npm - ts-ag - Versions diffs - 1.2.1 → 1.2.2 - Mend

ts-ag 1.2.1 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.mjs","names":["parse","defaultErrors","fromReason","getErrorName","getHttpStatusReason","getHttpStatusCode","isRecord","defaultErrors","getHttpStatusReason","getHttpStatusCode","baseGetSignedUrl","defaultErrors","fromReason","getErrorName","isRecord"],"sources":["../src/lambda/client-types.ts","../src/lambda/client.ts","../src/lambda/handlerUtils.ts","../src/lambda/errors.ts","../src/lambda/response.ts","../src/lambda/server/authentication.ts","../src/cognito/client.ts","../src/cognito/errors.ts","../src/cognito/user.ts","../src/cognito/password.ts","../src/s3/client.ts","../src/utils/errors.ts","../src/s3/errors.ts","../src/s3/signedUrl.ts","../src/s3/object.ts","../src/dynamo/errors.ts","../src/ses/errors.ts","../src/rehype/flat-toc.ts","../src/utils/valibot.ts","../src/utils/object.ts","../src/utils/fs.ts","../src/utils/cli.ts"],"sourcesContent":["import type { ErrorBody, SuccessCode, ErrorCode } from './handlerUtils.js';\n\n// ----------------- Helpers ----------------------\n// Used to easily extract types from ApiEndpoints types\n\n/*\n Extracts the requestInput type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiInput<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n E,\n { path: P; method: M }\n>['requestInput'];\n\n/\n Extracts the requestOutput type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiOutput<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n E,\n { path: P; method: M }\n>['requestOutput'];\n\n/\n Extracts the response type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiResponse<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n E,\n { path: P; method: M }\n>['response'];\n\n/\n Extracts the sucessful body type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiSuccessBody<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n Extract<E, { path: P; method: M }>['response'],\n { status: SuccessCode }\n>['json'] extends () => Promise<infer R>\n ? R\n : unknown;\n\n/\n Extracts the sucessful body type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiErrorBody<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n Extract<E, { path: P; method: M }>['response'],\n { status: ErrorCode }\n>['json'] extends () => Promise<infer R>\n ? R\n : unknown;\n\n/\n Converts a RawApiGatewayHandler response type to a fetch like response type.\n /\ntype ConvertToFetch<T> = T extends { statusCode: number; body: object; headers: object }\n ? { ok: T['statusCode'] extends SuccessCode ? true : false; json: () => Promise<T['body']>; status: T['statusCode'] }\n : T;\n\nexport type CleanResponse = Omit<Response, 'status' \| 'ok' \| 'json'>;\nexport type FetchResponse<T extends (...args: any) => any> = ConvertToFetch<Awaited<ReturnType<T>>> & CleanResponse;\n\n// ------------------------ Proper types ------------------\n// This is used by createApiRequest and createFormFunction\n\nexport const HTTPMethods = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS', 'HEAD'] as const;\nexport type HTTPMethod = (typeof HTTPMethods)[number];\n\nexport type ApiEndpoints = {\n path: string;\n method: HTTPMethod;\n requestInput: Record<string, any> \| null;\n requestOutput: object \| null;\n response: FetchResponse<\n // This means we get better types\n () => Promise<\n \| { headers: object; statusCode: SuccessCode; body: any }\n \| { headers: object; statusCode: ErrorCode; body: ErrorBody }\n >\n >;\n};\n","// import { deserialize } from './deserializer.js';\nimport { parse } from 'devalue';\nimport { parse as vParse, parseAsync, type GenericSchema, type GenericSchemaAsync } from 'valibot';\n\nimport type { ApiEndpoints, ApiInput, ApiResponse } from './client-types.js';\n\nconst bodyMethods = ['POST', 'PUT', 'PATCH'] as const;\nconst queryMethods = ['GET', 'DELETE'] as const;\n\nasync function _apiRequest<T = Response>(\n path: string,\n method: 'GET' \| 'POST' \| 'DELETE',\n input: object \| null,\n schema: ApiSchema,\n // This was here because of the deserializer being different in prod\n environment: string \| 'production',\n apiUrl: string,\n headers?: HeadersInit\n): Promise<T> {\n if (schema) {\n if (schema.async === true) await parseAsync(schema, input);\n else vParse(schema, input);\n }\n\n let url = `${apiUrl}${apiUrl.endsWith('/') ? '' : '/'}${path}`;\n\n if (queryMethods.includes(method as any)) {\n const params = new URLSearchParams();\n\n for (const [key, value] of Object.entries(input ?? {})) {\n if (Array.isArray(value)) {\n value.forEach((item) => params.append(key, String(item)));\n } else {\n params.append(key, String(value));\n }\n }\n\n const queryString = params.toString();\n if (queryString) url += `?${queryString}`;\n }\n\n headers = { 'Content-Type': 'application/json', ...headers };\n const response = await fetch(url, {\n method,\n headers,\n // oxlint-disable-next-line\n body: bodyMethods.includes(method as any) ? JSON.stringify(input) : undefined,\n credentials: 'include'\n });\n const contentType = response.headers.get('content-type') ?? '';\n\n let retrieved: Promise<string> \| false = false;\n response.json = async () => {\n if (retrieved === false) {\n retrieved = response.text();\n }\n\n if (contentType === 'application/devalue') {\n return await parse(await retrieved);\n } else {\n return JSON.parse(await retrieved);\n }\n };\n return response as unknown as T;\n}\n\nconst HTTPMethods = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS', 'HEAD'] as const;\ntype HTTPMethod = (typeof HTTPMethods)[number];\n\nexport type ApiRequestFunction<API extends ApiEndpoints> = <\n Path extends API['path'],\n Method extends Extract<API, { path: Path }>['method']\n>(\n path: Path,\n method: Method,\n input: ApiInput<API, Path, Method>,\n headers?: HeadersInit\n) => Promise<ApiResponse<API, Path, Method>>;\n\nexport type ApiSchema = GenericSchema \| GenericSchemaAsync;\n\n/\n @returns A function that can be used to make API requests with type safety\n * @example const clientApiRequest = createApiRequest<ApiEndpoints>();\n /\nexport function createApiRequest<API extends ApiEndpoints>(\n schemas: Partial<Record<API['path'], Partial<Record<HTTPMethod, ApiSchema>>>>,\n apiUrl: string,\n env: string\n): ApiRequestFunction<API> {\n return async function apiRequest(path, method, input, headers) {\n const schema = schemas[path]?.[method];\n if (schema === undefined) throw new Error('Schema is undefined in api request');\n\n // if (typeof schema === 'function') {\n // schema = schema();\n // }\n\n return _apiRequest<ApiResponse<API, typeof path, typeof method>>(\n path as string,\n method as 'GET' \| 'POST',\n input,\n schema,\n env,\n apiUrl,\n headers\n );\n };\n}\n","import type { APIGatewayProxyResultV2, Context, APIGatewayProxyEventV2WithLambdaAuthorizer } from 'aws-lambda';\nimport { stringify } from 'devalue';\n\nexport type SuccessCode = 200 \| 201 \| 204;\nexport type ErrorCode = 400 \| 401 \| 403 \| 404 \| 409 \| 500;\n\nexport type ErrorBody = { message: string; field?: { name: string; value: string } };\n\n/\n The error response for the lambda functions to return\n /\nexport type ErrorRawProxyResultV2 = {\n statusCode: ErrorCode;\n headers?: { [header: string]: string } \| undefined;\n body?: ErrorBody;\n isBase64Encoded?: boolean \| undefined;\n cookies?: string[] \| undefined;\n};\n\nexport type OkRawProxyResultV2 = {\n statusCode: SuccessCode;\n headers?: { [header: string]: string } \| undefined;\n body?: object \| undefined;\n isBase64Encoded?: boolean \| undefined;\n cookies?: string[] \| undefined;\n};\n/\n A type for the raw proxy result - just using an object not a stirng for the body\n /\nexport type RawProxyResultV2 = ErrorRawProxyResultV2 \| OkRawProxyResultV2;\n\n// The type of the handler returned from wrapHandler\nexport type APIGatewayHandler<E> = (event: E, context: Context) => Promise<APIGatewayProxyResultV2>;\n\n// The type of the handler passed into wrapHandler\nexport type RawApiGatewayHandler<E extends APIGatewayProxyEventV2WithLambdaAuthorizer<any>> = (\n event: E,\n context: Context\n) => Promise<RawProxyResultV2>;\n\n/\n Wraps a handler that returns the body as an object rather than a string.\n \n This means you can achieve proper type inference on your handler and have standardised serialisation\n \n @example\n```ts\nexport type AuthorizerContext = {\n details: JWTPayload;\n} \| null;\n\nexport const wrapHandler = baseWrapHandler<APIGatewayProxyEventV2WithLambdaAuthorizer<AuthorizerContext>>\n\n/\nexport function wrapHandler<E extends APIGatewayProxyEventV2WithLambdaAuthorizer<any>>(\n handler: RawApiGatewayHandler<E>\n): APIGatewayHandler<E> {\n return async (event: E, context: Context): Promise<APIGatewayProxyResultV2> => {\n const result = await handler(event, context);\n\n if (result.body) {\n const headers = new Headers(result.headers);\n headers.set('Content-Type', 'application/devalue');\n\n return { ...result, headers: Object.fromEntries(headers), body: stringify(result.body) };\n } else {\n return { ...result, body: undefined };\n }\n };\n}\n","/\n These are the various errors that should be returned from anything called by a lambda function.\n \n Pass a lambda error to the errorResponse function to get a suitable response to return from the lambda handler.\n \n The separation means that they can be returned from functions that are certainly run inside a lambda fucntion but theyre not the actual return of the lambda.\n * Im not sure it this is optimal behaviour and if not we will migrate to only using the errorResponse function\n /\n\nexport function error_lambda_badRequest(\n message: string,\n fieldName?: string,\n fieldValue?: string\n): type_error_lambda_badRequest {\n return { type: 'badRequest' as const, message, fieldName, fieldValue };\n}\n\nexport function error_lambda_unauthorized(message: string): type_error_lambda_unauthorized {\n return { type: 'unauthorized' as const, message };\n}\n\nexport function error_lambda_forbidden(message: string): type_error_lambda_forbidden {\n return { type: 'forbidden' as const, message };\n}\n\nexport function error_lambda_notFound(\n message: string,\n fieldName?: string,\n fieldValue?: string\n): type_error_lambda_notFound {\n return { type: 'notFound' as const, message, fieldName, fieldValue };\n}\n\nexport function error_lambda_conflict(\n message: string,\n fieldName?: string,\n fieldValue?: string\n): type_error_lambda_conflict {\n return { type: 'conflict' as const, message, fieldName, fieldValue };\n}\n\nexport function error_lambda_internal(message: string): type_error_lambda_internal {\n return { type: 'internal' as const, message };\n}\n\n// ---- types ---- //\n\nexport type type_error_lambda_badRequest = {\n type: 'badRequest';\n message: string;\n fieldName?: string;\n fieldValue?: string;\n};\nexport type type_error_lambda_unauthorized = { type: 'unauthorized'; message: string };\nexport type type_error_lambda_forbidden = { type: 'forbidden'; message: string };\nexport type type_error_lambda_notFound = { type: 'notFound'; message: string; fieldName?: string; fieldValue?: string };\nexport type type_error_lambda_conflict = { type: 'conflict'; message: string; fieldName?: string; fieldValue?: string };\nexport type type_error_lambda_internal = { type: 'internal'; message: string };\n\nexport type type_error_lambda =\n \| type_error_lambda_badRequest\n \| type_error_lambda_unauthorized\n \| type_error_lambda_forbidden\n \| type_error_lambda_notFound\n \| type_error_lambda_conflict\n \| type_error_lambda_internal;\n","import type { BaseIssue, SafeParseResult } from 'valibot';\n\nimport { error_lambda_badRequest, type type_error_lambda } from './errors.js';\nimport type { ErrorRawProxyResultV2, OkRawProxyResultV2 } from './handlerUtils.js';\n\nfunction field(obj: { fieldName?: string; fieldValue?: string }) {\n return obj.fieldName === undefined \|\| obj.fieldValue === undefined\n ? {}\n : { field: { name: obj.fieldName, value: obj.fieldValue } };\n}\n\nexport type type_error_response = Omit<ErrorRawProxyResultV2, 'headers' \| 'body'> & {\n headers: NonNullable<ErrorRawProxyResultV2['headers']>;\n body: NonNullable<ErrorRawProxyResultV2['body']>;\n};\n\nexport type LambdaErrorResponse<Type extends string = '', Extras extends object = {}> =\n \| {\n headers: Record<string, string>;\n statusCode: 400;\n body: { message: string; type: Type } & ReturnType<typeof field> & Extras;\n }\n \| { headers: Record<string, string>; statusCode: 401; body: { message: string; type: Type } & Extras }\n \| { headers: Record<string, string>; statusCode: 403; body: { message: string; type: Type } & Extras }\n \| {\n headers: Record<string, string>;\n statusCode: 404;\n body: { message: string; type: Type } & ReturnType<typeof field> & Extras;\n }\n \| {\n headers: Record<string, string>;\n statusCode: 409;\n body: { message: string; type: Type } & ReturnType<typeof field> & Extras;\n }\n \| { headers: Record<string, string>; statusCode: 500; body: { message: string; type: Type } & Extras };\n\n/\n Maps lambda errors to responses suitable to return from lambda functions\n * @param e\n * @param headers\n * @param type\n * @param extras\n * @returns\n /\nexport function response_error<Type extends string = '', Extras extends object = {}>(\n e: type_error_lambda,\n headers: Record<string, string>,\n type: Type = '' as Type,\n extras: Extras = {} as Extras\n): LambdaErrorResponse<Type, Extras> {\n switch (e.type) {\n case 'badRequest':\n return { headers, statusCode: 400, body: { message: e.message, type: type, ...field(e), ...extras } };\n\n case 'unauthorized':\n return { headers, statusCode: 401, body: { message: e.message, type: type, ...extras } };\n\n case 'forbidden':\n return { headers, statusCode: 403, body: { message: e.message, type: type, ...extras } };\n\n case 'notFound':\n return { headers, statusCode: 404, body: { message: e.message, type: type, ...field(e), ...extras } };\n\n case 'conflict':\n return { headers, statusCode: 409, body: { message: e.message, type: type, ...field(e), ...extras } };\n\n default:\n return { headers, statusCode: 500, body: { message: 'Unknown error', type: type, ...extras } };\n }\n}\n\n/\n Helper function to get a reasonable default error response from a valibot parse result\n * @param res - The output from calling safeParse on the input\n * @param headers - The headers to return in the response\n /\nexport function response_valibotError(res: Extract<SafeParseResult<any>, { success: false }>, headers: any) {\n const issue = res.issues[0] as BaseIssue<any>;\n\n if (issue.path && issue.path[0] && typeof issue.path[0].key === 'string') {\n return response_error(error_lambda_badRequest('Invalid input', issue.path[0].key, issue.message), headers);\n } else {\n return response_error(error_lambda_badRequest(`Invalid input: ${issue.message}`), headers);\n }\n}\n\nexport function response_ok<Body extends { message: string }>(\n body: Body,\n headers: any,\n cookies?: string[] \| undefined\n) {\n return { headers, cookies, statusCode: 200 as const, body } satisfies OkRawProxyResultV2;\n}\n","import { error_lambda_unauthorized } from '$lambda/errors.js';\nimport type { APIGatewayProxyEventV2WithLambdaAuthorizer, APIGatewayRequestAuthorizerEventV2 } from 'aws-lambda';\nimport { parse } from 'cookie';\nimport { Result } from 'neverthrow';\n\n/\n Wraps cookies parse along with the api gateway event with neverthrow\n /\nexport function getCookies(\n event: APIGatewayProxyEventV2WithLambdaAuthorizer<any> \| APIGatewayRequestAuthorizerEventV2\n) {\n return Result.fromThrowable(\n () => {\n if (!('headers' in event) \|\| !event.headers) {\n throw new Error('No headers in event');\n }\n\n // First try to get cookies from the cookies array (API Gateway v2 format)\n const cookieString =\n Array.isArray(event.cookies) && event.cookies.length > 0\n ? event.cookies.join('; ')\n : event.headers.Cookie \|\| event.headers.cookie;\n\n if (!cookieString) {\n throw new Error('No cookies found in event');\n }\n\n const res = parse(cookieString);\n return res;\n },\n (e) => {\n if (e instanceof Error) return error_lambda_unauthorized(e.message);\n return error_lambda_unauthorized('Invalid Cookies');\n }\n )();\n}\n","import { CognitoIdentityProviderClient } from '@aws-sdk/client-cognito-identity-provider';\n\n/\n Convenience function if process.env.AWS_REGION is set\n /\nexport function getCognitoClient() {\n return new CognitoIdentityProviderClient({\n // region: process.env.AWS_REGION\n // endpoint: `https://cognito-idp.${process.env.REGION}.amazonaws.com`\n });\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\n\n/* Error wrapper for failures that happen while doing Cognito SDK work. /\nexport type type_error_cognito = { type: 'cognito'; error: unknown };\n\n/* Internal reason used before converting Cognito errors into public lambda errors. /\nexport type type_error_lambda_fromCognito_reason =\n \| 'auth'\n \| 'forbidden'\n \| 'invalidInput'\n \| 'userNotFound'\n \| 'resourceNotFound'\n \| 'tooManyRequests'\n \| 'passwordPolicy'\n \| 'passwordHistory'\n \| 'passwordResetRequired'\n \| 'codeExpired'\n \| 'codeMismatch'\n \| 'delivery'\n \| 'userExists'\n \| 'conflict'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromCognito_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting Cognito errors to lambda errors. /\nexport type type_error_lambda_fromCognito_options = Partial<\n Record<type_error_lambda_fromCognito_reason, type_error_lambda_fromCognito_override>\n>;\n\nconst defaultErrors = {\n auth: { type: 'unauthorized', message: 'Not authorized' },\n forbidden: { type: 'forbidden', message: 'Forbidden' },\n invalidInput: { type: 'badRequest', message: 'There is an issue with your request' },\n userNotFound: { type: 'notFound', message: 'User not found' },\n resourceNotFound: { type: 'notFound', message: 'Resource not found' },\n tooManyRequests: { type: 'badRequest', message: 'Too many requests' },\n passwordPolicy: { type: 'badRequest', message: 'Password does not meet policy requirements' },\n passwordHistory: { type: 'conflict', message: 'Password was used recently' },\n passwordResetRequired: { type: 'badRequest', message: 'Password reset required' },\n codeExpired: { type: 'badRequest', message: 'Code expired' },\n codeMismatch: { type: 'badRequest', message: 'Invalid code' },\n delivery: { type: 'internal', message: 'Internal server error' },\n userExists: { type: 'conflict', message: 'User already exists' },\n conflict: { type: 'conflict', message: 'The request conflicts with the current Cognito resource state' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromCognito_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as a Cognito-domain error for neverthrow flows. /\nexport function error_cognito(error: unknown): type_error_cognito {\n return { type: 'cognito', error };\n}\n\n/* Convert AWS SDK Cognito errors into a safe lambda error for API responses. /\nexport function error_lambda_fromCognito(\n e: type_error_cognito,\n options: type_error_lambda_fromCognito_options = {}\n): type_error_lambda {\n return fromReason(getCognitoReason(e.error), options);\n}\n\n/* Apply endpoint overrides and build the concrete lambda error object. /\nfunction fromReason(\n reason: type_error_lambda_fromCognito_reason,\n options: type_error_lambda_fromCognito_options\n): type_error_lambda {\n const base = defaultErrors[reason];\n const override = options[reason];\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Classify AWS SDK / Cognito service errors. /\nfunction getCognitoReason(error: unknown): type_error_lambda_fromCognito_reason {\n switch (getErrorName(error)) {\n case 'NotAuthorizedException':\n case 'UnauthorizedException':\n case 'UserNotConfirmedException':\n case 'RefreshTokenReuseException':\n return 'auth';\n\n case 'AccessDeniedException':\n case 'ForbiddenException':\n return 'forbidden';\n\n case 'InvalidParameterException':\n case 'InvalidOAuthFlowException':\n case 'ScopeDoesNotExistException':\n case 'UnsupportedIdentityProviderException':\n case 'UnsupportedTokenTypeException':\n return 'invalidInput';\n\n case 'UserNotFoundException':\n return 'userNotFound';\n\n case 'ResourceNotFoundException':\n case 'MFAMethodNotFoundException':\n case 'SoftwareTokenMFANotFoundException':\n case 'WebAuthnChallengeNotFoundException':\n return 'resourceNotFound';\n\n case 'LimitExceededException':\n case 'TooManyFailedAttemptsException':\n case 'TooManyRequestsException':\n return 'tooManyRequests';\n\n case 'InvalidPasswordException':\n return 'passwordPolicy';\n\n case 'PasswordHistoryPolicyViolationException':\n return 'passwordHistory';\n\n case 'PasswordResetRequiredException':\n return 'passwordResetRequired';\n\n case 'ExpiredCodeException':\n return 'codeExpired';\n\n case 'CodeMismatchException':\n return 'codeMismatch';\n\n case 'CodeDeliveryFailureException':\n return 'delivery';\n\n case 'AliasExistsException':\n case 'DeviceKeyExistsException':\n case 'DuplicateProviderException':\n case 'GroupExistsException':\n case 'ManagedLoginBrandingExistsException':\n case 'TermsExistsException':\n case 'UsernameExistsException':\n return 'userExists';\n\n case 'ConcurrentModificationException':\n case 'PreconditionNotMetException':\n case 'UnsupportedUserStateException':\n return 'conflict';\n\n case 'EnableSoftwareTokenMFAException':\n case 'FeatureUnavailableInTierException':\n case 'InternalErrorException':\n case 'InternalServerException':\n case 'InvalidEmailRoleAccessPolicyException':\n case 'InvalidLambdaResponseException':\n case 'InvalidSmsRoleAccessPolicyException':\n case 'InvalidSmsRoleTrustRelationshipException':\n case 'InvalidUserPoolConfigurationException':\n case 'TierChangeNotAllowedException':\n case 'UnexpectedLambdaException':\n case 'UnsupportedOperationException':\n case 'UserImportInProgressException':\n case 'UserLambdaValidationException':\n case 'UserPoolAddOnNotEnabledException':\n case 'UserPoolTaggingException':\n case 'WebAuthnClientMismatchException':\n case 'WebAuthnConfigurationMissingException':\n case 'WebAuthnCredentialNotSupportedException':\n case 'WebAuthnNotEnabledException':\n case 'WebAuthnOriginNotAllowedException':\n case 'WebAuthnRelyingPartyMismatchException':\n return 'internal';\n\n default:\n return getHttpStatusReason(error);\n }\n}\n\nfunction getHttpStatusReason(error: unknown): type_error_lambda_fromCognito_reason {\n const status = getHttpStatusCode(error);\n\n if (status === 400) return 'invalidInput';\n if (status === 401) return 'auth';\n if (status === 403) return 'forbidden';\n if (status === 404) return 'resourceNotFound';\n if (status === 409 \|\| status === 412) return 'conflict';\n if (status === 429) return 'tooManyRequests';\n\n return 'internal';\n}\n\nfunction getErrorName(error: unknown): string \| undefined {\n if (!isRecord(error)) return undefined;\n\n const name = error.name;\n if (typeof name === 'string') return name;\n\n const code = error.code ?? error.Code;\n if (typeof code === 'string') return code;\n\n return undefined;\n}\n\nfunction getHttpStatusCode(error: unknown): number \| undefined {\n if (!isRecord(error)) return undefined;\n const metadata = error.$metadata;\n if (!isRecord(metadata)) return undefined;\n return typeof metadata.httpStatusCode === 'number' ? metadata.httpStatusCode : undefined;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n","import type { AdminGetUserCommandOutput, AttributeType } from '@aws-sdk/client-cognito-identity-provider';\nimport { AdminGetUserCommand, AdminListGroupsForUserCommand } from '@aws-sdk/client-cognito-identity-provider';\nimport { ResultAsync } from 'neverthrow';\n\nimport { getCognitoClient } from './client.js';\nimport { error_cognito } from './errors.js';\n\nexport type type_userResponse = Omit<AdminGetUserCommandOutput, 'UserAttributes'> & {\n UserAttributes: Record<string, string>;\n};\n\n/\n Performs an AdminGetUserCommand and extracts the user attributes into an object\n /\nexport function getUserDetails(a: { username: string; userPoolId: string }) {\n return ResultAsync.fromThrowable(\n async () => {\n console.log('getUserDetails: Getting details for user: ', a.username);\n const cognitoClient = getCognitoClient();\n const res = await cognitoClient.send(new AdminGetUserCommand({ UserPoolId: a.userPoolId, Username: a.username }));\n return { ...res, UserAttributes: extractAttributes(res.UserAttributes) } as type_userResponse;\n },\n (e) => {\n console.error('getUserDetails:error:', e);\n return error_cognito(e);\n }\n )();\n}\n\n/\n @returns An object of attributes with their names as keys and values as values.