {\n checks.env = {\n target: \".env\",\n example: \".env.example\",\n required: keys,\n };\n logSuccess(`Detected ${keys.length} env vars from .env.example: ${keys.join(\", \")}`);\n }\n } catch {\n // No .env.example\n }\n\n // Detect Docker\n const dockerVersion = await probeToolVersion(\"docker --version\");\n if (dockerVersion) {\n checks.commands = [\n {\n cmd: \"docker info\",\n match: \"Server Version\",\n errorMsg: \"Docker daemon is not running. Start Docker Desktop or the Docker service.\",\n },\n ];\n logSuccess(`Detected Docker → adding daemon check`);\n }\n\n const projectName = await detectProjectName();\n\n return {\n projectName,\n version: \"1.0.0\",\n checks,\n };\n}\n\n/**\n * Generates a stackAudit.config.json in the current directory.\n * With --detect, probes the local environment to auto-populate config.\n */\nexport async function initCommand(options: InitOptions): Promise<void> {\n const targetPath = resolve(process.cwd(), CONFIG_FILENAME);\n\n try {\n await access(targetPath);\n throw new Error(\n `${CONFIG_FILENAME} already exists in this directory. Delete it first to re-initialize.`,\n );\n } catch {\n // File does not exist — proceed\n }\n\n let config;\n\n if (options.detect) {\n logInfo(\"Scanning environment...\\n\");\n config = await buildDetectedConfig();\n\n if (Object.keys(config.checks).length === 0) {\n logWarn(\"No tools detected. Generating a minimal config.\");\n config.checks = { node: \">=18.0.0\" };\n }\n\n console.log(\"\");\n } else {\n config = {\n projectName: await detectProjectName(),\n version: \"1.0.0\",\n checks: {\n node: \">=18.0.0\",\n npm: \">=9.0.0\",\n files: [\"package.json\"],\n },\n };\n }\n\n try {\n const content = JSON.stringify(config, null, 2) + \"\\n\";\n await writeFile(targetPath, content, \"utf-8\");\n logSuccess(`Created ${CONFIG_FILENAME} — customize it for your project.`);\n } catch (error) {\n throw new Error(\n `Failed to write ${CONFIG_FILENAME}: ${error instanceof Error ? error.message : String(error)}`,\n );\n }\n}\n"],"mappings":";;;AAEA,SAAS,eAAe;;;ACFxB,OAAO,SAAS;;;ACAhB,SAAS,gBAAgB;AACzB,SAAS,eAAe;;;ACDxB,SAAS,SAAS;AAElB,IAAM,aAAa,EAAE,OAAO;AAAA,EAC1B,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK;AAAA,EACvC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACtB,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,KAAK;AAChD,CAAC;AAED,IAAM,YAAY,EAAE,OAAO;AAAA,EACzB,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACxB,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACzB,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,EAAE,IAAI,GAAG,iDAAiD;AAC/F,CAAC;AAED,IAAM,gBAAgB,EAAE,OAAO;AAAA,EAC7B,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACrB,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,UAAU,EAAE,OAAO,EAAE,SAAS;AAChC,CAAC;AAOD,IAAM,oBAAoB,EAAE,OAAO,EAAE,IAAI,GAAG,8BAA8B;AAE1E,IAAM,eAAe,EAClB,OAAO;AAAA,EACN,MAAM,kBAAkB,SAAS;AAAA,EACjC,KAAK,kBAAkB,SAAS;AAAA,EAChC,KAAK,UAAU,SAAS;AAAA,EACxB,OAAO,EAAE,MAAM,UAAU,EAAE,IAAI,GAAG,6BAA6B,EAAE,SAAS;AAAA,EAC1E,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,EAAE,IAAI,GAAG,6BAA6B,EAAE,SAAS;AAAA,EACjF,UAAU,EAAE,MAAM,aAAa,EAAE,IAAI,GAAG,gCAAgC,EAAE,SAAS;AACrF,CAAC,EACA;AAAA,EACC,CAAC,WAAW;AAGV,UAAM,UAAU,OAAO,SAAS;AAChC,UAAM,SAAS,OAAO,QAAQ;AAC9B,UAAM,SAAS,OAAO,QAAQ;AAC9B,UAAM,WAAW,OAAO,UAAU,UAAa,OAAO,MAAM,SAAS;AACrE,UAAM,WAAW,OAAO,UAAU,UAAa,OAAO,MAAM,SAAS;AACrE,UAAM,cAAc,OAAO,aAAa,UAAa,OAAO,SAAS,SAAS;AAE9E,WAAO,WAAW,UAAU,UAAU,YAAY,YAAY;AAAA,EAChE;AAAA,EACA,EAAE,SAAS,wCAAwC;AACrD;AAEK,IAAM,eAAe,EAAE,OAAO;AAAA,EACnC,aAAa,EAAE,OAAO,EAAE,IAAI,GAAG,yBAAyB;AAAA,EACxD,SAAS,EAAE,OAAO,EAAE,IAAI,GAAG,qBAAqB;AAAA,EAChD,QAAQ;AACV,CAAC;;;ADnDD,IAAM,sBAAsB;AAW5B,eAAsB,WACpB,YAC2B;AAC3B,QAAM,WAAW,QAAQ,QAAQ,IAAI,GAAG,cAAc,mBAAmB;AAEzE,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,SAAS,UAAU,OAAO;AAAA,EACxC,QAAQ;AACN,UAAM,IAAI;AAAA,MACR,0BAA0B,QAAQ;AAAA;AAAA,IAEpC;AAAA,EACF;AAEA,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,GAAG;AAAA,EACzB,QAAQ;AACN,UAAM,IAAI;AAAA,MACR,gCAAgC,QAAQ;AAAA;AAAA,IAE1C;AAAA,EACF;AAEA,QAAM,SAAS,aAAa,UAAU,MAAM;AAE5C,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OACzB,IAAI,CAAC,UAAU,OAAO,MAAM,KAAK,KAAK,GAAG,CAAC,KAAK,MAAM,OAAO,EAAE,EAC9D,KAAK,IAAI;AAEZ,UAAM,IAAI;AAAA,MACR,4BAA4B,QAAQ;AAAA,EAAM,MAAM;AAAA,IAClD;AAAA,EACF;AAEA,SAAO,OAAO;AAChB;;;AEtDA,OAAO,YAAY;;;ACAnB,SAAS,aAAa;AAetB,IAAM,wBAAwB;AAAA,EAC5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAKO,SAAS,iBAAiB,SAA0B;AACzD,QAAM,aAAa,QAAQ,KAAK;AAChC,SAAO,sBAAsB,KAAK,CAAC,YAAY,eAAe,OAAO;AACvE;AAWO,SAAS,aAAa,SAA2B;AACtD,QAAM,SAAmB,CAAC;AAC1B,MAAI,UAAU;AACd,MAAI,WAAW;AACf,MAAI,WAAW;AACf,MAAI,UAAU;AAEd,aAAW,QAAQ,SAAS;AAC1B,QAAI,SAAS;AACX,iBAAW;AACX,gBAAU;AACV;AAAA,IACF;AAEA,QAAI,SAAS,QAAQ,CAAC,UAAU;AAC9B,gBAAU;AACV;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,CAAC,UAAU;AAC7B,iBAAW,CAAC;AACZ;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,CAAC,UAAU;AAC7B,iBAAW,CAAC;AACZ;AAAA,IACF;AAEA,QAAI,KAAK,KAAK,IAAI,KAAK,CAAC,YAAY,CAAC,UAAU;AAC7C,UAAI,QAAQ,SAAS,GAAG;AACtB,eAAO,KAAK,OAAO;AACnB,kBAAU;AAAA,MACZ;AACA;AAAA,IACF;AAEA,eAAW;AAAA,EACb;AAEA,MAAI,QAAQ,SAAS,GAAG;AACtB,WAAO,KAAK,OAAO;AAAA,EACrB;AAEA,SAAO;AACT;AAYA,eAAsB,YAAY,SAAkC;AAClE,QAAM,SAAS,aAAa,OAAO;AAEnC,MAAI,OAAO,WAAW,GAAG;AACvB,UAAM,IAAI,MAAM,eAAe;AAAA,EACjC;AAEA,QAAM,CAAC,KAAK,GAAG,IAAI,IAAI;AAEvB,QAAM,SAAS,MAAM,MAAM,KAAK,MAAM;AAAA,IACpC,SAAS;AAAA,IACT,QAAQ;AAAA,EACV,CAAC;AAED,MAAI,OAAO,QAAQ;AACjB,UAAM,IAAI,MAAM,OAAO,UAAU,YAAY,OAAO,UAAU;AAAA,EAChE;AAEA,SAAO,OAAO;AAChB;AAMA,eAAsB,WACpB,MACA,IACsB;AACtB,QAAM,QAAQ,YAAY,IAAI;AAC9B,MAAI;AACF,UAAM,UAAU,MAAM,GAAG;AACzB,WAAO;AAAA,MACL;AAAA,MACA,GAAG;AAAA,MACH,UAAU,KAAK,MAAM,YAAY,IAAI,IAAI,KAAK;AAAA,IAChD;AAAA,EACF,SAAS,OAAO;AACd,WAAO;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,MACR,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,MAC9D,UAAU,KAAK,MAAM,YAAY,IAAI,IAAI,KAAK;AAAA,IAChD;AAAA,EACF;AACF;;;AD/IO,SAAS,iBAAiB,eAAqD;AACpF,SAAO,YAAY;AACjB,UAAM,SAAS,MAAM,WAAW,mBAAmB,YAAY;AAC7D,YAAM,UAAU,QAAQ;AACxB,YAAM,eAAe,OAAO,MAAM,OAAO;AAEzC,UAAI,CAAC,cAAc;AACjB,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,4CAA4C,OAAO;AAAA,QAC9D;AAAA,MACF;AAEA,UAAI,CAAC,OAAO,WAAW,aAAa,GAAG;AACrC,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,oCAAoC,aAAa;AAAA,QAC5D;AAAA,MACF;AAEA,UAAI,OAAO,UAAU,cAAc,aAAa,GAAG;AACjD,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,IAAI,YAAY,cAAc,aAAa;AAAA,QACtD;AAAA,MACF;AAEA,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,IAAI,YAAY,qBAAqB,aAAa;AAAA,MAC7D;AAAA,IACF,CAAC;AAED,WAAO,CAAC,MAAM;AAAA,EAChB;AACF;;;AE7CA,OAAOA,aAAY;AASZ,SAAS,gBAAgB,eAAqD;AACnF,SAAO,YAAY;AACjB,UAAM,SAAS,MAAM,WAAW,eAAe,YAAY;AACzD,YAAM,SAAS,MAAM,YAAY,eAAe;AAChD,YAAM,UAAUC,QAAO,MAAM,OAAO,KAAK,CAAC;AAE1C,UAAI,CAAC,SAAS;AACZ,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,6CAA6C,OAAO,KAAK,CAAC;AAAA,QACrE;AAAA,MACF;AAEA,UAAI,CAACA,QAAO,WAAW,aAAa,GAAG;AACrC,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,oCAAoC,aAAa;AAAA,QAC5D;AAAA,MACF;AAEA,UAAIA,QAAO,UAAU,SAAS,aAAa,GAAG;AAC5C,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,IAAI,OAAO,cAAc,aAAa;AAAA,QACjD;AAAA,MACF;AAEA,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,IAAI,OAAO,qBAAqB,aAAa;AAAA,MACxD;AAAA,IACF,CAAC;AAED,WAAO,CAAC,MAAM;AAAA,EAChB;AACF;;;AC5CA,SAAS,YAAAC,iBAAgB;AACzB,SAAS,WAAAC,UAAS,UAAU,kBAAkB;AAC9C,SAAS,SAAS,mBAAmB;AAc9B,SAAS,aAAa,WAAoD;AAC/E,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAChC,UAAM,MAAM,QAAQ,IAAI;AAGxB,QAAI,WAAW,UAAU,MAAM,GAAG;AAChC,cAAQ,KAAK;AAAA,QACX,MAAM,aAAa,UAAU,MAAM;AAAA,QACnC,QAAQ;AAAA,QACR,SAAS,mDAAmD,UAAU,MAAM;AAAA,QAC5E,UAAU;AAAA,MACZ,CAAC;AACD,aAAO;AAAA,IACT;AAEA,UAAM,aAAaC,SAAQ,KAAK,UAAU,MAAM;AAChD,UAAM,MAAM,SAAS,KAAK,UAAU;AACpC,QAAI,IAAI,WAAW,IAAI,GAAG;AACxB,cAAQ,KAAK;AAAA,QACX,MAAM,aAAa,UAAU,MAAM;AAAA,QACnC,QAAQ;AAAA,QACR,SAAS,6BAA6B,UAAU,MAAM;AAAA,QACtD,UAAU;AAAA,MACZ,CAAC;AACD,aAAO;AAAA,IACT;AAEA,QAAI,UAAkC,CAAC;AAEvC,UAAM,YAAY,MAAM,WAAW,aAAa,UAAU,MAAM,KAAK,YAAY;AAC/E,UAAI;AACJ,UAAI;AACF,kBAAU,MAAMC,UAAS,YAAY,OAAO;AAAA,MAC9C,QAAQ;AAEN,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,mBAAmB,UAAU,MAAM;AAAA,QAC9C;AAAA,MACF;AAEA,gBAAU,YAAY,OAAO;AAE7B,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,GAAG,UAAU,MAAM;AAAA,MAC9B;AAAA,IACF,CAAC;AAED,YAAQ,KAAK,SAAS;AAKtB,eAAW,OAAO,UAAU,UAAU;AACpC,YAAM,YAAY,MAAM,WAAW,QAAQ,GAAG,IAAI,YAAY;AAC5D,cAAM,QAAQ,QAAQ,GAAG,KAAK,QAAQ,IAAI,GAAG;AAE7C,YAAI,UAAU,QAAW;AACvB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,8BAA8B,GAAG,QAAQ,UAAU,MAAM;AAAA,UACpE;AAAA,QACF;AAEA,YAAI,MAAM,KAAK,MAAM,IAAI;AACvB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,aAAa,GAAG;AAAA,UAC3B;AAAA,QACF;AAEA,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,IAAI,GAAG;AAAA,QAClB;AAAA,MACF,CAAC;AAED,cAAQ,KAAK,SAAS;AAAA,IACxB;AAEA,WAAO;AAAA,EACT;AACF;;;ACpGA,SAAS,wBAAwB;AAIjC,IAAM,qBAAqB;AAM3B,SAAS,UAAU,MAAc,YAAoB,oBAAsC;AACzF,SAAO,IAAI,QAAQ,CAACC,aAAY;AAC9B,UAAM,SAAS,iBAAiB,EAAE,MAAM,MAAM,YAAY,CAAC;AAE3D,UAAM,QAAQ,WAAW,MAAM;AAC7B,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,GAAG,SAAS;AAEZ,WAAO,GAAG,WAAW,MAAM;AACzB,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