vinext 0.0.27 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (114) hide show
  1. package/dist/build/static-export.d.ts +1 -1
  2. package/dist/build/static-export.d.ts.map +1 -1
  3. package/dist/build/static-export.js +2 -1
  4. package/dist/build/static-export.js.map +1 -1
  5. package/dist/cloudflare/kv-cache-handler.d.ts +28 -17
  6. package/dist/cloudflare/kv-cache-handler.d.ts.map +1 -1
  7. package/dist/cloudflare/kv-cache-handler.js +95 -30
  8. package/dist/cloudflare/kv-cache-handler.js.map +1 -1
  9. package/dist/config/config-matchers.d.ts +1 -0
  10. package/dist/config/config-matchers.d.ts.map +1 -1
  11. package/dist/config/config-matchers.js +51 -23
  12. package/dist/config/config-matchers.js.map +1 -1
  13. package/dist/deploy.d.ts +1 -1
  14. package/dist/deploy.d.ts.map +1 -1
  15. package/dist/deploy.js +48 -32
  16. package/dist/deploy.js.map +1 -1
  17. package/dist/entries/app-rsc-entry.d.ts +3 -1
  18. package/dist/entries/app-rsc-entry.d.ts.map +1 -1
  19. package/dist/entries/app-rsc-entry.js +495 -75
  20. package/dist/entries/app-rsc-entry.js.map +1 -1
  21. package/dist/entries/pages-server-entry.d.ts.map +1 -1
  22. package/dist/entries/pages-server-entry.js +68 -22
  23. package/dist/entries/pages-server-entry.js.map +1 -1
  24. package/dist/index.d.ts +23 -7
  25. package/dist/index.d.ts.map +1 -1
  26. package/dist/index.js +128 -41
  27. package/dist/index.js.map +1 -1
  28. package/dist/plugins/client-reference-dedup.d.ts +19 -0
  29. package/dist/plugins/client-reference-dedup.d.ts.map +1 -0
  30. package/dist/plugins/client-reference-dedup.js +96 -0
  31. package/dist/plugins/client-reference-dedup.js.map +1 -0
  32. package/dist/routing/app-router.d.ts.map +1 -1
  33. package/dist/routing/app-router.js +60 -89
  34. package/dist/routing/app-router.js.map +1 -1
  35. package/dist/routing/pages-router.d.ts +1 -1
  36. package/dist/routing/pages-router.d.ts.map +1 -1
  37. package/dist/routing/pages-router.js +25 -13
  38. package/dist/routing/pages-router.js.map +1 -1
  39. package/dist/routing/route-validation.d.ts +8 -0
  40. package/dist/routing/route-validation.d.ts.map +1 -0
  41. package/dist/routing/route-validation.js +124 -0
  42. package/dist/routing/route-validation.js.map +1 -0
  43. package/dist/server/api-handler.d.ts.map +1 -1
  44. package/dist/server/api-handler.js +24 -7
  45. package/dist/server/api-handler.js.map +1 -1
  46. package/dist/server/dev-server.d.ts.map +1 -1
  47. package/dist/server/dev-server.js +9 -3
  48. package/dist/server/dev-server.js.map +1 -1
  49. package/dist/server/isr-cache.d.ts +5 -13
  50. package/dist/server/isr-cache.d.ts.map +1 -1
  51. package/dist/server/isr-cache.js +13 -12
  52. package/dist/server/isr-cache.js.map +1 -1
  53. package/dist/server/metadata-routes.d.ts +8 -2
  54. package/dist/server/metadata-routes.d.ts.map +1 -1
  55. package/dist/server/metadata-routes.js +73 -28
  56. package/dist/server/metadata-routes.js.map +1 -1
  57. package/dist/server/middleware-codegen.d.ts +1 -1
  58. package/dist/server/middleware-codegen.d.ts.map +1 -1
  59. package/dist/server/middleware-codegen.js +165 -12
  60. package/dist/server/middleware-codegen.js.map +1 -1
  61. package/dist/server/middleware.d.ts +9 -8
  62. package/dist/server/middleware.d.ts.map +1 -1
  63. package/dist/server/middleware.js +74 -13
  64. package/dist/server/middleware.js.map +1 -1
  65. package/dist/server/prod-server.d.ts.map +1 -1
  66. package/dist/server/prod-server.js +84 -54
  67. package/dist/server/prod-server.js.map +1 -1
  68. package/dist/shims/cache.d.ts +2 -0
  69. package/dist/shims/cache.d.ts.map +1 -1
  70. package/dist/shims/cache.js +20 -8
  71. package/dist/shims/cache.js.map +1 -1
  72. package/dist/shims/fetch-cache.d.ts.map +1 -1
  73. package/dist/shims/fetch-cache.js +5 -2
  74. package/dist/shims/fetch-cache.js.map +1 -1
  75. package/dist/shims/form.d.ts.map +1 -1
  76. package/dist/shims/form.js +103 -8
  77. package/dist/shims/form.js.map +1 -1
  78. package/dist/shims/headers.d.ts +11 -3
  79. package/dist/shims/headers.d.ts.map +1 -1
  80. package/dist/shims/headers.js +180 -25
  81. package/dist/shims/headers.js.map +1 -1
  82. package/dist/shims/internal/parse-cookie-header.d.ts +12 -0
  83. package/dist/shims/internal/parse-cookie-header.d.ts.map +1 -0
  84. package/dist/shims/internal/parse-cookie-header.js +32 -0
  85. package/dist/shims/internal/parse-cookie-header.js.map +1 -0
  86. package/dist/shims/link.d.ts +2 -1
  87. package/dist/shims/link.d.ts.map +1 -1
  88. package/dist/shims/link.js +8 -2
  89. package/dist/shims/link.js.map +1 -1
  90. package/dist/shims/navigation.d.ts +3 -7
  91. package/dist/shims/navigation.d.ts.map +1 -1
  92. package/dist/shims/navigation.js +20 -10
  93. package/dist/shims/navigation.js.map +1 -1
  94. package/dist/shims/readonly-url-search-params.d.ts +11 -0
  95. package/dist/shims/readonly-url-search-params.d.ts.map +1 -0
  96. package/dist/shims/readonly-url-search-params.js +24 -0
  97. package/dist/shims/readonly-url-search-params.js.map +1 -0
  98. package/dist/shims/router.d.ts +4 -3
  99. package/dist/shims/router.d.ts.map +1 -1
  100. package/dist/shims/router.js +42 -29
  101. package/dist/shims/router.js.map +1 -1
  102. package/dist/shims/server.d.ts +1 -1
  103. package/dist/shims/server.d.ts.map +1 -1
  104. package/dist/shims/server.js +7 -13
  105. package/dist/shims/server.js.map +1 -1
  106. package/dist/utils/manifest-paths.d.ts +4 -0
  107. package/dist/utils/manifest-paths.d.ts.map +1 -0
  108. package/dist/utils/manifest-paths.js +20 -0
  109. package/dist/utils/manifest-paths.js.map +1 -0
  110. package/dist/utils/query.d.ts +9 -0
  111. package/dist/utils/query.d.ts.map +1 -1
  112. package/dist/utils/query.js +59 -9
  113. package/dist/utils/query.js.map +1 -1
  114. package/package.json +1 -1
package/dist/cloudflare/kv-cache-handler.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"kv-cache-handler.js","sourceRoot":"","sources":["../../src/cloudflare/kv-cache-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,EAAE,0BAA0B,EAAE,MAAM,6BAA6B,CAAC;AAyCzE,kDAAkD;AAClD,MAAM,UAAU,GAAG,QAAQ,CAAC;AAE5B,oCAAoC;AACpC,MAAM,YAAY,GAAG,QAAQ,CAAC;AAE9B,8CAA8C;AAC9C,MAAM,cAAc,GAAG,GAAG,CAAC;AAE3B;;;;GAIG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,cAAc;QAAE,OAAO,IAAI,CAAC;IAC5F,wEAAwE;IACxE,yFAAyF;IACzF,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7C,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,OAAO,cAAc;IACjB,EAAE,CAAc;IAChB,MAAM,CAAS;IACf,GAAG,CAA+B;IAE1C,YAAY,WAAwB,EAAE,OAAwD;QAC5F,IAAI,CAAC,EAAE,GAAG,WAAW,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAChE,IAAI,CAAC,GAAG,GAAG,OAAO,EAAE,GAAG,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,IAA8B;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,GAAG,YAAY,GAAG,GAAG,CAAC;QAC/C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QAEtB,IAAI,MAAe,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,iFAAiF;YACjF,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,2CAA2C;QAC3C,MAAM,KAAK,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uEAAuE;QACvE,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC5C,IAAI,CAAC,EAAE,EAAE,CAAC;gBACR,wDAAwD;gBACxD,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;gBAChC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,GAAG,CAClC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,CACrE,CAAC;YACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBAC9B,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;oBACrC,IAAI,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,YAAY,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;wBACrE,kEAAkE;wBAClE,qCAAqC;wBACrC,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;wBAChC,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,IAAI,KAAK,CAAC,YAAY,KAAK,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,YAAY,EAAE,CAAC;YACnE,OAAO;gBACL,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,UAAU,EAAE,OAAO;aACpB,CAAC;QACJ,CAAC;QAED,OAAO;YACL,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC;IACJ,CAAC;IAED,GAAG,CACD,GAAW,EACX,IAAkC,EAClC,GAA6B;QAE7B,2DAA2D;QAC3D,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;QACjC,IAAI,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBACjC,IAAI,SAAS;oBAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QACD,IAAI,GAAG,IAAI,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACpD,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,IAAgB,EAAE,CAAC;gBACrC,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBACjC,IAAI,SAAS;oBAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC;QAEzB,8BAA8B;QAC9B,IAAI,YAAY,GAAkB,IAAI,CAAC;QACvC,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,UAAU,GAAI,GAAW,CAAC,YAAY,EAAE,UAAU,IAAK,GAAW,CAAC,UAAU,CAAC;YACpF,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;gBACrD,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,GAAG,IAAI,CAAC;YAChD,CAAC;QACH,CAAC;QACD,IACE,IAAI;YACJ,YAAY,IAAI,IAAI;YACpB,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ;YACnC,IAAI,CAAC,UAAU,GAAG,CAAC,EACnB,CAAC;YACD,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACrD,CAAC;QAED,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE1D,MAAM,KAAK,GAAiB;YAC1B,KAAK,EAAE,YAAY;YACnB,IAAI;YACJ,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;YACxB,YAAY;SACb,CAAC;QAEF,sEAAsE;QACtE,wEAAwE;QACxE,iEAAiE;QACjE,IAAI,aAAiC,CAAC;QACtC,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;YAC1B,MAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;YACxE,4DAA4D;YAC5D,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,iBAAiB,GAAG,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YACjE,+BAA+B;YAC/B,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,GAAG,YAAY,GAAG,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE;YAC7E,aAAa;SACd,CAAC,CAAC;QACH,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAuB,EAAE,UAAgC;QAC3E,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;QACjE,4CAA4C;QAC5C,oEAAoE;QACpE,MAAM,OAAO,CAAC,GAAG,CACf,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACpB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,GAAG,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE;YACvD,aAAa,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI;SAC9B,CAAC,CACH,CACF,CAAC;IACJ,CAAC;IAED,iBAAiB;QACf,sCAAsC;IACxC,CAAC;IAED;;;;;;;OAOG;IACK,mBAAmB,CAAC,KAAa;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,GAAG,GAAG,0BAA0B,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC;QACrD,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,mCAAmC;IACrC,CAAC;IAED;;;;OAIG;IACK,gBAAgB,CACtB,KAAa,EACb,KAAa,EACb,OAAoC;QAEpC,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,0BAA0B,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC;QACrD,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,mCAAmC;IACrC,CAAC;CACF;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;AAE9F;;;GAGG;AACH,SAAS,kBAAkB,CAAC,GAAY;IACtC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEjD,MAAM,GAAG,GAAG,GAA8B,CAAC;IAE3C,kBAAkB;IAClB,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,GAAG,CAAC,YAAY,KAAK,IAAI,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEnF,qEAAqE;IACrE,IAAI,GAAG,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC7D,MAAM,KAAK,GAAG,GAAG,CAAC,KAAgC,CAAC;QACnD,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;IAClF,CAAC;IAED,OAAO,GAAmB,CAAC;AAC7B,CAAC;AAED,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E;;;GAGG;AACH,SAAS,gBAAgB,CAAC,KAA4B;IACpD,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC9B,OAAO;YACL,GAAG,KAAK;YACR,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAE,mBAAmB,CAAC,KAAK,CAAC,OAAO,CAAS,CAAC,CAAC,CAAC,SAAS;SACjF,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;QAC/B,OAAO;YACL,GAAG,KAAK;YACR,IAAI,EAAE,mBAAmB,CAAC,KAAK,CAAC,IAAI,CAAQ;SAC7C,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC3B,OAAO;YACL,GAAG,KAAK;YACR,MAAM,EAAE,mBAAmB,CAAC,KAAK,CAAC,MAAM,CAAQ;SACjD,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,KAA4B;IACvD,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;QACnE,MAAM,OAAO,GAAG,uBAAuB,CAAC,KAAK,CAAC,OAAc,CAAC,CAAC;QAC9D,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,KAAa,CAAC,OAAO,GAAG,OAAO,CAAC;IACnC,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACjE,MAAM,OAAO,GAAG,uBAAuB,CAAC,KAAK,CAAC,IAAW,CAAC,CAAC;QAC3D,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,KAAa,CAAC,IAAI,GAAG,OAAO,CAAC;IAChC,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC/D,MAAM,OAAO,GAAG,uBAAuB,CAAC,KAAK,CAAC,MAAa,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,KAAa,CAAC,MAAM,GAAG,OAAO,CAAC;IAClC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAmB;IAC9C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAc;IACzC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,MAAc;IAC7C,IAAI,CAAC;QACH,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["/**\n * Cloudflare KV-backed CacheHandler for vinext.\n *\n * Provides persistent ISR caching on Cloudflare Workers using KV as the\n * storage backend. Supports time-based expiry (stale-while-revalidate)\n * and tag-based invalidation.\n *\n * Usage in worker/index.ts:\n *\n * import { KVCacheHandler } from \"vinext/cloudflare\";\n * import { setCacheHandler } from \"vinext/shims/cache\";\n *\n * export default {\n * async fetch(request: Request, env: Env, ctx: ExecutionContext) {\n * setCacheHandler(new KVCacheHandler(env.VINEXT_CACHE));\n * // ctx is propagated automatically via runWithExecutionContext in\n * // the vinext handler — no need to pass it to KVCacheHandler.\n * // ... rest of worker handler\n * }\n * };\n *\n * Wrangler config (wrangler.jsonc):\n *\n * {\n * \"kv_namespaces\": [\n * { \"binding\": \"VINEXT_CACHE\", \"id\": \"<your-kv-namespace-id>\" }\n * ]\n * }\n */\n\nimport type { CacheHandler, CacheHandlerValue, IncrementalCacheValue } from \"../shims/cache.js\";\nimport { getRequestExecutionContext } from \"../shims/request-context.js\";\n\n// Cloudflare KV namespace interface (matches Workers types)\ninterface KVNamespace {\n get(key: string, options?: { type?: string }): Promise<string | null>;\n get(key: string, options: { type: \"arrayBuffer\" }): Promise<ArrayBuffer | null>;\n put(\n key: string,\n value: string | ArrayBuffer | ReadableStream,\n options?: { expirationTtl?: number; metadata?: Record<string, unknown> },\n ): Promise<void>;\n delete(key: string): Promise<void>;\n list(options?: { prefix?: string; limit?: number; cursor?: string }): Promise<{\n keys: Array<{ name: string; metadata?: Record<string, unknown> }>;\n list_complete: boolean;\n cursor?: string;\n }>;\n}\n\n/**\n * Minimal ExecutionContext interface for Cloudflare Workers.\n * Background KV operations (cleanup deletes, cache writes) are registered\n * with ctx.waitUntil() so they are not killed when the Response is returned.\n *\n * The preferred way to supply ctx is via runWithExecutionContext() in the\n * worker entry (see vinext/shims/request-context). The constructor option\n * is kept as a fallback for callers that set it explicitly.\n */\ninterface ExecutionContext {\n waitUntil(promise: Promise<unknown>): void;\n}\n\n/** Shape stored in KV for each cache entry. */\ninterface KVCacheEntry {\n value: IncrementalCacheValue | null;\n tags: string[];\n lastModified: number;\n /** Absolute timestamp (ms) after which the entry is \"stale\" (but still served). */\n revalidateAt: number | null;\n}\n\n/** Key prefix for tag invalidation timestamps. */\nconst TAG_PREFIX = \"__tag:\";\n\n/** Key prefix for cache entries. */\nconst ENTRY_PREFIX = \"cache:\";\n\n/** Max tag length to prevent KV key abuse. */\nconst MAX_TAG_LENGTH = 256;\n\n/**\n * Validate a cache tag. Returns null if invalid.\n * Note: `:` is rejected because TAG_PREFIX and ENTRY_PREFIX use `:` as a\n * separator — allowing `:` in user tags could cause ambiguous key lookups.\n */\nfunction validateTag(tag: string): string | null {\n if (typeof tag !== \"string\" || tag.length === 0 || tag.length > MAX_TAG_LENGTH) return null;\n // Block control characters, path separators, and KV-special characters.\n // eslint-disable-next-line no-control-regex -- intentional: reject control chars in tags\n if (/[\\x00-\\x1f/\\\\:]/.test(tag)) return null;\n return tag;\n}\n\nexport class KVCacheHandler implements CacheHandler {\n private kv: KVNamespace;\n private prefix: string;\n private ctx: ExecutionContext | undefined;\n\n constructor(kvNamespace: KVNamespace, options?: { appPrefix?: string; ctx?: ExecutionContext }) {\n this.kv = kvNamespace;\n this.prefix = options?.appPrefix ? `${options.appPrefix}:` : \"\";\n this.ctx = options?.ctx;\n }\n\n async get(key: string, _ctx?: Record<string, unknown>): Promise<CacheHandlerValue | null> {\n const kvKey = this.prefix + ENTRY_PREFIX + key;\n const raw = await this.kv.get(kvKey);\n if (!raw) return null;\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n // Corrupted JSON — fire cleanup delete in the background and treat as miss.\n // Using waitUntil ensures the delete isn't killed when the Response is returned.\n this._deleteInBackground(kvKey);\n return null;\n }\n\n // Validate deserialized shape before using\n const entry = validateCacheEntry(parsed);\n if (!entry) {\n console.error(\"[vinext] Invalid cache entry shape for key:\", key);\n this._deleteInBackground(kvKey);\n return null;\n }\n\n // Restore ArrayBuffer fields that were base64-encoded for JSON storage\n if (entry.value) {\n const ok = restoreArrayBuffers(entry.value);\n if (!ok) {\n // base64 decode failed — corrupted entry, treat as miss\n this._deleteInBackground(kvKey);\n return null;\n }\n }\n\n // Check tag-based invalidation (parallel for lower latency)\n if (entry.tags.length > 0) {\n const tagResults = await Promise.all(\n entry.tags.map((tag) => this.kv.get(this.prefix + TAG_PREFIX + tag)),\n );\n for (let i = 0; i < entry.tags.length; i++) {\n const tagTime = tagResults[i];\n if (tagTime) {\n const tagTimestamp = Number(tagTime);\n if (Number.isNaN(tagTimestamp) || tagTimestamp >= entry.lastModified) {\n // Tag was invalidated after this entry, or timestamp is corrupted\n // — treat as miss to force re-render\n this._deleteInBackground(kvKey);\n return null;\n }\n }\n }\n }\n\n // Check time-based expiry — return stale with cacheState\n if (entry.revalidateAt !== null && Date.now() > entry.revalidateAt) {\n return {\n lastModified: entry.lastModified,\n value: entry.value,\n cacheState: \"stale\",\n };\n }\n\n return {\n lastModified: entry.lastModified,\n value: entry.value,\n };\n }\n\n set(\n key: string,\n data: IncrementalCacheValue | null,\n ctx?: Record<string, unknown>,\n ): Promise<void> {\n // Collect, validate, and dedupe tags from data and context\n const tagSet = new Set<string>();\n if (data && \"tags\" in data && Array.isArray(data.tags)) {\n for (const t of data.tags) {\n const validated = validateTag(t);\n if (validated) tagSet.add(validated);\n }\n }\n if (ctx && \"tags\" in ctx && Array.isArray(ctx.tags)) {\n for (const t of ctx.tags as string[]) {\n const validated = validateTag(t);\n if (validated) tagSet.add(validated);\n }\n }\n const tags = [...tagSet];\n\n // Determine revalidation time\n let revalidateAt: number | null = null;\n if (ctx) {\n const revalidate = (ctx as any).cacheControl?.revalidate ?? (ctx as any).revalidate;\n if (typeof revalidate === \"number\" && revalidate > 0) {\n revalidateAt = Date.now() + revalidate * 1000;\n }\n }\n if (\n data &&\n \"revalidate\" in data &&\n typeof data.revalidate === \"number\" &&\n data.revalidate > 0\n ) {\n revalidateAt = Date.now() + data.revalidate * 1000;\n }\n\n // Prepare entry — convert ArrayBuffers to base64 for JSON storage\n const serializable = data ? serializeForJSON(data) : null;\n\n const entry: KVCacheEntry = {\n value: serializable,\n tags,\n lastModified: Date.now(),\n revalidateAt,\n };\n\n // Calculate KV TTL — keep entries well beyond their revalidate window\n // (10x revalidate period, clamped to 60s–30d) so stale-while-revalidate\n // can serve stale content while background regeneration happens.\n let expirationTtl: number | undefined;\n if (revalidateAt !