\n /\nexport function extractAttributes(attrs: AttributeType[] \| undefined) {\n const attributes: Record<string, string> = {};\n if (attrs) {\n for (const attr of attrs) {\n if (attr.Name && attr.Value) {\n attributes[attr.Name] = attr.Value;\n }\n }\n }\n return attributes;\n}\n\n/\n Performs an AdminGetUserCommand and extracts the user attributes into an object\n /\nexport function getUserGroups(a: { username: string; userPoolId: string }) {\n return ResultAsync.fromThrowable(\n async () => {\n console.log('getUserGroups: Getting groups for user: ', a.username);\n const cognitoClient = getCognitoClient();\n const res = await cognitoClient.send(\n new AdminListGroupsForUserCommand({ UserPoolId: a.userPoolId, Username: a.username })\n );\n return res;\n },\n (e) => {\n console.error('getUserGroups:error:', e);\n return error_cognito(e);\n }\n )();\n}\n","import { createHmac } from 'node:crypto';\n\nimport {\n AdminInitiateAuthCommand,\n ChangePasswordCommand,\n ConfirmForgotPasswordCommand,\n ConfirmSignUpCommand,\n ForgotPasswordCommand,\n GetTokensFromRefreshTokenCommand,\n GlobalSignOutCommand,\n RespondToAuthChallengeCommand,\n SignUpCommand\n} from '@aws-sdk/client-cognito-identity-provider';\nimport { ResultAsync } from 'neverthrow';\n\nimport { getCognitoClient } from './client.js';\nimport { error_cognito } from './errors.js';\n\n/\n Computes Cognito secret hash used for client-side authentication flows.\n \n @param username - Cognito username or alias.\n * @param clientId - Cognito app client ID.\n * @param clientSecret - Cognito app client secret.\n /\nexport function computeSecretHash(username: string, clientId: string, clientSecret: string): string {\n console.log('computeSecretHash: ', username, clientId, clientSecret);\n return createHmac('SHA256', clientSecret)\n .update(username + clientId)\n .digest('base64');\n}\n\n// ---- Change password ---- //\n\n/\n Changes a user's password given a valid access token.\n \n @param accessToken - Access token for the authenticated user.\n * @param oldPassword - Current password.\n * @param newPassword - New password to set.\n /\nexport function changePassword(accessToken: string, oldPassword: string, newPassword: string) {\n return ResultAsync.fromThrowable(\n async () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ChangePasswordCommand({\n AccessToken: accessToken,\n PreviousPassword: oldPassword,\n ProposedPassword: newPassword\n })\n );\n },\n (e) => {\n console.error('ChangePasswordCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Confirm Forgot password ---- //\n\n/\n Completes a forgot-password flow by submitting the confirmation code and new password.\n \n @param a.username - Cognito username or alias.\n * @param a.confirmationCode - Code sent by Cognito to the user.\n * @param a.newPassword - New password to set.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function confirmForgotPassword(a: {\n username: string;\n confirmationCode: string;\n newPassword: string;\n clientId: string;\n clientSecret: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ConfirmForgotPasswordCommand({\n ClientId: a.clientId,\n Username: a.username,\n ConfirmationCode: a.confirmationCode,\n Password: a.newPassword,\n SecretHash: computeSecretHash(a.username, a.clientId, a.clientSecret)\n })\n );\n },\n (e) => {\n console.error('ConfirmForgotPasswordCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Confirm Signup ---- //\n\n/\n Confirms a user's signup using the confirmation code sent by Cognito.\n \n @param a.username - Cognito username or alias.\n * @param a.confirmationCode - Code sent to the user after signup.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function confirmSignup(a: {\n username: string;\n confirmationCode: string;\n clientId: string;\n clientSecret: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ConfirmSignUpCommand({\n ClientId: a.clientId,\n Username: a.username,\n ConfirmationCode: a.confirmationCode,\n SecretHash: computeSecretHash(a.username, a.clientId, a.clientSecret)\n })\n );\n },\n (e) => {\n console.error('ConfirmSignUpCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Forgot password ---- //\n\n/\n Starts a forgot-password flow by sending a reset code to the user.\n \n @param a.username - Cognito username or alias.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function forgotPassword(a: { username: string; clientId: string; clientSecret: string }) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ForgotPasswordCommand({\n ClientId: a.clientId,\n Username: a.username,\n SecretHash: computeSecretHash(a.username, a.clientId, a.clientSecret)\n })\n );\n },\n (e) => {\n console.error('ForgotPasswordCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Login ---- //\n\n/\n Signs a user in with ADMIN_USER_PASSWORD_AUTH.\n \n @param a.username - Cognito username or alias.\n * @param a.password - User password.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n * @param a.userPoolId - Cognito user pool ID.\n /\nexport function login(a: {\n username: string;\n password: string;\n clientId: string;\n clientSecret: string;\n userPoolId: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new AdminInitiateAuthCommand({\n AuthFlow: 'ADMIN_USER_PASSWORD_AUTH',\n ClientId: a.clientId,\n UserPoolId: a.userPoolId,\n AuthParameters: {\n USERNAME: a.username,\n PASSWORD: a.password,\n SECRET_HASH: computeSecretHash(a.username, a.clientId, a.clientSecret)\n }\n })\n );\n },\n (e) => {\n console.error('AdminInitiateAuthCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Refresh token ---- //\n\n/\n Sends a GetTokensFromRefreshTokenCommand\n /\nexport function refreshTokens(a: {\n RefreshToken: string;\n ClientId: string;\n ClientSecret: string;\n DeviceKey?: string \| undefined;\n ClientMetaData?: Record<string, string> \| undefined;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(new GetTokensFromRefreshTokenCommand(a));\n },\n (e) => {\n console.error('refreshTokens: GetTokensFromRefreshTokenCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n/\n Exchanges a refresh token for new tokens.\n \n @param a.username - Cognito username or alias used to compute secret hash.\n * @param a.refreshToken - Refresh token to exchange.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n * @param a.userPoolId - Cognito user pool ID.\n /\nexport function refreshTokensAuth(a: {\n username: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n userPoolId: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new AdminInitiateAuthCommand({\n AuthFlow: 'REFRESH_TOKEN_AUTH',\n ClientId: a.clientId,\n UserPoolId: a.userPoolId,\n AuthParameters: {\n REFRESH_TOKEN: a.refreshToken,\n SECRET_HASH: computeSecretHash(a.username, a.clientId, a.clientSecret)\n }\n })\n );\n },\n (e) => {\n console.error('refreshTokens: AdminInitiateAuthCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Logout ---- //\n/\n Globally signs out a user by invalidating all refresh tokens.\n \n @param accessToken - Access token for the authenticated user.\n /\nexport function logout(accessToken: string) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n // GlobalSignOut invalidates all refresh tokens associated with user\n return cognitoClient.send(new GlobalSignOutCommand({ AccessToken: accessToken }));\n },\n (e) => {\n console.error('GlobalSignOutCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Reset password ---- //\n/\n Completes a NEW_PASSWORD_REQUIRED challenge for users who must set a new password.\n \n @param a.session - Session returned from the auth challenge.\n * @param a.newPassword - New password to set.\n * @param a.username - Cognito username or alias.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function resetPassword(a: {\n session: string;\n newPassword: string;\n username: string;\n clientId: string;\n clientSecret: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName: 'NEW_PASSWORD_REQUIRED',\n ClientId: a.clientId,\n Session: a.session,\n ChallengeResponses: {\n SECRET_HASH: computeSecretHash(a.username, a.clientId, a.clientSecret),\n NEW_PASSWORD: a.newPassword,\n USERNAME: a.username\n }\n })\n );\n },\n (e) => {\n console.error('RespondToAuthChallengeCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Sign up ---- //\n/\n Registers a new user with Cognito and optional custom attributes.\n \n @param a.username - Cognito username.\n * @param a.password - User password.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n * @param a.<attribute> - Any additional user attributes to set.\n /\nexport function signUp(\n a: { username: string; password: string; clientId: string; clientSecret: string } & Record<string, unknown>\n) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n const secretHash = computeSecretHash(a.username, a.clientId, a.clientSecret);\n\n return cognitoClient.send(\n new SignUpCommand({\n ClientId: a.clientId,\n Username: a.username,\n Password: a.password,\n SecretHash: secretHash,\n UserAttributes: Object.entries(a)\n .filter(([key]) => !['username', 'password', 'clientId', 'clientSecret'].includes(key))\n .map(([key, value]) => ({ Name: key, Value: value as string }))\n })\n );\n },\n (e) => {\n console.error('SignUpCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Federated ---- //\n/\n Exchanges an OAuth2 authorization code for Cognito tokens using the token endpoint.\n * See https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html for request/response fields and grant details.\n \n @param a.code - Authorization code returned by the hosted UI.\n * @param a.redirectUri - Redirect URI registered with the app client.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret used for Basic Auth.\n * @param a.cognitoDomain - Cognito domain URL (e.g., your-domain.auth.region.amazoncognito.com).\n * @returns Parsed token payload containing `access_token`, `id_token`, `refresh_token`, token type, and expiry.\n /\nexport function verifyOAuthToken(a: {\n code: string;\n redirectUri: string;\n clientId: string;\n clientSecret: string;\n cognitoDomain: string;\n}) {\n return ResultAsync.fromThrowable(\n async () => {\n const basicAuth = Buffer.from(`${a.clientId}:${a.clientSecret}`).toString('base64');\n\n const params = new URLSearchParams();\n params.append('grant_type', 'authorization_code');\n params.append('code', a.code);\n params.append('redirect_uri', a.redirectUri);\n\n // params.append('client_id', a.clientId);\n\n console.log('verifyOAuthToken: params', params.toString());\n\n const tokenRes = await fetch(`https://${a.cognitoDomain}/oauth2/token`, {\n method: 'POST',\n headers: { 'Content-Type': 'application/x-www-form-urlencoded', Authorization: `Basic ${basicAuth}` },\n body: params.toString()\n });\n if (!tokenRes.ok) {\n console.error('verifyOAuthToken: token exchange failed', await tokenRes.text());\n throw Object.assign(new Error('OAuth token exchange failed'), { name: 'NotAuthorizedException' });\n }\n\n return (await tokenRes.json()) as {\n access_token: string;\n id_token: string;\n refresh_token: string;\n token_type: string;\n expires_in: number;\n };\n },\n (e) => {\n console.error('verifyOAuthToken:error', e);\n return error_cognito(e);\n }\n )();\n}\n\n/\n Exchanges an OAuth2 refresh token for Cognito tokens using the oauth token endpoint.\n * See https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html for request/response fields and grant details.\n \n @param a.redirectUri - Redirect URI registered with the app client.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret used for Basic Auth.\n * @param a.cognitoDomain - Cognito domain URL (e.g., your-domain.auth.region.amazoncognito.com).\n * @returns Parsed token payload containing `access_token`, `id_token`, `refresh_token`, token type, and expiry.\n /\nexport function refreshOAuthToken(a: {\n clientId: string;\n clientSecret: string;\n cognitoDomain: string;\n refreshToken: string;\n}) {\n return ResultAsync.fromThrowable(\n async () => {\n const basicAuth = Buffer.from(`${a.clientId}:${a.clientSecret}`).toString('base64');\n\n const params = new URLSearchParams();\n params.append('grant_type', 'refresh_token');\n params.append('refresh_token', a.refreshToken);\n\n console.log('refreshOAuthToken: params', params.toString());\n\n const tokenRes = await fetch(`https://${a.cognitoDomain}/oauth2/token`, {\n method: 'POST',\n headers: { 'Content-Type': 'application/x-www-form-urlencoded', Authorization: `Basic ${basicAuth}` },\n body: params.toString()\n });\n if (!tokenRes.ok) {\n console.error('refreshOAuthToken: token exchange failed', await tokenRes.text());\n throw Object.assign(new Error('OAuth token refresh failed'), { name: 'NotAuthorizedException' });\n }\n\n return (await tokenRes.json()) as {\n access_token: string;\n id_token: string;\n refresh_token: string \| undefined;\n token_type: string;\n expires_in: number;\n };\n },\n (e) => {\n console.error('refreshOAuthToken:error', e);\n return error_cognito(e);\n }\n )();\n}\n","import { S3Client } from '@aws-sdk/client-s3';\n\n/\n Convenience function for S3Client when process.env.REGION is set\n /\nexport function getS3() {\n return new S3Client({\n // endpoint: `https://s3.${process.env.REGION}.amazonaws.com`,\n // region: process.env.REGION\n });\n}\n","export function isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\nexport function getErrorName(error: unknown): string \| undefined {\n if (!isRecord(error)) return undefined;\n\n const name = error.name;\n if (typeof name === 'string') return name;\n\n const code = error.code ?? error.Code;\n if (typeof code === 'string') return code;\n\n return undefined;\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\n\nimport { getErrorName, isRecord } from '../utils/errors.js';\n\n/* Error wrapper for failures that happen while doing S3 SDK work. /\nexport type type_error_s3 = { type: 's3'; error: unknown };\n\n/* Internal reason used before converting S3 errors into public lambda errors. /\nexport type type_error_lambda_fromS3_reason =\n \| 'invalidInput'\n \| 'objectNotFound'\n \| 'bucketNotFound'\n \| 'conflict'\n \| 'throttled'\n \| 'accessDenied'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromS3_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting S3 errors to lambda errors. /\nexport type type_error_lambda_fromS3_options = Partial<\n Record<type_error_lambda_fromS3_reason, type_error_lambda_fromS3_override>\n>;\n\nconst defaultErrors = {\n invalidInput: { type: 'badRequest', message: 'Invalid S3 request' },\n objectNotFound: { type: 'notFound', message: 'S3 object not found' },\n bucketNotFound: { type: 'internal', message: 'Internal server error' },\n conflict: { type: 'conflict', message: 'The request conflicts with the current S3 resource state' },\n throttled: { type: 'internal', message: 'Internal server error' },\n accessDenied: { type: 'internal', message: 'Internal server error' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromS3_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as an S3-domain error for neverthrow flows. /\nexport function error_s3(error: unknown): type_error_s3 {\n return { type: 's3', error };\n}\n\n/* Convert AWS SDK S3 errors into a safe lambda error for API responses. /\nexport function error_lambda_fromS3(\n e: type_error_s3,\n options: type_error_lambda_fromS3_options = {}\n): type_error_lambda {\n const reason = getS3Reason(e.error);\n\n const base = defaultErrors[reason];\n const override = options[reason];\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Returns true for normal S3 object-missing responses. /\nexport function is_s3_notFound(error: unknown): boolean {\n return getS3Reason(error) === 'objectNotFound';\n}\n\n/* Classify AWS SDK / S3 service errors. /\nfunction getS3Reason(error: unknown): type_error_lambda_fromS3_reason {\n switch (getErrorName(error)) {\n case 'NoSuchKey':\n case 'NotFound':\n case 'NoSuchVersion':\n return 'objectNotFound';\n\n case 'NoSuchBucket':\n case 'NoSuchBucketPolicy':\n case 'NoSuchLifecycleConfiguration':\n case 'NoLoggingStatusForKey':\n return 'bucketNotFound';\n\n case 'AmbiguousGrantByEmailAddress':\n case 'BadDigest':\n case 'EntityTooLarge':\n case 'EntityTooSmall':\n case 'IncompleteBody':\n case 'IncorrectNumberOfFilesInPostRequest':\n case 'InlineDataTooLarge':\n case 'InvalidAddressingHeader':\n case 'InvalidArgument':\n case 'InvalidBucketName':\n case 'InvalidDigest':\n case 'InvalidLocationConstraint':\n case 'InvalidPart':\n case 'InvalidPartOrder':\n case 'InvalidPayer':\n case 'InvalidPolicyDocument':\n case 'InvalidRange':\n case 'InvalidRequest':\n case 'InvalidSOAPRequest':\n case 'InvalidStorageClass':\n case 'InvalidTargetBucketForLogging':\n case 'InvalidURI':\n case 'KeyTooLongError':\n case 'MalformedACLError':\n case 'MalformedPOSTRequest':\n case 'MalformedXML':\n case 'MaxMessageLengthExceeded':\n case 'MaxPostPreDataLengthExceededError':\n case 'MetadataTooLarge':\n case 'MissingAttachment':\n case 'MissingContentLength':\n case 'MissingRequestBodyError':\n case 'RequestIsNotMultiPartContent':\n case 'RequestTorrentOfBucketError':\n case 'NoSuchUpload':\n return 'invalidInput';\n\n case 'BucketAlreadyExists':\n case 'BucketAlreadyOwnedByYou':\n case 'BucketNotEmpty':\n case 'EncryptionTypeMismatch':\n case 'IdempotencyParameterMismatch':\n case 'IllegalVersioningConfigurationException':\n case 'InvalidBucketState':\n case 'InvalidEncryptionAlgorithmError':\n case 'InvalidObjectState':\n case 'InvalidWriteOffset':\n case 'ObjectAlreadyInActiveTierError':\n case 'ObjectNotInActiveTierError':\n case 'OperationAborted':\n case 'PreconditionFailed':\n case 'RestoreAlreadyInProgress':\n case 'TooManyParts':\n return 'conflict';\n\n case 'RequestLimitExceeded':\n case 'RequestTimeout':\n case 'ServiceUnavailable':\n case 'SlowDown':\n case 'Throttling':\n case 'ThrottlingException':\n return 'throttled';\n\n case 'AccessDenied':\n case 'AccountProblem':\n case 'AllAccessDisabled':\n case 'CredentialsNotSupported':\n case 'CrossLocationLoggingProhibited':\n case 'ExpiredToken':\n case 'InvalidAccessKeyId':\n case 'InvalidSecurity':\n case 'InvalidToken':\n case 'MethodNotAllowed':\n case 'MissingSecurityElement':\n case 'MissingSecurityHeader':\n case 'NotSignedUp':\n case 'SignatureDoesNotMatch':\n return 'accessDenied';\n\n case 'AuthorizationHeaderMalformed':\n case 'InternalError':\n case 'NotImplemented':\n case 'PermanentRedirect':\n case 'Redirect':\n case 'RequestTimeTooSkewed':\n case 'TemporaryRedirect':\n return 'internal';\n\n default:\n return getHttpStatusReason(error);\n }\n}\n\nfunction getHttpStatusReason(error: unknown): type_error_lambda_fromS3_reason {\n const status = getHttpStatusCode(error);\n\n if (status === 400) return 'invalidInput';\n if (status === 404) return 'objectNotFound';\n if (status === 409 \|\| status === 412) return 'conflict';\n if (status === 429 \|\| status === 503) return 'throttled';\n if (status === 401 \|\| status === 403) return 'accessDenied';\n\n return 'internal';\n}\n\nfunction getHttpStatusCode(error: unknown): number \| undefined {\n if (!isRecord(error)) return undefined;\n const metadata = error.$metadata;\n if (!isRecord(metadata)) return undefined;\n return typeof metadata.httpStatusCode === 'number' ? metadata.httpStatusCode : undefined;\n}\n","import { getSignedUrl as baseGetSignedUrl } from '@aws-sdk/s3-request-presigner';\nimport { ResultAsync } from 'neverthrow';\n\nimport { error_s3 } from './errors.js';\n\nexport function getSignedUrl(...args: Parameters<typeof baseGetSignedUrl>) {\n return ResultAsync.fromThrowable(baseGetSignedUrl, (e) => {\n console.error('getSignedUrl: Failed to get signed url', e);\n return error_s3(e);\n })(...args);\n}\n","import { HeadObjectCommand, GetObjectCommand } from '@aws-sdk/client-s3';\nimport { ResultAsync } from 'neverthrow';\n\nimport { getS3 } from './client.js';\nimport { error_s3, is_s3_notFound, type type_error_s3 } from './errors.js';\n\n/\n Retrieves an object from an S3 bucket.\n \n @param {string} bucketName - The name of the S3 bucket.\n * @param {string} key - The key of the object to retrieve.\n * @returns {Promise<Buffer>} A promise that resolves to the object data as a Buffer.\n /\nexport function getObject(bucketName: string, key: string) {\n return ResultAsync.fromThrowable(\n async () => {\n const s3 = getS3();\n const cmd = new GetObjectCommand({ Bucket: bucketName, Key: key });\n const res = await s3.send(cmd);\n const stream = res.Body as any;\n return new Promise<Buffer>((resolve, reject) => {\n const chunks: Buffer[] = [];\n stream.on('data', (chunk: Buffer) => chunks.push(chunk));\n stream.on('end', () => resolve(Buffer.concat(chunks)));\n stream.on('error', reject);\n });\n },\n (e) => {\n console.error(`getObjectt: Error getting object from S3: ${e}`);\n return error_s3(e);\n }\n )();\n}\n\n/\n Convenience function to get an object from S3 and return it as a string.\n /\nexport function getObjectString(bucketName: string, key: string): ResultAsync<string, type_error_s3> {\n return getObject(bucketName, key).map((buffer) => buffer.toString('utf-8'));\n}\n\n/\n Checks if an object exists in an s3 bucket by retrieving the HEAD data\n \n @param {string} bucketName - The name of the S3 bucket.\n * @param {string} key - The key of the object to retrieve.\n * @returns {Promise<Buffer>} A promise that resolves to a boolean.\n /\nexport function objectExists(bucketName: string, key: string) {\n return ResultAsync.fromThrowable(\n async () => {\n const s3 = getS3();\n\n try {\n const cmd = new HeadObjectCommand({ Bucket: bucketName, Key: key });\n const res = await s3.send(cmd);\n return res.$metadata.httpStatusCode === 200;\n } catch (e) {\n if (is_s3_notFound(e)) return false;\n throw e;\n }\n },\n (e) => {\n console.error(`objectExists: Error getting object head from S3: ${e}`);\n return error_s3(e);\n }\n )();\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\nimport { DynamoDBToolboxError } from 'dynamodb-toolbox';\n\nimport { getErrorName, isRecord } from '../utils/errors.js';\n\n/* Error wrapper for failures that happen while doing DynamoDB or DynamoDB Toolbox work. /\nexport type type_error_dynamo = { type: 'dynamo'; error: DynamoDBToolboxError \| unknown };\n\n/* Internal reason used before converting Dynamo-related errors into public lambda errors. /\nexport type type_error_lambda_fromDynamo_reason =\n \| 'invalidInput'\n \| 'conditionalCheckFailed'\n \| 'transactionConflict'\n \| 'resourceNotFound'\n \| 'throttled'\n \| 'accessDenied'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromDynamo_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting Dynamo errors to lambda errors. /\nexport type type_error_lambda_fromDynamo_options = Partial<\n Record<type_error_lambda_fromDynamo_reason, type_error_lambda_fromDynamo_override>\n> & {\n /\n By default DynamoDB and DynamoDB Toolbox details are not returned to clients.\n * Set this to true only when the Toolbox path is already a public input field.