npm - varlock - Versions diffs - 0.9.0 → 1.0.0 - Mend

varlock 0.9.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

package/dist/auto-load.js +3 -3
package/dist/{chunk-LRT2CHDN.js → chunk-2ABRAKHE.js} +4 -4
package/dist/{chunk-LRT2CHDN.js.map → chunk-2ABRAKHE.js.map} +1 -1
package/dist/chunk-2EEXFFKL.js +149 -0
package/dist/chunk-2EEXFFKL.js.map +1 -0
package/dist/{chunk-6CCHLM3U.js → chunk-2PFIYNFA.js} +3 -2
package/dist/chunk-2PFIYNFA.js.map +1 -0
package/dist/chunk-6DXWXIQV.js +1092 -0
package/dist/chunk-6DXWXIQV.js.map +1 -0
package/dist/{chunk-DGXO2UN7.js → chunk-6JKWTWLB.js} +80 -10
package/dist/chunk-6JKWTWLB.js.map +1 -0
package/dist/chunk-7WB7HK5Z.js +21 -0
package/dist/chunk-7WB7HK5Z.js.map +1 -0
package/dist/chunk-AMNNQL7K.js +26 -0
package/dist/chunk-AMNNQL7K.js.map +1 -0
package/dist/{chunk-P5H6JZZR.js → chunk-CKWXLVMV.js} +10 -9
package/dist/chunk-CKWXLVMV.js.map +1 -0
package/dist/{chunk-WLPAS4VQ.js → chunk-FTVXXJMG.js} +3 -3
package/dist/{chunk-WLPAS4VQ.js.map → chunk-FTVXXJMG.js.map} +1 -1
package/dist/{chunk-YBV5OJW6.js → chunk-GBCB7Y3B.js} +5 -4
package/dist/chunk-GBCB7Y3B.js.map +1 -0
package/dist/chunk-HDKXXS2X.js +1959 -0
package/dist/chunk-HDKXXS2X.js.map +1 -0
package/dist/chunk-JEZQ2DFL.js +198 -0
package/dist/chunk-JEZQ2DFL.js.map +1 -0
package/dist/{chunk-LAI7XVJU.js → chunk-LOIJO4MO.js} +4 -4
package/dist/{chunk-LAI7XVJU.js.map → chunk-LOIJO4MO.js.map} +1 -1
package/dist/{chunk-QYICMUCP.js → chunk-NJONB6CB.js} +5 -5
package/dist/{chunk-QYICMUCP.js.map → chunk-NJONB6CB.js.map} +1 -1
package/dist/{chunk-K5536FEN.js → chunk-QJ6NMN5H.js} +5 -5
package/dist/{chunk-K5536FEN.js.map → chunk-QJ6NMN5H.js.map} +1 -1
package/dist/{chunk-27CA3M4N.js → chunk-QNTIIXD5.js} +5 -5
package/dist/{chunk-27CA3M4N.js.map → chunk-QNTIIXD5.js.map} +1 -1
package/dist/{chunk-C4ITUXON.js → chunk-U7RQPX5K.js} +350 -1056
package/dist/chunk-U7RQPX5K.js.map +1 -0
package/dist/{chunk-Q2XA45LC.js → chunk-UKFHSMKY.js} +5 -5
package/dist/{chunk-Q2XA45LC.js.map → chunk-UKFHSMKY.js.map} +1 -1
package/dist/{chunk-N2E6DRSH.js → chunk-UUDTMOJS.js} +4 -4
package/dist/{chunk-N2E6DRSH.js.map → chunk-UUDTMOJS.js.map} +1 -1
package/dist/chunk-V2MTE4J6.js +426 -0
package/dist/chunk-V2MTE4J6.js.map +1 -0
package/dist/{chunk-ZZCDYV63.js → chunk-VODQDF4Q.js} +5 -5
package/dist/{chunk-ZZCDYV63.js.map → chunk-VODQDF4Q.js.map} +1 -1
package/dist/{chunk-2R7CWGVL.js → chunk-XADO6HQG.js} +7 -7
package/dist/{chunk-2R7CWGVL.js.map → chunk-XADO6HQG.js.map} +1 -1
package/dist/{chunk-GWQJHKYT.js → chunk-XTOUG72X.js} +5 -5
package/dist/{chunk-GWQJHKYT.js.map → chunk-XTOUG72X.js.map} +1 -1
package/dist/cli/cli-executable.js +48 -32
package/dist/cli/cli-executable.js.map +1 -1
package/dist/config-item-2FQ6I6PO.js +7 -0
package/dist/{config-item-5WIOGFHA.js.map → config-item-2FQ6I6PO.js.map} +1 -1
package/dist/dist-WGIHRGBZ.js +4 -0
package/dist/dist-WGIHRGBZ.js.map +1 -0
package/dist/dotenv-compat.js +3 -3
package/dist/encrypt.command-K2SBJVQ5.js +14 -0
package/dist/encrypt.command-K2SBJVQ5.js.map +1 -0
package/dist/{env-graph-DaF8Aebq.d.ts → env-graph-CXTsI2Eg.d.ts} +3 -0
package/dist/explain.command-E6MR72IY.js +15 -0
package/dist/{explain.command-NST64XIO.js.map → explain.command-E6MR72IY.js.map} +1 -1
package/dist/index.d.ts +2 -2
package/dist/index.js +11 -8
package/dist/index.js.map +1 -1
package/dist/init.command-TGDNXHJ7.js +13 -0
package/dist/{init.command-4Z3VRGOV.js.map → init.command-TGDNXHJ7.js.map} +1 -1
package/dist/install-plugin.command-Z2S5DIFS.js +13 -0
package/dist/{install-plugin.command-F244Y3RI.js.map → install-plugin.command-Z2S5DIFS.js.map} +1 -1
package/dist/load.command-K2IH3646.js +15 -0
package/dist/{load.command-JTUAYW2W.js.map → load.command-K2IH3646.js.map} +1 -1
package/dist/lock.command-GL4CLXED.js +7 -0
package/dist/lock.command-GL4CLXED.js.map +1 -0
package/dist/plugin-lib.d.ts +2 -2
package/dist/plugin-lib.js +2 -2
package/dist/printenv.command-34LGQT6W.js +15 -0
package/dist/{printenv.command-NAHG4T76.js.map → printenv.command-34LGQT6W.js.map} +1 -1
package/dist/reveal.command-WOHYRSYO.js +15 -0
package/dist/reveal.command-WOHYRSYO.js.map +1 -0
package/dist/run.command-PPC2X2N7.js +16 -0
package/dist/{run.command-2IUKOZHD.js.map → run.command-PPC2X2N7.js.map} +1 -1
package/dist/runtime/env.d.ts +1 -1
package/dist/scan.command-4DJBQEML.js +16 -0
package/dist/{scan.command-BEPDT3YQ.js.map → scan.command-4DJBQEML.js.map} +1 -1
package/dist/telemetry.command-LIOCXWQK.js +13 -0
package/dist/{telemetry.command-E6GIZKTJ.js.map → telemetry.command-LIOCXWQK.js.map} +1 -1
package/dist/typegen.command-COL35ALE.js +15 -0
package/dist/{typegen.command-JGJUSFGG.js.map → typegen.command-COL35ALE.js.map} +1 -1
package/native-bins/darwin/VarlockEnclave.app/Contents/CodeResources +0 -0
package/native-bins/darwin/VarlockEnclave.app/Contents/Info.plist +28 -0
package/native-bins/darwin/VarlockEnclave.app/Contents/MacOS/varlock-local-encrypt +0 -0
package/native-bins/darwin/VarlockEnclave.app/Contents/Resources/AppIcon.icns +0 -0
package/native-bins/darwin/VarlockEnclave.app/Contents/Resources/varlock-menu-locked.pdf +0 -0
package/native-bins/darwin/VarlockEnclave.app/Contents/Resources/varlock-menu-unlocked.pdf +0 -0
package/native-bins/darwin/VarlockEnclave.app/Contents/_CodeSignature/CodeResources +150 -0
package/native-bins/linux-arm64/varlock-local-encrypt +0 -0
package/native-bins/linux-x64/varlock-local-encrypt +0 -0
package/native-bins/win32-x64/varlock-local-encrypt.exe +0 -0
package/package.json +9 -2
package/dist/chunk-6CCHLM3U.js.map +0 -1
package/dist/chunk-C4ITUXON.js.map +0 -1
package/dist/chunk-DGXO2UN7.js.map +0 -1
package/dist/chunk-P5H6JZZR.js.map +0 -1
package/dist/chunk-S5EU3LTR.js +0 -83
package/dist/chunk-S5EU3LTR.js.map +0 -1
package/dist/chunk-YBV5OJW6.js.map +0 -1
package/dist/config-item-5WIOGFHA.js +0 -5
package/dist/explain.command-NST64XIO.js +0 -12
package/dist/init.command-4Z3VRGOV.js +0 -11
package/dist/install-plugin.command-F244Y3RI.js +0 -11
package/dist/load.command-JTUAYW2W.js +0 -12
package/dist/printenv.command-NAHG4T76.js +0 -12
package/dist/run.command-2IUKOZHD.js +0 -13
package/dist/scan.command-BEPDT3YQ.js +0 -13
package/dist/telemetry.command-E6GIZKTJ.js +0 -11
package/dist/typegen.command-JGJUSFGG.js +0 -12

package/dist/chunk-6DXWXIQV.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/lib/local-encrypt/wsl-detect.ts","../src/lib/local-encrypt/binary-resolver.ts","../src/lib/local-encrypt/daemon-client.ts","../src/lib/local-encrypt/crypto.ts","../src/lib/local-encrypt/file-backend.ts","../src/lib/local-encrypt/index.ts"],"names":["fs","__dirname","debug","path","DEFAULT_KEY_ID","keyExists","generateKey","encryptValue","result","decryptValue"],"mappings":";;;;;;;;;AASA,IAAI,MAAA;AAGG,SAAS,KAAA,GAAiB;AAC/B,EAAA,IAAI,MAAA,KAAW,QAAW,OAAO,MAAA;AAGjC,EAAA,IAAI,OAAA,CAAQ,IAAI,eAAA,EAAiB;AAC/B,IAAA,MAAA,GAAS,IAAA;AACT,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAUA,GAAA,CAAG,YAAA,CAAa,eAAA,EAAiB,OAAO,CAAA;AACxD,IAAA,MAAA,GAAS,gBAAA,CAAiB,KAAK,OAAO,CAAA;AAAA,EACxC,CAAA,CAAA,MAAQ;AACN,IAAA,MAAA,GAAS,KAAA;AAAA,EACX;AAEA,EAAA,OAAO,MAAA;AACT;AAlBgB,MAAA,CAAA,KAAA,EAAA,OAAA,CAAA;;;ACKhB,IAAMC,cAAY,IAAA,CAAK,OAAA,CAAQ,aAAA,CAAc,MAAA,CAAA,IAAA,CAAY,GAAG,CAAC,CAAA;AAG7D,SAAS,MAAM,GAAA,EAAa;AAC1B,EAAA,IAAI,OAAA,CAAQ,IAAI,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,MAAA,CAAO,KAAA,CAAM,CAAA,0BAAA,EAA6B,GAAG;AAAA,CAAI,CAAA;AAAA,EAC3D;AACF;AAJS,MAAA,CAAA,KAAA,EAAA,OAAA,CAAA;AAMT,IAAM,WAAA,GAAc,uBAAA;AACpB,IAAM,gBAAA,GAAmB,oBAAA;AAMzB,SAAS,kBAAA,GAA6B;AACpC,EAAA,IAAI,GAAA,GAAMA,WAAA;AACV,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,EAAA,EAAI,CAAA,EAAA,EAAK;AAC3B,IAAA,MAAM,WAAA,GAAc,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,cAAc,CAAA;AACjD,IAAA,IAAID,GAAAA,CAAG,UAAA,CAAW,WAAW,CAAA,EAAG;AAC9B,MAAA,IAAI;AACF,QAAA,MAAM,UAAU,IAAA,CAAK,KAAA,CAAMA,IAAG,YAAA,CAAa,WAAA,EAAa,OAAO,CAAC,CAAA;AAChE,QAAA,IAAI,OAAA,CAAQ,IAAA,KAAS,SAAA,EAAW,OAAO,GAAA;AAAA,MACzC,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AACA,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,OAAA,CAAQ,GAAG,CAAA;AAC/B,IAAA,IAAI,WAAW,GAAA,EAAK;AACpB,IAAA,GAAA,GAAM,MAAA;AAAA,EACR;AAGA,EAAA,OAAO,IAAA,CAAK,OAAA,CAAQC,WAAA,EAAW,IAAA,EAAM,MAAM,IAAI,CAAA;AACjD;AAnBS,MAAA,CAAA,kBAAA,EAAA,oBAAA,CAAA;AAsBT,SAAS,qBAAA,GAAgC;AACvC,EAAA,IAAI,QAAQ,QAAA,KAAa,OAAA,IAAW,OAAM,EAAG,OAAO,GAAG,WAAW,CAAA,IAAA,CAAA;AAClE,EAAA,OAAO,WAAA;AACT;AAHS,MAAA,CAAA,qBAAA,EAAA,uBAAA,CAAA;AAMT,SAAS,kBAAA,GAA6B;AACpC,EAAA,IAAI,OAAA,CAAQ,QAAA,KAAa,QAAA,EAAU,OAAO,QAAA;AAC1C,EAAA,IAAI,QAAQ,QAAA,KAAa,OAAA,EAAS,OAAO,CAAA,MAAA,EAAS,QAAQ,IAAI,CAAA,CAAA;AAE9D,EAAA,IAAI,KAAA,IAAS,OAAO,WAAA;AACpB,EAAA,OAAO,CAAA,EAAG,OAAA,CAAQ,QAAQ,CAAA,CAAA,EAAI,QAAQ,IAAI,CAAA,CAAA;AAC5C;AANS,MAAA,CAAA,kBAAA,EAAA,oBAAA,CAAA;AAWT,SAAS,mBAAmB,GAAA,EAAiC;AAE3D,EAAA,MAAM,gBAAgB,IAAA,CAAK,IAAA,CAAK,KAAK,gBAAA,EAAkB,UAAA,EAAY,SAAS,WAAW,CAAA;AACvF,EAAA,IAAID,GAAAA,CAAG,UAAA,CAAW,aAAa,CAAA,EAAG,OAAO,aAAA;AAGzC,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,WAAW,CAAA;AAC3C,EAAA,IAAIA,GAAAA,CAAG,UAAA,CAAW,QAAQ,CAAA,EAAG,OAAO,QAAA;AAEpC,EAAA,OAAO,MAAA;AACT;AAVS,MAAA,CAAA,kBAAA,EAAA,oBAAA,CAAA;AAeT,SAAS,sBAAsB,GAAA,EAAiC;AAC9D,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,uBAAuB,CAAA;AACzD,EAAA,IAAIA,GAAAA,CAAG,UAAA,CAAW,UAAU,CAAA,EAAG,OAAO,UAAA;AACtC,EAAA,OAAO,MAAA;AACT;AAJS,MAAA,CAAA,qBAAA,EAAA,uBAAA,CAAA;AAST,SAAS,qBAAqB,GAAA,EAAiC;AAC7D,EAAA,IAAI,OAAA,CAAQ,QAAA,KAAa,QAAA,EAAU,OAAO,mBAAmB,GAAG,CAAA;AAChE,EAAA,OAAO,sBAAsB,GAAG,CAAA;AAClC;AAHS,MAAA,CAAA,oBAAA,EAAA,sBAAA,CAAA;AAUT,SAAS,iBAAA,GAAwC;AAC/C,EAAA,MAAM,UAAU,IAAA,CAAK,OAAA,CAAQA,IAAG,YAAA,CAAa,OAAA,CAAQ,QAAQ,CAAC,CAAA;AAG9D,EAAA,MAAM,OAAA,GAAU,qBAAqB,OAAO,CAAA;AAC5C,EAAA,IAAI,SAAS,OAAO,OAAA;AAGpB,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,IAAA,CAAK,OAAA,EAAS,MAAM,SAAS,CAAA;AACrD,EAAA,OAAO,qBAAqB,UAAU,CAAA;AACxC;AAVS,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AAgBT,SAAS,iBAAA,GAAwC;AAC/C,EAAA,MAAM,cAAc,kBAAA,EAAmB;AACvC,EAAA,MAAM,gBAAgB,IAAA,CAAK,IAAA,CAAK,WAAA,EAAa,aAAA,EAAe,oBAAoB,CAAA;AAChF,EAAA,IAAIA,IAAG,UAAA,CAAW,aAAa,CAAA,EAAG,OAAO,qBAAqB,aAAa,CAAA;AAG3E,EAAA,MAAM,qBAAA,GAAwB,KAAK,IAAA,CAAK,IAAA,CAAK,QAAQ,WAAW,CAAA,EAAG,aAAA,EAAe,kBAAA,EAAoB,CAAA;AACtG,EAAA,IAAIA,IAAG,UAAA,CAAW,qBAAqB,CAAA,EAAG,OAAO,qBAAqB,qBAAqB,CAAA;AAE3F,EAAA,OAAO,MAAA;AACT;AAVS,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AAgBT,SAAS,kBAAA,GAAyC;AAChD,EAAA,IAAI,GAAA,GAAMC,WAAA;AACV,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,EAAA,EAAI,CAAA,EAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,OAAA,CAAQ,GAAG,CAAA;AAC/B,IAAA,IAAI,WAAW,GAAA,EAAK;AACpB,IAAA,GAAA,GAAM,MAAA;AAGN,IAAA,IAAI,OAAA,CAAQ,aAAa,QAAA,EAAU;AACjC,MAAA,MAAM,UAAA,GAAa,KAAK,IAAA,CAAK,GAAA,EAAK,YAAY,yBAAA,EAA2B,OAAA,EAAS,QAAA,EAAU,SAAA,EAAW,gBAAgB,CAAA;AACvH,MAAA,IAAID,GAAAA,CAAG,UAAA,CAAW,UAAU,CAAA,EAAG,OAAO,UAAA;AAAA,IACxC;AAGA,IAAA,MAAM,SAAA,GAAY,KAAK,IAAA,CAAK,GAAA,EAAK,YAAY,wBAAA,EAA0B,QAAA,EAAU,SAAA,EAAW,qBAAA,EAAuB,CAAA;AACnH,IAAA,IAAIA,GAAAA,CAAG,UAAA,CAAW,SAAS,CAAA,EAAG,OAAO,SAAA;AAAA,EACvC;AAEA,EAAA,OAAO,MAAA;AACT;AAnBS,MAAA,CAAA,kBAAA,EAAA,oBAAA,CAAA;AA0BT,SAAS,iBAAiB,UAAA,EAA4B;AACpD,EAAA,IAAI;AACF,IAAAA,GAAAA,CAAG,UAAA,CAAW,UAAA,EAAYA,GAAAA,CAAG,UAAU,IAAI,CAAA;AAAA,EAC7C,CAAA,CAAA,MAAQ;AAEN,IAAA,IAAI,OAAA,CAAQ,aAAa,OAAA,EAAS;AAChC,MAAAA,GAAAA,CAAG,SAAA,CAAU,UAAA,EAAY,GAAK,CAAA;AAAA,IAChC;AAAA,EACF;AACA,EAAA,OAAO,UAAA;AACT;AAVS,MAAA,CAAA,gBAAA,EAAA,kBAAA,CAAA;AAgBT,IAAI,iBAAA,GAA+C,IAAA;AAE5C,SAAS,mBAAA,GAA0C;AACxD,EAAA,IAAI,iBAAA,KAAsB,MAAM,OAAO,iBAAA;AAEvC,EAAA,IAAI,OAAA,CAAQ,IAAI,uCAAA,EAAyC;AACvD,IAAA,KAAA,CAAM,yFAAoF,CAAA;AAC1F,IAAA,iBAAA,GAAoB,MAAA;AACpB,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,KAAA,CAAM,CAAA,oBAAA,EAAuB,OAAA,CAAQ,QAAQ,CAAA,QAAA,EAAW,KAAA,EAAO,CAAA,aAAA,EAAgB,qBAAA,EAAuB,CAAA,SAAA,EAAY,kBAAA,EAAoB,CAAA,CAAE,CAAA;AAExI,EAAA,MAAM,aAAa,iBAAA,EAAkB;AACrC,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,KAAA,CAAM,CAAA,0BAAA,EAA6B,UAAU,CAAA,CAAE,CAAA;AAC/C,IAAA,iBAAA,GAAoB,iBAAiB,UAAU,CAAA;AAC/C,IAAA,OAAO,iBAAA;AAAA,EACT;AAEA,EAAA,MAAM,aAAa,iBAAA,EAAkB;AACrC,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,KAAA,CAAM,CAAA,0BAAA,EAA6B,UAAU,CAAA,CAAE,CAAA;AAC/C,IAAA,iBAAA,GAAoB,iBAAiB,UAAU,CAAA;AAC/C,IAAA,OAAO,iBAAA;AAAA,EACT;AAEA,EAAA,MAAM,cAAc,kBAAA,EAAmB;AACvC,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,KAAA,CAAM,CAAA,2BAAA,EAA8B,WAAW,CAAA,CAAE,CAAA;AACjD,IAAA,iBAAA,GAAoB,iBAAiB,WAAW,CAAA;AAChD,IAAA,OAAO,iBAAA;AAAA,EACT;AAEA,EAAA,KAAA,CAAM,iDAAiD,CAAA;AACvD,EAAA,KAAA,CAAM,sBAAsB,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,CAAC,CAAA,CAAE,CAAA;AAC5D,EAAA,MAAM,cAAc,kBAAA,EAAmB;AACvC,EAAA,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,IAAA,CAAK,WAAA,EAAa,eAAe,kBAAA,EAAoB,CAAC,CAAA,CAAE,CAAA;AACzF,EAAA,iBAAA,GAAoB,MAAA;AACpB,EAAA,OAAO,MAAA;AACT;AAtCgB,MAAA,CAAA,mBAAA,EAAA,qBAAA,CAAA;AChKhB,SAASE,OAAM,GAAA,EAAa;AAC1B,EAAA,IAAI,OAAA,CAAQ,IAAI,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,MAAA,CAAO,KAAA,CAAM,CAAA,wBAAA,EAA2B,GAAG;AAAA,CAAI,CAAA;AAAA,EACzD;AACF;AAJS,MAAA,CAAAA,MAAAA,EAAA,OAAA,CAAA;AAMT,SAAS,YAAA,GAAuB;AAC9B,EAAA,OAAOC,IAAAA,CAAK,IAAA,CAAK,iBAAA,EAAkB,EAAG,eAAe,CAAA;AACvD;AAFS,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;AAIT,SAAS,aAAA,GAAwB;AAC/B,EAAA,IAAI,OAAA,CAAQ,aAAa,OAAA,EAAS;AAEhC,IAAA,OAAO,oCAAA;AAAA,EACT;AACA,EAAA,OAAOA,IAAAA,CAAK,IAAA,CAAK,YAAA,EAAa,EAAG,aAAa,CAAA;AAChD;AANS,MAAA,CAAA,aAAA,EAAA,eAAA,CAAA;AAQT,SAAS,UAAA,GAAqB;AAC5B,EAAA,OAAOA,IAAAA,CAAK,IAAA,CAAK,YAAA,EAAa,EAAG,YAAY,CAAA;AAC/C;AAFS,MAAA,CAAA,UAAA,EAAA,YAAA,CAAA;AAIT,SAAS,iBAAA,GAA4B;AACnC,EAAA,OAAOA,IAAAA,CAAK,IAAA,CAAK,YAAA,EAAa,EAAG,aAAa,CAAA;AAChD;AAFS,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AAYT,SAAS,sBAAA,GAA6C;AACpD,EAAA,MAAM,WAAW,iBAAA,EAAkB;AACnC,EAAA,MAAM,UAAU,UAAA,EAAW;AAE3B,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI;AACF,IAAA,IAAA,GAAO,KAAK,KAAA,CAAMH,GAAAA,CAAG,YAAA,CAAa,QAAA,EAAU,OAAO,CAAC,CAAA;AAAA,EACtD,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,MAAM,oBAAoB,mBAAA,EAAoB;AAC9C,EAAA,IAAI,CAAC,mBAAmB,OAAO,MAAA;AAE/B,EAAA,IAAI,IAAA,EAAM;AAER,IAAA,IAAI,iBAAA,KAAsB,KAAK,UAAA,EAAY;AACzC,MAAAE,OAAM,CAAA,4BAAA,EAA+B,IAAA,CAAK,UAAU,CAAA,QAAA,EAAM,iBAAiB,CAAA,CAAE,CAAA;AAAA,IAC/E,CAAA,MAAO;AAEL,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,GAAOF,GAAAA,CAAG,QAAA,CAAS,iBAAiB,CAAA;AAC1C,QAAA,IAAI,IAAA,CAAK,OAAA,KAAY,IAAA,CAAK,aAAA,EAAe;AACvC,UAAAE,OAAM,mDAA8C,CAAA;AACpD,UAAA,OAAO,KAAA,CAAA;AAAA,QACT;AACA,QAAAA,OAAM,CAAA,6BAAA,EAAgC,IAAA,CAAK,aAAa,CAAA,QAAA,EAAM,IAAA,CAAK,OAAO,CAAA,CAAE,CAAA;AAAA,MAC9E,CAAA,CAAA,MAAQ;AACN,QAAA,OAAO,MAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AACL,IAAAA,OAAM,6DAAwD,CAAA;AAAA,EAChE;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,SAASF,GAAAA,CAAG,YAAA,CAAa,SAAS,OAAO,CAAA,CAAE,IAAA,EAAK,EAAG,EAAE,CAAA;AACjE,IAAA,OAAA,CAAQ,IAAA,CAAK,KAAK,CAAC,CAAA;AACnB,IAAA,OAAO,GAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,MAAA;AAAA,EACT;AACF;AA3CS,MAAA,CAAA,sBAAA,EAAA,wBAAA,CAAA;AA8CT,SAAS,gBAAgB,UAAA,EAA0B;AACjD,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAOA,GAAAA,CAAG,QAAA,CAAS,UAAU,CAAA;AACnC,IAAAA,GAAAA,CAAG,aAAA,CAAc,iBAAA,EAAkB,EAAG,KAAK,SAAA,CAAU;AAAA,MACnD,UAAA;AAAA,MACA,eAAe,IAAA,CAAK;AAAA,KACrB,CAAC,CAAA;AAAA,EACJ,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAVS,MAAA,CAAA,eAAA,EAAA,iBAAA,CAAA;AAYF,IAAM,eAAN,MAAmB;AAAA,EAlH1B;AAkH0B,IAAA,MAAA,CAAA,IAAA,EAAA,cAAA,CAAA;AAAA;AAAA,EAChB,MAAA,GAA4B,IAAA;AAAA,EAC5B,YAAA,uBAAmB,GAAA,EAGxB;AAAA,EACK,WAAA,GAAc,KAAA;AAAA,EACd,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA;AAAA,EACvB,iBAAA,GAA0C,IAAA;AAAA;AAAA,EAE1C,oBAAA,GAAuB,KAAA;AAAA,EAE/B,MAAM,eAAA,GAAiC;AACrC,IAAA,IAAI,IAAA,CAAK,WAAA,IAAe,IAAA,CAAK,MAAA,EAAQ;AAIrC,IAAA,IAAI,IAAA,CAAK,iBAAA,EAAmB,OAAO,IAAA,CAAK,iBAAA;AAExC,IAAA,IAAA,CAAK,iBAAA,GAAoB,KAAK,SAAA,EAAU;AACxC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,CAAK,iBAAA;AAAA,IACb,CAAA,SAAE;AACA,MAAA,IAAA,CAAK,iBAAA,GAAoB,IAAA;AAAA,IAC3B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,UAAA,GAA+B;AACnC,IAAA,IAAI,IAAA,CAAK,WAAA,IAAe,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAC5C,IAAA,MAAM,aAAa,aAAA,EAAc;AACjC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,CAAK,gBAAgB,UAAU,CAAA;AACrC,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,SAAA,GAA2B;AACvC,IAAA,MAAM,aAAa,aAAA,EAAc;AAGjC,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,oBAAA,GAAuB,MAAA,GAAY,sBAAA,EAAuB;AAChF,IAAA,IAAI,QAAA,EAAU;AACZ,MAAAE,MAAAA,CAAM,CAAA,0BAAA,EAA6B,QAAQ,CAAA,gCAAA,CAA6B,CAAA;AACxE,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,IAAA,CAAK,UAAU,SAAS,CAAA;AAAA,MAClC,CAAA,CAAA,MAAQ;AAAA,MAER;AAEA,MAAA,KAAA,MAAW,QAAQ,CAAC,UAAA,EAAW,EAAG,iBAAA,EAAmB,CAAA,EAAG;AACtD,QAAA,IAAI;AACF,UAAAF,GAAAA,CAAG,WAAW,IAAI,CAAA;AAAA,QACpB,CAAA,CAAA,MAAQ;AAAA,QAAe;AAAA,MACzB;AACA,MAAA,IAAI,OAAA,CAAQ,aAAa,OAAA,EAAS;AAChC,QAAA,IAAI;AACF,UAAAA,GAAAA,CAAG,WAAW,UAAU,CAAA;AAAA,QAC1B,CAAA,CAAA,MAAQ;AAAA,QAAe;AAAA,MACzB;AAAA,IACF,CAAA,MAAO;AACL,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,CAAK,gBAAgB,UAAU,CAAA;AACrC,QAAA;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB,CAAA,CAAA,MAAQ;AAGN,MAAA,MAAM,IAAI,OAAA,CAAc,CAAC,CAAA,KAAM;AAC7B,QAAA,UAAA,CAAW,GAAG,GAAI,CAAA;AAAA,MACpB,CAAC,CAAA;AAAA,IACH;AACA,IAAA,MAAM,IAAA,CAAK,gBAAgB,UAAU,CAAA;AAAA,EACvC;AAAA,EAEA,MAAM,OAAA,CAAQ,UAAA,EAAoB,KAAA,GAAQ,iBAAA,EAAoC;AAC5E,IAAA,MAAM,KAAK,eAAA,EAAgB;AAC3B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,WAAA,CAAY;AAAA,MACpC,MAAA,EAAQ,SAAA;AAAA,MACR,OAAA,EAAS,EAAE,UAAA,EAAY,KAAA;AAAM,KAC9B,CAAA;AACD,IAAA,IAAI,OAAO,MAAA,KAAW,QAAA,EAAU,OAAO,MAAA;AACvC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,WAAW,MAAA,EAAQ;AAC7D,MAAA,MAAM,IAAI,KAAA,CAAM,MAAA,CAAO,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,IACtC;AACA,IAAA,OAAO,OAAO,MAAM,CAAA;AAAA,EACtB;AAAA,EAEA,MAAM,aAAa,IAAA,EAIa;AAC9B,IAAA,MAAM,KAAK,eAAA,EAAgB;AAC3B,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,WAAA,CAAY;AAAA,QACpC,MAAA,EAAQ,eAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,SAAS,IAAA,EAAM,OAAA;AAAA,UACf,SAAS,IAAA,EAAM,OAAA;AAAA,