,IAAI;AAAA,IACd,CAAC;AAED,WAAO,GAAG,SAAS,MAAM;AACvB,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH,CAAC;AACH;AAEO,SAAS,WAAW,aAAyD;AAClF,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAEhC,eAAW,WAAW,aAAa;AACjC,YAAM,SAAS,MAAM;AAAA,QACnB,QAAQ,QAAQ,IAAI,KAAK,QAAQ,IAAI;AAAA,QACrC,YAAY;AACV,gBAAM,SAAS,MAAM,UAAU,QAAQ,IAAI;AAE3C,cAAI,QAAQ;AACV,mBAAO;AAAA,cACL,QAAQ;AAAA,cACR,SAAS,GAAG,QAAQ,IAAI,qCAAqC,QAAQ,IAAI;AAAA,YAC3E;AAAA,UACF;AAEA,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,6BAA6B,QAAQ,IAAI,QAAQ,QAAQ,IAAI;AAAA,UACxE;AAAA,QACF;AAAA,MACF;AAEA,cAAQ,KAAK,MAAM;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;AC9DA,YAAY,QAAQ;AACpB,SAAS,WAAAC,UAAS,YAAAC,WAAU,cAAAC,mBAAkB;AAUvC,SAAS,WAAW,WAAmD;AAC5E,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAChC,UAAM,MAAM,QAAQ,IAAI;AAExB,eAAW,QAAQ,WAAW;AAC5B,YAAM,SAAS,MAAM,WAAW,SAAS,IAAI,IAAI,YAAY;AAE3D,YAAIC,YAAW,IAAI,GAAG;AACpB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,mDAAmD,IAAI;AAAA,UAClE;AAAA,QACF;AAEA,cAAM,WAAWC,SAAQ,KAAK,IAAI;AAClC,cAAM,WAAW,MAAS,YAAS,QAAQ;AAC3C,cAAM,MAAMC,UAAS,KAAK,QAAQ;AAClC,YAAI,IAAI,WAAW,IAAI,GAAG;AACxB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,6BAA6B,IAAI;AAAA,UAC5C;AAAA,QACF;AAEA,YAAI;AACF,gBAAS,UAAO,QAAQ;AAAA,QAC1B,QAAQ;AACN,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,4BAA4B,IAAI;AAAA,UAC3C;AAAA,QACF;AAEA,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,GAAG,IAAI;AAAA,QAClB;AAAA,MACF,CAAC;AAED,cAAQ,KAAK,MAAM;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;AC5CO,SAAS,cACd,gBACA,gBAAyB,OACK;AAC9B,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAEhC,eAAW,UAAU,gBAAgB;AACnC,YAAM,QAAQ,OAAO,IAAI,SAAS,KAC9B,OAAO,IAAI,MAAM,GAAG,EAAE,IAAI,QAC1B,OAAO;AAGX,UAAI,CAAC,iBAAiB,CAAC,iBAAiB,OAAO,GAAG,GAAG;AACnD,gBAAQ,KAAK;AAAA,UACX,MAAM,YAAY,KAAK;AAAA,UACvB,QAAQ;AAAA,UACR,SACE,+BAA+B,OAAO,GAAG;AAAA,UAE3C,UAAU;AAAA,QACZ,CAAC;AACD;AAAA,MACF;AAEA,YAAM,SAAS,MAAM,WAAW,YAAY,KAAK,IAAI,YAAY;AAC/D,YAAI;AACJ,YAAI;AACF,mBAAS,MAAM,YAAY,OAAO,GAAG;AAAA,QACvC,SAAS,OAAO;AACd,gBAAM,MACJ,OAAO,YACP,oBAAoB,OAAO,GAAG,YAAO,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAC7F,iBAAO,EAAE,QAAQ,QAAiB,SAAS,IAAI;AAAA,QACjD;AAEA,YAAI,OAAO,SAAS,CAAC,OAAO,SAAS,OAAO,KAAK,GAAG;AAClD,gBAAM,MACJ,OAAO,YACP,cAAc,OAAO,GAAG,uBAAuB,OAAO,KAAK;AAC7D,iBAAO,EAAE,QAAQ,QAAiB,SAAS,IAAI;AAAA,QACjD;AAEA,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,OAAO,QACZ,IAAI,OAAO,GAAG,sBAAsB,OAAO,KAAK,MAChD,IAAI,OAAO,GAAG;AAAA,QACpB;AAAA,MACF,CAAC;AAED,cAAQ,KAAK,MAAM;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;ACnDO,SAAS,qBACd,QACA,UAA2B,EAAE,eAAe,MAAM,GACrC;AACb,QAAM,WAAwB,CAAC;AAE/B,MAAI,OAAO,MAAM;AACf,aAAS,KAAK,iBAAiB,OAAO,IAAI,CAAC;AAAA,EAC7C;AAEA,MAAI,OAAO,KAAK;AACd,aAAS,KAAK,gBAAgB,OAAO,GAAG,CAAC;AAAA,EAC3C;AAEA,MAAI,OAAO,SAAS,OAAO,MAAM,SAAS,GAAG;AAC3C,aAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,OAAO,KAAK;AACd,aAAS,KAAK,aAAa,OAAO,GAAG,CAAC;AAAA,EACxC;AAEA,MAAI,OAAO,SAAS,OAAO,MAAM,SAAS,GAAG;AAC3C,aAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,OAAO,YAAY,OAAO,SAAS,SAAS,GAAG;AACjD,aAAS,KAAK,cAAc,OAAO,UAAU,QAAQ,aAAa,CAAC;AAAA,EACrE;AAEA,SAAO;AACT;;;AClCA,eAAsB,SACpB,QACA,UAA2B,EAAE,eAAe,MAAM,GAC5B;AACtB,QAAM,WAAwB,qBAAqB,OAAO,QAAQ,OAAO;AAEzE,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,SAAS,IAAI,CAAC,YAAY,QAAQ,CAAC;AAAA,EACrC;AAEA,QAAM,UAAyB,CAAC;AAEhC,aAAW,WAAW,SAAS;AAC7B,QAAI,QAAQ,WAAW,aAAa;AAClC,cAAQ,KAAK,GAAG,QAAQ,KAAK;AAAA,IAC/B,OAAO;AACL,cAAQ,KAAK;AAAA,QACX,MAAM;AAAA,QACN,QAAQ;AAAA,QACR,SACE,QAAQ,kBAAkB,QACtB,QAAQ,OAAO,UACf,OAAO,QAAQ,MAAM;AAAA,QAC3B,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAAA,EACF;AAGA,QAAM,UAAU,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,OAAO,QAAQ,OAAO;AACrF,aAAW,KAAK,SAAS;AACvB,YAAQ,EAAE,QAAQ;AAAA,MAChB,KAAK;AAAQ,gBAAQ;AAAU;AAAA,MAC/B,KAAK;AAAQ,gBAAQ;AAAU;AAAA,MAC/B,KAAK;AAAQ,gBAAQ;AAAU;AAAA,MAC/B,KAAK;AAAQ,gBAAQ;AAAW;AAAA,IAClC;AAAA,EACF;AAEA,SAAO;AAAA,IACL,aAAa,OAAO;AAAA,IACpB,WAAW,oBAAI,KAAK;AAAA,IACpB;AAAA,IACA;AAAA,EACF;AACF;;;AC3DA,OAAO,WAAW;AAClB,OAAO,WAAW;AAGlB,IAAM,eAAuC;AAAA,EAC3C,MAAM,MAAM,MAAM,QAAG;AAAA,EACrB,MAAM,MAAM,IAAI,QAAG;AAAA,EACnB,MAAM,MAAM,OAAO,QAAG;AAAA,EACtB,MAAM,MAAM,KAAK,QAAG;AACtB;AAEO,SAAS,kBAAkB,QAAqB,SAA0B;AAC/E,QAAM,OAAO,aAAa,OAAO,MAAM;AACvC,QAAM,WAAW,MAAM,KAAK,IAAI,OAAO,QAAQ,KAAK;AACpD,QAAM,OAAO,OAAO,WAAW,SAAS,MAAM,IAAI,OAAO,IAAI,IAAI,OAAO;AAGxE,MAAI,CAAC,WAAW,OAAO,WAAW,QAAQ;AACxC,WAAO,KAAK,IAAI,IAAI,IAAI,IAAI,QAAQ;AAAA,EACtC;AAEA,SAAO,KAAK,IAAI,IAAI,IAAI,IAAI,QAAQ;AAAA,MAAS,MAAM,KAAK,OAAO,OAAO,CAAC;AACzE;AAEO,SAAS,aAAa,QAAqB,SAAuD;AACvG,MAAI,QAAQ,MAAM;AAChB,WAAO,KAAK,UAAU;AAAA,MACpB,aAAa,OAAO;AAAA,MACpB,WAAW,OAAO,UAAU,YAAY;AAAA,MACxC,SAAS,OAAO;AAAA,MAChB,SAAS,OAAO;AAAA,IAClB,GAAG,MAAM,CAAC;AAAA,EACZ;AAEA,QAAM,QAAkB,CAAC;AAEzB,QAAM,KAAK,EAAE;AACb,aAAW,UAAU,OAAO,SAAS;AACnC,UAAM,KAAK,kBAAkB,QAAQ,QAAQ,OAAO,CAAC;AAAA,EACvD;AACA,QAAM,KAAK,EAAE;AAEb,QAAM,EAAE,QAAQ,QAAQ,QAAQ,SAAS,MAAM,IAAI,OAAO;AAE1D,QAAM,eAAe;AAAA,IACnB,MAAM,MAAM,GAAG,MAAM,SAAS;AAAA,IAC9B,SAAS,IAAI,MAAM,IAAI,GAAG,MAAM,SAAS,IAAI;AAAA,IAC7C,SAAS,IAAI,MAAM,OAAO,GAAG,MAAM,WAAW,IAAI;AAAA,IAClD,UAAU,IAAI,MAAM,KAAK,GAAG,OAAO,UAAU,IAAI;AAAA,EACnD,EACG,OAAO,OAAO,EACd,KAAK,MAAM,KAAK,QAAK,CAAC;AAEzB,QAAM,cAAc,GAAG,YAAY,IAAI,MAAM,KAAK,IAAI,KAAK,UAAU,CAAC;AAEtE,QAAM,UAAU,OAAO,QAAQ,OAAO,CAAC,KAAK,MAAM,MAAM,EAAE,UAAU,CAAC;AAErE,QAAM,SACJ,SAAS,IACL,MAAM,IAAI,KAAK,wBAAmB,IAClC,MAAM,MAAM,KAAK,wBAAmB;AAE1C,QAAM,aAAa;AAAA,IACjB;AAAA,IACA,MAAM,KAAK,YAAY,OAAO,WAAW,EAAE;AAAA,IAC3C;AAAA,IACA;AAAA,IACA,MAAM,KAAK,WAAW,OAAO,IAAI;AAAA,EACnC,EAAE,KAAK,IAAI;AAEX,QAAM;AAAA,IACJ,MAAM,YAAY;AAAA,MAChB,SAAS;AAAA,MACT,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,OAAO,EAAE;AAAA,MAC/C,aAAa,SAAS,IAAI,QAAQ;AAAA,MAClC,aAAa;AAAA,IACf,CAAC;AAAA,EACH;AAEA,SAAO,MAAM,KAAK,IAAI;AACxB;AAEO,SAAS,SAAS,SAAuB;AAC9C,UAAQ,MAAM,MAAM,IAAI,KAAK,QAAQ,GAAG,OAAO;AACjD;AAEO,SAAS,QAAQ,SAAuB;AAC7C,UAAQ,IAAI,MAAM,KAAK,QAAG,GAAG,OAAO;AACtC;AAEO,SAAS,WAAW,SAAuB;AAChD,UAAQ,IAAI,MAAM,MAAM,QAAG,GAAG,OAAO;AACvC;AAEO,SAAS,QAAQ,SAAuB;AAC7C,UAAQ,IAAI,MAAM,OAAO,QAAG,GAAG,OAAO;AACxC;;;AZjFA,eAAsB,aAAa,SAAoC;AACrE,QAAM,SAAS,QAAQ,MAAM,QAAQ;AACrC,QAAM,UAAU,SAAS,OAAO,IAAI,0BAA0B,EAAE,MAAM;AAEtE,MAAI;AACJ,MAAI;AACF,aAAS,MAAM,WAAW,QAAQ,MAAM;AACxC,aAAS,QAAQ,sBAAsB,OAAO,WAAW,GAAG;AAAA,EAC9D,SAAS,OAAO;AACd,aAAS,KAAK,qBAAqB;AACnC,aAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAC/D,YAAQ,WAAW;AACnB;AAAA,EACF;AAEA,WAAS,MAAM,mBAAmB;AAClC,QAAM,SAAS,MAAM,SAAS,QAAQ,EAAE,eAAe,QAAQ,cAAc,CAAC;AAC9E,WAAS,KAAK;AAEd,UAAQ,IAAI,aAAa,QAAQ,EAAE,SAAS,QAAQ,SAAS,MAAM,QAAQ,KAAK,CAAC,CAAC;AAElF,MAAI,OAAO,QAAQ,SAAS,GAAG;AAC7B,YAAQ,WAAW;AAAA,EACrB;AACF;;;AavCA,SAAS,UAAAC,SAAQ,YAAAC,WAAU,iBAAiB;AAC5C,SAAS,UAAU,WAAAC,gBAAe;AAKlC,IAAM,kBAAkB;AASxB,eAAe,iBAAiB,KAAqC;AACnE,MAAI;AACF,UAAM,SAAS,MAAM,YAAY,GAAG;AACpC,WAAO,OAAO,KAAK;AAAA,EACrB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKA,eAAe,YAAY,YAAyC;AAClE,QAAM,QAAkB,CAAC;AACzB,aAAW,QAAQ,YAAY;AAC7B,QAAI;AACF,YAAMC,QAAOC,SAAQ,QAAQ,IAAI,GAAG,IAAI,CAAC;AACzC,YAAM,KAAK,IAAI;AAAA,IACjB,QAAQ;AAAA,IAER;AAAA,EACF;AACA,SAAO;AACT;AAKA,eAAe,oBAAqC;AAClD,MAAI;AACF,UAAM,MAAM,MAAMC,UAASD,SAAQ,QAAQ,IAAI,GAAG,cAAc,GAAG,OAAO;AAC1E,UAAM,MAAM,KAAK,MAAM,GAAG;AAC1B,QAAI,OAAO,IAAI,SAAS,YAAY,IAAI,KAAK,SAAS,GAAG;AACvD,aAAO,IAAI;AAAA,IACb;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO,SAAS,QAAQ,IAAI,CAAC;AAC/B;AAKA,eAAe,sBAA+F;AAC5G,QAAM,SAAuB,CAAC;AAG9B,QAAM,cAAc,MAAM,iBAAiB,gBAAgB;AAC3D,MAAI,aAAa;AACf,UAAM,QAAQ,YAAY,QAAQ,MAAM,EAAE,EAAE,MAAM,GAAG,EAAE,CAAC;AACxD,WAAO,OAAO,KAAK,KAAK;AACxB,eAAW,oBAAoB,WAAW,uBAAkB,KAAK,MAAM;AAAA,EACzE;AAGA,QAAM,aAAa,MAAM,iBAAiB,eAAe;AACzD,MAAI,YAAY;AACd,UAAM,QAAQ,WAAW,MAAM,GAAG,EAAE,CAAC;AACrC,WAAO,MAAM,KAAK,KAAK;AACvB,eAAW,gBAAgB,UAAU,uBAAkB,KAAK,MAAM;AAAA,EACpE;AAGA,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,aAAa,MAAM,YAAY,WAAW;AAChD,MAAI,WAAW,SAAS,GAAG;AACzB,WAAO,QAAQ;AACf,eAAW,YAAY,WAAW,MAAM,mBAAmB,WAAW,KAAK,IAAI,CAAC,EAAE;AAAA,EACpF;AAGA,QAAM,iBAAiBA,SAAQ,QAAQ,IAAI,GAAG,cAAc;AAC5D,MAAI;AACF,UAAM,UAAU,MAAMC,UAAS,gBAAgB,OAAO;AACtD,UAAM,OAAO,QACV,MAAM,IAAI,EACV,IAAI,CAAC,SAAS,KAAK,KAAK,CAAC,EACzB,OAAO,CAAC,SAAS,QAAQ,CAAC,KAAK,WAAW,GAAG,CAAC,EAC9C,IAAI,CAAC,SAAS,KAAK,MAAM,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EACvC,OAAO,CAAC,QAAQ,IAAI,SAAS,CAAC;AAEjC,QAAI,KAAK,SAAS,GAAG;AACnB,aAAO,MAAM;AAAA,QACX,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AACA,iBAAW,YAAY,KAAK,MAAM,gCAAgC,KAAK,KAAK,IAAI,CAAC,EAAE;AAAA,IACrF;AAAA,EACF,QAAQ;AAAA,EAER;AAGA,QAAM,gBAAgB,MAAM,iBAAiB,kBAAkB;AAC/D,MAAI,eAAe;AACjB,WAAO,WAAW;AAAA,MAChB;AAAA,QACE,KAAK;AAAA,QACL,OAAO;AAAA,QACP,UAAU;AAAA,MACZ;AAAA,IACF;AACA,eAAW,4CAAuC;AAAA,EACpD;AAEA,QAAM,cAAc,MAAM,kBAAkB;AAE5C,SAAO;AAAA,IACL;AAAA,IACA,SAAS;AAAA,IACT;AAAA,EACF;AACF;AAMA,eAAsB,YAAY,SAAqC;AACrE,QAAM,aAAaD,SAAQ,QAAQ,IAAI,GAAG,eAAe;AAEzD,MAAI;AACF,UAAMD,QAAO,UAAU;AACvB,UAAM,IAAI;AAAA,MACR,GAAG,eAAe;AAAA,IACpB;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,MAAI;AAEJ,MAAI,QAAQ,QAAQ;AAClB,YAAQ,2BAA2B;AACnC,aAAS,MAAM,oBAAoB;AAEnC,QAAI,OAAO,KAAK,OAAO,MAAM,EAAE,WAAW,GAAG;AAC3C,cAAQ,iDAAiD;AACzD,aAAO,SAAS,EAAE,MAAM,WAAW;AAAA,IACrC;AAEA,YAAQ,IAAI,EAAE;AAAA,EAChB,OAAO;AACL,aAAS;AAAA,MACP,aAAa