\n /\n includeToolboxPath?: boolean;\n};\n\nconst defaultErrors = {\n invalidInput: { type: 'badRequest', message: 'Invalid request' },\n conditionalCheckFailed: { type: 'conflict', message: 'The request conflicts with the current resource state' },\n transactionConflict: { type: 'conflict', message: 'The request conflicts with the current resource state' },\n resourceNotFound: { type: 'internal', message: 'Internal server error' },\n throttled: { type: 'internal', message: 'Internal server error' },\n accessDenied: { type: 'internal', message: 'Internal server error' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromDynamo_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as a Dynamo-domain error for neverthrow flows. /\nexport function error_dynamo(error: unknown): type_error_dynamo {\n return { type: 'dynamo', error };\n}\n\n/* Convert DynamoDB Toolbox or AWS SDK errors into a safe lambda error for API responses. /\nexport function error_lambda_fromDynamo(\n e: type_error_dynamo,\n options: type_error_lambda_fromDynamo_options = {}\n): type_error_lambda {\n if (e.error instanceof DynamoDBToolboxError) {\n return fromReason(getToolboxReason(e.error), options, toolboxField(e.error, options.includeToolboxPath));\n }\n return fromReason(getAwsReason(e.error), options);\n}\n\n/* Apply endpoint overrides and build the concrete lambda error object. /\nfunction fromReason(\n reason: type_error_lambda_fromDynamo_reason,\n options: type_error_lambda_fromDynamo_options,\n defaults: Partial<type_error_lambda> = {}\n): type_error_lambda {\n const base = { ...defaultErrors[reason], ...defaults };\n const override = options[reason];\n\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Classify errors produced by Toolbox before sending, or while formatting returned items. /\nfunction getToolboxReason(error: DynamoDBToolboxError): type_error_lambda_fromDynamo_reason {\n if (error.code.startsWith('parsing.') \|\| error.code === 'actions.parsePrimaryKey.invalidKeyPart') {\n return 'invalidInput';\n }\n\n if (error.code.startsWith('formatter.') \|\| error.code.startsWith('schema.') \|\| error.code.startsWith('entity.')) {\n return 'internal';\n }\n\n switch (error.code) {\n case 'actions.invalidCondition':\n case 'actions.invalidExpressionAttributePath':\n case 'queryCommand.invalidIndex':\n case 'queryCommand.invalidPartition':\n case 'queryCommand.invalidProjectionExpression':\n case 'queryCommand.invalidRange':\n case 'queryCommand.invalidReverseOption':\n case 'scanCommand.invalidProjectionExpression':\n case 'scanCommand.invalidSegmentOption':\n case 'batchGetCommand.invalidProjectionExpression':\n case 'options.invalidCapacityOption':\n case 'options.invalidClientRequestToken':\n case 'options.invalidConsistentOption':\n case 'options.invalidIndexOption':\n case 'options.invalidLimitOption':\n case 'options.invalidMaxPagesOption':\n case 'options.invalidMetricsOption':\n case 'options.invalidReturnValuesOption':\n case 'options.invalidReturnValuesOnConditionFalseOption':\n case 'options.invalidSelectOption':\n return 'invalidInput';\n\n case 'actions.incompleteAction':\n case 'actions.invalidAction':\n case 'actions.missingDocumentClient':\n case 'queryCommand.invalidTagEntitiesOption':\n case 'queryCommand.noEntityMatched':\n case 'scanCommand.noEntityMatched':\n case 'options.invalidEntityAttrFilterOption':\n case 'options.invalidNoEntityMatchBehaviorOption':\n case 'options.invalidShowEntityAttrOption':\n case 'options.invalidTableNameOption':\n case 'options.unknownOption':\n case 'table.missingTableName':\n return 'internal';\n\n default:\n return 'internal';\n }\n}\n\nfunction toolboxField(error: DynamoDBToolboxError, includeToolboxPath: boolean \| undefined) {\n if (!includeToolboxPath \|\| typeof error.path !== 'string') return {};\n return { fieldName: error.path, fieldValue: error.message };\n}\n\n// ---- AWS ---- //\n/* Classify AWS SDK / DynamoDB service errors that bubble out of Toolbox send calls. /\nfunction getAwsReason(error: unknown): type_error_lambda_fromDynamo_reason {\n switch (getErrorName(error)) {\n case 'ConditionalCheckFailedException':\n return 'conditionalCheckFailed';\n case 'TransactionCanceledException':\n return getTransactionReason(error);\n case 'TransactionConflictException':\n case 'ReplicatedWriteConflictException':\n case 'IdempotentParameterMismatchException':\n case 'ItemCollectionSizeLimitExceededException':\n return 'transactionConflict';\n case 'ValidationException':\n return 'invalidInput';\n case 'ResourceNotFoundException':\n return 'resourceNotFound';\n case 'ProvisionedThroughputExceededException':\n case 'RequestLimitExceeded':\n case 'ThrottlingException':\n case 'ThrottlingError':\n return 'throttled';\n case 'AccessDeniedException':\n case 'ExpiredTokenException':\n case 'IncompleteSignatureException':\n case 'InvalidSignatureException':\n case 'UnrecognizedClientException':\n return 'accessDenied';\n default:\n return 'internal';\n }\n}\n\n/* Pick the most useful public reason from DynamoDB transaction cancellation details. /\nfunction getTransactionReason(error: unknown): type_error_lambda_fromDynamo_reason {\n const cancellationReasons = getCancellationReasons(error);\n\n if (cancellationReasons.some((reason) => reason === 'ConditionalCheckFailed')) {\n return 'conditionalCheckFailed';\n }\n\n if (cancellationReasons.some((reason) => reason === 'TransactionConflict')) {\n return 'transactionConflict';\n }\n\n if (cancellationReasons.some((reason) => reason === 'ValidationError')) {\n return 'invalidInput';\n }\n\n if (\n cancellationReasons.some((reason) =>\n ['ProvisionedThroughputExceeded', 'RequestLimitExceeded', 'ThrottlingError'].includes(reason)\n )\n ) {\n return 'throttled';\n }\n\n return 'internal';\n}\n\nfunction getCancellationReasons(error: unknown): string[] {\n if (!isRecord(error)) return [];\n const cancellationReasons = error.CancellationReasons ?? error.cancellationReasons;\n if (!Array.isArray(cancellationReasons)) return [];\n\n return cancellationReasons\n .map((reason) => (isRecord(reason) && typeof reason.Code === 'string' ? reason.Code : undefined))\n .filter((reason) => reason !== undefined);\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\n\n/* Error wrapper for failures that happen while doing SES SDK work. /\nexport type type_error_ses = { type: 'ses'; error: unknown };\n\n/* Internal reason used before converting SES errors into public lambda errors. /\nexport type type_error_lambda_fromSes_reason =\n \| 'invalidInput'\n \| 'messageRejected'\n \| 'identityNotVerified'\n \| 'notFound'\n \| 'alreadyExists'\n \| 'conflict'\n \| 'throttled'\n \| 'accessDenied'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromSes_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting SES errors to lambda errors. /\nexport type type_error_lambda_fromSes_options = Partial<\n Record<type_error_lambda_fromSes_reason, type_error_lambda_fromSes_override>\n>;\n\nconst defaultErrors = {\n invalidInput: { type: 'badRequest', message: 'Invalid SES request' },\n messageRejected: { type: 'badRequest', message: 'Email message was rejected' },\n identityNotVerified: { type: 'internal', message: 'Internal server error' },\n notFound: { type: 'internal', message: 'Internal server error' },\n alreadyExists: { type: 'conflict', message: 'SES resource already exists' },\n conflict: { type: 'conflict', message: 'The request conflicts with the current SES resource state' },\n throttled: { type: 'internal', message: 'Internal server error' },\n accessDenied: { type: 'internal', message: 'Internal server error' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromSes_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as an SES-domain error for neverthrow flows. /\nexport function error_ses(error: unknown): type_error_ses {\n return { type: 'ses', error };\n}\n\n/* Convert AWS SDK SES errors into a safe lambda error for API responses. /\nexport function error_lambda_fromSes(\n e: type_error_ses,\n options: type_error_lambda_fromSes_options = {}\n): type_error_lambda {\n return fromReason(getSesReason(e.error), options);\n}\n\n/* Apply endpoint overrides and build the concrete lambda error object. /\nfunction fromReason(reason: type_error_lambda_fromSes_reason, options: type_error_lambda_fromSes_options) {\n const base = defaultErrors[reason];\n const override = options[reason];\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Classify AWS SDK / SES service errors. /\nfunction getSesReason(error: unknown): type_error_lambda_fromSes_reason {\n switch (getErrorName(error)) {\n case 'BadRequestException':\n case 'CustomVerificationEmailInvalidContentException':\n case 'InvalidParameterValue':\n case 'InvalidPolicyException':\n case 'InvalidRenderingParameterException':\n case 'InvalidSnsTopic':\n case 'InvalidSnsTopicException':\n case 'InvalidTemplateException':\n case 'InvalidTrackingOptionsException':\n case 'MissingRenderingAttributeException':\n return 'invalidInput';\n\n case 'MessageRejected':\n case 'MessageRejectedException':\n return 'messageRejected';\n\n case 'ConfigurationSetDoesNotExist':\n case 'ConfigurationSetDoesNotExistException':\n case 'NotFoundException':\n case 'RuleSetDoesNotExist':\n case 'TemplateDoesNotExist':\n case 'TemplateDoesNotExistException':\n return 'notFound';\n\n case 'AlreadyExistsException':\n case 'ConfigurationSetAlreadyExists':\n case 'RuleSetNameAlreadyExists':\n case 'TemplateNameAlreadyExists':\n return 'alreadyExists';\n\n case 'AccountSendingPausedException':\n case 'ConfigurationSetSendingPausedException':\n case 'ConcurrentModificationException':\n case 'ConflictException':\n case 'MailFromDomainNotVerified':\n case 'MailFromDomainNotVerifiedException':\n case 'SendingPausedException':\n return 'conflict';\n\n case 'FromEmailAddressNotVerified':\n case 'IdentityNotVerifiedException':\n return 'identityNotVerified';\n\n case 'LimitExceededException':\n case 'Throttling':\n case 'ThrottlingException':\n case 'TooManyRequestsException':\n return 'throttled';\n\n case 'AccessDeniedException':\n case 'AccountSuspendedException':\n case 'ExpiredTokenException':\n case 'InvalidClientTokenId':\n case 'InvalidSignatureException':\n case 'ProductionAccessNotGrantedException':\n case 'SignatureDoesNotMatch':\n case 'UnauthorizedException':\n return 'accessDenied';\n\n case 'InternalFailure':\n case 'InternalServerError':\n case 'InternalServiceError':\n case 'ServiceUnavailable':\n return 'internal';\n\n default:\n return getHttpStatusReason(error);\n }\n}\n\nfunction getHttpStatusReason(error: unknown): type_error_lambda_fromSes_reason {\n const status = getHttpStatusCode(error);\n\n if (status === 400) return 'invalidInput';\n if (status === 401) return 'accessDenied';\n if (status === 403) return 'accessDenied';\n if (status === 404) return 'notFound';\n if (status === 409 \|\| status === 412) return 'conflict';\n if (status === 429) return 'throttled';\n\n return 'internal';\n}\n\nfunction getErrorName(error: unknown): string \| undefined {\n if (!isRecord(error)) return undefined;\n\n const name = error.name;\n if (typeof name === 'string') return name;\n\n const code = error.code ?? error.Code;\n if (typeof code === 'string') return code;\n\n return undefined;\n}\n\nfunction getHttpStatusCode(error: unknown): number \| undefined {\n if (!isRecord(error)) return undefined;\n const metadata = error.$metadata;\n if (!isRecord(metadata)) return undefined;\n return typeof metadata.httpStatusCode === 'number' ? metadata.httpStatusCode : undefined;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n","import type { Root, RootContent, Element } from 'hast';\nimport rehypeParse from 'rehype-parse';\nimport type { Plugin } from 'unified';\nimport { unified } from 'unified';\nimport type { VFile } from 'vfile';\n\n/\n This rehype plugin extracts the headings from the markdown elements but also the raw elements.\n * So we get html headings in the TOC as well\n \n It sets the file.data.fm.toc to a flat map of the toc\n /\nexport const extractToc: Plugin<[], Root> = () => {\n return (tree: Root, file: VFile) => {\n const details = tree.children.flatMap(extractDetails);\n if (file.data.fm === undefined) file.data.fm = {};\n // @ts-expect-error its untyped but for svmdex it is there\n file.data.fm.toc = details;\n };\n};\nexport type Toc = TocEntry[];\nexport type TocEntry = { level: number; id: string; value: string };\n\nfunction extractDetails(content: RootContent \| { type: 'raw'; value: string }): TocEntry[] {\n if (content.type === 'element' && content.tagName.startsWith('h') && 'id' in content.properties) {\n const value =\n content.children.length === 1 && content.children[0].type === 'text'\n ? content.children[0].value\n : (content.properties.id as string);\n\n return [{ level: parseInt(content.tagName.slice(1)), id: content.properties.id as string, value }];\n } else if (content.type === 'raw') {\n const parsed = parseRaw(content.value);\n return parsed.flatMap(extractDetails);\n }\n return [];\n}\n\n/\n Parses raw HTML and returns a flat array of all heading (h1-h6) elements as HAST nodes.\n /\nexport function parseRaw(raw: string): Element[] {\n // Parse the HTML string into a HAST Root node\n const tree = unified()\n .use(rehypeParse, { fragment: true }) // allow parsing HTML fragments\n .parse(raw) as Root;\n\n // Helper function to recursively find heading elements\n function collectHeadings(node: RootContent): Element[] {\n if (node.type === 'element' && /^h[1-6]$/.test(node.tagName)) {\n return [node];\n }\n // Check children recursively\n if ('children' in node && Array.isArray(node.children)) {\n return node.children.flatMap(collectHeadings);\n }\n return [];\n }\n\n // Flatten all headings found in the tree\n return tree.children.flatMap(collectHeadings);\n}\n","import type { GenericSchema, GenericSchemaAsync } from 'valibot';\n\nexport function isSchema(x: unknown): x is GenericSchema {\n return !!x && typeof x === 'object' && 'kind' in x && x['kind'] === 'schema';\n}\n\nexport function unwrap(schema: GenericSchema): GenericSchema {\n // Unwrap common wrappers that simply contain another schema under `wrapped`\n // optional \| exactOptional \| undefinedable \| nullable \| nullish \| nonNullable \| nonNullish \| readonly \| brand \| description \| metadata \| title \| flavor\n // Most of these share `{ type: string; wrapped: GenericSchema }`\n // Guarded unwrap to avoid infinite loops.\n let curr: any = schema as any;\n const seen = new Set<any>();\n while (curr && typeof curr === 'object' && !seen.has(curr) && 'wrapped' in curr && isSchema((curr as any).wrapped)) {\n seen.add(curr);\n curr = (curr as any).wrapped;\n }\n return curr as GenericSchema;\n}\n\nfunction isIntegerKey(s: string): boolean {\n // allow \"0\", \"01\" etc. to index tuples/arrays consistently\n return /^-?\\d+$/.test(s);\n}\n\nexport type GetSchemaByPathOptions = {\n /\n When a union/variant cannot be narrowed by the path segment,\n * choose index `preferOption` (default 0). Set to -1 to return undefined instead.\n /\n preferOption?: number;\n};\n\nexport function getSchemaByPath(\n root: GenericSchema \| GenericSchemaAsync,\n path: string,\n opts: GetSchemaByPathOptions = {}\n): GenericSchema \| undefined {\n if (!isSchema(root)) return undefined;\n if (!path) return root;\n\n const keys = path.split('.');\n let curr: GenericSchema \| undefined = root;\n\n for (let i = 0; i < keys.length; i++) {\n if (!curr) return undefined;\n curr = unwrap(curr);\n const seg = keys[i];\n\n // Narrow by schema \"type\"\n const type = (curr as any).type as string \| undefined;\n\n switch (type) {\n case 'object': {\n // ObjectSchema has `.entries`\n const entries = (curr as any).entries as Record<string, GenericSchema> \| undefined;\n if (!entries) return undefined;\n curr = entries[seg];\n break;\n }\n\n case 'record': {\n // RecordSchema has `.value` for any key\n const value = (curr as any).value as GenericSchema \| undefined;\n curr = value;\n break;\n }\n\n case 'array': {\n // ArraySchema has `.item`\n if (!isIntegerKey(seg)) return undefined;\n const item = (curr as any).item as GenericSchema \| undefined;\n curr = item;\n break;\n }\n\n case 'tuple': {\n // TupleSchema has `.items` and possibly `.rest`\n if (!isIntegerKey(seg)) return undefined;\n const idx = Number(seg);\n const items = (curr as any).items as GenericSchema[] \| undefined;\n const rest = (curr as any).rest as GenericSchema \| undefined;\n if (!items) return undefined;\n curr = idx < items.length ? items[idx] : rest;\n break;\n }\n\n case 'union': {\n // UnionSchema has `.options` (array of schemas)\n const options = (curr as any).options as GenericSchema[] \| undefined;\n if (!options?.length) return undefined;\n\n // Try to narrow by segment:\n // - if numeric seg: prefer array/tuple options\n // - if string seg: prefer object/record options that contain seg\n const numeric = isIntegerKey(seg);\n\n let next: GenericSchema \| undefined;\n\n if (numeric) {\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n return u?.type === 'array' \|\| u?.type === 'tuple';\n }) ?? options[opts.preferOption ?? 0];\n } else {\n // Prefer object/record with matching key\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n if (u?.type === 'object') {\n const ent = u.entries as Record<string, GenericSchema> \| undefined;\n return !!ent && seg in ent;\n }\n return u?.type === 'record';\n }) ?? options[opts.preferOption ?? 0];\n }\n\n curr = next;\n // Loop continues to use seg against selected option\n i--; // reprocess this segment against the chosen branch\n break;\n }\n\n case 'variant': {\n // Variant (discriminated union) has `.options` too\n const options = (curr as any).options as GenericSchema[] \| undefined;\n if (!options?.length) return undefined;\n // Same narrowing as union\n const numeric = isIntegerKey(seg);\n let next: GenericSchema \| undefined;\n if (numeric) {\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n return u?.type === 'array' \|\| u?.type === 'tuple';\n }) ?? options[opts.preferOption ?? 0];\n } else {\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n if (u?.type === 'object') {\n const ent = u.entries as Record<string, GenericSchema> \| undefined;\n return !!ent && seg in ent;\n }\n return u?.type === 'record';\n }) ?? options[opts.preferOption ?? 0];\n }\n curr = next;\n i--;\n break;\n }\n\n default: {\n // If it’s a pipeline schema (`pipe`) or similar wrapper, many expose `.wrapped` and are handled by unwrap.\n // If we end up at a primitive or unknown structure while keys remain, fail.\n return undefined;\n }\n }\n }\n\n return curr ? unwrap(curr) : undefined;\n}\n","import { isEqual, isObject } from 'radash';\n\nimport type { DeepPartial } from '../types/deep.js';\n\n/\n Sets the value for an object by its dot path\n * @param obj - any object\n * @param path - the dot path eg. key1.0.1.key2\n * @param value - any value\n * @returns - the modified object\n /\nexport function setByPath<T extends object>(obj: T, path: string, value: any): T {\n const keys = path.split('.');\n let curr: any = obj;\n\n for (let i = 0; i < keys.length - 1; i++) {\n const k = keys[i];\n const next = keys[i + 1];\n // handle array indices like '0'\n if (Number.isInteger(Number(next))) {\n curr[k] ??= [];\n } else {\n curr[k] ??= {};\n }\n curr = curr[k];\n }\n\n curr[keys[keys.length - 1]] = value;\n return obj;\n}\n\n/\n Gets the value from an object by its dot path\n * @param obj - any object\n * @param path - the dot path eg. key1.0.1.key2\n * @returns - the value at the given path or undefined\n /\nexport function getByPath<T extends object>(obj: T, path: string): any {\n if (!obj \|\| typeof obj !== 'object') return undefined;\n const keys = path.split('.');\n let curr: any = obj;\n\n for (const k of keys) {\n if (curr == null) return undefined;\n curr = curr[k];\n }\n\n return curr;\n}\n\nconst isPlainRecord = (v: unknown): v is Record<string, unknown> => isObject(v) && !Array.isArray(v);\n\n/\n Returns a deep \"patch\" object containing only the fields from `b`\n * that are different from `a`.\n \n Behavior:\n * - Only keys from `b` can appear in the result.\n * - New keys in `b` are included.\n * - Changed primitive/array values are included as the value from `b`.\n * - For nested plain objects, it recurses and returns only the differing nested fields.\n * - Arrays are treated as atomic (if different, the whole array from `b` is returned).\n \n Typing:\n * - Output is `DeepPartial<B>` because only a subset of `b`'s shape is returned.\n \n @template A\n * @template B\n * @param {A} a - Base/original object (can be a different shape than `b`).\n * @param {B} b - Updated object; output keys come from this object.\n * @returns {DeepPartial<B>} Deep partial of `b` containing only differences vs `a`.\n /\nexport const deepDiff = <A extends object, B extends object>(a: A, b: B): DeepPartial<B> => {\n const out: Record<string, unknown> = {};\n\n for (const key of Object.keys(b) as Array<keyof B>) {\n const aVal = (a as any)?.[key];\n const bVal = (b as any)[key];\n\n if (!((key as any) in (a as any))) {\n out[key as any] = bVal;\n continue;\n }\n\n if (isPlainRecord(aVal) && isPlainRecord(bVal)) {\n const nested = deepDiff(aVal, bVal);\n if (Object.keys(nested as any).length) out[key as any] = nested;\n continue;\n }\n\n if (!isEqual(aVal, bVal)) out[key as any] = bVal;\n }\n\n return out as DeepPartial<B>;\n};\n\n/\n Deeply prunes `source` to match the shape of `shape`.\n \n Rules:\n * - Only keys that exist on `shape` are kept.\n * - Pruning is deep for nested plain objects.\n * - Arrays are supported by using the first element of `shape` as the element-shape.\n * - If `shape` is `[]`, returns `[]` (drops all elements).\n * - Primitive values are kept as-is (no type coercion) if the key exists in `shape`.\n * - If `shape` expects an object/array but `source` is not compatible, returns an empty object/array of that shape.\n \n @typeParam S - Source object type.\n * @typeParam Sh - Shape object type.\n * @param source - The object to prune.\n * @param shape - The object whose keys/structure are the allowlist.\n * @returns A new value derived from `source`, containing only fields present in `shape`, pruned deeply.\n \n @example\n * const source = { a: 1, b: { c: 2, d: 3 }, e: [ { x: 1, y: 2 }, { x: 3, y: 4 } ], z: 9 };\n * const shape = { a: 0, b: { c: 0 }, e: [ { x: 0 } ] };\n * // => { a: 1, b: { c: 2 }, e: [ { x: 1 }, { x: 3 } ] }\n * const out = pruneToShape(source, shape);\n /\nexport function pruneToShape<S, Sh>(source: S, shape: Sh): Sh {\n return pruneAny(source as unknown, shape as unknown) as Sh;\n\n function pruneAny(src: unknown, sh: unknown): unknown {\n // Arrays: use first element as the \"element shape\"\n if (Array.isArray(sh)) {\n if (!Array.isArray(src)) return [];\n if (sh.length === 0) return [];\n const elemShape = sh[0];\n return src.map((v) => pruneAny(v, elemShape));\n }\n\n // Plain objects: keep only keys present on shape, recursively.\n if (isPlainObject(sh)) {\n const out: Record<string, unknown> = {};\n const srcObj = isPlainObject(src) ? (src as Record<string, unknown>) : undefined;\n\n for (const key of Object.keys(sh as Record<string, unknown>)) {\n const shVal = (sh as Record<string, unknown>)[key];\n const srcVal = srcObj ? srcObj[key] : undefined;\n\n if (Array.isArray(shVal) \|\| isPlainObject(shVal)) {\n out[key] = pruneAny(srcVal, shVal);\n } else {\n // Primitive (or function/date/etc in shape): key exists => keep source value as-is\n out[key] = srcVal;\n }\n }\n return out;\n }\n\n // Non-object shape => allowed leaf; just return source leaf as-is.\n return src;\n }\n\n function isPlainObject(v: unknown): v is Record<string, unknown> {\n if (v === null \|\| typeof v !== 'object') return false;\n const proto = Object.getPrototypeOf(v);\n return proto === Object.prototype \|\| proto === null;\n }\n}\n","import { lstat, mkdir, readFile, writeFile } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\nimport chalk from 'chalk';\nimport type { PackageJson } from 'type-fest';\n\n/\n @returns true if a filepath exists\n /\nexport async function exists(filePath: string): Promise<boolean> {\n try {\n await lstat(filePath);\n return true;\n } catch {\n return false;\n }\n}\n\n/\n Writes data to a filepath if it is different\n * @returns true if the file is written to\n /\nexport async function writeIfDifferent(filePath: string, newData: string): Promise<boolean> {\n // Ensure the directory exists\n const directory = dirname(filePath);\n if (!(await exists(directory))) {\n await mkdir(directory, { recursive: true });\n }\n\n // Check if the file exists\n if (await exists(filePath)) {\n // Read the existing file content\n const existingData = await readFile(filePath, 'utf8');\n\n // Compare the existing data with the new data\n if (existingData === newData) {\n // console.log('File contents are identical. No write needed.');\n return false;\n }\n }\n\n // Write the new data if it's different or the file doesn't exist\n await writeFile(filePath, newData, 'utf8');\n console.log(chalk.green('Writing to'), filePath);\n return true;\n}\n\n/\n @returns the json object packageJson or undefined if it doesnt exist\n */\nexport async function readPackageJson(filePath: string): Promise<PackageJson \| undefined> {\n if (!