== null) {\n const revalidateSeconds = Math.ceil((revalidateAt - Date.now()) / 1000);\n // Keep in KV for 10x the revalidation period, up to 30 days\n expirationTtl = Math.min(revalidateSeconds * 10, 30 * 24 * 3600);\n // KV minimum TTL is 60 seconds\n expirationTtl = Math.max(expirationTtl, 60);\n }\n\n this._putInBackground(this.prefix + ENTRY_PREFIX + key, JSON.stringify(entry), {\n expirationTtl,\n });\n return Promise.resolve();\n }\n\n async revalidateTag(tags: string | string[], _durations?: { expire?: number }): Promise<void> {\n const tagList = Array.isArray(tags) ? tags : [tags];\n const now = Date.now();\n const validTags = tagList.filter((t) => validateTag(t) !== null);\n // Store invalidation timestamp for each tag\n // Use a long TTL (30 days) so recent invalidations are always found\n await Promise.all(\n validTags.map((tag) =>\n this.kv.put(this.prefix + TAG_PREFIX + tag, String(now), {\n expirationTtl: 30 * 24 * 3600,\n }),\n ),\n );\n }\n\n resetRequestCache(): void {\n // No-op — KV is stateless per request\n }\n\n /**\n * Fire a KV delete in the background.\n * Prefers the per-request ExecutionContext from ALS (set by\n * runWithExecutionContext in the worker entry) so that background KV\n * operations are registered with the correct request's waitUntil().\n * Falls back to the constructor-provided ctx for callers that set it\n * explicitly, and to fire-and-forget when neither is available (Node.js dev).\n */\n private _deleteInBackground(kvKey: string): void {\n const promise = this.kv.delete(kvKey);\n const ctx = getRequestExecutionContext() ?? this.ctx;\n if (ctx) {\n ctx.waitUntil(promise);\n }\n // else: fire-and-forget on Node.js\n }\n\n /**\n * Fire a KV put in the background.\n * Same ALS ctx → constructor ctx → fire-and-forget precedence as\n * `_deleteInBackground`.\n */\n private _putInBackground(\n kvKey: string,\n value: string,\n options?: { expirationTtl?: number },\n ): void {\n const promise = this.kv.put(kvKey, value, options);\n const ctx = getRequestExecutionContext() ?? this.ctx;\n if (ctx) {\n ctx.waitUntil(promise);\n }\n // else: fire-and-forget on Node.js\n }\n}\n\n// ---------------------------------------------------------------------------\n// Validation helpers\n// ---------------------------------------------------------------------------\n\nconst VALID_KINDS = new Set([\"FETCH\", \"APP_PAGE\", \"PAGES\", \"APP_ROUTE\", \"REDIRECT\", \"IMAGE\"]);\n\n/**\n * Validate that a parsed JSON value has the expected KVCacheEntry shape.\n * Returns the validated entry or null if the shape is invalid.\n */\nfunction validateCacheEntry(raw: unknown): KVCacheEntry | null {\n if (!raw || typeof raw !== \"object\") return null;\n\n const obj = raw as Record<string, unknown>;\n\n // Required fields\n if (typeof obj.lastModified !== \"number\") return null;\n if (!Array.isArray(obj.tags)) return null;\n if (obj.revalidateAt !== null && typeof obj.revalidateAt !== \"number\") return null;\n\n // value must be null or a valid cache value object with a known kind\n if (obj.value !== null) {\n if (!obj.value || typeof obj.value !== \"object\") return null;\n const value = obj.value as Record<string, unknown>;\n if (typeof value.kind !== \"string\" || !VALID_KINDS.has(value.kind)) return null;\n }\n\n return raw as KVCacheEntry;\n}\n\n// ---------------------------------------------------------------------------\n// ArrayBuffer serialization helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Deep-clone a cache value, converting ArrayBuffer fields to base64 strings\n * so the entire structure can be JSON.stringify'd for KV storage.\n */\nfunction serializeForJSON(value: IncrementalCacheValue): IncrementalCacheValue {\n if (value.kind === \"APP_PAGE\") {\n return {\n ...value,\n rscData: value.rscData ? (arrayBufferToBase64(value.rscData) as any) : undefined,\n };\n }\n if (value.kind === \"APP_ROUTE\") {\n return {\n ...value,\n body: arrayBufferToBase64(value.body) as any,\n };\n }\n if (value.kind === \"IMAGE\") {\n return {\n ...value,\n buffer: arrayBufferToBase64(value.buffer) as any,\n };\n }\n return value;\n}\n\n/**\n * Restore base64 strings back to ArrayBuffers after JSON.parse.\n * Returns false if any base64 decode fails (corrupted entry).\n */\nfunction restoreArrayBuffers(value: IncrementalCacheValue): boolean {\n if (value.kind === \"APP_PAGE\" && typeof value.rscData === \"string\") {\n const decoded = safeBase64ToArrayBuffer(value.rscData as any);\n if (!decoded) return false;\n (value as any).rscData = decoded;\n }\n if (value.kind === \"APP_ROUTE\" && typeof value.body === \"string\") {\n const decoded = safeBase64ToArrayBuffer(value.body as any);\n if (!decoded) return false;\n (value as any).body = decoded;\n }\n if (value.kind === \"IMAGE\" && typeof value.buffer === \"string\") {\n const decoded = safeBase64ToArrayBuffer(value.buffer as any);\n if (!decoded) return false;\n (value as any).buffer = decoded;\n }\n return true;\n}\n\nfunction arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = \"\";\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n\nfunction base64ToArrayBuffer(base64: string): ArrayBuffer {\n const binary = atob(base64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n}\n\n/**\n * Safely decode base64 to ArrayBuffer. Returns null on invalid input\n * instead of throwing a DOMException.\n */\nfunction safeBase64ToArrayBuffer(base64: string): ArrayBuffer | null {\n try {\n return base64ToArrayBuffer(base64);\n } catch {\n console.error(\"[vinext] Invalid base64 in cache entry\");\n return null;\n }\n}\n"]}
1
+ {"version":3,"file":"kv-cache-handler.js","sourceRoot":"","sources":["../../src/cloudflare/kv-cache-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,EAAE,0BAA0B,EAA6B,MAAM,6BAA6B,CAAC;AA4BpG,kDAAkD;AAClD,MAAM,UAAU,GAAG,QAAQ,CAAC;AAE5B,oCAAoC;AACpC,MAAM,YAAY,GAAG,QAAQ,CAAC;AAE9B,8CAA8C;AAC9C,MAAM,cAAc,GAAG,GAAG,CAAC;AAE3B;;;;GAIG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,cAAc;QAAE,OAAO,IAAI,CAAC;IAC5F,+EAA+E;IAC/E,yEAAyE;IACzE,0CAA0C;IAC1C,yFAAyF;IACzF,IAAI,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC5C,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,OAAO,cAAc;IACjB,EAAE,CAAc;IAChB,MAAM,CAAS;IACf,GAAG,CAAmC;IACtC,UAAU,CAAS;IAE3B,wFAAwF;IAChF,SAAS,GAAG,IAAI,GAAG,EAAoD,CAAC;IAChF,0EAA0E;IAClE,YAAY,CAAS;IAE7B,YACE,WAAwB,EACxB,OAMC;QAED,IAAI,CAAC,EAAE,GAAG,WAAW,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAChE,IAAI,CAAC,GAAG,GAAG,OAAO,EAAE,GAAG,CAAC;QACxB,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,UAAU,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACxD,IAAI,CAAC,YAAY,GAAG,OAAO,EAAE,aAAa,IAAI,KAAK,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,IAA8B;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,GAAG,YAAY,GAAG,GAAG,CAAC;QAC/C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QAEtB,IAAI,MAAe,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;YAC5E,iFAAiF;YACjF,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,2CAA2C;QAC3C,MAAM,KAAK,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,CAAC;YAClE,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uEAAuE;QACvE,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC5C,IAAI,CAAC,EAAE,EAAE,CAAC;gBACR,wDAAwD;gBACxD,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;gBAChC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,mFAAmF;QACnF,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,MAAM,YAAY,GAAa,EAAE,CAAC;YAElC,8CAA8C;YAC9C,iFAAiF;YACjF,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;gBAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACvC,IAAI,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;oBACzD,8CAA8C;oBAC9C,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,SAAS,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;wBAC7E,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;wBAChC,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,6DAA6D;oBAC7D,IAAI,MAAM;wBAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACvC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;YAED,wDAAwD;YACxD,8EAA8E;YAC9E,wEAAwE;YACxE,kFAAkF;YAClF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5B,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,GAAG,CAClC,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,GAAG,GAAG,CAAC,CAAC,CACvE,CAAC;gBAEF,qEAAqE;gBACrE,qEAAqE;gBACrE,sEAAsE;gBACtE,qEAAqE;gBACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC7C,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;oBAC9B,MAAM,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBACnD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;gBACnF,CAAC;gBAED,8DAA8D;gBAC9D,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;oBAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;oBACxC,IAAI,MAAM,CAAC,SAAS,KAAK,CAAC,EAAE,CAAC;wBAC3B,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,SAAS,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;4BAC7E,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;4BAChC,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,IAAI,KAAK,CAAC,YAAY,KAAK,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,YAAY,EAAE,CAAC;YACnE,OAAO;gBACL,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,UAAU,EAAE,OAAO;aACpB,CAAC;QACJ,CAAC;QAED,OAAO;YACL,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC;IACJ,CAAC;IAED,GAAG,CACD,GAAW,EACX,IAAkC,EAClC,GAA6B;QAE7B,2DAA2D;QAC3D,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;QACjC,IAAI,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBACjC,IAAI,SAAS;oBAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QACD,IAAI,GAAG,IAAI,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACpD,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,IAAgB,EAAE,CAAC;gBACrC,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBACjC,IAAI,SAAS;oBAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC;QAEzB,8BAA8B;QAC9B,IAAI,YAAY,GAAkB,IAAI,CAAC;QACvC,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,UAAU,GAAI,GAAW,CAAC,YAAY,EAAE,UAAU,IAAK,GAAW,CAAC,UAAU,CAAC;YACpF,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;gBACrD,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,GAAG,IAAI,CAAC;YAChD,CAAC;QACH,CAAC;QACD,IACE,IAAI;YACJ,YAAY,IAAI,IAAI;YACpB,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ;YACnC,IAAI,CAAC,UAAU,GAAG,CAAC,EACnB,CAAC;YACD,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACrD,CAAC;QAED,kEAAkE;QAClE,MAAM,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE1D,MAAM,KAAK,GAAiB;YAC1B,KAAK,EAAE,YAAY;YACnB,IAAI;YACJ,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;YACxB,YAAY;SACb,CAAC;QAEF,oDAAoD;QACpD,EAAE;QACF,4EAA4E;QAC5E,2EAA2E;QAC3E,2EAA2E;QAC3E,EAAE;QACF,uEAAuE;QACvE,6EAA6E;QAC7E,4EAA4E;QAC5E,EAAE;QACF,2EAA2E;QAC3E,6EAA6E;QAC7E,+EAA+E;QAC/E,4EAA4E;QAC5E,MAAM,aAAa,GAAuB,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;QAE9F,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,YAAY,GAAG,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE;YACxE,aAAa;SACd,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAuB,EAAE,UAAgC;QAC3E,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;QACjE,4CAA4C;QAC5C,oEAAoE;QACpE,MAAM,OAAO,CAAC,GAAG,CACf,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACpB,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,UAAU,GAAG,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE;YACvD,aAAa,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI;SAC9B,CAAC,CACH,CACF,CAAC;QACF,oEAAoE;QACpE,wCAAwC;QACxC,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;YAC5B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;OAaG;IACH,iBAAiB;QACf,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAED;;;;;;;OAOG;IACK,mBAAmB,CAAC,KAAa;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,GAAG,GAAG,0BAA0B,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC;QACrD,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,mCAAmC;IACrC,CAAC;IAED;;;;OAIG;IACK,IAAI,CAAC,KAAa,EAAE,KAAa,EAAE,OAAoC;QAC7E,MAAM,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,0BAA0B,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC;QACrD,IAAI,GAAG,EAAE,CAAC;YACR,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;AAE9F;;;GAGG;AACH,SAAS,kBAAkB,CAAC,GAAY;IACtC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEjD,MAAM,GAAG,GAAG,GAA8B,CAAC;IAE3C,kBAAkB;IAClB,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,GAAG,CAAC,YAAY,KAAK,IAAI,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEnF,qEAAqE;IACrE,IAAI,GAAG,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC7D,MAAM,KAAK,GAAG,GAAG,CAAC,KAAgC,CAAC;QACnD,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;IAClF,CAAC;IAED,OAAO,GAAmB,CAAC;AAC7B,CAAC;AAED,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E;;;GAGG;AACH,SAAS,gBAAgB,CAAC,KAA4B;IACpD,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC9B,OAAO;YACL,GAAG,KAAK;YACR,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAE,mBAAmB,CAAC,KAAK,CAAC,OAAO,CAAS,CAAC,CAAC,CAAC,SAAS;SACjF,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;QAC/B,OAAO;YACL,GAAG,KAAK;YACR,IAAI,EAAE,mBAAmB,CAAC,KAAK,CAAC,IAAI,CAAQ;SAC7C,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC3B,OAAO;YACL,GAAG,KAAK;YACR,MAAM,EAAE,mBAAmB,CAAC,KAAK,CAAC,MAAM,CAAQ;SACjD,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,KAA4B;IACvD,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;QACnE,MAAM,OAAO,GAAG,uBAAuB,CAAC,KAAK,CAAC,OAAc,CAAC,CAAC;QAC9D,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,KAAa,CAAC,OAAO,GAAG,OAAO,CAAC;IACnC,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACjE,MAAM,OAAO,GAAG,uBAAuB,CAAC,KAAK,CAAC,IAAW,CAAC,CAAC;QAC3D,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,KAAa,CAAC,IAAI,GAAG,OAAO,CAAC;IAChC,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC/D,MAAM,OAAO,GAAG,uBAAuB,CAAC,KAAK,CAAC,MAAa,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,KAAa,CAAC,MAAM,GAAG,OAAO,CAAC;IAClC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAmB;IAC9C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAc;IACzC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,MAAc;IAC7C,IAAI,CAAC;QACH,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["/**\n * Cloudflare KV-backed CacheHandler for vinext.\n *\n * Provides persistent ISR caching on Cloudflare Workers using KV as the\n * storage backend. Supports time-based expiry (stale-while-revalidate)\n * and tag-based invalidation.\n *\n * Usage in worker/index.ts:\n *\n * import { KVCacheHandler } from \"vinext/cloudflare\";\n * import { setCacheHandler } from \"vinext/shims/cache\";\n *\n * export default {\n * async fetch(request: Request, env: Env, ctx: ExecutionContext) {\n * setCacheHandler(new KVCacheHandler(env.VINEXT_CACHE));\n * // ctx is propagated automatically via runWithExecutionContext in\n * // the vinext handler — no need to pass it to KVCacheHandler.\n * // ... rest of worker handler\n * }\n * };\n *\n * Wrangler config (wrangler.jsonc):\n *\n * {\n * \"kv_namespaces\": [\n * { \"binding\": \"VINEXT_CACHE\", \"id\": \"<your-kv-namespace-id>\" }\n * ]\n * }\n */\n\nimport type { CacheHandler, CacheHandlerValue, IncrementalCacheValue } from \"../shims/cache.js\";\nimport { getRequestExecutionContext, type ExecutionContextLike } from \"../shims/request-context.js\";\n\n// Cloudflare KV namespace interface (matches Workers types)\ninterface KVNamespace {\n get(key: string, options?: { type?: string }): Promise<string | null>;\n get(key: string, options: { type: \"arrayBuffer\" }): Promise<ArrayBuffer | null>;\n put(\n key: string,\n value: string | ArrayBuffer | ReadableStream,\n options?: { expirationTtl?: number; metadata?: Record<string, unknown> },\n ): Promise<void>;\n delete(key: string): Promise<void>;\n list(options?: { prefix?: string; limit?: number; cursor?: string }): Promise<{\n keys: Array<{ name: string; metadata?: Record<string, unknown> }>;\n list_complete: boolean;\n cursor?: string;\n }>;\n}\n\n/** Shape stored in KV for each cache entry. */\ninterface KVCacheEntry {\n value: IncrementalCacheValue | null;\n tags: string[];\n lastModified: number;\n /** Absolute timestamp (ms) after which the entry is \"stale\" (but still served). */\n revalidateAt: number | null;\n}\n\n/** Key prefix for tag invalidation timestamps. */\nconst TAG_PREFIX = \"__tag:\";\n\n/** Key prefix for cache entries. */\nconst ENTRY_PREFIX = \"cache:\";\n\n/** Max tag length to prevent KV key abuse. */\nconst MAX_TAG_LENGTH = 256;\n\n/**\n * Validate a cache tag. Returns null if invalid.\n * Note: `:` is rejected because TAG_PREFIX and ENTRY_PREFIX use `:` as a\n * separator — allowing `:` in user tags could cause ambiguous key lookups.\n */\nfunction validateTag(tag: string): string | null {\n if (typeof tag !== \"string\" || tag.length === 0 || tag.length > MAX_TAG_LENGTH) return null;\n // Block control characters and reserved separators used in our own key format.\n // Slash is allowed because revalidatePath() relies on pathname tags like\n // \"/posts/hello\" and \"_N_T_/posts/hello\".\n // eslint-disable-next-line no-control-regex -- intentional: reject control chars in tags\n if (/[\\x00-\\x1f\\\\:]/.test(tag)) return null;\n return tag;\n}\n\nexport class KVCacheHandler implements CacheHandler {\n private kv: KVNamespace;\n private prefix: string;\n private ctx: ExecutionContextLike | undefined;\n private ttlSeconds: number;\n\n /** Local in-memory cache for tag invalidation timestamps. Avoids redundant KV reads. */\n private _tagCache = new Map<string, { timestamp: number; fetchedAt: number }>();\n /** TTL (ms) for local tag cache entries. After this, re-fetch from KV. */\n private _tagCacheTtl: number;\n\n constructor(\n kvNamespace: KVNamespace,\n options?: {\n appPrefix?: string;\n ctx?: ExecutionContextLike;\n ttlSeconds?: number;\n /** TTL in milliseconds for the local tag cache. Defaults to 5000ms. */\n tagCacheTtlMs?: number;\n },\n ) {\n this.kv = kvNamespace;\n this.prefix = options?.appPrefix ? `${options.appPrefix}:` : \"\";\n this.ctx = options?.ctx;\n this.ttlSeconds = options?.ttlSeconds ?? 30 * 24 * 3600;\n this._tagCacheTtl = options?.tagCacheTtlMs ?? 5_000;\n }\n\n async get(key: string, _ctx?: Record<string, unknown>): Promise<CacheHandlerValue | null> {\n const kvKey = this.prefix + ENTRY_PREFIX + key;\n const raw = await this.kv.get(kvKey);\n if (!raw) return null;\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n // Corrupted JSON — fire cleanup delete in the background and treat as miss.\n // Using waitUntil ensures the delete isn't killed when the Response is returned.\n this._deleteInBackground(kvKey);\n return null;\n }\n\n // Validate deserialized shape before using\n const entry = validateCacheEntry(parsed);\n if (!entry) {\n console.error(\"[vinext] Invalid cache entry shape for key:\", key);\n this._deleteInBackground(kvKey);\n return null;\n }\n\n // Restore ArrayBuffer fields that were base64-encoded for JSON storage\n if (entry.value) {\n const ok = restoreArrayBuffers(entry.value);\n if (!ok) {\n // base64 decode failed — corrupted entry, treat as miss\n this._deleteInBackground(kvKey);\n return null;\n }\n }\n\n // Check tag-based invalidation.\n // Uses a local in-memory cache to avoid redundant KV reads for recently-seen tags.\n if (entry.tags.length > 0) {\n const now = Date.now();\n const uncachedTags: string[] = [];\n\n // First pass: check local cache for each tag.\n // Delete expired entries to prevent unbounded Map growth in long-lived isolates.\n for (const tag of entry.tags) {\n const cached = this._tagCache.get(tag);\n if (cached && now - cached.fetchedAt < this._tagCacheTtl) {\n // Local cache hit — check invalidation inline\n if (Number.isNaN(cached.timestamp) || cached.timestamp >= entry.lastModified) {\n this._deleteInBackground(kvKey);\n return null;\n }\n } else {\n // Expired or absent — evict stale entry and re-fetch from KV\n if (cached) this._tagCache.delete(tag);\n uncachedTags.push(tag);\n }\n }\n\n // Second pass: fetch uncached tags from KV in parallel.\n // Populate the local cache for ALL fetched tags before checking invalidation,\n // so that KV round-trips are not wasted when an earlier tag triggers an\n // early return — subsequent get() calls benefit from the already-fetched results.\n if (uncachedTags.length > 0) {\n const tagResults = await Promise.all(\n uncachedTags.map((tag) => this.kv.get(this.prefix + TAG_PREFIX + tag)),\n );\n\n // Populate cache for all results first, then check for invalidation.\n // Two-loop structure ensures all tag results are cached even when an\n // earlier tag would cause an early return — so subsequent get() calls\n // for entries sharing those tags don't redundantly re-fetch from KV.