,MAAM,kBAAkB;AAAA,MACrC,SAAS;AAAA,MACT,QAAQ;AAAA,QACN,MAAM;AAAA,QACN,KAAK;AAAA,QACL,OAAO,CAAC,cAAc;AAAA,MACxB;AAAA,IACF;AAAA,EACF;AAEA,MAAI;AACF,UAAM,UAAU,KAAK,UAAU,QAAQ,MAAM,CAAC,IAAI;AAClD,UAAM,UAAU,YAAY,SAAS,OAAO;AAC5C,eAAW,WAAW,eAAe,wCAAmC;AAAA,EAC1E,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,mBAAmB,eAAe,KAAK,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,IAC/F;AAAA,EACF;AACF;;;AdvLA,IAAM,UAAU,IAAI,QAAQ;AAE5B,QACG,KAAK,YAAY,EACjB;AAAA,EACC;AACF,EACC,QAAQ,OAAO;AAElB,QACG,QAAQ,OAAO,EACf,YAAY,8DAA8D,EAC1E,OAAO,uBAAuB,uBAAuB,wBAAwB,EAC7E,OAAO,iBAAiB,uCAAuC,KAAK,EACpE,OAAO,QAAQ,4CAAuC,KAAK,EAC3D,OAAO,UAAU,yCAAyC,KAAK,EAC/D;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC,OAAO,OAAO,SAAS;AACtB,QAAM,aAAa;AAAA,IACjB,QAAQ,KAAK;AAAA,IACb,SAAS,KAAK;AAAA,IACd,IAAI,KAAK,MAAM,KAAK;AAAA,IACpB,MAAM,KAAK;AAAA,IACX,eAAe,KAAK;AAAA,EACtB,CAAC;AACH,CAAC;AAEH,QACG,QAAQ,MAAM,EACd,YAAY,oEAAoE,EAChF,OAAO,gBAAgB,mDAAmD,KAAK,EAC/E,OAAO,OAAO,SAAS;AACtB,QAAM,YAAY,EAAE,QAAQ,KAAK,OAAO,CAAC;AAC3C,CAAC;AAEH,QAAQ,MAAM;","names":["semver","semver","readFile","resolve","resolve","readFile","resolve","resolve","relative","isAbsolute","isAbsolute","resolve","relative","access","readFile","resolve","access","resolve","readFile"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/commands/check.ts","../src/core/configLoader.ts","../src/schemas/config.schema.ts","../src/checks/nodeVersion.ts","../src/utils/system.ts","../src/checks/npmVersion.ts","../src/checks/envVars.ts","../src/checks/ports.ts","../src/checks/files.ts","../src/checks/commands.ts","../src/checks/index.ts","../src/core/runner.ts","../src/utils/logger.ts","../src/commands/init.ts"],"sourcesContent":["#!/usr/bin/env node\n\nimport { Command } from \"commander\";\nimport { checkCommand } from \"./commands/check.js\";\nimport { initCommand } from \"./commands/init.js\";\n\nconst program = new Command();\n\nprogram\n .name(\"stackaudit\")\n .description(\n \"Audit your development environment against a declarative configuration file.\",\n )\n .version(\"0.1.0\");\n\nprogram\n .command(\"check\")\n .description(\"Run all environment checks defined in stackAudit.config.json\")\n .option(\"-c, --config <path>\", \"Path to config file\", \"stackAudit.config.json\")\n .option(\"-v, --verbose\", \"Show detailed output for all checks\", false)\n .option(\"--ci\", \"CI mode — no spinners, plain output\", false)\n .option(\"--json\", \"Output results as JSON (implies --ci)\", false)\n .option(\n \"--trust-commands\",\n \"Allow execution of custom commands not on the safe allowlist\",\n false,\n )\n .action(async (opts) => {\n await checkCommand({\n config: opts.config,\n verbose: opts.verbose,\n ci: opts.ci || opts.json,\n json: opts.json,\n trustCommands: opts.trustCommands,\n });\n });\n\nprogram\n .command(\"init\")\n .description(\"Generate a starter stackAudit.config.json in the current directory\")\n .option(\"-d, --detect\", \"Auto-detect installed tools and populate config\", false)\n .action(async (opts) => {\n await initCommand({ detect: opts.detect });\n });\n\nprogram.parse();\n","import ora from \"ora\";\nimport { loadConfig } from \"../core/configLoader.js\";\nimport { runAudit } from \"../core/runner.js\";\nimport { formatReport, logError } from \"../utils/logger.js\";\nimport type { CLIOptions } from \"../types.js\";\n\n/**\n * The \"check\" command — main entry point for environment auditing.\n *\n * Flow:\n * 1. Load and validate config\n * 2. Run all checkers in parallel\n * 3. Render report (text, verbose, or JSON)\n * 4. Exit with appropriate code (using process.exitCode for clean flush)\n */\nexport async function checkCommand(options: CLIOptions): Promise<void> {\n const silent = options.ci || options.json;\n const spinner = silent ? null : ora(\"Loading configuration...\").start();\n\n let config;\n try {\n config = await loadConfig(options.config);\n spinner?.succeed(`Loaded config for \"${config.projectName}\"`);\n } catch (error) {\n spinner?.fail(\"Configuration error\");\n logError(error instanceof Error ? error.message : String(error));\n process.exitCode = 2;\n return;\n }\n\n spinner?.start(\"Running checks...\");\n const report = await runAudit(config, { trustCommands: options.trustCommands });\n spinner?.stop();\n\n console.log(formatReport(report, { verbose: options.verbose, json: options.json }));\n\n if (report.summary.failed > 0) {\n process.exitCode = 1;\n }\n}\n","import { readFile } from \"node:fs/promises\";\nimport { resolve } from \"node:path\";\nimport { configSchema } from \"../schemas/config.schema.js\";\nimport type { StackAuditConfig } from \"../types.js\";\n\nconst DEFAULT_CONFIG_FILE = \"stackAudit.config.json\";\n\n/**\n * Loads and validates the stackAudit configuration file.\n *\n * Flow:\n * 1. Resolve the config file path relative to CWD\n * 2. Read and parse as JSON\n * 3. Validate against the Zod schema\n * 4. Return the typed config or throw with actionable errors\n */\nexport async function loadConfig(\n configPath?: string,\n): Promise<StackAuditConfig> {\n const filePath = resolve(process.cwd(), configPath ?? DEFAULT_CONFIG_FILE);\n\n let raw: string;\n try {\n raw = await readFile(filePath, \"utf-8\");\n } catch {\n throw new Error(\n `Config file not found: ${filePath}\\n` +\n `Run \"stackaudit init\" to create one, or use --config to specify a path.`,\n );\n }\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n throw new Error(\n `Invalid JSON in config file: ${filePath}\\n` +\n `Check for trailing commas or syntax errors.`,\n );\n }\n\n const result = configSchema.safeParse(parsed);\n\n if (!result.success) {\n const issues = result.error.issues\n .map((issue) => ` - ${issue.path.join(\".\")}: ${issue.message}`)\n .join(\"\\n\");\n\n throw new Error(\n `Invalid configuration in ${filePath}:\\n${issues}`,\n );\n }\n\n return result.data as StackAuditConfig;\n}\n","import { z } from \"zod\";\n\nconst portSchema = z.object({\n port: z.number().int().min(1).max(65535),\n name: z.string().min(1),\n type: z.enum([\"tcp\"]).optional().default(\"tcp\"),\n});\n\nconst envSchema = z.object({\n target: z.string().min(1),\n example: z.string().min(1),\n required: z.array(z.string().min(1)).min(1, \"At least one required env var must be specified\"),\n});\n\nconst commandSchema = z.object({\n cmd: z.string().min(1),\n match: z.string().optional(),\n errorMsg: z.string().optional(),\n});\n\n/**\n * Semver range string — validates that the value is a non-empty string\n * that semver can interpret. Prevents empty strings from bypassing\n * the \"at least one check\" refinement while producing zero actual checks.\n */\nconst semverRangeString = z.string().min(1, \"Semver range cannot be empty\");\n\nconst checksSchema = z\n .object({\n node: semverRangeString.optional(),\n npm: semverRangeString.optional(),\n env: envSchema.optional(),\n ports: z.array(portSchema).min(1, \"Ports array cannot be empty\").optional(),\n files: z.array(z.string().min(1)).min(1, \"Files array cannot be empty\").optional(),\n commands: z.array(commandSchema).min(1, \"Commands array cannot be empty\").optional(),\n })\n .refine(\n (checks) => {\n // Count checks that actually produce work — excludes undefined keys\n // and explicitly guards against the \"empty config = exit 0\" false positive.\n const hasNode = checks.node !== undefined;\n const hasNpm = checks.npm !== undefined;\n const hasEnv = checks.env !== undefined;\n const hasPorts = checks.ports !== undefined && checks.ports.length > 0;\n const hasFiles = checks.files !== undefined && checks.files.length > 0;\n const hasCommands = checks.commands !== undefined && checks.commands.length > 0;\n\n return hasNode || hasNpm || hasEnv || hasPorts || hasFiles || hasCommands;\n },\n { message: \"At least one check must be configured\" },\n );\n\nexport const configSchema = z.object({\n projectName: z\n .string()\n .min(1, \"projectName is required\")\n .regex(/^[\\w\\-.@/ ]+$/, \"projectName contains invalid characters (ANSI/control sequences not allowed)\"),\n version: z.string().min(1, \"version is required\"),\n checks: checksSchema,\n});\n\nexport type ConfigSchemaInput = z.input<typeof configSchema>;\nexport type ConfigSchemaOutput = z.output<typeof configSchema>;\n","import semver from \"semver\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Validates that the current Node.js version satisfies\n * the semver range specified in the config.\n *\n * Uses process.version directly — no subprocess needed.\n */\nexport function checkNodeVersion(requiredRange: string): () => Promise<CheckResult[]> {\n return async () => {\n const result = await timedCheck(\"Node.js Version\", async () => {\n const current = process.version;\n const cleanCurrent = semver.clean(current);\n\n if (!cleanCurrent) {\n return {\n status: \"fail\" as const,\n message: `Could not parse current Node.js version: ${current}`,\n };\n }\n\n if (!semver.validRange(requiredRange)) {\n return {\n status: \"fail\" as const,\n message: `Invalid semver range in config: \"${requiredRange}\"`,\n };\n }\n\n if (semver.satisfies(cleanCurrent, requiredRange)) {\n return {\n status: \"pass\" as const,\n message: `v${cleanCurrent} satisfies ${requiredRange}`,\n };\n }\n\n return {\n status: \"fail\" as const,\n message: `v${cleanCurrent} does not satisfy ${requiredRange}`,\n };\n });\n\n return [result];\n };\n}\n","import { execa } from \"execa\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Allowlist of commands considered safe for automatic execution.\n * Commands not on this list require explicit user consent via --trust-commands.\n *\n * Only commands that read system state (version checks, service status)\n * belong here. Never add commands that modify state (rm, mv, curl, wget, etc).\n */\n/**\n * Only EXACT read-only commands belong here.\n * NEVER add bare tool names like \"node\", \"npm\", \"npx\" — they allow\n * arbitrary code execution (e.g. `node -e`, `npx evil-pkg`, `npm exec`).\n */\nconst SAFE_COMMAND_PREFIXES = [\n \"node --version\",\n \"node -v\",\n \"npm --version\",\n \"npm -v\",\n \"docker info\",\n \"docker --version\",\n \"docker compose version\",\n \"git --version\",\n \"python --version\",\n \"python3 --version\",\n \"ruby --version\",\n \"java --version\",\n \"javac --version\",\n \"go version\",\n \"rustc --version\",\n \"cargo --version\",\n];\n\n/**\n * Checks if a command is on the safe allowlist.\n */\nexport function isCommandAllowed(command: string): boolean {\n const normalized = command.trim().toLowerCase();\n return SAFE_COMMAND_PREFIXES.some((safeCmd) => normalized === safeCmd.toLowerCase());\n}\n\n/**\n * Parses a command string into [executable, ...args] respecting\n * single and double quotes.\n *\n * \"grep 'Server Version' file.log\" → [\"grep\", \"Server Version\", \"file.log\"]\n * \"echo \\\"hello world\\\"\" → [\"echo\", \"hello world\"]\n *\n * This avoids the naive split(/\\s+/) which breaks quoted arguments.\n */\nexport function parseCommand(command: string): string[] {\n const tokens: string[] = [];\n let current = \"\";\n let inSingle = false;\n let inDouble = false;\n let escaped = false;\n\n for (const char of command) {\n if (escaped) {\n current += char;\n escaped = false;\n continue;\n }\n\n if (char === \"\\\\\" && !inSingle) {\n escaped = true;\n continue;\n }\n\n if (char === \"'\" && !inDouble) {\n inSingle = !inSingle;\n continue;\n }\n\n if (char === '\"' && !inSingle) {\n inDouble = !inDouble;\n continue;\n }\n\n if (/\\s/.test(char) && !inSingle && !inDouble) {\n if (current.length > 0) {\n tokens.push(current);\n current = \"\";\n }\n continue;\n }\n\n current += char;\n }\n\n if (current.length > 0) {\n tokens.push(current);\n }\n\n return tokens;\n}\n\n/**\n * Executes a shell command and returns its stdout.\n * Throws if the command fails or is not found.\n *\n * Uses a proper token parser instead of naive split, so quoted\n * arguments like \"grep 'Server Version' file\" work correctly.\n *\n * Shell operators (|, >, &&, ;) are NOT interpreted because execa\n * runs without shell: true. This is a security feature.\n */\nexport async function execCommand(command: string): Promise<string> {\n const tokens = parseCommand(command);\n\n if (tokens.length === 0) {\n throw new Error(\"Empty command\");\n }\n\n const [cmd, ...args] = tokens;\n\n const result = await execa(cmd, args, {\n timeout: 10_000,\n reject: false,\n shell: process.platform === \"win32\",\n });\n\n if (result.failed) {\n throw new Error(result.stderr || `Command \"${command}\" failed`);\n }\n\n return result.stdout;\n}\n\n/**\n * Measures the execution time of an async check function.\n * Wraps exceptions into a fail CheckResult so the runner never crashes.\n */\nexport async function timedCheck(\n name: string,\n fn: () => Promise<Omit<CheckResult, \"name\" | \"duration\">>,\n): Promise<CheckResult> {\n const start = performance.now();\n try {\n const partial = await fn();\n return {\n name,\n ...partial,\n duration: Math.round(performance.now() - start),\n };\n } catch (error) {\n return {\n name,\n status: \"fail\",\n message: error instanceof Error ? error.message : String(error),\n duration: Math.round(performance.now() - start),\n };\n }\n}\n","import semver from \"semver\";\nimport { execCommand, timedCheck } from \"../utils/system.js\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Validates that the installed npm version satisfies\n * the semver range from config. Requires shelling out\n * since npm version is not available on process.\n */\nexport function checkNpmVersion(requiredRange: string): () => Promise<CheckResult[]> {\n return async () => {\n const result = await timedCheck(\"npm Version\", async () => {\n const stdout = await execCommand(\"npm --version\");\n const current = semver.clean(stdout.trim());\n\n if (!current) {\n return {\n status: \"fail\" as const,\n message: `Could not parse npm version from output: \"${stdout.trim()}\"`,\n };\n }\n\n if (!semver.validRange(requiredRange)) {\n return {\n status: \"fail\" as const,\n message: `Invalid semver range in config: \"${requiredRange}\"`,\n };\n }\n\n if (semver.satisfies(current, requiredRange)) {\n return {\n status: \"pass\" as const,\n message: `v${current} satisfies ${requiredRange}`,\n };\n }\n\n return {\n status: \"fail\" as const,\n message: `v${current} does not satisfy ${requiredRange}`,\n };\n });\n\n return [result];\n };\n}\n","import { readFile, realpath, stat } from \"node:fs/promises\";\nimport { resolve, relative, isAbsolute } from \"node:path\";\nimport { parse as dotenvParse } from \"dotenv\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult, EnvConfig } from \"../types.js\";\n\n/**\n * Validates environment variables following the \"Closed Eyes\" principle:\n * - Checks if required keys EXIST in the target .env file\n * - Checks if values are NON-EMPTY\n * - NEVER logs or exposes the actual secret values\n *\n * Security: Rejects env.target paths that resolve outside CWD.\n * Uses dotenv.parse() instead of dotenv.config() to avoid\n * injecting values into process.env as a side-effect.\n */\nexport function checkEnvVars(envConfig: EnvConfig): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n const cwd = process.cwd();\n\n // Path traversal guard\n if (isAbsolute(envConfig.target)) {\n results.push({\n name: `Env File (${envConfig.target})`,\n status: \"fail\",\n message: `Absolute paths are not allowed for env.target: \"${envConfig.target}\"`,\n duration: 0,\n });\n return results;\n }\n\n const targetPath = resolve(cwd, envConfig.target);\n let envKeys: Record<string, string> = {};\n\n let fileResult = await timedCheck(`Env File (${envConfig.target})`, async () => {\n let actualPath: string;\n try {\n actualPath = await realpath(targetPath);\n } catch (err: any) {\n // Here we handle if the file does not exist locally OR if it's a broken sysmlink\n if (err.code === \"ENOENT\") {\n const rel = relative(cwd, targetPath);\n if (rel.startsWith(\"..\")) {\n return {\n status: \"fail\" as const,\n message: `Path traversal detected: \"${envConfig.target}\" resolves outside the project directory`,\n };\n }\n return {\n status: \"fail\" as const, // The test explicitly expects \"fails when .env file is missing\", meaning a fail result.\n message: `File not found: ${envConfig.target} (Using process.env)`,\n };\n }\n return { status: \"fail\" as const, message: `Failed to resolve realpath: ${envConfig.target}` };\n }\n\n try {\n const fileStat = await stat(actualPath);\n if (!fileStat.isFile()) {\n return {\n status: \"fail\" as const,\n message: `Invalid file type: ${envConfig.target} is not a regular file`,\n };\n }\n } catch {\n // Fallback CI/CD\n return { status: \"fail\" as const, message: `File not found...` };\n }\n\n const rel = relative(cwd, actualPath); // VALIDADO SOBRE REALPATH!\n if (rel.startsWith(\"..\")) {\n return {\n status: \"fail\" as const,\n message: `Path traversal detected: \"${envConfig.target}\" resolves outside the project directory`,\n };\n }\n\n let content: string;\n try {\n content = await readFile(actualPath, \"utf-8\");\n } catch {\n return { status: \"fail\" as const, message: `Failed to read file: ${envConfig.target}` };\n }\n\n envKeys = dotenvParse(content);\n\n return {\n status: \"pass\" as const,\n message: `${envConfig.target} loaded successfully`,\n };\n });\n\n results.push(fileResult);\n\n // If file status is fail and it's because it was not found, the original implementation just pushed the fail (or pass depending on CI/CD mode) but proceeded.\n // Wait, let's look at the original code carefully: if the file reading failed, it returned a 'pass' and the loop proceeded. But the test \"fails when .env file is missing\" implies the test expects a fast failure for the whole suite or just the file check fails and returns immediately?\n // Let me check the original behavior below...