(await exists(filePath))) return undefined;\n return JSON.parse(await readFile(filePath, { encoding: 'utf-8' })) as PackageJson;\n}\n","import { styleText } from 'node:util';\n\nexport const colorText = (format: Parameters<typeof styleText>[0], text: unknown) =>\n styleText(format, String(text), { validateStream: false });\n"],"mappings":";;;;;;;;;;;;;;;;;AA6EA,MAAa,cAAc;CAAC;CAAO;CAAQ;CAAO;CAAU;CAAS;CAAW;CAAO;;;ACvEvF,MAAM,cAAc;CAAC;CAAQ;CAAO;CAAQ;AAC5C,MAAM,eAAe,CAAC,OAAO,SAAS;AAEtC,eAAe,YACb,MACA,QACA,OACA,QAEA,aACA,QACA,SACY;AACZ,KAAI,OACF,KAAI,OAAO,UAAU,KAAM,OAAM,WAAW,QAAQ,MAAM;KACrD,SAAO,QAAQ,MAAM;CAG5B,IAAI,MAAM,GAAG,SAAS,OAAO,SAAS,IAAI,GAAG,KAAK,MAAM;AAExD,KAAI,aAAa,SAAS,OAAc,EAAE;EACxC,MAAM,SAAS,IAAI,iBAAiB;AAEpC,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,SAAS,EAAE,CAAC,CACpD,KAAI,MAAM,QAAQ,MAAM,CACtB,OAAM,SAAS,SAAS,OAAO,OAAO,KAAK,OAAO,KAAK,CAAC,CAAC;MAEzD,QAAO,OAAO,KAAK,OAAO,MAAM,CAAC;EAIrC,MAAM,cAAc,OAAO,UAAU;AACrC,MAAI,YAAa,QAAO,IAAI;;AAG9B,WAAU;EAAE,gBAAgB;EAAoB,GAAG;EAAS;CAC5D,MAAM,WAAW,MAAM,MAAM,KAAK;EAChC;EACA;EAEA,MAAM,YAAY,SAAS,OAAc,GAAG,KAAK,UAAU,MAAM,GAAG,KAAA;EACpE,aAAa;EACd,CAAC;CACF,MAAM,cAAc,SAAS,QAAQ,IAAI,eAAe,IAAI;CAE5D,IAAI,YAAqC;AACzC,UAAS,OAAO,YAAY;AAC1B,MAAI,cAAc,MAChB,aAAY,SAAS,MAAM;AAG7B,MAAI,gBAAgB,sBAClB,QAAO,MAAM,MAAM,MAAM,UAAU;MAEnC,QAAO,KAAK,MAAM,MAAM,UAAU;;AAGtC,QAAO;;;;;;AAsBT,SAAgB,iBACd,SACA,QACA,KACyB;AACzB,QAAO,eAAe,WAAW,MAAM,QAAQ,OAAO,SAAS;EAC7D,MAAM,SAAS,QAAQ,QAAQ;AAC/B,MAAI,WAAW,KAAA,EAAW,OAAM,IAAI,MAAM,qCAAqC;AAM/E,SAAO,YACL,MACA,QACA,OACA,QACA,KACA,QACA,QACD;;;;;;;;;;;;;;;;;;;ACpDL,SAAgB,YACd,SACsB;AACtB,QAAO,OAAO,OAAU,YAAuD;EAC7E,MAAM,SAAS,MAAM,QAAQ,OAAO,QAAQ;AAE5C,MAAI,OAAO,MAAM;GACf,MAAM,UAAU,IAAI,QAAQ,OAAO,QAAQ;AAC3C,WAAQ,IAAI,gBAAgB,sBAAsB;AAElD,UAAO;IAAE,GAAG;IAAQ,SAAS,OAAO,YAAY,QAAQ;IAAE,MAAM,UAAU,OAAO,KAAK;IAAE;QAExF,QAAO;GAAE,GAAG;GAAQ,MAAM,KAAA;GAAW;;;;;;;;;;;;;ACzD3C,SAAgB,wBACd,SACA,WACA,YAC8B;AAC9B,QAAO;EAAE,MAAM;EAAuB;EAAS;EAAW;EAAY;;AAGxE,SAAgB,0BAA0B,SAAiD;AACzF,QAAO;EAAE,MAAM;EAAyB;EAAS;;AAGnD,SAAgB,uBAAuB,SAA8C;AACnF,QAAO;EAAE,MAAM;EAAsB;EAAS;;AAGhD,SAAgB,sBACd,SACA,WACA,YAC4B;AAC5B,QAAO;EAAE,MAAM;EAAqB;EAAS;EAAW;EAAY;;AAGtE,SAAgB,sBACd,SACA,WACA,YAC4B;AAC5B,QAAO;EAAE,MAAM;EAAqB;EAAS;EAAW;EAAY;;AAGtE,SAAgB,sBAAsB,SAA6C;AACjF,QAAO;EAAE,MAAM;EAAqB;EAAS;;;;ACrC/C,SAAS,MAAM,KAAkD;AAC/D,QAAO,IAAI,cAAc,KAAA,KAAa,IAAI,eAAe,KAAA,IACrD,EAAE,GACF,EAAE,OAAO;EAAE,MAAM,IAAI;EAAW,OAAO,IAAI;EAAY,EAAE;;;;;;;;;;AAoC/D,SAAgB,eACd,GACA,SACA,OAAa,IACb,SAAiB,EAAE,EACgB;AACnC,SAAQ,EAAE,MAAV;EACE,KAAK,aACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG,MAAM,EAAE;IAAE,GAAG;IAAQ;GAAE;EAEvG,KAAK,eACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG;IAAQ;GAAE;EAE1F,KAAK,YACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG;IAAQ;GAAE;EAE1F,KAAK,WACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG,MAAM,EAAE;IAAE,GAAG;IAAQ;GAAE;EAEvG,KAAK,WACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG,MAAM,EAAE;IAAE,GAAG;IAAQ;GAAE;EAEvG,QACE,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS;IAAuB;IAAM,GAAG;IAAQ;GAAE;;;;;;;;AASpG,SAAgB,sBAAsB,KAAwD,SAAc;CAC1G,MAAM,QAAQ,IAAI,OAAO;AAEzB,KAAI,MAAM,QAAQ,MAAM,KAAK,MAAM,OAAO,MAAM,KAAK,GAAG,QAAQ,SAC9D,QAAO,eAAe,wBAAwB,iBAAiB,MAAM,KAAK,GAAG,KAAK,MAAM,QAAQ,EAAE,QAAQ;KAE1G,QAAO,eAAe,wBAAwB,kBAAkB,MAAM,UAAU,EAAE,QAAQ;;AAI9F,SAAgB,YACd,MACA,SACA,SACA;AACA,QAAO;EAAE;EAAS;EAAS,YAAY;EAAc;EAAM;;;;;;;ACnF7D,SAAgB,WACd,OACA;AACA,QAAO,OAAO,oBACN;AACJ,MAAI,EAAE,aAAa,UAAU,CAAC,MAAM,QAClC,OAAM,IAAI,MAAM,sBAAsB;EAIxC,MAAM,eACJ,MAAM,QAAQ,MAAM,QAAQ,IAAI,MAAM,QAAQ,SAAS,IACnD,MAAM,QAAQ,KAAK,KAAK,GACxB,MAAM,QAAQ,UAAU,MAAM,QAAQ;AAE5C,MAAI,CAAC,aACH,OAAM,IAAI,MAAM,4BAA4B;AAI9C,SADYA,QAAM,aACR;KAEX,MAAM;AACL,MAAI,aAAa,MAAO,QAAO,0BAA0B,EAAE,QAAQ;AACnE,SAAO,0BAA0B,kBAAkB;GAEtD,EAAE;;;;;;;AC7BL,SAAgB,mBAAmB;AACjC,QAAO,IAAI,8BAA8B,EAGxC,CAAC;;;;AC8BJ,MAAMC,kBAAgB;CACpB,MAAM;EAAE,MAAM;EAAgB,SAAS;EAAkB;CACzD,WAAW;EAAE,MAAM;EAAa,SAAS;EAAa;CACtD,cAAc;EAAE,MAAM;EAAc,SAAS;EAAuC;CACpF,cAAc;EAAE,MAAM;EAAY,SAAS;EAAkB;CAC7D,kBAAkB;EAAE,MAAM;EAAY,SAAS;EAAsB;CACrE,iBAAiB;EAAE,MAAM;EAAc,SAAS;EAAqB;CACrE,gBAAgB;EAAE,MAAM;EAAc,SAAS;EAA8C;CAC7F,iBAAiB;EAAE,MAAM;EAAY,SAAS;EAA8B;CAC5E,uBAAuB;EAAE,MAAM;EAAc,SAAS;EAA2B;CACjF,aAAa;EAAE,MAAM;EAAc,SAAS;EAAgB;CAC5D,cAAc;EAAE,MAAM;EAAc,SAAS;EAAgB;CAC7D,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CAChE,YAAY;EAAE,MAAM;EAAY,SAAS;EAAuB;CAChE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAiE;CACxG,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,cAAc,OAAoC;AAChE,QAAO;EAAE,MAAM;EAAW;EAAO;;;AAInC,SAAgB,yBACd,GACA,UAAiD,EAAE,EAChC;AACnB,QAAOC,aAAW,iBAAiB,EAAE,MAAM,EAAE,QAAQ;;;AAIvD,SAASA,aACP,QACA,SACmB;CACnB,MAAM,OAAOD,gBAAc;CAC3B,MAAM,WAAW,QAAQ;CACzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAS,iBAAiB,OAAsD;AAC9E,SAAQE,eAAa,MAAM,EAA3B;EACE,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,6BACH,QAAO;EAET,KAAK;EACL,KAAK,qBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,gCACH,QAAO;EAET,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,qCACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK,2BACH,QAAO;EAET,KAAK,2BACH,QAAO;EAET,KAAK,0CACH,QAAO;EAET,KAAK,iCACH,QAAO;EAET,KAAK,uBACH,QAAO;EAET,KAAK,wBACH,QAAO;EAET,KAAK,+BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,0BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK,gCACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wCACH,QAAO;EAET,QACE,QAAOC,sBAAoB,MAAM;;;AAIvC,SAASA,sBAAoB,OAAsD;CACjF,MAAM,SAASC,oBAAkB,MAAM;AAEvC,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,IAAK,QAAO;AAE3B,QAAO;;AAGT,SAASF,eAAa,OAAoC;AACxD,KAAI,CAACG,WAAS,MAAM,CAAE,QAAO,KAAA;CAE7B,MAAM,OAAO,MAAM;AACnB,KAAI,OAAO,SAAS,SAAU,QAAO;CAErC,MAAM,OAAO,MAAM,QAAQ,MAAM;AACjC,KAAI,OAAO,SAAS,SAAU,QAAO;;AAKvC,SAASD,oBAAkB,OAAoC;AAC7D,KAAI,CAACC,WAAS,MAAM,CAAE,QAAO,KAAA;CAC7B,MAAM,WAAW,MAAM;AACvB,KAAI,CAACA,WAAS,SAAS,CAAE,QAAO,KAAA;AAChC,QAAO,OAAO,SAAS,mBAAmB,WAAW,SAAS,iBAAiB,KAAA;;AAGjF,SAASA,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;;;;;;ACjNhD,SAAgB,eAAe,GAA6C;AAC1E,QAAO,YAAY,cACjB,YAAY;AACV,UAAQ,IAAI,8CAA8C,EAAE,SAAS;EAErE,MAAM,MAAM,MADU,kBACS,CAAC,KAAK,IAAI,oBAAoB;GAAE,YAAY,EAAE;GAAY,UAAU,EAAE;GAAU,CAAC,CAAC;AACjH,SAAO;GAAE,GAAG;GAAK,gBAAgB,kBAAkB,IAAI,eAAe;GAAE;KAEzE,MAAM;AACL,UAAQ,MAAM,yBAAyB,EAAE;AACzC,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;AAML,SAAgB,kBAAkB,OAAoC;CACpE,MAAM,aAAqC,EAAE;AAC7C,KAAI;OACG,MAAM,QAAQ,MACjB,KAAI,KAAK,QAAQ,KAAK,MACpB,YAAW,KAAK,QAAQ,KAAK;;AAInC,QAAO;;;;;AAMT,SAAgB,cAAc,GAA6C;AACzE,QAAO,YAAY,cACjB,YAAY;AACV,UAAQ,IAAI,4CAA4C,EAAE,SAAS;AAKnE,SAAO,MAJe,kBACS,CAAC,KAC9B,IAAI,8BAA8B;GAAE,YAAY,EAAE;GAAY,UAAU,EAAE;GAAU,CAAC,CACtF;KAGF,MAAM;AACL,UAAQ,MAAM,wBAAwB,EAAE;AACxC,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;ACpCL,SAAgB,kBAAkB,UAAkB,UAAkB,cAA8B;AAClG,SAAQ,IAAI,uBAAuB,UAAU,UAAU,aAAa;AACpE,QAAO,WAAW,UAAU,aAAa,CACtC,OAAO,WAAW,SAAS,CAC3B,OAAO,SAAS;;;;;;;;;AAYrB,SAAgB,eAAe,aAAqB,aAAqB,aAAqB;AAC5F,QAAO,YAAY,cACjB,YAAY;AAEV,SADsB,kBACF,CAAC,KACnB,IAAI,sBAAsB;GACxB,aAAa;GACb,kBAAkB;GAClB,kBAAkB;GACnB,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,+BAA+B,EAAE;AAC/C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAcL,SAAgB,sBAAsB,GAMnC;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,6BAA6B;GAC/B,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,kBAAkB,EAAE;GACpB,UAAU,EAAE;GACZ,YAAY,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;GACtE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,sCAAsC,EAAE;AACtD,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;AAaL,SAAgB,cAAc,GAK3B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,qBAAqB;GACvB,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,kBAAkB,EAAE;GACpB,YAAY,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;GACtE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,8BAA8B,EAAE;AAC9C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;AAYL,SAAgB,eAAe,GAAiE;AAC9F,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,sBAAsB;GACxB,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,YAAY,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;GACtE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,+BAA+B,EAAE;AAC/C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAcL,SAAgB,MAAM,GAMnB;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,yBAAyB;GAC3B,UAAU;GACV,UAAU,EAAE;GACZ,YAAY,EAAE;GACd,gBAAgB;IACd,UAAU,EAAE;IACZ,UAAU,EAAE;IACZ,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;IACvE;GACF,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,kCAAkC,EAAE;AAClD,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;AAQL,SAAgB,cAAc,GAM3B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KAAK,IAAI,iCAAiC,EAAE,CAAC;KAEnE,MAAM;AACL,UAAQ,MAAM,yDAAyD,EAAE;AACzE,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAYL,SAAgB,kBAAkB,GAM/B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,yBAAyB;GAC3B,UAAU;GACV,UAAU,EAAE;GACZ,YAAY,EAAE;GACd,gBAAgB;IACd,eAAe,EAAE;IACjB,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;IACvE;GACF,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,iDAAiD,EAAE;AACjE,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;AASL,SAAgB,OAAO,aAAqB;AAC1C,QAAO,YAAY,oBACX;AAGJ,SAFsB,kBAEF,CAAC,KAAK,IAAI,qBAAqB,EAAE,aAAa,aAAa,CAAC,CAAC;KAElF,MAAM;AACL,UAAQ,MAAM,8BAA8B,EAAE;AAC9C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAaL,SAAgB,cAAc,GAM3B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,8BAA8B;GAChC,eAAe;GACf,UAAU,EAAE;GACZ,SAAS,EAAE;GACX,oBAAoB;IAClB,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;IACtE,cAAc,EAAE;IAChB,UAAU,EAAE;IACb;GACF,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,uCAAuC,EAAE;AACvD,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAaL,SAAgB,OACd,GACA;AACA,QAAO,YAAY,oBACX;EACJ,MAAM,gBAAgB,kBAAkB;EACxC,MAAM,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;AAE5E,SAAO,cAAc,KACnB,IAAI,cAAc;GAChB,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,YAAY;GACZ,gBAAgB,OAAO,QAAQ,EAAE,CAC9B,QAAQ,CAAC,SAAS,CAAC;IAAC;IAAY;IAAY;IAAY;IAAe,CAAC,SAAS,IAAI,CAAC,CACtF,KAAK,CAAC,KAAK,YAAY;IAAE,MAAM;IAAK,OAAO;IAAiB,EAAE;GAClE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,uBAAuB,EAAE;AACvC,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;;;AAeL,SAAgB,iBAAiB,GAM9B;AACD,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,YAAY,OAAO,KAAK,GAAG,EAAE,SAAS,GAAG,EAAE,eAAe,CAAC,SAAS,SAAS;EAEnF,MAAM,SAAS,IAAI,iBAAiB;AACpC,SAAO,OAAO,cAAc,qBAAqB;AACjD,SAAO,OAAO,QAAQ,EAAE,KAAK;AAC7B,SAAO,OAAO,gBAAgB,EAAE,YAAY;AAI5C,UAAQ,IAAI,4BAA4B,OAAO,UAAU,CAAC;EAE1D,MAAM,WAAW,MAAM,MAAM,WAAW,EAAE,cAAc,gBAAgB;GACtE,QAAQ;GACR,SAAS;IAAE,gBAAgB;IAAqC,eAAe,SAAS;IAAa;GACrG,MAAM,OAAO,UAAU;GACxB,CAAC;AACF,MAAI,CAAC,SAAS,IAAI;AAChB,WAAQ,MAAM,2CAA2C,MAAM,SAAS,MAAM,CAAC;AAC/E,SAAM,OAAO,uBAAO,IAAI,MAAM,8BAA8B,EAAE,EAAE,MAAM,0BAA0B,CAAC;;AAGnG,SAAQ,MAAM,SAAS,MAAM;KAQ9B,MAAM;AACL,UAAQ,MAAM,0BAA0B,EAAE;AAC1C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;;AAaL,SAAgB,kBAAkB,GAK/B;AACD,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,YAAY,OAAO,KAAK,GAAG,EAAE,SAAS,GAAG,EAAE,eAAe,CAAC,SAAS,SAAS;EAEnF,MAAM,SAAS,IAAI,iBAAiB;AACpC,SAAO,OAAO,cAAc,gBAAgB;AAC5C,SAAO,OAAO,iBAAiB,EAAE,aAAa;AAE9C,UAAQ,IAAI,6BAA6B,OAAO,UAAU,CAAC;EAE3D,MAAM,WAAW,MAAM,MAAM,WAAW,EAAE,cAAc,gBAAgB;GACtE,QAAQ;GACR,SAAS;IAAE,gBAAgB;IAAqC,eAAe,SAAS;IAAa;GACrG,MAAM,OAAO,UAAU;GACxB,CAAC;AACF,MAAI,CAAC,SAAS,IAAI;AAChB,WAAQ,MAAM,4CAA4C,MAAM,SAAS,MAAM,CAAC;AAChF,SAAM,OAAO,uBAAO,IAAI,MAAM,6BAA6B,EAAE,EAAE,MAAM,0BAA0B,CAAC;;AAGlG,SAAQ,MAAM,SAAS,MAAM;KAQ9B,MAAM;AACL,UAAQ,MAAM,2BAA2B,EAAE;AAC3C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;AC7cL,SAAgB,QAAQ;AACtB,QAAO,IAAI,SAAS,EAGnB,CAAC;;;;ACTJ,SAAgB,SAAS,OAAkD;AACzE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAEhD,SAAgB,aAAa,OAAoC;AAC/D,KAAI,CAAC,SAAS,MAAM,CAAE,QAAO,KAAA;CAE7B,MAAM,OAAO,MAAM;AACnB,KAAI,OAAO,SAAS,SAAU,QAAO;CAErC,MAAM,OAAO,MAAM,QAAQ,MAAM;AACjC,KAAI,OAAO,SAAS,SAAU,QAAO;;;;ACuBvC,MAAMC,kBAAgB;CACpB,cAAc;EAAE,MAAM;EAAc,SAAS;EAAsB;CACnE,gBAAgB;EAAE,MAAM;EAAY,SAAS;EAAuB;CACpE,gBAAgB;EAAE,MAAM;EAAY,SAAS;EAAyB;CACtE,UAAU;EAAE,MAAM;EAAY,SAAS;EAA4D;CACnG,WAAW;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE,cAAc;EAAE,MAAM;EAAY,SAAS;EAAyB;CACpE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,SAAS,OAA+B;AACtD,QAAO;EAAE,MAAM;EAAM;EAAO;;;AAI9B,SAAgB,oBACd,GACA,UAA4C,EAAE,EAC3B;CACnB,MAAM,SAAS,YAAY,EAAE,MAAM;CAEnC,MAAM,OAAOA,gBAAc;CAC3B,MAAM,WAAW,QAAQ;CACzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAgB,eAAe,OAAyB;AACtD,QAAO,YAAY,MAAM,KAAK;;;AAIhC,SAAS,YAAY,OAAiD;AACpE,SAAQ,aAAa,MAAM,EAA3B;EACE,KAAK;EACL,KAAK;EACL,KAAK,gBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,eACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,eACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,sBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,oBACH,QAAO;EAET,QACE,QAAOC,sBAAoB,MAAM;;;AAIvC,SAASA,sBAAoB,OAAiD;CAC5E,MAAM,SAASC,oBAAkB,MAAM;AAEvC,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAE7C,QAAO;;AAGT,SAASA,oBAAkB,OAAoC;AAC7D,KAAI,CAAC,SAAS,MAAM,CAAE,QAAO,KAAA;CAC7B,MAAM,WAAW,MAAM;AACvB,KAAI,CAAC,SAAS,SAAS,CAAE,QAAO,KAAA;AAChC,QAAO,OAAO,SAAS,mBAAmB,WAAW,SAAS,iBAAiB,KAAA;;;;ACtMjF,SAAgB,aAAa,GAAG,MAA2C;AACzE,QAAO,YAAY,cAAcC,iBAAmB,MAAM;AACxD,UAAQ,MAAM,0CAA0C,EAAE;AAC1D,SAAO,SAAS,EAAE;GAClB,CAAC,GAAG,KAAK;;;;;;;;;;;ACIb,SAAgB,UAAU,YAAoB,KAAa;AACzD,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,KAAK,OAAO;EAClB,MAAM,MAAM,IAAI,iBAAiB;GAAE,QAAQ;GAAY,KAAK;GAAK,CAAC;EAElE,MAAM,UAAS,MADG,GAAG,KAAK,IAAI,EACX;AACnB,SAAO,IAAI,SAAiB,SAAS,WAAW;GAC9C,MAAM,SAAmB,EAAE;AAC3B,UAAO,GAAG,SAAS,UAAkB,OAAO,KAAK,MAAM,CAAC;AACxD,UAAO,GAAG,aAAa,QAAQ,OAAO,OAAO,OAAO,CAAC,CAAC;AACtD,UAAO,GAAG,SAAS,OAAO;IAC1B;KAEH,MAAM;AACL,UAAQ,MAAM,6CAA6C,IAAI;AAC/D,SAAO,SAAS,EAAE;GAErB,EAAE;;;;;AAML,SAAgB,gBAAgB,YAAoB,KAAiD;AACnG,QAAO,UAAU,YAAY,IAAI,CAAC,KAAK,WAAW,OAAO,SAAS,QAAQ,CAAC;;;;;;;;;AAU7E,SAAgB,aAAa,YAAoB,KAAa;AAC5D,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,KAAK,OAAO;AAElB,MAAI;GACF,MAAM,MAAM,IAAI,kBAAkB;IAAE,QAAQ;IAAY,KAAK;IAAK,CAAC;AAEnE,WAAO,MADW,GAAG,KAAK,IAAI,EACnB,UAAU,mBAAmB;WACjC,GAAG;AACV,OAAI,eAAe,EAAE,CAAE,QAAO;AAC9B,SAAM;;KAGT,MAAM;AACL,UAAQ,MAAM,oDAAoD,IAAI;AACtE,SAAO,SAAS,EAAE;GAErB,EAAE;;;;AC1BL,MAAMC,kBAAgB;CACpB,cAAc;EAAE,MAAM;EAAc,SAAS;EAAmB;CAChE,wBAAwB;EAAE,MAAM;EAAY,SAAS;EAAyD;CAC9G,qBAAqB;EAAE,MAAM;EAAY,SAAS;EAAyD;CAC3G,kBAAkB;EAAE,MAAM;EAAY,SAAS;EAAyB;CACxE,WAAW;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE,cAAc;EAAE,MAAM;EAAY,SAAS;EAAyB;CACpE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,aAAa,OAAmC;AAC9D,QAAO;EAAE,MAAM;EAAU;EAAO;;;AAIlC,SAAgB,wBACd,GACA,UAAgD,EAAE,EAC/B;AACnB,KAAI,EAAE,iBAAiB,qBACrB,QAAOC,aAAW,iBAAiB,EAAE,MAAM,EAAE,SAAS,aAAa,EAAE,OAAO,QAAQ,mBAAmB,CAAC;AAE1G,QAAOA,aAAW,aAAa,EAAE,MAAM,EAAE,QAAQ;;;AAInD,SAASA,aACP,QACA,SACA,WAAuC,EAAE,EACtB;CACnB,MAAM,OAAO;EAAE,GAAGD,gBAAc;EAAS,GAAG;EAAU;CACtD,MAAM,WAAW,QAAQ;CAEzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAS,iBAAiB,OAAkE;AAC1F,KAAI,MAAM,KAAK,WAAW,WAAW,IAAI,MAAM,SAAS,yCACtD,QAAO;AAGT,KAAI,MAAM,KAAK,WAAW,aAAa,IAAI,MAAM,KAAK,WAAW,UAAU,IAAI,MAAM,KAAK,WAAW,UAAU,CAC7G,QAAO;AAGT,SAAQ,MAAM,MAAd;EACE,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,8BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,yBACH,QAAO;EAET,QACE,QAAO;;;AAIb,SAAS,aAAa,OAA6B,oBAAyC;AAC1F,KAAI,CAAC,sBAAsB,OAAO,MAAM,SAAS,SAAU,QAAO,EAAE;AACpE,QAAO;EAAE,WAAW,MAAM;EAAM,YAAY,MAAM;EAAS;;;AAK7D,SAAS,aAAa,OAAqD;AACzE,SAAQ,aAAa,MAAM,EAA3B;EACE,KAAK,kCACH,QAAO;EACT,KAAK,+BACH,QAAO,qBAAqB,MAAM;EACpC,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,2CACH,QAAO;EACT,KAAK,sBACH,QAAO;EACT,KAAK,4BACH,QAAO;EACT,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,kBACH,QAAO;EACT,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,8BACH,QAAO;EACT,QACE,QAAO;;;;AAKb,SAAS,qBAAqB,OAAqD;CACjF,MAAM,sBAAsB,uBAAuB,MAAM;AAEzD,KAAI,oBAAoB,MAAM,WAAW,WAAW,yBAAyB,CAC3E,QAAO;AAGT,KAAI,oBAAoB,MAAM,WAAW,WAAW,sBAAsB,CACxE,QAAO;AAGT,KAAI,oBAAoB,MAAM,WAAW,WAAW,kBAAkB,CACpE,QAAO;AAGT,KACE,oBAAoB,MAAM,WACxB;EAAC;EAAiC;EAAwB;EAAkB,CAAC,SAAS,OAAO,CAC9F,CAED,QAAO;AAGT,QAAO;;AAGT,SAAS,uBAAuB,OAA0B;AACxD,KAAI,CAAC,SAAS,MAAM,CAAE,QAAO,EAAE;CAC/B,MAAM,sBAAsB,MAAM,uBAAuB,MAAM;AAC/D,KAAI,CAAC,MAAM,QAAQ,oBAAoB,CAAE,QAAO,EAAE;AAElD,QAAO,oBACJ,KAAK,WAAY,SAAS,OAAO,IAAI,OAAO,OAAO,SAAS,WAAW,OAAO,OAAO,KAAA,EAAW,CAChG,QAAQ,WAAW,WAAW,KAAA,EAAU;;;;ACxL7C,MAAM,gBAAgB;CACpB,cAAc;EAAE,MAAM;EAAc,SAAS;EAAuB;CACpE,iBAAiB;EAAE,MAAM;EAAc,SAAS;EAA8B;CAC9E,qBAAqB;EAAE,MAAM;EAAY,SAAS;EAAyB;CAC3E,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CAChE,eAAe;EAAE,MAAM;EAAY,SAAS;EAA+B;CAC3E,UAAU;EAAE,MAAM;EAAY,SAAS;EAA6D;CACpG,WAAW;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE,cAAc;EAAE,MAAM;EAAY,SAAS;EAAyB;CACpE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,UAAU,OAAgC;AACxD,QAAO;EAAE,MAAM;EAAO;EAAO;;;AAI/B,SAAgB,qBACd,GACA,UAA6C,EAAE,EAC5B;AACnB,QAAO,WAAW,aAAa,EAAE,MAAM,EAAE,QAAQ;;;AAInD,SAAS,WAAW,QAA0C,SAA4C;CACxG,MAAM,OAAO,cAAc;CAC3B,MAAM,WAAW,QAAQ;CACzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAS,aAAa,OAAkD;AACtE,SAAQE,eAAa,MAAM,EAA3B;EACE,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,qCACH,QAAO;EAET,KAAK;EACL,KAAK,2BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,gCACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,4BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,yBACH,QAAO;EAET,KAAK;EACL,KAAK,+BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,2BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,qBACH,QAAO;EAET,QACE,QAAO,oBAAoB,MAAM;;;AAIvC,SAAS,oBAAoB,OAAkD;CAC7E,MAAM,SAAS,kBAAkB,MAAM;AAEvC,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,IAAK,QAAO;AAE3B,QAAO;;AAGT,SAASA,eAAa,OAAoC;AACxD,KAAI,CAACC,WAAS,MAAM,CAAE,QAAO,KAAA;CAE7B,MAAM,OAAO,MAAM;AACnB,KAAI,OAAO,SAAS,SAAU,QAAO;CAErC,MAAM,OAAO,MAAM,QAAQ,MAAM;AACjC,KAAI,OAAO,SAAS,SAAU,QAAO;;AAKvC,SAAS,kBAAkB,OAAoC;AAC7D,KAAI,CAACA,WAAS,MAAM,CAAE,QAAO,KAAA;CAC7B,MAAM,WAAW,MAAM;AACvB,KAAI,CAACA,WAAS,SAAS,CAAE,QAAO,KAAA;AAChC,QAAO,OAAO,SAAS,mBAAmB,WAAW,SAAS,iBAAiB,KAAA;;AAGjF,SAASA,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;;;;;;;;;AC9KhD,MAAa,mBAAqC;AAChD,SAAQ,MAAY,SAAgB;EAClC,MAAM,UAAU,KAAK,SAAS,QAAQ,eAAe;AACrD,MAAI,KAAK,KAAK,OAAO,KAAA,EAAW,MAAK,KAAK,KAAK,EAAE;AAEjD,OAAK,KAAK,GAAG,MAAM;;;AAMvB,SAAS,eAAe,SAAmE;AACzF,KAAI,QAAQ,SAAS,aAAa,QAAQ,QAAQ,WAAW,IAAI,IAAI,QAAQ,QAAQ,YAAY;EAC/F,MAAM,QACJ,QAAQ,SAAS,WAAW,KAAK,QAAQ,SAAS,GAAG,SAAS,SAC1D,QAAQ,SAAS,GAAG,QACnB,QAAQ,WAAW;AAE1B,SAAO,CAAC;GAAE,OAAO,SAAS,QAAQ,QAAQ,MAAM,EAAE,CAAC;GAAE,IAAI,QAAQ,WAAW;GAAc;GAAO,CAAC;YACzF,QAAQ,SAAS,MAE1B,QADe,SAAS,QAAQ,MACnB,CAAC,QAAQ,eAAe;AAEvC,QAAO,EAAE;;;;;AAMX,SAAgB,SAAS,KAAwB;CAE/C,MAAM,OAAO,SAAS,CACnB,IAAI,aAAa,EAAE,UAAU,MAAM,CAAC,CACpC,MAAM,IAAI;CAGb,SAAS,gBAAgB,MAA8B;AACrD,MAAI,KAAK,SAAS,aAAa,WAAW,KAAK,KAAK,QAAQ,CAC1D,QAAO,CAAC,KAAK;AAGf,MAAI,cAAc,QAAQ,MAAM,QAAQ,KAAK,SAAS,CACpD,QAAO,KAAK,SAAS,QAAQ,gBAAgB;AAE/C,SAAO,EAAE;;AAIX,QAAO,KAAK,SAAS,QAAQ,gBAAgB;;;;AC1D/C,SAAgB,SAAS,GAAgC;AACvD,QAAO,CAAC,CAAC,KAAK,OAAO,MAAM,YAAY,UAAU,KAAK,EAAE,YAAY;;AAGtE,SAAgB,OAAO,QAAsC;CAK3D,IAAI,OAAY;CAChB,MAAM,uBAAO,IAAI,KAAU;AAC3B,QAAO,QAAQ,OAAO,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,IAAI,aAAa,QAAQ,SAAU,KAAa,QAAQ,EAAE;AAClH,OAAK,IAAI,KAAK;AACd,SAAQ,KAAa;;AAEvB,QAAO;;AAGT,SAAS,aAAa,GAAoB;AAExC,QAAO,UAAU,KAAK,EAAE;;AAW1B,SAAgB,gBACd,MACA,MACA,OAA+B,EAAE,EACN;AAC3B,KAAI,CAAC,SAAS,KAAK,CAAE,QAAO,KAAA;AAC5B,KAAI,CAAC,KAAM,QAAO;CAElB,MAAM,OAAO,KAAK,MAAM,IAAI;CAC5B,IAAI,OAAkC;AAEtC,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;AACpC,MAAI,CAAC,KAAM,QAAO,KAAA;AAClB,SAAO,OAAO,KAAK;EACnB,MAAM,MAAM,KAAK;AAKjB,UAFc,KAAa,MAE3B;GACE,KAAK,UAAU;IAEb,MAAM,UAAW,KAAa;AAC9B,QAAI,CAAC,QAAS,QAAO,KAAA;AACrB,WAAO,QAAQ;AACf;;GAGF,KAAK;AAGH,WADe,KAAa;AAE5B;GAGF,KAAK;AAEH,QAAI,CAAC,aAAa,IAAI,CAAE,QAAO,KAAA;AAE/B,WADc,KAAa;AAE3B;GAGF,KAAK,SAAS;AAEZ,QAAI,CAAC,aAAa,IAAI,CAAE,QAAO,KAAA;IAC/B,MAAM,MAAM,OAAO,IAAI;IACvB,MAAM,QAAS,KAAa;IAC5B,MAAM,OAAQ,KAAa;AAC3B,QAAI,CAAC,MAAO,QAAO,KAAA;AACnB,WAAO,MAAM,MAAM,SAAS,MAAM,OAAO;AACzC;;GAGF,KAAK,SAAS;IAEZ,MAAM,UAAW,KAAa;AAC9B,QAAI,CAAC,SAAS,OAAQ,QAAO,KAAA;IAK7B,MAAM,UAAU,aAAa,IAAI;IAEjC,IAAI;AAEJ,QAAI,QACF,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,YAAO,GAAG,SAAS,WAAW,GAAG,SAAS;MAC1C,IAAI,QAAQ,KAAK,gBAAgB;QAGrC,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,SAAI,GAAG,SAAS,UAAU;MACxB,MAAM,MAAM,EAAE;AACd,aAAO,CAAC,CAAC,OAAO,OAAO;;AAEzB,YAAO,GAAG,SAAS;MACnB,IAAI,QAAQ,KAAK,gBAAgB;AAGvC,WAAO;AAEP;AACA;;GAGF,KAAK,WAAW;IAEd,MAAM,UAAW,KAAa;AAC9B,QAAI,CAAC,SAAS,OAAQ,QAAO,KAAA;IAE7B,MAAM,UAAU,aAAa,IAAI;IACjC,IAAI;AACJ,QAAI,QACF,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,YAAO,GAAG,SAAS,WAAW,GAAG,SAAS;MAC1C,IAAI,QAAQ,KAAK,gBAAgB;QAErC,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,SAAI,GAAG,SAAS,UAAU;MACxB,MAAM,MAAM,EAAE;AACd,aAAO,CAAC,CAAC,OAAO,OAAO;;AAEzB,YAAO,GAAG,SAAS;MACnB,IAAI,QAAQ,KAAK,gBAAgB;AAEvC,WAAO;AACP;AACA;;GAGF,QAGE;;;AAKN,QAAO,OAAO,OAAO,KAAK,GAAG,KAAA;;;;;;;;;;;ACtJ/B,SAAgB,UAA4B,KAAQ,MAAc,OAAe;CAC/E,MAAM,OAAO,KAAK,MAAM,IAAI;CAC5B,IAAI,OAAY;AAEhB,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,SAAS,GAAG,KAAK;EACxC,MAAM,IAAI,KAAK;EACf,MAAM,OAAO,KAAK,IAAI;AAEtB,MAAI,OAAO,UAAU,OAAO,KAAK,CAAC,CAChC,MAAK,OAAO,EAAE;MAEd,MAAK,OAAO,EAAE;AAEhB,SAAO,KAAK;;AAGd,MAAK,KAAK,KAAK,SAAS,MAAM;AAC9B,QAAO;;;;;;;;AAST,SAAgB,UAA4B,KAAQ,MAAmB;AACrE,KAAI,CAAC,OAAO,OAAO,QAAQ,SAAU,QAAO,KAAA;CAC5C,MAAM,OAAO,KAAK,MAAM,IAAI;CAC5B,IAAI,OAAY;AAEhB,MAAK,MAAM,KAAK,MAAM;AACpB,MAAI,QAAQ,KAAM,QAAO,KAAA;AACzB,SAAO,KAAK;;AAGd,QAAO;;AAGT,MAAM,iBAAiB,MAA6C,SAAS,EAAE,IAAI,CAAC,MAAM,QAAQ,EAAE;;;;;;;;;;;;;;;;;;;;;AAsBpG,MAAa,YAAgD,GAAM,MAAyB;CAC1F,MAAM,MAA+B,EAAE;AAEvC,MAAK,MAAM,OAAO,OAAO,KAAK,EAAE,EAAoB;EAClD,MAAM,OAAQ,IAAY;EAC1B,MAAM,OAAQ,EAAU;AAExB,MAAI,EAAG,OAAgB,IAAY;AACjC,OAAI,OAAc;AAClB;;AAGF,MAAI,cAAc,KAAK,IAAI,cAAc,KAAK,EAAE;GAC9C,MAAM,SAAS,SAAS,MAAM,KAAK;AACnC,OAAI,OAAO,KAAK,OAAc,CAAC,OAAQ,KAAI,OAAc;AACzD;;AAGF,MAAI,CAAC,QAAQ,MAAM,KAAK,CAAE,KAAI,OAAc;;AAG9C,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;AA0BT,SAAgB,aAAoB,QAAW,OAAe;AAC5D,QAAO,SAAS,QAAmB,MAAiB;CAEpD,SAAS,SAAS,KAAc,IAAsB;AAEpD,MAAI,MAAM,QAAQ,GAAG,EAAE;AACrB,OAAI,CAAC,MAAM,QAAQ,IAAI,CAAE,QAAO,EAAE;AAClC,OAAI,GAAG,WAAW,EAAG,QAAO,EAAE;GAC9B,MAAM,YAAY,GAAG;AACrB,UAAO,IAAI,KAAK,MAAM,SAAS,GAAG,UAAU,CAAC;;AAI/C,MAAI,cAAc,GAAG,EAAE;GACrB,MAAM,MAA+B,EAAE;GACvC,MAAM,SAAS,cAAc,IAAI,GAAI,MAAkC,KAAA;AAEvE,QAAK,MAAM,OAAO,OAAO,KAAK,GAA8B,EAAE;IAC5D,MAAM,QAAS,GAA+B;IAC9C,MAAM,SAAS,SAAS,OAAO,OAAO,KAAA;AAEtC,QAAI,MAAM,QAAQ,MAAM,IAAI,cAAc,MAAM,CAC9C,KAAI,OAAO,SAAS,QAAQ,MAAM;QAGlC,KAAI,OAAO;;AAGf,UAAO;;AAIT,SAAO;;CAGT,SAAS,cAAc,GAA0C;AAC/D,MAAI,MAAM,QAAQ,OAAO,MAAM,SAAU,QAAO;EAChD,MAAM,QAAQ,OAAO,eAAe,EAAE;AACtC,SAAO,UAAU,OAAO,aAAa,UAAU;;;;;;;;ACpJnD,eAAsB,OAAO,UAAoC;AAC/D,KAAI;AACF,QAAM,MAAM,SAAS;AACrB,SAAO;SACD;AACN,SAAO;;;;;;;AAQX,eAAsB,iBAAiB,UAAkB,SAAmC;CAE1F,MAAM,YAAY,QAAQ,SAAS;AACnC,KAAI,CAAE,MAAM,OAAO,UAAU,CAC3B,OAAM,MAAM,WAAW,EAAE,WAAW,MAAM,CAAC;AAI7C,KAAI,MAAM,OAAO,SAAS;MAKpB,MAHuB,SAAS,UAAU,OAAO,KAGhC,QAEnB,QAAO;;AAKX,OAAM,UAAU,UAAU,SAAS,OAAO;AAC1C,SAAQ,IAAI,MAAM,MAAM,aAAa,EAAE,SAAS;AAChD,QAAO;;;;;AAMT,eAAsB,gBAAgB,UAAoD;AACxF,KAAI,CAAE,MAAM,OAAO,SAAS,CAAG,QAAO,KAAA;AACtC,QAAO,KAAK,MAAM,MAAM,SAAS,UAAU,EAAE,UAAU,SAAS,CAAC,CAAC;;;;AClDpE,MAAa,aAAa,QAAyC,SACjE,UAAU,QAAQ,OAAO,KAAK,EAAE,EAAE,gBAAgB,OAAO,CAAC"}