\n for (let i = 0; i < uncachedTags.length; i++) {\n const tagTime = tagResults[i];\n const tagTimestamp = tagTime ? Number(tagTime) : 0;\n this._tagCache.set(uncachedTags[i], { timestamp: tagTimestamp, fetchedAt: now });\n }\n\n // Then check for invalidation using the now-cached timestamps\n for (const tag of uncachedTags) {\n const cached = this._tagCache.get(tag)!;\n if (cached.timestamp !== 0) {\n if (Number.isNaN(cached.timestamp) || cached.timestamp >= entry.lastModified) {\n this._deleteInBackground(kvKey);\n return null;\n }\n }\n }\n }\n }\n\n // Check time-based expiry — return stale with cacheState\n if (entry.revalidateAt !== null && Date.now() > entry.revalidateAt) {\n return {\n lastModified: entry.lastModified,\n value: entry.value,\n cacheState: \"stale\",\n };\n }\n\n return {\n lastModified: entry.lastModified,\n value: entry.value,\n };\n }\n\n set(\n key: string,\n data: IncrementalCacheValue | null,\n ctx?: Record<string, unknown>,\n ): Promise<void> {\n // Collect, validate, and dedupe tags from data and context\n const tagSet = new Set<string>();\n if (data && \"tags\" in data && Array.isArray(data.tags)) {\n for (const t of data.tags) {\n const validated = validateTag(t);\n if (validated) tagSet.add(validated);\n }\n }\n if (ctx && \"tags\" in ctx && Array.isArray(ctx.tags)) {\n for (const t of ctx.tags as string[]) {\n const validated = validateTag(t);\n if (validated) tagSet.add(validated);\n }\n }\n const tags = [...tagSet];\n\n // Determine revalidation time\n let revalidateAt: number | null = null;\n if (ctx) {\n const revalidate = (ctx as any).cacheControl?.revalidate ?? (ctx as any).revalidate;\n if (typeof revalidate === \"number\" && revalidate > 0) {\n revalidateAt = Date.now() + revalidate * 1000;\n }\n }\n if (\n data &&\n \"revalidate\" in data &&\n typeof data.revalidate === \"number\" &&\n data.revalidate > 0\n ) {\n revalidateAt = Date.now() + data.revalidate * 1000;\n }\n\n // Prepare entry — convert ArrayBuffers to base64 for JSON storage\n const serializable = data ? serializeForJSON(data) : null;\n\n const entry: KVCacheEntry = {\n value: serializable,\n tags,\n lastModified: Date.now(),\n revalidateAt,\n };\n\n // KV TTL is decoupled from the revalidation period.\n //\n // Staleness (when to trigger background regen) is tracked by `revalidateAt`\n // in the stored JSON — not by KV eviction. KV eviction is purely a storage\n // hygiene mechanism and must never be the reason a stale entry disappears.\n //\n // If KV TTL were tied to the revalidate window (e.g. 10x), a page with\n // revalidate=5 would be evicted after ~50 seconds of no traffic, causing the\n // next request to block on a fresh render instead of serving stale content.\n //\n // Fix: always keep entries for 30 days regardless of revalidate frequency.\n // Background regen overwrites the key with a fresh entry + new revalidateAt,\n // so active pages always have something to serve. Entries only disappear after\n // 30 days of zero traffic, or when explicitly deleted via tag invalidation.\n const expirationTtl: number | undefined = revalidateAt !== null ? this.ttlSeconds : undefined;\n\n return this._put(this.prefix + ENTRY_PREFIX + key, JSON.stringify(entry), {\n expirationTtl,\n });\n }\n\n async revalidateTag(tags: string | string[], _durations?: { expire?: number }): Promise<void> {\n const tagList = Array.isArray(tags) ? tags : [tags];\n const now = Date.now();\n const validTags = tagList.filter((t) => validateTag(t) !== null);\n // Store invalidation timestamp for each tag\n // Use a long TTL (30 days) so recent invalidations are always found\n await Promise.all(\n validTags.map((tag) =>\n this.kv.put(this.prefix + TAG_PREFIX + tag, String(now), {\n expirationTtl: 30 * 24 * 3600,\n }),\n ),\n );\n // Update local tag cache immediately so invalidations are reflected\n // without waiting for the TTL to expire\n for (const tag of validTags) {\n this._tagCache.set(tag, { timestamp: now, fetchedAt: now });\n }\n }\n\n /**\n * Clear the in-memory tag cache for this KVCacheHandler instance.\n *\n * Note: KVCacheHandler instances are typically reused across multiple\n * requests in a Cloudflare Worker. The `_tagCache` is intentionally\n * cross-request — it reduces redundant KV reads for recently-seen tags\n * across all requests hitting the same isolate, bounded by `tagCacheTtlMs`\n * (default 5s). vinext does NOT call this method per request.\n *\n * This is an opt-in escape hatch for callers that need stricter isolation\n * (e.g., tests, or environments with custom lifecycle management).\n * Callers that require per-request isolation should either construct a\n * fresh KVCacheHandler per request or invoke this method explicitly.\n */\n resetRequestCache(): void {\n this._tagCache.clear();\n }\n\n /**\n * Fire a KV delete in the background.\n * Prefers the per-request ExecutionContext from ALS (set by\n * runWithExecutionContext in the worker entry) so that background KV\n * operations are registered with the correct request's waitUntil().\n * Falls back to the constructor-provided ctx for callers that set it\n * explicitly, and to fire-and-forget when neither is available (Node.js dev).\n */\n private _deleteInBackground(kvKey: string): void {\n const promise = this.kv.delete(kvKey);\n const ctx = getRequestExecutionContext() ?? this.ctx;\n if (ctx) {\n ctx.waitUntil(promise);\n }\n // else: fire-and-forget on Node.js\n }\n\n /**\n * Execute a KV put and return the promise so callers can await completion.\n * Also registers with ctx.waitUntil() so the Workers runtime keeps the\n * isolate alive even if the caller does not await the returned promise.\n */\n private _put(kvKey: string, value: string, options?: { expirationTtl?: number }): Promise<void> {\n const promise = this.kv.put(kvKey, value, options);\n const ctx = getRequestExecutionContext() ?? this.ctx;\n if (ctx) {\n ctx.waitUntil(promise);\n }\n return promise;\n }\n}\n\n// ---------------------------------------------------------------------------\n// Validation helpers\n// ---------------------------------------------------------------------------\n\nconst VALID_KINDS = new Set([\"FETCH\", \"APP_PAGE\", \"PAGES\", \"APP_ROUTE\", \"REDIRECT\", \"IMAGE\"]);\n\n/**\n * Validate that a parsed JSON value has the expected KVCacheEntry shape.\n * Returns the validated entry or null if the shape is invalid.\n */\nfunction validateCacheEntry(raw: unknown): KVCacheEntry | null {\n if (!raw || typeof raw !== \"object\") return null;\n\n const obj = raw as Record<string, unknown>;\n\n // Required fields\n if (typeof obj.lastModified !== \"number\") return null;\n if (!Array.isArray(obj.tags)) return null;\n if (obj.revalidateAt !== null && typeof obj.revalidateAt !== \"number\") return null;\n\n // value must be null or a valid cache value object with a known kind\n if (obj.value !== null) {\n if (!obj.value || typeof obj.value !== \"object\") return null;\n const value = obj.value as Record<string, unknown>;\n if (typeof value.kind !== \"string\" || !VALID_KINDS.has(value.kind)) return null;\n }\n\n return raw as KVCacheEntry;\n}\n\n// ---------------------------------------------------------------------------\n// ArrayBuffer serialization helpers\n// ---------------------------------------------------------------------------\n\n/**\n * Deep-clone a cache value, converting ArrayBuffer fields to base64 strings\n * so the entire structure can be JSON.stringify'd for KV storage.\n */\nfunction serializeForJSON(value: IncrementalCacheValue): IncrementalCacheValue {\n if (value.kind === \"APP_PAGE\") {\n return {\n ...value,\n rscData: value.rscData ? (arrayBufferToBase64(value.rscData) as any) : undefined,\n };\n }\n if (value.kind === \"APP_ROUTE\") {\n return {\n ...value,\n body: arrayBufferToBase64(value.body) as any,\n };\n }\n if (value.kind === \"IMAGE\") {\n return {\n ...value,\n buffer: arrayBufferToBase64(value.buffer) as any,\n };\n }\n return value;\n}\n\n/**\n * Restore base64 strings back to ArrayBuffers after JSON.parse.\n * Returns false if any base64 decode fails (corrupted entry).\n */\nfunction restoreArrayBuffers(value: IncrementalCacheValue): boolean {\n if (value.kind === \"APP_PAGE\" && typeof value.rscData === \"string\") {\n const decoded = safeBase64ToArrayBuffer(value.rscData as any);\n if (!decoded) return false;\n (value as any).rscData = decoded;\n }\n if (value.kind === \"APP_ROUTE\" && typeof value.body === \"string\") {\n const decoded = safeBase64ToArrayBuffer(value.body as any);\n if (!decoded) return false;\n (value as any).body = decoded;\n }\n if (value.kind === \"IMAGE\" && typeof value.buffer === \"string\") {\n const decoded = safeBase64ToArrayBuffer(value.buffer as any);\n if (!decoded) return false;\n (value as any).buffer = decoded;\n }\n return true;\n}\n\nfunction arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = \"\";\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n\nfunction base64ToArrayBuffer(base64: string): ArrayBuffer {\n const binary = atob(base64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n}\n\n/**\n * Safely decode base64 to ArrayBuffer. Returns null on invalid input\n * instead of throwing a DOMException.\n */\nfunction safeBase64ToArrayBuffer(base64: string): ArrayBuffer | null {\n try {\n return base64ToArrayBuffer(base64);\n } catch {\n console.error(\"[vinext] Invalid base64 in cache entry\");\n return null;\n }\n}\n"]}
package/dist/config/config-matchers.d.ts CHANGED
@@ -49,6 +49,7 @@ export declare function parseCookies(cookieHeader: string | null): Record<string
49
49
  * Build a RequestContext from a Web Request object.
50
50
  */
51
51
  export declare function requestContextFromRequest(request: Request): RequestContext;
52
+ export declare function normalizeHost(hostHeader: string | null, fallbackHostname: string): string;
52
53
  /**
53
54
  * Unpack `x-middleware-request-*` headers from the collected middleware
54
55
  * response headers into the actual request, and strip all `x-middleware-*`
package/dist/config/config-matchers.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config-matchers.d.ts","sourceRoot":"","sources":["../../src/config/config-matchers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAoK5F;;;;;;;;;GASG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAsGpD;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAczE;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAgEzD;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,KAAK,EAAE,eAAe,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAWhF;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,OAAO,GAAG,cAAc,CAQ1E;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,6BAA6B,CAC3C,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EACpD,OAAO,EAAE,OAAO,GACf;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,YAAY,EAAE,cAAc,CAAA;CAAE,CAqBpD;AAiED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,YAAY,EAAE,GAAG,SAAS,EAC/B,OAAO,EAAE,YAAY,EAAE,GAAG,SAAS,EACnC,GAAG,EAAE,cAAc,GAClB,OAAO,CAYT;AAsBD;;;;;;;;;;GAUG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAgH/B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,wBAAgB,aAAa,CAC3B,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,YAAY,EAAE,EACzB,GAAG,EAAE,cAAc,GAClB;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,GAAG,IAAI,CAsGpD;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAC1B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,WAAW,EAAE,EACvB,GAAG,EAAE,cAAc,GAClB,MAAM,GAAG,IAAI,CAuBf;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAWxD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAElD;AAED;;;;;;;;GAQG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,QAAQ,CAAC,CAoFnB;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAC1B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,UAAU,EAAE,EACrB,GAAG,EAAE,cAAc,GAClB,KAAK,CAAC;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAqBvC"}
1
+ {"version":3,"file":"config-matchers.d.ts","sourceRoot":"","sources":["../../src/config/config-matchers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AA6K5F;;;;;;;;;GASG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAsGpD;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAczE;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAgEzD;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,KAAK,EAAE,eAAe,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAWhF;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,OAAO,GAAG,cAAc,CAQ1E;AAED,wBAAgB,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,EAAE,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAGzF;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,6BAA6B,CAC3C,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EACpD,OAAO,EAAE,OAAO,GACf;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,YAAY,EAAE,cAAc,CAAA;CAAE,CAqBpD;AAiED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,YAAY,EAAE,GAAG,SAAS,EAC/B,OAAO,EAAE,YAAY,EAAE,GAAG,SAAS,EACnC,GAAG,EAAE,cAAc,GAClB,OAAO,CAYT;AAsBD;;;;;;;;;;GAUG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,IAAI,CAgH/B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,wBAAgB,aAAa,CAC3B,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,YAAY,EAAE,EACzB,GAAG,EAAE,cAAc,GAClB;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,GAAG,IAAI,CAiGpD;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAC1B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,WAAW,EAAE,EACvB,GAAG,EAAE,cAAc,GAClB,MAAM,GAAG,IAAI,CAgBf;AA+BD;;;;;;;;;;GAUG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAWxD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAElD;AAED;;;;;;;;GAQG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,QAAQ,CAAC,CAqFnB;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAC1B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,UAAU,EAAE,EACrB,GAAG,EAAE,cAAc,GAClB,KAAK,CAAC;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAqBvC"}
package/dist/config/config-matchers.js CHANGED
@@ -44,6 +44,14 @@ const _compiledHeaderSourceCache = new Map();
44
44
  * value string was undefined (no regex needed — use exact string comparison).
45
45
  */
46
46
  const _compiledConditionCache = new Map();
47
+ /**
48
+ * Cache for destination substitution regexes in substituteDestinationParams.
49
+ *
50
+ * The regex depends only on the set of param keys captured from the matched
51
+ * source pattern. Caching by sorted key list avoids recompiling a new RegExp
52
+ * for repeated redirect/rewrite calls that use the same param shape.
53
+ */
54
+ const _compiledDestinationParamCache = new Map();
47
55
  /**
48
56
  * Redirect index for O(1) locale-static rule lookup.
49
57
  *
@@ -360,9 +368,13 @@ export function requestContextFromRequest(request) {
360
368
  headers: request.headers,
361
369
  cookies: parseCookies(request.headers.get("cookie")),
362
370
  query: url.searchParams,
363
- host: request.headers.get("host") ?? url.host,
371
+ host: normalizeHost(request.headers.get("host"), url.hostname),
364
372
  };
365
373
  }
374
+ export function normalizeHost(hostHeader, fallbackHostname) {
375
+ const host = hostHeader ?? fallbackHostname;
376
+ return host.split(":", 1)[0].toLowerCase();
377
+ }
366
378
  /**
367
379
  * Unpack `x-middleware-request-*` headers from the collected middleware
368
380
  * response headers into the actual request, and strip all `x-middleware-*`
@@ -706,8 +718,9 @@ export function matchRedirect(pathname, redirects, ctx) {
706
718
  continue;
707
719
  }
708
720
  // Locale was omitted (the `?` made it optional) — param value is "".
709
- let dest = redirect.destination;
710
- dest = dest.replace(`:${entry.paramName}`, "");
721
+ let dest = substituteDestinationParams(redirect.destination, {
722
+ [entry.paramName]: "",
723
+ });
711
724
  dest = sanitizeDestination(dest);
712
725
  localeMatch = { destination: dest, permanent: redirect.permanent };
713
726
  localeMatchIndex = entry.originalIndex;
@@ -734,8 +747,9 @@ export function matchRedirect(pathname, redirects, ctx) {
734
747
  if (!checkHasConditions(redirect.has, redirect.missing, ctx))
735
748
  continue;
736
749
  }
737
- let dest = redirect.destination;
738
- dest = dest.replace(`:${entry.paramName}`, localePart);
750
+ let dest = substituteDestinationParams(redirect.destination, {
751
+ [entry.paramName]: localePart,
752
+ });
739
753
  dest = sanitizeDestination(dest);
740
754
  localeMatch = { destination: dest, permanent: redirect.permanent };
741
755
  localeMatchIndex = entry.originalIndex;
@@ -761,14 +775,7 @@ export function matchRedirect(pathname, redirects, ctx) {
761
775
  continue;
762
776
  }
763
777
  }
764
- let dest = redirect.destination;
765
- for (const [key, value] of Object.entries(params)) {
766
- // Replace :param*, :param+, and :param forms in the destination.
767
- // The catch-all suffixes (* and +) must be stripped along with the param name.
768
- dest = dest.replace(`:${key}*`, value);
769
- dest = dest.replace(`:${key}+`, value);
770
- dest = dest.replace(`:${key}`, value);
771
- }
778
+ let dest = substituteDestinationParams(redirect.destination, params);
772
779
  // Collapse protocol-relative URLs (e.g. //evil.com from decoded %2F in catch-all params).
773
780
  dest = sanitizeDestination(dest);
774
781
  return { destination: dest, permanent: redirect.permanent };
@@ -794,14 +801,7 @@ export function matchRewrite(pathname, rewrites, ctx) {
794
801
  continue;
795
802
  }
796
803
  }
797
- let dest = rewrite.destination;
798
- for (const [key, value] of Object.entries(params)) {
799
- // Replace :param*, :param+, and :param forms in the destination.
800
- // The catch-all suffixes (* and +) must be stripped along with the param name.
801
- dest = dest.replace(`:${key}*`, value);
802
- dest = dest.replace(`:${key}+`, value);
803
- dest = dest.replace(`:${key}`, value);
804
- }
804
+ let dest = substituteDestinationParams(rewrite.destination, params);
805
805
  // Collapse protocol-relative URLs (e.g. //evil.com from decoded %2F in catch-all params).
806
806
  dest = sanitizeDestination(dest);
807
807
  return dest;
@@ -809,6 +809,33 @@ export function matchRewrite(pathname, rewrites, ctx) {
809
809
  }
810
810
  return null;
811
811
  }
812
+ /**
813
+ * Substitute all matched route params into a redirect/rewrite destination.
814
+ *
815
+ * Handles repeated params (e.g. `/api/:id/:id`) and catch-all suffix forms
816
+ * (`:path*`, `:path+`) in a single pass. Unknown params are left intact.
817
+ */
818
+ function substituteDestinationParams(destination, params) {
819
+ const keys = Object.keys(params);
820
+ if (keys.length === 0)
821
+ return destination;
822
+ // Match only the concrete param keys captured from the source pattern.
823
+ // Sorting longest-first ensures hyphenated names like `auth-method`
824
+ // win over shorter prefixes like `auth`. The negative lookahead keeps
825
+ // alphanumeric/underscore suffixes attached, while allowing `-` to act
826
+ // as a literal delimiter in destinations like `:year-:month`.
827
+ const sortedKeys = [...keys].sort((a, b) => b.length - a.length);
828
+ const cacheKey = sortedKeys.join("\0");
829
+ let paramRe = _compiledDestinationParamCache.get(cacheKey);
830
+ if (!paramRe) {
831
+ const paramAlternation = sortedKeys
832
+ .map((key) => key.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"))
833
+ .join("|");
834
+ paramRe = new RegExp(`:(${paramAlternation})([+*])?(?![A-Za-z0-9_])`, "g");
835
+ _compiledDestinationParamCache.set(cacheKey, paramRe);
836
+ }
837
+ return destination.replace(paramRe, (_token, key) => params[key]);
838
+ }
812
839
  /**
813
840
  * Sanitize a redirect/rewrite destination to collapse protocol-relative URLs.
814
841
  *
@@ -853,12 +880,13 @@ export async function proxyExternalRequest(request, externalUrl) {
853
880
  // Build the full external URL, preserving query parameters from the original request
854
881
  const originalUrl = new URL(request.url);
855
882
  const targetUrl = new URL(externalUrl);
883
+ const destinationKeys = new Set(targetUrl.searchParams.keys());
856
884
  // If the rewrite destination already has query params, merge them.
857
885
  // Destination params take precedence — original request params are only added
858
886
  // when the destination doesn't already specify that key.