\n\n if (fileResult.status === \"fail\") {\n return results;\n }\n\n for (const key of envConfig.required) {\n const keyResult = await timedCheck(`Env: ${key}`, async () => {\n const value = envKeys[key] ?? process.env[key];\n\n if (value === undefined) {\n return {\n status: \"fail\" as const,\n message: `Missing required variable \"${key}\" in ${envConfig.target} and process.env`,\n };\n }\n\n if (value.trim() === \"\") {\n return {\n status: \"fail\" as const,\n message: `Variable \"${key}\" exists but is empty`,\n };\n }\n\n return {\n status: \"pass\" as const,\n message: `\"${key}\" is set (value hidden)`,\n };\n });\n\n results.push(keyResult);\n }\n\n return results;\n };\n}\n","import { createConnection } from \"node:net\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult, PortConfig } from \"../types.js\";\n\nconst DEFAULT_TIMEOUT_MS = 3000;\n\n/**\n * Checks if a TCP port is accepting connections on localhost.\n * Uses a raw TCP socket with a timeout — no data is sent.\n */\nfunction probePort(port: number, timeoutMs: number = DEFAULT_TIMEOUT_MS): Promise<boolean> {\n return new Promise((resolve) => {\n const socket = createConnection({ port, host: \"127.0.0.1\" });\n\n const timer = setTimeout(() => {\n socket.destroy();\n resolve(false);\n }, timeoutMs);\n\n socket.on(\"connect\", () => {\n clearTimeout(timer);\n socket.destroy();\n resolve(true);\n });\n\n socket.on(\"error\", () => {\n clearTimeout(timer);\n socket.destroy();\n resolve(false);\n });\n });\n}\n\nexport function checkPorts(portsConfig: PortConfig[]): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n\n for (const portDef of portsConfig) {\n const result = await timedCheck(\n `Port ${portDef.port} (${portDef.name})`,\n async () => {\n const isOpen = await probePort(portDef.port);\n\n if (isOpen) {\n return {\n status: \"pass\" as const,\n message: `${portDef.name} is accepting connections on port ${portDef.port}`,\n };\n }\n\n return {\n status: \"fail\" as const,\n message: `Nothing listening on port ${portDef.port}. Is ${portDef.name} running?`,\n };\n },\n );\n\n results.push(result);\n }\n\n return results;\n };\n}\n","import * as fs from \"node:fs/promises\";\nimport { resolve, relative, isAbsolute } from \"node:path\";\nimport { timedCheck } from \"../utils/system.js\";\nimport type { CheckResult } from \"../types.js\";\n\n/**\n * Checks that all required files exist in the project directory.\n *\n * Security: Rejects paths that resolve outside the CWD to prevent\n * a malicious config from probing the filesystem (e.g. \"../../etc/passwd\").\n */\nexport function checkFiles(filesList: string[]): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n const cwd = process.cwd();\n\n for (const file of filesList) {\n const result = await timedCheck(`File: ${file}`, async () => {\n // Reject absolute paths outright\n if (isAbsolute(file)) {\n return {\n status: \"fail\" as const,\n message: `Absolute paths are not allowed in file checks: \"${file}\"`,\n };\n }\n\n const filePath = resolve(cwd, file);\n let realPath: string;\n try {\n realPath = await fs.realpath(filePath);\n } catch (err: any) {\n if (err.code === \"ENOENT\") {\n // Check if the traversal target string actually had traversal in it\n const relPath = relative(cwd, filePath);\n if (relPath.startsWith(\"..\")) {\n return {\n status: \"fail\" as const,\n message: `Path traversal detected: \"${file}\" resolves outside the project directory`,\n };\n }\n return {\n status: \"fail\" as const,\n message: `Required file not found: ${file}`,\n };\n }\n return {\n status: \"fail\" as const,\n message: `Required file not found: ${file} Error: ${err.message}`,\n };\n }\n\n const rel = relative(cwd, realPath);\n if (rel.startsWith(\"..\")) {\n return {\n status: \"fail\" as const,\n message: `Path traversal detected: \"${file}\" resolves outside the project directory`,\n };\n }\n\n try {\n await fs.access(realPath);\n } catch {\n return {\n status: \"fail\" as const,\n message: `Required file not found: ${file}`,\n };\n }\n\n return {\n status: \"pass\" as const,\n message: `${file} exists`,\n };\n });\n\n results.push(result);\n }\n\n return results;\n };\n}\n","import { execCommand, isCommandAllowed, timedCheck } from \"../utils/system.js\";\nimport type { CheckResult, CommandConfig } from \"../types.js\";\n\n/**\n * Executes custom shell commands and optionally matches output\n * against an expected string.\n *\n * Security: Commands not on the safe allowlist are SKIPPED unless\n * the user explicitly passes --trust-commands. This prevents a\n * malicious config file from executing arbitrary code on a\n * developer's machine during onboarding (clone + npx stackaudit check).\n */\nexport function checkCommands(\n commandsConfig: CommandConfig[],\n trustCommands: boolean = false,\n): () => Promise<CheckResult[]> {\n return async () => {\n const results: CheckResult[] = [];\n\n for (const cmdDef of commandsConfig) {\n const label = cmdDef.cmd.length > 40\n ? cmdDef.cmd.slice(0, 37) + \"...\"\n : cmdDef.cmd;\n\n // Gate: refuse to execute untrusted commands without explicit consent\n if (!trustCommands && !isCommandAllowed(cmdDef.cmd)) {\n results.push({\n name: `Command: ${label}`,\n status: \"skip\",\n message:\n `Skipped untrusted command: \"${cmdDef.cmd}\". ` +\n `Use --trust-commands to allow execution of custom commands.`,\n duration: 0,\n });\n continue;\n }\n\n const result = await timedCheck(`Command: ${label}`, async () => {\n let stdout: string;\n try {\n stdout = await execCommand(cmdDef.cmd);\n } catch (error) {\n const msg =\n cmdDef.errorMsg ??\n `Command failed: \"${cmdDef.cmd}\" — ${error instanceof Error ? error.message : String(error)}`;\n return { status: \"fail\" as const, message: msg };\n }\n\n if (cmdDef.match && !stdout.includes(cmdDef.match)) {\n const msg =\n cmdDef.errorMsg ??\n `Output of \"${cmdDef.cmd}\" does not contain \"${cmdDef.match}\"`;\n return { status: \"fail\" as const, message: msg };\n }\n\n return {\n status: \"pass\" as const,\n message: cmdDef.match\n ? `\"${cmdDef.cmd}\" output contains \"${cmdDef.match}\"`\n : `\"${cmdDef.cmd}\" executed successfully`,\n };\n });\n\n results.push(result);\n }\n\n return results;\n };\n}\n","import type { CheckerFn, ChecksConfig } from \"../types.js\";\nimport { checkNodeVersion } from \"./nodeVersion.js\";\nimport { checkNpmVersion } from \"./npmVersion.js\";\nimport { checkEnvVars } from \"./envVars.js\";\nimport { checkPorts } from \"./ports.js\";\nimport { checkFiles } from \"./files.js\";\nimport { checkCommands } from \"./commands.js\";\n\nexport interface PipelineOptions {\n trustCommands: boolean;\n}\n\n/**\n * Builds the checker pipeline based on the config.\n * Only registers checkers for keys that are present in the config,\n * so users only run what they declare.\n */\nexport function buildCheckerPipeline(\n checks: ChecksConfig,\n options: PipelineOptions = { trustCommands: false },\n): CheckerFn[] {\n const pipeline: CheckerFn[] = [];\n\n if (checks.node) {\n pipeline.push(checkNodeVersion(checks.node));\n }\n\n if (checks.npm) {\n pipeline.push(checkNpmVersion(checks.npm));\n }\n\n if (checks.files && checks.files.length > 0) {\n pipeline.push(checkFiles(checks.files));\n }\n\n if (checks.env) {\n pipeline.push(checkEnvVars(checks.env));\n }\n\n if (checks.ports && checks.ports.length > 0) {\n pipeline.push(checkPorts(checks.ports));\n }\n\n if (checks.commands && checks.commands.length > 0) {\n pipeline.push(checkCommands(checks.commands, options.trustCommands));\n }\n\n return pipeline;\n}\n","import type {\n AuditReport,\n CheckerFn,\n CheckResult,\n StackAuditConfig,\n} from \"../types.js\";\nimport { buildCheckerPipeline, type PipelineOptions } from \"../checks/index.js\";\n\n/**\n * Executes all configured checkers in parallel and aggregates results.\n *\n * Uses Promise.allSettled to ensure every checker runs to completion\n * regardless of individual failures — the \"Fail Efficiently\" principle.