1	+ {"version":3,"file":"index.mjs","names":["parse","defaultErrors","fromReason","getErrorName","getHttpStatusReason","getHttpStatusCode","isRecord","defaultErrors","getHttpStatusReason","getHttpStatusCode","baseGetSignedUrl","defaultErrors","fromReason","getErrorName","isRecord"],"sources":["../src/lambda/client-types.ts","../src/lambda/client.ts","../src/lambda/handlerUtils.ts","../src/lambda/errors.ts","../src/lambda/response.ts","../src/lambda/server/authentication.ts","../src/cognito/client.ts","../src/cognito/errors.ts","../src/cognito/user.ts","../src/cognito/password.ts","../src/s3/client.ts","../src/utils/errors.ts","../src/s3/errors.ts","../src/s3/signedUrl.ts","../src/s3/object.ts","../src/dynamo/errors.ts","../src/ses/errors.ts","../src/rehype/flat-toc.ts","../src/utils/valibot.ts","../src/utils/object.ts","../src/utils/fs.ts","../src/utils/cli.ts"],"sourcesContent":["import type { ErrorBody, SuccessCode, ErrorCode } from './handlerUtils.js';\n\n// ----------------- Helpers ----------------------\n// Used to easily extract types from ApiEndpoints types\n\n/*\n Extracts the requestInput type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiInput<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n E,\n { path: P; method: M }\n>['requestInput'];\n\n/\n Extracts the requestOutput type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiOutput<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n E,\n { path: P; method: M }\n>['requestOutput'];\n\n/\n Extracts the response type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiResponse<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n E,\n { path: P; method: M }\n>['response'];\n\n/\n Extracts the sucessful body type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiSuccessBody<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n Extract<E, { path: P; method: M }>['response'],\n { status: SuccessCode }\n>['json'] extends () => Promise<infer R>\n ? R\n : unknown;\n\n/\n Extracts the sucessful body type from an API endpoint definition\n * @template E - Union type of all API endpoints\n * @template P - Path string literal type (e.g. 'payments/account')\n * @template M - HTTP method string literal type (e.g. 'GET', 'POST')\n /\nexport type ApiErrorBody<E extends ApiEndpoints, P extends E['path'], M extends E['method']> = Extract<\n Extract<E, { path: P; method: M }>['response'],\n { status: ErrorCode }\n>['json'] extends () => Promise<infer R>\n ? R\n : unknown;\n\n/\n Converts a RawApiGatewayHandler response type to a fetch like response type.\n /\ntype ConvertToFetch<T> = T extends { statusCode: number; body: object; headers: object }\n ? { ok: T['statusCode'] extends SuccessCode ? true : false; json: () => Promise<T['body']>; status: T['statusCode'] }\n : T;\n\nexport type CleanResponse = Omit<Response, 'status' \| 'ok' \| 'json'>;\nexport type FetchResponse<T extends (...args: any) => any> = ConvertToFetch<Awaited<ReturnType<T>>> & CleanResponse;\n\n// ------------------------ Proper types ------------------\n// This is used by createApiRequest and createFormFunction\n\nexport const HTTPMethods = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS', 'HEAD'] as const;\nexport type HTTPMethod = (typeof HTTPMethods)[number];\n\nexport type ApiEndpoints = {\n path: string;\n method: HTTPMethod;\n requestInput: Record<string, any> \| null;\n requestOutput: object \| null;\n response: FetchResponse<\n // This means we get better types\n () => Promise<\n \| { headers: object; statusCode: SuccessCode; body: any }\n \| { headers: object; statusCode: ErrorCode; body: ErrorBody }\n >\n >;\n};\n","// import { deserialize } from './deserializer.js';\nimport { parse } from 'devalue';\nimport { parse as vParse, parseAsync, type GenericSchema, type GenericSchemaAsync } from 'valibot';\n\nimport type { ApiEndpoints, ApiInput, ApiResponse } from './client-types.js';\n\nconst bodyMethods = ['POST', 'PUT', 'PATCH'] as const;\nconst queryMethods = ['GET', 'DELETE'] as const;\n\nasync function _apiRequest<T = Response>(\n path: string,\n method: 'GET' \| 'POST' \| 'DELETE',\n input: object \| null,\n schema: ApiSchema,\n // This was here because of the deserializer being different in prod\n environment: string \| 'production',\n apiUrl: string,\n headers?: HeadersInit\n): Promise<T> {\n if (schema) {\n if (schema.async === true) await parseAsync(schema, input);\n else vParse(schema, input);\n }\n\n let url = `${apiUrl}${apiUrl.endsWith('/') ? '' : '/'}${path}`;\n\n if (queryMethods.includes(method as any)) {\n const params = new URLSearchParams();\n\n for (const [key, value] of Object.entries(input ?? {})) {\n if (Array.isArray(value)) {\n value.forEach((item) => params.append(key, String(item)));\n } else {\n params.append(key, String(value));\n }\n }\n\n const queryString = params.toString();\n if (queryString) url += `?${queryString}`;\n }\n\n headers = { 'Content-Type': 'application/json', ...headers };\n const response = await fetch(url, {\n method,\n headers,\n // oxlint-disable-next-line\n body: bodyMethods.includes(method as any) ? JSON.stringify(input) : undefined,\n credentials: 'include'\n });\n const contentType = response.headers.get('content-type') ?? '';\n\n let retrieved: Promise<string> \| false = false;\n response.json = async () => {\n if (retrieved === false) {\n retrieved = response.text();\n }\n\n if (contentType === 'application/devalue') {\n return await parse(await retrieved);\n } else {\n return JSON.parse(await retrieved);\n }\n };\n return response as unknown as T;\n}\n\nconst HTTPMethods = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS', 'HEAD'] as const;\ntype HTTPMethod = (typeof HTTPMethods)[number];\n\nexport type ApiRequestFunction<API extends ApiEndpoints> = <\n Path extends API['path'],\n Method extends Extract<API, { path: Path }>['method']\n>(\n path: Path,\n method: Method,\n input: ApiInput<API, Path, Method>,\n headers?: HeadersInit\n) => Promise<ApiResponse<API, Path, Method>>;\n\nexport type ApiSchema = GenericSchema \| GenericSchemaAsync;\n\n/\n @returns A function that can be used to make API requests with type safety\n * @example const clientApiRequest = createApiRequest<ApiEndpoints>();\n /\nexport function createApiRequest<API extends ApiEndpoints>(\n schemas: Partial<Record<API['path'], Partial<Record<HTTPMethod, ApiSchema>>>>,\n apiUrl: string,\n env: string\n): ApiRequestFunction<API> {\n return async function apiRequest(path, method, input, headers) {\n const schema = schemas[path]?.[method];\n if (schema === undefined) throw new Error('Schema is undefined in api request');\n\n // if (typeof schema === 'function') {\n // schema = schema();\n // }\n\n return _apiRequest<ApiResponse<API, typeof path, typeof method>>(\n path as string,\n method as 'GET' \| 'POST',\n input,\n schema,\n env,\n apiUrl,\n headers\n );\n };\n}\n","import type { APIGatewayProxyResultV2, Context, APIGatewayProxyEventV2WithLambdaAuthorizer } from 'aws-lambda';\nimport { stringify } from 'devalue';\n\nexport type SuccessCode = 200 \| 201 \| 204;\nexport type ErrorCode = 400 \| 401 \| 403 \| 404 \| 409 \| 500;\n\nexport type ErrorBody = { message: string; field?: { name: string; value: string } };\n\n/\n The error response for the lambda functions to return\n /\nexport type ErrorRawProxyResultV2 = {\n statusCode: ErrorCode;\n headers?: { [header: string]: string } \| undefined;\n body?: ErrorBody;\n isBase64Encoded?: boolean \| undefined;\n cookies?: string[] \| undefined;\n};\n\nexport type OkRawProxyResultV2 = {\n statusCode: SuccessCode;\n headers?: { [header: string]: string } \| undefined;\n body?: object \| undefined;\n isBase64Encoded?: boolean \| undefined;\n cookies?: string[] \| undefined;\n};\n/\n A type for the raw proxy result - just using an object not a stirng for the body\n /\nexport type RawProxyResultV2 = ErrorRawProxyResultV2 \| OkRawProxyResultV2;\n\n// The type of the handler returned from wrapHandler\nexport type APIGatewayHandler<E> = (event: E, context: Context) => Promise<APIGatewayProxyResultV2>;\n\n// The type of the handler passed into wrapHandler\nexport type RawApiGatewayHandler<E extends APIGatewayProxyEventV2WithLambdaAuthorizer<any>> = (\n event: E,\n context: Context\n) => Promise<RawProxyResultV2>;\n\n/\n Wraps a handler that returns the body as an object rather than a string.\n \n This means you can achieve proper type inference on your handler and have standardised serialisation\n \n @example\n```ts\nexport type AuthorizerContext = {\n details: JWTPayload;\n} \| null;\n\nexport const wrapHandler = baseWrapHandler<APIGatewayProxyEventV2WithLambdaAuthorizer<AuthorizerContext>>\n\n/\nexport function wrapHandler<E extends APIGatewayProxyEventV2WithLambdaAuthorizer<any>>(\n handler: RawApiGatewayHandler<E>\n): APIGatewayHandler<E> {\n return async (event: E, context: Context): Promise<APIGatewayProxyResultV2> => {\n const result = await handler(event, context);\n\n if (result.body) {\n const headers = new Headers(result.headers);\n headers.set('Content-Type', 'application/devalue');\n\n return { ...result, headers: Object.fromEntries(headers), body: stringify(result.body) };\n } else {\n return { ...result, body: undefined };\n }\n };\n}\n","/\n These are the various errors that should be returned from anything called by a lambda function.\n \n Pass a lambda error to the errorResponse function to get a suitable response to return from the lambda handler.\n \n The separation means that they can be returned from functions that are certainly run inside a lambda fucntion but theyre not the actual return of the lambda.\n * Im not sure it this is optimal behaviour and if not we will migrate to only using the errorResponse function\n /\n\nexport function error_lambda_badRequest(\n message: string,\n fieldName?: string,\n fieldValue?: string\n): type_error_lambda_badRequest {\n return { type: 'badRequest' as const, message, fieldName, fieldValue };\n}\n\nexport function error_lambda_unauthorized(message: string): type_error_lambda_unauthorized {\n return { type: 'unauthorized' as const, message };\n}\n\nexport function error_lambda_forbidden(message: string): type_error_lambda_forbidden {\n return { type: 'forbidden' as const, message };\n}\n\nexport function error_lambda_notFound(\n message: string,\n fieldName?: string,\n fieldValue?: string\n): type_error_lambda_notFound {\n return { type: 'notFound' as const, message, fieldName, fieldValue };\n}\n\nexport function error_lambda_conflict(\n message: string,\n fieldName?: string,\n fieldValue?: string\n): type_error_lambda_conflict {\n return { type: 'conflict' as const, message, fieldName, fieldValue };\n}\n\nexport function error_lambda_internal(message: string): type_error_lambda_internal {\n return { type: 'internal' as const, message };\n}\n\n// ---- types ---- //\n\nexport type type_error_lambda_badRequest = {\n type: 'badRequest';\n message: string;\n fieldName?: string;\n fieldValue?: string;\n};\nexport type type_error_lambda_unauthorized = { type: 'unauthorized'; message: string };\nexport type type_error_lambda_forbidden = { type: 'forbidden'; message: string };\nexport type type_error_lambda_notFound = { type: 'notFound'; message: string; fieldName?: string; fieldValue?: string };\nexport type type_error_lambda_conflict = { type: 'conflict'; message: string; fieldName?: string; fieldValue?: string };\nexport type type_error_lambda_internal = { type: 'internal'; message: string };\n\nexport type type_error_lambda =\n \| type_error_lambda_badRequest\n \| type_error_lambda_unauthorized\n \| type_error_lambda_forbidden\n \| type_error_lambda_notFound\n \| type_error_lambda_conflict\n \| type_error_lambda_internal;\n","import type { BaseIssue, SafeParseResult } from 'valibot';\n\nimport { error_lambda_badRequest, type type_error_lambda } from './errors.js';\nimport type { ErrorRawProxyResultV2, OkRawProxyResultV2 } from './handlerUtils.js';\n\nfunction field(obj: { fieldName?: string; fieldValue?: string }) {\n return obj.fieldName === undefined \|\| obj.fieldValue === undefined\n ? {}\n : { field: { name: obj.fieldName, value: obj.fieldValue } };\n}\n\nexport type type_error_response = Omit<ErrorRawProxyResultV2, 'headers' \| 'body'> & {\n headers: NonNullable<ErrorRawProxyResultV2['headers']>;\n body: NonNullable<ErrorRawProxyResultV2['body']>;\n};\n\nexport type LambdaErrorResponse<Type extends string = '', Extras extends object = {}> =\n \| {\n headers: Record<string, string>;\n statusCode: 400;\n body: { message: string; type: Type } & ReturnType<typeof field> & Extras;\n }\n \| { headers: Record<string, string>; statusCode: 401; body: { message: string; type: Type } & Extras }\n \| { headers: Record<string, string>; statusCode: 403; body: { message: string; type: Type } & Extras }\n \| {\n headers: Record<string, string>;\n statusCode: 404;\n body: { message: string; type: Type } & ReturnType<typeof field> & Extras;\n }\n \| {\n headers: Record<string, string>;\n statusCode: 409;\n body: { message: string; type: Type } & ReturnType<typeof field> & Extras;\n }\n \| { headers: Record<string, string>; statusCode: 500; body: { message: string; type: Type } & Extras };\n\n/\n Maps lambda errors to responses suitable to return from lambda functions\n * @param e\n * @param headers\n * @param type\n * @param extras\n * @returns\n /\nexport function response_error<Type extends string = '', Extras extends object = {}>(\n e: type_error_lambda,\n headers: Record<string, string>,\n type: Type = '' as Type,\n extras: Extras = {} as Extras\n): LambdaErrorResponse<Type, Extras> {\n switch (e.type) {\n case 'badRequest':\n return { headers, statusCode: 400, body: { message: e.message, type: type, ...field(e), ...extras } };\n\n case 'unauthorized':\n return { headers, statusCode: 401, body: { message: e.message, type: type, ...extras } };\n\n case 'forbidden':\n return { headers, statusCode: 403, body: { message: e.message, type: type, ...extras } };\n\n case 'notFound':\n return { headers, statusCode: 404, body: { message: e.message, type: type, ...field(e), ...extras } };\n\n case 'conflict':\n return { headers, statusCode: 409, body: { message: e.message, type: type, ...field(e), ...extras } };\n\n default:\n return { headers, statusCode: 500, body: { message: 'Unknown error', type: type, ...extras } };\n }\n}\n\n/\n Helper function to get a reasonable default error response from a valibot parse result\n * @param res - The output from calling safeParse on the input\n * @param headers - The headers to return in the response\n /\nexport function response_valibotError(res: Extract<SafeParseResult<any>, { success: false }>, headers: any) {\n const issue = res.issues[0] as BaseIssue<any>;\n\n if (issue.path && issue.path[0] && typeof issue.path[0].key === 'string') {\n return response_error(error_lambda_badRequest('Invalid input', issue.path[0].key, issue.message), headers);\n } else {\n return response_error(error_lambda_badRequest(`Invalid input: ${issue.message}`), headers);\n }\n}\n\nexport function response_ok<Body extends { message: string }>(\n body: Body,\n headers: any,\n cookies?: string[] \| undefined\n) {\n return { headers, cookies, statusCode: 200 as const, body } satisfies OkRawProxyResultV2;\n}\n","import { error_lambda_unauthorized } from '$lambda/errors.js';\nimport type { APIGatewayProxyEventV2WithLambdaAuthorizer, APIGatewayRequestAuthorizerEventV2 } from 'aws-lambda';\nimport { parse } from 'cookie-es';\nimport { Result } from 'neverthrow';\n\n/\n Wraps cookies parse along with the api gateway event with neverthrow\n /\nexport function getCookies(\n event: APIGatewayProxyEventV2WithLambdaAuthorizer<any> \| APIGatewayRequestAuthorizerEventV2\n) {\n return Result.fromThrowable(\n () => {\n if (!('headers' in event) \|\| !event.headers) {\n throw new Error('No headers in event');\n }\n\n // First try to get cookies from the cookies array (API Gateway v2 format)\n const cookieString =\n Array.isArray(event.cookies) && event.cookies.length > 0\n ? event.cookies.join('; ')\n : event.headers.Cookie \|\| event.headers.cookie;\n\n if (!cookieString) {\n throw new Error('No cookies found in event');\n }\n\n const res = parse(cookieString);\n return res;\n },\n (e) => {\n if (e instanceof Error) return error_lambda_unauthorized(e.message);\n return error_lambda_unauthorized('Invalid Cookies');\n }\n )();\n}\n","import { CognitoIdentityProviderClient } from '@aws-sdk/client-cognito-identity-provider';\n\n/\n Convenience function if process.env.AWS_REGION is set\n /\nexport function getCognitoClient() {\n return new CognitoIdentityProviderClient({\n // region: process.env.AWS_REGION\n // endpoint: `https://cognito-idp.${process.env.REGION}.amazonaws.com`\n });\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\n\n/* Error wrapper for failures that happen while doing Cognito SDK work. /\nexport type type_error_cognito = { type: 'cognito'; error: unknown };\n\n/* Internal reason used before converting Cognito errors into public lambda errors. /\nexport type type_error_lambda_fromCognito_reason =\n \| 'auth'\n \| 'forbidden'\n \| 'invalidInput'\n \| 'userNotFound'\n \| 'resourceNotFound'\n \| 'tooManyRequests'\n \| 'passwordPolicy'\n \| 'passwordHistory'\n \| 'passwordResetRequired'\n \| 'codeExpired'\n \| 'codeMismatch'\n \| 'delivery'\n \| 'userExists'\n \| 'conflict'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromCognito_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting Cognito errors to lambda errors. /\nexport type type_error_lambda_fromCognito_options = Partial<\n Record<type_error_lambda_fromCognito_reason, type_error_lambda_fromCognito_override>\n>;\n\nconst defaultErrors = {\n auth: { type: 'unauthorized', message: 'Not authorized' },\n forbidden: { type: 'forbidden', message: 'Forbidden' },\n invalidInput: { type: 'badRequest', message: 'There is an issue with your request' },\n userNotFound: { type: 'notFound', message: 'User not found' },\n resourceNotFound: { type: 'notFound', message: 'Resource not found' },\n tooManyRequests: { type: 'badRequest', message: 'Too many requests' },\n passwordPolicy: { type: 'badRequest', message: 'Password does not meet policy requirements' },\n passwordHistory: { type: 'conflict', message: 'Password was used recently' },\n passwordResetRequired: { type: 'badRequest', message: 'Password reset required' },\n codeExpired: { type: 'badRequest', message: 'Code expired' },\n codeMismatch: { type: 'badRequest', message: 'Invalid code' },\n delivery: { type: 'internal', message: 'Internal server error' },\n userExists: { type: 'conflict', message: 'User already exists' },\n conflict: { type: 'conflict', message: 'The request conflicts with the current Cognito resource state' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromCognito_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as a Cognito-domain error for neverthrow flows. /\nexport function error_cognito(error: unknown): type_error_cognito {\n return { type: 'cognito', error };\n}\n\n/* Convert AWS SDK Cognito errors into a safe lambda error for API responses. /\nexport function error_lambda_fromCognito(\n e: type_error_cognito,\n options: type_error_lambda_fromCognito_options = {}\n): type_error_lambda {\n return fromReason(getCognitoReason(e.error), options);\n}\n\n/* Apply endpoint overrides and build the concrete lambda error object. /\nfunction fromReason(\n reason: type_error_lambda_fromCognito_reason,\n options: type_error_lambda_fromCognito_options\n): type_error_lambda {\n const base = defaultErrors[reason];\n const override = options[reason];\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Classify AWS SDK / Cognito service errors. /\nfunction getCognitoReason(error: unknown): type_error_lambda_fromCognito_reason {\n switch (getErrorName(error)) {\n case 'NotAuthorizedException':\n case 'UnauthorizedException':\n case 'UserNotConfirmedException':\n case 'RefreshTokenReuseException':\n return 'auth';\n\n case 'AccessDeniedException':\n case 'ForbiddenException':\n return 'forbidden';\n\n case 'InvalidParameterException':\n case 'InvalidOAuthFlowException':\n case 'ScopeDoesNotExistException':\n case 'UnsupportedIdentityProviderException':\n case 'UnsupportedTokenTypeException':\n return 'invalidInput';\n\n case 'UserNotFoundException':\n return 'userNotFound';\n\n case 'ResourceNotFoundException':\n case 'MFAMethodNotFoundException':\n case 'SoftwareTokenMFANotFoundException':\n case 'WebAuthnChallengeNotFoundException':\n return 'resourceNotFound';\n\n case 'LimitExceededException':\n case 'TooManyFailedAttemptsException':\n case 'TooManyRequestsException':\n return 'tooManyRequests';\n\n case 'InvalidPasswordException':\n return 'passwordPolicy';\n\n case 'PasswordHistoryPolicyViolationException':\n return 'passwordHistory';\n\n case 'PasswordResetRequiredException':\n return 'passwordResetRequired';\n\n case 'ExpiredCodeException':\n return 'codeExpired';\n\n case 'CodeMismatchException':\n return 'codeMismatch';\n\n case 'CodeDeliveryFailureException':\n return 'delivery';\n\n case 'AliasExistsException':\n case 'DeviceKeyExistsException':\n case 'DuplicateProviderException':\n case 'GroupExistsException':\n case 'ManagedLoginBrandingExistsException':\n case 'TermsExistsException':\n case 'UsernameExistsException':\n return 'userExists';\n\n case 'ConcurrentModificationException':\n case 'PreconditionNotMetException':\n case 'UnsupportedUserStateException':\n return 'conflict';\n\n case 'EnableSoftwareTokenMFAException':\n case 'FeatureUnavailableInTierException':\n case 'InternalErrorException':\n case 'InternalServerException':\n case 'InvalidEmailRoleAccessPolicyException':\n case 'InvalidLambdaResponseException':\n case 'InvalidSmsRoleAccessPolicyException':\n case 'InvalidSmsRoleTrustRelationshipException':\n case 'InvalidUserPoolConfigurationException':\n case 'TierChangeNotAllowedException':\n case 'UnexpectedLambdaException':\n case 'UnsupportedOperationException':\n case 'UserImportInProgressException':\n case 'UserLambdaValidationException':\n case 'UserPoolAddOnNotEnabledException':\n case 'UserPoolTaggingException':\n case 'WebAuthnClientMismatchException':\n case 'WebAuthnConfigurationMissingException':\n case 'WebAuthnCredentialNotSupportedException':\n case 'WebAuthnNotEnabledException':\n case 'WebAuthnOriginNotAllowedException':\n case 'WebAuthnRelyingPartyMismatchException':\n return 'internal';\n\n default:\n return getHttpStatusReason(error);\n }\n}\n\nfunction getHttpStatusReason(error: unknown): type_error_lambda_fromCognito_reason {\n const status = getHttpStatusCode(error);\n\n if (status === 400) return 'invalidInput';\n if (status === 401) return 'auth';\n if (status === 403) return 'forbidden';\n if (status === 404) return 'resourceNotFound';\n if (status === 409 \|\| status === 412) return 'conflict';\n if (status === 429) return 'tooManyRequests';\n\n return 'internal';\n}\n\nfunction getErrorName(error: unknown): string \| undefined {\n if (!isRecord(error)) return undefined;\n\n const name = error.name;\n if (typeof name === 'string') return name;\n\n const code = error.code ?? error.Code;\n if (typeof code === 'string') return code;\n\n return undefined;\n}\n\nfunction getHttpStatusCode(error: unknown): number \| undefined {\n if (!isRecord(error)) return undefined;\n const metadata = error.$metadata;\n if (!isRecord(metadata)) return undefined;\n return typeof metadata.httpStatusCode === 'number' ? metadata.httpStatusCode : undefined;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n","import type { AdminGetUserCommandOutput, AttributeType } from '@aws-sdk/client-cognito-identity-provider';\nimport { AdminGetUserCommand, AdminListGroupsForUserCommand } from '@aws-sdk/client-cognito-identity-provider';\nimport { ResultAsync } from 'neverthrow';\n\nimport { getCognitoClient } from './client.js';\nimport { error_cognito } from './errors.js';\n\nexport type type_userResponse = Omit<AdminGetUserCommandOutput, 'UserAttributes'> & {\n UserAttributes: Record<string, string>;\n};\n\n/\n Performs an AdminGetUserCommand and extracts the user attributes into an object\n /\nexport function getUserDetails(a: { username: string; userPoolId: string }) {\n return ResultAsync.fromThrowable(\n async () => {\n console.log('getUserDetails: Getting details for user: ', a.username);\n const cognitoClient = getCognitoClient();\n const res = await cognitoClient.send(new AdminGetUserCommand({ UserPoolId: a.userPoolId, Username: a.username }));\n return { ...res, UserAttributes: extractAttributes(res.UserAttributes) } as type_userResponse;\n },\n (e) => {\n console.error('getUserDetails:error:', e);\n return error_cognito(e);\n }\n )();\n}\n\n/\n @returns An object of attributes with their names as keys and values as values.\n /\nexport function extractAttributes(attrs: AttributeType[] \| undefined) {\n const attributes: Record<string, string> = {};\n if (attrs) {\n for (const attr of attrs) {\n if (attr.Name && attr.Value) {\n attributes[attr.Name] = attr.Value;\n }\n }\n }\n return attributes;\n}\n\n/\n Performs an AdminGetUserCommand and extracts the user attributes into an object\n /\nexport function getUserGroups(a: { username: string; userPoolId: string }) {\n return ResultAsync.fromThrowable(\n async () => {\n console.log('getUserGroups: Getting groups for user: ', a.username);\n const cognitoClient = getCognitoClient();\n const res = await cognitoClient.send(\n new AdminListGroupsForUserCommand({ UserPoolId: a.userPoolId, Username: a.username })\n );\n return res;\n },\n (e) => {\n console.error('getUserGroups:error:', e);\n return error_cognito(e);\n }\n )();\n}\n","import { createHmac } from 'node:crypto';\n\nimport {\n AdminInitiateAuthCommand,\n ChangePasswordCommand,\n ConfirmForgotPasswordCommand,\n ConfirmSignUpCommand,\n ForgotPasswordCommand,\n GetTokensFromRefreshTokenCommand,\n GlobalSignOutCommand,\n RespondToAuthChallengeCommand,\n SignUpCommand\n} from '@aws-sdk/client-cognito-identity-provider';\nimport { ResultAsync } from 'neverthrow';\n\nimport { getCognitoClient } from './client.js';\nimport { error_cognito } from './errors.js';\n\n/\n Computes Cognito secret hash used for client-side authentication flows.