UACf,OAAO,IAAA,EAAM;AAAA;AACf,OACD,CAAA;AACD,MAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,gBAAgB,MAAA,EAAQ;AAClE,QAAA,OAAO,MAAA,CAAO,UAAA;AAAA,MAChB;AACA,MAAA,OAAO,KAAA,CAAA;AAAA,IACT,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,GAAA,YAAe,KAAA,IAAS,GAAA,CAAI,OAAA,KAAY,aAAa,OAAO,MAAA;AAChE,MAAA,MAAM,GAAA;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,iBAAA,GAAmC;AACvC,IAAA,MAAM,KAAK,eAAA,EAAgB;AAC3B,IAAA,MAAM,IAAA,CAAK,WAAA,CAAY,EAAE,MAAA,EAAQ,sBAAsB,CAAA;AAAA,EACzD;AAAA,EAEA,MAAM,YAAY,IAAA,EAAkG;AAClH,IAAA,MAAM,KAAK,eAAA,EAAgB;AAC3B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,WAAA,CAAY;AAAA,MACpC,MAAA,EAAQ,cAAA;AAAA,MACR,OAAA,EAAS;AAAA,KACV,CAAA;AACD,IAAA,IAAI,OAAO,MAAA,KAAW,QAAA,EAAU,OAAO,MAAA;AACvC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,WAAW,MAAA,EAAQ;AAC7D,MAAA,MAAM,IAAI,KAAA,CAAM,MAAA,CAAO,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,IACtC;AACA,IAAA,OAAO,OAAO,MAAM,CAAA;AAAA,EACtB;AAAA,EAEA,MAAM,eAAe,IAAA,EAAgF;AACnG,IAAA,MAAM,KAAK,eAAA,EAAgB;AAC3B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,WAAA,CAAY;AAAA,MACpC,MAAA,EAAQ,iBAAA;AAAA,MACR,OAAA,EAAS,QAAQ;AAAC,KACnB,CAAA;AACD,IAAA,OAAQ,UAAU,EAAC;AAAA,EACrB;AAAA,EAEA,MAAM,aAAa,IAAA,EAAmE;AACpF,IAAA,MAAM,KAAK,eAAA,EAAgB;AAC3B,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,WAAA,CAAY;AAAA,QACpC,MAAA,EAAQ,eAAA;AAAA,QACR,OAAA,EAAS,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA;AAAQ,OACnC,CAAA;AACD,MAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,aAAa,MAAA,EAAQ;AAC/D,QAAA,OAAO,MAAA;AAAA,MACT;AACA,MAAA,OAAO,KAAA,CAAA;AAAA,IACT,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,GAAA,YAAe,KAAA,IAAS,GAAA,CAAI,OAAA,KAAY,aAAa,OAAO,MAAA;AAChE,MAAA,MAAM,GAAA;AAAA,IACR;AAAA,EACF;AAAA,EAEA,OAAA,GAAgB;AACd,IAAA,KAAA,MAAW,EAAE,MAAA,EAAO,IAAK,IAAA,CAAK,YAAA,CAAa,QAAO,EAAG;AACnD,MAAA,MAAA,CAAO,IAAI,KAAA,CAAM,mBAAmB,CAAC,CAAA;AAAA,IACvC;AACA,IAAA,IAAA,CAAK,aAAa,KAAA,EAAM;AACxB,IAAA,IAAA,CAAK,QAAQ,GAAA,EAAI;AACjB,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,IAAA,CAAK,WAAA,GAAc,KAAA;AACnB,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA;AAAA,EAC9B;AAAA;AAAA,EAIQ,gBAAgB,UAAA,EAAmC;AACzD,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAA,KAAW;AACtC,MAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,MAAA,EAAO;AAC9B,MAAA,MAAM,OAAA,GAAU,WAAW,MAAM;AAC/B,QAAA,MAAA,CAAO,OAAA,EAAQ;AACf,QAAA,MAAA,CAAO,IAAI,KAAA,CAAM,oBAAoB,CAAC,CAAA;AAAA,MACxC,GAAG,GAAI,CAAA;AAEP,MAAA,MAAA,CAAO,EAAA,CAAG,WAAW,MAAM;AACzB,QAAA,YAAA,CAAa,OAAO,CAAA;AACpB,QAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AACd,QAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AACnB,QAAA,IAAA,CAAK,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA;AAC5B,QAAA,OAAA,EAAQ;AAAA,MACV,CAAC,CAAA;AAED,MAAA,MAAA,CAAO,EAAA,CAAG,MAAA,EAAQ,CAAC,IAAA,KAAiB;AAClC,QAAA,IAAA,CAAK,WAAW,IAAI,CAAA;AAAA,MACtB,CAAC,CAAA;AAED,MAAA,MAAA,CAAO,EAAA,CAAG,OAAA,EAAS,CAAC,GAAA,KAAQ;AAC1B,QAAA,YAAA,CAAa,OAAO,CAAA;AACpB,QAAA,IAAA,CAAK,WAAA,GAAc,KAAA;AACnB,QAAA,MAAA,CAAO,GAAG,CAAA;AAAA,MACZ,CAAC,CAAA;AAED,MAAA,MAAA,CAAO,EAAA,CAAG,SAAS,MAAM;AACvB,QAAA,IAAA,CAAK,WAAA,GAAc,KAAA;AACnB,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AAAA,MAChB,CAAC,CAAA;AAED,MAAA,MAAA,CAAO,QAAQ,UAAU,CAAA;AAAA,IAC3B,CAAC,CAAA;AAAA,EACH;AAAA,EAEQ,WAAW,IAAA,EAAoB;AACrC,IAAA,IAAA,CAAK,SAAS,MAAA,CAAO,MAAA,CAAO,CAAC,IAAA,CAAK,MAAA,EAAQ,IAAI,CAAC,CAAA;AAE/C,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,MAAA,IAAU,CAAA,EAAG;AAC9B,MAAA,MAAM,aAAA,GAAgB,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,CAAC,CAAA;AAChD,MAAA,IAAI,IAAA,CAAK,MAAA,CAAO,MAAA,GAAS,CAAA,GAAI,aAAA,EAAe;AAE5C,MAAA,MAAM,cAAc,IAAA,CAAK,MAAA,CAAO,QAAA,CAAS,CAAA,EAAG,IAAI,aAAa,CAAA;AAC7D,MAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,QAAA,CAAS,IAAI,aAAa,CAAA;AAEpD,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,KAAA,CAAM,WAAA,CAAY,UAAU,CAAA;AACjD,QAAA,IAAI,QAAQ,EAAA,IAAM,IAAA,CAAK,aAAa,GAAA,CAAI,OAAA,CAAQ,EAAE,CAAA,EAAG;AACnD,UAAA,MAAM,EAAE,OAAA,EAAS,GAAA,EAAK,MAAA,EAAQ,GAAA,KAAQ,IAAA,CAAK,YAAA,CAAa,GAAA,CAAI,OAAA,CAAQ,EAAE,CAAA;AACtE,UAAA,IAAA,CAAK,YAAA,CAAa,MAAA,CAAO,OAAA,CAAQ,EAAE,CAAA;AACnC,UAAA,IAAI,QAAQ,KAAA,EAAO;AACjB,YAAA,GAAA,CAAI,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAC,CAAA;AAAA,UAC9B,CAAA,MAAO;AACL,YAAA,GAAA,CAAI,QAAQ,MAAM,CAAA;AAAA,UACpB;AAAA,QACF;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,YAAY,OAAA,EAA4C;AAC9D,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAA,KAAW;AACtC,MAAA,IAAI,CAAC,IAAA,CAAK,WAAA,IAAe,CAAC,KAAK,MAAA,EAAQ;AACrC,QAAA,MAAA,CAAO,IAAI,KAAA,CAAM,yBAAyB,CAAC,CAAA;AAC3C,QAAA;AAAA,MACF;AAEA,MAAA,MAAM,SAAA,GAAY,CAAA,EAAG,IAAA,CAAK,GAAA,GAAM,QAAA,CAAS,EAAE,CAAC,CAAA,CAAA,EAAI,OAAO,WAAA,CAAY,CAAC,CAAA,CAAE,QAAA,CAAS,KAAK,CAAC,CAAA,CAAA;AACrF,MAAA,MAAM,aAAA,GAAgB,EAAE,GAAG,OAAA,EAAS,IAAI,SAAA,EAAU;AAClD,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,SAAA,CAAU,aAAa,CAAA;AAC7C,MAAA,MAAM,YAAA,GAAe,MAAA,CAAO,IAAA,CAAK,QAAA,EAAU,OAAO,CAAA;AAElD,MAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA;AAChC,MAAA,SAAA,CAAU,aAAA,CAAc,YAAA,CAAa,MAAA,EAAQ,CAAC,CAAA;AAE9C,MAAA,IAAA,CAAK,aAAa,GAAA,CAAI,SAAA,EAAW,EAAE,OAAA,EAAS,QAAQ,CAAA;AACpD,MAAA,IAAA,CAAK,MAAA,CAAO,MAAM,MAAA,CAAO,MAAA,CAAO,CAAC,SAAA,EAAW,YAAY,CAAC,CAAC,CAAA;AAAA,IAC5D,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,MAAc,WAAA,GAA6B;AACzC,IAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,MAAM,IAAI,MAAM,+DAA0D,CAAA;AAAA,IAC5E;AAEA,IAAA,MAAM,aAAa,aAAA,EAAc;AACjC,IAAA,MAAM,UAAU,UAAA,EAAW;AAC3B,IAAA,MAAM,SAAA,GAAY,QAAQ,QAAA,KAAa,OAAA;AAGvC,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAAA,GAAAA,CAAG,UAAUG,IAAAA,CAAK,OAAA,CAAQ,UAAU,CAAA,EAAG,EAAE,SAAA,EAAW,IAAA,EAAM,CAAA;AAAA,IAC5D;AACA,IAAAH,GAAAA,CAAG,UAAUG,IAAAA,CAAK,OAAA,CAAQ,OAAO,CAAA,EAAG,EAAE,SAAA,EAAW,IAAA,EAAM,CAAA;AAGvD,IAAA,IAAIH,GAAAA,CAAG,UAAA,CAAW,OAAO,CAAA,EAAG;AAC1B,MAAA,IAAI;AACF,QAAA,MAAM,GAAA,GAAM,SAASA,GAAAA,CAAG,YAAA,CAAa,SAAS,OAAO,CAAA,CAAE,IAAA,EAAK,EAAG,EAAE,CAAA;AACjE,QAAA,OAAA,CAAQ,IAAA,CAAK,KAAK,CAAC,CAAA;AAEnB,QAAA,MAAM,IAAI,OAAA,CAAc,CAAC,CAAA,KAAM;AAC7B,UAAA,UAAA,CAAW,GAAG,GAAG,CAAA;AAAA,QACnB,CAAC,CAAA;AACD,QAAA;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAIA,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,KAAA,MAAW,QAAQ,CAAC,UAAA,EAAY,OAAA,EAAS,iBAAA,EAAmB,CAAA,EAAG;AAC7D,QAAA,IAAIA,GAAAA,CAAG,UAAA,CAAW,IAAI,CAAA,EAAG;AACvB,UAAAA,GAAAA,CAAG,WAAW,IAAI,CAAA;AAAA,QACpB;AAAA,MACF;AAEA,MAAA,IAAIA,GAAAA,CAAG,UAAA,CAAW,UAAU,CAAA,EAAG;AAC7B,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,sCAAA,EAAyC,UAAU,CAAA,CAAE,CAAA;AAAA,MACvE;AAAA,IACF,CAAA,MAAO;AAEL,MAAA,KAAA,MAAW,IAAA,IAAQ,CAAC,OAAA,EAAS,iBAAA,EAAmB,CAAA,EAAG;AACjD,QAAA,IAAIA,GAAAA,CAAG,UAAA,CAAW,IAAI,CAAA,EAAG;AACvB,UAAAA,GAAAA,CAAG,WAAW,IAAI,CAAA;AAAA,QACpB;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,OAAA,EAAS,MAAA,KAAW;AACtC,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,EAAY;AAAA,QAC9B,QAAA;AAAA,QACA,eAAA;AAAA,QACA,UAAA;AAAA,QACA,YAAA;AAAA,QACA;AAAA,OACF,EAAG;AAAA,QACD,QAAA,EAAU,IAAA;AAAA,QACV,KAAA,EAAO,CAAC,QAAA,EAAU,MAAA,EAAQ,MAAM;AAAA,OACjC,CAAA;AAED,MAAA,MAAM,OAAA,GAAU,WAAW,MAAM;AAC/B,QAAA,MAAA,CAAO,IAAI,KAAA,CAAM,uCAAuC,CAAC,CAAA;AAAA,MAC3D,GAAG,GAAK,CAAA;AAER,MAAA,IAAI,UAAA,GAAa,EAAA;AACjB,MAAA,IAAI,UAAA,GAAa,EAAA;AAEjB,MAAA,KAAA,CAAM,MAAA,CAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,IAAA,KAAiB;AACzC,QAAA,UAAA,IAAc,KAAK,QAAA,EAAS;AAC5B,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,UAAU,CAAA;AACpC,UAAA,IAAI,OAAO,KAAA,EAAO;AAChB,YAAA,YAAA,CAAa,OAAO,CAAA;AACpB,YAAA,eAAA,CAAgB,UAAU,CAAA;AAC1B,YAAA,IAAA,CAAK,oBAAA,GAAuB,IAAA;AAC5B,YAAA,KAAA,CAAM,KAAA,EAAM;AACZ,YAAA,KAAA,CAAM,OAAQ,OAAA,EAAQ;AACtB,YAAA,KAAA,CAAM,OAAQ,OAAA,EAAQ;AACtB,YAAA,OAAA,EAAQ;AAAA,UACV;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAC,CAAA;AAED,MAAA,KAAA,CAAM,MAAA,CAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,IAAA,KAAiB;AACzC,QAAA,UAAA,IAAc,KAAK,QAAA,EAAS;AAAA,MAC9B,CAAC,CAAA;AAED,MAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,GAAA,KAAQ;AACzB,QAAA,YAAA,CAAa,OAAO,CAAA;AACpB,QAAA,MAAA,CAAO,IAAI,KAAA,CAAM,CAAA,wBAAA,EAA2B,GAAA,CAAI,OAAO,EAAE,CAAC,CAAA;AAAA,MAC5D,CAAC,CAAA;AAED,MAAA,KAAA,CAAM,EAAA,CAAG,MAAA,EAAQ,CAAC,IAAA,KAAS;AACzB,QAAA,YAAA,CAAa,OAAO,CAAA;AACpB,QAAA,IAAI,SAAS,CAAA,EAAG;AACd,UAAA,MAAM,OAAA,GAAU;AAAA,YACd,WAAW,IAAA,EAAK,IAAK,CAAA,QAAA,EAAW,UAAA,CAAW,MAAM,CAAA,CAAA;AAAA,YACjD,WAAW,IAAA,EAAK,IAAK,CAAA,QAAA,EAAW,UAAA,CAAW,MAAM,CAAA,CAAA;AAAA,YACjD,WAAW,UAAU,CAAA,CAAA;AAAA,YACrB,WAAW,UAAU,CAAA;AAAA,WACvB,CAAE,MAAA,CAAO,OAAO,CAAA,CAAE,KAAK,IAAI,CAAA;AAC3B,UAAA,MAAA,CAAO,IAAI,KAAA,CAAM,CAAA,wBAAA,EAA2B,IAAI;AAAA,EAAK,OAAO,EAAE,CAAC,CAAA;AAAA,QACjE;AAAA,MACF,CAAC,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EACH;AACF,CAAA;AC1dA,IAAM,SAAS,SAAA,CAAU,MAAA;AAEzB,IAAM,eAAA,GAAkB,CAAA;AACxB,IAAM,SAAA,GAAY,IAAI,WAAA,EAAY,CAAE,OAAO,kBAAkB,CAAA;AAC7D,IAAM,YAAA,GAAe,EAAE,IAAA,EAAM,MAAA,EAAQ,YAAY,OAAA,EAAQ;AAGzD,IAAM,iBAAA,GAAoB,EAAA;AAC1B,IAAM,YAAA,GAAe,EAAA;AACrB,IAAM,UAAA,GAAa,EAAA;AACnB,IAAM,aAAA,GAAgB,IAAI,iBAAA,GAAoB,YAAA;AAK9C,IAAM,EAAA,mBAAK,MAAA,CAAA,CAAC,IAAA,KAAmC,IAAA,EAApC,IAAA,CAAA;AAaX,SAAS,iBAAiB,OAAA,EAAwC;AAChE,EAAA,MAAM,WAAA,GAAc,QAAQ,MAAA,CAAO,CAAC,KAAK,CAAA,KAAM,GAAA,GAAM,CAAA,CAAE,MAAA,EAAQ,CAAC,CAAA;AAChE,EAAA,MAAM,MAAA,GAAS,IAAI,UAAA,CAAW,WAAW,CAAA;AACzC,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,KAAA,MAAW,OAAO,OAAA,EAAS;AACzB,IAAA,MAAA,CAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AACtB,IAAA,MAAA,IAAU,GAAA,CAAI,MAAA;AAAA,EAChB;AACA,EAAA,OAAO,MAAA;AACT;AATS,MAAA,CAAA,aAAA,EAAA,eAAA,CAAA;AAWT,SAAS,eAAe,MAAA,EAA0C;AAChE,EAAA,IAAI,kBAAkB,UAAA,EAAY;AAChC,IAAA,OAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,MAAA,EAAQ,MAAA,CAAO,YAAY,MAAA,CAAO,UAAU,CAAA,CAAE,QAAA,CAAS,QAAQ,CAAA;AAAA,EAC3F;AACA,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE,SAAS,QAAQ,CAAA;AAC9C;AALS,MAAA,CAAA,cAAA,EAAA,gBAAA,CAAA;AAOT,SAAS,cAAc,MAAA,EAA4B;AACjD,EAAA,MAAM,GAAA,GAAM,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA;AACxC,EAAA,OAAO,IAAI,UAAA,CAAW,GAAA,CAAI,QAAQ,GAAA,CAAI,UAAA,EAAY,IAAI,UAAU,CAAA;AAClE;AAHS,MAAA,CAAA,aAAA,EAAA,eAAA,CAAA;AAcT,eAAe,UAAA,CACb,GAAA,EACA,IAAA,EACA,IAAA,EACA,eAAA,EACqB;AAErB,EAAA,MAAM,UAAU,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,GAAG,IAAI,CAAA,EAAG,EAAE,IAAA,EAAM,QAAQ,IAAA,EAAM,SAAA,IAAa,KAAA,EAAO,CAAC,MAAM,CAAC,CAAA;AAC1G,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,MAAM,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,OAAA,EAAS,EAAA,CAAG,GAAG,CAAC,CAAC,CAAA;AAGtE,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,GAAG,GAAG,CAAA,EAAG,EAAE,IAAA,EAAM,QAAQ,IAAA,EAAM,SAAA,IAAa,KAAA,EAAO,CAAC,MAAM,CAAC,CAAA;AACxG,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,eAAe,CAAA;AAC1C,EAAA,IAAI,CAAA,GAAI,IAAI,UAAA,CAAW,CAAC,CAAA;AACxB,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,IAAI,OAAA,GAAU,CAAA;AAEd,EAAA,OAAO,SAAS,eAAA,EAAiB;AAC/B,IAAA,MAAM,KAAA,GAAQ,cAAc,CAAA,EAAG,IAAA,EAAM,IAAI,UAAA,CAAW,CAAC,OAAO,CAAC,CAAC,CAAA;AAC9D,IAAA,CAAA,GAAI,IAAI,UAAA,CAAW,MAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,MAAA,EAAQ,EAAA,CAAG,KAAK,CAAC,CAAC,CAAA;AAC/D,IAAA,GAAA,CAAI,GAAA,CAAI,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,IAAA,CAAK,GAAA,CAAI,CAAA,CAAE,MAAA,EAAQ,eAAA,GAAkB,MAAM,CAAC,CAAA,EAAG,MAAM,CAAA;AACxE,IAAA,MAAA,IAAU,CAAA,CAAE,MAAA;AACZ,IAAA,OAAA,EAAA;AAAA,EACF;AAEA,EAAA,OAAO,GAAA;AACT;AA1Be,MAAA,CAAA,UAAA,EAAA,YAAA,CAAA;AA+Bf,eAAe,gBAAgB,MAAA,EAAoC;AACjE,EAAA,OAAO,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,EAAA,CAAG,aAAA,CAAc,MAAM,CAAC,CAAA,EAAG,YAAA,EAAc,IAAA,EAAM,EAAE,CAAA;AAClF;AAFe,MAAA,CAAA,eAAA,EAAA,iBAAA,CAAA;AAKf,eAAe,iBAAiB,MAAA,EAAoC;AAClE,EAAA,OAAO,MAAA,CAAO,SAAA,CAAU,OAAA,EAAS,EAAA,CAAG,aAAA,CAAc,MAAM,CAAC,CAAA,EAAG,YAAA,EAAc,IAAA,EAAM,CAAC,YAAY,CAAC,CAAA;AAChG;AAFe,MAAA,CAAA,gBAAA,EAAA,kBAAA,CAAA;AAKf,eAAsB,aAAA,GAAoC;AACxD,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,WAAA,CAAY,cAAc,IAAA,EAAM,CAAC,YAAY,CAAC,CAAA;AAE3E,EAAA,MAAM,eAAe,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,QAAQ,SAAS,CAAA;AACpE,EAAA,MAAM,kBAAkB,MAAM,MAAA,CAAO,SAAA,CAAU,OAAA,EAAS,QAAQ,UAAU,CAAA;AAE1E,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,eAAe,YAAY,CAAA;AAAA,IACtC,UAAA,EAAY,eAAe,eAAe;AAAA,GAC5C;AACF;AAVsB,MAAA,CAAA,aAAA,EAAA,eAAA,CAAA;AAqBtB,eAAsB,OAAA,CAAQ,iBAAyB,SAAA,EAAoC;AACzF,EAAA,MAAM,kBAAA,GAAqB,MAAM,eAAA,CAAgB,eAAe,CAAA;AAChE,EAAA,MAAM,kBAAA,GAAqB,cAAc,eAAe,CAAA;AAGxD,EAAA,MAAM,gBAAA,GAAmB,MAAM,MAAA,CAAO,WAAA,CAAY,cAAc,IAAA,EAAM,CAAC,YAAY,CAAC,CAAA;AACpF,EAAA,MAAM,kBAAA,GAAqB,IAAI,UAAA,CAAW,MAAM,OAAO,SAAA,CAAU,KAAA,EAAO,gBAAA,CAAiB,SAAS,CAAC,CAAA;AAGnG,EAAA,MAAM,gBAAA,GAAmB,MAAM,MAAA,CAAO,UAAA;AAAA,IACpC,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,EAAQ,kBAAA,EAAmB;AAAA,IAC3C,gBAAA,CAAiB,UAAA;AAAA,IACjB;AAAA,GACF;AACA,EAAA,MAAM,YAAA,GAAe,IAAI,UAAA,CAAW,gBAAgB,CAAA;AAGpD,EAAA,MAAM,IAAA,GAAO,aAAA,CAAc,kBAAA,EAAoB,kBAAkB,CAAA;AACjE,EAAA,MAAM,SAAS,MAAM,UAAA,CAAW,YAAA,EAAc,SAAA,EAAW,MAAM,EAAE,CAAA;AAGjE,EAAA,MAAM,QAAQ,SAAA,CAAU,eAAA,CAAgB,IAAI,UAAA,CAAW,YAAY,CAAC,CAAA;AACpE,EAAA,MAAM,cAAA,GAAiB,IAAI,WAAA,EAAY,CAAE,OAAO,SAAS,CAAA;AAEzD,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,EAAA,CAAG,MAAM,CAAA,EAAG,SAAA,EAAW,KAAA,EAAO,CAAC,SAAS,CAAC,CAAA;AACzF,EAAA,MAAM,YAAY,IAAI,UAAA;AAAA,IACpB,MAAM,MAAA,CAAO,OAAA,CAAQ,EAAE,IAAA,EAAM,WAAW,EAAA,EAAI,EAAA,CAAG,KAAK,CAAA,EAAG,WAAW,UAAA,GAAa,CAAA,IAAK,SAAA,EAAW,EAAA,CAAG,cAAc,CAAC;AAAA,GACnH;AAGA,EAAA,MAAM,aAAa,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,SAAA,CAAU,SAAS,UAAU,CAAA;AACnE,EAAA,MAAM,GAAA,GAAM,SAAA,CAAU,KAAA,CAAM,SAAA,CAAU,SAAS,UAAU,CAAA;AAGzD,EAAA,MAAM,OAAA,GAAU,aAAA;AAAA,IACd,IAAI,UAAA,CAAW,CAAC,eAAe,CAAC,CAAA;AAAA,IAChC,kBAAA;AAAA,IACA,KAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,OAAO,eAAe,OAAO,CAAA;AAC/B;AA3CsB,MAAA,CAAA,OAAA,EAAA,SAAA,CAAA;AAuDtB,eAAsB,OAAA,CACpB,gBAAA,EACA,eAAA,EACA,gBAAA,EACiB;AACjB,EAAA,MAAM,YAAA,GAAe,cAAc,gBAAgB,CAAA;AAEnD,EAAA,IAAI,YAAA,CAAa,UAAA,GAAa,aAAA,GAAgB,UAAA,EAAY;AACxD,IAAA,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAAA,EACrC;AAGA,EAAA,MAAM,OAAA,GAAU,aAAa,CAAC,CAAA;AAC9B,EAAA,IAAI,YAAY,eAAA,EAAiB;AAC/B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,OAAO,CAAA,CAAE,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,kBAAA,GAAqB,YAAA,CAAa,KAAA,CAAM,CAAA,EAAG,IAAI,iBAAiB,CAAA;AACtE,EAAA,MAAM,KAAA,GAAQ,YAAA,CAAa,KAAA,CAAM,CAAA,GAAI,mBAAmB,aAAa,CAAA;AACrE,EAAA,MAAM,gBAAA,GAAmB,YAAA,CAAa,KAAA,CAAM,aAAa,CAAA;AAEzD,EAAA,IAAI,gBAAA,CAAiB,SAAS,UAAA,EAAY;AACxC,IAAA,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAAA,EAC7C;AAGA,EAAA,MAAM,UAAA,GAAa,MAAM,gBAAA,CAAiB,gBAAgB,CAAA;AAC1D,EAAA,MAAM,kBAAA,GAAqB,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,EAAA,CAAG,kBAAkB,CAAA,EAAG,YAAA,EAAc,IAAA,EAAM,EAAE,CAAA;AAGvG,EAAA,MAAM,kBAAA,GAAqB,cAAc,eAAe,CAAA;AAGxD,EAAA,MAAM,gBAAA,GAAmB,MAAM,MAAA,CAAO,UAAA;AAAA,IACpC,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,EAAQ,kBAAA,EAAmB;AAAA,IAC3C,UAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,MAAM,YAAA,GAAe,IAAI,UAAA,CAAW,gBAAgB,CAAA;AAGpD,EAAA,MAAM,IAAA,GAAO,aAAA,CAAc,kBAAA,EAAoB,kBAAkB,CAAA;AACjE,EAAA,MAAM,SAAS,MAAM,UAAA,CAAW,YAAA,EAAc,SAAA,EAAW,MAAM,EAAE,CAAA;AAIjE,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,SAAA,CAAU,KAAA,EAAO,EAAA,CAAG,MAAM,CAAA,EAAG,SAAA,EAAW,KAAA,EAAO,CAAC,SAAS,CAAC,CAAA;AACzF,EAAA,IAAI;AACF,IAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,OAAA;AAAA,MAC7B,EAAE,MAAM,SAAA,EAAW,EAAA,EAAI,GAAG,KAAK,CAAA,EAAG,SAAA,EAAW,UAAA,GAAa,CAAA,EAAE;AAAA,MAC5D,SAAA;AAAA,MACA,GAAG,gBAAgB;AAAA;AAAA,KACrB;AACA,IAAA,OAAO,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,SAAS,CAAA;AAAA,EAC3C,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,yBAAA;AAAA,MACA,EAAE,OAAO,GAAA;AAAI,KACf;AAAA,EACF;AACF;AA5DsB,MAAA,CAAA,OAAA,EAAA,SAAA,CAAA;;;ACnLtB,IAAM,gBAAA,GAAmB,oBAAA;AACzB,IAAM,cAAA,GAAiB,iBAAA;AAWvB,SAAS,eAAA,GAA0B;AACjC,EAAA,OAAOG,IAAAA,CAAK,IAAA,CAAK,iBAAA,EAAkB,EAAG,gBAAgB,CAAA;AACxD;AAFS,MAAA,CAAA,eAAA,EAAA,iBAAA,CAAA;AAIT,SAAS,eAAe,KAAA,EAAuB;AAC7C,EAAA,OAAOA,KAAK,IAAA,CAAK,eAAA,EAAgB,EAAG,CAAA,EAAG,KAAK,CAAA,KAAA,CAAO,CAAA;AACrD;AAFS,MAAA,CAAA,cAAA,EAAA,gBAAA,CAAA;AAMF,SAAS,SAAA,CAAU,QAAgB,cAAA,EAAyB;AACjE,EAAA,OAAOH,GAAAA,CAAG,UAAA,CAAW,cAAA,CAAe,KAAK,CAAC,CAAA;AAC5C;AAFgB,MAAA,CAAA,SAAA,EAAA,WAAA,CAAA;AAIhB,eAAsB,WAAA,CAAY,QAAgB,cAAA,EAA+D;AAC/G,EAAA,MAAM,OAAA,GAAU,MAAM,aAAA,EAAc;AAEpC,EAAA,MAAM,MAAA,GAAwB;AAAA,IAC5B,KAAA;AAAA,IACA,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,YAAY,OAAA,CAAQ,UAAA;AAAA,IACpB,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,GACpC;AAEA,EAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,EAAAA,IAAG,SAAA,CAAU,YAAA,EAAc,EAAE,SAAA,EAAW,MAAM,CAAA;AAE9C,EAAA,MAAM,QAAA,GAAW,eAAe,KAAK,CAAA;AACrC,EAAAA,GAAAA,CAAG,aAAA,CAAc,QAAA,EAAU,IAAA,CAAK,SAAA,CAAU,MAAA,EAAQ,IAAA,EAAM,CAAC,CAAA,EAAG,EAAE,IAAA,EAAM,GAAA,EAAO,CAAA;AAE3E,EAAA,OAAO,EAAE,KAAA,EAAO,SAAA,EAAW,OAAA,CAAQ,SAAA,EAAU;AAC/C;AAjBsB,MAAA,CAAA,WAAA,EAAA,aAAA,CAAA;AA0CtB,SAAS,YAAY,KAAA,EAA8B;AACjD,EAAA,MAAM,QAAA,GAAW,eAAe,KAAK,CAAA;AACrC,EAAA,IAAI,CAACA,GAAAA,CAAG,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,eAAA,EAAkB,KAAK,CAAA,CAAE,CAAA;AAAA,EAC3C;AACA,EAAA,MAAM,IAAA,GAAOA,GAAAA,CAAG,YAAA,CAAa,QAAA,EAAU,OAAO,CAAA;AAC9C,EAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAI9B,EAAA,MAAM,UAAA,GAAa,OAAO,UAAA,KACpB,MAAA,CAAO,eAAe,MAAA,GAAS,MAAA,CAAO,mBAAA,GAAsB,MAAA,CAAA,IAC7D,MAAA,CAAO,mBAAA;AAEZ,EAAA,IAAI,CAAC,MAAA,CAAO,SAAA,IAAa,CAAC,UAAA,EAAY;AACpC,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,iCAAA,EAAoC,KAAK,CAAA,CAAE,CAAA;AAAA,EAC7D;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,KAAA,IAAS,KAAA;AAAA,IACvB,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,UAAA;AAAA,IACA,WAAW,MAAA,CAAO,SAAA,IAAA,iBAAa,IAAI,IAAA,IAAO,WAAA,EAAY;AAAA,IACtD,YAAY,MAAA,CAAO,UAAA;AAAA,IACnB,qBAAqB,MAAA,CAAO;AAAA,GAC9B;AACF;AA1BS,MAAA,CAAA,WAAA,EAAA,aAAA,CAAA;AA4BT,SAAS,aAAa,KAAA,EAAuB;AAC3C,EAAA,OAAO,WAAA,CAAY,KAAK,CAAA,CAAE,SAAA;AAC5B;AAFS,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;AAMT,eAAsB,YAAA,CAAa,SAAA,EAAmB,KAAA,GAAgB,cAAA,EAAiC;AACrG,EAAA,MAAM,SAAA,GAAY,aAAa,KAAK,CAAA;AACpC,EAAA,OAAO,OAAA,CAAQ,WAAW,SAAS,CAAA;AACrC;AAHsB,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;AAKtB,eAAsB,YAAA,CAAa,UAAA,EAAoB,KAAA,GAAgB,cAAA,EAAiC;AACtG,EAAA,MAAM,MAAA,GAAS,YAAY,KAAK,CAAA;AAChC,EAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,UAAA,EAAY,MAAA,CAAO,WAAW,UAAU,CAAA;AAChE;AAHsB,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;;;AClGtB,IAAMI,eAAAA,GAAiB,iBAAA;AAGvB,SAASF,OAAM,GAAA,EAAa;AAC1B,EAAA,IAAI,OAAA,CAAQ,IAAI,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,MAAA,CAAO,KAAA,CAAM,CAAA,wBAAA,EAA2B,GAAG;AAAA,CAAI,CAAA;AAAA,EACzD;AACF;AAJS,MAAA,CAAAA,MAAAA,EAAA,OAAA,CAAA;AAUT,IAAI,YAAA;AACJ,SAAS,YAAA,GAAuB;AAC9B,EAAA,IAAI,cAAc,OAAO,YAAA;AACzB,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAUF,GAAAA,CAAG,YAAA,CAAa,iBAAiB,CAAA;AACjD,IAAA,IAAI,OAAA,IAAW,OAAA,CAAQ,UAAA,CAAW,OAAO,CAAA,EAAG;AAC1C,MAAA,YAAA,GAAe,OAAA;AACf,MAAA,OAAO,OAAA;AAAA,IACT;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,YAAA,GAAe,CAAA,IAAA,EAAO,QAAQ,GAAG,CAAA,CAAA;AACjC,EAAA,OAAO,YAAA;AACT;AAbS,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;AAeT,IAAI,2BAAA,GAA8B,KAAA;AAElC,SAAS,qBAAqB,SAAA,EAAuC;AACnE,EAAA,IAAI,CAAC,KAAA,EAAM,EAAG,OAAO,MAAA;AACrB,EAAA,IAAI;AACF,IAAA,OAAO,YAAA,CAAa,SAAA,EAAW,CAAC,IAAA,EAAM,SAAS,CAAA,EAAG;AAAA,MAChD,QAAA,EAAU,OAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV,EAAE,IAAA,EAAK;AAAA,EACV,SAAS,GAAA,EAAK;AACZ,IAAAE,OAAM,CAAA,6BAAA,EAAgC,GAAA,YAAe,QAAQ,GAAA,CAAI,OAAA,GAAU,GAAG,CAAA,CAAE,CAAA;AAChF,IAAA,OAAO,MAAA;AAAA,EACT;AACF;AAXS,MAAA,CAAA,oBAAA,EAAA,sBAAA,CAAA;AAaT,SAAS,gCAAgC,UAAA,EAA6B;AACpE,EAAA,IAAI,2BAAA,EAA6B;AAC/B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,WAAA,GAAc,qBAAqB,UAAU,CAAA;AACnD,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,KAAA;AAAA,EACT;AAKA,EAAA,MAAM,WAAA,GAAc,WAAA,CAAY,UAAA,CAAW,GAAA,EAAK,IAAI,CAAA;AACpD,EAAA,MAAM,QAAA,GAAW,gDAAgD,WAAW,CAAA,8BAAA,CAAA;AAC5E,EAAA,MAAM,IAAA,GAAO,UAAU,gBAAA,EAAkB;AAAA,IACvC,YAAA;AAAA,IACA,iBAAA;AAAA,IACA,kBAAA;AAAA,IACA,QAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACF,EAAG;AAAA,IACD,QAAA,EAAU,OAAA;AAAA,IACV,OAAA,EAAS;AAAA,GACV,CAAA;AAED,EAAA,IAAI,KAAK,KAAA,EAAO;AACd,IAAAA,MAAAA,CAAM,CAAA,mDAAA,EAAsD,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA,CAAE,CAAA;AAChF,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,IAAI,IAAA,CAAK,WAAW,CAAA,EAAG;AACrB,IAAAA,MAAAA,CAAM,CAAA,iDAAA,EAAoD,IAAA,CAAK,MAAM,CAAA,EAAA,EAAA,CAAM,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,MAAA,IAAU,EAAA,EAAI,IAAA,EAAM,CAAA,CAAE,CAAA;AACrH,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAAA,OAAM,sEAAsE,CAAA;AAC5E,EAAA,2BAAA,GAA8B,IAAA;AAC9B,EAAA,OAAO,IAAA;AACT;AAvCS,MAAA,CAAA,+BAAA,EAAA,iCAAA,CAAA;AAyCT,SAAS,wBAAA,CAAyB,UAAA,EAAoB,SAAA,GAAoB,GAAA,EAAgB;AACxF,EAAA,MAAM,IAAA,GAAO,SAAA,CAAU,UAAA,EAAY,CAAC,aAAa,CAAA,EAAG;AAAA,IAClD,QAAA,EAAU,OAAA;AAAA,IACV,OAAA,EAAS;AAAA,GACV,CAAA;AAED,EAAA,IAAI,IAAA,CAAK,KAAA,IAAS,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AACnC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,SAAS,IAAA,CAAK,KAAA,CAAA,CAAO,KAAK,MAAA,IAAU,EAAA,EAAI,MAAM,CAAA;AACpD,IAAA,OAAO,OAAO,KAAA,KAAU,IAAA;AAAA,EAC1B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAhBS,MAAA,CAAA,wBAAA,EAAA,0BAAA,CAAA;AAkBT,SAAS,2BAAA,CAA4B,UAAA,EAAoB,SAAA,GAAoB,IAAA,EAAiB;AAC5F,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAE9B,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,QAAA,EAAU;AAC5B,IAAA,IAAI,wBAAA,CAAyB,UAAU,CAAA,EAAG;AACxC,MAAAA,OAAM,8CAA8C,CAAA;AACpD,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAA,CAAK,IAAI,UAAA,CAAW,IAAI,iBAAA,CAAkB,CAAC,CAAC,CAAA,EAAG,CAAA,EAAG,CAAA,EAAG,GAAG,CAAA;AAAA,EAClE;AAEA,EAAAA,OAAM,qEAAqE,CAAA;AAC3E,EAAA,OAAO,KAAA;AACT;AAdS,MAAA,CAAA,2BAAA,EAAA,6BAAA,CAAA;AAkBT,SAAS,eAAA,CAAgB,MAAqB,IAAA,EAAqC;AACjF,EAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAAA,OAAM,kCAAkC,CAAA;AACxC,IAAA,MAAM,IAAI,MAAM,yBAAyB,CAAA;AAAA,EAC3C;AACA,EAAAA,MAAAA,CAAM,oBAAoB,UAAU,CAAA,CAAA,EAAI,KAAK,IAAA,CAAK,GAAG,CAAC,CAAA,CAAE,CAAA;AACxD,EAAA,MAAM,MAAA,GAAS,YAAA,CAAa,UAAA,EAAY,IAAA,EAAM;AAAA,IAC5C,QAAA,EAAU,OAAA;AAAA,IACV,OAAA,EAAS,MAAM,OAAA,IAAW;AAAA,GAC3B,EAAE,IAAA,EAAK;AACR,EAAAA,OAAM,CAAA,wBAAA,EAA2B,MAAA,CAAO,MAAM,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA;AACvD,EAAA,OAAO,MAAA;AACT;AAbS,MAAA,CAAA,eAAA,EAAA,iBAAA,CAAA;AAeT,SAAS,mBAAA,CAAiD,MAAqB,IAAA,EAAgC;AAC7G,EAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,IAAA,EAAM,IAAI,CAAA;AACzC,EAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAChC,EAAA,IAAI,OAAO,KAAA,EAAO;AAChB,IAAA,MAAM,IAAI,KAAA,CAAM,MAAA,CAAO,KAAK,CAAA;AAAA,EAC9B;AACA,EAAA,OAAO,MAAA;AACT;AAPS,MAAA,CAAA,mBAAA,EAAA,qBAAA,CAAA;AAWT,IAAI,iBAAA;AAEJ,IAAI,gBAAA;AAEJ,SAAS,iBAAA,GAAoE;AAC3E,EAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,EAAAA,MAAAA,CAAM,CAAA,8BAAA,EAAiC,UAAA,IAAc,WAAW,CAAA,QAAA,EAAW,OAAO,CAAA,WAAA,EAAc,OAAA,CAAQ,QAAQ,CAAA,CAAE,CAAA;AAClH,EAAA,IAAI,CAAC,UAAA,EAAY;AAEf,IAAA,MAAM,cAAA,GAAiB,CAAC,QAAA,EAAU,OAAA,EAAS,OAAO,CAAA,CAAE,QAAA,CAAS,QAAQ,QAAQ,CAAA;AAC7E,IAAA,OAAO,EAAE,IAAA,EAAM,MAAA,EAAQ,cAAA,EAAe;AAAA,EACxC;AAGA,EAAA,IAAI,OAAM,EAAG,OAAO,EAAE,IAAA,EAAM,aAAA,EAAe,gBAAgB,KAAA,EAAM;AAEjE,EAAA,QAAQ,QAAQ,QAAA;AAAU,IACxB,KAAK,QAAA;AAAU,MAAA,OAAO,EAAE,IAAA,EAAM,gBAAA,EAAkB,cAAA,EAAgB,KAAA,EAAM;AAAA,IACtE,KAAK,OAAA;AAAS,MAAA,OAAO,EAAE,IAAA,EAAM,aAAA,EAAe,cAAA,EAAgB,KAAA,EAAM;AAAA,IAClE,KAAK,OAAA;AAAS,MAAA,OAAO,EAAE,IAAA,EAAM,WAAA,EAAa,cAAA,EAAgB,KAAA,EAAM;AAAA,IAChE;AAAS,MAAA,OAAO,EAAE,IAAA,EAAM,MAAA,EAAQ,cAAA,EAAgB,KAAA,EAAM;AAAA;AAE1D;AAlBS,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AAqBF,SAAS,cAAA,GAA8B;AAC5C,EAAA,IAAI,mBAAmB,OAAO,iBAAA;AAE9B,EAAA,MAAM,EAAE,IAAA,EAAM,cAAA,EAAe,GAAI,iBAAA,EAAkB;AACnD,EAAA,MAAM,UAAA,GAAa,IAAA,KAAS,MAAA,GAAS,mBAAA,EAAoB,GAAI,MAAA;AAE7D,EAAA,IAAI,IAAA,KAAS,UAAU,UAAA,EAAY;AAEjC,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,mBAAA,CAAwC,CAAC,QAAQ,CAAC,CAAA;AACjE,MAAAA,OAAM,CAAA,8CAAA,EAAiD,MAAA,CAAO,cAAc,CAAA,qBAAA,EAAwB,OAAO,kBAAkB,CAAA,UAAA,EAAa,MAAA,CAAO,OAAO,UAAU,MAAA,CAAO,IAAA,EAAM,IAAA,CAAK,GAAG,CAAC,CAAA,CAAE,CAAA;AAC1L,MAAA,gBAAA,GAAmB,MAAA,CAAO,IAAA;AAC1B,MAAA,iBAAA,GAAoB;AAAA,QAClB,IAAA;AAAA,QACA,UAAU,OAAA,CAAQ,QAAA;AAAA,QAClB,gBAAgB,MAAA,CAAO,cAAA;AAAA,QACvB,oBAAoB,MAAA,CAAO,kBAAA;AAAA,QAC3B;AAAA,OACF;AAAA,IACF,SAAS,GAAA,EAAK;AAEZ,MAAAA,OAAM,CAAA,uCAAA,EAA0C,GAAA,YAAe,QAAQ,GAAA,CAAI,OAAA,GAAU,GAAG,CAAA,CAAE,CAAA;AAC1F,MAAA,iBAAA,GAAoB;AAAA,QAClB,IAAA;AAAA,QACA,UAAU,OAAA,CAAQ,QAAA;AAAA,QAClB,gBAAgB,IAAA,KAAS,gBAAA;AAAA,QACzB,oBAAoB,IAAA,KAAS,gBAAA;AAAA,QAC7B;AAAA,OACF;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AACL,IAAAA,MAAAA,CAAM,4CAA4C,IAAI,CAAA,aAAA,EAAgB,cAAc,MAAM,CAAA,iBAAA,EAAoB,cAAc,CAAA,CAAA,CAAG,CAAA;AAC/H,IAAA,IAAI,cAAA,IAAkB,CAAC,OAAA,CAAQ,GAAA,CAAI,uCAAA,EAAyC;AAC1E,MAAA,OAAA,CAAQ,MAAA,CAAO,KAAA;AAAA,QACb;AAAA,OACF;AAAA,IACF;AACA,IAAA,iBAAA,GAAoB;AAAA,MAClB,IAAA;AAAA,MACA,UAAU,OAAA,CAAQ,QAAA;AAAA,MAClB,cAAA,EAAgB,KAAA;AAAA,MAChB,kBAAA,EAAoB,KAAA;AAAA,MACpB,UAAA,EAAY,MAAA;AAAA,MACZ;AAAA,KACF;AAAA,EACF;AAEA,EAAAA,MAAAA,CAAM,CAAA,mCAAA,EAAsC,iBAAA,CAAmB,IAAI,CAAA,YAAA,EAAe,kBAAmB,kBAAkB,CAAA,WAAA,EAAc,iBAAA,CAAmB,cAAc,CAAA,CAAE,CAAA;AACxK,EAAA,OAAO,iBAAA;AACT;AAjDgB,MAAA,CAAA,cAAA,EAAA,gBAAA,CAAA;AAqDhB,IAAI,YAAA;AAEG,SAAS,eAAA,GAAgC;AAC9C,EAAA,YAAA,KAAiB,IAAI,YAAA,EAAa;AAClC,EAAA,OAAO,YAAA;AACT;AAHgB,MAAA,CAAA,eAAA,EAAA,iBAAA,CAAA;AAQT,SAASG,UAAAA,CAAU,QAAgBD,eAAAA,EAAyB;AACjE,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,CAAQ,SAAS,MAAA,EAAQ;AAC3B,IAAA,OAAmB,UAAU,KAAK,CAAA;AAAA,EACpC;AAEA,EAAA,IAAI,gBAAA,EAAkB;AACpB,IAAAF,MAAAA,CAAM,CAAA,wCAAA,EAA2C,KAAK,CAAA,CAAE,CAAA;AACxD,IAAA,OAAO,gBAAA,CAAiB,SAAS,KAAK,CAAA;AAAA,EACxC;AACA,EAAA,MAAM,SAAS,mBAAA,CAAyC,CAAC,YAAA,EAAc,UAAA,EAAY,KAAK,CAAC,CAAA;AACzF,EAAA,OAAO,MAAA,CAAO,MAAA;AAChB;AAZgB,MAAA,CAAAG,UAAAA,EAAA,WAAA,CAAA;AAehB,eAAsBC,YAAAA,CAAY,QAAgBF,eAAAA,EAA+D;AAC/G,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,CAAQ,SAAS,MAAA,EAAQ;AAC3B,IAAA,OAAmB,YAAY,KAAK,CAAA;AAAA,EACtC;AACA,EAAA,OAAO,mBAAA,CAA0D,CAAC,cAAA,EAAgB,UAAA,EAAY,KAAK,CAAC,CAAA;AACtG;AANsB,MAAA,CAAAE,YAAAA,EAAA,aAAA,CAAA;AAStB,eAAsB,SAAA,CAAU,QAAgBF,eAAAA,EAA+B;AAC7E,EAAA,IAAI,CAACC,UAAAA,CAAU,KAAK,CAAA,EAAG;AACrB,IAAA,MAAMC,aAAY,KAAK,CAAA;AAAA,EACzB;AACF;AAJsB,MAAA,CAAA,SAAA,EAAA,WAAA,CAAA;AActB,eAAsBC,aAAAA,CAAa,SAAA,EAAmB,KAAA,GAAgBH,eAAAA,EAAiC;AACrG,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,CAAQ,SAAS,MAAA,EAAQ;AAC3B,IAAA,OAAmB,YAAA,CAAa,WAAW,KAAK,CAAA;AAAA,EAClD;AAEA,EAAA,MAAM,WAAW,MAAA,CAAO,IAAA,CAAK,WAAW,OAAO,CAAA,CAAE,SAAS,QAAQ,CAAA;AAClE,EAAA,IAAI,OAAM,EAAG;AAEX,IAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,IAAA,IAAI,CAAC,UAAA,EAAY,MAAM,IAAI,MAAM,yBAAyB,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAO,UAAU,UAAA,EAAY,CAAC,WAAW,UAAA,EAAY,KAAA,EAAO,cAAc,CAAA,EAAG;AAAA,MACjF,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,OAAA;AAAA,MACV,OAAA,EAAS;AAAA,KACV,CAAA;AACD,IAAA,IAAI,IAAA,CAAK,KAAA,EAAO,MAAM,IAAA,CAAK,KAAA;AAC3B,IAAA,MAAMI,UAAS,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA;AAC5C,IAAA,IAAIA,QAAO,KAAA,EAAO,MAAM,IAAI,KAAA,CAAMA,QAAO,KAAK,CAAA;AAC9C,IAAA,OAAOA,OAAAA,CAAO,UAAA;AAAA,EAChB;AACA,EAAA,MAAM,MAAA,GAAS,oBAA4C,CAAC,SAAA,EAAW,YAAY,KAAA,EAAO,QAAA,EAAU,QAAQ,CAAC,CAAA;AAC7G,EAAA,OAAO,MAAA,CAAO,UAAA;AAChB;AAvBsB,MAAA,CAAAD,aAAAA,EAAA,cAAA,CAAA;AAgCtB,eAAsBE,aAAAA,CAAa,UAAA,EAAoB,KAAA,GAAgBL,eAAAA,EAAiC;AACtG,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,CAAQ,SAAS,MAAA,EAAQ;AAC3B,IAAAF,OAAM,kCAAkC,CAAA;AACxC,IAAA,OAAmB,YAAA,CAAa,YAAY,KAAK,CAAA;AAAA,EACnD;AAIA,EAAA,IAAI,QAAQ,kBAAA,EAAoB;AAC9B,IAAA,IAAI,OAAM,EAAG;AACX,MAAAA,OAAM,uDAAuD,CAAA;AAC7D,MAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,MAAA,IAAI,CAAC,UAAA,EAAY,MAAM,IAAI,MAAM,yBAAyB,CAAA;AAC1D,MAAA,MAAM,kBAAA,GAAqB,wBAAA,CAAyB,UAAA,EAAY,IAAK,CAAA;AACrE,MAAA,MAAM,gBAAA,GAAmB,kBAAA,IAAsB,+BAAA,CAAgC,UAAU,CAAA;AACzF,MAAA,IAAI,CAAC,sBAAsB,gBAAA,EAAkB;AAC3C,QAAA,2BAAA,CAA4B,UAAU,CAAA;AAAA,MACxC;AAIA,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM,UAAA;AAAA,QACN,OAAO,YAAA;AAAa,OACrB,CAAA;AACD,MAAA,MAAM,YAAA,mBAAe,MAAA,CAAA,CAAC,OAAA,KAAoB,SAAA,CAAU,UAAA,EAAY,CAAC,SAAA,EAAW,UAAA,EAAY,KAAA,EAAO,cAAA,EAAgB,cAAc,CAAA,EAAG;AAAA,QAC9H,KAAA,EAAO,YAAA;AAAA,QACP,QAAA,EAAU,OAAA;AAAA,QACV;AAAA,OACD,CAAA,EAJoB,cAAA,CAAA;AAMrB,MAAA,IAAI,IAAA,GAAO,YAAA,CAAa,gBAAA,GAAmB,IAAA,GAAU,GAAM,CAAA;AAE3D,MAAA,MAAM,UAAU,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,MAAA,IAAU,IAAI,IAAA,EAAK;AACvD,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,IAAU,IAAA,CAAK,MAAgC,IAAA,KAAS,WAAA;AAC9E,MAAA,MAAM,aAAa,OAAA,CAAQ,IAAA,CAAK,KAAK,CAAA,IAAK,KAAK,MAAA,KAAW,CAAA;AAC1D,MAAA,MAAM,wBAAA,GAA2B,QAAA,IAC5B,iGAAA,CAAkG,IAAA,CAAK,MAAM,CAAA;AAElH,MAAA,IAAI,cAAc,wBAAA,EAA0B;AAC1C,QAAAA,OAAM,CAAA,+FAAA,EAAkG,MAAA,CAAO,MAAM,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA;AAC9H,QAAA,IAAI,+BAAA,CAAgC,UAAU,CAAA,EAAG;AAE/C,UAAA,IAAA,GAAO,aAAa,IAAO,CAAA;AAAA,QAC7B;AAAA,MACF;AAEA,MAAA,IAAI,IAAA,CAAK,KAAA,EAAO,MAAM,IAAA,CAAK,KAAA;AAC3B,MAAA,IAAI,IAAA,CAAK,WAAW,CAAA,EAAG;AACrB,QAAA,MAAM,eAAe,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,MAAA,IAAU,IAAI,IAAA,EAAK;AAC5D,QAAA,IAAI;AACF,UAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,WAAW,CAAA;AACrC,UAAA,IAAI,OAAO,KAAA,EAAO,MAAM,IAAI,KAAA,CAAM,OAAO,KAAK,CAAA;AAAA,QAChD,CAAA,CAAA,MAAQ;AAAA,QAAiB;AAEzB,QAAA,MAAM,WAAA,GAAc,qBAAqB,UAAU,CAAA;AACnD,QAAA,MAAM,YAAY,WAAA,GACd;AAAA;AAAA,qCAAA,EAAmF,WAAW,CAAA,cAAA,CAAA,GAC9F,EAAA;AACJ,QAAA,MAAM,IAAI,MAAM,CAAA,qBAAA,EAAwB,IAAA,CAAK,MAAM,CAAA,GAAA,EAAM,WAAW,CAAA,EAAG,SAAS,CAAA,CAAE,CAAA;AAAA,MACpF;AAEA,MAAA,MAAMM,UAAS,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA;AAC5C,MAAA,IAAIA,QAAO,KAAA,EAAO,MAAM,IAAI,KAAA,CAAMA,QAAO,KAAK,CAAA;AAC9C,MAAAN,MAAAA,CAAM,CAAA,2BAAA,EAA8B,IAAA,CAAK,MAAA,CAAO,IAAA,GAAO,KAAA,CAAM,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA;AACtE,MAAA,OAAOM,OAAAA,CAAO,SAAA;AAAA,IAChB;AACA,IAAAN,OAAM,mDAAmD,CAAA;AACzD,IAAA,MAAM,SAAS,eAAA,EAAgB;AAC/B,IAAA,OAAO,MAAA,CAAO,OAAA,CAAQ,UAAA,EAAY,KAAK,CAAA;AAAA,EACzC;AAGA,EAAAA,OAAM,8CAA8C,CAAA;AACpD,EAAA,MAAM,MAAA,GAAS,oBAA2C,CAAC,SAAA,EAAW,YAAY,KAAA,EAAO,QAAA,EAAU,UAAU,CAAC,CAAA;AAC9G,EAAA,OAAO,MAAA,CAAO,SAAA;AAChB;AA7EsB,MAAA,CAAAO,aAAAA,EAAA,cAAA,CAAA;AAmFtB,eAAsB,WAAA,GAA6B;AACjD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,CAAC,QAAQ,kBAAA,EAAoB;AACjC,EAAA,MAAM,SAAS,eAAA,EAAgB;AAC/B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,UAAA,EAAW;AAC1C,EAAA,IAAI,CAAC,SAAA,EAAW;AACd,IAAA,MAAM,IAAI,MAAM,iCAAiC,CAAA;AAAA,EACnD;AACA,EAAA,MAAM,OAAO,iBAAA,EAAkB;AACjC;AATsB,MAAA,CAAA,WAAA,EAAA,aAAA,CAAA","file":"chunk-6DXWXIQV.js","sourcesContent":["/**\n * WSL detection utility.\n *\n * When running inside WSL, we use the Windows encryption binary (.exe)\n * to get DPAPI key protection and Windows Hello biometric support.\n */\n\nimport fs from 'node:fs';\n\nlet _isWSL: boolean | undefined;\n\n/** Detect whether we're running inside WSL (1 or 2). Cached after first call. */\nexport function isWSL(): boolean {\n if (_isWSL !== undefined) return _isWSL;\n\n // Fast path: WSL always sets this env var\n if (process.env.WSL_DISTRO_NAME) {\n _isWSL = true;\n return true;\n }\n\n // Fallback: check /proc/version for Microsoft/WSL signature\n try {\n const version = fs.readFileSync('/proc/version', 'utf-8');\n _isWSL = /microsoft|wsl/i.test(version);\n } catch {\n _isWSL = false;\n }\n\n return _isWSL;\n}\n","/**\n * Resolves the path to the platform-specific native helper binary.\n *\n * Resolution order:\n * 1. SEA sibling: same directory as the running varlock binary (install.sh, standalone)\n * 1b. SEA libexec: ../libexec/ relative to the binary (homebrew convention)\n * 2. Bundled in npm package: native-bins/<platform>[-<arch>]/ within the varlock package\n * 3. Dev fallback: walk up from __dirname to find build output\n *\n * Returns undefined if no binary is found (file-based fallback will be used instead).\n */\n\nimport path from 'node:path';\nimport fs from 'node:fs';\nimport { fileURLToPath } from 'node:url';\nimport { isWSL } from './wsl-detect';\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\n/** Debug logger — prints to stderr when VARLOCK_DEBUG is set */\nfunction debug(msg: string) {\n if (process.env.VARLOCK_DEBUG) {\n process.stderr.write(`[varlock:binary-resolver] ${msg}\\n`);\n }\n}\n\nconst BINARY_NAME = 'varlock-local-encrypt';\nconst MACOS_APP_BUNDLE = 'VarlockEnclave.app';\n\n/**\n * Resolve the varlock package root by walking up from this module until we\n * find package.json with name=varlock. This is robust across src/dist layouts.\n */\nfunction resolvePackageRoot(): string {\n let dir = __dirname;\n for (let i = 0; i < 10; i++) {\n const pkgJsonPath = path.join(dir, 'package.json');\n if (fs.existsSync(pkgJsonPath)) {\n try {\n const pkgJson = JSON.parse(fs.readFileSync(pkgJsonPath, 'utf-8')) as { name?: string };\n if (pkgJson.name === 'varlock') return dir;\n } catch {\n // Ignore invalid/unreadable package.json and continue walking upward\n }\n }\n const parent = path.dirname(dir);\n if (parent === dir) break;\n dir = parent;\n }\n\n // Last-resort fallback for unexpected layouts.\n return path.resolve(__dirname, '..', '..', '..');\n}\n\n/** Get the binary name for the current platform */\nfunction getPlatformBinaryName(): string {\n if (process.platform === 'win32' || isWSL()) return `${BINARY_NAME}.exe`;\n return BINARY_NAME;\n}\n\n/** Get the subdirectory name within native-bins/ for the current platform */\nfunction getNativeBinSubdir(): string {\n if (process.platform === 'darwin') return 'darwin';\n if (process.platform === 'win32') return `win32-${process.arch}`;\n // WSL2: use the Windows binary for DPAPI + Windows Hello support\n if (isWSL()) return 'win32-x64';\n return `${process.platform}-${process.arch}`;\n}\n\n/**\n * Resolve the macOS .app bundle binary path, or fall back to bare binary.\n */\nfunction resolveMacOSBinary(dir: string): string | undefined {\n // Try .app bundle first (needed for custom Touch ID icon)\n const appBundlePath = path.join(dir, MACOS_APP_BUNDLE, 'Contents', 'MacOS', BINARY_NAME);\n if (fs.existsSync(appBundlePath)) return appBundlePath;\n\n // Fall back to bare binary\n const barePath = path.join(dir, BINARY_NAME);\n if (fs.existsSync(barePath)) return barePath;\n\n return undefined;\n}\n\n/**\n * Resolve the binary path for Linux/Windows.\n */\nfunction resolveStandardBinary(dir: string): string | undefined {\n const binaryPath = path.join(dir, getPlatformBinaryName());\n if (fs.existsSync(binaryPath)) return binaryPath;\n return undefined;\n}\n\n/**\n * Resolve binary from a directory, handling macOS .app bundle vs standard binary.\n */\nfunction resolveBinaryFromDir(dir: string): string | undefined {\n if (process.platform === 'darwin') return resolveMacOSBinary(dir);\n return resolveStandardBinary(dir);\n}\n\n/**\n * Strategy 1: Look for the binary next to the running varlock binary,\n * then check ../libexec/ (homebrew convention for internal helpers).\n * This is the primary path for binary/SEA distribution.\n */\nfunction resolveSeaSibling(): string | undefined {\n const execDir = path.dirname(fs.realpathSync(process.execPath));\n\n // 1a. Same directory as the binary (install.sh, standalone archives)\n const sibling = resolveBinaryFromDir(execDir);\n if (sibling) return sibling;\n\n // 1b. ../libexec/ relative to the binary (homebrew layout)\n const libexecDir = path.join(execDir, '..', 'libexec');\n return resolveBinaryFromDir(libexecDir);\n}\n\n/**\n * Strategy 2: Look for the binary bundled in the varlock npm package.\n * native-bins/<platform-subdir>/\n */\nfunction resolveNpmBundled(): string | undefined {\n const packageRoot = resolvePackageRoot();\n const nativeBinsDir = path.join(packageRoot, 'native-bins', getNativeBinSubdir());\n if (fs.existsSync(nativeBinsDir)) return resolveBinaryFromDir(nativeBinsDir);\n\n // Legacy/alternate layout: native-bins as a sibling of the package root.\n const adjacentNativeBinsDir = path.join(path.dirname(packageRoot), 'native-bins', getNativeBinSubdir());\n if (fs.existsSync(adjacentNativeBinsDir)) return resolveBinaryFromDir(adjacentNativeBinsDir);\n\n return undefined;\n}\n\n/**\n * Strategy 3: Development fallback — look for build output in the monorepo.