\n */\nexport async function runAudit(\n config: StackAuditConfig,\n options: PipelineOptions = { trustCommands: false },\n): Promise<AuditReport> {\n const checkers: CheckerFn[] = buildCheckerPipeline(config.checks, options);\n\n const settled = await Promise.allSettled(\n checkers.map((checker) => checker()),\n );\n\n const results: CheckResult[] = [];\n\n for (const outcome of settled) {\n if (outcome.status === \"fulfilled\") {\n results.push(...outcome.value);\n } else {\n results.push({\n name: \"Unknown Check\",\n status: \"fail\",\n message:\n outcome.reason instanceof Error\n ? outcome.reason.message\n : String(outcome.reason),\n duration: 0,\n });\n }\n }\n\n // Single-pass summary instead of 4x .filter() iterations\n const summary = { passed: 0, failed: 0, warned: 0, skipped: 0, total: results.length };\n for (const r of results) {\n switch (r.status) {\n case \"pass\": summary.passed++; break;\n case \"fail\": summary.failed++; break;\n case \"warn\": summary.warned++; break;\n case \"skip\": summary.skipped++; break;\n }\n }\n\n return {\n projectName: config.projectName,\n timestamp: new Date(),\n results,\n summary,\n };\n}\n","import chalk from \"chalk\";\nimport boxen from \"boxen\";\nimport type { AuditReport, CheckResult, CLIOptions } from \"../types.js\";\n\nconst STATUS_ICONS: Record<string, string> = {\n pass: chalk.green(\"✔\"),\n fail: chalk.red(\"✖\"),\n warn: chalk.yellow(\"⚠\"),\n skip: chalk.gray(\"○\"),\n};\n\nexport function formatCheckResult(result: CheckResult, verbose: boolean): string {\n const icon = STATUS_ICONS[result.status];\n const duration = chalk.gray(`(${result.duration}ms)`);\n const name = result.status === \"fail\" ? chalk.red(result.name) : result.name;\n\n // In non-verbose mode, hide passing checks' messages for a cleaner output\n if (!verbose && result.status === \"pass\") {\n return ` ${icon} ${name} ${duration}`;\n }\n\n return ` ${icon} ${name} ${duration}\\n ${chalk.gray(result.message)}`;\n}\n\nexport function formatReport(report: AuditReport, options: Pick<CLIOptions, \"verbose\" | \"json\">): string {\n if (options.json) {\n return JSON.stringify({\n projectName: report.projectName,\n timestamp: report.timestamp.toISOString(),\n results: report.results,\n summary: report.summary,\n }, null, 2);\n }\n\n const lines: string[] = [];\n\n lines.push(\"\");\n for (const result of report.results) {\n lines.push(formatCheckResult(result, options.verbose));\n }\n lines.push(\"\");\n\n const { passed, failed, warned, skipped, total } = report.summary;\n\n const summaryParts = [\n chalk.green(`${passed} passed`),\n failed > 0 ? chalk.red(`${failed} failed`) : null,\n warned > 0 ? chalk.yellow(`${warned} warnings`) : null,\n skipped > 0 ? chalk.gray(`${skipped} skipped`) : null,\n ]\n .filter(Boolean)\n .join(chalk.gray(\" · \"));\n\n const summaryLine = `${summaryParts} ${chalk.gray(`(${total} checks)`)}`;\n\n const elapsed = report.results.reduce((sum, r) => sum + r.duration, 0);\n\n const header =\n failed > 0\n ? chalk.red.bold(\"stackAudit — FAIL\")\n : chalk.green.bold(\"stackAudit — PASS\");\n\n const boxContent = [\n header,\n chalk.gray(`Project: ${report.projectName}`),\n \"\",\n summaryLine,\n chalk.gray(`Done in ${elapsed}ms`),\n ].join(\"\\n\");\n\n lines.push(\n boxen(boxContent, {\n padding: 1,\n margin: { top: 0, bottom: 0, left: 1, right: 1 },\n borderColor: failed > 0 ? \"red\" : \"green\",\n borderStyle: \"round\",\n }),\n );\n\n return lines.join(\"\\n\");\n}\n\nexport function logError(message: string): void {\n console.error(chalk.red.bold(\"Error:\"), message);\n}\n\nexport function logInfo(message: string): void {\n console.log(chalk.blue(\"ℹ\"), message);\n}\n\nexport function logSuccess(message: string): void {\n console.log(chalk.green(\"✔\"), message);\n}\n\nexport function logWarn(message: string): void {\n console.log(chalk.yellow(\"⚠\"), message);\n}\n","import { access, open, readFile, writeFile } from \"node:fs/promises\";\nimport { basename, resolve } from \"node:path\";\nimport { logError, logInfo, logSuccess, logWarn } from \"../utils/logger.js\";\nimport { execCommand } from \"../utils/system.js\";\nimport type { ChecksConfig } from \"../types.js\";\n\nconst CONFIG_FILENAME = \"stackAudit.config.json\";\n\ninterface InitOptions {\n detect: boolean;\n}\n\n/**\n * Probes for a command and returns its version, or null if not found.\n */\nasync function probeToolVersion(cmd: string): Promise<string | null> {\n try {\n const output = await execCommand(cmd);\n return output.trim();\n } catch {\n return null;\n }\n}\n\n/**\n * Detects common project files in the current directory.\n */\nasync function detectFiles(candidates: string[]): Promise<string[]> {\n const found: string[] = [];\n for (const file of candidates) {\n try {\n await access(resolve(process.cwd(), file));\n found.push(file);\n } catch {\n // not present\n }\n }\n return found;\n}\n\n/**\n * Tries to read the project name from package.json.\n */\nasync function detectProjectName(): Promise<string> {\n try {\n const raw = await readFile(resolve(process.cwd(), \"package.json\"), \"utf-8\");\n const pkg = JSON.parse(raw);\n if (typeof pkg.name === \"string\" && pkg.name.length > 0) {\n return pkg.name;\n }\n } catch {\n // ignore\n }\n return basename(process.cwd());\n}\n\n/**\n * Builds a smart config by probing the local environment.\n */\nasync function buildDetectedConfig(): Promise<{ projectName: string; version: string; checks: ChecksConfig }> {\n const checks: ChecksConfig = {};\n\n // Detect Node.js\n const nodeVersion = await probeToolVersion(\"node --version\");\n if (nodeVersion) {\n const major = nodeVersion.replace(/^v/, \"\").split(\".\")[0];\n checks.node = `>=${major}.0.0`;\n logSuccess(`Detected Node.js ${nodeVersion} → requiring >=${major}.0.0`);\n }\n\n // Detect npm\n const npmVersion = await probeToolVersion(\"npm --version\");\n if (npmVersion) {\n const major = npmVersion.split(\".\")[0];\n checks.npm = `>=${major}.0.0`;\n logSuccess(`Detected npm ${npmVersion} → requiring >=${major}.0.0`);\n }\n\n // Detect common project files\n const commonFiles = [\n \"package.json\",\n \"docker-compose.yml\",\n \"docker-compose.yaml\",\n \"Dockerfile\",\n \"Makefile\",\n \".env.example\",\n \"tsconfig.json\",\n ];\n\n const foundFiles = await detectFiles(commonFiles);\n if (foundFiles.length > 0) {\n checks.files = foundFiles;\n logSuccess(`Detected ${foundFiles.length} project files: ${foundFiles.join(\", \")}`);\n }\n\n // Detect .env.example and extract required keys\n const envExamplePath = resolve(process.cwd(), \".env.example\");\n try {\n const content = await readFile(envExamplePath, \"utf-8\");\n const keys = content\n .split(\"\\n\")\n .map((line) => line.trim())\n .filter((line) => line && !line.startsWith(\"#\"))\n .map((line) => line.split(\"=\")[0].trim())\n .filter((key) => key.length > 0);\n\n if (keys.length > 0) {\n checks.env = {\n target: \".env\",\n example: \".env.example\",\n required: keys,\n };\n logSuccess(`Detected ${keys.length} env vars from .env.example: ${keys.join(\", \")}`);\n }\n } catch {\n // No .env.example\n }\n\n // Detect Docker\n const dockerVersion = await probeToolVersion(\"docker --version\");\n if (dockerVersion) {\n checks.commands = [\n {\n cmd: \"docker info\",\n match: \"Server Version\",\n errorMsg: \"Docker daemon is not running. Start Docker Desktop or the Docker service.\",\n },\n ];\n logSuccess(`Detected Docker → adding daemon check`);\n }\n\n const projectName = await detectProjectName();\n\n return {\n projectName,\n version: \"1.0.0\",\n checks,\n };\n}\n\n/**\n * Generates a stackAudit.config.json in the current directory.\n * With --detect, probes the local environment to auto-populate config.\n */\nexport async function initCommand(options: InitOptions): Promise<void> {\n const targetPath = resolve(process.cwd(), CONFIG_FILENAME);\n\n let config;\n\n if (options.detect) {\n logInfo(\"Scanning environment...\\n\");\n config = await buildDetectedConfig();\n\n if (Object.keys(config.checks).length === 0) {\n logWarn(\"No tools detected. Generating a minimal config.\");\n config.checks = { node: \">=18.0.0\" };\n }\n\n console.log(\"\");\n } else {\n config = {\n projectName: await detectProjectName(),\n version: \"1.0.0\",\n checks: {\n node: \">=18.0.0\",\n npm: \">=9.0.0\",\n files: [\"package.json\"],\n },\n };\n }\n\n try {\n const content = JSON.stringify(config, null, 2) + \"\\n\";\n const fileHandle = await open(targetPath, \"wx\");\n await fileHandle.writeFile(content, \"utf-8\");\n await fileHandle.close();\n logSuccess(`Created ${CONFIG_FILENAME} — customize it for your project.`);\n } catch (error: any) {\n if (error.code === \"EEXIST\") {\n throw new Error(\n `${CONFIG_FILENAME} already exists in this directory. Delete it first to re-initialize.`,\n );\n }\n throw new Error(\n `Failed to write ${CONFIG_FILENAME}: ${error instanceof Error ? error.message : String(error)}`,\n );\n }\n}\n"],"mappings":";;;AAEA,SAAS,eAAe;;;ACFxB,OAAO,SAAS;;;ACAhB,SAAS,gBAAgB;AACzB,SAAS,eAAe;;;ACDxB,SAAS,SAAS;AAElB,IAAM,aAAa,EAAE,OAAO;AAAA,EAC1B,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK;AAAA,EACvC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACtB,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,KAAK;AAChD,CAAC;AAED,IAAM,YAAY,EAAE,OAAO;AAAA,EACzB,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACxB,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACzB,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,EAAE,IAAI,GAAG,iDAAiD;AAC/F,CAAC;AAED,IAAM,gBAAgB,EAAE,OAAO;AAAA,EAC7B,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACrB,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,UAAU,EAAE,OAAO,EAAE,SAAS;AAChC,CAAC;AAOD,IAAM,oBAAoB,EAAE,OAAO,EAAE,IAAI,GAAG,8BAA8B;AAE1E,IAAM,eAAe,EAClB,OAAO;AAAA,EACN,MAAM,kBAAkB,SAAS;AAAA,EACjC,KAAK,kBAAkB,SAAS;AAAA,EAChC,KAAK,UAAU,SAAS;AAAA,EACxB,OAAO,EAAE,MAAM,UAAU,EAAE,IAAI,GAAG,6BAA6B,EAAE,SAAS;AAAA,EAC1E,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,EAAE,IAAI,GAAG,6BAA6B,EAAE,SAAS;AAAA,EACjF,UAAU,EAAE,MAAM,aAAa,EAAE,IAAI,GAAG,gCAAgC,EAAE,SAAS;AACrF,CAAC,EACA;AAAA,EACC,CAAC,WAAW;AAGV,UAAM,UAAU,OAAO,SAAS;AAChC,UAAM,SAAS,OAAO,QAAQ;AAC9B,UAAM,SAAS,OAAO,QAAQ;AAC9B,UAAM,WAAW,OAAO,UAAU,UAAa,OAAO,MAAM,SAAS;AACrE,UAAM,WAAW,OAAO,UAAU,UAAa,OAAO,MAAM,SAAS;AACrE,UAAM,cAAc,OAAO,aAAa,UAAa,OAAO,SAAS,SAAS;AAE9E,WAAO,WAAW,UAAU,UAAU,YAAY,YAAY;AAAA,EAChE;AAAA,EACA,EAAE,SAAS,wCAAwC;AACrD;AAEK,IAAM,eAAe,EAAE,OAAO;AAAA,EACnC,aAAa,EACV,OAAO,EACP,IAAI,GAAG,yBAAyB,EAChC,MAAM,iBAAiB,8EAA8E;AAAA,EACxG,SAAS,EAAE,OAAO,EAAE,IAAI,GAAG,qBAAqB;AAAA,EAChD,QAAQ;AACV,CAAC;;;ADtDD,IAAM,sBAAsB;AAW5B,eAAsB,WACpB,YAC2B;AAC3B,QAAM,WAAW,QAAQ,QAAQ,IAAI,GAAG,cAAc,mBAAmB;AAEzE,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,SAAS,UAAU,OAAO;AAAA,EACxC,QAAQ;AACN,UAAM,IAAI;AAAA,MACR,0BAA0B,QAAQ;AAAA;AAAA,IAEpC;AAAA,EACF;AAEA,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,GAAG;AAAA,EACzB,QAAQ;AACN,UAAM,IAAI;AAAA,MACR,gCAAgC,QAAQ;AAAA;AAAA,IAE1C;AAAA,EACF;AAEA,QAAM,SAAS,aAAa,UAAU,MAAM;AAE5C,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OACzB,IAAI,CAAC,UAAU,OAAO,MAAM,KAAK,KAAK,GAAG,CAAC,KAAK,MAAM,OAAO,EAAE,EAC9D,KAAK,IAAI;AAEZ,UAAM,IAAI;AAAA,MACR,4BAA4B,QAAQ;AAAA,EAAM,MAAM;AAAA,IAClD;AAAA,EACF;AAEA,SAAO,OAAO;AAChB;;;AEtDA,OAAO,YAAY;;;ACAnB,SAAS,aAAa;AAetB,IAAM,wBAAwB;AAAA,EAC5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAKO,SAAS,iBAAiB,SAA0B;AACzD,QAAM,aAAa,QAAQ,KAAK,EAAE,YAAY;AAC9C,SAAO,sBAAsB,KAAK,CAAC,YAAY,eAAe,QAAQ,YAAY,CAAC;AACrF;AAWO,SAAS,aAAa,SAA2B;AACtD,QAAM,SAAmB,CAAC;AAC1B,MAAI,UAAU;AACd,MAAI,WAAW;AACf,MAAI,WAAW;AACf,MAAI,UAAU;AAEd,aAAW,QAAQ,SAAS;AAC1B,QAAI,SAAS;AACX,iBAAW;AACX,gBAAU;AACV;AAAA,IACF;AAEA,QAAI,SAAS,QAAQ,CAAC,UAAU;AAC9B,gBAAU;AACV;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,CAAC,UAAU;AAC7B,iBAAW,CAAC;AACZ;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,CAAC,UAAU;AAC7B,iBAAW,CAAC;AACZ;AAAA,IACF;AAEA,QAAI,KAAK,KAAK,IAAI,KAAK,CAAC,YAAY,CAAC,UAAU;AAC7C,UAAI,QAAQ,SAAS,GAAG;AACtB,eAAO,KAAK,OAAO;AACnB,kBAAU;AAAA,MACZ;AACA;AAAA,IACF;AAEA,eAAW;AAAA,EACb;AAEA,MAAI,QAAQ,SAAS,GAAG;AACtB,WAAO,KAAK,OAAO;AAAA,EACrB;AAEA,SAAO;AACT;AAYA,eAAsB,YAAY,SAAkC;AAClE,QAAM,SAAS,aAAa,OAAO;AAEnC,MAAI,OAAO,WAAW,GAAG;AACvB,UAAM,IAAI,MAAM,eAAe;AAAA,EACjC;AAEA,QAAM,CAAC,KAAK,GAAG,IAAI,IAAI;AAEvB,QAAM,SAAS,MAAM,MAAM,KAAK,MAAM;AAAA,IACpC,SAAS;AAAA,IACT,QAAQ;AAAA,IACR,OAAO,QAAQ,aAAa;AAAA,EAC9B,CAAC;AAED,MAAI,OAAO,QAAQ;AACjB,UAAM,IAAI,MAAM,OAAO,UAAU,YAAY,OAAO,UAAU;AAAA,EAChE;AAEA,SAAO,OAAO;AAChB;AAMA,eAAsB,WACpB,MACA,IACsB;AACtB,QAAM,QAAQ,YAAY,IAAI;AAC9B,MAAI;AACF,UAAM,UAAU,MAAM,GAAG;AACzB,WAAO;AAAA,MACL;AAAA,MACA,GAAG;AAAA,MACH,UAAU,KAAK,MAAM,YAAY,IAAI,IAAI,KAAK;AAAA,IAChD;AAAA,EACF,SAAS,OAAO;AACd,WAAO;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,MACR,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,MAC9D,UAAU,KAAK,MAAM,YAAY,IAAI,IAAI,KAAK;AAAA,IAChD;AAAA,EACF;AACF;;;ADhJO,SAAS,iBAAiB,eAAqD;AACpF,SAAO,YAAY;AACjB,UAAM,SAAS,MAAM,WAAW,mBAAmB,YAAY;AAC7D,YAAM,UAAU,QAAQ;AACxB,YAAM,eAAe,OAAO,MAAM,OAAO;AAEzC,UAAI,CAAC,cAAc;AACjB,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,4CAA4C,OAAO;AAAA,QAC9D;AAAA,MACF;AAEA,UAAI,CAAC,OAAO,WAAW,aAAa,GAAG;AACrC,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,oCAAoC,aAAa;AAAA,QAC5D;AAAA,MACF;AAEA,UAAI,OAAO,UAAU,cAAc,aAAa,GAAG;AACjD,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,IAAI,YAAY,cAAc,aAAa;AAAA,QACtD;AAAA,MACF;AAEA,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,IAAI,YAAY,qBAAqB,aAAa;AAAA,MAC7D;AAAA,IACF,CAAC;AAED,WAAO,CAAC,MAAM;AAAA,EAChB;AACF;;;AE7CA,OAAOA,aAAY;AASZ,SAAS,gBAAgB,eAAqD;AACnF,SAAO,YAAY;AACjB,UAAM,SAAS,MAAM,WAAW,eAAe,YAAY;AACzD,YAAM,SAAS,MAAM,YAAY,eAAe;AAChD,YAAM,UAAUC,QAAO,MAAM,OAAO,KAAK,CAAC;AAE1C,UAAI,CAAC,SAAS;AACZ,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,6CAA6C,OAAO,KAAK,CAAC;AAAA,QACrE;AAAA,MACF;AAEA,UAAI,CAACA,QAAO,WAAW,aAAa,GAAG;AACrC,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,oCAAoC,aAAa;AAAA,QAC5D;AAAA,MACF;AAEA,UAAIA,QAAO,UAAU,SAAS,aAAa,GAAG;AAC5C,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,IAAI,OAAO,cAAc,aAAa;AAAA,QACjD;AAAA,MACF;AAEA,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,IAAI,OAAO,qBAAqB,aAAa;AAAA,MACxD;AAAA,IACF,CAAC;AAED,WAAO,CAAC,MAAM;AAAA,EAChB;AACF;;;AC5CA,SAAS,YAAAC,WAAU,UAAU,YAAY;AACzC,SAAS,WAAAC,UAAS,UAAU,kBAAkB;AAC9C,SAAS,SAAS,mBAAmB;AAc9B,SAAS,aAAa,WAAoD;AAC/E,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAChC,UAAM,MAAM,QAAQ,IAAI;AAGxB,QAAI,WAAW,UAAU,MAAM,GAAG;AAChC,cAAQ,KAAK;AAAA,QACX,MAAM,aAAa,UAAU,MAAM;AAAA,QACnC,QAAQ;AAAA,QACR,SAAS,mDAAmD,UAAU,MAAM;AAAA,QAC5E,UAAU;AAAA,MACZ,CAAC;AACD,aAAO;AAAA,IACT;AAEA,UAAM,aAAaC,SAAQ,KAAK,UAAU,MAAM;AAChD,QAAI,UAAkC,CAAC;AAEvC,QAAI,aAAa,MAAM,WAAW,aAAa,UAAU,MAAM,KAAK,YAAY;AAC9E,UAAI;AACJ,UAAI;AACF,qBAAa,MAAM,SAAS,UAAU;AAAA,MACxC,SAAS,KAAU;AAEjB,YAAI,IAAI,SAAS,UAAU;AACzB,gBAAMC,OAAM,SAAS,KAAK,UAAU;AACpC,cAAIA,KAAI,WAAW,IAAI,GAAG;AACxB,mBAAO;AAAA,cACL,QAAQ;AAAA,cACR,SAAS,6BAA6B,UAAU,MAAM;AAAA,YACxD;AAAA,UACF;AACA,iBAAO;AAAA,YACL,QAAQ;AAAA;AAAA,YACR,SAAS,mBAAmB,UAAU,MAAM;AAAA,UAC9C;AAAA,QACF;AACA,eAAO,EAAE,QAAQ,QAAiB,SAAS,+BAA+B,UAAU,MAAM,GAAG;AAAA,MAC/F;AAEA,UAAI;AACF,cAAM,WAAW,MAAM,KAAK,UAAU;AACtC,YAAI,CAAC,SAAS,OAAO,GAAG;AACtB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,sBAAsB,UAAU,MAAM;AAAA,UACjD;AAAA,QACF;AAAA,MACF,QAAQ;AAEN,eAAO,EAAE,QAAQ,QAAiB,SAAS,oBAAoB;AAAA,MACjE;AAEA,YAAM,MAAM,SAAS,KAAK,UAAU;AACpC,UAAI,IAAI,WAAW,IAAI,GAAG;AACxB,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,6BAA6B,UAAU,MAAM;AAAA,QACxD;AAAA,MACF;AAEA,UAAI;AACJ,UAAI;AACF,kBAAU,MAAMC,UAAS,YAAY,OAAO;AAAA,MAC9C,QAAQ;AACN,eAAO,EAAE,QAAQ,QAAiB,SAAS,wBAAwB,UAAU,MAAM,GAAG;AAAA,MACxF;AAEA,gBAAU,YAAY,OAAO;AAE7B,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,GAAG,UAAU,MAAM;AAAA,MAC9B;AAAA,IACF,CAAC;AAED,YAAQ,KAAK,UAAU;AAMvB,QAAI,WAAW,WAAW,QAAQ;AAChC,aAAO;AAAA,IACT;AAEA,eAAW,OAAO,UAAU,UAAU;AACpC,YAAM,YAAY,MAAM,WAAW,QAAQ,GAAG,IAAI,YAAY;AAC5D,cAAM,QAAQ,QAAQ,GAAG,KAAK,QAAQ,IAAI,GAAG;AAE7C,YAAI,UAAU,QAAW;AACvB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,8BAA8B,GAAG,QAAQ,UAAU,MAAM;AAAA,UACpE;AAAA,QACF;AAEA,YAAI,MAAM,KAAK,MAAM,IAAI;AACvB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,aAAa,GAAG;AAAA,UAC3B;AAAA,QACF;AAEA,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,IAAI,GAAG;AAAA,QAClB;AAAA,MACF,CAAC;AAED,cAAQ,KAAK,SAAS;AAAA,IACxB;AAEA,WAAO;AAAA,EACT;AACF;;;ACpIA,SAAS,wBAAwB;AAIjC,IAAM,qBAAqB;AAM3B,SAAS,UAAU,MAAc,YAAoB,oBAAsC;AACzF,SAAO,IAAI,QAAQ,CAACC,aAAY;AAC9B,UAAM,SAAS,iBAAiB,EAAE,MAAM,MAAM,YAAY,CAAC;AAE3D,UAAM,QAAQ,WAAW,MAAM;AAC7B,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,GAAG,SAAS;AAEZ,WAAO,GAAG,WAAW,MAAM;AACzB,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,IAAI;AAAA,IACd,CAAC;AAED,WAAO,GAAG,SAAS,MAAM;AACvB,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH,CAAC;AACH;AAEO,SAAS,WAAW,aAAyD;AAClF,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAEhC,eAAW,WAAW,aAAa;AACjC,YAAM,SAAS,MAAM;AAAA,QACnB,QAAQ,QAAQ,IAAI,KAAK,QAAQ,IAAI;AAAA,QACrC,YAAY;AACV,gBAAM,SAAS,MAAM,UAAU,QAAQ,IAAI;AAE3C,cAAI,QAAQ;AACV,mBAAO;AAAA,cACL,QAAQ;AAAA,cACR,SAAS,GAAG,QAAQ,IAAI,qCAAqC,QAAQ,IAAI;AAAA,YAC3E;AAAA,UACF;AAEA,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,6BAA6B,QAAQ,IAAI,QAAQ,QAAQ,IAAI;AAAA,UACxE;AAAA,QACF;AAAA,MACF;AAEA,cAAQ,KAAK,MAAM;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;AC9DA,YAAY,QAAQ;AACpB,SAAS,WAAAC,UAAS,YAAAC,WAAU,cAAAC,mBAAkB;AAUvC,SAAS,WAAW,WAAmD;AAC5E,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAChC,UAAM,MAAM,QAAQ,IAAI;AAExB,eAAW,QAAQ,WAAW;AAC5B,YAAM,SAAS,MAAM,WAAW,SAAS,IAAI,IAAI,YAAY;AAE3D,YAAIC,YAAW,IAAI,GAAG;AACpB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,mDAAmD,IAAI;AAAA,UAClE;AAAA,QACF;AAEA,cAAM,WAAWC,SAAQ,KAAK,IAAI;AAClC,YAAI;AACJ,YAAI;AACF,qBAAW,MAAS,YAAS,QAAQ;AAAA,QACvC,SAAS,KAAU;AACjB,cAAI,IAAI,SAAS,UAAU;AAEzB,kBAAM,UAAUC,UAAS,KAAK,QAAQ;AACtC,gBAAI,QAAQ,WAAW,IAAI,GAAG;AAC5B,qBAAO;AAAA,gBACL,QAAQ;AAAA,gBACR,SAAS,6BAA6B,IAAI;AAAA,cAC5C;AAAA,YACF;AACA,mBAAO;AAAA,cACL,QAAQ;AAAA,cACR,SAAS,4BAA4B,IAAI;AAAA,YAC3C;AAAA,UACF;AACA,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,4BAA4B,IAAI,WAAW,IAAI,OAAO;AAAA,UACjE;AAAA,QACF;AAEA,cAAM,MAAMA,UAAS,KAAK,QAAQ;AAClC,YAAI,IAAI,WAAW,IAAI,GAAG;AACxB,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,6BAA6B,IAAI;AAAA,UAC5C;AAAA,QACF;AAEA,YAAI;AACF,gBAAS,UAAO,QAAQ;AAAA,QAC1B,QAAQ;AACN,iBAAO;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,4BAA4B,IAAI;AAAA,UAC3C;AAAA,QACF;AAEA,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,GAAG,IAAI;AAAA,QAClB;AAAA,MACF,CAAC;AAED,cAAQ,KAAK,MAAM;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;ACnEO,SAAS,cACd,gBACA,gBAAyB,OACK;AAC9B,SAAO,YAAY;AACjB,UAAM,UAAyB,CAAC;AAEhC,eAAW,UAAU,gBAAgB;AACnC,YAAM,QAAQ,OAAO,IAAI,SAAS,KAC9B,OAAO,IAAI,MAAM,GAAG,EAAE,IAAI,QAC1B,OAAO;AAGX,UAAI,CAAC,iBAAiB,CAAC,iBAAiB,OAAO,GAAG,GAAG;AACnD,gBAAQ,KAAK;AAAA,UACX,MAAM,YAAY,KAAK;AAAA,UACvB,QAAQ;AAAA,UACR,SACE,+BAA+B,OAAO,GAAG;AAAA,UAE3C,UAAU;AAAA,QACZ,CAAC;AACD;AAAA,MACF;AAEA,YAAM,SAAS,MAAM,WAAW,YAAY,KAAK,IAAI,YAAY;AAC/D,YAAI;AACJ,YAAI;AACF,mBAAS,MAAM,YAAY,OAAO,GAAG;AAAA,QACvC,SAAS,OAAO;AACd,gBAAM,MACJ,OAAO,YACP,oBAAoB,OAAO,GAAG,YAAO,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAC7F,iBAAO,EAAE,QAAQ,QAAiB,SAAS,IAAI;AAAA,QACjD;AAEA,YAAI,OAAO,SAAS,CAAC,OAAO,SAAS,OAAO,KAAK,GAAG;AAClD,gBAAM,MACJ,OAAO,YACP,cAAc,OAAO,GAAG,uBAAuB,OAAO,KAAK;AAC7D,iBAAO,EAAE,QAAQ,QAAiB,SAAS,IAAI;AAAA,QACjD;AAEA,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