\n \n @param username - Cognito username or alias.\n * @param clientId - Cognito app client ID.\n * @param clientSecret - Cognito app client secret.\n /\nexport function computeSecretHash(username: string, clientId: string, clientSecret: string): string {\n console.log('computeSecretHash: ', username, clientId, clientSecret);\n return createHmac('SHA256', clientSecret)\n .update(username + clientId)\n .digest('base64');\n}\n\n// ---- Change password ---- //\n\n/\n Changes a user's password given a valid access token.\n \n @param accessToken - Access token for the authenticated user.\n * @param oldPassword - Current password.\n * @param newPassword - New password to set.\n /\nexport function changePassword(accessToken: string, oldPassword: string, newPassword: string) {\n return ResultAsync.fromThrowable(\n async () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ChangePasswordCommand({\n AccessToken: accessToken,\n PreviousPassword: oldPassword,\n ProposedPassword: newPassword\n })\n );\n },\n (e) => {\n console.error('ChangePasswordCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Confirm Forgot password ---- //\n\n/\n Completes a forgot-password flow by submitting the confirmation code and new password.\n \n @param a.username - Cognito username or alias.\n * @param a.confirmationCode - Code sent by Cognito to the user.\n * @param a.newPassword - New password to set.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function confirmForgotPassword(a: {\n username: string;\n confirmationCode: string;\n newPassword: string;\n clientId: string;\n clientSecret: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ConfirmForgotPasswordCommand({\n ClientId: a.clientId,\n Username: a.username,\n ConfirmationCode: a.confirmationCode,\n Password: a.newPassword,\n SecretHash: computeSecretHash(a.username, a.clientId, a.clientSecret)\n })\n );\n },\n (e) => {\n console.error('ConfirmForgotPasswordCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Confirm Signup ---- //\n\n/\n Confirms a user's signup using the confirmation code sent by Cognito.\n \n @param a.username - Cognito username or alias.\n * @param a.confirmationCode - Code sent to the user after signup.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function confirmSignup(a: {\n username: string;\n confirmationCode: string;\n clientId: string;\n clientSecret: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ConfirmSignUpCommand({\n ClientId: a.clientId,\n Username: a.username,\n ConfirmationCode: a.confirmationCode,\n SecretHash: computeSecretHash(a.username, a.clientId, a.clientSecret)\n })\n );\n },\n (e) => {\n console.error('ConfirmSignUpCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Forgot password ---- //\n\n/\n Starts a forgot-password flow by sending a reset code to the user.\n \n @param a.username - Cognito username or alias.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function forgotPassword(a: { username: string; clientId: string; clientSecret: string }) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new ForgotPasswordCommand({\n ClientId: a.clientId,\n Username: a.username,\n SecretHash: computeSecretHash(a.username, a.clientId, a.clientSecret)\n })\n );\n },\n (e) => {\n console.error('ForgotPasswordCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Login ---- //\n\n/\n Signs a user in with ADMIN_USER_PASSWORD_AUTH.\n \n @param a.username - Cognito username or alias.\n * @param a.password - User password.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n * @param a.userPoolId - Cognito user pool ID.\n /\nexport function login(a: {\n username: string;\n password: string;\n clientId: string;\n clientSecret: string;\n userPoolId: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new AdminInitiateAuthCommand({\n AuthFlow: 'ADMIN_USER_PASSWORD_AUTH',\n ClientId: a.clientId,\n UserPoolId: a.userPoolId,\n AuthParameters: {\n USERNAME: a.username,\n PASSWORD: a.password,\n SECRET_HASH: computeSecretHash(a.username, a.clientId, a.clientSecret)\n }\n })\n );\n },\n (e) => {\n console.error('AdminInitiateAuthCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Refresh token ---- //\n\n/\n Sends a GetTokensFromRefreshTokenCommand\n /\nexport function refreshTokens(a: {\n RefreshToken: string;\n ClientId: string;\n ClientSecret: string;\n DeviceKey?: string \| undefined;\n ClientMetaData?: Record<string, string> \| undefined;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(new GetTokensFromRefreshTokenCommand(a));\n },\n (e) => {\n console.error('refreshTokens: GetTokensFromRefreshTokenCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n/\n Exchanges a refresh token for new tokens.\n \n @param a.username - Cognito username or alias used to compute secret hash.\n * @param a.refreshToken - Refresh token to exchange.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n * @param a.userPoolId - Cognito user pool ID.\n /\nexport function refreshTokensAuth(a: {\n username: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n userPoolId: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new AdminInitiateAuthCommand({\n AuthFlow: 'REFRESH_TOKEN_AUTH',\n ClientId: a.clientId,\n UserPoolId: a.userPoolId,\n AuthParameters: {\n REFRESH_TOKEN: a.refreshToken,\n SECRET_HASH: computeSecretHash(a.username, a.clientId, a.clientSecret)\n }\n })\n );\n },\n (e) => {\n console.error('refreshTokens: AdminInitiateAuthCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Logout ---- //\n/\n Globally signs out a user by invalidating all refresh tokens.\n \n @param accessToken - Access token for the authenticated user.\n /\nexport function logout(accessToken: string) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n // GlobalSignOut invalidates all refresh tokens associated with user\n return cognitoClient.send(new GlobalSignOutCommand({ AccessToken: accessToken }));\n },\n (e) => {\n console.error('GlobalSignOutCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Reset password ---- //\n/\n Completes a NEW_PASSWORD_REQUIRED challenge for users who must set a new password.\n \n @param a.session - Session returned from the auth challenge.\n * @param a.newPassword - New password to set.\n * @param a.username - Cognito username or alias.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n /\nexport function resetPassword(a: {\n session: string;\n newPassword: string;\n username: string;\n clientId: string;\n clientSecret: string;\n}) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n return cognitoClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName: 'NEW_PASSWORD_REQUIRED',\n ClientId: a.clientId,\n Session: a.session,\n ChallengeResponses: {\n SECRET_HASH: computeSecretHash(a.username, a.clientId, a.clientSecret),\n NEW_PASSWORD: a.newPassword,\n USERNAME: a.username\n }\n })\n );\n },\n (e) => {\n console.error('RespondToAuthChallengeCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Sign up ---- //\n/\n Registers a new user with Cognito and optional custom attributes.\n \n @param a.username - Cognito username.\n * @param a.password - User password.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret.\n * @param a.<attribute> - Any additional user attributes to set.\n /\nexport function signUp(\n a: { username: string; password: string; clientId: string; clientSecret: string } & Record<string, unknown>\n) {\n return ResultAsync.fromThrowable(\n () => {\n const cognitoClient = getCognitoClient();\n const secretHash = computeSecretHash(a.username, a.clientId, a.clientSecret);\n\n return cognitoClient.send(\n new SignUpCommand({\n ClientId: a.clientId,\n Username: a.username,\n Password: a.password,\n SecretHash: secretHash,\n UserAttributes: Object.entries(a)\n .filter(([key]) => !['username', 'password', 'clientId', 'clientSecret'].includes(key))\n .map(([key, value]) => ({ Name: key, Value: value as string }))\n })\n );\n },\n (e) => {\n console.error('SignUpCommand error', e);\n return error_cognito(e);\n }\n )();\n}\n\n// ---- Federated ---- //\n/\n Exchanges an OAuth2 authorization code for Cognito tokens using the token endpoint.\n * See https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html for request/response fields and grant details.\n \n @param a.code - Authorization code returned by the hosted UI.\n * @param a.redirectUri - Redirect URI registered with the app client.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret used for Basic Auth.\n * @param a.cognitoDomain - Cognito domain URL (e.g., your-domain.auth.region.amazoncognito.com).\n * @returns Parsed token payload containing `access_token`, `id_token`, `refresh_token`, token type, and expiry.\n /\nexport function verifyOAuthToken(a: {\n code: string;\n redirectUri: string;\n clientId: string;\n clientSecret: string;\n cognitoDomain: string;\n}) {\n return ResultAsync.fromThrowable(\n async () => {\n const basicAuth = Buffer.from(`${a.clientId}:${a.clientSecret}`).toString('base64');\n\n const params = new URLSearchParams();\n params.append('grant_type', 'authorization_code');\n params.append('code', a.code);\n params.append('redirect_uri', a.redirectUri);\n\n // params.append('client_id', a.clientId);\n\n console.log('verifyOAuthToken: params', params.toString());\n\n const tokenRes = await fetch(`https://${a.cognitoDomain}/oauth2/token`, {\n method: 'POST',\n headers: { 'Content-Type': 'application/x-www-form-urlencoded', Authorization: `Basic ${basicAuth}` },\n body: params.toString()\n });\n if (!tokenRes.ok) {\n console.error('verifyOAuthToken: token exchange failed', await tokenRes.text());\n throw Object.assign(new Error('OAuth token exchange failed'), { name: 'NotAuthorizedException' });\n }\n\n return (await tokenRes.json()) as {\n access_token: string;\n id_token: string;\n refresh_token: string;\n token_type: string;\n expires_in: number;\n };\n },\n (e) => {\n console.error('verifyOAuthToken:error', e);\n return error_cognito(e);\n }\n )();\n}\n\n/\n Exchanges an OAuth2 refresh token for Cognito tokens using the oauth token endpoint.\n * See https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html for request/response fields and grant details.\n \n @param a.redirectUri - Redirect URI registered with the app client.\n * @param a.clientId - Cognito app client ID.\n * @param a.clientSecret - Cognito app client secret used for Basic Auth.\n * @param a.cognitoDomain - Cognito domain URL (e.g., your-domain.auth.region.amazoncognito.com).\n * @returns Parsed token payload containing `access_token`, `id_token`, `refresh_token`, token type, and expiry.\n /\nexport function refreshOAuthToken(a: {\n clientId: string;\n clientSecret: string;\n cognitoDomain: string;\n refreshToken: string;\n}) {\n return ResultAsync.fromThrowable(\n async () => {\n const basicAuth = Buffer.from(`${a.clientId}:${a.clientSecret}`).toString('base64');\n\n const params = new URLSearchParams();\n params.append('grant_type', 'refresh_token');\n params.append('refresh_token', a.refreshToken);\n\n console.log('refreshOAuthToken: params', params.toString());\n\n const tokenRes = await fetch(`https://${a.cognitoDomain}/oauth2/token`, {\n method: 'POST',\n headers: { 'Content-Type': 'application/x-www-form-urlencoded', Authorization: `Basic ${basicAuth}` },\n body: params.toString()\n });\n if (!tokenRes.ok) {\n console.error('refreshOAuthToken: token exchange failed', await tokenRes.text());\n throw Object.assign(new Error('OAuth token refresh failed'), { name: 'NotAuthorizedException' });\n }\n\n return (await tokenRes.json()) as {\n access_token: string;\n id_token: string;\n refresh_token: string \| undefined;\n token_type: string;\n expires_in: number;\n };\n },\n (e) => {\n console.error('refreshOAuthToken:error', e);\n return error_cognito(e);\n }\n )();\n}\n","import { S3Client } from '@aws-sdk/client-s3';\n\n/\n Convenience function for S3Client when process.env.REGION is set\n /\nexport function getS3() {\n return new S3Client({\n // endpoint: `https://s3.${process.env.REGION}.amazonaws.com`,\n // region: process.env.REGION\n });\n}\n","export function isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\nexport function getErrorName(error: unknown): string \| undefined {\n if (!isRecord(error)) return undefined;\n\n const name = error.name;\n if (typeof name === 'string') return name;\n\n const code = error.code ?? error.Code;\n if (typeof code === 'string') return code;\n\n return undefined;\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\n\nimport { getErrorName, isRecord } from '../utils/errors.js';\n\n/* Error wrapper for failures that happen while doing S3 SDK work. /\nexport type type_error_s3 = { type: 's3'; error: unknown };\n\n/* Internal reason used before converting S3 errors into public lambda errors. /\nexport type type_error_lambda_fromS3_reason =\n \| 'invalidInput'\n \| 'objectNotFound'\n \| 'bucketNotFound'\n \| 'conflict'\n \| 'throttled'\n \| 'accessDenied'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromS3_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting S3 errors to lambda errors. /\nexport type type_error_lambda_fromS3_options = Partial<\n Record<type_error_lambda_fromS3_reason, type_error_lambda_fromS3_override>\n>;\n\nconst defaultErrors = {\n invalidInput: { type: 'badRequest', message: 'Invalid S3 request' },\n objectNotFound: { type: 'notFound', message: 'S3 object not found' },\n bucketNotFound: { type: 'internal', message: 'Internal server error' },\n conflict: { type: 'conflict', message: 'The request conflicts with the current S3 resource state' },\n throttled: { type: 'internal', message: 'Internal server error' },\n accessDenied: { type: 'internal', message: 'Internal server error' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromS3_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as an S3-domain error for neverthrow flows. /\nexport function error_s3(error: unknown): type_error_s3 {\n return { type: 's3', error };\n}\n\n/* Convert AWS SDK S3 errors into a safe lambda error for API responses. /\nexport function error_lambda_fromS3(\n e: type_error_s3,\n options: type_error_lambda_fromS3_options = {}\n): type_error_lambda {\n const reason = getS3Reason(e.error);\n\n const base = defaultErrors[reason];\n const override = options[reason];\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Returns true for normal S3 object-missing responses. /\nexport function is_s3_notFound(error: unknown): boolean {\n return getS3Reason(error) === 'objectNotFound';\n}\n\n/* Classify AWS SDK / S3 service errors. /\nfunction getS3Reason(error: unknown): type_error_lambda_fromS3_reason {\n switch (getErrorName(error)) {\n case 'NoSuchKey':\n case 'NotFound':\n case 'NoSuchVersion':\n return 'objectNotFound';\n\n case 'NoSuchBucket':\n case 'NoSuchBucketPolicy':\n case 'NoSuchLifecycleConfiguration':\n case 'NoLoggingStatusForKey':\n return 'bucketNotFound';\n\n case 'AmbiguousGrantByEmailAddress':\n case 'BadDigest':\n case 'EntityTooLarge':\n case 'EntityTooSmall':\n case 'IncompleteBody':\n case 'IncorrectNumberOfFilesInPostRequest':\n case 'InlineDataTooLarge':\n case 'InvalidAddressingHeader':\n case 'InvalidArgument':\n case 'InvalidBucketName':\n case 'InvalidDigest':\n case 'InvalidLocationConstraint':\n case 'InvalidPart':\n case 'InvalidPartOrder':\n case 'InvalidPayer':\n case 'InvalidPolicyDocument':\n case 'InvalidRange':\n case 'InvalidRequest':\n case 'InvalidSOAPRequest':\n case 'InvalidStorageClass':\n case 'InvalidTargetBucketForLogging':\n case 'InvalidURI':\n case 'KeyTooLongError':\n case 'MalformedACLError':\n case 'MalformedPOSTRequest':\n case 'MalformedXML':\n case 'MaxMessageLengthExceeded':\n case 'MaxPostPreDataLengthExceededError':\n case 'MetadataTooLarge':\n case 'MissingAttachment':\n case 'MissingContentLength':\n case 'MissingRequestBodyError':\n case 'RequestIsNotMultiPartContent':\n case 'RequestTorrentOfBucketError':\n case 'NoSuchUpload':\n return 'invalidInput';\n\n case 'BucketAlreadyExists':\n case 'BucketAlreadyOwnedByYou':\n case 'BucketNotEmpty':\n case 'EncryptionTypeMismatch':\n case 'IdempotencyParameterMismatch':\n case 'IllegalVersioningConfigurationException':\n case 'InvalidBucketState':\n case 'InvalidEncryptionAlgorithmError':\n case 'InvalidObjectState':\n case 'InvalidWriteOffset':\n case 'ObjectAlreadyInActiveTierError':\n case 'ObjectNotInActiveTierError':\n case 'OperationAborted':\n case 'PreconditionFailed':\n case 'RestoreAlreadyInProgress':\n case 'TooManyParts':\n return 'conflict';\n\n case 'RequestLimitExceeded':\n case 'RequestTimeout':\n case 'ServiceUnavailable':\n case 'SlowDown':\n case 'Throttling':\n case 'ThrottlingException':\n return 'throttled';\n\n case 'AccessDenied':\n case 'AccountProblem':\n case 'AllAccessDisabled':\n case 'CredentialsNotSupported':\n case 'CrossLocationLoggingProhibited':\n case 'ExpiredToken':\n case 'InvalidAccessKeyId':\n case 'InvalidSecurity':\n case 'InvalidToken':\n case 'MethodNotAllowed':\n case 'MissingSecurityElement':\n case 'MissingSecurityHeader':\n case 'NotSignedUp':\n case 'SignatureDoesNotMatch':\n return 'accessDenied';\n\n case 'AuthorizationHeaderMalformed':\n case 'InternalError':\n case 'NotImplemented':\n case 'PermanentRedirect':\n case 'Redirect':\n case 'RequestTimeTooSkewed':\n case 'TemporaryRedirect':\n return 'internal';\n\n default:\n return getHttpStatusReason(error);\n }\n}\n\nfunction getHttpStatusReason(error: unknown): type_error_lambda_fromS3_reason {\n const status = getHttpStatusCode(error);\n\n if (status === 400) return 'invalidInput';\n if (status === 404) return 'objectNotFound';\n if (status === 409 \|\| status === 412) return 'conflict';\n if (status === 429 \|\| status === 503) return 'throttled';\n if (status === 401 \|\| status === 403) return 'accessDenied';\n\n return 'internal';\n}\n\nfunction getHttpStatusCode(error: unknown): number \| undefined {\n if (!isRecord(error)) return undefined;\n const metadata = error.$metadata;\n if (!isRecord(metadata)) return undefined;\n return typeof metadata.httpStatusCode === 'number' ? metadata.httpStatusCode : undefined;\n}\n","import { getSignedUrl as baseGetSignedUrl } from '@aws-sdk/s3-request-presigner';\nimport { ResultAsync } from 'neverthrow';\n\nimport { error_s3 } from './errors.js';\n\nexport function getSignedUrl(...args: Parameters<typeof baseGetSignedUrl>) {\n return ResultAsync.fromThrowable(baseGetSignedUrl, (e) => {\n console.error('getSignedUrl: Failed to get signed url', e);\n return error_s3(e);\n })(...args);\n}\n","import { HeadObjectCommand, GetObjectCommand } from '@aws-sdk/client-s3';\nimport { ResultAsync } from 'neverthrow';\n\nimport { getS3 } from './client.js';\nimport { error_s3, is_s3_notFound, type type_error_s3 } from './errors.js';\n\n/\n Retrieves an object from an S3 bucket.\n \n @param {string} bucketName - The name of the S3 bucket.\n * @param {string} key - The key of the object to retrieve.\n * @returns {Promise<Buffer>} A promise that resolves to the object data as a Buffer.\n /\nexport function getObject(bucketName: string, key: string) {\n return ResultAsync.fromThrowable(\n async () => {\n const s3 = getS3();\n const cmd = new GetObjectCommand({ Bucket: bucketName, Key: key });\n const res = await s3.send(cmd);\n const stream = res.Body as any;\n return new Promise<Buffer>((resolve, reject) => {\n const chunks: Buffer[] = [];\n stream.on('data', (chunk: Buffer) => chunks.push(chunk));\n stream.on('end', () => resolve(Buffer.concat(chunks)));\n stream.on('error', reject);\n });\n },\n (e) => {\n console.error(`getObjectt: Error getting object from S3: ${e}`);\n return error_s3(e);\n }\n )();\n}\n\n/\n Convenience function to get an object from S3 and return it as a string.\n /\nexport function getObjectString(bucketName: string, key: string): ResultAsync<string, type_error_s3> {\n return getObject(bucketName, key).map((buffer) => buffer.toString('utf-8'));\n}\n\n/\n Checks if an object exists in an s3 bucket by retrieving the HEAD data\n \n @param {string} bucketName - The name of the S3 bucket.\n * @param {string} key - The key of the object to retrieve.\n * @returns {Promise<Buffer>} A promise that resolves to a boolean.\n /\nexport function objectExists(bucketName: string, key: string) {\n return ResultAsync.fromThrowable(\n async () => {\n const s3 = getS3();\n\n try {\n const cmd = new HeadObjectCommand({ Bucket: bucketName, Key: key });\n const res = await s3.send(cmd);\n return res.$metadata.httpStatusCode === 200;\n } catch (e) {\n if (is_s3_notFound(e)) return false;\n throw e;\n }\n },\n (e) => {\n console.error(`objectExists: Error getting object head from S3: ${e}`);\n return error_s3(e);\n }\n )();\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\nimport { DynamoDBToolboxError } from 'dynamodb-toolbox';\n\nimport { getErrorName, isRecord } from '../utils/errors.js';\n\n/* Error wrapper for failures that happen while doing DynamoDB or DynamoDB Toolbox work. /\nexport type type_error_dynamo = { type: 'dynamo'; error: DynamoDBToolboxError \| unknown };\n\n/* Internal reason used before converting Dynamo-related errors into public lambda errors. /\nexport type type_error_lambda_fromDynamo_reason =\n \| 'invalidInput'\n \| 'conditionalCheckFailed'\n \| 'transactionConflict'\n \| 'resourceNotFound'\n \| 'throttled'\n \| 'accessDenied'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromDynamo_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting Dynamo errors to lambda errors. /\nexport type type_error_lambda_fromDynamo_options = Partial<\n Record<type_error_lambda_fromDynamo_reason, type_error_lambda_fromDynamo_override>\n> & {\n /\n By default DynamoDB and DynamoDB Toolbox details are not returned to clients.\n * Set this to true only when the Toolbox path is already a public input field.\n /\n includeToolboxPath?: boolean;\n};\n\nconst defaultErrors = {\n invalidInput: { type: 'badRequest', message: 'Invalid request' },\n conditionalCheckFailed: { type: 'conflict', message: 'The request conflicts with the current resource state' },\n transactionConflict: { type: 'conflict', message: 'The request conflicts with the current resource state' },\n resourceNotFound: { type: 'internal', message: 'Internal server error' },\n throttled: { type: 'internal', message: 'Internal server error' },\n accessDenied: { type: 'internal', message: 'Internal server error' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromDynamo_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as a Dynamo-domain error for neverthrow flows. /\nexport function error_dynamo(error: unknown): type_error_dynamo {\n return { type: 'dynamo', error };\n}\n\n/* Convert DynamoDB Toolbox or AWS SDK errors into a safe lambda error for API responses. /\nexport function error_lambda_fromDynamo(\n e: type_error_dynamo,\n options: type_error_lambda_fromDynamo_options = {}\n): type_error_lambda {\n if (e.error instanceof DynamoDBToolboxError) {\n return fromReason(getToolboxReason(e.error), options, toolboxField(e.error, options.includeToolboxPath));\n }\n return fromReason(getAwsReason(e.error), options);\n}\n\n/* Apply endpoint overrides and build the concrete lambda error object. /\nfunction fromReason(\n reason: type_error_lambda_fromDynamo_reason,\n options: type_error_lambda_fromDynamo_options,\n defaults: Partial<type_error_lambda> = {}\n): type_error_lambda {\n const base = { ...defaultErrors[reason], ...defaults };\n const override = options[reason];\n\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Classify errors produced by Toolbox before sending, or while formatting returned items. /\nfunction getToolboxReason(error: DynamoDBToolboxError): type_error_lambda_fromDynamo_reason {\n if (error.code.startsWith('parsing.') \|\| error.code === 'actions.parsePrimaryKey.invalidKeyPart') {\n return 'invalidInput';\n }\n\n if (error.code.startsWith('formatter.') \|\| error.code.startsWith('schema.') \|\| error.code.startsWith('entity.')) {\n return 'internal';\n }\n\n switch (error.code) {\n case 'actions.invalidCondition':\n case 'actions.invalidExpressionAttributePath':\n case 'queryCommand.invalidIndex':\n case 'queryCommand.invalidPartition':\n case 'queryCommand.invalidProjectionExpression':\n case 'queryCommand.invalidRange':\n case 'queryCommand.invalidReverseOption':\n case 'scanCommand.invalidProjectionExpression':\n case 'scanCommand.invalidSegmentOption':\n case 'batchGetCommand.invalidProjectionExpression':\n case 'options.invalidCapacityOption':\n case 'options.invalidClientRequestToken':\n case 'options.invalidConsistentOption':\n case 'options.invalidIndexOption':\n case 'options.invalidLimitOption':\n case 'options.invalidMaxPagesOption':\n case 'options.invalidMetricsOption':\n case 'options.invalidReturnValuesOption':\n case 'options.invalidReturnValuesOnConditionFalseOption':\n case 'options.invalidSelectOption':\n return 'invalidInput';\n\n case 'actions.incompleteAction':\n case 'actions.invalidAction':\n case 'actions.missingDocumentClient':\n case 'queryCommand.invalidTagEntitiesOption':\n case 'queryCommand.noEntityMatched':\n case 'scanCommand.noEntityMatched':\n case 'options.invalidEntityAttrFilterOption':\n case 'options.invalidNoEntityMatchBehaviorOption':\n case 'options.invalidShowEntityAttrOption':\n case 'options.invalidTableNameOption':\n case 'options.unknownOption':\n case 'table.missingTableName':\n return 'internal';\n\n default:\n return 'internal';\n }\n}\n\nfunction toolboxField(error: DynamoDBToolboxError, includeToolboxPath: boolean \| undefined) {\n if (!includeToolboxPath \|\| typeof error.path !