859
887
  for (const [key, value] of originalUrl.searchParams) {
860
- if (!targetUrl.searchParams.has(key)) {
861
- targetUrl.searchParams.set(key, value);
888
+ if (!destinationKeys.has(key)) {
889
+ targetUrl.searchParams.append(key, value);
862
890
  }
863
891
  }
864
892
  // Forward the request with appropriate headers
package/dist/config/config-matchers.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config-matchers.js","sourceRoot":"","sources":["../../src/config/config-matchers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,yCAAyC,EAAE,MAAM,yCAAyC,CAAC;AAEpG;;;;;;;;;;;;GAYG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAuD,CAAC;AAE7F;;;;;;;;;;GAUG;AACH,MAAM,0BAA0B,GAAG,IAAI,GAAG,EAAyB,CAAC;AAEpE;;;;;;;;;;;GAWG;AACH,MAAM,uBAAuB,GAAG,IAAI,GAAG,EAAyB,CAAC;AAEjE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,iFAAiF;AACjF,MAAM,iBAAiB,GAAG,2DAA2D,CAAC;AAuBtF,MAAM,mBAAmB,GAAG,IAAI,OAAO,EAAiC,CAAC;AAEzE;;;;;;GAMG;AACH,SAAS,iBAAiB,CAAC,SAAyB;IAClD,IAAI,KAAK,GAAG,mBAAmB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC/C,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAEtC,MAAM,YAAY,GAAG,IAAI,GAAG,EAA+B,CAAC;IAC5D,MAAM,MAAM,GAAkC,EAAE,CAAC;IAEjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC1C,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC9B,MAAM,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,CAAC,EAAE,CAAC;YACN,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACzE,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAC9C,wEAAwE;YACxE,8DAA8D;YAC9D,uEAAuE;YACvE,+CAA+C;YAC/C,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,GAAG,WAAW,GAAG,IAAI,CAAC,CAAC;YACtD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,+DAA+D;gBAC/D,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;gBAC3B,SAAS;YACX,CAAC;YACD,MAAM,KAAK,GAAsB,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC;YAClF,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACxC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,KAAK,GAAG,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IACjC,mBAAmB,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,uEAAuE;AACvE,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,YAAY;IACZ,YAAY;IACZ,oBAAoB;IACpB,qBAAqB;IACrB,IAAI;IACJ,UAAU;IACV,mBAAmB;IACnB,SAAS;CACV,CAAC,CAAC;AAEH;;;;;;;;;GASG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,sEAAsE;IACtE,uBAAuB;IACvB,MAAM,iBAAiB,GAAc,EAAE,CAAC;IACxC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,CAAC,GAAG,CAAC,CAAC;IAEV,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAEtB,0BAA0B;QAC1B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,CAAC,IAAI,CAAC,CAAC;YACP,SAAS;QACX,CAAC;QAED,qEAAqE;QACrE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,CAAC,EAAE,CAAC;YACJ,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;gBAChD,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI;oBAAE,CAAC,EAAE,CAAC,CAAC,6BAA6B;gBAC3D,CAAC,EAAE,CAAC;YACN,CAAC;YACD,CAAC,EAAE,CAAC,CAAC,iBAAiB;YACtB,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,KAAK,EAAE,CAAC;YACR,uDAAuD;YACvD,IAAI,iBAAiB,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;gBACtC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAChC,CAAC;iBAAM,CAAC;gBACN,iBAAiB,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;YACnC,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,MAAM,aAAa,GAAG,KAAK,GAAG,CAAC,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAC5D,IAAI,KAAK,GAAG,CAAC;gBAAE,KAAK,EAAE,CAAC;YAEvB,yDAAyD;YACzD,4EAA4E;YAC5E,uEAAuE;YACvE,yFAAyF;YACzF,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;gBACjD,IAAI,aAAa,EAAE,CAAC;oBAClB,+EAA+E;oBAC/E,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,kDAAkD;gBAClD,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;oBACnD,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,qCAAqC;QACrC,mFAAmF;QACnF,4CAA4C;QAC5C,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAC7B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBACd,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;YAClC,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,qEAAqE;YACrE,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzC,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;gBACjE,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,iDAAiD;YACjD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;gBAAE,CAAC,EAAE,CAAC;YAC3D,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1D,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAClC,CAAC;gBACD,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACV,SAAS;YACX,CAAC;QACH,CAAC;QAED,CAAC,EAAE,CAAC;IACN,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,OAAe,EAAE,KAAc;IACxD,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,IAAI,CACV,oEAAoE,OAAO,IAAI;YAC7E,wFAAwF;YACxF,oDAAoD,CACvD,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAc;IAC/C,6EAA6E;IAC7E,4DAA4D;IAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC;IAEnB,uEAAuE;IACvE,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE;QACpE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,oEAAoE;IACpE,+FAA+F;IAC/F,qEAAqE;IACrE,6EAA6E;IAC7E,mEAAmE;IACnE,wDAAwD;IACxD,+CAA+C;IAC/C,sFAAsF;IACtF,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,EAAE,GAAG,IAAI,MAAM,CACnB,GAAG,CAAC,UAAU,CAAC,mCAAmC,EAAE,oDAAoD;IACxG,GAAG,CACJ,CAAC;IACF,IAAI,CAAyB,CAAC;IAC9B,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAChD,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YACvB,yCAAyC;YACzC,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACxC,CAAC;aAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChC,wEAAwE;YACxE,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YACxD,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;YACzE,IAAI,eAAe,EAAE,CAAC;gBACpB,+DAA+D;gBAC/D,EAAE,CAAC,SAAS,IAAI,eAAe,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;gBAC1C,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACN,4CAA4C;gBAC5C,MAAM,IAAI,OAAO,CAAC;YACpB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACb,KAAK,GAAG;oBACN,MAAM,IAAI,KAAK,CAAC;oBAChB,MAAM;gBACR,KAAK,GAAG;oBACN,MAAM,IAAI,KAAK,CAAC;oBAChB,MAAM;gBACR,KAAK,GAAG;oBACN,MAAM,IAAI,KAAK,CAAC;oBAChB,MAAM;gBACR,KAAK,GAAG;oBACN,MAAM,IAAI,IAAI,CAAC;oBACf,MAAM;gBACR;oBACE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;oBACf,MAAM;YACV,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAaD;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,YAA2B;IACtD,IAAI,CAAC,YAAY;QAAE,OAAO,EAAE,CAAC;IAC7B,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,EAAE,KAAK,CAAC,CAAC;YAAE,SAAS;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IAChC,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAgB;IACxD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACjC,OAAO;QACL,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACpD,KAAK,EAAE,GAAG,CAAC,YAAY;QACvB,IAAI,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,IAAI;KAC9C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,6BAA6B,CAC3C,iBAAoD,EACpD,OAAgB;IAEhB,MAAM,WAAW,GAAG,yCAAyC,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAElG,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACjD,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACpC,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,yEAAyE;QACzE,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;YACjC,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO,EAAE,WAAW;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,gEAAgE;YAChE,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,yBAAyB,CAAC,OAAO,CAAC,EAAE,CAAC;AACvE,CAAC;AAED;;;GAGG;AACH,SAAS,oBAAoB,CAAC,SAAuB,EAAE,GAAmB;IACxE,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;QACvB,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnD,IAAI,WAAW,KAAK,IAAI;gBAAE,OAAO,KAAK,CAAC;YACvC,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBACpC,OAAO,WAAW,KAAK,SAAS,CAAC,KAAK,CAAC;YACzC,CAAC;YACD,OAAO,IAAI,CAAC,CAAC,kCAAkC;QACjD,CAAC;QACD,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAC/C,IAAI,WAAW,KAAK,SAAS;gBAAE,OAAO,KAAK,CAAC;YAC5C,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBACpC,OAAO,WAAW,KAAK,SAAS,CAAC,KAAK,CAAC;YACzC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAChD,IAAI,UAAU,KAAK,IAAI;gBAAE,OAAO,KAAK,CAAC;YACtC,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACnC,OAAO,UAAU,KAAK,SAAS,CAAC,KAAK,CAAC;YACxC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBACjC,OAAO,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,KAAK,CAAC;YACtC,CAAC;YACD,OAAO,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,GAAG,CAAC;QACpC,CAAC;QACD;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,KAAa;IAC1C,IAAI,EAAE,GAAG,uBAAuB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC5C,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;QACrB,EAAE,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QACvB,uBAAuB,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAA+B,EAC/B,OAAmC,EACnC,GAAmB;IAEnB,IAAI,GAAG,EAAE,CAAC;QACR,KAAK,MAAM,SAAS,IAAI,GAAG,EAAE,CAAC;YAC5B,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;QAC1D,CAAC;IACH,CAAC;IACD,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,MAAM,SAAS,IAAI,OAAO,EAAE,CAAC;YAChC,IAAI,oBAAoB,CAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;QACzD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,GAAW,EAAE,EAAU;IAChD,IAAI,GAAG,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC3C,MAAM,KAAK,GAAG,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,CAAC,GAAG,KAAK,CAAC;IACd,OAAO,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACnC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;aACvB,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;QACjC,CAAC,EAAE,CAAC;IACN,CAAC;IACD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7B,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;IACjB,OAAO,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;AACjC,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,kBAAkB,CAChC,QAAgB,EAChB,OAAe;IAEf,+EAA+E;IAC/E,4EAA4E;IAC5E,6EAA6E;IAC7E,+EAA+E;IAC/E,+EAA+E;IAC/E,oFAAoF;IACpF,6EAA6E;IAC7E,iFAAiF;IACjF,IACE,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;QACrB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QACtB,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC;QAC/B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EACzB,CAAC;QACD,IAAI,CAAC;YACH,sEAAsE;YACtE,sEAAsE;YACtE,6DAA6D;YAC7D,IAAI,QAAQ,GAAG,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAClD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,6DAA6D;gBAC7D,iEAAiE;gBACjE,MAAM,UAAU,GAAa,EAAE,CAAC;gBAChC,wEAAwE;gBACxE,qEAAqE;gBACrE,sEAAsE;gBACtE,oCAAoC;gBACpC,IAAI,QAAQ,GAAG,EAAE,CAAC;gBAClB,MAAM,OAAO,GAAG,uBAAuB,CAAC,CAAC,yFAAyF;gBAClI,IAAI,GAA2B,CAAC;gBAChC,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC9C,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;wBACzB,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;wBACpB,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;wBAC9C,yDAAyD;wBACzD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BACjD,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;4BAC3B,OAAO,CAAC,SAAS,IAAI,CAAC,CAAC;4BACvB,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;4BACvD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BACtB,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;gCACxB,QAAQ,IAAI,IAAI,UAAU,GAAG,CAAC;4BAChC,CAAC;iCAAM,CAAC;gCACN,QAAQ,IAAI,UAAU,KAAK,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;4BACnD,CAAC;wBACH,CAAC;6BAAM,CAAC;4BACN,iDAAiD;4BACjD,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;4BACvD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BACtB,QAAQ,IAAI,UAAU,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;wBAClE,CAAC;oBACH,CAAC;yBAAM,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;wBAC1B,QAAQ,IAAI,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACN,QAAQ,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC;oBACrB,CAAC;gBACH,CAAC;gBACD,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,GAAG,QAAQ,GAAG,GAAG,CAAC,CAAC;gBAC5C,mEAAmE;gBACnE,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1C,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAC/C,CAAC;YACD,IAAI,CAAC,QAAQ;gBAAE,OAAO,IAAI,CAAC;YAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,KAAK;gBAAE,OAAO,IAAI,CAAC;YACxB,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpD,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACtD,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;QAC3C,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,+DAA+D;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACzD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;QAExC,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAE9D,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,MAAM,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,KAAK,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACnD,IAAI,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC5D,2EAA2E;QAC3E,gFAAgF;QAChF,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC;IACpC,CAAC;IAED,8DAA8D;IAC9D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEtC,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEnD,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,MAAM,UAAU,aAAa,CAC3B,QAAgB,EAChB,SAAyB,EACzB,GAAmB;IAEnB,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAExC,MAAM,KAAK,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAE3C,kDAAkD;IAClD,EAAE;IACF,yEAAyE;IACzE,6DAA6D;IAC7D,EAAE;IACF,0EAA0E;IAC1E,yEAAyE;IACzE,qDAAqD;IACrD,EAAE;IACF,wEAAwE;IACxE,sEAAsE;IACtE,+BAA+B;IAE/B,IAAI,WAAW,GAAuD,IAAI,CAAC;IAC3E,IAAI,gBAAgB,GAAG,QAAQ,CAAC;IAEhC,IAAI,KAAK,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAChC,qDAAqD;QACrD,MAAM,cAAc,GAAG,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACxD,IAAI,cAAc,EAAE,CAAC;YACnB,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;gBACnC,IAAI,KAAK,CAAC,aAAa,IAAI,gBAAgB;oBAAE,SAAS,CAAC,8BAA8B;gBACrF,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAChC,IAAI,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACrC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC;wBAAE,SAAS;gBACzE,CAAC;gBACD,qEAAqE;gBACrE,IAAI,IAAI,GAAG,QAAQ,CAAC,WAAW,CAAC;gBAChC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC/C,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACjC,WAAW,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;gBACnE,gBAAgB,GAAG,KAAK,CAAC,aAAa,CAAC;gBACvC,MAAM,CAAC,yDAAyD;YAClE,CAAC;QACH,CAAC;QAED,oEAAoE;QACpE,2DAA2D;QAC3D,wDAAwD;QACxD,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1C,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;YACpB,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB;YAC5D,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY;YAC5D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACpD,IAAI,YAAY,EAAE,CAAC;gBACjB,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;oBACjC,IAAI,KAAK,CAAC,aAAa,IAAI,gBAAgB;wBAAE,SAAS;oBACtD,uEAAuE;oBACvE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC;wBAAE,SAAS;oBAC5C,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;oBAChC,IAAI,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;wBACrC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC;4BAAE,SAAS;oBACzE,CAAC;oBACD,IAAI,IAAI,GAAG,QAAQ,CAAC,WAAW,CAAC;oBAChC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,SAAS,EAAE,EAAE,UAAU,CAAC,CAAC;oBACvD,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;oBACjC,WAAW,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;oBACnE,gBAAgB,GAAG,KAAK,CAAC,aAAa,CAAC;oBACvC,MAAM,CAAC,yDAAyD;gBAClE,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,uDAAuD;IACvD,EAAE;IACF,6EAA6E;IAC7E,2EAA2E;IAC3E,KAAK,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QAC/C,IAAI,OAAO,IAAI,gBAAgB,EAAE,CAAC;YAChC,8DAA8D;YAC9D,+CAA+C;YAC/C,MAAM;QACR,CAAC;QACD,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACrC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;oBAC7D,SAAS;gBACX,CAAC;YACH,CAAC;YACD,IAAI,IAAI,GAAG,QAAQ,CAAC,WAAW,CAAC;YAChC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAClD,iEAAiE;gBACjE,+EAA+E;gBAC/E,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;gBACvC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;gBACvC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,EAAE,EAAE,KAAK,CAAC,CAAC;YACxC,CAAC;YACD,0FAA0F;YAC1F,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACjC,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,QAAgB,EAChB,QAAuB,EACvB,GAAmB;IAEnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACnC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;oBAC3D,SAAS;gBACX,CAAC;YACH,CAAC;YACD,IAAI,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC;YAC/B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAClD,iEAAiE;gBACjE,+EAA+E;gBAC/E,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;gBACvC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;gBACvC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,EAAE,EAAE,KAAK,CAAC,CAAC;YACxC,CAAC;YACD,0FAA0F;YAC1F,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,uEAAuE;IACvE,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,uEAAuE;IACvE,sEAAsE;IACtE,wEAAwE;IACxE,uDAAuD;IACvD,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;IACpC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,OAAO,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAAgB,EAChB,WAAmB;IAEnB,qFAAqF;IACrF,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAEvC,mEAAmE;IACnE,8EAA8E;IAC9E,yDAAyD;IACzD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;QACpD,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACrC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,iEAAiE;IACjE,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;IACpC,mEAAmE;IACnE,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC7B,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACjC,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACpC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9B,MAAM,OAAO,GAAG,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,MAAM,CAAC;IAEtD,MAAM,IAAI,GAAsC;QAC9C,MAAM;QACN,OAAO;QACP,QAAQ,EAAE,QAAQ,EAAE,2DAA2D;KAChF,CAAC;IAEF,IAAI,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,0EAA0E;IAC1E,0EAA0E;IAC1E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,MAAM,CAAC,CAAC;IAC7D,IAAI,gBAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,gBAAgB,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IACzF,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,IAAI,CAAC,EAAE,IAAI,KAAK,YAAY,EAAE,CAAC;YAC7B,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;YAC1E,OAAO,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,CAAC,CAAC,CAAC;QAC3D,OAAO,IAAI,QAAQ,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IACtD,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAED,8CAA8C;IAC9C,uDAAuD;IACvD,4EAA4E;IAC5E,6EAA6E;IAC7E,oEAAoE;IACpE,0DAA0D;IAC1D,mEAAmE;IACnE,6EAA6E;IAC7E,MAAM,aAAa,GAAG,OAAO,OAAO,KAAK,WAAW,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC;IACjF,MAAM,eAAe,GAAG,IAAI,OAAO,EAAE,CAAC;IACtC,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC9C,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QAChC,IAAI,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO;QAC1C,IAAI,aAAa,IAAI,CAAC,KAAK,KAAK,kBAAkB,IAAI,KAAK,KAAK,gBAAgB,CAAC;YAAE,OAAO;QAC1F,eAAe,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,QAAQ,CAAC,gBAAgB,CAAC,IAAI,EAAE;QACzC,MAAM,EAAE,gBAAgB,CAAC,MAAM;QAC/B,UAAU,EAAE,gBAAgB,CAAC,UAAU;QACvC,OAAO,EAAE,eAAe;KACzB,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,QAAgB,EAChB,OAAqB,EACrB,GAAmB;IAEnB,MAAM,MAAM,GAA0C,EAAE,CAAC;IACzD,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,4EAA4E;QAC5E,+EAA+E;QAC/E,IAAI,WAAW,GAAG,0BAA0B,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAChD,WAAW,GAAG,UAAU,CAAC,GAAG,GAAG,OAAO,GAAG,GAAG,CAAC,CAAC;YAC9C,0BAA0B,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,WAAW,IAAI,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9C,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC7B,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;oBACrD,SAAS;gBACX,CAAC;YACH,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["/**\n * Config pattern matching and rule application utilities.\n *\n * Shared between the dev server (index.ts) and the production server\n * (prod-server.ts) so both apply next.config.js rules identically.\n */\n\nimport type { NextRedirect, NextRewrite, NextHeader, HasCondition } from \"./next-config.js\";\nimport { buildRequestHeadersFromMiddlewareResponse } from \"../server/middleware-request-headers.js\";\n\n/**\n * Cache for compiled regex patterns in matchConfigPattern.\n *\n * Redirect/rewrite patterns are static — they come from next.config.js and\n * never change at runtime. Without caching, every request that hits the regex\n * branch re-runs the full tokeniser walk + isSafeRegex + new RegExp() for\n * every rule in the array. On apps with many locale-prefixed rules (which all\n * contain `(` and therefore enter the regex branch) this dominated profiling\n * at ~2.4 seconds of CPU self-time.\n *\n * Value is `null` when safeRegExp rejected the pattern (ReDoS risk), so we\n * skip it on subsequent requests too without re-running the scanner.\n */\nconst _compiledPatternCache = new Map<string, { re: RegExp; paramNames: string[] } | null>();\n\n/**\n * Cache for compiled header source regexes in matchHeaders.\n *\n * Each NextHeader rule has a `source` that is run through escapeHeaderSource()\n * then safeRegExp() to produce a RegExp. Both are pure functions of the source\n * string and the result never changes. Without caching, every request\n * re-runs the full escapeHeaderSource tokeniser + isSafeRegex scan + new RegExp()\n * for every header rule.\n *\n * Value is `null` when safeRegExp rejected the pattern (ReDoS risk).\n */\nconst _compiledHeaderSourceCache = new Map<string, RegExp | null>();\n\n/**\n * Cache for compiled has/missing condition value regexes in checkSingleCondition.\n *\n * Each has/missing condition may carry a `value` string that is passed directly\n * to safeRegExp() for matching against header/cookie/query/host values. The\n * condition objects are static (from next.config.js) so the compiled RegExp\n * never changes. Without caching, safeRegExp() is called on every request for\n * every condition on every rule.\n *\n * Value is `null` when safeRegExp rejected the pattern, or `false` when the\n * value string was undefined (no regex needed — use exact string comparison).\n */\nconst _compiledConditionCache = new Map<string, RegExp | null>();\n\n/**\n * Redirect index for O(1) locale-static rule lookup.\n *\n * Many Next.js apps generate 50-100 redirect rules of the form:\n * /:locale(en|es|fr|...)?/some-static-path → /some-destination\n *\n * The compiled regex for each is like:\n * ^/(en|es|fr|...)?/some-static-path$\n *\n * When no redirect matches (the common case for ordinary page loads),\n * matchRedirect previously ran exec() on every one of those regexes —\n * ~2ms per call, ~2992ms total self-time in profiles.\n *\n * The index splits rules into two buckets:\n *\n * localeStatic — rules whose source is exactly /:paramName(alt1|alt2|...)?/suffix\n * where `suffix` is a static path with no further params or regex groups.\n * These are indexed in a Map<suffix, entry[]> for O(1) lookup after a\n * single fast strip of the optional locale prefix.