,SAAS,OAAO,QACZ,IAAI,OAAO,GAAG,sBAAsB,OAAO,KAAK,MAChD,IAAI,OAAO,GAAG;AAAA,QACpB;AAAA,MACF,CAAC;AAED,cAAQ,KAAK,MAAM;AAAA,IACrB;AAEA,WAAO;AAAA,EACT;AACF;;;ACnDO,SAAS,qBACd,QACA,UAA2B,EAAE,eAAe,MAAM,GACrC;AACb,QAAM,WAAwB,CAAC;AAE/B,MAAI,OAAO,MAAM;AACf,aAAS,KAAK,iBAAiB,OAAO,IAAI,CAAC;AAAA,EAC7C;AAEA,MAAI,OAAO,KAAK;AACd,aAAS,KAAK,gBAAgB,OAAO,GAAG,CAAC;AAAA,EAC3C;AAEA,MAAI,OAAO,SAAS,OAAO,MAAM,SAAS,GAAG;AAC3C,aAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,OAAO,KAAK;AACd,aAAS,KAAK,aAAa,OAAO,GAAG,CAAC;AAAA,EACxC;AAEA,MAAI,OAAO,SAAS,OAAO,MAAM,SAAS,GAAG;AAC3C,aAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,OAAO,YAAY,OAAO,SAAS,SAAS,GAAG;AACjD,aAAS,KAAK,cAAc,OAAO,UAAU,QAAQ,aAAa,CAAC;AAAA,EACrE;AAEA,SAAO;AACT;;;AClCA,eAAsB,SACpB,QACA,UAA2B,EAAE,eAAe,MAAM,GAC5B;AACtB,QAAM,WAAwB,qBAAqB,OAAO,QAAQ,OAAO;AAEzE,QAAM,UAAU,MAAM,QAAQ;AAAA,IAC5B,SAAS,IAAI,CAAC,YAAY,QAAQ,CAAC;AAAA,EACrC;AAEA,QAAM,UAAyB,CAAC;AAEhC,aAAW,WAAW,SAAS;AAC7B,QAAI,QAAQ,WAAW,aAAa;AAClC,cAAQ,KAAK,GAAG,QAAQ,KAAK;AAAA,IAC/B,OAAO;AACL,cAAQ,KAAK;AAAA,QACX,MAAM;AAAA,QACN,QAAQ;AAAA,QACR,SACE,QAAQ,kBAAkB,QACtB,QAAQ,OAAO,UACf,OAAO,QAAQ,MAAM;AAAA,QAC3B,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAAA,EACF;AAGA,QAAM,UAAU,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,OAAO,QAAQ,OAAO;AACrF,aAAW,KAAK,SAAS;AACvB,YAAQ,EAAE,QAAQ;AAAA,MAChB,KAAK;AAAQ,gBAAQ;AAAU;AAAA,MAC/B,KAAK;AAAQ,gBAAQ;AAAU;AAAA,MAC/B,KAAK;AAAQ,gBAAQ;AAAU;AAAA,MAC/B,KAAK;AAAQ,gBAAQ;AAAW;AAAA,IAClC;AAAA,EACF;AAEA,SAAO;AAAA,IACL,aAAa,OAAO;AAAA,IACpB,WAAW,oBAAI,KAAK;AAAA,IACpB;AAAA,IACA;AAAA,EACF;AACF;;;AC3DA,OAAO,WAAW;AAClB,OAAO,WAAW;AAGlB,IAAM,eAAuC;AAAA,EAC3C,MAAM,MAAM,MAAM,QAAG;AAAA,EACrB,MAAM,MAAM,IAAI,QAAG;AAAA,EACnB,MAAM,MAAM,OAAO,QAAG;AAAA,EACtB,MAAM,MAAM,KAAK,QAAG;AACtB;AAEO,SAAS,kBAAkB,QAAqB,SAA0B;AAC/E,QAAM,OAAO,aAAa,OAAO,MAAM;AACvC,QAAM,WAAW,MAAM,KAAK,IAAI,OAAO,QAAQ,KAAK;AACpD,QAAM,OAAO,OAAO,WAAW,SAAS,MAAM,IAAI,OAAO,IAAI,IAAI,OAAO;AAGxE,MAAI,CAAC,WAAW,OAAO,WAAW,QAAQ;AACxC,WAAO,KAAK,IAAI,IAAI,IAAI,IAAI,QAAQ;AAAA,EACtC;AAEA,SAAO,KAAK,IAAI,IAAI,IAAI,IAAI,QAAQ;AAAA,MAAS,MAAM,KAAK,OAAO,OAAO,CAAC;AACzE;AAEO,SAAS,aAAa,QAAqB,SAAuD;AACvG,MAAI,QAAQ,MAAM;AAChB,WAAO,KAAK,UAAU;AAAA,MACpB,aAAa,OAAO;AAAA,MACpB,WAAW,OAAO,UAAU,YAAY;AAAA,MACxC,SAAS,OAAO;AAAA,MAChB,SAAS,OAAO;AAAA,IAClB,GAAG,MAAM,CAAC;AAAA,EACZ;AAEA,QAAM,QAAkB,CAAC;AAEzB,QAAM,KAAK,EAAE;AACb,aAAW,UAAU,OAAO,SAAS;AACnC,UAAM,KAAK,kBAAkB,QAAQ,QAAQ,OAAO,CAAC;AAAA,EACvD;AACA,QAAM,KAAK,EAAE;AAEb,QAAM,EAAE,QAAQ,QAAQ,QAAQ,SAAS,MAAM,IAAI,OAAO;AAE1D,QAAM,eAAe;AAAA,IACnB,MAAM,MAAM,GAAG,MAAM,SAAS;AAAA,IAC9B,SAAS,IAAI,MAAM,IAAI,GAAG,MAAM,SAAS,IAAI;AAAA,IAC7C,SAAS,IAAI,MAAM,OAAO,GAAG,MAAM,WAAW,IAAI;AAAA,IAClD,UAAU,IAAI,MAAM,KAAK,GAAG,OAAO,UAAU,IAAI;AAAA,EACnD,EACG,OAAO,OAAO,EACd,KAAK,MAAM,KAAK,QAAK,CAAC;AAEzB,QAAM,cAAc,GAAG,YAAY,IAAI,MAAM,KAAK,IAAI,KAAK,UAAU,CAAC;AAEtE,QAAM,UAAU,OAAO,QAAQ,OAAO,CAAC,KAAK,MAAM,MAAM,EAAE,UAAU,CAAC;AAErE,QAAM,SACJ,SAAS,IACL,MAAM,IAAI,KAAK,wBAAmB,IAClC,MAAM,MAAM,KAAK,wBAAmB;AAE1C,QAAM,aAAa;AAAA,IACjB;AAAA,IACA,MAAM,KAAK,YAAY,OAAO,WAAW,EAAE;AAAA,IAC3C;AAAA,IACA;AAAA,IACA,MAAM,KAAK,WAAW,OAAO,IAAI;AAAA,EACnC,EAAE,KAAK,IAAI;AAEX,QAAM;AAAA,IACJ,MAAM,YAAY;AAAA,MAChB,SAAS;AAAA,MACT,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,OAAO,EAAE;AAAA,MAC/C,aAAa,SAAS,IAAI,QAAQ;AAAA,MAClC,aAAa;AAAA,IACf,CAAC;AAAA,EACH;AAEA,SAAO,MAAM,KAAK,IAAI;AACxB;AAEO,SAAS,SAAS,SAAuB;AAC9C,UAAQ,MAAM,MAAM,IAAI,KAAK,QAAQ,GAAG,OAAO;AACjD;AAEO,SAAS,QAAQ,SAAuB;AAC7C,UAAQ,IAAI,MAAM,KAAK,QAAG,GAAG,OAAO;AACtC;AAEO,SAAS,WAAW,SAAuB;AAChD,UAAQ,IAAI,MAAM,MAAM,QAAG,GAAG,OAAO;AACvC;AAEO,SAAS,QAAQ,SAAuB;AAC7C,UAAQ,IAAI,MAAM,OAAO,QAAG,GAAG,OAAO;AACxC;;;AZjFA,eAAsB,aAAa,SAAoC;AACrE,QAAM,SAAS,QAAQ,MAAM,QAAQ;AACrC,QAAM,UAAU,SAAS,OAAO,IAAI,0BAA0B,EAAE,MAAM;AAEtE,MAAI;AACJ,MAAI;AACF,aAAS,MAAM,WAAW,QAAQ,MAAM;AACxC,aAAS,QAAQ,sBAAsB,OAAO,WAAW,GAAG;AAAA,EAC9D,SAAS,OAAO;AACd,aAAS,KAAK,qBAAqB;AACnC,aAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAC/D,YAAQ,WAAW;AACnB;AAAA,EACF;AAEA,WAAS,MAAM,mBAAmB;AAClC,QAAM,SAAS,MAAM,SAAS,QAAQ,EAAE,eAAe,QAAQ,cAAc,CAAC;AAC9E,WAAS,KAAK;AAEd,UAAQ,IAAI,aAAa,QAAQ,EAAE,SAAS,QAAQ,SAAS,MAAM,QAAQ,KAAK,CAAC,CAAC;AAElF,MAAI,OAAO,QAAQ,SAAS,GAAG;AAC7B,YAAQ,WAAW;AAAA,EACrB;AACF;;;AavCA,SAAS,UAAAC,SAAQ,MAAM,YAAAC,iBAA2B;AAClD,SAAS,UAAU,WAAAC,gBAAe;AAKlC,IAAM,kBAAkB;AASxB,eAAe,iBAAiB,KAAqC;AACnE,MAAI;AACF,UAAM,SAAS,MAAM,YAAY,GAAG;AACpC,WAAO,OAAO,KAAK;AAAA,EACrB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKA,eAAe,YAAY,YAAyC;AAClE,QAAM,QAAkB,CAAC;AACzB,aAAW,QAAQ,YAAY;AAC7B,QAAI;AACF,YAAMC,QAAOC,SAAQ,QAAQ,IAAI,GAAG,IAAI,CAAC;AACzC,YAAM,KAAK,IAAI;AAAA,IACjB,QAAQ;AAAA,IAER;AAAA,EACF;AACA,SAAO;AACT;AAKA,eAAe,oBAAqC;AAClD,MAAI;AACF,UAAM,MAAM,MAAMC,UAASD,SAAQ,QAAQ,IAAI,GAAG,cAAc,GAAG,OAAO;AAC1E,UAAM,MAAM,KAAK,MAAM,GAAG;AAC1B,QAAI,OAAO,IAAI,SAAS,YAAY,IAAI,KAAK,SAAS,GAAG;AACvD,aAAO,IAAI;AAAA,IACb;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO,SAAS,QAAQ,IAAI,CAAC;AAC/B;AAKA,eAAe,sBAA+F;AAC5G,QAAM,SAAuB,CAAC;AAG9B,QAAM,cAAc,MAAM,iBAAiB,gBAAgB;AAC3D,MAAI,aAAa;AACf,UAAM,QAAQ,YAAY,QAAQ,MAAM,EAAE,EAAE,MAAM,GAAG,EAAE,CAAC;AACxD,WAAO,OAAO,KAAK,KAAK;AACxB,eAAW,oBAAoB,WAAW,uBAAkB,KAAK,MAAM;AAAA,EACzE;AAGA,QAAM,aAAa,MAAM,iBAAiB,eAAe;AACzD,MAAI,YAAY;AACd,UAAM,QAAQ,WAAW,MAAM,GAAG,EAAE,CAAC;AACrC,WAAO,MAAM,KAAK,KAAK;AACvB,eAAW,gBAAgB,UAAU,uBAAkB,KAAK,MAAM;AAAA,EACpE;AAGA,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,aAAa,MAAM,YAAY,WAAW;AAChD,MAAI,WAAW,SAAS,GAAG;AACzB,WAAO,QAAQ;AACf,eAAW,YAAY,WAAW,MAAM,mBAAmB,WAAW,KAAK,IAAI,CAAC,EAAE;AAAA,EACpF;AAGA,QAAM,iBAAiBA,SAAQ,QAAQ,IAAI,GAAG,cAAc;AAC5D,MAAI;AACF,UAAM,UAAU,MAAMC,UAAS,gBAAgB,OAAO;AACtD,UAAM,OAAO,QACV,MAAM,IAAI,EACV,IAAI,CAAC,SAAS,KAAK,KAAK,CAAC,EACzB,OAAO,CAAC,SAAS,QAAQ,CAAC,KAAK,WAAW,GAAG,CAAC,EAC9C,IAAI,CAAC,SAAS,KAAK,MAAM,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EACvC,OAAO,CAAC,QAAQ,IAAI,SAAS,CAAC;AAEjC,QAAI,KAAK,SAAS,GAAG;AACnB,aAAO,MAAM;AAAA,QACX,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,UAAU;AAAA,MACZ;AACA,iBAAW,YAAY,KAAK,MAAM,gCAAgC,KAAK,KAAK,IAAI,CAAC,EAAE;AAAA,IACrF;AAAA,EACF,QAAQ;AAAA,EAER;AAGA,QAAM,gBAAgB,MAAM,iBAAiB,kBAAkB;AAC/D,MAAI,eAAe;AACjB,WAAO,WAAW;AAAA,MAChB;AAAA,QACE,KAAK;AAAA,QACL,OAAO;AAAA,QACP,UAAU;AAAA,MACZ;AAAA,IACF;AACA,eAAW,4CAAuC;AAAA,EACpD;AAEA,QAAM,cAAc,MAAM,kBAAkB;AAE5C,SAAO;AAAA,IACL;AAAA,IACA,SAAS;AAAA,IACT;AAAA,EACF;AACF;AAMA,eAAsB,YAAY,SAAqC;AACrE,QAAM,aAAaD,SAAQ,QAAQ,IAAI,GAAG,eAAe;AAEzD,MAAI;AAEJ,MAAI,QAAQ,QAAQ;AAClB,YAAQ,2BAA2B;AACnC,aAAS,MAAM,oBAAoB;AAEnC,QAAI,OAAO,KAAK,OAAO,MAAM,EAAE,WAAW,GAAG;AAC3C,cAAQ,iDAAiD;AACzD,aAAO,SAAS,EAAE,MAAM,WAAW;AAAA,IACrC;AAEA,YAAQ,IAAI,EAAE;AAAA,EAChB,OAAO;AACL,aAAS;AAAA,MACP,aAAa,MAAM,kBAAkB;AAAA,MACrC,SAAS;AAAA,MACT,QAAQ;AAAA,QACN,MAAM;AAAA,QACN,KAAK;AAAA,QACL,OAAO,CAAC,cAAc;AAAA,MACxB;AAAA,IACF;AAAA,EACF;AAEA,MAAI;AACF,UAAM,UAAU,KAAK,UAAU,QAAQ,MAAM,CAAC,IAAI;AAClD,UAAM,aAAa,MAAM,KAAK,YAAY,IAAI;AAC9C,UAAM,WAAW,UAAU,SAAS,OAAO;AAC3C,UAAM,WAAW,MAAM;AACvB,eAAW,WAAW,eAAe,wCAAmC;AAAA,EAC1E,SAAS,OAAY;AACnB,QAAI,MAAM,SAAS,UAAU;AAC3B,YAAM,IAAI;AAAA,QACR,GAAG,eAAe;AAAA,MACpB;AAAA,IACF;AACA,UAAM,IAAI;AAAA,MACR,mBAAmB,eAAe,KAAK,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,IAC/F;AAAA,EACF;AACF;;;AdrLA,IAAM,UAAU,IAAI,QAAQ;AAE5B,QACG,KAAK,YAAY,EACjB;AAAA,EACC;AACF,EACC,QAAQ,OAAO;AAElB,QACG,QAAQ,OAAO,EACf,YAAY,8DAA8D,EAC1E,OAAO,uBAAuB,uBAAuB,wBAAwB,EAC7E,OAAO,iBAAiB,uCAAuC,KAAK,EACpE,OAAO,QAAQ,4CAAuC,KAAK,EAC3D,OAAO,UAAU,yCAAyC,KAAK,EAC/D;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC,OAAO,OAAO,SAAS;AACtB,QAAM,aAAa;AAAA,IACjB,QAAQ,KAAK;AAAA,IACb,SAAS,KAAK;AAAA,IACd,IAAI,KAAK,MAAM,KAAK;AAAA,IACpB,MAAM,KAAK;AAAA,IACX,eAAe,KAAK;AAAA,EACtB,CAAC;AACH,CAAC;AAEH,QACG,QAAQ,MAAM,EACd,YAAY,oEAAoE,EAChF,OAAO,gBAAgB,mDAAmD,KAAK,EAC/E,OAAO,OAAO,SAAS;AACtB,QAAM,YAAY,EAAE,QAAQ,KAAK,OAAO,CAAC;AAC3C,CAAC;AAEH,QAAQ,MAAM;","names":["semver","semver","readFile","resolve","resolve","rel","readFile","resolve","resolve","relative","isAbsolute","isAbsolute","resolve","relative","access","readFile","resolve","access","resolve","readFile"]}
|
package/package.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "stackaudit",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "1.0.0",
|
|
4
4
|
"description": "CLI tool to audit developer environments against a declarative configuration file",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
7
|
-
"stackaudit": "
|
|
7
|
+
"stackaudit": "bin/stackaudit.js"
|
|
8
8
|
},
|
|
9
9
|
"main": "./dist/index.js",
|
|
10
10
|
"types": "./dist/index.d.ts",
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
"scripts": {
|
|
16
16
|
"build": "tsup",
|
|
17
17
|
"dev": "tsup --watch",
|
|
18
|
-
"start": "node bin/
|
|
18
|
+
"start": "node bin/stackaudit.js",
|
|
19
19
|
"test": "vitest run",
|
|
20
20
|
"test:watch": "vitest",
|
|
21
21
|
"lint": "tsc --noEmit",
|
|
@@ -43,6 +43,7 @@
|
|
|
43
43
|
"execa": "^9.5.2",
|
|
44
44
|
"ora": "^8.2.0",
|
|
45
45
|
"semver": "^7.6.3",
|
|
46
|
+
"stackaudit": "^0.1.1",
|
|
46
47
|
"zod": "^3.24.2"
|
|
47
48
|
},
|
|
48
49
|
"devDependencies": {
|
|
@@ -52,4 +53,4 @@
|
|
|
52
53
|
"typescript": "^5.7.3",
|
|
53
54
|
"vitest": "^3.0.5"
|
|
54
55
|
}
|
|
55
|
-
}
|
|
56
|
+
}
|