\n * Walks up from __dirname looking for native binary build output\n */\nfunction resolveDevFallback(): string | undefined {\n let dir = __dirname;\n for (let i = 0; i < 10; i++) {\n const parent = path.dirname(dir);\n if (parent === dir) break;\n dir = parent;\n\n // Check for Swift build output (macOS)\n if (process.platform === 'darwin') {\n const swiftBuild = path.join(dir, 'packages', 'encryption-binary-swift', 'swift', '.build', 'release', 'VarlockEnclave');\n if (fs.existsSync(swiftBuild)) return swiftBuild;\n }\n\n // Check for Rust build output (Linux/Windows)\n const rustBuild = path.join(dir, 'packages', 'encryption-binary-rust', 'target', 'release', getPlatformBinaryName());\n if (fs.existsSync(rustBuild)) return rustBuild;\n }\n\n return undefined;\n}\n\n/**\n * Ensure the binary at the given path is executable.\n * GitHub Actions artifact upload/download strips execute permissions,\n * and some extraction tools may do the same.\n */\nfunction ensureExecutable(binaryPath: string): string {\n try {\n fs.accessSync(binaryPath, fs.constants.X_OK);\n } catch {\n // Not executable — try to fix it\n if (process.platform !== 'win32') {\n fs.chmodSync(binaryPath, 0o755);\n }\n }\n return binaryPath;\n}\n\n/**\n * Resolve the native helper binary path.\n * Returns undefined if no binary is found — caller should fall back to pure JS.\n */\nlet _cachedBinaryPath: string | undefined | null = null; // null = not yet resolved\n\nexport function resolveNativeBinary(): string | undefined {\n if (_cachedBinaryPath !== null) return _cachedBinaryPath;\n\n if (process.env._VARLOCK_FORCE_FILE_ENCRYPTION_FALLBACK) {\n debug('_VARLOCK_FORCE_FILE_ENCRYPTION_FALLBACK is set — skipping native binary resolution');\n _cachedBinaryPath = undefined;\n return undefined;\n }\n\n debug(`resolving: platform=${process.platform}, isWSL=${isWSL()}, binaryName=${getPlatformBinaryName()}, subdir=${getNativeBinSubdir()}`);\n\n const seaSibling = resolveSeaSibling();\n if (seaSibling) {\n debug(`resolved via SEA sibling: ${seaSibling}`);\n _cachedBinaryPath = ensureExecutable(seaSibling);\n return _cachedBinaryPath;\n }\n\n const npmBundled = resolveNpmBundled();\n if (npmBundled) {\n debug(`resolved via npm bundled: ${npmBundled}`);\n _cachedBinaryPath = ensureExecutable(npmBundled);\n return _cachedBinaryPath;\n }\n\n const devFallback = resolveDevFallback();\n if (devFallback) {\n debug(`resolved via dev fallback: ${devFallback}`);\n _cachedBinaryPath = ensureExecutable(devFallback);\n return _cachedBinaryPath;\n }\n\n debug('NOT FOUND: no binary resolved from any strategy');\n debug(` SEA sibling dir: ${path.dirname(process.execPath)}`);\n const packageRoot = resolvePackageRoot();\n debug(` npm bundled dir: ${path.join(packageRoot, 'native-bins', getNativeBinSubdir())}`);\n _cachedBinaryPath = undefined;\n return undefined;\n}\n","/**\n * Daemon client for communicating with the native encryption helper binary.\n *\n * Handles daemon lifecycle (spawn, connect, reconnect) and IPC messaging\n * using the 4-byte LE length-prefixed JSON protocol.\n *\n * - macOS/Linux: Unix domain socket\n * - Windows: named pipe (TODO)\n *\n * Generalized from the secure-enclave plugin's EnclaveDaemonClient.\n */\n\nimport net from 'node:net';\nimport path from 'node:path';\nimport fs from 'node:fs';\nimport crypto from 'node:crypto';\nimport { spawn } from 'node:child_process';\n\nimport { getUserVarlockDir } from '../user-config-dir';\nimport { resolveNativeBinary } from './binary-resolver';\nimport type { KeychainItemMeta, KeychainItemRef } from './types';\n\nfunction debug(msg: string) {\n if (process.env.VARLOCK_DEBUG) {\n process.stderr.write(`[varlock:daemon-client] ${msg}\\n`);\n }\n}\n\nfunction getSocketDir(): string {\n return path.join(getUserVarlockDir(), 'local-encrypt');\n}\n\nfunction getSocketPath(): string {\n if (process.platform === 'win32') {\n // Windows named pipe — fixed name shared by all varlock processes\n return '\\\\\\\\.\\\\pipe\\\\varlock-local-encrypt';\n }\n return path.join(getSocketDir(), 'daemon.sock');\n}\n\nfunction getPidPath(): string {\n return path.join(getSocketDir(), 'daemon.pid');\n}\n\nfunction getDaemonInfoPath(): string {\n return path.join(getSocketDir(), 'daemon.info');\n}\n\n/**\n * Check whether the currently running daemon was spawned from the same binary\n * we would spawn now. Compares the resolved binary path and its mtime against\n * the values recorded in daemon.info when the daemon was last started.\n *\n * Returns the stale PID (to kill) if there's a mismatch or no info file\n * exists (daemon predates version tracking), or undefined if daemon is current.\n */\nfunction checkDaemonBinaryStale(): number | undefined {\n const infoPath = getDaemonInfoPath();\n const pidPath = getPidPath();\n\n let info: { binaryPath: string; binaryMtimeMs: number } | undefined;\n try {\n info = JSON.parse(fs.readFileSync(infoPath, 'utf-8'));\n } catch {\n // No info file — daemon predates version tracking, treat as stale\n }\n\n const currentBinaryPath = resolveNativeBinary();\n if (!currentBinaryPath) return undefined; // no binary available at all\n\n if (info) {\n // Path changed (e.g. new npm install, different resolution strategy)\n if (currentBinaryPath !== info.binaryPath) {\n debug(`daemon binary path changed: ${info.binaryPath} → ${currentBinaryPath}`);\n } else {\n // Same path — check if the file was updated in place\n try {\n const stat = fs.statSync(currentBinaryPath);\n if (stat.mtimeMs === info.binaryMtimeMs) {\n debug('daemon binary is current — no restart needed');\n return undefined; // same binary, daemon is current\n }\n debug(`daemon binary mtime changed: ${info.binaryMtimeMs} → ${stat.mtimeMs}`);\n } catch {\n return undefined; // can't stat, assume OK\n }\n }\n } else {\n debug('no daemon.info file — treating running daemon as stale');\n }\n\n // Binary changed — read PID so caller can kill the stale daemon\n try {\n const pid = parseInt(fs.readFileSync(pidPath, 'utf-8').trim(), 10);\n process.kill(pid, 0); // verify process is alive\n return pid;\n } catch {\n return undefined; // stale PID or process already gone\n }\n}\n\n/** Write daemon.info recording which binary was used to spawn the daemon */\nfunction writeDaemonInfo(binaryPath: string): void {\n try {\n const stat = fs.statSync(binaryPath);\n fs.writeFileSync(getDaemonInfoPath(), JSON.stringify({\n binaryPath,\n binaryMtimeMs: stat.mtimeMs,\n }));\n } catch {\n // Non-fatal — version checking just won't work this time\n }\n}\n\nexport class DaemonClient {\n private socket: net.Socket | null = null;\n private messageQueue = new Map<string, {\n resolve: (value: any) => void;\n reject: (error: Error) => void;\n }>();\n private isConnected = false;\n private buffer = Buffer.alloc(0);\n private connectingPromise: Promise<void> | null = null;\n /** Set after we spawn a daemon in this process — skip stale check to avoid restart loops */\n private spawnedInThisProcess = false;\n\n async ensureConnected(): Promise<void> {\n if (this.isConnected && this.socket) return;\n\n // Deduplicate concurrent ensureConnected calls — multiple varlock() items\n // may resolve concurrently and all call decrypt → ensureConnected\n if (this.connectingPromise) return this.connectingPromise;\n\n this.connectingPromise = this.doConnect();\n try {\n await this.connectingPromise;\n } finally {\n this.connectingPromise = null;\n }\n }\n\n /**\n * Try to connect to an existing daemon without spawning a new one.\n * Returns true if connected, false if no daemon is running.\n */\n async tryConnect(): Promise<boolean> {\n if (this.isConnected && this.socket) return true;\n const socketPath = getSocketPath();\n try {\n await this.connectToSocket(socketPath);\n return true;\n } catch {\n return false;\n }\n }\n\n private async doConnect(): Promise<void> {\n const socketPath = getSocketPath();\n\n // Check if a running daemon was spawned from a stale binary\n const stalePid = this.spawnedInThisProcess ? undefined : checkDaemonBinaryStale();\n if (stalePid) {\n debug(`killing stale daemon (pid ${stalePid}) — binary has been updated`);\n try {\n process.kill(stalePid, 'SIGTERM');\n } catch {\n // already gone\n }\n // Clean up so spawnDaemon doesn't think a daemon is still running\n for (const file of [getPidPath(), getDaemonInfoPath()]) {\n try {\n fs.unlinkSync(file);\n } catch { /* ignore */ }\n }\n if (process.platform !== 'win32') {\n try {\n fs.unlinkSync(socketPath);\n } catch { /* ignore */ }\n }\n } else {\n try {\n await this.connectToSocket(socketPath);\n return;\n } catch {\n // Daemon not running, spawn it\n }\n }\n\n try {\n await this.spawnDaemon();\n } catch {\n // Another process may have won the race to spawn the daemon.\n // Wait briefly for it to be ready, then try connecting.\n await new Promise<void>((r) => {\n setTimeout(r, 1000);\n });\n }\n await this.connectToSocket(socketPath);\n }\n\n async decrypt(ciphertext: string, keyId = 'varlock-default'): Promise<string> {\n await this.ensureConnected();\n const result = await this.sendMessage({\n action: 'decrypt',\n payload: { ciphertext, keyId },\n });\n if (typeof result === 'string') return result;\n if (result && typeof result === 'object' && 'error' in result) {\n throw new Error(String(result.error));\n }\n return String(result);\n }\n\n async promptSecret(opts?: {\n itemKey?: string;\n message?: string;\n keyId?: string;\n }): Promise<string | undefined> {\n await this.ensureConnected();\n try {\n const result = await this.sendMessage({\n action: 'prompt-secret',\n payload: {\n itemKey: opts?.itemKey,\n message: opts?.message,\n keyId: opts?.keyId,\n },\n });\n if (result && typeof result === 'object' && 'ciphertext' in result) {\n return result.ciphertext as string;\n }\n return undefined;\n } catch (err) {\n if (err instanceof Error && err.message === 'cancelled') return undefined;\n throw err;\n }\n }\n\n async invalidateSession(): Promise<void> {\n await this.ensureConnected();\n await this.sendMessage({ action: 'invalidate-session' });\n }\n\n async keychainGet(opts: { service?: string; account?: string; keychain?: string; field?: string }): Promise<string> {\n await this.ensureConnected();\n const result = await this.sendMessage({\n action: 'keychain-get',\n payload: opts,\n });\n if (typeof result === 'string') return result;\n if (result && typeof result === 'object' && 'error' in result) {\n throw new Error(String(result.error));\n }\n return String(result);\n }\n\n async keychainSearch(opts?: { query?: string; keychain?: string }): Promise<Array<KeychainItemMeta>> {\n await this.ensureConnected();\n const result = await this.sendMessage({\n action: 'keychain-search',\n payload: opts ?? {},\n });\n return (result ?? []) as Array<KeychainItemMeta>;\n }\n\n async keychainPick(opts?: { itemKey?: string }): Promise<KeychainItemRef | undefined> {\n await this.ensureConnected();\n try {\n const result = await this.sendMessage({\n action: 'keychain-pick',\n payload: { itemKey: opts?.itemKey },\n });\n if (result && typeof result === 'object' && 'service' in result) {\n return result as KeychainItemRef;\n }\n return undefined;\n } catch (err) {\n if (err instanceof Error && err.message === 'cancelled') return undefined;\n throw err;\n }\n }\n\n cleanup(): void {\n for (const { reject } of this.messageQueue.values()) {\n reject(new Error('Connection closed'));\n }\n this.messageQueue.clear();\n this.socket?.end();\n this.socket = null;\n this.isConnected = false;\n this.buffer = Buffer.alloc(0);\n }\n\n // -- Private --\n\n private connectToSocket(socketPath: string): Promise<void> {\n return new Promise((resolve, reject) => {\n const socket = new net.Socket();\n const timeout = setTimeout(() => {\n socket.destroy();\n reject(new Error('Connection timeout'));\n }, 5000);\n\n socket.on('connect', () => {\n clearTimeout(timeout);\n this.socket = socket;\n this.isConnected = true;\n this.buffer = Buffer.alloc(0);\n resolve();\n });\n\n socket.on('data', (data: Buffer) => {\n this.handleData(data);\n });\n\n socket.on('error', (err) => {\n clearTimeout(timeout);\n this.isConnected = false;\n reject(err);\n });\n\n socket.on('close', () => {\n this.isConnected = false;\n this.socket = null;\n });\n\n socket.connect(socketPath);\n });\n }\n\n private handleData(data: Buffer): void {\n this.buffer = Buffer.concat([this.buffer, data]);\n\n while (this.buffer.length >= 4) {\n const messageLength = this.buffer.readUInt32LE(0);\n if (this.buffer.length < 4 + messageLength) break;\n\n const messageData = this.buffer.subarray(4, 4 + messageLength);\n this.buffer = this.buffer.subarray(4 + messageLength);\n\n try {\n const message = JSON.parse(messageData.toString());\n if (message.id && this.messageQueue.has(message.id)) {\n const { resolve: res, reject: rej } = this.messageQueue.get(message.id)!;\n this.messageQueue.delete(message.id);\n if (message.error) {\n rej(new Error(message.error));\n } else {\n res(message.result);\n }\n }\n } catch {\n // Ignore malformed messages\n }\n }\n }\n\n private sendMessage(message: Record<string, any>): Promise<any> {\n return new Promise((resolve, reject) => {\n if (!this.isConnected || !this.socket) {\n reject(new Error('Not connected to daemon'));\n return;\n }\n\n const messageId = `${Date.now().toString(36)}-${crypto.randomBytes(4).toString('hex')}`;\n const messageWithId = { ...message, id: messageId };\n const jsonData = JSON.stringify(messageWithId);\n const messageBytes = Buffer.from(jsonData, 'utf-8');\n\n const lengthBuf = Buffer.alloc(4);\n lengthBuf.writeUInt32LE(messageBytes.length, 0);\n\n this.messageQueue.set(messageId, { resolve, reject });\n this.socket.write(Buffer.concat([lengthBuf, messageBytes]));\n });\n }\n\n private async spawnDaemon(): Promise<void> {\n const binaryPath = resolveNativeBinary();\n if (!binaryPath) {\n throw new Error('Native encryption binary not found — cannot start daemon');\n }\n\n const socketPath = getSocketPath();\n const pidPath = getPidPath();\n const isWindows = process.platform === 'win32';\n\n // Ensure PID directory exists (don't mkdir for Windows pipe paths)\n if (!isWindows) {\n fs.mkdirSync(path.dirname(socketPath), { recursive: true });\n }\n fs.mkdirSync(path.dirname(pidPath), { recursive: true });\n\n // Check for existing daemon via PID\n if (fs.existsSync(pidPath)) {\n try {\n const pid = parseInt(fs.readFileSync(pidPath, 'utf-8').trim(), 10);\n process.kill(pid, 0); // Throws if process doesn't exist\n // Process is alive — wait briefly and let ensureConnected retry\n await new Promise<void>((r) => {\n setTimeout(r, 500);\n });\n return;\n } catch {\n // Stale PID file — clean up both PID and socket\n }\n }\n\n // Clean up stale files before spawning\n // On Windows, named pipes don't leave files — only clean PID and Unix sockets\n if (!isWindows) {\n for (const file of [socketPath, pidPath, getDaemonInfoPath()]) {\n if (fs.existsSync(file)) {\n fs.unlinkSync(file);\n }\n }\n // Verify socket file is actually gone\n if (fs.existsSync(socketPath)) {\n throw new Error(`Failed to clean up stale socket file: ${socketPath}`);\n }\n } else {\n // Clean PID + info files on Windows (named pipes don't leave socket files)\n for (const file of [pidPath, getDaemonInfoPath()]) {\n if (fs.existsSync(file)) {\n fs.unlinkSync(file);\n }\n }\n }\n\n return new Promise((resolve, reject) => {\n const child = spawn(binaryPath, [\n 'daemon',\n '--socket-path',\n socketPath,\n '--pid-path',\n pidPath,\n ], {\n detached: true,\n stdio: ['ignore', 'pipe', 'pipe'],\n });\n\n const timeout = setTimeout(() => {\n reject(new Error('Daemon failed to start within timeout'));\n }, 10000);\n\n let stdoutData = '';\n let stderrData = '';\n\n child.stdout!.on('data', (data: Buffer) => {\n stdoutData += data.toString();\n try {\n const parsed = JSON.parse(stdoutData);\n if (parsed.ready) {\n clearTimeout(timeout);\n writeDaemonInfo(binaryPath);\n this.spawnedInThisProcess = true;\n child.unref();\n child.stdout!.destroy();\n child.stderr!.destroy();\n resolve();\n }\n } catch {\n // Incomplete JSON, keep buffering\n }\n });\n\n child.stderr!.on('data', (data: Buffer) => {\n stderrData += data.toString();\n });\n\n child.on('error', (err) => {\n clearTimeout(timeout);\n reject(new Error(`Failed to spawn daemon: ${err.message}`));\n });\n\n child.on('exit', (code) => {\n clearTimeout(timeout);\n if (code !== 0) {\n const details = [\n stderrData.trim() && `stderr: ${stderrData.trim()}`,\n stdoutData.trim() && `stdout: ${stdoutData.trim()}`,\n `binary: ${binaryPath}`,\n `socket: ${socketPath}`,\n ].filter(Boolean).join('\\n');\n reject(new Error(`Daemon exited with code ${code}\\n${details}`));\n }\n });\n });\n }\n}\n","/**\n * Pure JS ECIES implementation using Node.js Web Crypto API.\n *\n * Wire-compatible with the Swift Secure Enclave implementation:\n * - P-256 ECDH key agreement\n * - HKDF-SHA256 (salt: \"varlock-ecies-v1\", info: ephemeralPub || recipientPub)\n * - AES-256-GCM with random 12-byte nonce\n * - Payload: version(1) | ephemeralPubKey(65) | nonce(12) | ciphertext(N) | tag(16)\n *\n * Adapted from PR #19's apple-crypto.ts, modified to match the custom ECIES scheme\n * used by the Swift SecureEnclaveManager rather than Apple's built-in variant.\n */\n\nimport { webcrypto } from 'node:crypto';\n\nconst subtle = webcrypto.subtle;\n\nconst PAYLOAD_VERSION = 0x01;\nconst HKDF_SALT = new TextEncoder().encode('varlock-ecies-v1');\nconst EC_ALGORITHM = { name: 'ECDH', namedCurve: 'P-256' };\n\n/** Uncompressed P-256 public key is 65 bytes (0x04 || x(32) || y(32)) */\nconst PUBLIC_KEY_LENGTH = 65;\nconst NONCE_LENGTH = 12;\nconst TAG_LENGTH = 16;\nconst HEADER_LENGTH = 1 + PUBLIC_KEY_LENGTH + NONCE_LENGTH; // version + pubkey + nonce\n\n// Bun's types are stricter about BufferSource (requires ArrayBuffer, not ArrayBufferLike).\n// This type assertion is safe — we always work with standard ArrayBuffers.