\n *\n * linear — all other rules. Matched with the original O(n) loop.\n *\n * The index is stored in a WeakMap keyed by the redirects array so it is\n * computed once per config load and GC'd when the array is no longer live.\n *\n * ## Ordering invariant\n *\n * Redirect rules must be evaluated in their original order (first match wins).\n * Each locale-static entry stores its `originalIndex` so that, when a\n * locale-static fast-path match is found, any linear rules that appear earlier\n * in the array are still checked first.\n */\n\n/** Matches `/:param(alternation)?/static/suffix` — the locale-static pattern. */\nconst _LOCALE_STATIC_RE = /^\\/:[\\w-]+\\(([^)]+)\\)\\?\\/([a-zA-Z0-9_~.%@!$&'*+,;=:/-]+)$/;\n\ntype LocaleStaticEntry = {\n /** The param name extracted from the source (e.g. \"locale\"). */\n paramName: string;\n /** The compiled regex matching just the alternation, used at match time. */\n altRe: RegExp;\n /** The original redirect rule. */\n redirect: NextRedirect;\n /** Position of this rule in the original redirects array. */\n originalIndex: number;\n};\n\ntype RedirectIndex = {\n /** Fast-path map: strippedPath (e.g. \"/security\") → matching entries. */\n localeStatic: Map<string, LocaleStaticEntry[]>;\n /**\n * Linear fallback for rules that couldn't be indexed.\n * Each entry is [originalIndex, redirect].\n */\n linear: Array<[number, NextRedirect]>;\n};\n\nconst _redirectIndexCache = new WeakMap<NextRedirect[], RedirectIndex>();\n\n/**\n * Build (or retrieve from cache) the redirect index for a given redirects array.\n *\n * Called once per config load from matchRedirect. The WeakMap ensures the index\n * is recomputed if the config is reloaded (new array reference) and GC'd when\n * the array is collected.\n */\nfunction _getRedirectIndex(redirects: NextRedirect[]): RedirectIndex {\n let index = _redirectIndexCache.get(redirects);\n if (index !== undefined) return index;\n\n const localeStatic = new Map<string, LocaleStaticEntry[]>();\n const linear: Array<[number, NextRedirect]> = [];\n\n for (let i = 0; i < redirects.length; i++) {\n const redirect = redirects[i];\n const m = _LOCALE_STATIC_RE.exec(redirect.source);\n if (m) {\n const paramName = redirect.source.slice(2, redirect.source.indexOf(\"(\"));\n const alternation = m[1];\n const suffix = \"/\" + m[2]; // e.g. \"/security\"\n // Build a small regex to validate the captured locale value against the\n // alternation. Using anchored match to avoid partial matches.\n // The alternation comes from user config; run it through safeRegExp to\n // guard against ReDoS in pathological configs.\n const altRe = safeRegExp(\"^(?:\" + alternation + \")$\");\n if (!altRe) {\n // Unsafe alternation — fall back to linear scan for this rule.\n linear.push([i, redirect]);\n continue;\n }\n const entry: LocaleStaticEntry = { paramName, altRe, redirect, originalIndex: i };\n const bucket = localeStatic.get(suffix);\n if (bucket) {\n bucket.push(entry);\n } else {\n localeStatic.set(suffix, [entry]);\n }\n } else {\n linear.push([i, redirect]);\n }\n }\n\n index = { localeStatic, linear };\n _redirectIndexCache.set(redirects, index);\n return index;\n}\n\n/** Hop-by-hop headers that should not be forwarded through a proxy. */\nconst HOP_BY_HOP_HEADERS = new Set([\n \"connection\",\n \"keep-alive\",\n \"proxy-authenticate\",\n \"proxy-authorization\",\n \"te\",\n \"trailers\",\n \"transfer-encoding\",\n \"upgrade\",\n]);\n\n/**\n * Detect regex patterns vulnerable to catastrophic backtracking (ReDoS).\n *\n * Uses a lightweight heuristic: scans the pattern string for nested quantifiers\n * (a quantifier applied to a group that itself contains a quantifier). This\n * catches the most common pathological patterns like `(a+)+`, `(.*)*`,\n * `([^/]+)+`, `(a|a+)+` without needing a full regex parser.\n *\n * Returns true if the pattern appears safe, false if it's potentially dangerous.\n */\nexport function isSafeRegex(pattern: string): boolean {\n // Track parenthesis nesting depth and whether we've seen a quantifier\n // at each depth level.\n const quantifierAtDepth: boolean[] = [];\n let depth = 0;\n let i = 0;\n\n while (i < pattern.length) {\n const ch = pattern[i];\n\n // Skip escaped characters\n if (ch === \"\\\\\") {\n i += 2;\n continue;\n }\n\n // Skip character classes [...] — quantifiers inside them are literal\n if (ch === \"[\") {\n i++;\n while (i < pattern.length && pattern[i] !== \"]\") {\n if (pattern[i] === \"\\\\\") i++; // skip escaped char in class\n i++;\n }\n i++; // skip closing ]\n continue;\n }\n\n if (ch === \"(\") {\n depth++;\n // Initialize: no quantifier seen yet at this new depth\n if (quantifierAtDepth.length <= depth) {\n quantifierAtDepth.push(false);\n } else {\n quantifierAtDepth[depth] = false;\n }\n i++;\n continue;\n }\n\n if (ch === \")\") {\n const hadQuantifier = depth > 0 && quantifierAtDepth[depth];\n if (depth > 0) depth--;\n\n // Look ahead for a quantifier on this group: +, *, {n,m}\n // Note: '?' after ')' means \"zero or one\" which does NOT cause catastrophic\n // backtracking — it only allows 2 paths (match/skip), not exponential.\n // Only unbounded repetition (+, *, {n,}) on a group with inner quantifiers is dangerous.\n const next = pattern[i + 1];\n if (next === \"+\" || next === \"*\" || next === \"{\") {\n if (hadQuantifier) {\n // Nested quantifier detected: quantifier on a group that contains a quantifier\n return false;\n }\n // Mark the enclosing depth as having a quantifier\n if (depth >= 0 && depth < quantifierAtDepth.length) {\n quantifierAtDepth[depth] = true;\n }\n }\n i++;\n continue;\n }\n\n // Detect quantifiers: +, *, ?, {n,m}\n // '?' is a quantifier (optional) unless it follows another quantifier (+, *, ?, })\n // in which case it's a non-greedy modifier.\n if (ch === \"+\" || ch === \"*\") {\n if (depth > 0) {\n quantifierAtDepth[depth] = true;\n }\n i++;\n continue;\n }\n\n if (ch === \"?\") {\n // '?' after +, *, ?, or } is a non-greedy modifier, not a quantifier\n const prev = i > 0 ? pattern[i - 1] : \"\";\n if (prev !== \"+\" && prev !== \"*\" && prev !== \"?\" && prev !== \"}\") {\n if (depth > 0) {\n quantifierAtDepth[depth] = true;\n }\n }\n i++;\n continue;\n }\n\n if (ch === \"{\") {\n // Check if this is a quantifier {n}, {n,}, {n,m}\n let j = i + 1;\n while (j < pattern.length && /[\\d,]/.test(pattern[j])) j++;\n if (j < pattern.length && pattern[j] === \"}\" && j > i + 1) {\n if (depth > 0) {\n quantifierAtDepth[depth] = true;\n }\n i = j + 1;\n continue;\n }\n }\n\n i++;\n }\n\n return true;\n}\n\n/**\n * Compile a regex pattern safely. Returns the compiled RegExp or null if the\n * pattern is invalid or vulnerable to ReDoS.\n *\n * Logs a warning when a pattern is rejected so developers can fix their config.\n */\nexport function safeRegExp(pattern: string, flags?: string): RegExp | null {\n if (!isSafeRegex(pattern)) {\n console.warn(\n `[vinext] Ignoring potentially unsafe regex pattern (ReDoS risk): ${pattern}\\n` +\n ` Patterns with nested quantifiers (e.g. (a+)+) can cause catastrophic backtracking.\\n` +\n ` Simplify the pattern to avoid nested repetition.`,\n );\n return null;\n }\n try {\n return new RegExp(pattern, flags);\n } catch {\n return null;\n }\n}\n\n/**\n * Convert a Next.js header/rewrite/redirect source pattern into a regex string.\n *\n * Regex groups in the source (e.g. `(\\d+)`) are extracted first, the remaining\n * text is escaped/converted in a **single pass** (avoiding chained `.replace()`\n * which CodeQL flags as incomplete sanitization), then groups are restored.\n */\nexport function escapeHeaderSource(source: string): string {\n // Sentinel character for group placeholders. Uses a Unicode private-use-area\n // codepoint that will never appear in real source patterns.\n const S = \"\\uE000\";\n\n // Step 1: extract regex groups and replace with numbered placeholders.\n const groups: string[] = [];\n const withPlaceholders = source.replace(/\\(([^)]+)\\)/g, (_m, inner) => {\n groups.push(inner);\n return `${S}G${groups.length - 1}${S}`;\n });\n\n // Step 2: single-pass conversion of the placeholder-bearing string.\n // Match named params (:[\\w-]+), sentinel group placeholders, metacharacters, and literal text.\n // The regex uses non-overlapping alternatives to avoid backtracking:\n // :[\\w-]+ — named parameter (constraint sentinel is checked procedurally;\n // param names may contain hyphens, e.g. :auth-method)\n // sentinel group — standalone regex group placeholder\n // [.+?*] — single metachar to escape/convert\n // [^.+?*:\\uE000]+ — literal text (excludes all chars that start other alternatives)\n let result = \"\";\n const re = new RegExp(\n `${S}G(\\\\d+)${S}|:[\\\\w-]+|[.+?*]|[^.+?*:\\\\uE000]+`, // lgtm[js/redos] — alternatives are non-overlapping\n \"g\",\n );\n let m: RegExpExecArray | null;\n while ((m = re.exec(withPlaceholders)) !== null) {\n if (m[1] !== undefined) {\n // Standalone regex group — restore as-is\n result += `(${groups[Number(m[1])]})`;\n } else if (m[0].startsWith(\":\")) {\n // Named parameter — check if followed by a constraint group placeholder\n const afterParam = withPlaceholders.slice(re.lastIndex);\n const constraintMatch = afterParam.match(new RegExp(`^${S}G(\\\\d+)${S}`));\n if (constraintMatch) {\n // :param(constraint) — use the constraint as the capture group\n re.lastIndex += constraintMatch[0].length;\n result += `(${groups[Number(constraintMatch[1])]})`;\n } else {\n // Plain named parameter → match one segment\n result += \"[^/]+\";\n }\n } else {\n switch (m[0]) {\n case \".\":\n result += \"\\\\.\";\n break;\n case \"+\":\n result += \"\\\\+\";\n break;\n case \"?\":\n result += \"\\\\?\";\n break;\n case \"*\":\n result += \".*\";\n break;\n default:\n result += m[0];\n break;\n }\n }\n }\n\n return result;\n}\n\n/**\n * Request context needed for evaluating has/missing conditions.\n * Callers extract the relevant parts from the incoming Request.\n */\nexport interface RequestContext {\n headers: Headers;\n cookies: Record<string, string>;\n query: URLSearchParams;\n host: string;\n}\n\n/**\n * Parse a Cookie header string into a key-value record.\n */\nexport function parseCookies(cookieHeader: string | null): Record<string, string> {\n if (!cookieHeader) return {};\n const cookies: Record<string, string> = {};\n for (const part of cookieHeader.split(\";\")) {\n const eq = part.indexOf(\"=\");\n if (eq === -1) continue;\n const key = part.slice(0, eq).trim();\n const value = part.slice(eq + 1).trim();\n if (key) cookies[key] = value;\n }\n return cookies;\n}\n\n/**\n * Build a RequestContext from a Web Request object.\n */\nexport function requestContextFromRequest(request: Request): RequestContext {\n const url = new URL(request.url);\n return {\n headers: request.headers,\n cookies: parseCookies(request.headers.get(\"cookie\")),\n query: url.searchParams,\n host: request.headers.get(\"host\") ?? url.host,\n };\n}\n\n/**\n * Unpack `x-middleware-request-*` headers from the collected middleware\n * response headers into the actual request, and strip all `x-middleware-*`\n * internal signals so they never reach clients.\n *\n * `middlewareHeaders` is mutated in-place (matching keys are deleted).\n * Returns a (possibly cloned) `Request` with the unpacked headers applied,\n * and a fresh `RequestContext` built from it — ready for post-middleware\n * config rule matching (beforeFiles, afterFiles, fallback).\n *\n * Works for both Node.js requests (mutable headers) and Workers requests\n * (immutable — cloned only when there are headers to apply).\n *\n * `x-middleware-request-*` values are always plain strings (they carry\n * individual header values), so the wider `string | string[]` type of\n * `middlewareHeaders` is safe to cast here.\n */\nexport function applyMiddlewareRequestHeaders(\n middlewareHeaders: Record<string, string | string[]>,\n request: Request,\n): { request: Request; postMwReqCtx: RequestContext } {\n const nextHeaders = buildRequestHeadersFromMiddlewareResponse(request.headers, middlewareHeaders);\n\n for (const key of Object.keys(middlewareHeaders)) {\n if (key.startsWith(\"x-middleware-\")) {\n delete middlewareHeaders[key];\n }\n }\n\n if (nextHeaders) {\n // Headers may be immutable (Workers), so always clone via new Headers().\n request = new Request(request.url, {\n method: request.method,\n headers: nextHeaders,\n body: request.body,\n // @ts-expect-error — duplex needed for streaming request bodies\n duplex: request.body ? \"half\" : undefined,\n });\n }\n\n return { request, postMwReqCtx: requestContextFromRequest(request) };\n}\n\n/**\n * Check a single has/missing condition against request context.\n * Returns true if the condition is satisfied.\n */\nfunction checkSingleCondition(condition: HasCondition, ctx: RequestContext): boolean {\n switch (condition.type) {\n case \"header\": {\n const headerValue = ctx.headers.get(condition.key);\n if (headerValue === null) return false;\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(headerValue);\n return headerValue === condition.value;\n }\n return true; // Key exists, no value constraint\n }\n case \"cookie\": {\n const cookieValue = ctx.cookies[condition.key];\n if (cookieValue === undefined) return false;\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(cookieValue);\n return cookieValue === condition.value;\n }\n return true;\n }\n case \"query\": {\n const queryValue = ctx.query.get(condition.key);\n if (queryValue === null) return false;\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(queryValue);\n return queryValue === condition.value;\n }\n return true;\n }\n case \"host\": {\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(ctx.host);\n return ctx.host === condition.value;\n }\n return ctx.host === condition.key;\n }\n default:\n return false;\n }\n}\n\n/**\n * Return a cached RegExp for a has/missing condition value string, compiling\n * on first use. Returns null if safeRegExp rejected the pattern or if the\n * value is not a valid regex (fall back to exact string comparison).\n */\nfunction _cachedConditionRegex(value: string): RegExp | null {\n let re = _compiledConditionCache.get(value);\n if (re === undefined) {\n re = safeRegExp(value);\n _compiledConditionCache.set(value, re);\n }\n return re;\n}\n\n/**\n * Check all has/missing conditions for a config rule.\n * Returns true if the rule should be applied (all has conditions pass, all missing conditions pass).\n *\n * - has: every condition must match (the request must have it)\n * - missing: every condition must NOT match (the request must not have it)\n */\nexport function checkHasConditions(\n has: HasCondition[] | undefined,\n missing: HasCondition[] | undefined,\n ctx: RequestContext,\n): boolean {\n if (has) {\n for (const condition of has) {\n if (!checkSingleCondition(condition, ctx)) return false;\n }\n }\n if (missing) {\n for (const condition of missing) {\n if (checkSingleCondition(condition, ctx)) return false;\n }\n }\n return true;\n}\n\n/**\n * If the current position in `str` starts with a parenthesized group, consume\n * it and advance `re.lastIndex` past the closing `)`. Returns the group\n * contents or null if no group is present.\n */\nfunction extractConstraint(str: string, re: RegExp): string | null {\n if (str[re.lastIndex] !== \"(\") return null;\n const start = re.lastIndex + 1;\n let depth = 1;\n let i = start;\n while (i < str.length && depth > 0) {\n if (str[i] === \"(\") depth++;\n else if (str[i] === \")\") depth--;\n i++;\n }\n if (depth !== 0) return null;\n re.lastIndex = i;\n return str.slice(start, i - 1);\n}\n\n/**\n * Match a Next.js config pattern (from redirects/rewrites sources) against a pathname.\n * Returns matched params or null.\n *\n * Supports:\n * :param - matches a single path segment\n * :param* - matches zero or more segments (catch-all)\n * :param+ - matches one or more segments\n * (regex) - inline regex patterns in the source\n * :param(constraint) - named param with inline regex constraint\n */\nexport function matchConfigPattern(\n pathname: string,\n pattern: string,\n): Record<string, string> | null {\n // If the pattern contains regex groups like (\\d+) or (.*), use regex matching.\n // Also enter this branch when a catch-all parameter (:param* or :param+) is\n // followed by a literal suffix (e.g. \"/:path*.md\"). Without this, the suffix\n // pattern falls through to the simple segment matcher which incorrectly treats\n // the whole segment (\":path*.md\") as a named parameter and matches everything.\n // The last condition catches simple params with literal suffixes (e.g. \"/:slug.md\")\n // where the param name is followed by a dot — the simple matcher would treat\n // \"slug.md\" as the param name and match any single segment regardless of suffix.\n if (\n pattern.includes(\"(\") ||\n pattern.includes(\"\\\\\") ||\n /:[\\w-]+[*+][^/]/.test(pattern) ||\n /:[\\w-]+\\./.test(pattern)\n ) {\n try {\n // Look up the compiled regex in the module-level cache. Patterns come\n // from next.config.js and are static, so we only need to compile each\n // one once across the lifetime of the worker/server process.\n let compiled = _compiledPatternCache.get(pattern);\n if (compiled === undefined) {\n // Cache miss — compile the pattern now and store the result.\n // Param names may contain hyphens (e.g. :auth-method, :sign-in).\n const paramNames: string[] = [];\n // Single-pass conversion with procedural suffix handling. The tokenizer\n // matches only simple, non-overlapping tokens; quantifier/constraint\n // suffixes after :param are consumed procedurally to avoid polynomial\n // backtracking in the regex engine.\n let regexStr = \"\";\n const tokenRe = /:([\\w-]+)|[.]|[^:.]+/g; // lgtm[js/redos] — alternatives are non-overlapping (`:` and `.` excluded from `[^:.]+`)\n let tok: RegExpExecArray | null;\n while ((tok = tokenRe.exec(pattern)) !== null) {\n if (tok[1] !== undefined) {\n const name = tok[1];\n const rest = pattern.slice(tokenRe.lastIndex);\n // Check for quantifier (* or +) with optional constraint\n if (rest.startsWith(\"*\") || rest.startsWith(\"+\")) {\n const quantifier = rest[0];\n tokenRe.lastIndex += 1;\n const constraint = extractConstraint(pattern, tokenRe);\n paramNames.push(name);\n if (constraint !== null) {\n regexStr += `(${constraint})`;\n } else {\n regexStr += quantifier === \"*\" ? \"(.*)\" : \"(.+)\";\n }\n } else {\n // Check for inline constraint without quantifier\n const constraint = extractConstraint(pattern, tokenRe);\n paramNames.push(name);\n regexStr += constraint !== null ? `(${constraint})` : \"([^/]+)\";\n }\n } else if (tok[0] === \".\") {\n regexStr += \"\\\\.\";\n } else {\n regexStr += tok[0];\n }\n }\n const re = safeRegExp(\"^\" + regexStr + \"$\");\n // Store null for rejected patterns so we don't re-run isSafeRegex.\n compiled = re ? { re, paramNames } : null;\n _compiledPatternCache.set(pattern, compiled);\n }\n if (!compiled) return null;\n const match = compiled.re.exec(pathname);\n if (!match) return null;\n const params: Record<string, string> = Object.create(null);\n for (let i = 0; i < compiled.paramNames.length; i++) {\n params[compiled.paramNames[i]] = match[i + 1] ?? \"\";\n }\n return params;\n } catch {\n // Fall through to segment-based matching\n }\n }\n\n // Check for catch-all patterns (:param* or :param+) without regex groups\n // Param names may contain hyphens (e.g. :sign-in*, :sign-up+).\n const catchAllMatch = pattern.match(/:([\\w-]+)(\\*|\\+)$/);\n if (catchAllMatch) {\n const prefix = pattern.slice(0, pattern.lastIndexOf(\":\"));\n const paramName = catchAllMatch[1];\n const isPlus = catchAllMatch[2] === \"+\";\n\n const prefixNoSlash = prefix.replace(/\\/$/, \"\");\n if (!pathname.startsWith(prefixNoSlash)) return null;\n const charAfter = pathname[prefixNoSlash.length];\n if (charAfter !== undefined && charAfter !== \"/\") return null;\n\n const rest = pathname.slice(prefixNoSlash.length);\n if (isPlus && (!rest || rest === \"/\")) return null;\n let restValue = rest.startsWith(\"/\") ? rest.slice(1) : rest;\n // NOTE: Do NOT decodeURIComponent here. The pathname is already decoded at\n // the request entry point. Decoding again would produce incorrect param values.\n return { [paramName]: restValue };\n }\n\n // Simple segment-based matching for exact patterns and :param\n const parts = pattern.split(\"/\");\n const pathParts = pathname.split(\"/\");\n\n if (parts.length !== pathParts.length) return null;\n\n const params: Record<string, string> = Object.create(null);\n for (let i = 0; i < parts.length; i++) {\n if (parts[i].startsWith(\":\")) {\n params[parts[i].slice(1)] = pathParts[i];\n } else if (parts[i] !== pathParts[i]) {\n return null;\n }\n }\n return params;\n}\n\n/**\n * Apply redirect rules from next.config.js.\n * Returns the redirect info if a redirect was matched, or null.\n *\n * `ctx` provides the request context (cookies, headers, query, host) used\n * to evaluate has/missing conditions. Next.js always has request context\n * when evaluating redirects, so this parameter is required.\n *\n * ## Performance\n *\n * Rules with a locale-capture-group prefix (the dominant pattern in large\n * Next.js apps — e.g. `/:locale(en|es|fr|...)?/some-path`) are handled via\n * a pre-built index. Instead of running exec() on each locale regex\n * individually, we:\n *\n * 1. Strip the optional locale prefix from the pathname with one cheap\n * string-slice check (no regex exec on the hot path).\n * 2. Look up the stripped suffix in a Map<suffix, entry[]>.\n * 3. For each matching entry, validate the captured locale string against\n * a small, anchored alternation regex.\n *\n * This reduces the per-request cost from O(n × regex) to O(1) map lookup +\n * O(matches × tiny-regex), eliminating the ~2992ms self-time reported in\n * profiles for apps with 63+ locale-prefixed rules.\n *\n * Rules that don't fit the locale-static pattern fall back to the original\n * linear matchConfigPattern scan.\n *\n * ## Ordering invariant\n *\n * First match wins, preserving the original redirect array order. When a\n * locale-static fast-path match is found at position N, all linear rules with\n * an original index < N are checked via matchConfigPattern first — they are\n * few in practice (typically zero) so this is not a hot-path concern.\n */\nexport function matchRedirect(\n pathname: string,\n redirects: NextRedirect[],\n ctx: RequestContext,\n): { destination: string; permanent: boolean } | null {\n if (redirects.length === 0) return null;\n\n const index = _getRedirectIndex(redirects);\n\n // --- Locate the best locale-static candidate ---\n //\n // We look for the locale-static entry with the LOWEST originalIndex that\n // matches this pathname (and passes has/missing conditions).\n //\n // Strategy: try both the full pathname (locale omitted, e.g. \"/security\")\n // and the pathname with the first segment stripped (locale present, e.g.\n // \"/en/security\" → suffix \"/security\", locale \"en\").\n //\n // We do NOT use a regex here — just a single indexOf('/') to locate the\n // second slash, which is O(n) on the path length but far cheaper than\n // running 63 compiled regexes.