== 'string') return {};\n return { fieldName: error.path, fieldValue: error.message };\n}\n\n// ---- AWS ---- //\n/* Classify AWS SDK / DynamoDB service errors that bubble out of Toolbox send calls. /\nfunction getAwsReason(error: unknown): type_error_lambda_fromDynamo_reason {\n switch (getErrorName(error)) {\n case 'ConditionalCheckFailedException':\n return 'conditionalCheckFailed';\n case 'TransactionCanceledException':\n return getTransactionReason(error);\n case 'TransactionConflictException':\n case 'ReplicatedWriteConflictException':\n case 'IdempotentParameterMismatchException':\n case 'ItemCollectionSizeLimitExceededException':\n return 'transactionConflict';\n case 'ValidationException':\n return 'invalidInput';\n case 'ResourceNotFoundException':\n return 'resourceNotFound';\n case 'ProvisionedThroughputExceededException':\n case 'RequestLimitExceeded':\n case 'ThrottlingException':\n case 'ThrottlingError':\n return 'throttled';\n case 'AccessDeniedException':\n case 'ExpiredTokenException':\n case 'IncompleteSignatureException':\n case 'InvalidSignatureException':\n case 'UnrecognizedClientException':\n return 'accessDenied';\n default:\n return 'internal';\n }\n}\n\n/* Pick the most useful public reason from DynamoDB transaction cancellation details. /\nfunction getTransactionReason(error: unknown): type_error_lambda_fromDynamo_reason {\n const cancellationReasons = getCancellationReasons(error);\n\n if (cancellationReasons.some((reason) => reason === 'ConditionalCheckFailed')) {\n return 'conditionalCheckFailed';\n }\n\n if (cancellationReasons.some((reason) => reason === 'TransactionConflict')) {\n return 'transactionConflict';\n }\n\n if (cancellationReasons.some((reason) => reason === 'ValidationError')) {\n return 'invalidInput';\n }\n\n if (\n cancellationReasons.some((reason) =>\n ['ProvisionedThroughputExceeded', 'RequestLimitExceeded', 'ThrottlingError'].includes(reason)\n )\n ) {\n return 'throttled';\n }\n\n return 'internal';\n}\n\nfunction getCancellationReasons(error: unknown): string[] {\n if (!isRecord(error)) return [];\n const cancellationReasons = error.CancellationReasons ?? error.cancellationReasons;\n if (!Array.isArray(cancellationReasons)) return [];\n\n return cancellationReasons\n .map((reason) => (isRecord(reason) && typeof reason.Code === 'string' ? reason.Code : undefined))\n .filter((reason) => reason !== undefined);\n}\n","import {\n error_lambda_badRequest,\n error_lambda_conflict,\n error_lambda_forbidden,\n error_lambda_internal,\n error_lambda_notFound,\n error_lambda_unauthorized,\n type type_error_lambda\n} from '$lambda/errors.js';\n\n/* Error wrapper for failures that happen while doing SES SDK work. /\nexport type type_error_ses = { type: 'ses'; error: unknown };\n\n/* Internal reason used before converting SES errors into public lambda errors. /\nexport type type_error_lambda_fromSes_reason =\n \| 'invalidInput'\n \| 'messageRejected'\n \| 'identityNotVerified'\n \| 'notFound'\n \| 'alreadyExists'\n \| 'conflict'\n \| 'throttled'\n \| 'accessDenied'\n \| 'internal';\n\n/* Per-reason public response override for endpoint-specific privacy and status choices. /\ntype type_error_lambda_fromSes_override = { message?: string } \| Partial<type_error_lambda>;\n\n/* Options for converting SES errors to lambda errors. /\nexport type type_error_lambda_fromSes_options = Partial<\n Record<type_error_lambda_fromSes_reason, type_error_lambda_fromSes_override>\n>;\n\nconst defaultErrors = {\n invalidInput: { type: 'badRequest', message: 'Invalid SES request' },\n messageRejected: { type: 'badRequest', message: 'Email message was rejected' },\n identityNotVerified: { type: 'internal', message: 'Internal server error' },\n notFound: { type: 'internal', message: 'Internal server error' },\n alreadyExists: { type: 'conflict', message: 'SES resource already exists' },\n conflict: { type: 'conflict', message: 'The request conflicts with the current SES resource state' },\n throttled: { type: 'internal', message: 'Internal server error' },\n accessDenied: { type: 'internal', message: 'Internal server error' },\n internal: { type: 'internal', message: 'Internal server error' }\n} satisfies Record<type_error_lambda_fromSes_reason, type_error_lambda>;\n\n/* Wrap an unknown caught value as an SES-domain error for neverthrow flows. /\nexport function error_ses(error: unknown): type_error_ses {\n return { type: 'ses', error };\n}\n\n/* Convert AWS SDK SES errors into a safe lambda error for API responses. /\nexport function error_lambda_fromSes(\n e: type_error_ses,\n options: type_error_lambda_fromSes_options = {}\n): type_error_lambda {\n return fromReason(getSesReason(e.error), options);\n}\n\n/* Apply endpoint overrides and build the concrete lambda error object. /\nfunction fromReason(reason: type_error_lambda_fromSes_reason, options: type_error_lambda_fromSes_options) {\n const base = defaultErrors[reason];\n const override = options[reason];\n const args: type_error_lambda = { ...base, ...override };\n\n switch (args.type) {\n case 'badRequest':\n return error_lambda_badRequest(args.message, args.fieldName, args.fieldValue);\n case 'unauthorized':\n return error_lambda_unauthorized(args.message);\n case 'forbidden':\n return error_lambda_forbidden(args.message);\n case 'notFound':\n return error_lambda_notFound(args.message, args.fieldName, args.fieldValue);\n case 'conflict':\n return error_lambda_conflict(args.message, args.fieldName, args.fieldValue);\n default:\n return error_lambda_internal(args.message);\n }\n}\n\n/* Classify AWS SDK / SES service errors. /\nfunction getSesReason(error: unknown): type_error_lambda_fromSes_reason {\n switch (getErrorName(error)) {\n case 'BadRequestException':\n case 'CustomVerificationEmailInvalidContentException':\n case 'InvalidParameterValue':\n case 'InvalidPolicyException':\n case 'InvalidRenderingParameterException':\n case 'InvalidSnsTopic':\n case 'InvalidSnsTopicException':\n case 'InvalidTemplateException':\n case 'InvalidTrackingOptionsException':\n case 'MissingRenderingAttributeException':\n return 'invalidInput';\n\n case 'MessageRejected':\n case 'MessageRejectedException':\n return 'messageRejected';\n\n case 'ConfigurationSetDoesNotExist':\n case 'ConfigurationSetDoesNotExistException':\n case 'NotFoundException':\n case 'RuleSetDoesNotExist':\n case 'TemplateDoesNotExist':\n case 'TemplateDoesNotExistException':\n return 'notFound';\n\n case 'AlreadyExistsException':\n case 'ConfigurationSetAlreadyExists':\n case 'RuleSetNameAlreadyExists':\n case 'TemplateNameAlreadyExists':\n return 'alreadyExists';\n\n case 'AccountSendingPausedException':\n case 'ConfigurationSetSendingPausedException':\n case 'ConcurrentModificationException':\n case 'ConflictException':\n case 'MailFromDomainNotVerified':\n case 'MailFromDomainNotVerifiedException':\n case 'SendingPausedException':\n return 'conflict';\n\n case 'FromEmailAddressNotVerified':\n case 'IdentityNotVerifiedException':\n return 'identityNotVerified';\n\n case 'LimitExceededException':\n case 'Throttling':\n case 'ThrottlingException':\n case 'TooManyRequestsException':\n return 'throttled';\n\n case 'AccessDeniedException':\n case 'AccountSuspendedException':\n case 'ExpiredTokenException':\n case 'InvalidClientTokenId':\n case 'InvalidSignatureException':\n case 'ProductionAccessNotGrantedException':\n case 'SignatureDoesNotMatch':\n case 'UnauthorizedException':\n return 'accessDenied';\n\n case 'InternalFailure':\n case 'InternalServerError':\n case 'InternalServiceError':\n case 'ServiceUnavailable':\n return 'internal';\n\n default:\n return getHttpStatusReason(error);\n }\n}\n\nfunction getHttpStatusReason(error: unknown): type_error_lambda_fromSes_reason {\n const status = getHttpStatusCode(error);\n\n if (status === 400) return 'invalidInput';\n if (status === 401) return 'accessDenied';\n if (status === 403) return 'accessDenied';\n if (status === 404) return 'notFound';\n if (status === 409 \|\| status === 412) return 'conflict';\n if (status === 429) return 'throttled';\n\n return 'internal';\n}\n\nfunction getErrorName(error: unknown): string \| undefined {\n if (!isRecord(error)) return undefined;\n\n const name = error.name;\n if (typeof name === 'string') return name;\n\n const code = error.code ?? error.Code;\n if (typeof code === 'string') return code;\n\n return undefined;\n}\n\nfunction getHttpStatusCode(error: unknown): number \| undefined {\n if (!isRecord(error)) return undefined;\n const metadata = error.$metadata;\n if (!isRecord(metadata)) return undefined;\n return typeof metadata.httpStatusCode === 'number' ? metadata.httpStatusCode : undefined;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n","import type { Root, RootContent, Element } from 'hast';\nimport rehypeParse from 'rehype-parse';\nimport type { Plugin } from 'unified';\nimport { unified } from 'unified';\nimport type { VFile } from 'vfile';\n\n/\n This rehype plugin extracts the headings from the markdown elements but also the raw elements.\n * So we get html headings in the TOC as well\n \n It sets the file.data.fm.toc to a flat map of the toc\n /\nexport const extractToc: Plugin<[], Root> = () => {\n return (tree: Root, file: VFile) => {\n const details = tree.children.flatMap(extractDetails);\n if (file.data.fm === undefined) file.data.fm = {};\n // @ts-expect-error its untyped but for svmdex it is there\n file.data.fm.toc = details;\n };\n};\nexport type Toc = TocEntry[];\nexport type TocEntry = { level: number; id: string; value: string };\n\nfunction extractDetails(content: RootContent \| { type: 'raw'; value: string }): TocEntry[] {\n if (content.type === 'element' && content.tagName.startsWith('h') && 'id' in content.properties) {\n const value =\n content.children.length === 1 && content.children[0].type === 'text'\n ? content.children[0].value\n : (content.properties.id as string);\n\n return [{ level: parseInt(content.tagName.slice(1)), id: content.properties.id as string, value }];\n } else if (content.type === 'raw') {\n const parsed = parseRaw(content.value);\n return parsed.flatMap(extractDetails);\n }\n return [];\n}\n\n/\n Parses raw HTML and returns a flat array of all heading (h1-h6) elements as HAST nodes.\n /\nexport function parseRaw(raw: string): Element[] {\n // Parse the HTML string into a HAST Root node\n const tree = unified()\n .use(rehypeParse, { fragment: true }) // allow parsing HTML fragments\n .parse(raw) as Root;\n\n // Helper function to recursively find heading elements\n function collectHeadings(node: RootContent): Element[] {\n if (node.type === 'element' && /^h[1-6]$/.test(node.tagName)) {\n return [node];\n }\n // Check children recursively\n if ('children' in node && Array.isArray(node.children)) {\n return node.children.flatMap(collectHeadings);\n }\n return [];\n }\n\n // Flatten all headings found in the tree\n return tree.children.flatMap(collectHeadings);\n}\n","import type { GenericSchema, GenericSchemaAsync } from 'valibot';\n\nexport function isSchema(x: unknown): x is GenericSchema {\n return !!x && typeof x === 'object' && 'kind' in x && x['kind'] === 'schema';\n}\n\nexport function unwrap(schema: GenericSchema): GenericSchema {\n // Unwrap common wrappers that simply contain another schema under `wrapped`\n // optional \| exactOptional \| undefinedable \| nullable \| nullish \| nonNullable \| nonNullish \| readonly \| brand \| description \| metadata \| title \| flavor\n // Most of these share `{ type: string; wrapped: GenericSchema }`\n // Guarded unwrap to avoid infinite loops.\n let curr: any = schema as any;\n const seen = new Set<any>();\n while (curr && typeof curr === 'object' && !seen.has(curr) && 'wrapped' in curr && isSchema((curr as any).wrapped)) {\n seen.add(curr);\n curr = (curr as any).wrapped;\n }\n return curr as GenericSchema;\n}\n\nfunction isIntegerKey(s: string): boolean {\n // allow \"0\", \"01\" etc. to index tuples/arrays consistently\n return /^-?\\d+$/.test(s);\n}\n\nexport type GetSchemaByPathOptions = {\n /\n When a union/variant cannot be narrowed by the path segment,\n * choose index `preferOption` (default 0). Set to -1 to return undefined instead.\n /\n preferOption?: number;\n};\n\nexport function getSchemaByPath(\n root: GenericSchema \| GenericSchemaAsync,\n path: string,\n opts: GetSchemaByPathOptions = {}\n): GenericSchema \| undefined {\n if (!isSchema(root)) return undefined;\n if (!path) return root;\n\n const keys = path.split('.');\n let curr: GenericSchema \| undefined = root;\n\n for (let i = 0; i < keys.length; i++) {\n if (!curr) return undefined;\n curr = unwrap(curr);\n const seg = keys[i];\n\n // Narrow by schema \"type\"\n const type = (curr as any).type as string \| undefined;\n\n switch (type) {\n case 'object': {\n // ObjectSchema has `.entries`\n const entries = (curr as any).entries as Record<string, GenericSchema> \| undefined;\n if (!entries) return undefined;\n curr = entries[seg];\n break;\n }\n\n case 'record': {\n // RecordSchema has `.value` for any key\n const value = (curr as any).value as GenericSchema \| undefined;\n curr = value;\n break;\n }\n\n case 'array': {\n // ArraySchema has `.item`\n if (!isIntegerKey(seg)) return undefined;\n const item = (curr as any).item as GenericSchema \| undefined;\n curr = item;\n break;\n }\n\n case 'tuple': {\n // TupleSchema has `.items` and possibly `.rest`\n if (!isIntegerKey(seg)) return undefined;\n const idx = Number(seg);\n const items = (curr as any).items as GenericSchema[] \| undefined;\n const rest = (curr as any).rest as GenericSchema \| undefined;\n if (!items) return undefined;\n curr = idx < items.length ? items[idx] : rest;\n break;\n }\n\n case 'union': {\n // UnionSchema has `.options` (array of schemas)\n const options = (curr as any).options as GenericSchema[] \| undefined;\n if (!options?.length) return undefined;\n\n // Try to narrow by segment:\n // - if numeric seg: prefer array/tuple options\n // - if string seg: prefer object/record options that contain seg\n const numeric = isIntegerKey(seg);\n\n let next: GenericSchema \| undefined;\n\n if (numeric) {\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n return u?.type === 'array' \|\| u?.type === 'tuple';\n }) ?? options[opts.preferOption ?? 0];\n } else {\n // Prefer object/record with matching key\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n if (u?.type === 'object') {\n const ent = u.entries as Record<string, GenericSchema> \| undefined;\n return !!ent && seg in ent;\n }\n return u?.type === 'record';\n }) ?? options[opts.preferOption ?? 0];\n }\n\n curr = next;\n // Loop continues to use seg against selected option\n i--; // reprocess this segment against the chosen branch\n break;\n }\n\n case 'variant': {\n // Variant (discriminated union) has `.options` too\n const options = (curr as any).options as GenericSchema[] \| undefined;\n if (!options?.length) return undefined;\n // Same narrowing as union\n const numeric = isIntegerKey(seg);\n let next: GenericSchema \| undefined;\n if (numeric) {\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n return u?.type === 'array' \|\| u?.type === 'tuple';\n }) ?? options[opts.preferOption ?? 0];\n } else {\n next =\n options.find((o) => {\n const u = unwrap(o) as any;\n if (u?.type === 'object') {\n const ent = u.entries as Record<string, GenericSchema> \| undefined;\n return !!ent && seg in ent;\n }\n return u?.type === 'record';\n }) ?? options[opts.preferOption ?? 0];\n }\n curr = next;\n i--;\n break;\n }\n\n default: {\n // If it’s a pipeline schema (`pipe`) or similar wrapper, many expose `.wrapped` and are handled by unwrap.\n // If we end up at a primitive or unknown structure while keys remain, fail.\n return undefined;\n }\n }\n }\n\n return curr ? unwrap(curr) : undefined;\n}\n","import { isEqual, isObject } from 'radash';\n\nimport type { DeepPartial } from '../types/deep.js';\n\n/\n Sets the value for an object by its dot path\n * @param obj - any object\n * @param path - the dot path eg. key1.0.1.key2\n * @param value - any value\n * @returns - the modified object\n /\nexport function setByPath<T extends object>(obj: T, path: string, value: any): T {\n const keys = path.split('.');\n let curr: any = obj;\n\n for (let i = 0; i < keys.length - 1; i++) {\n const k = keys[i];\n const next = keys[i + 1];\n // handle array indices like '0'\n if (Number.isInteger(Number(next))) {\n curr[k] ??= [];\n } else {\n curr[k] ??= {};\n }\n curr = curr[k];\n }\n\n curr[keys[keys.length - 1]] = value;\n return obj;\n}\n\n/\n Gets the value from an object by its dot path\n * @param obj - any object\n * @param path - the dot path eg. key1.0.1.key2\n * @returns - the value at the given path or undefined\n /\nexport function getByPath<T extends object>(obj: T, path: string): any {\n if (!obj \|\| typeof obj !== 'object') return undefined;\n const keys = path.split('.');\n let curr: any = obj;\n\n for (const k of keys) {\n if (curr == null) return undefined;\n curr = curr[k];\n }\n\n return curr;\n}\n\nconst isPlainRecord = (v: unknown): v is Record<string, unknown> => isObject(v) && !Array.isArray(v);\n\n/\n Returns a deep \"patch\" object containing only the fields from `b`\n * that are different from `a`.\n \n Behavior:\n * - Only keys from `b` can appear in the result.\n * - New keys in `b` are included.\n * - Changed primitive/array values are included as the value from `b`.\n * - For nested plain objects, it recurses and returns only the differing nested fields.\n * - Arrays are treated as atomic (if different, the whole array from `b` is returned).\n \n Typing:\n * - Output is `DeepPartial<B>` because only a subset of `b`'s shape is returned.\n \n @template A\n * @template B\n * @param {A} a - Base/original object (can be a different shape than `b`).\n * @param {B} b - Updated object; output keys come from this object.\n * @returns {DeepPartial<B>} Deep partial of `b` containing only differences vs `a`.\n /\nexport const deepDiff = <A extends object, B extends object>(a: A, b: B): DeepPartial<B> => {\n const out: Record<string, unknown> = {};\n\n for (const key of Object.keys(b) as Array<keyof B>) {\n const aVal = (a as any)?.[key];\n const bVal = (b as any)[key];\n\n if (!((key as any) in (a as any))) {\n out[key as any] = bVal;\n continue;\n }\n\n if (isPlainRecord(aVal) && isPlainRecord(bVal)) {\n const nested = deepDiff(aVal, bVal);\n if (Object.keys(nested as any).length) out[key as any] = nested;\n continue;\n }\n\n if (!isEqual(aVal, bVal)) out[key as any] = bVal;\n }\n\n return out as DeepPartial<B>;\n};\n\n/\n Deeply prunes `source` to match the shape of `shape`.\n \n Rules:\n * - Only keys that exist on `shape` are kept.\n * - Pruning is deep for nested plain objects.\n * - Arrays are supported by using the first element of `shape` as the element-shape.\n * - If `shape` is `[]`, returns `[]` (drops all elements).\n * - Primitive values are kept as-is (no type coercion) if the key exists in `shape`.\n * - If `shape` expects an object/array but `source` is not compatible, returns an empty object/array of that shape.\n \n @typeParam S - Source object type.\n * @typeParam Sh - Shape object type.\n * @param source - The object to prune.\n * @param shape - The object whose keys/structure are the allowlist.\n * @returns A new value derived from `source`, containing only fields present in `shape`, pruned deeply.\n \n @example\n * const source = { a: 1, b: { c: 2, d: 3 }, e: [ { x: 1, y: 2 }, { x: 3, y: 4 } ], z: 9 };\n * const shape = { a: 0, b: { c: 0 }, e: [ { x: 0 } ] };\n * // => { a: 1, b: { c: 2 }, e: [ { x: 1 }, { x: 3 } ] }\n * const out = pruneToShape(source, shape);\n /\nexport function pruneToShape<S, Sh>(source: S, shape: Sh): Sh {\n return pruneAny(source as unknown, shape as unknown) as Sh;\n\n function pruneAny(src: unknown, sh: unknown): unknown {\n // Arrays: use first element as the \"element shape\"\n if (Array.isArray(sh)) {\n if (!Array.isArray(src)) return [];\n if (sh.length === 0) return [];\n const elemShape = sh[0];\n return src.map((v) => pruneAny(v, elemShape));\n }\n\n // Plain objects: keep only keys present on shape, recursively.\n if (isPlainObject(sh)) {\n const out: Record<string, unknown> = {};\n const srcObj = isPlainObject(src) ? (src as Record<string, unknown>) : undefined;\n\n for (const key of Object.keys(sh as Record<string, unknown>)) {\n const shVal = (sh as Record<string, unknown>)[key];\n const srcVal = srcObj ? srcObj[key] : undefined;\n\n if (Array.isArray(shVal) \|\| isPlainObject(shVal)) {\n out[key] = pruneAny(srcVal, shVal);\n } else {\n // Primitive (or function/date/etc in shape): key exists => keep source value as-is\n out[key] = srcVal;\n }\n }\n return out;\n }\n\n // Non-object shape => allowed leaf; just return source leaf as-is.\n return src;\n }\n\n function isPlainObject(v: unknown): v is Record<string, unknown> {\n if (v === null \|\| typeof v !== 'object') return false;\n const proto = Object.getPrototypeOf(v);\n return proto === Object.prototype \|\| proto === null;\n }\n}\n","import { lstat, mkdir, readFile, writeFile } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\nimport chalk from 'chalk';\nimport type { PackageJson } from 'type-fest';\n\n/\n @returns true if a filepath exists\n /\nexport async function exists(filePath: string): Promise<boolean> {\n try {\n await lstat(filePath);\n return true;\n } catch {\n return false;\n }\n}\n\n/\n Writes data to a filepath if it is different\n * @returns true if the file is written to\n /\nexport async function writeIfDifferent(filePath: string, newData: string): Promise<boolean> {\n // Ensure the directory exists\n const directory = dirname(filePath);\n if (!(await exists(directory))) {\n await mkdir(directory, { recursive: true });\n }\n\n // Check if the file exists\n if (await exists(filePath)) {\n // Read the existing file content\n const existingData = await readFile(filePath, 'utf8');\n\n // Compare the existing data with the new data\n if (existingData === newData) {\n // console.log('File contents are identical. No write needed.');\n return false;\n }\n }\n\n // Write the new data if it's different or the file doesn't exist\n await writeFile(filePath, newData, 'utf8');\n console.log(chalk.green('Writing to'), filePath);\n return true;\n}\n\n/\n @returns the json object packageJson or undefined if it doesnt exist\n */\nexport async function readPackageJson(filePath: string): Promise<PackageJson \| undefined> {\n if (!