\n\nconst bs = (data: Uint8Array | ArrayBuffer) => data as any;\n\n// ── Key types ──────────────────────────────────────────────────────────\n\nexport interface EcKeyPair {\n /** Base64-encoded uncompressed P-256 public key (65 bytes raw) */\n publicKey: string;\n /** Base64-encoded PKCS8 private key */\n privateKey: string;\n}\n\n// ── Utilities ──────────────────────────────────────────────────────────\n\nfunction concatBuffers(...buffers: Array<Uint8Array>): Uint8Array {\n const totalLength = buffers.reduce((sum, b) => sum + b.length, 0);\n const result = new Uint8Array(totalLength);\n let offset = 0;\n for (const buf of buffers) {\n result.set(buf, offset);\n offset += buf.length;\n }\n return result;\n}\n\nfunction bufferToBase64(buffer: ArrayBuffer | Uint8Array): string {\n if (buffer instanceof Uint8Array) {\n return Buffer.from(buffer.buffer, buffer.byteOffset, buffer.byteLength).toString('base64');\n }\n return Buffer.from(buffer).toString('base64');\n}\n\nfunction base64ToUint8(base64: string): Uint8Array {\n const buf = Buffer.from(base64, 'base64');\n return new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);\n}\n\n// ── HKDF-SHA256 ────────────────────────────────────────────────────────\n\n/**\n * HKDF-SHA256 (RFC 5869) — matches the Swift SecureEnclaveManager.deriveKey implementation.\n *\n * We implement this manually rather than using Web Crypto's built-in HKDF because\n * the Web Crypto HKDF requires importing the input key material as a CryptoKey,\n * which adds complexity. This manual implementation is a direct port of the Swift code.\n */\nasync function hkdfSha256(\n ikm: Uint8Array,\n salt: Uint8Array,\n info: Uint8Array,\n outputByteCount: number,\n): Promise<Uint8Array> {\n // HKDF-Extract: PRK = HMAC-SHA256(salt, IKM)\n const saltKey = await subtle.importKey('raw', bs(salt), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);\n const prk = new Uint8Array(await subtle.sign('HMAC', saltKey, bs(ikm)));\n\n // HKDF-Expand: OKM = T(1) || T(2) || ...\n const prkKey = await subtle.importKey('raw', bs(prk), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);\n const okm = new Uint8Array(outputByteCount);\n let t = new Uint8Array(0);\n let offset = 0;\n let counter = 1;\n\n while (offset < outputByteCount) {\n const input = concatBuffers(t, info, new Uint8Array([counter]));\n t = new Uint8Array(await subtle.sign('HMAC', prkKey, bs(input)));\n okm.set(t.slice(0, Math.min(t.length, outputByteCount - offset)), offset);\n offset += t.length;\n counter++;\n }\n\n return okm;\n}\n\n// ── Key management ─────────────────────────────────────────────────────\n\n/** Import a public key from its base64-encoded uncompressed representation. */\nasync function importPublicKey(base64: string): Promise<CryptoKey> {\n return subtle.importKey('raw', bs(base64ToUint8(base64)), EC_ALGORITHM, true, []);\n}\n\n/** Import a private key from its base64-encoded PKCS8 representation. */\nasync function importPrivateKey(base64: string): Promise<CryptoKey> {\n return subtle.importKey('pkcs8', bs(base64ToUint8(base64)), EC_ALGORITHM, true, ['deriveBits']);\n}\n\n/** Generate a new P-256 ECDH key pair. */\nexport async function createKeyPair(): Promise<EcKeyPair> {\n const keyPair = await subtle.generateKey(EC_ALGORITHM, true, ['deriveBits']);\n\n const publicKeyRaw = await subtle.exportKey('raw', keyPair.publicKey);\n const privateKeyPkcs8 = await subtle.exportKey('pkcs8', keyPair.privateKey);\n\n return {\n publicKey: bufferToBase64(publicKeyRaw),\n privateKey: bufferToBase64(privateKeyPkcs8),\n };\n}\n\n// ── ECIES encrypt ──────────────────────────────────────────────────────\n\n/**\n * Encrypt plaintext using ECIES with the recipient's public key.\n *\n * @param publicKeyBase64 - Base64-encoded uncompressed P-256 public key (65 bytes raw)\n * @param plaintext - UTF-8 string to encrypt\n * @returns Base64-encoded ciphertext payload\n */\nexport async function encrypt(publicKeyBase64: string, plaintext: string): Promise<string> {\n const recipientPublicKey = await importPublicKey(publicKeyBase64);\n const recipientPubKeyRaw = base64ToUint8(publicKeyBase64);\n\n // Generate ephemeral key pair\n const ephemeralKeyPair = await subtle.generateKey(EC_ALGORITHM, true, ['deriveBits']);\n const ephemeralPubKeyRaw = new Uint8Array(await subtle.exportKey('raw', ephemeralKeyPair.publicKey));\n\n // ECDH: ephemeral private × recipient public → shared secret (32 bytes for P-256)\n const sharedSecretBits = await subtle.deriveBits(\n { name: 'ECDH', public: recipientPublicKey },\n ephemeralKeyPair.privateKey,\n 256,\n );\n const sharedSecret = new Uint8Array(sharedSecretBits);\n\n // HKDF-SHA256 → AES-256 key\n const info = concatBuffers(ephemeralPubKeyRaw, recipientPubKeyRaw);\n const aesKey = await hkdfSha256(sharedSecret, HKDF_SALT, info, 32);\n\n // AES-256-GCM encrypt\n const nonce = webcrypto.getRandomValues(new Uint8Array(NONCE_LENGTH));\n const plaintextBytes = new TextEncoder().encode(plaintext);\n\n const cryptoKey = await subtle.importKey('raw', bs(aesKey), 'AES-GCM', false, ['encrypt']);\n const encrypted = new Uint8Array(\n await subtle.encrypt({ name: 'AES-GCM', iv: bs(nonce), tagLength: TAG_LENGTH * 8 }, cryptoKey, bs(plaintextBytes)),\n );\n\n // Web Crypto appends the tag to ciphertext — split them to match Swift format\n const ciphertext = encrypted.slice(0, encrypted.length - TAG_LENGTH);\n const tag = encrypted.slice(encrypted.length - TAG_LENGTH);\n\n // Assemble payload: version(1) | ephemeralPub(65) | nonce(12) | ciphertext(N) | tag(16)\n const payload = concatBuffers(\n new Uint8Array([PAYLOAD_VERSION]),\n ephemeralPubKeyRaw,\n nonce,\n ciphertext,\n tag,\n );\n\n return bufferToBase64(payload);\n}\n\n// ── ECIES decrypt ──────────────────────────────────────────────────────\n\n/**\n * Decrypt ciphertext using ECIES with the recipient's private key.\n *\n * @param privateKeyBase64 - Base64-encoded PKCS8 private key\n * @param publicKeyBase64 - Base64-encoded uncompressed P-256 public key of the recipient\n * @param ciphertextBase64 - Base64-encoded ciphertext payload\n * @returns Decrypted UTF-8 string\n */\nexport async function decrypt(\n privateKeyBase64: string,\n publicKeyBase64: string,\n ciphertextBase64: string,\n): Promise<string> {\n const payloadBytes = base64ToUint8(ciphertextBase64);\n\n if (payloadBytes.byteLength < HEADER_LENGTH + TAG_LENGTH) {\n throw new Error('Payload too short');\n }\n\n // Parse payload\n const version = payloadBytes[0];\n if (version !== PAYLOAD_VERSION) {\n throw new Error(`Unsupported payload version: ${version}`);\n }\n\n const ephemeralPubKeyRaw = payloadBytes.slice(1, 1 + PUBLIC_KEY_LENGTH);\n const nonce = payloadBytes.slice(1 + PUBLIC_KEY_LENGTH, HEADER_LENGTH);\n const ciphertextAndTag = payloadBytes.slice(HEADER_LENGTH);\n\n if (ciphertextAndTag.length < TAG_LENGTH) {\n throw new Error('Payload too short for tag');\n }\n\n // Import keys\n const privateKey = await importPrivateKey(privateKeyBase64);\n const ephemeralPublicKey = await subtle.importKey('raw', bs(ephemeralPubKeyRaw), EC_ALGORITHM, true, []);\n\n // Recipient public key bytes for HKDF info\n const recipientPubKeyRaw = base64ToUint8(publicKeyBase64);\n\n // ECDH: recipient private × ephemeral public → shared secret\n const sharedSecretBits = await subtle.deriveBits(\n { name: 'ECDH', public: ephemeralPublicKey },\n privateKey,\n 256,\n );\n const sharedSecret = new Uint8Array(sharedSecretBits);\n\n // HKDF-SHA256 → AES-256 key (must match encrypt side)\n const info = concatBuffers(ephemeralPubKeyRaw, recipientPubKeyRaw);\n const aesKey = await hkdfSha256(sharedSecret, HKDF_SALT, info, 32);\n\n // AES-256-GCM decrypt\n // Web Crypto expects ciphertext + tag concatenated\n const cryptoKey = await subtle.importKey('raw', bs(aesKey), 'AES-GCM', false, ['decrypt']);\n try {\n const decrypted = await subtle.decrypt(\n { name: 'AES-GCM', iv: bs(nonce), tagLength: TAG_LENGTH * 8 },\n cryptoKey,\n bs(ciphertextAndTag), // already ciphertext || tag\n );\n return new TextDecoder().decode(decrypted);\n } catch (err) {\n throw new Error(\n 'Unable to decrypt value',\n { cause: err },\n );\n }\n}\n","/**\n * File-based local encryption backend.\n *\n * Stores P-256 ECDH key pairs as JSON files on disk with restricted permissions.\n * Uses the pure JS ECIES implementation for all crypto operations.\n * Works on all platforms — no native binary required.\n */\n\nimport fs from 'node:fs';\nimport path from 'node:path';\nimport { getUserVarlockDir } from '../user-config-dir';\nimport { createKeyPair, encrypt, decrypt } from './crypto';\n\nconst KEY_STORE_SUBDIR = 'local-encrypt/keys';\nconst DEFAULT_KEY_ID = 'varlock-default';\n\ninterface StoredKeyPair {\n keyId: string;\n publicKey: string;\n privateKey: string;\n protectedPrivateKey?: string;\n protection?: 'none' | string;\n createdAt: string;\n}\n\nfunction getKeyStorePath(): string {\n return path.join(getUserVarlockDir(), KEY_STORE_SUBDIR);\n}\n\nfunction getKeyFilePath(keyId: string): string {\n return path.join(getKeyStorePath(), `${keyId}.json`);\n}\n\n// ── Key management ─────────────────────────────────────────────────────\n\nexport function keyExists(keyId: string = DEFAULT_KEY_ID): boolean {\n return fs.existsSync(getKeyFilePath(keyId));\n}\n\nexport async function generateKey(keyId: string = DEFAULT_KEY_ID): Promise<{ keyId: string; publicKey: string }> {\n const keyPair = await createKeyPair();\n\n const stored: StoredKeyPair = {\n keyId,\n publicKey: keyPair.publicKey,\n privateKey: keyPair.privateKey,\n createdAt: new Date().toISOString(),\n };\n\n const keyStorePath = getKeyStorePath();\n fs.mkdirSync(keyStorePath, { recursive: true });\n\n const filePath = getKeyFilePath(keyId);\n fs.writeFileSync(filePath, JSON.stringify(stored, null, 2), { mode: 0o600 });\n\n return { keyId, publicKey: keyPair.publicKey };\n}\n\nexport function deleteKey(keyId: string = DEFAULT_KEY_ID): boolean {\n const filePath = getKeyFilePath(keyId);\n try {\n fs.unlinkSync(filePath);\n return true;\n } catch {\n return false;\n }\n}\n\nexport function listKeys(): Array<string> {\n const keyStorePath = getKeyStorePath();\n try {\n return fs.readdirSync(keyStorePath)\n .filter((f) => f.endsWith('.json'))\n .map((f) => f.slice(0, -5));\n } catch {\n return [];\n }\n}\n\n// ── Internal key loading ───────────────────────────────────────────────\n\nfunction loadKeyPair(keyId: string): StoredKeyPair {\n const filePath = getKeyFilePath(keyId);\n if (!fs.existsSync(filePath)) {\n throw new Error(`Key not found: ${keyId}`);\n }\n const data = fs.readFileSync(filePath, 'utf-8');\n const parsed = JSON.parse(data) as Partial<StoredKeyPair>;\n\n // Back-compat: older key files store private material under\n // `protectedPrivateKey` with `protection: \"none\"`.\n const privateKey = parsed.privateKey\n ?? (parsed.protection === 'none' ? parsed.protectedPrivateKey : undefined)\n ?? parsed.protectedPrivateKey;\n\n if (!parsed.publicKey || !privateKey) {\n throw new Error(`Invalid key file format for key: ${keyId}`);\n }\n\n return {\n keyId: parsed.keyId || keyId,\n publicKey: parsed.publicKey,\n privateKey,\n createdAt: parsed.createdAt || new Date().toISOString(),\n protection: parsed.protection,\n protectedPrivateKey: parsed.protectedPrivateKey,\n };\n}\n\nfunction getPublicKey(keyId: string): string {\n return loadKeyPair(keyId).publicKey;\n}\n\n// ── Encrypt / Decrypt ──────────────────────────────────────────────────\n\nexport async function encryptValue(plaintext: string, keyId: string = DEFAULT_KEY_ID): Promise<string> {\n const publicKey = getPublicKey(keyId);\n return encrypt(publicKey, plaintext);\n}\n\nexport async function decryptValue(ciphertext: string, keyId: string = DEFAULT_KEY_ID): Promise<string> {\n const stored = loadKeyPair(keyId);\n return decrypt(stored.privateKey, stored.publicKey, ciphertext);\n}\n","/**\n * Cross-platform local encryption for varlock.\n *\n * Provides a unified API for encrypting/decrypting secrets using the best\n * available backend on the current platform:\n *\n * 1. macOS Secure Enclave (Swift binary) — hardware-backed, Touch ID\n * 2. Windows TPM/Hello (Rust binary) — hardware-backed, Windows Hello (TODO)\n * 3. Linux TPM2 (Rust binary) — hardware-backed (TODO)\n * 4. File-based (pure JS) — universal fallback, no native binary needed\n */\n\nimport { execFileSync, spawnSync } from 'node:child_process';\nimport fs from 'node:fs';\nimport { resolveNativeBinary } from './binary-resolver';\nimport { DaemonClient } from './daemon-client';\nimport * as fileBackend from './file-backend';\nimport { isWSL } from './wsl-detect';\nimport type { BackendInfo, BackendType, NativeStatusResult } from './types';\n\nexport type { BackendInfo, BackendType } from './types';\n\nconst DEFAULT_KEY_ID = 'varlock-default';\n\n/** Debug logger — prints to stderr when VARLOCK_DEBUG is set */\nfunction debug(msg: string) {\n if (process.env.VARLOCK_DEBUG) {\n process.stderr.write(`[varlock:local-encrypt] ${msg}\\n`);\n }\n}\n\n/**\n * Get a TTY identifier for session scoping.\n * Reads the controlling terminal from /proc/self/fd/0 or falls back to PID.\n */\nlet _cachedTtyId: string | undefined;\nfunction getSelfTtyId(): string {\n if (_cachedTtyId) return _cachedTtyId;\n try {\n const ttyPath = fs.readlinkSync('/proc/self/fd/0');\n if (ttyPath && ttyPath.startsWith('/dev/')) {\n _cachedTtyId = ttyPath;\n return ttyPath;\n }\n } catch {\n // Not available\n }\n _cachedTtyId = `pid:${process.pid}`;\n return _cachedTtyId;\n}\n\nlet _wslDaemonPrestartAttempted = false;\n\nfunction toWindowsPathFromWsl(pathInWsl: string): string | undefined {\n if (!isWSL()) return undefined;\n try {\n return execFileSync('wslpath', ['-w', pathInWsl], {\n encoding: 'utf-8',\n timeout: 10_000,\n }).trim();\n } catch (err) {\n debug(`toWindowsPathFromWsl failed: ${err instanceof Error ? err.message : err}`);\n return undefined;\n }\n}\n\nfunction tryPrestartWindowsDaemonFromWsl(binaryPath: string): boolean {\n if (_wslDaemonPrestartAttempted) {\n return true;\n }\n\n const windowsPath = toWindowsPathFromWsl(binaryPath);\n if (!windowsPath) {\n return false;\n }\n\n // Ask native PowerShell to seed the daemon in the interactive desktop\n // session. This returns quickly; the follow-up decrypt call has a longer\n // timeout and the helper's own daemon retry path to absorb startup latency.\n const escapedPath = windowsPath.replaceAll(\"'\", \"''\");\n const psScript = `Start-Process -WindowStyle Hidden -FilePath '${escapedPath}' -ArgumentList 'start-daemon'`;\n const proc = spawnSync('powershell.exe', [\n '-NoProfile',\n '-NonInteractive',\n '-ExecutionPolicy',\n 'Bypass',\n '-Command',\n psScript,\n ], {\n encoding: 'utf-8',\n timeout: 20_000,\n });\n\n if (proc.error) {\n debug(`tryPrestartWindowsDaemonFromWsl: powershell error: ${proc.error.message}`);\n return false;\n }\n if (proc.status !== 0) {\n debug(`tryPrestartWindowsDaemonFromWsl: powershell exit ${proc.status}: ${(proc.stderr || proc.stdout || '').trim()}`);\n return false;\n }\n\n debug('tryPrestartWindowsDaemonFromWsl: start-daemon invoked via PowerShell');\n _wslDaemonPrestartAttempted = true;\n return true;\n}\n\nfunction pingWindowsDaemonFromWsl(binaryPath: string, timeoutMs: number = 2_000): boolean {\n const proc = spawnSync(binaryPath, ['ping-daemon'], {\n encoding: 'utf-8',\n timeout: timeoutMs,\n });\n\n if (proc.error || proc.status !== 0) {\n return false;\n }\n\n try {\n const parsed = JSON.parse((proc.stdout || '').trim()) as { ready?: boolean };\n return parsed.ready === true;\n } catch {\n return false;\n }\n}\n\nfunction waitForWindowsDaemonFromWsl(binaryPath: string, timeoutMs: number = 12_000): boolean {\n const deadline = Date.now() + timeoutMs;\n\n while (Date.now() < deadline) {\n if (pingWindowsDaemonFromWsl(binaryPath)) {\n debug('waitForWindowsDaemonFromWsl: daemon is ready');\n return true;\n }\n\n Atomics.wait(new Int32Array(new SharedArrayBuffer(4)), 0, 0, 150);\n }\n\n debug('waitForWindowsDaemonFromWsl: timed out waiting for daemon readiness');\n return false;\n}\n\n// ── Native binary one-shot commands ────────────────────────────────────\n\nfunction runNativeBinary(args: Array<string>, opts?: { timeout?: number }): string {\n const binaryPath = resolveNativeBinary();\n if (!binaryPath) {\n debug('runNativeBinary: no binary found');\n throw new Error('Native binary not found');\n }\n debug(`runNativeBinary: ${binaryPath} ${args.join(' ')}`);\n const output = execFileSync(binaryPath, args, {\n encoding: 'utf-8',\n timeout: opts?.timeout ?? 30_000,\n }).trim();\n debug(`runNativeBinary result: ${output.slice(0, 200)}`);\n return output;\n}\n\nfunction runNativeBinaryJson<T = Record<string, unknown>>(args: Array<string>, opts?: { timeout?: number }): T {\n const output = runNativeBinary(args, opts);\n const parsed = JSON.parse(output);\n if (parsed.error) {\n throw new Error(parsed.error);\n }\n return parsed as T;\n}\n\n// ── Backend detection ──────────────────────────────────────────────────\n\nlet cachedBackendInfo: BackendInfo | undefined;\n/** Keys reported by the status command — avoids a separate key-exists .exe spawn on WSL2 */\nlet cachedStatusKeys: Array<string> | undefined;\n\nfunction detectBackendType(): { type: BackendType; isFileFallback: boolean } {\n const binaryPath = resolveNativeBinary();\n debug(`detectBackendType: binaryPath=${binaryPath ?? 'NOT FOUND'}, isWSL=${isWSL()}, platform=${process.platform}`);\n if (!binaryPath) {\n // All supported platforms (macOS, Windows, Linux, WSL2) should have a native binary\n const isFileFallback = ['darwin', 'win32', 'linux'].includes(process.platform);\n return { type: 'file', isFileFallback };\n }\n\n // WSL2 uses the Windows binary for DPAPI + Windows Hello\n if (isWSL()) return { type: 'windows-tpm', isFileFallback: false };\n\n switch (process.platform) {\n case 'darwin': return { type: 'secure-enclave', isFileFallback: false };\n case 'win32': return { type: 'windows-tpm', isFileFallback: false };\n case 'linux': return { type: 'linux-tpm', isFileFallback: false };\n default: return { type: 'file', isFileFallback: false };\n }\n}\n\n/** Get information about the active encryption backend. */\nexport function getBackendInfo(): BackendInfo {\n if (cachedBackendInfo) return cachedBackendInfo;\n\n const { type, isFileFallback } = detectBackendType();\n const binaryPath = type !