\n\n let localeMatch: { destination: string; permanent: boolean } | null = null;\n let localeMatchIndex = Infinity;\n\n if (index.localeStatic.size > 0) {\n // Case 1: no locale prefix — pathname IS the suffix.\n const noLocaleBucket = index.localeStatic.get(pathname);\n if (noLocaleBucket) {\n for (const entry of noLocaleBucket) {\n if (entry.originalIndex >= localeMatchIndex) continue; // already have a better match\n const redirect = entry.redirect;\n if (redirect.has || redirect.missing) {\n if (!checkHasConditions(redirect.has, redirect.missing, ctx)) continue;\n }\n // Locale was omitted (the `?` made it optional) — param value is \"\".\n let dest = redirect.destination;\n dest = dest.replace(`:${entry.paramName}`, \"\");\n dest = sanitizeDestination(dest);\n localeMatch = { destination: dest, permanent: redirect.permanent };\n localeMatchIndex = entry.originalIndex;\n break; // bucket entries are in insertion order = original order\n }\n }\n\n // Case 2: locale prefix present — first path segment is the locale.\n // Find the second slash: pathname = \"/locale/rest/of/path\"\n // ^--- slashTwo\n const slashTwo = pathname.indexOf(\"/\", 1);\n if (slashTwo !== -1) {\n const suffix = pathname.slice(slashTwo); // e.g. \"/security\"\n const localePart = pathname.slice(1, slashTwo); // e.g. \"en\"\n const localeBucket = index.localeStatic.get(suffix);\n if (localeBucket) {\n for (const entry of localeBucket) {\n if (entry.originalIndex >= localeMatchIndex) continue;\n // Validate that `localePart` is one of the allowed alternation values.\n if (!entry.altRe.test(localePart)) continue;\n const redirect = entry.redirect;\n if (redirect.has || redirect.missing) {\n if (!checkHasConditions(redirect.has, redirect.missing, ctx)) continue;\n }\n let dest = redirect.destination;\n dest = dest.replace(`:${entry.paramName}`, localePart);\n dest = sanitizeDestination(dest);\n localeMatch = { destination: dest, permanent: redirect.permanent };\n localeMatchIndex = entry.originalIndex;\n break; // bucket entries are in insertion order = original order\n }\n }\n }\n }\n\n // --- Linear fallback: all non-locale-static rules ---\n //\n // We only need to check linear rules whose originalIndex < localeMatchIndex.\n // If localeMatchIndex is Infinity (no locale match), we check all of them.\n for (const [origIdx, redirect] of index.linear) {\n if (origIdx >= localeMatchIndex) {\n // This linear rule comes after the best locale-static match —\n // the locale-static match wins. Stop scanning.\n break;\n }\n const params = matchConfigPattern(pathname, redirect.source);\n if (params) {\n if (redirect.has || redirect.missing) {\n if (!checkHasConditions(redirect.has, redirect.missing, ctx)) {\n continue;\n }\n }\n let dest = redirect.destination;\n for (const [key, value] of Object.entries(params)) {\n // Replace :param*, :param+, and :param forms in the destination.\n // The catch-all suffixes (* and +) must be stripped along with the param name.\n dest = dest.replace(`:${key}*`, value);\n dest = dest.replace(`:${key}+`, value);\n dest = dest.replace(`:${key}`, value);\n }\n // Collapse protocol-relative URLs (e.g. //evil.com from decoded %2F in catch-all params).\n dest = sanitizeDestination(dest);\n return { destination: dest, permanent: redirect.permanent };\n }\n }\n\n // Return the locale-static match if found (no earlier linear rule matched).\n return localeMatch;\n}\n\n/**\n * Apply rewrite rules from next.config.js.\n * Returns the rewritten URL or null if no rewrite matched.\n *\n * `ctx` provides the request context (cookies, headers, query, host) used\n * to evaluate has/missing conditions. Next.js always has request context\n * when evaluating rewrites, so this parameter is required.\n */\nexport function matchRewrite(\n pathname: string,\n rewrites: NextRewrite[],\n ctx: RequestContext,\n): string | null {\n for (const rewrite of rewrites) {\n const params = matchConfigPattern(pathname, rewrite.source);\n if (params) {\n if (rewrite.has || rewrite.missing) {\n if (!checkHasConditions(rewrite.has, rewrite.missing, ctx)) {\n continue;\n }\n }\n let dest = rewrite.destination;\n for (const [key, value] of Object.entries(params)) {\n // Replace :param*, :param+, and :param forms in the destination.\n // The catch-all suffixes (* and +) must be stripped along with the param name.\n dest = dest.replace(`:${key}*`, value);\n dest = dest.replace(`:${key}+`, value);\n dest = dest.replace(`:${key}`, value);\n }\n // Collapse protocol-relative URLs (e.g. //evil.com from decoded %2F in catch-all params).\n dest = sanitizeDestination(dest);\n return dest;\n }\n }\n return null;\n}\n\n/**\n * Sanitize a redirect/rewrite destination to collapse protocol-relative URLs.\n *\n * After parameter substitution, a destination like `/:path*` can become\n * `//evil.com` if the catch-all captured a decoded `%2F` (`/evil.com`).\n * Browsers interpret `//evil.com` as a protocol-relative URL, redirecting\n * users off-site.\n *\n * This function collapses any leading double (or more) slashes to a single\n * slash for non-external (relative) destinations.\n */\nexport function sanitizeDestination(dest: string): string {\n // External URLs (http://, https://) are intentional — don't touch them\n if (dest.startsWith(\"http://\") || dest.startsWith(\"https://\")) {\n return dest;\n }\n // Normalize leading backslashes to forward slashes. Browsers interpret\n // backslash as forward slash in URL contexts, so \"\\/evil.com\" becomes\n // \"//evil.com\" (protocol-relative redirect). Replace any mix of leading\n // slashes and backslashes with a single forward slash.\n dest = dest.replace(/^[\\\\/]+/, \"/\");\n return dest;\n}\n\n/**\n * Check if a URL is external (absolute URL or protocol-relative).\n * Detects any URL scheme (http:, https:, data:, javascript:, blob:, etc.)\n * per RFC 3986, plus protocol-relative URLs (//).\n */\nexport function isExternalUrl(url: string): boolean {\n return /^[a-z][a-z0-9+.-]*:/i.test(url) || url.startsWith(\"//\");\n}\n\n/**\n * Proxy an incoming request to an external URL and return the upstream response.\n *\n * Used for external rewrites (e.g. `/ph/:path*` → `https://us.i.posthog.com/:path*`).\n * Next.js handles these as server-side reverse proxies, forwarding the request\n * method, headers, and body to the external destination.\n *\n * Works in all runtimes (Node.js, Cloudflare Workers) via the standard fetch() API.\n */\nexport async function proxyExternalRequest(\n request: Request,\n externalUrl: string,\n): Promise<Response> {\n // Build the full external URL, preserving query parameters from the original request\n const originalUrl = new URL(request.url);\n const targetUrl = new URL(externalUrl);\n\n // If the rewrite destination already has query params, merge them.\n // Destination params take precedence — original request params are only added\n // when the destination doesn't already specify that key.\n for (const [key, value] of originalUrl.searchParams) {\n if (!targetUrl.searchParams.has(key)) {\n targetUrl.searchParams.set(key, value);\n }\n }\n\n // Forward the request with appropriate headers\n const headers = new Headers(request.headers);\n // Set Host to the external target (required for correct routing)\n headers.set(\"host\", targetUrl.host);\n // Remove headers that should not be forwarded to external services\n headers.delete(\"connection\");\n const keysToDelete: string[] = [];\n for (const key of headers.keys()) {\n if (key.startsWith(\"x-middleware-\")) {\n keysToDelete.push(key);\n }\n }\n for (const key of keysToDelete) {\n headers.delete(key);\n }\n\n const method = request.method;\n const hasBody = method !== \"GET\" && method !== \"HEAD\";\n\n const init: RequestInit & { duplex?: string } = {\n method,\n headers,\n redirect: \"manual\", // Don't follow redirects — pass them through to the client\n };\n\n if (hasBody && request.body) {\n init.body = request.body;\n init.duplex = \"half\";\n }\n\n // Enforce a timeout so slow/unresponsive upstreams don't hold connections\n // open indefinitely (DoS amplification risk on Node.js dev/prod servers).\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), 30_000);\n let upstreamResponse: Response;\n try {\n upstreamResponse = await fetch(targetUrl.href, { ...init, signal: controller.signal });\n } catch (e: any) {\n if (e?.name === \"AbortError\") {\n console.error(\"[vinext] External rewrite proxy timeout:\", targetUrl.href);\n return new Response(\"Gateway Timeout\", { status: 504 });\n }\n console.error(\"[vinext] External rewrite proxy error:\", e);\n return new Response(\"Bad Gateway\", { status: 502 });\n } finally {\n clearTimeout(timeout);\n }\n\n // Build the response to return to the client.\n // Copy all upstream headers except hop-by-hop headers.\n // Node.js fetch() auto-decompresses responses (gzip, br, etc.), so the body\n // we receive is already plain text. Forwarding the original content-encoding\n // and content-length headers causes the browser to attempt a second\n // decompression on the already-decoded body, resulting in\n // ERR_CONTENT_DECODING_FAILED. Strip both headers on Node.js only.\n // On Workers, fetch() preserves wire encoding, so the headers stay accurate.\n const isNodeRuntime = typeof process !== \"undefined\" && !!process.versions?.node;\n const responseHeaders = new Headers();\n upstreamResponse.headers.forEach((value, key) => {\n const lower = key.toLowerCase();\n if (HOP_BY_HOP_HEADERS.has(lower)) return;\n if (isNodeRuntime && (lower === \"content-encoding\" || lower === \"content-length\")) return;\n responseHeaders.append(key, value);\n });\n\n return new Response(upstreamResponse.body, {\n status: upstreamResponse.status,\n statusText: upstreamResponse.statusText,\n headers: responseHeaders,\n });\n}\n\n/**\n * Apply custom header rules from next.config.js.\n * Returns an array of { key, value } pairs to set on the response.\n *\n * `ctx` provides the request context (cookies, headers, query, host) used\n * to evaluate has/missing conditions. Next.js always has request context\n * when evaluating headers, so this parameter is required.\n */\nexport function matchHeaders(\n pathname: string,\n headers: NextHeader[],\n ctx: RequestContext,\n): Array<{ key: string; value: string }> {\n const result: Array<{ key: string; value: string }> = [];\n for (const rule of headers) {\n // Cache the compiled source regex — escapeHeaderSource() + safeRegExp() are\n // pure functions of rule.source and the result never changes between requests.\n let sourceRegex = _compiledHeaderSourceCache.get(rule.source);\n if (sourceRegex === undefined) {\n const escaped = escapeHeaderSource(rule.source);\n sourceRegex = safeRegExp(\"^\" + escaped + \"$\");\n _compiledHeaderSourceCache.set(rule.source, sourceRegex);\n }\n if (sourceRegex && sourceRegex.test(pathname)) {\n if (rule.has || rule.missing) {\n if (!checkHasConditions(rule.has, rule.missing, ctx)) {\n continue;\n }\n }\n result.push(...rule.headers);\n }\n }\n return result;\n}\n"]}
1
+ {"version":3,"file":"config-matchers.js","sourceRoot":"","sources":["../../src/config/config-matchers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,yCAAyC,EAAE,MAAM,yCAAyC,CAAC;AAEpG;;;;;;;;;;;;GAYG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAuD,CAAC;AAE7F;;;;;;;;;;GAUG;AACH,MAAM,0BAA0B,GAAG,IAAI,GAAG,EAAyB,CAAC;AAEpE;;;;;;;;;;;GAWG;AACH,MAAM,uBAAuB,GAAG,IAAI,GAAG,EAAyB,CAAC;AAEjE;;;;;;GAMG;AACH,MAAM,8BAA8B,GAAG,IAAI,GAAG,EAAkB,CAAC;AAEjE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,iFAAiF;AACjF,MAAM,iBAAiB,GAAG,2DAA2D,CAAC;AAuBtF,MAAM,mBAAmB,GAAG,IAAI,OAAO,EAAiC,CAAC;AAEzE;;;;;;GAMG;AACH,SAAS,iBAAiB,CAAC,SAAyB;IAClD,IAAI,KAAK,GAAG,mBAAmB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC/C,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAEtC,MAAM,YAAY,GAAG,IAAI,GAAG,EAA+B,CAAC;IAC5D,MAAM,MAAM,GAAkC,EAAE,CAAC;IAEjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC1C,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC9B,MAAM,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,CAAC,EAAE,CAAC;YACN,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACzE,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;YAC9C,wEAAwE;YACxE,8DAA8D;YAC9D,uEAAuE;YACvE,+CAA+C;YAC/C,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,GAAG,WAAW,GAAG,IAAI,CAAC,CAAC;YACtD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,+DAA+D;gBAC/D,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;gBAC3B,SAAS;YACX,CAAC;YACD,MAAM,KAAK,GAAsB,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC;YAClF,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACxC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,KAAK,GAAG,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;IACjC,mBAAmB,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,uEAAuE;AACvE,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,YAAY;IACZ,YAAY;IACZ,oBAAoB;IACpB,qBAAqB;IACrB,IAAI;IACJ,UAAU;IACV,mBAAmB;IACnB,SAAS;CACV,CAAC,CAAC;AAEH;;;;;;;;;GASG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,sEAAsE;IACtE,uBAAuB;IACvB,MAAM,iBAAiB,GAAc,EAAE,CAAC;IACxC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,CAAC,GAAG,CAAC,CAAC;IAEV,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAEtB,0BAA0B;QAC1B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,CAAC,IAAI,CAAC,CAAC;YACP,SAAS;QACX,CAAC;QAED,qEAAqE;QACrE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,CAAC,EAAE,CAAC;YACJ,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;gBAChD,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI;oBAAE,CAAC,EAAE,CAAC,CAAC,6BAA6B;gBAC3D,CAAC,EAAE,CAAC;YACN,CAAC;YACD,CAAC,EAAE,CAAC,CAAC,iBAAiB;YACtB,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,KAAK,EAAE,CAAC;YACR,uDAAuD;YACvD,IAAI,iBAAiB,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;gBACtC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAChC,CAAC;iBAAM,CAAC;gBACN,iBAAiB,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;YACnC,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,MAAM,aAAa,GAAG,KAAK,GAAG,CAAC,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAC5D,IAAI,KAAK,GAAG,CAAC;gBAAE,KAAK,EAAE,CAAC;YAEvB,yDAAyD;YACzD,4EAA4E;YAC5E,uEAAuE;YACvE,yFAAyF;YACzF,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;gBACjD,IAAI,aAAa,EAAE,CAAC;oBAClB,+EAA+E;oBAC/E,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,kDAAkD;gBAClD,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;oBACnD,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,qCAAqC;QACrC,mFAAmF;QACnF,4CAA4C;QAC5C,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAC7B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBACd,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;YAClC,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,qEAAqE;YACrE,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzC,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;gBACjE,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,iDAAiD;YACjD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;gBAAE,CAAC,EAAE,CAAC;YAC3D,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1D,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,iBAAiB,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;gBAClC,CAAC;gBACD,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACV,SAAS;YACX,CAAC;QACH,CAAC;QAED,CAAC,EAAE,CAAC;IACN,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,OAAe,EAAE,KAAc;IACxD,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,IAAI,CACV,oEAAoE,OAAO,IAAI;YAC7E,wFAAwF;YACxF,oDAAoD,CACvD,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAc;IAC/C,6EAA6E;IAC7E,4DAA4D;IAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC;IAEnB,uEAAuE;IACvE,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE;QACpE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,oEAAoE;IACpE,+FAA+F;IAC/F,qEAAqE;IACrE,6EAA6E;IAC7E,mEAAmE;IACnE,wDAAwD;IACxD,+CAA+C;IAC/C,sFAAsF;IACtF,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,EAAE,GAAG,IAAI,MAAM,CACnB,GAAG,CAAC,UAAU,CAAC,mCAAmC,EAAE,oDAAoD;IACxG,GAAG,CACJ,CAAC;IACF,IAAI,CAAyB,CAAC;IAC9B,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAChD,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YACvB,yCAAyC;YACzC,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACxC,CAAC;aAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChC,wEAAwE;YACxE,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC;YACxD,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;YACzE,IAAI,eAAe,EAAE,CAAC;gBACpB,+DAA+D;gBAC/D,EAAE,CAAC,SAAS,IAAI,eAAe,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;gBAC1C,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACN,4CAA4C;gBAC5C,MAAM,IAAI,OAAO,CAAC;YACpB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACb,KAAK,GAAG;oBACN,MAAM,IAAI,KAAK,CAAC;oBAChB,MAAM;gBACR,KAAK,GAAG;oBACN,MAAM,IAAI,KAAK,CAAC;oBAChB,MAAM;gBACR,KAAK,GAAG;oBACN,MAAM,IAAI,KAAK,CAAC;oBAChB,MAAM;gBACR,KAAK,GAAG;oBACN,MAAM,IAAI,IAAI,CAAC;oBACf,MAAM;gBACR;oBACE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;oBACf,MAAM;YACV,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAaD;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,YAA2B;IACtD,IAAI,CAAC,YAAY;QAAE,OAAO,EAAE,CAAC;IAC7B,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,EAAE,KAAK,CAAC,CAAC;YAAE,SAAS;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IAChC,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAgB;IACxD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACjC,OAAO;QACL,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACpD,KAAK,EAAE,GAAG,CAAC,YAAY;QACvB,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC;KAC/D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,UAAyB,EAAE,gBAAwB;IAC/E,MAAM,IAAI,GAAG,UAAU,IAAI,gBAAgB,CAAC;IAC5C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;AAC7C,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,6BAA6B,CAC3C,iBAAoD,EACpD,OAAgB;IAEhB,MAAM,WAAW,GAAG,yCAAyC,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAElG,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACjD,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACpC,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,yEAAyE;QACzE,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;YACjC,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO,EAAE,WAAW;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,gEAAgE;YAChE,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,yBAAyB,CAAC,OAAO,CAAC,EAAE,CAAC;AACvE,CAAC;AAED;;;GAGG;AACH,SAAS,oBAAoB,CAAC,SAAuB,EAAE,GAAmB;IACxE,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;QACvB,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnD,IAAI,WAAW,KAAK,IAAI;gBAAE,OAAO,KAAK,CAAC;YACvC,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBACpC,OAAO,WAAW,KAAK,SAAS,CAAC,KAAK,CAAC;YACzC,CAAC;YACD,OAAO,IAAI,CAAC,CAAC,kCAAkC;QACjD,CAAC;QACD,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAC/C,IAAI,WAAW,KAAK,SAAS;gBAAE,OAAO,KAAK,CAAC;YAC5C,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBACpC,OAAO,WAAW,KAAK,SAAS,CAAC,KAAK,CAAC;YACzC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAChD,IAAI,UAAU,KAAK,IAAI;gBAAE,OAAO,KAAK,CAAC;YACtC,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACnC,OAAO,UAAU,KAAK,SAAS,CAAC,KAAK,CAAC;YACxC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,IAAI,SAAS,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,IAAI,EAAE;oBAAE,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBACjC,OAAO,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,KAAK,CAAC;YACtC,CAAC;YACD,OAAO,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,GAAG,CAAC;QACpC,CAAC;QACD;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,KAAa;IAC1C,IAAI,EAAE,GAAG,uBAAuB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC5C,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;QACrB,EAAE,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QACvB,uBAAuB,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAA+B,EAC/B,OAAmC,EACnC,GAAmB;IAEnB,IAAI,GAAG,EAAE,CAAC;QACR,KAAK,MAAM,SAAS,IAAI,GAAG,EAAE,CAAC;YAC5B,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;QAC1D,CAAC;IACH,CAAC;IACD,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,MAAM,SAAS,IAAI,OAAO,EAAE,CAAC;YAChC,IAAI,oBAAoB,CAAC,SAAS,EAAE,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;QACzD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,GAAW,EAAE,EAAU;IAChD,IAAI,GAAG,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC3C,MAAM,KAAK,GAAG,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,CAAC,GAAG,KAAK,CAAC;IACd,OAAO,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACnC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;aACvB,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;QACjC,CAAC,EAAE,CAAC;IACN,CAAC;IACD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7B,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;IACjB,OAAO,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;AACjC,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,kBAAkB,CAChC,QAAgB,EAChB,OAAe;IAEf,+EAA+E;IAC/E,4EAA4E;IAC5E,6EAA6E;IAC7E,+EAA+E;IAC/E,+EAA+E;IAC/E,oFAAoF;IACpF,6EAA6E;IAC7E,iFAAiF;IACjF,IACE,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;QACrB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QACtB,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC;QAC/B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EACzB,CAAC;QACD,IAAI,CAAC;YACH,sEAAsE;YACtE,sEAAsE;YACtE,6DAA6D;YAC7D,IAAI,QAAQ,GAAG,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAClD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,6DAA6D;gBAC7D,iEAAiE;gBACjE,MAAM,UAAU,GAAa,EAAE,CAAC;gBAChC,wEAAwE;gBACxE,qEAAqE;gBACrE,sEAAsE;gBACtE,oCAAoC;gBACpC,IAAI,QAAQ,GAAG,EAAE,CAAC;gBAClB,MAAM,OAAO,GAAG,uBAAuB,CAAC,CAAC,yFAAyF;gBAClI,IAAI,GAA2B,CAAC;gBAChC,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC9C,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;wBACzB,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;wBACpB,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;wBAC9C,yDAAyD;wBACzD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BACjD,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;4BAC3B,OAAO,CAAC,SAAS,IAAI,CAAC,CAAC;4BACvB,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;4BACvD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BACtB,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;gCACxB,QAAQ,IAAI,IAAI,UAAU,GAAG,CAAC;4BAChC,CAAC;iCAAM,CAAC;gCACN,QAAQ,IAAI,UAAU,KAAK,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;4BACnD,CAAC;wBACH,CAAC;6BAAM,CAAC;4BACN,iDAAiD;4BACjD,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;4BACvD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BACtB,QAAQ,IAAI,UAAU,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;wBAClE,CAAC;oBACH,CAAC;yBAAM,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;wBAC1B,QAAQ,IAAI,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACN,QAAQ,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC;oBACrB,CAAC;gBACH,CAAC;gBACD,MAAM,EAAE,GAAG,UAAU,CAAC,GAAG,GAAG,QAAQ,GAAG,GAAG,CAAC,CAAC;gBAC5C,mEAAmE;gBACnE,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1C,qBAAqB,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAC/C,CAAC;YACD,IAAI,CAAC,QAAQ;gBAAE,OAAO,IAAI,CAAC;YAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,KAAK;gBAAE,OAAO,IAAI,CAAC;YACxB,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpD,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACtD,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;QAC3C,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,+DAA+D;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACzD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;QAExC,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAE9D,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,MAAM,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,KAAK,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACnD,IAAI,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC5D,2EAA2E;QAC3E,gFAAgF;QAChF,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC;IACpC,CAAC;IAED,8DAA8D;IAC9D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEtC,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEnD,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,MAAM,UAAU,aAAa,CAC3B,QAAgB,EAChB,SAAyB,EACzB,GAAmB;IAEnB,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAExC,MAAM,KAAK,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAE3C,kDAAkD;IAClD,EAAE;IACF,yEAAyE;IACzE,6DAA6D;IAC7D,EAAE;IACF,0EAA0E;IAC1E,yEAAyE;IACzE,qDAAqD;IACrD,EAAE;IACF,wEAAwE;IACxE,sEAAsE;IACtE,+BAA+B;IAE/B,IAAI,WAAW,GAAuD,IAAI,CAAC;IAC3E,IAAI,gBAAgB,GAAG,QAAQ,CAAC;IAEhC,IAAI,KAAK,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAChC,qDAAqD;QACrD,MAAM,cAAc,GAAG,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACxD,IAAI,cAAc,EAAE,CAAC;YACnB,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;gBACnC,IAAI,KAAK,CAAC,aAAa,IAAI,gBAAgB;oBAAE,SAAS,CAAC,8BAA8B;gBACrF,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAChC,IAAI,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACrC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC;wBAAE,SAAS;gBACzE,CAAC;gBACD,qEAAqE;gBACrE,IAAI,IAAI,GAAG,2BAA2B,CAAC,QAAQ,CAAC,WAAW,EAAE;oBAC3D,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE;iBACtB,CAAC,CAAC;gBACH,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACjC,WAAW,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;gBACnE,gBAAgB,GAAG,KAAK,CAAC,aAAa,CAAC;gBACvC,MAAM,CAAC,yDAAyD;YAClE,CAAC;QACH,CAAC;QAED,oEAAoE;QACpE,2DAA2D;QAC3D,wDAAwD;QACxD,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1C,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;YACpB,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB;YAC5D,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY;YAC5D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACpD,IAAI,YAAY,EAAE,CAAC;gBACjB,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;oBACjC,IAAI,KAAK,CAAC,aAAa,IAAI,gBAAgB;wBAAE,SAAS;oBACtD,uEAAuE;oBACvE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC;wBAAE,SAAS;oBAC5C,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;oBAChC,IAAI,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;wBACrC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC;4BAAE,SAAS;oBACzE,CAAC;oBACD,IAAI,IAAI,GAAG,2BAA2B,CAAC,QAAQ,CAAC,WAAW,EAAE;wBAC3D,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,UAAU;qBAC9B,CAAC,CAAC;oBACH,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;oBACjC,WAAW,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;oBACnE,gBAAgB,GAAG,KAAK,CAAC,aAAa,CAAC;oBACvC,MAAM,CAAC,yDAAyD;gBAClE,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,uDAAuD;IACvD,EAAE;IACF,6EAA6E;IAC7E,2EAA2E;IAC3E,KAAK,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QAC/C,IAAI,OAAO,IAAI,gBAAgB,EAAE,CAAC;YAChC,8DAA8D;YAC9D,+CAA+C;YAC/C,MAAM;QACR,CAAC;QACD,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACrC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;oBAC7D,SAAS;gBACX,CAAC;YACH,CAAC;YACD,IAAI,IAAI,GAAG,2BAA2B,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;YACrE,0FAA0F;YAC1F,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACjC,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,QAAgB,EAChB,QAAuB,EACvB,GAAmB;IAEnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACnC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;oBAC3D,SAAS;gBACX,CAAC;YACH,CAAC;YACD,IAAI,IAAI,GAAG,2BAA2B,CAAC,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;YACpE,0FAA0F;YAC1F,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,SAAS,2BAA2B,CAAC,WAAmB,EAAE,MAA8B;IACtF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAE1C,uEAAuE;IACvE,oEAAoE;IACpE,sEAAsE;IACtE,uEAAuE;IACvE,8DAA8D;IAC9D,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACjE,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvC,IAAI,OAAO,GAAG,8BAA8B,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC3D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,gBAAgB,GAAG,UAAU;aAChC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;aACxD,IAAI,CAAC,GAAG,CAAC,CAAC;QACb,OAAO,GAAG,IAAI,MAAM,CAAC,KAAK,gBAAgB,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAC3E,8BAA8B,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,WAAW,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE,GAAW,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,uEAAuE;IACvE,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,uEAAuE;IACvE,sEAAsE;IACtE,wEAAwE;IACxE,uDAAuD;IACvD,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;IACpC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,OAAO,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAAgB,EAChB,WAAmB;IAEnB,qFAAqF;IACrF,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IACvC,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;IAE/D,mEAAmE;IACnE,8EAA8E;IAC9E,yDAAyD;IACzD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;QACpD,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,iEAAiE;IACjE,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;IACpC,mEAAmE;IACnE,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAC7B,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACjC,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACpC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9B,MAAM,OAAO,GAAG,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,MAAM,CAAC;IAEtD,MAAM,IAAI,GAAsC;QAC9C,MAAM;QACN,OAAO;QACP,QAAQ,EAAE,QAAQ,EAAE,2DAA2D;KAChF,CAAC;IAEF,IAAI,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,0EAA0E;IAC1E,0EAA0E;IAC1E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,MAAM,CAAC,CAAC;IAC7D,IAAI,gBAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,gBAAgB,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IACzF,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,IAAI,CAAC,EAAE,IAAI,KAAK,YAAY,EAAE,CAAC;YAC7B,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;YAC1E,OAAO,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,CAAC,CAAC,CAAC;QAC3D,OAAO,IAAI,QAAQ,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IACtD,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAED,8CAA8C;IAC9C,uDAAuD;IACvD,4EAA4E;IAC5E,6EAA6E;IAC7E,oEAAoE;IACpE,0DAA0D;IAC1D,mEAAmE;IACnE,6EAA6E;IAC7E,MAAM,aAAa,GAAG,OAAO,OAAO,KAAK,WAAW,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC;IACjF,MAAM,eAAe,GAAG,IAAI,OAAO,EAAE,CAAC;IACtC,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC9C,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QAChC,IAAI,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO;QAC1C,IAAI,aAAa,IAAI,CAAC,KAAK,KAAK,kBAAkB,IAAI,KAAK,KAAK,gBAAgB,CAAC;YAAE,OAAO;QAC1F,eAAe,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,QAAQ,CAAC,gBAAgB,CAAC,IAAI,EAAE;QACzC,MAAM,EAAE,gBAAgB,CAAC,MAAM;QAC/B,UAAU,EAAE,gBAAgB,CAAC,UAAU;QACvC,OAAO,EAAE,eAAe;KACzB,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,QAAgB,EAChB,OAAqB,EACrB,GAAmB;IAEnB,MAAM,MAAM,GAA0C,EAAE,CAAC;IACzD,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,4EAA4E;QAC5E,+EAA+E;QAC/E,IAAI,WAAW,GAAG,0BAA0B,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAChD,WAAW,GAAG,UAAU,CAAC,GAAG,GAAG,OAAO,GAAG,GAAG,CAAC,CAAC;YAC9C,0BAA0B,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,WAAW,IAAI,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9C,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC7B,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;oBACrD,SAAS;gBACX,CAAC;YACH,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["/**\n * Config pattern matching and rule application utilities.\n *\n * Shared between the dev server (index.ts) and the production server\n * (prod-server.ts) so both apply next.config.js rules identically.\n */\n\nimport type { NextRedirect, NextRewrite, NextHeader, HasCondition } from \"./next-config.js\";\nimport { buildRequestHeadersFromMiddlewareResponse } from \"../server/middleware-request-headers.js\";\n\n/**\n * Cache for compiled regex patterns in matchConfigPattern.\n *\n * Redirect/rewrite patterns are static — they come from next.config.js and\n * never change at runtime. Without caching, every request that hits the regex\n * branch re-runs the full tokeniser walk + isSafeRegex + new RegExp() for\n * every rule in the array. On apps with many locale-prefixed rules (which all\n * contain `(` and therefore enter the regex branch) this dominated profiling\n * at ~2.4 seconds of CPU self-time.\n *\n * Value is `null` when safeRegExp rejected the pattern (ReDoS risk), so we\n * skip it on subsequent requests too without re-running the scanner.\n */\nconst _compiledPatternCache = new Map<string, { re: RegExp; paramNames: string[] } | null>();\n\n/**\n * Cache for compiled header source regexes in matchHeaders.\n *\n * Each NextHeader rule has a `source` that is run through escapeHeaderSource()\n * then safeRegExp() to produce a RegExp. Both are pure functions of the source\n * string and the result never changes. Without caching, every request\n * re-runs the full escapeHeaderSource tokeniser + isSafeRegex scan + new RegExp()\n * for every header rule.\n *\n * Value is `null` when safeRegExp rejected the pattern (ReDoS risk).\n */\nconst _compiledHeaderSourceCache = new Map<string, RegExp | null>();\n\n/**\n * Cache for compiled has/missing condition value regexes in checkSingleCondition.\n *\n * Each has/missing condition may carry a `value` string that is passed directly\n * to safeRegExp() for matching against header/cookie/query/host values. The\n * condition objects are static (from next.config.js) so the compiled RegExp\n * never changes. Without caching, safeRegExp() is called on every request for\n * every condition on every rule.\n *\n * Value is `null` when safeRegExp rejected the pattern, or `false` when the\n * value string was undefined (no regex needed — use exact string comparison).\n */\nconst _compiledConditionCache = new Map<string, RegExp | null>();\n\n/**\n * Cache for destination substitution regexes in substituteDestinationParams.\n *\n * The regex depends only on the set of param keys captured from the matched\n * source pattern. Caching by sorted key list avoids recompiling a new RegExp\n * for repeated redirect/rewrite calls that use the same param shape.\n */\nconst _compiledDestinationParamCache = new Map<string, RegExp>();\n\n/**\n * Redirect index for O(1) locale-static rule lookup.\n *\n * Many Next.js apps generate 50-100 redirect rules of the form:\n * /:locale(en|es|fr|...)?/some-static-path → /some-destination\n *\n * The compiled regex for each is like:\n * ^/(en|es|fr|...)?/some-static-path$\n *\n * When no redirect matches (the common case for ordinary page loads),\n * matchRedirect previously ran exec() on every one of those regexes —\n * ~2ms per call, ~2992ms total self-time in profiles.\n *\n * The index splits rules into two buckets:\n *\n * localeStatic — rules whose source is exactly /:paramName(alt1|alt2|...)?/suffix\n * where `suffix` is a static path with no further params or regex groups.\n * These are indexed in a Map<suffix, entry[]> for O(1) lookup after a\n * single fast strip of the optional locale prefix.\n *\n * linear — all other rules. Matched with the original O(n) loop.\n *\n * The index is stored in a WeakMap keyed by the redirects array so it is\n * computed once per config load and GC'd when the array is no longer live.\n *\n * ## Ordering invariant\n *\n * Redirect rules must be evaluated in their original order (first match wins).\n * Each locale-static entry stores its `originalIndex` so that, when a\n * locale-static fast-path match is found, any linear rules that appear earlier\n * in the array are still checked first.\n */\n\n/** Matches `/:param(alternation)?/static/suffix` — the locale-static pattern. */\nconst _LOCALE_STATIC_RE = /^\\/:[\\w-]+\\(([^)]+)\\)\\?\\/([a-zA-Z0-9_~.%@!$&'*+,;=:/-]+)$/;\n\ntype LocaleStaticEntry = {\n /** The param name extracted from the source (e.g. \"locale\"). */\n paramName: string;\n /** The compiled regex matching just the alternation, used at match time. */\n altRe: RegExp;\n /** The original redirect rule. */\n redirect: NextRedirect;\n /** Position of this rule in the original redirects array. */\n originalIndex: number;\n};\n\ntype RedirectIndex = {\n /** Fast-path map: strippedPath (e.g. \"/security\") → matching entries. */\n localeStatic: Map<string, LocaleStaticEntry[]>;\n /**\n * Linear fallback for rules that couldn't be indexed.\n * Each entry is [originalIndex, redirect].\n */\n linear: Array<[number, NextRedirect]>;\n};\n\nconst _redirectIndexCache = new WeakMap<NextRedirect[], RedirectIndex>();\n\n/**\n * Build (or retrieve from cache) the redirect index for a given redirects array.\n *\n * Called once per config load from matchRedirect. The WeakMap ensures the index\n * is recomputed if the config is reloaded (new array reference) and GC'd when\n * the array is collected.\n */\nfunction _getRedirectIndex(redirects: NextRedirect[]): RedirectIndex {\n let index = _redirectIndexCache.get(redirects);\n if (index !== undefined) return index;\n\n const localeStatic = new Map<string, LocaleStaticEntry[]>();\n const linear: Array<[number, NextRedirect]> = [];\n\n for (let i = 0; i < redirects.length; i++) {\n const redirect = redirects[i];\n const m = _LOCALE_STATIC_RE.exec(redirect.source);\n if (m) {\n const paramName = redirect.source.slice(2, redirect.source.indexOf(\"(\"));\n const alternation = m[1];\n const suffix = \"/\" + m[2]; // e.g. \"/security\"\n // Build a small regex to validate the captured locale value against the\n // alternation. Using anchored match to avoid partial matches.\n // The alternation comes from user config; run it through safeRegExp to\n // guard against ReDoS in pathological configs.\n const altRe = safeRegExp(\"^(?:\" + alternation + \")$\");\n if (!altRe) {\n // Unsafe alternation — fall back to linear scan for this rule.\n linear.push([i, redirect]);\n continue;\n }\n const entry: LocaleStaticEntry = { paramName, altRe, redirect, originalIndex: i };\n const bucket = localeStatic.get(suffix);\n if (bucket) {\n bucket.push(entry);\n } else {\n localeStatic.set(suffix, [entry]);\n }\n } else {\n linear.push([i, redirect]);\n }\n }\n\n index = { localeStatic, linear };\n _redirectIndexCache.set(redirects, index);\n return index;\n}\n\n/** Hop-by-hop headers that should not be forwarded through a proxy. */\nconst HOP_BY_HOP_HEADERS = new Set([\n \"connection\",\n \"keep-alive\",\n \"proxy-authenticate\",\n \"proxy-authorization\",\n \"te\",\n \"trailers\",\n \"transfer-encoding\",\n \"upgrade\",\n]);\n\n/**\n * Detect regex patterns vulnerable to catastrophic backtracking (ReDoS).\n *\n * Uses a lightweight heuristic: scans the pattern string for nested quantifiers\n * (a quantifier applied to a group that itself contains a quantifier). This\n * catches the most common pathological patterns like `(a+)+`, `(.*)*`,\n * `([^/]+)+`, `(a|a+)+` without needing a full regex parser.\n *\n * Returns true if the pattern appears safe, false if it's potentially dangerous.\n */\nexport function isSafeRegex(pattern: string): boolean {\n // Track parenthesis nesting depth and whether we've seen a quantifier\n // at each depth level.\n const quantifierAtDepth: boolean[] = [];\n let depth = 0;\n let i = 0;\n\n while (i < pattern.length) {\n const ch = pattern[i];\n\n // Skip escaped characters\n if (ch === \"\\\\\") {\n i += 2;\n continue;\n }\n\n // Skip character classes [...] — quantifiers inside them are literal\n if (ch === \"[\") {\n i++;\n while (i < pattern.length && pattern[i] !== \"]\") {\n if (pattern[i] === \"\\\\\") i++; // skip escaped char in class\n i++;\n }\n i++; // skip closing ]\n continue;\n }\n\n if (ch === \"(\") {\n depth++;\n // Initialize: no quantifier seen yet at this new depth\n if (quantifierAtDepth.length <= depth) {\n quantifierAtDepth.push(false);\n } else {\n quantifierAtDepth[depth] = false;\n }\n i++;\n continue;\n }\n\n if (ch === \")\") {\n const hadQuantifier = depth > 0 && quantifierAtDepth[depth];\n if (depth > 0) depth--;\n\n // Look ahead for a quantifier on this group: +, *, {n,m}\n // Note: '?' after ')' means \"zero or one\" which does NOT cause catastrophic\n // backtracking — it only allows 2 paths (match/skip), not exponential.\n // Only unbounded repetition (+, *, {n,}) on a group with inner quantifiers is dangerous.\n const next = pattern[i + 1];\n if (next === \"+\" || next === \"*\" || next === \"{\") {\n if (hadQuantifier) {\n // Nested quantifier detected: quantifier on a group that contains a quantifier\n return false;\n }\n // Mark the enclosing depth as having a quantifier\n if (depth >= 0 && depth < quantifierAtDepth.length) {\n quantifierAtDepth[depth] = true;\n }\n }\n i++;\n continue;\n }\n\n // Detect quantifiers: +, *, ?, {n,m}\n // '?' is a quantifier (optional) unless it follows another quantifier (+, *, ?, })\n // in which case it's a non-greedy modifier.\n if (ch === \"+\" || ch === \"*\") {\n if (depth > 0) {\n quantifierAtDepth[depth] = true;\n }\n i++;\n continue;\n }\n\n if (ch === \"?\") {\n // '?' after +, *, ?, or } is a non-greedy modifier, not a quantifier\n const prev = i > 0 ? pattern[i - 1] : \"\";\n if (prev !== \"+\" && prev !== \"*\" && prev !== \"?\" && prev !== \"}\") {\n if (depth > 0) {\n quantifierAtDepth[depth] = true;\n }\n }\n i++;\n continue;\n }\n\n if (ch === \"{\") {\n // Check if this is a quantifier {n}, {n,}, {n,m}\n let j = i + 1;\n while (j < pattern.length && /[\\d,]/.test(pattern[j])) j++;\n if (j < pattern.length && pattern[j] === \"}\" && j > i + 1) {\n if (depth > 0) {\n quantifierAtDepth[depth] = true;\n }\n i = j + 1;\n continue;\n }\n }\n\n i++;\n }\n\n return true;\n}\n\n/**\n * Compile a regex pattern safely. Returns the compiled RegExp or null if the\n * pattern is invalid or vulnerable to ReDoS.\n *\n * Logs a warning when a pattern is rejected so developers can fix their config.\n */\nexport function safeRegExp(pattern: string, flags?: string): RegExp | null {\n if (!isSafeRegex(pattern)) {\n console.warn(\n `[vinext] Ignoring potentially unsafe regex pattern (ReDoS risk): ${pattern}\\n` +\n ` Patterns with nested quantifiers (e.g. (a+)+) can cause catastrophic backtracking.\\n` +\n ` Simplify the pattern to avoid nested repetition.`,\n );\n return null;\n }\n try {\n return new RegExp(pattern, flags);\n } catch {\n return null;\n }\n}\n\n/**\n * Convert a Next.js header/rewrite/redirect source pattern into a regex string.\n *\n * Regex groups in the source (e.g. `(\\d+)`) are extracted first, the remaining\n * text is escaped/converted in a **single pass** (avoiding chained `.replace()`\n * which CodeQL flags as incomplete sanitization), then groups are restored.\n */\nexport function escapeHeaderSource(source: string): string {\n // Sentinel character for group placeholders. Uses a Unicode private-use-area\n // codepoint that will never appear in real source patterns.\n const S = \"\\uE000\";\n\n // Step 1: extract regex groups and replace with numbered placeholders.\n const groups: string[] = [];\n const withPlaceholders = source.replace(/\\(([^)]+)\\)/g, (_m, inner) => {\n groups.push(inner);\n return `${S}G${groups.length - 1}${S}`;\n });\n\n // Step 2: single-pass conversion of the placeholder-bearing string.\n // Match named params (:[\\w-]+), sentinel group placeholders, metacharacters, and literal text.\n // The regex uses non-overlapping alternatives to avoid backtracking:\n // :[\\w-]+ — named parameter (constraint sentinel is checked procedurally;\n // param names may contain hyphens, e.g. :auth-method)\n // sentinel group — standalone regex group placeholder\n // [.+?*] — single metachar to escape/convert\n // [^.+?*:\\uE000]+ — literal text (excludes all chars that start other alternatives)\n let result = \"\";\n const re = new RegExp(\n `${S}G(\\\\d+)${S}|:[\\\\w-]+|[.+?*]|[^.+?*:\\\\uE000]+`, // lgtm[js/redos] — alternatives are non-overlapping\n \"g\",\n );\n let m: RegExpExecArray | null;\n while ((m = re.exec(withPlaceholders)) !== null) {\n if (m[1] !== undefined) {\n // Standalone regex group — restore as-is\n result += `(${groups[Number(m[1])]})`;\n } else if (m[0].startsWith(\":\")) {\n // Named parameter — check if followed by a constraint group placeholder\n const afterParam = withPlaceholders.slice(re.lastIndex);\n const constraintMatch = afterParam.match(new RegExp(`^${S}G(\\\\d+)${S}`));\n if (constraintMatch) {\n // :param(constraint) — use the constraint as the capture group\n re.lastIndex += constraintMatch[0].length;\n result += `(${groups[Number(constraintMatch[1])]})`;\n } else {\n // Plain named parameter → match one segment\n result += \"[^/]+\";\n }\n } else {\n switch (m[0]) {\n case \".\":\n result += \"\\\\.\";\n break;\n case \"+\":\n result += \"\\\\+\";\n break;\n case \"?\":\n result += \"\\\\?\";\n break;\n case \"*\":\n result += \".*\";\n break;\n default:\n result += m[0];\n break;\n }\n }\n }\n\n return result;\n}\n\n/**\n * Request context needed for evaluating has/missing conditions.\n * Callers extract the relevant parts from the incoming Request.\n */\nexport interface RequestContext {\n headers: Headers;\n cookies: Record<string, string>;\n query: URLSearchParams;\n host: string;\n}\n\n/**\n * Parse a Cookie header string into a key-value record.\n */\nexport function parseCookies(cookieHeader: string | null): Record<string, string> {\n if (!cookieHeader) return {};\n const cookies: Record<string, string> = {};\n for (const part of cookieHeader.split(\";\")) {\n const eq = part.indexOf(\"=\");\n if (eq === -1) continue;\n const key = part.slice(0, eq).trim();\n const value = part.slice(eq + 1).trim();\n if (key) cookies[key] = value;\n }\n return cookies;\n}\n\n/**\n * Build a RequestContext from a Web Request object.\n */\nexport function requestContextFromRequest(request: Request): RequestContext {\n const url = new URL(request.url);\n return {\n headers: request.headers,\n cookies: parseCookies(request.headers.get(\"cookie\")),\n query: url.searchParams,\n host: normalizeHost(request.headers.get(\"host\"), url.hostname),\n };\n}\n\nexport function normalizeHost(hostHeader: string | null, fallbackHostname: string): string {\n const host = hostHeader ?? fallbackHostname;\n return host.split(\":\", 1)[0].toLowerCase();\n}\n\n/**\n * Unpack `x-middleware-request-*` headers from the collected middleware\n * response headers into the actual request, and strip all `x-middleware-*`\n * internal signals so they never reach clients.