(await exists(filePath))) return undefined;\n return JSON.parse(await readFile(filePath, { encoding: 'utf-8' })) as PackageJson;\n}\n","import { styleText } from 'node:util';\n\nexport const colorText = (format: Parameters<typeof styleText>[0], text: unknown) =>\n styleText(format, String(text), { validateStream: false });\n"],"mappings":";;;;;;;;;;;;;;;;;AA6EA,MAAa,cAAc;CAAC;CAAO;CAAQ;CAAO;CAAU;CAAS;CAAW;CAAO;;;ACvEvF,MAAM,cAAc;CAAC;CAAQ;CAAO;CAAQ;AAC5C,MAAM,eAAe,CAAC,OAAO,SAAS;AAEtC,eAAe,YACb,MACA,QACA,OACA,QAEA,aACA,QACA,SACY;AACZ,KAAI,OACF,KAAI,OAAO,UAAU,KAAM,OAAM,WAAW,QAAQ,MAAM;KACrD,SAAO,QAAQ,MAAM;CAG5B,IAAI,MAAM,GAAG,SAAS,OAAO,SAAS,IAAI,GAAG,KAAK,MAAM;AAExD,KAAI,aAAa,SAAS,OAAc,EAAE;EACxC,MAAM,SAAS,IAAI,iBAAiB;AAEpC,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,SAAS,EAAE,CAAC,CACpD,KAAI,MAAM,QAAQ,MAAM,CACtB,OAAM,SAAS,SAAS,OAAO,OAAO,KAAK,OAAO,KAAK,CAAC,CAAC;MAEzD,QAAO,OAAO,KAAK,OAAO,MAAM,CAAC;EAIrC,MAAM,cAAc,OAAO,UAAU;AACrC,MAAI,YAAa,QAAO,IAAI;;AAG9B,WAAU;EAAE,gBAAgB;EAAoB,GAAG;EAAS;CAC5D,MAAM,WAAW,MAAM,MAAM,KAAK;EAChC;EACA;EAEA,MAAM,YAAY,SAAS,OAAc,GAAG,KAAK,UAAU,MAAM,GAAG,KAAA;EACpE,aAAa;EACd,CAAC;CACF,MAAM,cAAc,SAAS,QAAQ,IAAI,eAAe,IAAI;CAE5D,IAAI,YAAqC;AACzC,UAAS,OAAO,YAAY;AAC1B,MAAI,cAAc,MAChB,aAAY,SAAS,MAAM;AAG7B,MAAI,gBAAgB,sBAClB,QAAO,MAAM,MAAM,MAAM,UAAU;MAEnC,QAAO,KAAK,MAAM,MAAM,UAAU;;AAGtC,QAAO;;;;;;AAsBT,SAAgB,iBACd,SACA,QACA,KACyB;AACzB,QAAO,eAAe,WAAW,MAAM,QAAQ,OAAO,SAAS;EAC7D,MAAM,SAAS,QAAQ,QAAQ;AAC/B,MAAI,WAAW,KAAA,EAAW,OAAM,IAAI,MAAM,qCAAqC;AAM/E,SAAO,YACL,MACA,QACA,OACA,QACA,KACA,QACA,QACD;;;;;;;;;;;;;;;;;;;ACpDL,SAAgB,YACd,SACsB;AACtB,QAAO,OAAO,OAAU,YAAuD;EAC7E,MAAM,SAAS,MAAM,QAAQ,OAAO,QAAQ;AAE5C,MAAI,OAAO,MAAM;GACf,MAAM,UAAU,IAAI,QAAQ,OAAO,QAAQ;AAC3C,WAAQ,IAAI,gBAAgB,sBAAsB;AAElD,UAAO;IAAE,GAAG;IAAQ,SAAS,OAAO,YAAY,QAAQ;IAAE,MAAM,UAAU,OAAO,KAAK;IAAE;QAExF,QAAO;GAAE,GAAG;GAAQ,MAAM,KAAA;GAAW;;;;;;;;;;;;;ACzD3C,SAAgB,wBACd,SACA,WACA,YAC8B;AAC9B,QAAO;EAAE,MAAM;EAAuB;EAAS;EAAW;EAAY;;AAGxE,SAAgB,0BAA0B,SAAiD;AACzF,QAAO;EAAE,MAAM;EAAyB;EAAS;;AAGnD,SAAgB,uBAAuB,SAA8C;AACnF,QAAO;EAAE,MAAM;EAAsB;EAAS;;AAGhD,SAAgB,sBACd,SACA,WACA,YAC4B;AAC5B,QAAO;EAAE,MAAM;EAAqB;EAAS;EAAW;EAAY;;AAGtE,SAAgB,sBACd,SACA,WACA,YAC4B;AAC5B,QAAO;EAAE,MAAM;EAAqB;EAAS;EAAW;EAAY;;AAGtE,SAAgB,sBAAsB,SAA6C;AACjF,QAAO;EAAE,MAAM;EAAqB;EAAS;;;;ACrC/C,SAAS,MAAM,KAAkD;AAC/D,QAAO,IAAI,cAAc,KAAA,KAAa,IAAI,eAAe,KAAA,IACrD,EAAE,GACF,EAAE,OAAO;EAAE,MAAM,IAAI;EAAW,OAAO,IAAI;EAAY,EAAE;;;;;;;;;;AAoC/D,SAAgB,eACd,GACA,SACA,OAAa,IACb,SAAiB,EAAE,EACgB;AACnC,SAAQ,EAAE,MAAV;EACE,KAAK,aACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG,MAAM,EAAE;IAAE,GAAG;IAAQ;GAAE;EAEvG,KAAK,eACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG;IAAQ;GAAE;EAE1F,KAAK,YACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG;IAAQ;GAAE;EAE1F,KAAK,WACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG,MAAM,EAAE;IAAE,GAAG;IAAQ;GAAE;EAEvG,KAAK,WACH,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS,EAAE;IAAe;IAAM,GAAG,MAAM,EAAE;IAAE,GAAG;IAAQ;GAAE;EAEvG,QACE,QAAO;GAAE;GAAS,YAAY;GAAK,MAAM;IAAE,SAAS;IAAuB;IAAM,GAAG;IAAQ;GAAE;;;;;;;;AASpG,SAAgB,sBAAsB,KAAwD,SAAc;CAC1G,MAAM,QAAQ,IAAI,OAAO;AAEzB,KAAI,MAAM,QAAQ,MAAM,KAAK,MAAM,OAAO,MAAM,KAAK,GAAG,QAAQ,SAC9D,QAAO,eAAe,wBAAwB,iBAAiB,MAAM,KAAK,GAAG,KAAK,MAAM,QAAQ,EAAE,QAAQ;KAE1G,QAAO,eAAe,wBAAwB,kBAAkB,MAAM,UAAU,EAAE,QAAQ;;AAI9F,SAAgB,YACd,MACA,SACA,SACA;AACA,QAAO;EAAE;EAAS;EAAS,YAAY;EAAc;EAAM;;;;;;;ACnF7D,SAAgB,WACd,OACA;AACA,QAAO,OAAO,oBACN;AACJ,MAAI,EAAE,aAAa,UAAU,CAAC,MAAM,QAClC,OAAM,IAAI,MAAM,sBAAsB;EAIxC,MAAM,eACJ,MAAM,QAAQ,MAAM,QAAQ,IAAI,MAAM,QAAQ,SAAS,IACnD,MAAM,QAAQ,KAAK,KAAK,GACxB,MAAM,QAAQ,UAAU,MAAM,QAAQ;AAE5C,MAAI,CAAC,aACH,OAAM,IAAI,MAAM,4BAA4B;AAI9C,SADYA,QAAM,aACR;KAEX,MAAM;AACL,MAAI,aAAa,MAAO,QAAO,0BAA0B,EAAE,QAAQ;AACnE,SAAO,0BAA0B,kBAAkB;GAEtD,EAAE;;;;;;;AC7BL,SAAgB,mBAAmB;AACjC,QAAO,IAAI,8BAA8B,EAGxC,CAAC;;;;AC8BJ,MAAMC,kBAAgB;CACpB,MAAM;EAAE,MAAM;EAAgB,SAAS;EAAkB;CACzD,WAAW;EAAE,MAAM;EAAa,SAAS;EAAa;CACtD,cAAc;EAAE,MAAM;EAAc,SAAS;EAAuC;CACpF,cAAc;EAAE,MAAM;EAAY,SAAS;EAAkB;CAC7D,kBAAkB;EAAE,MAAM;EAAY,SAAS;EAAsB;CACrE,iBAAiB;EAAE,MAAM;EAAc,SAAS;EAAqB;CACrE,gBAAgB;EAAE,MAAM;EAAc,SAAS;EAA8C;CAC7F,iBAAiB;EAAE,MAAM;EAAY,SAAS;EAA8B;CAC5E,uBAAuB;EAAE,MAAM;EAAc,SAAS;EAA2B;CACjF,aAAa;EAAE,MAAM;EAAc,SAAS;EAAgB;CAC5D,cAAc;EAAE,MAAM;EAAc,SAAS;EAAgB;CAC7D,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CAChE,YAAY;EAAE,MAAM;EAAY,SAAS;EAAuB;CAChE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAiE;CACxG,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,cAAc,OAAoC;AAChE,QAAO;EAAE,MAAM;EAAW;EAAO;;;AAInC,SAAgB,yBACd,GACA,UAAiD,EAAE,EAChC;AACnB,QAAOC,aAAW,iBAAiB,EAAE,MAAM,EAAE,QAAQ;;;AAIvD,SAASA,aACP,QACA,SACmB;CACnB,MAAM,OAAOD,gBAAc;CAC3B,MAAM,WAAW,QAAQ;CACzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAS,iBAAiB,OAAsD;AAC9E,SAAQE,eAAa,MAAM,EAA3B;EACE,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,6BACH,QAAO;EAET,KAAK;EACL,KAAK,qBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,gCACH,QAAO;EAET,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,qCACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK,2BACH,QAAO;EAET,KAAK,2BACH,QAAO;EAET,KAAK,0CACH,QAAO;EAET,KAAK,iCACH,QAAO;EAET,KAAK,uBACH,QAAO;EAET,KAAK,wBACH,QAAO;EAET,KAAK,+BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,0BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK,gCACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wCACH,QAAO;EAET,QACE,QAAOC,sBAAoB,MAAM;;;AAIvC,SAASA,sBAAoB,OAAsD;CACjF,MAAM,SAASC,oBAAkB,MAAM;AAEvC,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,IAAK,QAAO;AAE3B,QAAO;;AAGT,SAASF,eAAa,OAAoC;AACxD,KAAI,CAACG,WAAS,MAAM,CAAE,QAAO,KAAA;CAE7B,MAAM,OAAO,MAAM;AACnB,KAAI,OAAO,SAAS,SAAU,QAAO;CAErC,MAAM,OAAO,MAAM,QAAQ,MAAM;AACjC,KAAI,OAAO,SAAS,SAAU,QAAO;;AAKvC,SAASD,oBAAkB,OAAoC;AAC7D,KAAI,CAACC,WAAS,MAAM,CAAE,QAAO,KAAA;CAC7B,MAAM,WAAW,MAAM;AACvB,KAAI,CAACA,WAAS,SAAS,CAAE,QAAO,KAAA;AAChC,QAAO,OAAO,SAAS,mBAAmB,WAAW,SAAS,iBAAiB,KAAA;;AAGjF,SAASA,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;;;;;;ACjNhD,SAAgB,eAAe,GAA6C;AAC1E,QAAO,YAAY,cACjB,YAAY;AACV,UAAQ,IAAI,8CAA8C,EAAE,SAAS;EAErE,MAAM,MAAM,MADU,kBACS,CAAC,KAAK,IAAI,oBAAoB;GAAE,YAAY,EAAE;GAAY,UAAU,EAAE;GAAU,CAAC,CAAC;AACjH,SAAO;GAAE,GAAG;GAAK,gBAAgB,kBAAkB,IAAI,eAAe;GAAE;KAEzE,MAAM;AACL,UAAQ,MAAM,yBAAyB,EAAE;AACzC,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;AAML,SAAgB,kBAAkB,OAAoC;CACpE,MAAM,aAAqC,EAAE;AAC7C,KAAI;OACG,MAAM,QAAQ,MACjB,KAAI,KAAK,QAAQ,KAAK,MACpB,YAAW,KAAK,QAAQ,KAAK;;AAInC,QAAO;;;;;AAMT,SAAgB,cAAc,GAA6C;AACzE,QAAO,YAAY,cACjB,YAAY;AACV,UAAQ,IAAI,4CAA4C,EAAE,SAAS;AAKnE,SAAO,MAJe,kBACS,CAAC,KAC9B,IAAI,8BAA8B;GAAE,YAAY,EAAE;GAAY,UAAU,EAAE;GAAU,CAAC,CACtF;KAGF,MAAM;AACL,UAAQ,MAAM,wBAAwB,EAAE;AACxC,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;ACpCL,SAAgB,kBAAkB,UAAkB,UAAkB,cAA8B;AAClG,SAAQ,IAAI,uBAAuB,UAAU,UAAU,aAAa;AACpE,QAAO,WAAW,UAAU,aAAa,CACtC,OAAO,WAAW,SAAS,CAC3B,OAAO,SAAS;;;;;;;;;AAYrB,SAAgB,eAAe,aAAqB,aAAqB,aAAqB;AAC5F,QAAO,YAAY,cACjB,YAAY;AAEV,SADsB,kBACF,CAAC,KACnB,IAAI,sBAAsB;GACxB,aAAa;GACb,kBAAkB;GAClB,kBAAkB;GACnB,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,+BAA+B,EAAE;AAC/C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAcL,SAAgB,sBAAsB,GAMnC;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,6BAA6B;GAC/B,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,kBAAkB,EAAE;GACpB,UAAU,EAAE;GACZ,YAAY,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;GACtE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,sCAAsC,EAAE;AACtD,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;AAaL,SAAgB,cAAc,GAK3B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,qBAAqB;GACvB,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,kBAAkB,EAAE;GACpB,YAAY,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;GACtE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,8BAA8B,EAAE;AAC9C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;AAYL,SAAgB,eAAe,GAAiE;AAC9F,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,sBAAsB;GACxB,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,YAAY,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;GACtE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,+BAA+B,EAAE;AAC/C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAcL,SAAgB,MAAM,GAMnB;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,yBAAyB;GAC3B,UAAU;GACV,UAAU,EAAE;GACZ,YAAY,EAAE;GACd,gBAAgB;IACd,UAAU,EAAE;IACZ,UAAU,EAAE;IACZ,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;IACvE;GACF,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,kCAAkC,EAAE;AAClD,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;AAQL,SAAgB,cAAc,GAM3B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KAAK,IAAI,iCAAiC,EAAE,CAAC;KAEnE,MAAM;AACL,UAAQ,MAAM,yDAAyD,EAAE;AACzE,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAYL,SAAgB,kBAAkB,GAM/B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,yBAAyB;GAC3B,UAAU;GACV,UAAU,EAAE;GACZ,YAAY,EAAE;GACd,gBAAgB;IACd,eAAe,EAAE;IACjB,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;IACvE;GACF,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,iDAAiD,EAAE;AACjE,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;AASL,SAAgB,OAAO,aAAqB;AAC1C,QAAO,YAAY,oBACX;AAGJ,SAFsB,kBAEF,CAAC,KAAK,IAAI,qBAAqB,EAAE,aAAa,aAAa,CAAC,CAAC;KAElF,MAAM;AACL,UAAQ,MAAM,8BAA8B,EAAE;AAC9C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAaL,SAAgB,cAAc,GAM3B;AACD,QAAO,YAAY,oBACX;AAEJ,SADsB,kBACF,CAAC,KACnB,IAAI,8BAA8B;GAChC,eAAe;GACf,UAAU,EAAE;GACZ,SAAS,EAAE;GACX,oBAAoB;IAClB,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;IACtE,cAAc,EAAE;IAChB,UAAU,EAAE;IACb;GACF,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,uCAAuC,EAAE;AACvD,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;AAaL,SAAgB,OACd,GACA;AACA,QAAO,YAAY,oBACX;EACJ,MAAM,gBAAgB,kBAAkB;EACxC,MAAM,aAAa,kBAAkB,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa;AAE5E,SAAO,cAAc,KACnB,IAAI,cAAc;GAChB,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,UAAU,EAAE;GACZ,YAAY;GACZ,gBAAgB,OAAO,QAAQ,EAAE,CAC9B,QAAQ,CAAC,SAAS,CAAC;IAAC;IAAY;IAAY;IAAY;IAAe,CAAC,SAAS,IAAI,CAAC,CACtF,KAAK,CAAC,KAAK,YAAY;IAAE,MAAM;IAAK,OAAO;IAAiB,EAAE;GAClE,CAAC,CACH;KAEF,MAAM;AACL,UAAQ,MAAM,uBAAuB,EAAE;AACvC,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;;;AAeL,SAAgB,iBAAiB,GAM9B;AACD,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,YAAY,OAAO,KAAK,GAAG,EAAE,SAAS,GAAG,EAAE,eAAe,CAAC,SAAS,SAAS;EAEnF,MAAM,SAAS,IAAI,iBAAiB;AACpC,SAAO,OAAO,cAAc,qBAAqB;AACjD,SAAO,OAAO,QAAQ,EAAE,KAAK;AAC7B,SAAO,OAAO,gBAAgB,EAAE,YAAY;AAI5C,UAAQ,IAAI,4BAA4B,OAAO,UAAU,CAAC;EAE1D,MAAM,WAAW,MAAM,MAAM,WAAW,EAAE,cAAc,gBAAgB;GACtE,QAAQ;GACR,SAAS;IAAE,gBAAgB;IAAqC,eAAe,SAAS;IAAa;GACrG,MAAM,OAAO,UAAU;GACxB,CAAC;AACF,MAAI,CAAC,SAAS,IAAI;AAChB,WAAQ,MAAM,2CAA2C,MAAM,SAAS,MAAM,CAAC;AAC/E,SAAM,OAAO,uBAAO,IAAI,MAAM,8BAA8B,EAAE,EAAE,MAAM,0BAA0B,CAAC;;AAGnG,SAAQ,MAAM,SAAS,MAAM;KAQ9B,MAAM;AACL,UAAQ,MAAM,0BAA0B,EAAE;AAC1C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;;;;;;AAaL,SAAgB,kBAAkB,GAK/B;AACD,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,YAAY,OAAO,KAAK,GAAG,EAAE,SAAS,GAAG,EAAE,eAAe,CAAC,SAAS,SAAS;EAEnF,MAAM,SAAS,IAAI,iBAAiB;AACpC,SAAO,OAAO,cAAc,gBAAgB;AAC5C,SAAO,OAAO,iBAAiB,EAAE,aAAa;AAE9C,UAAQ,IAAI,6BAA6B,OAAO,UAAU,CAAC;EAE3D,MAAM,WAAW,MAAM,MAAM,WAAW,EAAE,cAAc,gBAAgB;GACtE,QAAQ;GACR,SAAS;IAAE,gBAAgB;IAAqC,eAAe,SAAS;IAAa;GACrG,MAAM,OAAO,UAAU;GACxB,CAAC;AACF,MAAI,CAAC,SAAS,IAAI;AAChB,WAAQ,MAAM,4CAA4C,MAAM,SAAS,MAAM,CAAC;AAChF,SAAM,OAAO,uBAAO,IAAI,MAAM,6BAA6B,EAAE,EAAE,MAAM,0BAA0B,CAAC;;AAGlG,SAAQ,MAAM,SAAS,MAAM;KAQ9B,MAAM;AACL,UAAQ,MAAM,2BAA2B,EAAE;AAC3C,SAAO,cAAc,EAAE;GAE1B,EAAE;;;;;;;AC7cL,SAAgB,QAAQ;AACtB,QAAO,IAAI,SAAS,EAGnB,CAAC;;;;ACTJ,SAAgB,SAAS,OAAkD;AACzE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAEhD,SAAgB,aAAa,OAAoC;AAC/D,KAAI,CAAC,SAAS,MAAM,CAAE,QAAO,KAAA;CAE7B,MAAM,OAAO,MAAM;AACnB,KAAI,OAAO,SAAS,SAAU,QAAO;CAErC,MAAM,OAAO,MAAM,QAAQ,MAAM;AACjC,KAAI,OAAO,SAAS,SAAU,QAAO;;;;ACuBvC,MAAMC,kBAAgB;CACpB,cAAc;EAAE,MAAM;EAAc,SAAS;EAAsB;CACnE,gBAAgB;EAAE,MAAM;EAAY,SAAS;EAAuB;CACpE,gBAAgB;EAAE,MAAM;EAAY,SAAS;EAAyB;CACtE,UAAU;EAAE,MAAM;EAAY,SAAS;EAA4D;CACnG,WAAW;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE,cAAc;EAAE,MAAM;EAAY,SAAS;EAAyB;CACpE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,SAAS,OAA+B;AACtD,QAAO;EAAE,MAAM;EAAM;EAAO;;;AAI9B,SAAgB,oBACd,GACA,UAA4C,EAAE,EAC3B;CACnB,MAAM,SAAS,YAAY,EAAE,MAAM;CAEnC,MAAM,OAAOA,gBAAc;CAC3B,MAAM,WAAW,QAAQ;CACzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAgB,eAAe,OAAyB;AACtD,QAAO,YAAY,MAAM,KAAK;;;AAIhC,SAAS,YAAY,OAAiD;AACpE,SAAQ,aAAa,MAAM,EAA3B;EACE,KAAK;EACL,KAAK;EACL,KAAK,gBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,eACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,eACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,sBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,oBACH,QAAO;EAET,QACE,QAAOC,sBAAoB,MAAM;;;AAIvC,SAASA,sBAAoB,OAAiD;CAC5E,MAAM,SAASC,oBAAkB,MAAM;AAEvC,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAE7C,QAAO;;AAGT,SAASA,oBAAkB,OAAoC;AAC7D,KAAI,CAAC,SAAS,MAAM,CAAE,QAAO,KAAA;CAC7B,MAAM,WAAW,MAAM;AACvB,KAAI,CAAC,SAAS,SAAS,CAAE,QAAO,KAAA;AAChC,QAAO,OAAO,SAAS,mBAAmB,WAAW,SAAS,iBAAiB,KAAA;;;;ACtMjF,SAAgB,aAAa,GAAG,MAA2C;AACzE,QAAO,YAAY,cAAcC,iBAAmB,MAAM;AACxD,UAAQ,MAAM,0CAA0C,EAAE;AAC1D,SAAO,SAAS,EAAE;GAClB,CAAC,GAAG,KAAK;;;;;;;;;;;ACIb,SAAgB,UAAU,YAAoB,KAAa;AACzD,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,KAAK,OAAO;EAClB,MAAM,MAAM,IAAI,iBAAiB;GAAE,QAAQ;GAAY,KAAK;GAAK,CAAC;EAElE,MAAM,UAAS,MADG,GAAG,KAAK,IAAI,EACX;AACnB,SAAO,IAAI,SAAiB,SAAS,WAAW;GAC9C,MAAM,SAAmB,EAAE;AAC3B,UAAO,GAAG,SAAS,UAAkB,OAAO,KAAK,MAAM,CAAC;AACxD,UAAO,GAAG,aAAa,QAAQ,OAAO,OAAO,OAAO,CAAC,CAAC;AACtD,UAAO,GAAG,SAAS,OAAO;IAC1B;KAEH,MAAM;AACL,UAAQ,MAAM,6CAA6C,IAAI;AAC/D,SAAO,SAAS,EAAE;GAErB,EAAE;;;;;AAML,SAAgB,gBAAgB,YAAoB,KAAiD;AACnG,QAAO,UAAU,YAAY,IAAI,CAAC,KAAK,WAAW,OAAO,SAAS,QAAQ,CAAC;;;;;;;;;AAU7E,SAAgB,aAAa,YAAoB,KAAa;AAC5D,QAAO,YAAY,cACjB,YAAY;EACV,MAAM,KAAK,OAAO;AAElB,MAAI;GACF,MAAM,MAAM,IAAI,kBAAkB;IAAE,QAAQ;IAAY,KAAK;IAAK,CAAC;AAEnE,WAAO,MADW,GAAG,KAAK,IAAI,EACnB,UAAU,mBAAmB;WACjC,GAAG;AACV,OAAI,eAAe,EAAE,CAAE,QAAO;AAC9B,SAAM;;KAGT,MAAM;AACL,UAAQ,MAAM,oDAAoD,IAAI;AACtE,SAAO,SAAS,EAAE;GAErB,EAAE;;;;AC1BL,MAAMC,kBAAgB;CACpB,cAAc;EAAE,MAAM;EAAc,SAAS;EAAmB;CAChE,wBAAwB;EAAE,MAAM;EAAY,SAAS;EAAyD;CAC9G,qBAAqB;EAAE,MAAM;EAAY,SAAS;EAAyD;CAC3G,kBAAkB;EAAE,MAAM;EAAY,SAAS;EAAyB;CACxE,WAAW;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE,cAAc;EAAE,MAAM;EAAY,SAAS;EAAyB;CACpE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,aAAa,OAAmC;AAC9D,QAAO;EAAE,MAAM;EAAU;EAAO;;;AAIlC,SAAgB,wBACd,GACA,UAAgD,EAAE,EAC/B;AACnB,KAAI,EAAE,iBAAiB,qBACrB,QAAOC,aAAW,iBAAiB,EAAE,MAAM,EAAE,SAAS,aAAa,EAAE,OAAO,QAAQ,mBAAmB,CAAC;AAE1G,QAAOA,aAAW,aAAa,EAAE,MAAM,EAAE,QAAQ;;;AAInD,SAASA,aACP,QACA,SACA,WAAuC,EAAE,EACtB;CACnB,MAAM,OAAO;EAAE,GAAGD,gBAAc;EAAS,GAAG;EAAU;CACtD,MAAM,WAAW,QAAQ;CAEzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAS,iBAAiB,OAAkE;AAC1F,KAAI,MAAM,KAAK,WAAW,WAAW,IAAI,MAAM,SAAS,yCACtD,QAAO;AAGT,KAAI,MAAM,KAAK,WAAW,aAAa,IAAI,MAAM,KAAK,WAAW,UAAU,IAAI,MAAM,KAAK,WAAW,UAAU,CAC7G,QAAO;AAGT,SAAQ,MAAM,MAAd;EACE,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,8BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,yBACH,QAAO;EAET,QACE,QAAO;;;AAIb,SAAS,aAAa,OAA6B,oBAAyC;AAC1F,KAAI,CAAC,sBAAsB,OAAO,MAAM,SAAS,SAAU,QAAO,EAAE;AACpE,QAAO;EAAE,WAAW,MAAM;EAAM,YAAY,MAAM;EAAS;;;AAK7D,SAAS,aAAa,OAAqD;AACzE,SAAQ,aAAa,MAAM,EAA3B;EACE,KAAK,kCACH,QAAO;EACT,KAAK,+BACH,QAAO,qBAAqB,MAAM;EACpC,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,2CACH,QAAO;EACT,KAAK,sBACH,QAAO;EACT,KAAK,4BACH,QAAO;EACT,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,kBACH,QAAO;EACT,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,8BACH,QAAO;EACT,QACE,QAAO;;;;AAKb,SAAS,qBAAqB,OAAqD;CACjF,MAAM,sBAAsB,uBAAuB,MAAM;AAEzD,KAAI,oBAAoB,MAAM,WAAW,WAAW,yBAAyB,CAC3E,QAAO;AAGT,KAAI,oBAAoB,MAAM,WAAW,WAAW,sBAAsB,CACxE,QAAO;AAGT,KAAI,oBAAoB,MAAM,WAAW,WAAW,kBAAkB,CACpE,QAAO;AAGT,KACE,oBAAoB,MAAM,WACxB;EAAC;EAAiC;EAAwB;EAAkB,CAAC,SAAS,OAAO,CAC9F,CAED,QAAO;AAGT,QAAO;;AAGT,SAAS,uBAAuB,OAA0B;AACxD,KAAI,CAAC,SAAS,MAAM,CAAE,QAAO,EAAE;CAC/B,MAAM,sBAAsB,MAAM,uBAAuB,MAAM;AAC/D,KAAI,CAAC,MAAM,QAAQ,oBAAoB,CAAE,QAAO,EAAE;AAElD,QAAO,oBACJ,KAAK,WAAY,SAAS,OAAO,IAAI,OAAO,OAAO,SAAS,WAAW,OAAO,OAAO,KAAA,EAAW,CAChG,QAAQ,WAAW,WAAW,KAAA,EAAU;;;;ACxL7C,MAAM,gBAAgB;CACpB,cAAc;EAAE,MAAM;EAAc,SAAS;EAAuB;CACpE,iBAAiB;EAAE,MAAM;EAAc,SAAS;EAA8B;CAC9E,qBAAqB;EAAE,MAAM;EAAY,SAAS;EAAyB;CAC3E,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CAChE,eAAe;EAAE,MAAM;EAAY,SAAS;EAA+B;CAC3E,UAAU;EAAE,MAAM;EAAY,SAAS;EAA6D;CACpG,WAAW;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE,cAAc;EAAE,MAAM;EAAY,SAAS;EAAyB;CACpE,UAAU;EAAE,MAAM;EAAY,SAAS;EAAyB;CACjE;;AAGD,SAAgB,UAAU,OAAgC;AACxD,QAAO;EAAE,MAAM;EAAO;EAAO;;;AAI/B,SAAgB,qBACd,GACA,UAA6C,EAAE,EAC5B;AACnB,QAAO,WAAW,aAAa,EAAE,MAAM,EAAE,QAAQ;;;AAInD,SAAS,WAAW,QAA0C,SAA4C;CACxG,MAAM,OAAO,cAAc;CAC3B,MAAM,WAAW,QAAQ;CACzB,MAAM,OAA0B;EAAE,GAAG;EAAM,GAAG;EAAU;AAExD,SAAQ,KAAK,MAAb;EACE,KAAK,aACH,QAAO,wBAAwB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC/E,KAAK,eACH,QAAO,0BAA0B,KAAK,QAAQ;EAChD,KAAK,YACH,QAAO,uBAAuB,KAAK,QAAQ;EAC7C,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,KAAK,WACH,QAAO,sBAAsB,KAAK,SAAS,KAAK,WAAW,KAAK,WAAW;EAC7E,QACE,QAAO,sBAAsB,KAAK,QAAQ;;;;AAKhD,SAAS,aAAa,OAAkD;AACtE,SAAQE,eAAa,MAAM,EAA3B;EACE,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,qCACH,QAAO;EAET,KAAK;EACL,KAAK,2BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,gCACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,4BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,yBACH,QAAO;EAET,KAAK;EACL,KAAK,+BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,2BACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,wBACH,QAAO;EAET,KAAK;EACL,KAAK;EACL,KAAK;EACL,KAAK,qBACH,QAAO;EAET,QACE,QAAO,oBAAoB,MAAM;;;AAIvC,SAAS,oBAAoB,OAAkD;CAC7E,MAAM,SAAS,kBAAkB,MAAM;AAEvC,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,IAAK,QAAO;AAC3B,KAAI,WAAW,OAAO,WAAW,IAAK,QAAO;AAC7C,KAAI,WAAW,IAAK,QAAO;AAE3B,QAAO;;AAGT,SAASA,eAAa,OAAoC;AACxD,KAAI,CAACC,WAAS,MAAM,CAAE,QAAO,KAAA;CAE7B,MAAM,OAAO,MAAM;AACnB,KAAI,OAAO,SAAS,SAAU,QAAO;CAErC,MAAM,OAAO,MAAM,QAAQ,MAAM;AACjC,KAAI,OAAO,SAAS,SAAU,QAAO;;AAKvC,SAAS,kBAAkB,OAAoC;AAC7D,KAAI,CAACA,WAAS,MAAM,CAAE,QAAO,KAAA;CAC7B,MAAM,WAAW,MAAM;AACvB,KAAI,CAACA,WAAS,SAAS,CAAE,QAAO,KAAA;AAChC,QAAO,OAAO,SAAS,mBAAmB,WAAW,SAAS,iBAAiB,KAAA;;AAGjF,SAASA,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;;;;;;;;;AC9KhD,MAAa,mBAAqC;AAChD,SAAQ,MAAY,SAAgB;EAClC,MAAM,UAAU,KAAK,SAAS,QAAQ,eAAe;AACrD,MAAI,KAAK,KAAK,OAAO,KAAA,EAAW,MAAK,KAAK,KAAK,EAAE;AAEjD,OAAK,KAAK,GAAG,MAAM;;;AAMvB,SAAS,eAAe,SAAmE;AACzF,KAAI,QAAQ,SAAS,aAAa,QAAQ,QAAQ,WAAW,IAAI,IAAI,QAAQ,QAAQ,YAAY;EAC/F,MAAM,QACJ,QAAQ,SAAS,WAAW,KAAK,QAAQ,SAAS,GAAG,SAAS,SAC1D,QAAQ,SAAS,GAAG,QACnB,QAAQ,WAAW;AAE1B,SAAO,CAAC;GAAE,OAAO,SAAS,QAAQ,QAAQ,MAAM,EAAE,CAAC;GAAE,IAAI,QAAQ,WAAW;GAAc;GAAO,CAAC;YACzF,QAAQ,SAAS,MAE1B,QADe,SAAS,QAAQ,MACnB,CAAC,QAAQ,eAAe;AAEvC,QAAO,EAAE;;;;;AAMX,SAAgB,SAAS,KAAwB;CAE/C,MAAM,OAAO,SAAS,CACnB,IAAI,aAAa,EAAE,UAAU,MAAM,CAAC,CACpC,MAAM,IAAI;CAGb,SAAS,gBAAgB,MAA8B;AACrD,MAAI,KAAK,SAAS,aAAa,WAAW,KAAK,KAAK,QAAQ,CAC1D,QAAO,CAAC,KAAK;AAGf,MAAI,cAAc,QAAQ,MAAM,QAAQ,KAAK,SAAS,CACpD,QAAO,KAAK,SAAS,QAAQ,gBAAgB;AAE/C,SAAO,EAAE;;AAIX,QAAO,KAAK,SAAS,QAAQ,gBAAgB;;;;AC1D/C,SAAgB,SAAS,GAAgC;AACvD,QAAO,CAAC,CAAC,KAAK,OAAO,MAAM,YAAY,UAAU,KAAK,EAAE,YAAY;;AAGtE,SAAgB,OAAO,QAAsC;CAK3D,IAAI,OAAY;CAChB,MAAM,uBAAO,IAAI,KAAU;AAC3B,QAAO,QAAQ,OAAO,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,IAAI,aAAa,QAAQ,SAAU,KAAa,QAAQ,EAAE;AAClH,OAAK,IAAI,KAAK;AACd,SAAQ,KAAa;;AAEvB,QAAO;;AAGT,SAAS,aAAa,GAAoB;AAExC,QAAO,UAAU,KAAK,EAAE;;AAW1B,SAAgB,gBACd,MACA,MACA,OAA+B,EAAE,EACN;AAC3B,KAAI,CAAC,SAAS,KAAK,CAAE,QAAO,KAAA;AAC5B,KAAI,CAAC,KAAM,QAAO;CAElB,MAAM,OAAO,KAAK,MAAM,IAAI;CAC5B,IAAI,OAAkC;AAEtC,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;AACpC,MAAI,CAAC,KAAM,QAAO,KAAA;AAClB,SAAO,OAAO,KAAK;EACnB,MAAM,MAAM,KAAK;AAKjB,UAFc,KAAa,MAE3B;GACE,KAAK,UAAU;IAEb,MAAM,UAAW,KAAa;AAC9B,QAAI,CAAC,QAAS,QAAO,KAAA;AACrB,WAAO,QAAQ;AACf;;GAGF,KAAK;AAGH,WADe,KAAa;AAE5B;GAGF,KAAK;AAEH,QAAI,CAAC,aAAa,IAAI,CAAE,QAAO,KAAA;AAE/B,WADc,KAAa;AAE3B;GAGF,KAAK,SAAS;AAEZ,QAAI,CAAC,aAAa,IAAI,CAAE,QAAO,KAAA;IAC/B,MAAM,MAAM,OAAO,IAAI;IACvB,MAAM,QAAS,KAAa;IAC5B,MAAM,OAAQ,KAAa;AAC3B,QAAI,CAAC,MAAO,QAAO,KAAA;AACnB,WAAO,MAAM,MAAM,SAAS,MAAM,OAAO;AACzC;;GAGF,KAAK,SAAS;IAEZ,MAAM,UAAW,KAAa;AAC9B,QAAI,CAAC,SAAS,OAAQ,QAAO,KAAA;IAK7B,MAAM,UAAU,aAAa,IAAI;IAEjC,IAAI;AAEJ,QAAI,QACF,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,YAAO,GAAG,SAAS,WAAW,GAAG,SAAS;MAC1C,IAAI,QAAQ,KAAK,gBAAgB;QAGrC,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,SAAI,GAAG,SAAS,UAAU;MACxB,MAAM,MAAM,EAAE;AACd,aAAO,CAAC,CAAC,OAAO,OAAO;;AAEzB,YAAO,GAAG,SAAS;MACnB,IAAI,QAAQ,KAAK,gBAAgB;AAGvC,WAAO;AAEP;AACA;;GAGF,KAAK,WAAW;IAEd,MAAM,UAAW,KAAa;AAC9B,QAAI,CAAC,SAAS,OAAQ,QAAO,KAAA;IAE7B,MAAM,UAAU,aAAa,IAAI;IACjC,IAAI;AACJ,QAAI,QACF,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,YAAO,GAAG,SAAS,WAAW,GAAG,SAAS;MAC1C,IAAI,QAAQ,KAAK,gBAAgB;QAErC,QACE,QAAQ,MAAM,MAAM;KAClB,MAAM,IAAI,OAAO,EAAE;AACnB,SAAI,GAAG,SAAS,UAAU;MACxB,MAAM,MAAM,EAAE;AACd,aAAO,CAAC,CAAC,OAAO,OAAO;;AAEzB,YAAO,GAAG,SAAS;MACnB,IAAI,QAAQ,KAAK,gBAAgB;AAEvC,WAAO;AACP;AACA;;GAGF,QAGE;;;AAKN,QAAO,OAAO,OAAO,KAAK,GAAG,KAAA;;;;;;;;;;;ACtJ/B,SAAgB,UAA4B,KAAQ,MAAc,OAAe;CAC/E,MAAM,OAAO,KAAK,MAAM,IAAI;CAC5B,IAAI,OAAY;AAEhB,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,SAAS,GAAG,KAAK;EACxC,MAAM,IAAI,KAAK;EACf,MAAM,OAAO,KAAK,IAAI;AAEtB,MAAI,OAAO,UAAU,OAAO,KAAK,CAAC,CAChC,MAAK,OAAO,EAAE;MAEd,MAAK,OAAO,EAAE;AAEhB,SAAO,KAAK;;AAGd,MAAK,KAAK,KAAK,SAAS,MAAM;AAC9B,QAAO;;;;;;;;AAST,SAAgB,UAA4B,KAAQ,MAAmB;AACrE,KAAI,CAAC,OAAO,OAAO,QAAQ,SAAU,QAAO,KAAA;CAC5C,MAAM,OAAO,KAAK,MAAM,IAAI;CAC5B,IAAI,OAAY;AAEhB,MAAK,MAAM,KAAK,MAAM;AACpB,MAAI,QAAQ,KAAM,QAAO,KAAA;AACzB,SAAO,KAAK;;AAGd,QAAO;;AAGT,MAAM,iBAAiB,MAA6C,SAAS,EAAE,IAAI,CAAC,MAAM,QAAQ,EAAE;;;;;;;;;;;;;;;;;;;;;AAsBpG,MAAa,YAAgD,GAAM,MAAyB;CAC1F,MAAM,MAA+B,EAAE;AAEvC,MAAK,MAAM,OAAO,OAAO,KAAK,EAAE,EAAoB;EAClD,MAAM,OAAQ,IAAY;EAC1B,MAAM,OAAQ,EAAU;AAExB,MAAI,EAAG,OAAgB,IAAY;AACjC,OAAI,OAAc;AAClB;;AAGF,MAAI,cAAc,KAAK,IAAI,cAAc,KAAK,EAAE;GAC9C,MAAM,SAAS,SAAS,MAAM,KAAK;AACnC,OAAI,OAAO,KAAK,OAAc,CAAC,OAAQ,KAAI,OAAc;AACzD;;AAGF,MAAI,CAAC,QAAQ,MAAM,KAAK,CAAE,KAAI,OAAc;;AAG9C,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;AA0BT,SAAgB,aAAoB,QAAW,OAAe;AAC5D,QAAO,SAAS,QAAmB,MAAiB;CAEpD,SAAS,SAAS,KAAc,IAAsB;AAEpD,MAAI,MAAM,QAAQ,GAAG,EAAE;AACrB,OAAI,CAAC,MAAM,QAAQ,IAAI,CAAE,QAAO,EAAE;AAClC,OAAI,GAAG,WAAW,EAAG,QAAO,EAAE;GAC9B,MAAM,YAAY,GAAG;AACrB,UAAO,IAAI,KAAK,MAAM,SAAS,GAAG,UAAU,CAAC;;AAI/C,MAAI,cAAc,GAAG,EAAE;GACrB,MAAM,MAA+B,EAAE;GACvC,MAAM,SAAS,cAAc,IAAI,GAAI,MAAkC,KAAA;AAEvE,QAAK,MAAM,OAAO,OAAO,KAAK,GAA8B,EAAE;IAC5D,MAAM,QAAS,GAA+B;IAC9C,MAAM,SAAS,SAAS,OAAO,OAAO,KAAA;AAEtC,QAAI,MAAM,QAAQ,MAAM,IAAI,cAAc,MAAM,CAC9C,KAAI,OAAO,SAAS,QAAQ,MAAM;QAGlC,KAAI,OAAO;;AAGf,UAAO;;AAIT,SAAO;;CAGT,SAAS,cAAc,GAA0C;AAC/D,MAAI,MAAM,QAAQ,OAAO,MAAM,SAAU,QAAO;EAChD,MAAM,QAAQ,OAAO,eAAe,EAAE;AACtC,SAAO,UAAU,OAAO,aAAa,UAAU;;;;;;;;ACpJnD,eAAsB,OAAO,UAAoC;AAC/D,KAAI;AACF,QAAM,MAAM,SAAS;AACrB,SAAO;SACD;AACN,SAAO;;;;;;;AAQX,eAAsB,iBAAiB,UAAkB,SAAmC;CAE1F,MAAM,YAAY,QAAQ,SAAS;AACnC,KAAI,CAAE,MAAM,OAAO,UAAU,CAC3B,OAAM,MAAM,WAAW,EAAE,WAAW,MAAM,CAAC;AAI7C,KAAI,MAAM,OAAO,SAAS;MAKpB,MAHuB,SAAS,UAAU,OAAO,KAGhC,QAEnB,QAAO;;AAKX,OAAM,UAAU,UAAU,SAAS,OAAO;AAC1C,SAAQ,IAAI,MAAM,MAAM,aAAa,EAAE,SAAS;AAChD,QAAO;;;;;AAMT,eAAsB,gBAAgB,UAAoD;AACxF,KAAI,CAAE,MAAM,OAAO,SAAS,CAAG,QAAO,KAAA;AACtC,QAAO,KAAK,MAAM,MAAM,SAAS,UAAU,EAAE,UAAU,SAAS,CAAC,CAAC;;;;AClDpE,MAAa,aAAa,QAAyC,SACjE,UAAU,QAAQ,OAAO,KAAK,EAAE,EAAE,gBAAgB,OAAO,CAAC"}

package/dist/worker.d.mts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { GenericSchema, GenericSchemaAsync, SafeParseResult } from "valibot";
-import * as _$cookie from "cookie";
+import * as _$cookie_es0 from "cookie-es";
 import { Result, ResultAsync } from "neverthrow";
 import * as _$_aws_sdk_client_cognito_identity_provider0 from "@aws-sdk/client-cognito-identity-provider";
 import { AdminGetUserCommandOutput, AttributeType, CognitoIdentityProviderClient } from "@aws-sdk/client-cognito-identity-provider";
@@ -299,7 +299,7 @@ declare function response_ok<Body extends {
 /**
  * Wraps cookies parse along with the api gateway event with neverthrow
  */
-declare function getCookies(event: APIGatewayProxyEventV2WithLambdaAuthorizer<any> | APIGatewayRequestAuthorizerEventV2): Result<_$cookie.Cookies, type_error_lambda_unauthorized>;
+declare function getCookies(event: APIGatewayProxyEventV2WithLambdaAuthorizer<any> | APIGatewayRequestAuthorizerEventV2): Result<_$cookie_es0.Cookies, type_error_lambda_unauthorized>;
 //#endregion
 //#region src/cognito/client.d.ts
 /**