== 'file' ? resolveNativeBinary() : undefined;\n\n if (type !== 'file' && binaryPath) {\n // Query the native binary for its actual capabilities\n try {\n const status = runNativeBinaryJson<NativeStatusResult>(['status']);\n debug(`getBackendInfo: status result: hardwareBacked=${status.hardwareBacked}, biometricAvailable=${status.biometricAvailable}, backend=${status.backend}, keys=${status.keys?.join(',')}`);\n cachedStatusKeys = status.keys;\n cachedBackendInfo = {\n type,\n platform: process.platform,\n hardwareBacked: status.hardwareBacked,\n biometricAvailable: status.biometricAvailable,\n binaryPath,\n };\n } catch (err) {\n // Binary failed — fall back to reasonable defaults\n debug(`getBackendInfo: status command failed: ${err instanceof Error ? err.message : err}`);\n cachedBackendInfo = {\n type,\n platform: process.platform,\n hardwareBacked: type === 'secure-enclave',\n biometricAvailable: type === 'secure-enclave',\n binaryPath,\n };\n }\n } else {\n debug(`getBackendInfo: using file backend (type=${type}, binaryPath=${binaryPath ?? 'none'}, isFileFallback=${isFileFallback})`);\n if (isFileFallback && !process.env._VARLOCK_FORCE_FILE_ENCRYPTION_FALLBACK) {\n process.stderr.write(\n '[varlock] Warning: native encryption binary not found, falling back to file-based encryption (not hardware-backed)\\n',\n );\n }\n cachedBackendInfo = {\n type,\n platform: process.platform,\n hardwareBacked: false,\n biometricAvailable: false,\n binaryPath: undefined,\n isFileFallback,\n };\n }\n\n debug(`getBackendInfo: final result: type=${cachedBackendInfo!.type}, biometric=${cachedBackendInfo!.biometricAvailable}, hwBacked=${cachedBackendInfo!.hardwareBacked}`);\n return cachedBackendInfo!;\n}\n\n// ── Daemon client (singleton for biometric-enabled backends) ───────────\n\nlet daemonClient: DaemonClient | undefined;\n\nexport function getDaemonClient(): DaemonClient {\n daemonClient ||= new DaemonClient();\n return daemonClient;\n}\n\n// ── Key management ─────────────────────────────────────────────────────\n\n/** Check if a key exists. */\nexport function keyExists(keyId: string = DEFAULT_KEY_ID): boolean {\n const backend = getBackendInfo();\n if (backend.type === 'file') {\n return fileBackend.keyExists(keyId);\n }\n // Use cached keys from status command to avoid an extra .exe spawn (significant on WSL2)\n if (cachedStatusKeys) {\n debug(`keyExists: using cached status keys for ${keyId}`);\n return cachedStatusKeys.includes(keyId);\n }\n const result = runNativeBinaryJson<{ exists: boolean }>(['key-exists', '--key-id', keyId]);\n return result.exists;\n}\n\n/** Generate a new encryption key. */\nexport async function generateKey(keyId: string = DEFAULT_KEY_ID): Promise<{ keyId: string; publicKey: string }> {\n const backend = getBackendInfo();\n if (backend.type === 'file') {\n return fileBackend.generateKey(keyId);\n }\n return runNativeBinaryJson<{ keyId: string; publicKey: string }>(['generate-key', '--key-id', keyId]);\n}\n\n/** Ensure a key exists, generating one if necessary. */\nexport async function ensureKey(keyId: string = DEFAULT_KEY_ID): Promise<void> {\n if (!keyExists(keyId)) {\n await generateKey(keyId);\n }\n}\n\n// ── Encrypt / Decrypt ──────────────────────────────────────────────────\n\n/**\n * Encrypt a plaintext value.\n *\n * For hardware-backed backends, encryption uses the public key only (no biometric needed).\n * For file-based backend, uses the pure JS ECIES implementation.\n */\nexport async function encryptValue(plaintext: string, keyId: string = DEFAULT_KEY_ID): Promise<string> {\n const backend = getBackendInfo();\n if (backend.type === 'file') {\n return fileBackend.encryptValue(plaintext, keyId);\n }\n // Native binary encrypt (one-shot, no biometric needed for encrypt)\n const b64Input = Buffer.from(plaintext, 'utf-8').toString('base64');\n if (isWSL()) {\n // On WSL2, pass data via stdin to avoid arg mangling across the WSL/Windows boundary\n const binaryPath = resolveNativeBinary();\n if (!binaryPath) throw new Error('Native binary not found');\n const proc = spawnSync(binaryPath, ['encrypt', '--key-id', keyId, '--data-stdin'], {\n input: b64Input,\n encoding: 'utf-8',\n timeout: 30_000,\n });\n if (proc.error) throw proc.error;\n const result = JSON.parse(proc.stdout.trim());\n if (result.error) throw new Error(result.error);\n return result.ciphertext;\n }\n const result = runNativeBinaryJson<{ ciphertext: string }>(['encrypt', '--key-id', keyId, '--data', b64Input]);\n return result.ciphertext;\n}\n\n/**\n * Decrypt a ciphertext value.\n *\n * For biometric-enabled backends (macOS Secure Enclave, Windows Hello),\n * uses the daemon client for session caching (avoids repeated biometric prompts).\n * For file-based backend, uses the pure JS ECIES implementation.\n */\nexport async function decryptValue(ciphertext: string, keyId: string = DEFAULT_KEY_ID): Promise<string> {\n const backend = getBackendInfo();\n if (backend.type === 'file') {\n debug('decryptValue: using file backend');\n return fileBackend.decryptValue(ciphertext, keyId);\n }\n\n // Use daemon client for biometric backends (session caching)\n // In WSL2, the .exe handles daemon management internally via --via-daemon\n if (backend.biometricAvailable) {\n if (isWSL()) {\n debug('decryptValue: WSL2 biometric decrypt via --via-daemon');\n const binaryPath = resolveNativeBinary();\n if (!binaryPath) throw new Error('Native binary not found');\n const daemonAlreadyReady = pingWindowsDaemonFromWsl(binaryPath, 1_500);\n const daemonPrestarted = daemonAlreadyReady || tryPrestartWindowsDaemonFromWsl(binaryPath);\n if (!daemonAlreadyReady && daemonPrestarted) {\n waitForWindowsDaemonFromWsl(binaryPath);\n }\n // Use spawnSync with stdin to avoid exposing ciphertext or session\n // identity in process listings (visible via tasklist/procfs).\n // Stdin JSON includes both the data and the TTY ID for session scoping.\n const stdinPayload = JSON.stringify({\n data: ciphertext,\n ttyId: getSelfTtyId(),\n });\n const runViaDaemon = (timeout: number) => spawnSync(binaryPath, ['decrypt', '--key-id', keyId, '--data-stdin', '--via-daemon'], {\n input: stdinPayload,\n encoding: 'utf-8',\n timeout,\n });\n\n let proc = runViaDaemon(daemonPrestarted ? 120_000 : 60_000);\n\n const output = (proc.stdout || proc.stderr || '').trim();\n const timedOut = proc.error && (proc.error as NodeJS.ErrnoException).code === 'ETIMEDOUT';\n const needsRetry = Boolean(proc.error) || proc.status !== 0;\n const likelyDaemonStartupIssue = timedOut\n || /daemon is not running|daemon did not become ready within timeout|schtasks|windows hello daemon/i.test(output);\n\n if (needsRetry && likelyDaemonStartupIssue) {\n debug(`decryptValue: via-daemon startup issue detected; attempting native start-daemon bridge. output=${output.slice(0, 180)}`);\n if (tryPrestartWindowsDaemonFromWsl(binaryPath)) {\n // Give the daemon a little more room on first auth after bridge start.\n proc = runViaDaemon(120_000);\n }\n }\n\n if (proc.error) throw proc.error;\n if (proc.status !== 0) {\n const finalOutput = (proc.stdout || proc.stderr || '').trim();\n try {\n const parsed = JSON.parse(finalOutput);\n if (parsed.error) throw new Error(parsed.error);\n } catch { /* not JSON */ }\n\n const windowsPath = toWindowsPathFromWsl(binaryPath);\n const setupHint = windowsPath\n ? `\\nHint: In native Windows PowerShell run:\\n Start-Process -WindowStyle Hidden \"${windowsPath}\" start-daemon`\n : '';\n throw new Error(`Decrypt failed (exit ${proc.status}): ${finalOutput}${setupHint}`);\n }\n\n const result = JSON.parse(proc.stdout.trim());\n if (result.error) throw new Error(result.error);\n debug(`decryptValue: WSL2 result: ${proc.stdout.trim().slice(0, 100)}`);\n return result.plaintext;\n }\n debug('decryptValue: biometric decrypt via daemon client');\n const client = getDaemonClient();\n return client.decrypt(ciphertext, keyId);\n }\n\n // Non-biometric native backend (e.g., Linux TPM without polkit) — one-shot\n debug('decryptValue: non-biometric one-shot decrypt');\n const result = runNativeBinaryJson<{ plaintext: string }>(['decrypt', '--key-id', keyId, '--data', ciphertext]);\n return result.plaintext;\n}\n\n/**\n * Invalidate the biometric session, requiring re-authentication for next decrypt.\n * Connects to the running daemon without spawning one (varlock lock runs in a separate process).\n */\nexport async function lockSession(): Promise<void> {\n const backend = getBackendInfo();\n if (!backend.biometricAvailable) return;\n const client = getDaemonClient();\n const connected = await client.tryConnect();\n if (!connected) {\n throw new Error('No encryption daemon is running');\n }\n await client.invalidateSession();\n}\n"]}

package/dist/{chunk-DGXO2UN7.js → chunk-6JKWTWLB.js} RENAMED Viewed

@@ -1,11 +1,11 @@
 import { isBundledSEA } from './chunk-GXNQVEXD.js';
-import { detectJsPackageManager, logLines, fmt } from './chunk-LRT2CHDN.js';
+import { detectJsPackageManager, logLines, fmt } from './chunk-2ABRAKHE.js';
 import { define } from './chunk-4A54P4EM.js';
-import { loadVarlockEnvGraph } from './chunk-S5EU3LTR.js';
+import { loadVarlockEnvGraph } from './chunk-V2MTE4J6.js';
 import { gracefulExit } from './chunk-CHQDS2PI.js';
-import { CliExitError } from './chunk-YBV5OJW6.js';
-import { spawnAsync, pathExists, ansis_default } from './chunk-C4ITUXON.js';
-import { my_dash_default } from './chunk-6CCHLM3U.js';
+import { CliExitError } from './chunk-GBCB7Y3B.js';
+import { spawnAsync, pathExists, ansis_default } from './chunk-U7RQPX5K.js';
+import { my_dash_default } from './chunk-2PFIYNFA.js';
 import { redactString } from './chunk-XLYSNOR3.js';
 import { __name } from './chunk-6PEHRAEP.js';
 import path from 'path';
@@ -94,6 +94,9 @@ Examples:
   varlock scan --path .env.prod   # Use a specific .env file as the schema entry point
   varlock scan -p ./envs -p ./overrides  # Use multiple schema entry points
   varlock scan --install-hook     # Set up as a git pre-commit hook
+  varlock scan ./dist             # Scan a specific directory (e.g. a build output folder)
+  varlock scan ./dist ./public    # Scan multiple directories
+  varlock scan './dist/**/*.js'   # Scan files matching a glob pattern
   `.trim()
 });
 async function getGitFiles(cwd, onlyStaged) {
@@ -140,6 +143,68 @@ async function walkDirectory(dir) {
   return files;
 }
 __name(walkDirectory, "walkDirectory");
+async function walkDirectoryAll(dir) {
+  const files = [];
+  let entries;
+  try {
+    entries = await fs.readdir(dir, { withFileTypes: true });
+  } catch {
+    return files;
+  }
+  for (const entry of entries) {
+    const fullPath = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      files.push(...await walkDirectoryAll(fullPath));
+    } else if (entry.isFile()) {
+      const ext = path.extname(entry.name).toLowerCase();
+      if (BINARY_EXTENSIONS.has(ext)) continue;
+      files.push(fullPath);
+    }
+  }
+  return files;
+}
+__name(walkDirectoryAll, "walkDirectoryAll");
+var GLOB_CHARS = /[*?{}[\]]/;
+async function resolveTargetPaths(targets, cwd) {
+  const seen = /* @__PURE__ */ new Set();
+  const files = [];
+  async function addFile(absPath) {
+    if (seen.has(absPath)) return;
+    seen.add(absPath);
+    files.push(absPath);
+  }
+  __name(addFile, "addFile");
+  async function addPath(absPath) {
+    let stat;
+    try {
+      stat = await fs.stat(absPath);
+    } catch {
+      return;
+    }
+    if (stat.isDirectory()) {
+      for (const f of await walkDirectoryAll(absPath)) {
+        await addFile(f);
+      }
+    } else if (stat.isFile()) {
+      const ext = path.extname(absPath).toLowerCase();
+      if (!BINARY_EXTENSIONS.has(ext)) {
+        await addFile(absPath);
+      }
+    }
+  }
+  __name(addPath, "addPath");
+  for (const target of targets) {
+    if (GLOB_CHARS.test(target)) {
+      for await (const match of fs.glob(target, { cwd })) {
+        await addPath(path.resolve(cwd, match));
+      }
+    } else {
+      await addPath(path.resolve(cwd, target));
+    }
+  }
+  return files;
+}
+__name(resolveTargetPaths, "resolveTargetPaths");
 async function scanFileForValues(filePath, sensitiveValues) {
   const findings = [];
   let content;
@@ -314,6 +379,7 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
   }
   const onlyStaged = ctx.values.staged ?? false;
   const includeIgnored = ctx.values["include-ignored"] ?? false;
+  const scanTargets = (ctx.positionals ?? []).slice(ctx.commandPath?.length ?? 0);
   const envGraph = await loadVarlockEnvGraph({
     entryFilePaths: ctx.values.path
   });
@@ -338,7 +404,9 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
   }
   const cwd = process.cwd();
   let files;
-  if (includeIgnored) {
+  if (scanTargets.length > 0) {
+    files = await resolveTargetPaths(scanTargets, cwd);
+  } else if (includeIgnored) {
     files = await walkDirectory(cwd);
   } else {
     const gitFiles = await getGitFiles(cwd, onlyStaged);
@@ -354,7 +422,9 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
     }
   }
   if (files.length === 0) {
-    if (onlyStaged) {
+    if (scanTargets.length > 0) {
+      console.log(ansis_default.green("\u2705 No files found at the specified path(s)."));
+    } else if (onlyStaged) {
       console.log("No staged files to scan.");
     } else {
       console.log(ansis_default.green("\u2705 No files found to scan."));
@@ -392,6 +462,6 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
   gracefulExit(1);
 }, "commandFn");
-export { commandFn, commandSpec, getGitFiles, scanFileForValues, walkDirectory };
-//# sourceMappingURL=chunk-DGXO2UN7.js.map
-//# sourceMappingURL=chunk-DGXO2UN7.js.map
+export { commandFn, commandSpec, getGitFiles, resolveTargetPaths, scanFileForValues, walkDirectory, walkDirectoryAll };
+//# sourceMappingURL=chunk-6JKWTWLB.js.map
+//# sourceMappingURL=chunk-6JKWTWLB.js.map

package/dist/chunk-6JKWTWLB.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/cli/commands/scan.command.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAkBA,IAAM,SAAA,uBAAgB,GAAA,CAAI;AAAA,EACxB,MAAA;AAAA,EACA,cAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,QAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,aAAA;AAAA,EACA,QAAA;AAAA,EACA;AACF,CAAC,CAAA;AAGD,IAAM,iBAAA,uBAAwB,GAAA,CAAI;AAAA,EAChC,MAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,KAAA;AAAA,EACA,MAAA;AAAA,EACA,KAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,KAAA;AAAA,EACA,QAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,QAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,MAAA;AAAA,EACA,QAAA;AAAA,EACA;AACF,CAAC,CAAA;AAEM,IAAM,cAAc,MAAA,CAAO;AAAA,EAChC,IAAA,EAAM,MAAA;AAAA,EACN,WAAA,EAAa,wEAAA;AAAA,EACb,IAAA,EAAM;AAAA,IACJ,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,WAAA,EAAa;AAAA,KACf;AAAA,IACA,iBAAA,EAAmB;AAAA,MACjB,IAAA,EAAM,SAAA;AAAA,MACN,WAAA,EAAa;AAAA,KACf;AAAA,IACA,cAAA,EAAgB;AAAA,MACd,IAAA,EAAM,SAAA;AAAA,MACN,WAAA,EAAa;AAAA,KACf;AAAA,IACA,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,GAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA;AACf,GACF;AAAA,EACA,QAAA,EAAU;AAAA;AAAA;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAAA,CAAA,CAcR,IAAA;AACJ,CAAC;AAWD,eAAsB,WAAA,CAAY,KAAa,UAAA,EAAoD;AACjG,EAAA,IAAI;AACF,IAAA,IAAI,MAAA;AACJ,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAA,GAAS,MAAM,UAAA;AAAA,QACb,KAAA;AAAA,QACA,CAAC,MAAA,EAAQ,UAAA,EAAY,aAAA,EAAe,MAAM,oBAAoB,CAAA;AAAA,QAC9D,EAAE,GAAA;AAAI,OACR;AAAA,IACF,CAAA,MAAO;AACL,MAAA,MAAA,GAAS,MAAM,UAAA;AAAA,QACb,KAAA;AAAA,QACA,CAAC,UAAA,EAAY,UAAA,EAAY,UAAA,EAAY,sBAAsB,IAAI,CAAA;AAAA,QAC/D,EAAE,GAAA;AAAI,OACR;AAAA,IACF;AACA,IAAA,OAAO,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA,CAAE,MAAA,CAAO,OAAO,CAAA,CACrC,MAAA,CAAO,CAAC,CAAA,KAAM,CAAC,iBAAA,CAAkB,GAAA,CAAI,IAAA,CAAK,OAAA,CAAQ,CAAC,CAAA,CAAE,WAAA,EAAa,CAAC,CAAA,CACnE,GAAA,CAAI,CAAC,CAAA,KAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAC,CAAA;AAAA,EACpC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAtBsB,MAAA,CAAA,WAAA,EAAA,aAAA,CAAA;AAwBtB,eAAsB,cAAc,GAAA,EAAqC;AACvE,EAAA,MAAM,QAAuB,EAAC;AAC9B,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,MAAM,EAAA,CAAG,OAAA,CAAQ,KAAK,EAAE,aAAA,EAAe,MAAM,CAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,KAAA,MAAW,SAAS,OAAA,EAAS;AAC3B,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,MAAM,IAAI,CAAA;AAC1C,IAAA,IAAI,KAAA,CAAM,aAAY,EAAG;AACvB,MAAA,IAAI,SAAA,CAAU,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA,EAAG;AAC/B,MAAA,KAAA,CAAM,IAAA,CAAK,GAAG,MAAM,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,KAAA,CAAM,MAAA,EAAO,EAAG;AACzB,MAAA,MAAM,MAAM,IAAA,CAAK,OAAA,CAAQ,KAAA,CAAM,IAAI,EAAE,WAAA,EAAY;AACjD,MAAA,IAAI,iBAAA,CAAkB,GAAA,CAAI,GAAG,CAAA,EAAG;AAChC,MAAA,KAAA,CAAM,KAAK,QAAQ,CAAA;AAAA,IACrB;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AApBsB,MAAA,CAAA,aAAA,EAAA,eAAA,CAAA;AA2BtB,eAAsB,iBAAiB,GAAA,EAAqC;AAC1E,EAAA,MAAM,QAAuB,EAAC;AAC9B,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,MAAM,EAAA,CAAG,OAAA,CAAQ,KAAK,EAAE,aAAA,EAAe,MAAM,CAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,KAAA,MAAW,SAAS,OAAA,EAAS;AAC3B,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,MAAM,IAAI,CAAA;AAC1C,IAAA,IAAI,KAAA,CAAM,aAAY,EAAG;AACvB,MAAA,KAAA,CAAM,IAAA,CAAK,GAAG,MAAM,gBAAA,CAAiB,QAAQ,CAAC,CAAA;AAAA,IAChD,CAAA,MAAA,IAAW,KAAA,CAAM,MAAA,EAAO,EAAG;AACzB,MAAA,MAAM,MAAM,IAAA,CAAK,OAAA,CAAQ,KAAA,CAAM,IAAI,EAAE,WAAA,EAAY;AACjD,MAAA,IAAI,iBAAA,CAAkB,GAAA,CAAI,GAAG,CAAA,EAAG;AAChC,MAAA,KAAA,CAAM,KAAK,QAAQ,CAAA;AAAA,IACrB;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAnBsB,MAAA,CAAA,gBAAA,EAAA,kBAAA,CAAA;AAqBtB,IAAM,UAAA,GAAa,WAAA;AAUnB,eAAsB,kBAAA,CAAmB,SAAwB,GAAA,EAAqC;AACpG,EAAA,MAAM,IAAA,uBAAW,GAAA,EAAY;AAC7B,EAAA,MAAM,QAAuB,EAAC;AAE9B,EAAA,eAAe,QAAQ,OAAA,EAAiB;AACtC,IAAA,IAAI,IAAA,CAAK,GAAA,CAAI,OAAO,CAAA,EAAG;AACvB,IAAA,IAAA,CAAK,IAAI,OAAO,CAAA;AAChB,IAAA,KAAA,CAAM,KAAK,OAAO,CAAA;AAAA,EACpB;AAJe,EAAA,MAAA,CAAA,OAAA,EAAA,SAAA,CAAA;AAMf,EAAA,eAAe,QAAQ,OAAA,EAAiB;AACtC,IAAA,IAAI,IAAA;AACJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,EAAA,CAAG,IAAA,CAAK,OAAO,CAAA;AAAA,IAC9B,CAAA,CAAA,MAAQ;AACN,MAAA;AAAA,IACF;AACA,IAAA,IAAI,IAAA,CAAK,aAAY,EAAG;AACtB,MAAA,KAAA,MAAW,CAAA,IAAK,MAAM,gBAAA,CAAiB,OAAO,CAAA,EAAG;AAC/C,QAAA,MAAM,QAAQ,CAAC,CAAA;AAAA,MACjB;AAAA,IACF,CAAA,MAAA,IAAW,IAAA,CAAK,MAAA,EAAO,EAAG;AACxB,MAAA,MAAM,GAAA,GAAM,IAAA,CAAK,OAAA,CAAQ,OAAO,EAAE,WAAA,EAAY;AAC9C,MAAA,IAAI,CAAC,iBAAA,CAAkB,GAAA,CAAI,GAAG,CAAA,EAAG;AAC/B,QAAA,MAAM,QAAQ,OAAO,CAAA;AAAA,MACvB;AAAA,IACF;AAAA,EACF;AAjBe,EAAA,MAAA,CAAA,OAAA,EAAA,SAAA,CAAA;AAmBf,EAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,IAAA,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,CAAA,EAAG;AAE3B,MAAA,WAAA,MAAiB,SAAS,EAAA,CAAG,IAAA,CAAK,QAAQ,EAAE,GAAA,EAAK,CAAA,EAAG;AAClD,QAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAC,CAAA;AAAA,MACxC;AAAA,IACF,CAAA,MAAO;AACL,MAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,GAAA,EAAK,MAAM,CAAC,CAAA;AAAA,IACzC;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAzCsB,MAAA,CAAA,kBAAA,EAAA,oBAAA,CAAA;AA+CtB,eAAsB,iBAAA,CACpB,UACA,eAAA,EAC6B;AAC7B,EAAA,MAAM,WAA+B,EAAC;AACtC,EAAA,IAAI,OAAA;AACJ,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,MAAM,EAAA,CAAG,QAAA,CAAS,QAAA,EAAU,OAAO,CAAA;AAAA,EAC/C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,QAAA;AAAA,EACT;AAGA,EAAA,IAAI,OAAA,CAAQ,QAAA,CAAS,IAAI,CAAA,EAAG,OAAO,QAAA;AAGnC,EAAA,IAAI,QAAA,GAAW,KAAA;AACf,EAAA,KAAA,MAAW,GAAA,IAAO,eAAA,CAAgB,MAAA,EAAO,EAAG;AAC1C,IAAA,IAAI,OAAA,CAAQ,QAAA,CAAS,GAAG,CAAA,EAAG;AACzB,MAAA,QAAA,GAAW,IAAA;AACX,MAAA;AAAA,IACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,UAAU,OAAO,QAAA;AAEtB,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,IAAI,CAAA;AAChC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,MAAM,IAAA,GAAO,MAAM,CAAC,CAAA;AACpB,IAAA,KAAA,MAAW,CAAC,OAAA,EAAS,GAAG,CAAA,IAAK,eAAA,EAAiB;AAC5C,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,OAAA,CAAQ,GAAG,CAAA;AAC/B,MAAA,IAAI,WAAW,EAAA,EAAI;AACjB,QAAA,QAAA,CAAS,IAAA,CAAK;AAAA,UACZ,QAAA;AAAA,UACA,YAAY,CAAA,GAAI,CAAA;AAAA,UAChB,cAAc,MAAA,GAAS,CAAA;AAAA,UACvB,IAAA,EAAM,KAAK,IAAA,EAAK;AAAA,UAChB,gBAAA,EAAkB,OAAA;AAAA,UAClB,cAAA,EAAgB;AAAA,SACjB,CAAA;AACD,QAAA;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACA,EAAA,OAAO,QAAA;AACT;AA5CsB,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AA8CtB,IAAM,YAAA,GAAe,cAAA;AAOrB,SAAS,cAAA,GAAyB;AAChC,EAAA,IAAI,YAAA,IAAgB,OAAO,YAAA;AAC3B,EAAA,MAAM,KAAK,sBAAA,EAAuB;AAClC,EAAA,IAAI,IAAI,OAAO,CAAA,EAAG,EAAA,CAAG,IAAI,IAAI,YAAY,CAAA,CAAA;AAEzC,EAAA,OAAO,YAAA;AACT;AANS,MAAA,CAAA,cAAA,EAAA,gBAAA,CAAA;AAUT,eAAe,kBAAkB,GAAA,EAA8C;AAE7E,EAAA,IAAI,MAAM,WAAW,IAAA,CAAK,IAAA,CAAK,KAAK,QAAQ,CAAC,GAAG,OAAO,OAAA;AAGvD,EAAA,MAAM,aAAA,GAAgB,CAAC,cAAA,EAAgB,eAAA,EAAiB,iBAAiB,gBAAgB,CAAA;AACzF,EAAA,KAAA,MAAW,QAAQ,aAAA,EAAe;AAChC,IAAA,IAAI,MAAM,WAAW,IAAA,CAAK,IAAA,CAAK,KAAK,IAAI,CAAC,GAAG,OAAO,UAAA;AAAA,EACrD;AAGA,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,cAAc,CAAA;AACjD,EAAA,IAAI,MAAM,UAAA,CAAW,WAAW,CAAA,EAAG;AACjC,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,KAAK,KAAA,CAAM,MAAM,GAAG,QAAA,CAAS,WAAA,EAAa,OAAO,CAAC,CAAA;AAClE,MAAA,IAAI,OAAA,CAAQ,kBAAkB,CAAA,EAAG,OAAO,kBAAA;AAAA,IAC1C,CAAA,CAAA,MAAQ;AAAA,IAA4B;AAAA,EACtC;AAEA,EAAA,OAAO,IAAA;AACT;AApBe,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AAsBf,eAAe,YAAY,GAAA,EAAqC;AAC9D,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,MAAM,UAAA,CAAW,KAAA,EAAO,CAAC,aAAa,iBAAiB,CAAA,EAAG,EAAE,GAAA,EAAK,CAAA;AAC9E,IAAA,OAAO,KAAK,IAAA,EAAK;AAAA,EACnB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAPe,MAAA,CAAA,WAAA,EAAA,aAAA,CAAA;AASf,eAAe,YAAY,GAAA,EAA4B;AACrD,EAAA,MAAM,OAAA,GAAU,MAAM,WAAA,CAAY,GAAG,CAAA;AACrC,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,aAAa,6BAAA,EAA+B;AAAA,MACpD,UAAA,EAAY;AAAA,KACb,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,MAAM,UAAA,GAAa,CAAA;AAAA,EAAc,WAAW;AAAA,CAAA;AAC5C,EAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB,OAAO,CAAA;AAEnD,EAAA,IAAI,gBAAgB,OAAA,EAAS;AAC3B,IAAA,QAAA,CAAS;AAAA,MACP,EAAA;AAAA,MACA,CAAA,SAAA,EAAY,aAAA,CAAM,IAAA,CAAK,OAAO,CAAC,CAAA,0BAAA,CAAA;AAAA,MAC/B,EAAA;AAAA,MACA,CAAA,IAAA,EAAO,aAAA,CAAM,IAAA,CAAK,WAAW,CAAC,CAAA,yBAAA,CAAA;AAAA,MAC9B,EAAA;AAAA,MACA,aAAA,CAAM,GAAA,CAAI,CAAA,QAAA,EAAW,WAAW,CAAA,sBAAA,CAAwB,CAAA;AAAA,MACxD,EAAA;AAAA,MACA,4BAAA;AAAA,MACA,EAAA;AAAA,MACA,aAAA,CAAM,GAAA,CAAI,CAAA,QAAA,EAAW,WAAW,CAAA,qBAAA,CAAuB,CAAA;AAAA,MACvD;AAAA,KACD,CAAA;AACD,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,gBAAgB,UAAA,EAAY;AAC9B,IAAA,QAAA,CAAS;AAAA,MACP,EAAA;AAAA,MACA,CAAA,SAAA,EAAY,aAAA,CAAM,IAAA,CAAK,UAAU,CAAC,CAAA,0BAAA,CAAA;AAAA,MAClC,EAAA;AAAA,MACA,4CAAA;AAAA,MACA,EAAA;AAAA,MACA,aAAA,CAAM,IAAI,eAAe,CAAA;AAAA,MACzB,aAAA,CAAM,IAAI,eAAe,CAAA;AAAA,MACzB,aAAA,CAAM,IAAI,qBAAqB,CAAA;AAAA,MAC/B,aAAA,CAAM,GAAA,CAAI,CAAA,aAAA,EAAgB,WAAW,CAAA,CAAE,CAAA;AAAA,MACvC;AAAA,KACD,CAAA;AACD,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,gBAAgB,kBAAA,EAAoB;AACtC,IAAA,QAAA,CAAS;AAAA,MACP,EAAA;AAAA,MACA,CAAA,SAAA,EAAY,aAAA,CAAM,IAAA,CAAK,kBAAkB,CAAC,CAAA,sBAAA,CAAA;AAAA,MAC1C,EAAA;AAAA,MACA,yCAAA;AAAA,MACA,EAAA;AAAA,MACA,aAAA,CAAM,IAAI,yBAAyB,CAAA;AAAA,MACnC,aAAA,CAAM,GAAA,CAAI,CAAA,mBAAA,EAAsB,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,MAC9C,aAAA,CAAM,IAAI,KAAK,CAAA;AAAA,MACf,EAAA;AAAA,MACA,CAAA,SAAA,EAAY,aAAA,CAAM,GAAA,CAAI,sBAAsB,CAAC,CAAA,qBAAA,CAAA;AAAA,MAC7C;AAAA,KACD,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,IAAA,CAAK,OAAA,EAAS,QAAQ,OAAO,CAAA;AACnD,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,IAAA,CAAK,QAAA,EAAU,YAAY,CAAA;AAGjD,EAAA,MAAM,GAAG,KAAA,CAAM,QAAA,EAAU,EAAE,SAAA,EAAW,MAAM,CAAA;AAG5C,EAAA,IAAI,MAAM,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC9B,IAAA,MAAM,eAAA,GAAkB,MAAM,EAAA,CAAG,QAAA,CAAS,UAAU,OAAO,CAAA;AAC3D,IAAA,IAAI,eAAA,CAAgB,QAAA,CAAS,YAAY,CAAA,EAAG;AAC1C,MAAA,QAAA,CAAS;AAAA,QACP,EAAA;AAAA,QACA,cAAM,KAAA,CAAM,CAAA,qCAAA,EAAwC,cAAM,IAAA,CAAK,YAAY,CAAC,CAAA,iBAAA,CAAmB,CAAA;AAAA,QAC/F;AAAA,OACD,CAAA;AACD,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,CAAA,EAAG,eAAA,CAAgB,OAAA,EAAS;AAAA,EAAK,WAAW;AAAA,CAAA;AACnE,IAAA,MAAM,EAAA,CAAG,SAAA,CAAU,QAAA,EAAU,cAAc,CAAA;AAC3C,IAAA,MAAM,EAAA,CAAG,KAAA,CAAM,QAAA,EAAU,GAAK,CAAA;AAC9B,IAAA,QAAA,CAAS;AAAA,MACP,EAAA;AAAA,MACA,cAAM,KAAA,CAAM,CAAA,MAAA,EAAS,cAAM,IAAA,CAAK,WAAW,CAAC,CAAA,6BAAA,CAA+B,CAAA;AAAA,MAC3E,GAAA,CAAI,SAAS,QAAQ,CAAA;AAAA,MACrB;AAAA,KACD,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,MAAM,EAAA,CAAG,SAAA,CAAU,QAAA,EAAU,UAAU,CAAA;AACvC,EAAA,MAAM,EAAA,CAAG,KAAA,CAAM,QAAA,EAAU,GAAK,CAAA;AAC9B,EAAA,QAAA,CAAS;AAAA,IACP,EAAA;AAAA,IACA,cAAM,KAAA,CAAM,CAAA,2BAAA,EAA8B,IAAI,QAAA,CAAS,QAAQ,CAAC,CAAA,CAAE,CAAA;AAAA,IAClE,aAAA,CAAM,IAAI,gFAAgF,CAAA;AAAA,IAC1F;AAAA,GACD,CAAA;AACH;AAtGe,MAAA,CAAA,WAAA,EAAA,aAAA,CAAA;AAwGR,IAAM,SAAA,iCAA6D,GAAA,KAAQ;AAEhF,EAAA,IAAI,GAAA,CAAI,MAAA,CAAO,cAAc,CAAA,EAAG;AAC9B,IAAA,MAAM,WAAA,CAAY,OAAA,CAAQ,GAAA,EAAK,CAAA;AAC/B,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,UAAA,GAAa,GAAA,CAAI,MAAA,CAAO,MAAA,IAAU,KAAA;AACxC,EAAA,MAAM,cAAA,GAAiB,GAAA,CAAI,MAAA,CAAO,iBAAiB,CAAA,IAAK,KAAA;AAGxD,EAAA,MAAM,WAAA,GAAA,CAAe,IAAI,WAAA,IAAe,IAAI,KAAA,CAAM,GAAA,CAAI,WAAA,EAAa,MAAA,IAAU,CAAC,CAAA;AAG9E,EAAA,MAAM,QAAA,GAAW,MAAM,mBAAA,CAAoB;AAAA,IACzC,cAAA,EAAgB,IAAI,MAAA,CAAO;AAAA,GAC5B,CAAA;AAGD,EAAA,KAAA,MAAW,MAAA,IAAU,SAAS,iBAAA,EAAmB;AAC/C,IAAA,IAAI,OAAO,YAAA,EAAc;AACvB,MAAA,MAAM,IAAI,YAAA,CAAa,CAAA,sBAAA,EAAyB,MAAA,CAAO,YAAA,CAAa,OAAO,CAAA,CAAA,EAAI;AAAA,QAC7E,UAAA,EAAY;AAAA,OACb,CAAA;AAAA,IACH;AAAA,EACF;AAEA,EAAA,MAAM,SAAS,gBAAA,EAAiB;AAGhC,EAAA,MAAM,eAAA,uBAAsB,GAAA,EAAoB;AAChD,EAAA,KAAA,MAAW,OAAA,IAAW,SAAS,YAAA,EAAc;AAC3C,IAAA,MAAM,IAAA,GAAO,QAAA,CAAS,YAAA,CAAa,OAAO,CAAA;AAC1C,IAAA,IAAI,IAAA,CAAK,eAAe,eAAA,CAAE,QAAA,CAAS,KAAK,aAAa,CAAA,IAAK,IAAA,CAAK,aAAA,KAAkB,EAAA,EAAI;AACnF,MAAA,eAAA,CAAgB,GAAA,CAAI,OAAA,EAAS,IAAA,CAAK,aAAa,CAAA;AAAA,IACjD;AAAA,EACF;AAEA,EAAA,IAAI,eAAA,CAAgB,SAAS,CAAA,EAAG;AAC9B,IAAA,QAAA,CAAS,CAAC,aAAA,CAAM,KAAA,CAAM,mEAA8D,CAAC,CAAC,CAAA;AACtF,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,GAAA,GAAM,QAAQ,GAAA,EAAI;AACxB,EAAA,IAAI,KAAA;AAEJ,EAAA,IAAI,WAAA,CAAY,SAAS,CAAA,EAAG;AAK1B,IAAA,KAAA,GAAQ,MAAM,kBAAA,CAAmB,WAAA,EAAa,GAAG,CAAA;AAAA,EACnD,WAAW,cAAA,EAAgB;AAEzB,IAAA,KAAA,GAAQ,MAAM,cAAc,GAAG,CAAA;AAAA,EACjC,CAAA,MAAO;AAEL,IAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,GAAA,EAAK,UAAU,CAAA;AAClD,IAAA,IAAI,aAAa,IAAA,EAAM;AACrB,MAAA,KAAA,GAAQ,QAAA;AAAA,IACV,CAAA,MAAO;AAEL,MAAA,IAAI,UAAA,EAAY;AACd,QAAA,MAAM,IAAI,aAAa,wCAAA,EAA0C;AAAA,UAC/D,UAAA,EAAY;AAAA,SACb,CAAA;AAAA,MACH;AACA,MAAA,KAAA,GAAQ,MAAM,cAAc,GAAG,CAAA;AAAA,IACjC;AAAA,EACF;AAEA,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,IAAI,WAAA,CAAY,SAAS,CAAA,EAAG;AAC1B,MAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAM,KAAA,CAAM,iDAA4C,CAAC,CAAA;AAAA,IACvE,WAAW,UAAA,EAAY;AACrB,MAAA,OAAA,CAAQ,IAAI,0BAA0B,CAAA;AAAA,IACxC,CAAA,MAAO;AACL,MAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAM,KAAA,CAAM,gCAA2B,CAAC,CAAA;AAAA,IACtD;AACA,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,cAAkC,EAAC;AACzC,EAAA,KAAA,MAAW,YAAY,KAAA,EAAO;AAC5B,IAAA,MAAM,QAAA,GAAW,MAAM,iBAAA,CAAkB,QAAA,EAAU,eAAe,CAAA;AAClE,IAAA,WAAA,CAAY,IAAA,CAAK,GAAG,QAAQ,CAAA;AAAA,EAC9B;AAEA,EAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC5B,IAAA,QAAA,CAAS,CAAC,aAAA,CAAM,KAAA,CAAM,CAAA,wDAAA,EAAsD,MAAM,MAAM,CAAA,KAAA,EAAQ,KAAA,CAAM,MAAA,KAAW,CAAA,GAAI,EAAA,GAAK,GAAG,CAAA,CAAA,CAAG,CAAC,CAAC,CAAA;AAClI,IAAA;AAAA,EACF;AAGA,EAAA,MAAM,cAAA,uBAAqB,GAAA,EAAgC;AAC3D,EAAA,KAAA,MAAW,WAAW,WAAA,EAAa;AACjC,IAAA,MAAM,WAAW,cAAA,CAAe,GAAA,CAAI,OAAA,CAAQ,QAAQ,KAAK,EAAC;AAC1D,IAAA,QAAA,CAAS,KAAK,OAAO,CAAA;AACrB,IAAA,cAAA,CAAe,GAAA,CAAI,OAAA,CAAQ,QAAA,EAAU,QAAQ,CAAA;AAAA,EAC/C;AAEA,EAAA,OAAA,CAAQ,KAAA,CAAM,cAAM,GAAA,CAAI;AAAA,gBAAA,EAAc,WAAA,CAAY,MAAM,CAAA,wCAAA,EAA2C,cAAA,CAAe,IAAI,CAAA;AAAA,CAAa,CAAC,CAAA;AACpI,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,QAAQ,CAAA,IAAK,cAAA,EAAgB;AACjD,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,QAAA,CAAS,GAAA,EAAK,QAAQ,CAAA;AAC3C,IAAA,KAAA,MAAW,WAAW,QAAA,EAAU;AAE9B,MAAA,MAAM,YAAA,GAAe,QAAQ,IAAA,CAAK,UAAA,CAAW,QAAQ,cAAA,EAAgB,YAAA,CAAa,OAAA,CAAQ,cAAc,CAAE,CAAA;AAC1G,MAAA,MAAM,aAAA,GAAgB,YAAA,CAAa,MAAA,GAAS,GAAA,GACxC,CAAA,EAAG,aAAa,SAAA,CAAU,CAAA,EAAG,GAAG,CAAC,CAAA,MAAA,CAAA,GACjC,YAAA;AACJ,MAAA,OAAA,CAAQ,KAAA,CAAM,KAAK,GAAA,CAAI,QAAA,CAAS,GAAG,OAAO,CAAA,CAAA,EAAI,QAAQ,UAAU,CAAA,CAAA,EAAI,QAAQ,YAAY,CAAA,CAAE,CAAC,CAAA,CAAA,EAAI,aAAA,CAAM,OAAO,OAAA,CAAQ,gBAAgB,CAAC,CAAA,CAAE,CAAA;AACvI,MAAA,OAAA,CAAQ,MAAM,CAAA,IAAA,EAAO,aAAA,CAAM,GAAA,CAAI,aAAa,CAAC,CAAA,CAAE,CAAA;AAAA,IACjD;AACA,IAAA,OAAA,CAAQ,MAAM,EAAE,CAAA;AAAA,EAClB;AAEA,EAAA,YAAA,CAAa,CAAC,CAAA;AAChB,CAAA,EArHmE,WAAA","file":"chunk-6JKWTWLB.js","sourcesContent":["import path from 'node:path';\nimport fs from 'node:fs/promises';\nimport { define } from 'gunshi';\nimport ansis from 'ansis';\nimport { gracefulExit } from 'exit-hook';\nimport _ from '@env-spec/utils/my-dash';\n\nimport { spawnAsync } from '@env-spec/utils/exec-helpers';\nimport { pathExists } from '@env-spec/utils/fs-utils';\nimport { redactString } from '../../runtime/lib/redaction';\nimport { type TypedGunshiCommandFn } from '../helpers/gunshi-type-utils';\nimport { CliExitError } from '../helpers/exit-error';\nimport { fmt, logLines } from '../helpers/pretty-format';\nimport { detectJsPackageManager } from '../helpers/js-package-manager-utils';\nimport { isBundledSEA } from '../helpers/install-detection';\nimport { loadVarlockEnvGraph } from '../../lib/load-graph';\n\n// Directories to always skip when walking the file tree\nconst SKIP_DIRS = new Set([\n '.git',\n 'node_modules',\n 'dist',\n 'build',\n '.next',\n '.nuxt',\n 'vendor',\n '.venv',\n 'venv',\n '__pycache__',\n '.turbo',\n 'coverage',\n]);\n\n// File extensions that are binary and should be skipped\nconst BINARY_EXTENSIONS = new Set([\n '.png',\n '.jpg',\n '.jpeg',\n '.gif',\n '.bmp',\n '.ico',\n '.mp3',\n '.mp4',\n '.wav',\n '.avi',\n '.mov',\n '.zip',\n '.tar',\n '.gz',\n '.rar',\n '.7z',\n '.exe',\n '.dll',\n '.so',\n '.dylib',\n '.bin',\n '.pdf',\n '.doc',\n '.docx',\n '.xls',\n '.xlsx',\n '.woff',\n '.woff2',\n '.ttf',\n '.eot',\n '.pyc',\n '.class',\n '.o',\n]);\n\nexport const commandSpec = define({\n name: 'scan',\n description: 'Scan files for sensitive config values that should not be in plaintext',\n args: {\n staged: {\n type: 'boolean',\n description: 'Only scan staged git files',\n },\n 'include-ignored': {\n type: 'boolean',\n description: 'Include git-ignored files in the scan',\n },\n 'install-hook': {\n type: 'boolean',\n description: 'Set up varlock scan as a git pre-commit hook',\n },\n path: {\n type: 'string',\n short: 'p',\n multiple: true,\n description: 'Path to a specific .env file (e.g. .env.prod) or directory ending with \"/\" to use as the schema entry point (can be specified multiple times)',\n },\n },\n examples: `\nLoads your varlock config, resolves all sensitive values, then scans files to\nensure none of those sensitive values appear in plaintext.\n\nExamples:\n varlock scan # Scan non-git-ignored files in current directory\n varlock scan --staged # Only scan staged git files\n varlock scan --include-ignored # Scan all files, including git-ignored ones\n varlock scan --path .env.prod # Use a specific .env file as the schema entry point\n varlock scan -p ./envs -p ./overrides # Use multiple schema entry points\n varlock scan --install-hook # Set up as a git pre-commit hook\n varlock scan ./dist # Scan a specific directory (e.g. a build output folder)\n varlock scan ./dist ./public # Scan multiple directories\n varlock scan './dist/**/*.js' # Scan files matching a glob pattern\n `.trim(),\n});\n\nexport interface ScanFinding {\n filePath: string;\n lineNumber: number;\n columnNumber: number;\n line: string;\n sensitiveKeyName: string;\n sensitiveValue: string;\n}\n\nexport async function getGitFiles(cwd: string, onlyStaged: boolean): Promise<Array<string> | null> {\n try {\n let output: string;\n if (onlyStaged) {\n output = await spawnAsync(\n 'git',\n ['diff', '--cached', '--name-only', '-z', '--diff-filter=ACMR'],\n { cwd },\n );\n } else {\n output = await spawnAsync(\n 'git',\n ['ls-files', '--cached', '--others', '--exclude-standard', '-z'],\n { cwd },\n );\n }\n return output.split('\\0').filter(Boolean)\n .filter((f) => !BINARY_EXTENSIONS.has(path.extname(f).toLowerCase()))\n .map((f) => path.resolve(cwd, f));\n } catch {\n return null;\n }\n}\n\nexport async function walkDirectory(dir: string): Promise<Array<string>> {\n const files: Array<string> = [];\n let entries;\n try {\n entries = await fs.readdir(dir, { withFileTypes: true });\n } catch {\n return files;\n }\n for (const entry of entries) {\n const fullPath = path.join(dir, entry.name);\n if (entry.isDirectory()) {\n if (SKIP_DIRS.has(entry.name)) continue;\n files.push(...await walkDirectory(fullPath));\n } else if (entry.isFile()) {\n const ext = path.extname(entry.name).toLowerCase();\n if (BINARY_EXTENSIONS.has(ext)) continue;\n files.push(fullPath);\n }\n }\n return files;\n}\n\n/**\n * Like walkDirectory but does NOT skip entries in SKIP_DIRS.\n * Used when users explicitly pass a target directory to scan\n * (e.g. a build output folder like `dist` or `.next`).\n */\nexport async function walkDirectoryAll(dir: string): Promise<Array<string>> {\n const files: Array<string> = [];\n let entries;\n try {\n entries = await fs.readdir(dir, { withFileTypes: true });\n } catch {\n return files;\n }\n for (const entry of entries) {\n const fullPath = path.join(dir, entry.name);\n if (entry.isDirectory()) {\n files.push(...await walkDirectoryAll(fullPath));\n } else if (entry.isFile()) {\n const ext = path.extname(entry.name).toLowerCase();\n if (BINARY_EXTENSIONS.has(ext)) continue;\n files.push(fullPath);\n }\n }\n return files;\n}\n\nconst GLOB_CHARS = /[*?{}[\\]]/;\n\n/**\n * Resolves an array of path/glob strings (as provided by the user on the CLI)\n * into a deduplicated list of absolute file paths to scan.\n *\n * - Glob patterns (containing `*`, `?`, `{`, `[`) are expanded with `fs.glob`.\n * - Explicit directories are walked (without skipping build-output dirs).\n * - Explicit files are included directly (if not a binary extension).\n */\nexport async function resolveTargetPaths(targets: Array<string>, cwd: string): Promise<Array<string>> {\n const seen = new Set<string>();\n const files: Array<string> = [];\n\n async function addFile(absPath: string) {\n if (seen.has(absPath)) return;\n seen.add(absPath);\n files.push(absPath);\n }\n\n async function addPath(absPath: string) {\n let stat;\n try {\n stat = await fs.stat(absPath);\n } catch {\n return; // path doesn't exist — silently skip\n }\n if (stat.isDirectory()) {\n for (const f of await walkDirectoryAll(absPath)) {\n await addFile(f);\n }\n } else if (stat.isFile()) {\n const ext = path.extname(absPath).toLowerCase();\n if (!BINARY_EXTENSIONS.has(ext)) {\n await addFile(absPath);\n }\n }\n }\n\n for (const target of targets) {\n if (GLOB_CHARS.test(target)) {\n // Expand glob pattern; paths returned by fsGlob are relative to cwd\n for await (const match of fs.glob(target, { cwd })) {\n await addPath(path.resolve(cwd, match));\n }\n } else {\n await addPath(path.resolve(cwd, target));\n }\n }\n\n return files;\n}\n\n/**\n * Scans a single file for occurrences of any of the provided sensitive values.\n * sensitiveValues is a map from env key name to its resolved string value.\n */\nexport async function scanFileForValues(\n filePath: string,\n sensitiveValues: Map<string, string>,\n): Promise<Array<ScanFinding>> {\n const findings: Array<ScanFinding> = [];\n let content: string;\n try {\n content = await fs.readFile(filePath, 'utf-8');\n } catch {\n return findings;\n }\n\n // Skip binary files (contain null bytes)\n if (content.includes('\\0')) return findings;\n\n // Quick pre-check: skip the file entirely if none of the values appear\n let anyMatch = false;\n for (const val of sensitiveValues.values()) {\n if (content.includes(val)) {\n anyMatch = true;\n break;\n }\n }\n if (!anyMatch) return findings;\n\n const lines = content.split('\\n');\n for (let i = 0; i < lines.length; i++) {\n const line = lines[i];\n for (const [keyName, val] of sensitiveValues) {\n const colIdx = line.indexOf(val);\n if (colIdx !== -1) {\n findings.push({\n filePath,\n lineNumber: i + 1,\n columnNumber: colIdx + 1,\n line: line.trim(),\n sensitiveKeyName: keyName,\n sensitiveValue: val,\n });\n break; // one finding per line is enough\n }\n }\n }\n return findings;\n}\n\nconst SCAN_COMMAND = 'varlock scan';\n\n/**\n * Determines the correct command to use in a git hook script.\n * If varlock is installed as a standalone binary, uses `varlock` directly.\n * Otherwise, prefixes with the detected JS package manager's exec command.\n */\nfunction getHookCommand(): string {\n if (isBundledSEA()) return SCAN_COMMAND;\n const pm = detectJsPackageManager();\n if (pm) return `${pm.exec} ${SCAN_COMMAND}`;\n // fallback - assume varlock is available on PATH\n return SCAN_COMMAND;\n}\n\ntype HookManagerKind = 'husky' | 'lefthook' | 'simple-git-hooks';\n\nasync function detectHookManager(cwd: string): Promise<HookManagerKind | null> {\n // Check for husky\n if (await pathExists(path.join(cwd, '.husky'))) return 'husky';\n\n // Check for lefthook config files\n const lefthookFiles = ['lefthook.yml', 'lefthook.yaml', '.lefthook.yml', '.lefthook.yaml'];\n for (const file of lefthookFiles) {\n if (await pathExists(path.join(cwd, file))) return 'lefthook';\n }\n\n // Check for simple-git-hooks in package.json\n const pkgJsonPath = path.join(cwd, 'package.json');\n if (await pathExists(pkgJsonPath)) {\n try {\n const pkgJson = JSON.parse(await fs.readFile(pkgJsonPath, 'utf-8'));\n if (pkgJson['simple-git-hooks']) return 'simple-git-hooks';\n } catch { /* ignore parse errors */ }\n }\n\n return null;\n}\n\nasync function findGitRoot(cwd: string): Promise<string | null> {\n try {\n const root = await spawnAsync('git', ['rev-parse', '--show-toplevel'], { cwd });\n return root.trim();\n } catch {\n return null;\n }\n}\n\nasync function installHook(cwd: string): Promise<void> {\n const gitRoot = await findGitRoot(cwd);\n if (!gitRoot) {\n throw new CliExitError('Not inside a git repository', {\n suggestion: 'Run `git init` first, or make sure you are inside a git repository.',\n });\n }\n\n const hookCommand = getHookCommand();\n const hookScript = `#!/bin/sh\\n${hookCommand}\\n`;\n const hookManager = await detectHookManager(gitRoot);\n\n if (hookManager === 'husky') {\n logLines([\n '',\n `Detected ${ansis.bold('husky')} as your git hook manager.`,\n '',\n `Add ${ansis.bold(hookCommand)} to your pre-commit hook:`,\n '',\n ansis.dim(` echo \"${hookCommand}\" >> .husky/pre-commit`),\n '',\n 'Or if creating a new hook:',\n '',\n ansis.dim(` echo \"${hookCommand}\" > .husky/pre-commit`),\n '',\n ]);\n return;\n }\n\n if (hookManager === 'lefthook') {\n logLines([\n '',\n `Detected ${ansis.bold('lefthook')} as your git hook manager.`,\n '',\n 'Add the following to your lefthook config:',\n '',\n ansis.dim(' pre-commit:'),\n ansis.dim(' commands:'),\n ansis.dim(' varlock-scan:'),\n ansis.dim(` run: ${hookCommand}`),\n '',\n ]);\n return;\n }\n\n if (hookManager === 'simple-git-hooks') {\n logLines([\n '',\n `Detected ${ansis.bold('simple-git-hooks')} in your package.json.`,\n '',\n 'Add the following to your package.json:',\n '',\n ansis.dim(' \"simple-git-hooks\": {'),\n ansis.dim(` \"pre-commit\": \"${hookCommand}\"`),\n ansis.dim(' }'),\n '',\n `Then run ${ansis.dim('npx simple-git-hooks')} to update the hooks.`,\n '',\n ]);\n return;\n }\n\n // No hook manager detected -- install directly to .git/hooks/pre-commit\n const hooksDir = path.join(gitRoot, '.git', 'hooks');\n const hookPath = path.join(hooksDir, 'pre-commit');\n\n // Ensure hooks directory exists\n await fs.mkdir(hooksDir, { recursive: true });\n\n // Check if a pre-commit hook already exists\n if (await pathExists(hookPath)) {\n const existingContent = await fs.readFile(hookPath, 'utf-8');\n if (existingContent.includes(SCAN_COMMAND)) {\n logLines([\n '',\n ansis.green(`The pre-commit hook already includes ${ansis.bold(SCAN_COMMAND)} - nothing to do!`),\n '',\n ]);\n return;\n }\n // Append to existing hook\n const updatedContent = `${existingContent.trimEnd()}\\n${hookCommand}\\n`;\n await fs.writeFile(hookPath, updatedContent);\n await fs.chmod(hookPath, 0o755);\n logLines([\n '',\n ansis.green(`Added ${ansis.bold(hookCommand)} to existing pre-commit hook.`),\n fmt.filePath(hookPath),\n '',\n ]);\n return;\n }\n\n // Create new hook\n await fs.writeFile(hookPath, hookScript);\n await fs.chmod(hookPath, 0o755);\n logLines([\n '',\n ansis.green(`Created pre-commit hook at ${fmt.filePath(hookPath)}`),\n ansis.dim('Your staged files will now be scanned for sensitive values before each commit.'),\n '',\n ]);\n}\n\nexport const commandFn: TypedGunshiCommandFn<typeof commandSpec> = async (ctx) => {\n // Handle --install-hook before doing any scanning\n if (ctx.values['install-hook']) {\n await installHook(process.cwd());\n return;\n }\n\n const onlyStaged = ctx.values.staged ?? false;\n const includeIgnored = ctx.values['include-ignored'] ?? false;\n\n // Positional arguments are treated as explicit paths/globs to scan\n const scanTargets = (ctx.positionals ?? []).slice(ctx.commandPath?.length ?? 0);\n\n // Load the varlock env graph to get the actual sensitive values\n const envGraph = await loadVarlockEnvGraph({\n entryFilePaths: ctx.values.path,\n });\n\n // Check for loading/schema errors\n for (const source of envGraph.sortedDataSources) {\n if (source.loadingError) {\n throw new CliExitError(`Error loading config: ${source.loadingError.message}`, {\n suggestion: 'Make sure your .env.schema file is valid.',\n });\n }\n }\n\n await envGraph.resolveEnvValues();\n\n // Collect all sensitive string values that are non-empty\n const sensitiveValues = new Map<string, string>();\n for (const itemKey in envGraph.configSchema) {\n const item = envGraph.configSchema[itemKey];\n if (item.isSensitive && _.isString(item.resolvedValue) && item.resolvedValue !== '') {\n sensitiveValues.set(itemKey, item.resolvedValue);\n }\n }\n\n if (sensitiveValues.size === 0) {\n logLines([ansis.green('✅ No sensitive values found in config - nothing to scan for.')]);\n return;\n }\n\n const cwd = process.cwd();\n let files: Array<string>;\n\n if (scanTargets.length > 0) {\n // Explicit paths/globs provided — scan only those targets.\n // We skip git-aware filtering so the user gets exactly what they asked for,\n // and we do NOT apply SKIP_DIRS (e.g. `dist`, `.next`) since the whole point\n // is often to scan a build output directory.\n files = await resolveTargetPaths(scanTargets, cwd);\n } else if (includeIgnored) {\n // Walk the full directory tree, no git filtering\n files = await walkDirectory(cwd);\n } else {\n // Try to use git to get non-ignored files\n const gitFiles = await getGitFiles(cwd, onlyStaged);\n if (gitFiles !== null) {\n files = gitFiles;\n } else {\n // Git not available - fall back to walking directory\n if (onlyStaged) {\n throw new CliExitError('Could not run git to find staged files', {\n suggestion: 'Make sure git is installed and you are inside a git repository.',\n });\n }\n files = await walkDirectory(cwd);\n }\n }\n\n if (files.length === 0) {\n if (scanTargets.length > 0) {\n console.log(ansis.green('✅ No files found at the specified path(s).'));\n } else if (onlyStaged) {\n console.log('No staged files to scan.');\n } else {\n console.log(ansis.green('✅ No files found to scan.'));\n }\n return;\n }\n\n const allFindings: Array<ScanFinding> = [];\n for (const filePath of files) {\n const findings = await scanFileForValues(filePath, sensitiveValues);\n allFindings.push(...findings);\n }\n\n if (allFindings.length === 0) {\n logLines([ansis.green(`✅ No sensitive values found in plaintext. (scanned ${files.length} file${files.length === 1 ? '' : 's'})`)]);\n return;\n }\n\n // Group findings by file for display\n const findingsByFile = new Map<string, Array<ScanFinding>>();\n for (const finding of allFindings) {\n const existing = findingsByFile.get(finding.filePath) ?? [];\n existing.push(finding);\n findingsByFile.set(finding.filePath, existing);\n }\n\n console.error(ansis.red(`\\n🚨 Found ${allFindings.length} sensitive value(s) in plaintext across ${findingsByFile.size} file(s):\\n`));\n for (const [filePath, findings] of findingsByFile) {\n const relPath = path.relative(cwd, filePath);\n for (const finding of findings) {\n // Redact the actual secret value in the displayed line\n const redactedLine = finding.line.replaceAll(finding.sensitiveValue, redactString(finding.sensitiveValue)!);\n const truncatedLine = redactedLine.length > 100\n ? `${redactedLine.substring(0, 100)}…`\n : redactedLine;\n console.error(` ${fmt.fileName(`${relPath}:${finding.lineNumber}:${finding.columnNumber}`)} ${ansis.yellow(finding.sensitiveKeyName)}`);\n console.error(` ${ansis.dim(truncatedLine)}`);\n }\n console.error('');\n }\n\n gracefulExit(1);\n};\n"]}

package/dist/chunk-7WB7HK5Z.js ADDED Viewed

@@ -0,0 +1,21 @@
+import { __name } from './chunk-6PEHRAEP.js';
+import os from 'os';
+import { join } from 'path';
+import { existsSync } from 'fs';
+function getUserVarlockDir() {
+  const home = os.homedir();
+  if (process.env.XDG_CONFIG_HOME) {
+    return join(process.env.XDG_CONFIG_HOME, "varlock");
+  }
+  const legacyDir = join(home, ".varlock");
+  if (existsSync(legacyDir)) {
+    return legacyDir;
+  }
+  return join(home, ".config", "varlock");
+}
+__name(getUserVarlockDir, "getUserVarlockDir");
+export { getUserVarlockDir };
+//# sourceMappingURL=chunk-7WB7HK5Z.js.map
+//# sourceMappingURL=chunk-7WB7HK5Z.js.map

package/dist/chunk-7WB7HK5Z.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/lib/user-config-dir.ts"],"names":[],"mappings":";;;;;AAcO,SAAS,iBAAA,GAA4B;AAC1C,EAAA,MAAM,IAAA,GAAO,GAAG,OAAA,EAAQ;AAGxB,EAAA,IAAI,OAAA,CAAQ,IAAI,eAAA,EAAiB;AAC/B,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB,SAAS,CAAA;AAAA,EACpD;AAGA,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,IAAA,EAAM,UAAU,CAAA;AACvC,EAAA,IAAI,UAAA,CAAW,SAAS,CAAA,EAAG;AACzB,IAAA,OAAO,SAAA;AAAA,EACT;AAGA,EAAA,OAAO,IAAA,CAAK,IAAA,EAAM,SAAA,EAAW,SAAS,CAAA;AACxC;AAhBgB,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA","file":"chunk-7WB7HK5Z.js","sourcesContent":["import os from 'node:os';\nimport { join } from 'node:path';\nimport { existsSync } from 'node:fs';\n\n/**\n * Resolves the user-level varlock config directory, respecting the XDG Base Directory Specification.\n *\n * Resolution order:\n * 1. If `$XDG_CONFIG_HOME` is set → `$XDG_CONFIG_HOME/varlock`\n * 2. If legacy `~/.varlock` exists → `~/.varlock` (backwards compatibility)\n * 3. Otherwise → `~/.config/varlock` (XDG default)\n *\n * @see https://specifications.freedesktop.org/basedir/latest/\n */\nexport function getUserVarlockDir(): string {\n const home = os.homedir();\n\n // If XDG_CONFIG_HOME is explicitly set, always respect it\n if (process.env.XDG_CONFIG_HOME) {\n return join(process.env.XDG_CONFIG_HOME, 'varlock');\n }\n\n // Backwards compatibility: if legacy ~/.varlock exists, keep using it\n const legacyDir = join(home, '.varlock');\n if (existsSync(legacyDir)) {\n return legacyDir;\n }\n\n // Default to XDG standard location: ~/.config/varlock\n return join(home, '.config', 'varlock');\n}\n"]}

package/dist/chunk-AMNNQL7K.js ADDED Viewed

@@ -0,0 +1,26 @@
+import { define } from './chunk-4A54P4EM.js';
+import { getBackendInfo, lockSession } from './chunk-6DXWXIQV.js';
+import { __name } from './chunk-6PEHRAEP.js';
+// src/cli/commands/lock.command.ts
+var commandSpec = define({
+  name: "lock",
+  description: "Lock the encryption daemon, requiring biometric for next decrypt"
+});
+var commandFn = /* @__PURE__ */ __name(async () => {
+  const backend = getBackendInfo();
+  if (!backend.biometricAvailable) {
+    console.log(`The ${backend.type} backend does not support biometric lock.`);
+    return;
+  }
+  try {
+    await lockSession();
+    console.log("Encryption session locked. Biometric authentication will be required for next decrypt.");
+  } catch {
+    console.log("No encryption daemon is running \u2014 nothing to lock.");
+  }
+}, "commandFn");
+export { commandFn, commandSpec };
+//# sourceMappingURL=chunk-AMNNQL7K.js.map
+//# sourceMappingURL=chunk-AMNNQL7K.js.map

package/dist/chunk-AMNNQL7K.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/cli/commands/lock.command.ts"],"names":[],"mappings":";;;;;AAMO,IAAM,cAAc,MAAA,CAAO;AAAA,EAChC,IAAA,EAAM,MAAA;AAAA,EACN,WAAA,EAAa;AACf,CAAC;AAEM,IAAM,4BAAsD,MAAA,CAAA,YAAY;AAC7E,EAAA,MAAM,UAAuB,cAAA,EAAe;AAE5C,EAAA,IAAI,CAAC,QAAQ,kBAAA,EAAoB;AAC/B,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,IAAA,EAAO,OAAA,CAAQ,IAAI,CAAA,yCAAA,CAA2C,CAAA;AAC1E,IAAA;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAmB,WAAA,EAAY;AAC/B,IAAA,OAAA,CAAQ,IAAI,wFAAwF,CAAA;AAAA,EACtG,CAAA,CAAA,MAAQ;AACN,IAAA,OAAA,CAAQ,IAAI,yDAAoD,CAAA;AAAA,EAClE;AACF,CAAA,EAdmE,WAAA","file":"chunk-AMNNQL7K.js","sourcesContent":["\nimport { define } from 'gunshi';\n\nimport { type TypedGunshiCommandFn } from '../helpers/gunshi-type-utils';\nimport * as localEncrypt from '../../lib/local-encrypt';\n\nexport const commandSpec = define({\n name: 'lock',\n description: 'Lock the encryption daemon, requiring biometric for next decrypt',\n});\n\nexport const commandFn: TypedGunshiCommandFn<typeof commandSpec> = async () => {\n const backend = localEncrypt.getBackendInfo();\n\n if (!backend.biometricAvailable) {\n console.log(`The ${backend.type} backend does not support biometric lock.`);\n return;\n }\n\n try {\n await localEncrypt.lockSession();\n console.log('Encryption session locked. Biometric authentication will be required for next decrypt.');\n } catch {\n console.log('No encryption daemon is running — nothing to lock.');\n }\n};\n"]}

package/dist/{chunk-P5H6JZZR.js → chunk-CKWXLVMV.js} RENAMED Viewed

@@ -1,7 +1,8 @@
-import { detectJsPackageManager, logLines, fmt, installJsDependency } from './chunk-LRT2CHDN.js';
+import { detectJsPackageManager, logLines, fmt, installJsDependency } from './chunk-2ABRAKHE.js';
 import { define } from './chunk-4A54P4EM.js';
 import { gracefulExit } from './chunk-CHQDS2PI.js';
-import { spawnAsync, envSpecUpdater, ParsedEnvSpecStaticValue, tryCatch, parseEnvSpecDotEnvFile, Jt, Ct, ansis_default, prompts_default, pathExists } from './chunk-C4ITUXON.js';
+import { spawnAsync, envSpecUpdater, ParsedEnvSpecStaticValue, tryCatch, parseEnvSpecDotEnvFile, ansis_default, prompts_default, pathExists } from './chunk-U7RQPX5K.js';
+import { _t, q } from './chunk-HDKXXS2X.js';
 import { __name } from './chunk-6PEHRAEP.js';
 import path2, { dirname } from 'path';
 import fs3 from 'fs/promises';
@@ -221,14 +222,14 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
       exampleFileToConvert = parsedEnvFiles[allExampleFileNames[0]];
     } else if (allExampleFileNames.length > 1) {
       console.log("");
-      const selectedExample = await Jt({
+      const selectedExample = await _t({
         message: `We detected more than one example .env file. Which one should we use to create your new ${fmt.fileName(".env.schema")}?`,
         options: allExampleFileNames.map((fileName) => ({
           label: fileName,
           value: parsedEnvFiles[fileName]
         }))
       });
-      if (Ct(selectedExample)) return gracefulExit(0);
+      if (q(selectedExample)) return gracefulExit(0);
       exampleFileToConvert = selectedExample;
     }
     const parsedEnvSchemaFile = exampleFileToConvert?.parsedFile || parseEnvSpecDotEnvFile("");
@@ -285,7 +286,7 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
     const confirmReviewed = await prompts_default.confirm({
       message: `Have you reviewed and updated your new ${fmt.fileName(".env.schema")} file?`
     });
-    if (Ct(confirmReviewed)) return gracefulExit(0);
+    if (q(confirmReviewed)) return gracefulExit(0);
     const reloadedSchemaFile = await parseEnvSpecDotEnvFile(await fs3.readFile(schemaFilePath, "utf-8"));
     if (reloadedSchemaFile.configItems.find((i) => i.key === "EXAMPLE_ITEM")) {
       logLines([
@@ -298,7 +299,7 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
       const confirmDeleteExample = await prompts_default.confirm({
         message: `Should we delete your ${fmt.fileName(exampleFileToConvert.fileName)} file? ${ansis_default.italic.gray("(you can always do this yourself later)")}`
       });
-      if (Ct(confirmDeleteExample)) return gracefulExit(0);
+      if (q(confirmDeleteExample)) return gracefulExit(0);
       if (confirmDeleteExample) {
         await fs3.unlink(exampleFileToConvert.fullPath);
       }
@@ -326,7 +327,7 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
       const confirmDeleteRedundant = await prompts_default.confirm({
         message: "Should we delete these redundant values from your other .env files?"
       });
-      if (Ct(confirmDeleteRedundant)) return gracefulExit(0);
+      if (q(confirmDeleteRedundant)) return gracefulExit(0);
       if (confirmDeleteRedundant) {
         await detectRedundantValues(parsedEnvSchemaFile, parsedEnvFiles, { delete: true });
       }
@@ -382,5 +383,5 @@ ${bunfigContents}`);
 }, "commandFn");
 export { commandFn, commandSpec };
-//# sourceMappingURL=chunk-P5H6JZZR.js.map
-//# sourceMappingURL=chunk-P5H6JZZR.js.map
+//# sourceMappingURL=chunk-CKWXLVMV.js.map
+//# sourceMappingURL=chunk-CKWXLVMV.js.map