\n *\n * `middlewareHeaders` is mutated in-place (matching keys are deleted).\n * Returns a (possibly cloned) `Request` with the unpacked headers applied,\n * and a fresh `RequestContext` built from it — ready for post-middleware\n * config rule matching (beforeFiles, afterFiles, fallback).\n *\n * Works for both Node.js requests (mutable headers) and Workers requests\n * (immutable — cloned only when there are headers to apply).\n *\n * `x-middleware-request-*` values are always plain strings (they carry\n * individual header values), so the wider `string | string[]` type of\n * `middlewareHeaders` is safe to cast here.\n */\nexport function applyMiddlewareRequestHeaders(\n middlewareHeaders: Record<string, string | string[]>,\n request: Request,\n): { request: Request; postMwReqCtx: RequestContext } {\n const nextHeaders = buildRequestHeadersFromMiddlewareResponse(request.headers, middlewareHeaders);\n\n for (const key of Object.keys(middlewareHeaders)) {\n if (key.startsWith(\"x-middleware-\")) {\n delete middlewareHeaders[key];\n }\n }\n\n if (nextHeaders) {\n // Headers may be immutable (Workers), so always clone via new Headers().\n request = new Request(request.url, {\n method: request.method,\n headers: nextHeaders,\n body: request.body,\n // @ts-expect-error — duplex needed for streaming request bodies\n duplex: request.body ? \"half\" : undefined,\n });\n }\n\n return { request, postMwReqCtx: requestContextFromRequest(request) };\n}\n\n/**\n * Check a single has/missing condition against request context.\n * Returns true if the condition is satisfied.\n */\nfunction checkSingleCondition(condition: HasCondition, ctx: RequestContext): boolean {\n switch (condition.type) {\n case \"header\": {\n const headerValue = ctx.headers.get(condition.key);\n if (headerValue === null) return false;\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(headerValue);\n return headerValue === condition.value;\n }\n return true; // Key exists, no value constraint\n }\n case \"cookie\": {\n const cookieValue = ctx.cookies[condition.key];\n if (cookieValue === undefined) return false;\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(cookieValue);\n return cookieValue === condition.value;\n }\n return true;\n }\n case \"query\": {\n const queryValue = ctx.query.get(condition.key);\n if (queryValue === null) return false;\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(queryValue);\n return queryValue === condition.value;\n }\n return true;\n }\n case \"host\": {\n if (condition.value !== undefined) {\n const re = _cachedConditionRegex(condition.value);\n if (re) return re.test(ctx.host);\n return ctx.host === condition.value;\n }\n return ctx.host === condition.key;\n }\n default:\n return false;\n }\n}\n\n/**\n * Return a cached RegExp for a has/missing condition value string, compiling\n * on first use. Returns null if safeRegExp rejected the pattern or if the\n * value is not a valid regex (fall back to exact string comparison).\n */\nfunction _cachedConditionRegex(value: string): RegExp | null {\n let re = _compiledConditionCache.get(value);\n if (re === undefined) {\n re = safeRegExp(value);\n _compiledConditionCache.set(value, re);\n }\n return re;\n}\n\n/**\n * Check all has/missing conditions for a config rule.\n * Returns true if the rule should be applied (all has conditions pass, all missing conditions pass).\n *\n * - has: every condition must match (the request must have it)\n * - missing: every condition must NOT match (the request must not have it)\n */\nexport function checkHasConditions(\n has: HasCondition[] | undefined,\n missing: HasCondition[] | undefined,\n ctx: RequestContext,\n): boolean {\n if (has) {\n for (const condition of has) {\n if (!checkSingleCondition(condition, ctx)) return false;\n }\n }\n if (missing) {\n for (const condition of missing) {\n if (checkSingleCondition(condition, ctx)) return false;\n }\n }\n return true;\n}\n\n/**\n * If the current position in `str` starts with a parenthesized group, consume\n * it and advance `re.lastIndex` past the closing `)`. Returns the group\n * contents or null if no group is present.\n */\nfunction extractConstraint(str: string, re: RegExp): string | null {\n if (str[re.lastIndex] !== \"(\") return null;\n const start = re.lastIndex + 1;\n let depth = 1;\n let i = start;\n while (i < str.length && depth > 0) {\n if (str[i] === \"(\") depth++;\n else if (str[i] === \")\") depth--;\n i++;\n }\n if (depth !== 0) return null;\n re.lastIndex = i;\n return str.slice(start, i - 1);\n}\n\n/**\n * Match a Next.js config pattern (from redirects/rewrites sources) against a pathname.\n * Returns matched params or null.\n *\n * Supports:\n * :param - matches a single path segment\n * :param* - matches zero or more segments (catch-all)\n * :param+ - matches one or more segments\n * (regex) - inline regex patterns in the source\n * :param(constraint) - named param with inline regex constraint\n */\nexport function matchConfigPattern(\n pathname: string,\n pattern: string,\n): Record<string, string> | null {\n // If the pattern contains regex groups like (\\d+) or (.*), use regex matching.\n // Also enter this branch when a catch-all parameter (:param* or :param+) is\n // followed by a literal suffix (e.g. \"/:path*.md\"). Without this, the suffix\n // pattern falls through to the simple segment matcher which incorrectly treats\n // the whole segment (\":path*.md\") as a named parameter and matches everything.\n // The last condition catches simple params with literal suffixes (e.g. \"/:slug.md\")\n // where the param name is followed by a dot — the simple matcher would treat\n // \"slug.md\" as the param name and match any single segment regardless of suffix.\n if (\n pattern.includes(\"(\") ||\n pattern.includes(\"\\\\\") ||\n /:[\\w-]+[*+][^/]/.test(pattern) ||\n /:[\\w-]+\\./.test(pattern)\n ) {\n try {\n // Look up the compiled regex in the module-level cache. Patterns come\n // from next.config.js and are static, so we only need to compile each\n // one once across the lifetime of the worker/server process.\n let compiled = _compiledPatternCache.get(pattern);\n if (compiled === undefined) {\n // Cache miss — compile the pattern now and store the result.\n // Param names may contain hyphens (e.g. :auth-method, :sign-in).\n const paramNames: string[] = [];\n // Single-pass conversion with procedural suffix handling. The tokenizer\n // matches only simple, non-overlapping tokens; quantifier/constraint\n // suffixes after :param are consumed procedurally to avoid polynomial\n // backtracking in the regex engine.\n let regexStr = \"\";\n const tokenRe = /:([\\w-]+)|[.]|[^:.]+/g; // lgtm[js/redos] — alternatives are non-overlapping (`:` and `.` excluded from `[^:.]+`)\n let tok: RegExpExecArray | null;\n while ((tok = tokenRe.exec(pattern)) !== null) {\n if (tok[1] !== undefined) {\n const name = tok[1];\n const rest = pattern.slice(tokenRe.lastIndex);\n // Check for quantifier (* or +) with optional constraint\n if (rest.startsWith(\"*\") || rest.startsWith(\"+\")) {\n const quantifier = rest[0];\n tokenRe.lastIndex += 1;\n const constraint = extractConstraint(pattern, tokenRe);\n paramNames.push(name);\n if (constraint !== null) {\n regexStr += `(${constraint})`;\n } else {\n regexStr += quantifier === \"*\" ? \"(.*)\" : \"(.+)\";\n }\n } else {\n // Check for inline constraint without quantifier\n const constraint = extractConstraint(pattern, tokenRe);\n paramNames.push(name);\n regexStr += constraint !== null ? `(${constraint})` : \"([^/]+)\";\n }\n } else if (tok[0] === \".\") {\n regexStr += \"\\\\.\";\n } else {\n regexStr += tok[0];\n }\n }\n const re = safeRegExp(\"^\" + regexStr + \"$\");\n // Store null for rejected patterns so we don't re-run isSafeRegex.\n compiled = re ? { re, paramNames } : null;\n _compiledPatternCache.set(pattern, compiled);\n }\n if (!compiled) return null;\n const match = compiled.re.exec(pathname);\n if (!match) return null;\n const params: Record<string, string> = Object.create(null);\n for (let i = 0; i < compiled.paramNames.length; i++) {\n params[compiled.paramNames[i]] = match[i + 1] ?? \"\";\n }\n return params;\n } catch {\n // Fall through to segment-based matching\n }\n }\n\n // Check for catch-all patterns (:param* or :param+) without regex groups\n // Param names may contain hyphens (e.g. :sign-in*, :sign-up+).\n const catchAllMatch = pattern.match(/:([\\w-]+)(\\*|\\+)$/);\n if (catchAllMatch) {\n const prefix = pattern.slice(0, pattern.lastIndexOf(\":\"));\n const paramName = catchAllMatch[1];\n const isPlus = catchAllMatch[2] === \"+\";\n\n const prefixNoSlash = prefix.replace(/\\/$/, \"\");\n if (!pathname.startsWith(prefixNoSlash)) return null;\n const charAfter = pathname[prefixNoSlash.length];\n if (charAfter !== undefined && charAfter !== \"/\") return null;\n\n const rest = pathname.slice(prefixNoSlash.length);\n if (isPlus && (!rest || rest === \"/\")) return null;\n let restValue = rest.startsWith(\"/\") ? rest.slice(1) : rest;\n // NOTE: Do NOT decodeURIComponent here. The pathname is already decoded at\n // the request entry point. Decoding again would produce incorrect param values.\n return { [paramName]: restValue };\n }\n\n // Simple segment-based matching for exact patterns and :param\n const parts = pattern.split(\"/\");\n const pathParts = pathname.split(\"/\");\n\n if (parts.length !== pathParts.length) return null;\n\n const params: Record<string, string> = Object.create(null);\n for (let i = 0; i < parts.length; i++) {\n if (parts[i].startsWith(\":\")) {\n params[parts[i].slice(1)] = pathParts[i];\n } else if (parts[i] !== pathParts[i]) {\n return null;\n }\n }\n return params;\n}\n\n/**\n * Apply redirect rules from next.config.js.\n * Returns the redirect info if a redirect was matched, or null.\n *\n * `ctx` provides the request context (cookies, headers, query, host) used\n * to evaluate has/missing conditions. Next.js always has request context\n * when evaluating redirects, so this parameter is required.\n *\n * ## Performance\n *\n * Rules with a locale-capture-group prefix (the dominant pattern in large\n * Next.js apps — e.g. `/:locale(en|es|fr|...)?/some-path`) are handled via\n * a pre-built index. Instead of running exec() on each locale regex\n * individually, we:\n *\n * 1. Strip the optional locale prefix from the pathname with one cheap\n * string-slice check (no regex exec on the hot path).\n * 2. Look up the stripped suffix in a Map<suffix, entry[]>.\n * 3. For each matching entry, validate the captured locale string against\n * a small, anchored alternation regex.\n *\n * This reduces the per-request cost from O(n × regex) to O(1) map lookup +\n * O(matches × tiny-regex), eliminating the ~2992ms self-time reported in\n * profiles for apps with 63+ locale-prefixed rules.\n *\n * Rules that don't fit the locale-static pattern fall back to the original\n * linear matchConfigPattern scan.\n *\n * ## Ordering invariant\n *\n * First match wins, preserving the original redirect array order. When a\n * locale-static fast-path match is found at position N, all linear rules with\n * an original index < N are checked via matchConfigPattern first — they are\n * few in practice (typically zero) so this is not a hot-path concern.\n */\nexport function matchRedirect(\n pathname: string,\n redirects: NextRedirect[],\n ctx: RequestContext,\n): { destination: string; permanent: boolean } | null {\n if (redirects.length === 0) return null;\n\n const index = _getRedirectIndex(redirects);\n\n // --- Locate the best locale-static candidate ---\n //\n // We look for the locale-static entry with the LOWEST originalIndex that\n // matches this pathname (and passes has/missing conditions).\n //\n // Strategy: try both the full pathname (locale omitted, e.g. \"/security\")\n // and the pathname with the first segment stripped (locale present, e.g.\n // \"/en/security\" → suffix \"/security\", locale \"en\").\n //\n // We do NOT use a regex here — just a single indexOf('/') to locate the\n // second slash, which is O(n) on the path length but far cheaper than\n // running 63 compiled regexes.\n\n let localeMatch: { destination: string; permanent: boolean } | null = null;\n let localeMatchIndex = Infinity;\n\n if (index.localeStatic.size > 0) {\n // Case 1: no locale prefix — pathname IS the suffix.\n const noLocaleBucket = index.localeStatic.get(pathname);\n if (noLocaleBucket) {\n for (const entry of noLocaleBucket) {\n if (entry.originalIndex >= localeMatchIndex) continue; // already have a better match\n const redirect = entry.redirect;\n if (redirect.has || redirect.missing) {\n if (!checkHasConditions(redirect.has, redirect.missing, ctx)) continue;\n }\n // Locale was omitted (the `?` made it optional) — param value is \"\".\n let dest = substituteDestinationParams(redirect.destination, {\n [entry.paramName]: \"\",\n });\n dest = sanitizeDestination(dest);\n localeMatch = { destination: dest, permanent: redirect.permanent };\n localeMatchIndex = entry.originalIndex;\n break; // bucket entries are in insertion order = original order\n }\n }\n\n // Case 2: locale prefix present — first path segment is the locale.\n // Find the second slash: pathname = \"/locale/rest/of/path\"\n // ^--- slashTwo\n const slashTwo = pathname.indexOf(\"/\", 1);\n if (slashTwo !== -1) {\n const suffix = pathname.slice(slashTwo); // e.g. \"/security\"\n const localePart = pathname.slice(1, slashTwo); // e.g. \"en\"\n const localeBucket = index.localeStatic.get(suffix);\n if (localeBucket) {\n for (const entry of localeBucket) {\n if (entry.originalIndex >= localeMatchIndex) continue;\n // Validate that `localePart` is one of the allowed alternation values.\n if (!entry.altRe.test(localePart)) continue;\n const redirect = entry.redirect;\n if (redirect.has || redirect.missing) {\n if (!checkHasConditions(redirect.has, redirect.missing, ctx)) continue;\n }\n let dest = substituteDestinationParams(redirect.destination, {\n [entry.paramName]: localePart,\n });\n dest = sanitizeDestination(dest);\n localeMatch = { destination: dest, permanent: redirect.permanent };\n localeMatchIndex = entry.originalIndex;\n break; // bucket entries are in insertion order = original order\n }\n }\n }\n }\n\n // --- Linear fallback: all non-locale-static rules ---\n //\n // We only need to check linear rules whose originalIndex < localeMatchIndex.\n // If localeMatchIndex is Infinity (no locale match), we check all of them.\n for (const [origIdx, redirect] of index.linear) {\n if (origIdx >= localeMatchIndex) {\n // This linear rule comes after the best locale-static match —\n // the locale-static match wins. Stop scanning.\n break;\n }\n const params = matchConfigPattern(pathname, redirect.source);\n if (params) {\n if (redirect.has || redirect.missing) {\n if (!checkHasConditions(redirect.has, redirect.missing, ctx)) {\n continue;\n }\n }\n let dest = substituteDestinationParams(redirect.destination, params);\n // Collapse protocol-relative URLs (e.g. //evil.com from decoded %2F in catch-all params).\n dest = sanitizeDestination(dest);\n return { destination: dest, permanent: redirect.permanent };\n }\n }\n\n // Return the locale-static match if found (no earlier linear rule matched).\n return localeMatch;\n}\n\n/**\n * Apply rewrite rules from next.config.js.\n * Returns the rewritten URL or null if no rewrite matched.\n *\n * `ctx` provides the request context (cookies, headers, query, host) used\n * to evaluate has/missing conditions. Next.js always has request context\n * when evaluating rewrites, so this parameter is required.\n */\nexport function matchRewrite(\n pathname: string,\n rewrites: NextRewrite[],\n ctx: RequestContext,\n): string | null {\n for (const rewrite of rewrites) {\n const params = matchConfigPattern(pathname, rewrite.source);\n if (params) {\n if (rewrite.has || rewrite.missing) {\n if (!checkHasConditions(rewrite.has, rewrite.missing, ctx)) {\n continue;\n }\n }\n let dest = substituteDestinationParams(rewrite.destination, params);\n // Collapse protocol-relative URLs (e.g. //evil.com from decoded %2F in catch-all params).\n dest = sanitizeDestination(dest);\n return dest;\n }\n }\n return null;\n}\n\n/**\n * Substitute all matched route params into a redirect/rewrite destination.\n *\n * Handles repeated params (e.g. `/api/:id/:id`) and catch-all suffix forms\n * (`:path*`, `:path+`) in a single pass. Unknown params are left intact.\n */\nfunction substituteDestinationParams(destination: string, params: Record<string, string>): string {\n const keys = Object.keys(params);\n if (keys.length === 0) return destination;\n\n // Match only the concrete param keys captured from the source pattern.\n // Sorting longest-first ensures hyphenated names like `auth-method`\n // win over shorter prefixes like `auth`. The negative lookahead keeps\n // alphanumeric/underscore suffixes attached, while allowing `-` to act\n // as a literal delimiter in destinations like `:year-:month`.\n const sortedKeys = [...keys].sort((a, b) => b.length - a.length);\n const cacheKey = sortedKeys.join(\"\\0\");\n let paramRe = _compiledDestinationParamCache.get(cacheKey);\n if (!paramRe) {\n const paramAlternation = sortedKeys\n .map((key) => key.replace(/[.*+?^${}()|[\\]\\\\]/g, \"\\\\$&\"))\n .join(\"|\");\n paramRe = new RegExp(`:(${paramAlternation})([+*])?(?![A-Za-z0-9_])`, \"g\");\n _compiledDestinationParamCache.set(cacheKey, paramRe);\n }\n\n return destination.replace(paramRe, (_token, key: string) => params[key]);\n}\n\n/**\n * Sanitize a redirect/rewrite destination to collapse protocol-relative URLs.\n *\n * After parameter substitution, a destination like `/:path*` can become\n * `//evil.com` if the catch-all captured a decoded `%2F` (`/evil.com`).\n * Browsers interpret `//evil.com` as a protocol-relative URL, redirecting\n * users off-site.\n *\n * This function collapses any leading double (or more) slashes to a single\n * slash for non-external (relative) destinations.\n */\nexport function sanitizeDestination(dest: string): string {\n // External URLs (http://, https://) are intentional — don't touch them\n if (dest.startsWith(\"http://\") || dest.startsWith(\"https://\")) {\n return dest;\n }\n // Normalize leading backslashes to forward slashes. Browsers interpret\n // backslash as forward slash in URL contexts, so \"\\/evil.com\" becomes\n // \"//evil.com\" (protocol-relative redirect). Replace any mix of leading\n // slashes and backslashes with a single forward slash.\n dest = dest.replace(/^[\\\\/]+/, \"/\");\n return dest;\n}\n\n/**\n * Check if a URL is external (absolute URL or protocol-relative).\n * Detects any URL scheme (http:, https:, data:, javascript:, blob:, etc.)\n * per RFC 3986, plus protocol-relative URLs (//).\n */\nexport function isExternalUrl(url: string): boolean {\n return /^[a-z][a-z0-9+.-]*:/i.test(url) || url.startsWith(\"//\");\n}\n\n/**\n * Proxy an incoming request to an external URL and return the upstream response.\n *\n * Used for external rewrites (e.g. `/ph/:path*` → `https://us.i.posthog.com/:path*`).\n * Next.js handles these as server-side reverse proxies, forwarding the request\n * method, headers, and body to the external destination.\n *\n * Works in all runtimes (Node.js, Cloudflare Workers) via the standard fetch() API.\n */\nexport async function proxyExternalRequest(\n request: Request,\n externalUrl: string,\n): Promise<Response> {\n // Build the full external URL, preserving query parameters from the original request\n const originalUrl = new URL(request.url);\n const targetUrl = new URL(externalUrl);\n const destinationKeys = new Set(targetUrl.searchParams.keys());\n\n // If the rewrite destination already has query params, merge them.\n // Destination params take precedence — original request params are only added\n // when the destination doesn't already specify that key.\n for (const [key, value] of originalUrl.searchParams) {\n if (!destinationKeys.has(key)) {\n targetUrl.searchParams.append(key, value);\n }\n }\n\n // Forward the request with appropriate headers\n const headers = new Headers(request.headers);\n // Set Host to the external target (required for correct routing)\n headers.set(\"host\", targetUrl.host);\n // Remove headers that should not be forwarded to external services\n headers.delete(\"connection\");\n const keysToDelete: string[] = [];\n for (const key of headers.keys()) {\n if (key.startsWith(\"x-middleware-\")) {\n keysToDelete.push(key);\n }\n }\n for (const key of keysToDelete) {\n headers.delete(key);\n }\n\n const method = request.method;\n const hasBody = method !== \"GET\" && method !== \"HEAD\";\n\n const init: RequestInit & { duplex?: string } = {\n method,\n headers,\n redirect: \"manual\", // Don't follow redirects — pass them through to the client\n };\n\n if (hasBody && request.body) {\n init.body = request.body;\n init.duplex = \"half\";\n }\n\n // Enforce a timeout so slow/unresponsive upstreams don't hold connections\n // open indefinitely (DoS amplification risk on Node.js dev/prod servers).\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), 30_000);\n let upstreamResponse: Response;\n try {\n upstreamResponse = await fetch(targetUrl.href, { ...init, signal: controller.signal });\n } catch (e: any) {\n if (e?.name === \"AbortError\") {\n console.error(\"[vinext] External rewrite proxy timeout:\", targetUrl.href);\n return new Response(\"Gateway Timeout\", { status: 504 });\n }\n console.error(\"[vinext] External rewrite proxy error:\", e);\n return new Response(\"Bad Gateway\", { status: 502 });\n } finally {\n clearTimeout(timeout);\n }\n\n // Build the response to return to the client.\n // Copy all upstream headers except hop-by-hop headers.\n // Node.js fetch() auto-decompresses responses (gzip, br, etc.), so the body\n // we receive is already plain text. Forwarding the original content-encoding\n // and content-length headers causes the browser to attempt a second\n // decompression on the already-decoded body, resulting in\n // ERR_CONTENT_DECODING_FAILED. Strip both headers on Node.js only.\n // On Workers, fetch() preserves wire encoding, so the headers stay accurate.\n const isNodeRuntime = typeof process !== \"undefined\" && !!process.versions?.node;\n const responseHeaders = new Headers();\n upstreamResponse.headers.forEach((value, key) => {\n const lower = key.toLowerCase();\n if (HOP_BY_HOP_HEADERS.has(lower)) return;\n if (isNodeRuntime && (lower === \"content-encoding\" || lower === \"content-length\")) return;\n responseHeaders.append(key, value);\n });\n\n return new Response(upstreamResponse.body, {\n status: upstreamResponse.status,\n statusText: upstreamResponse.statusText,\n headers: responseHeaders,\n });\n}\n\n/**\n * Apply custom header rules from next.config.js.\n * Returns an array of { key, value } pairs to set on the response.\n *\n * `ctx` provides the request context (cookies, headers, query, host) used\n * to evaluate has/missing conditions. Next.js always has request context\n * when evaluating headers, so this parameter is required.\n */\nexport function matchHeaders(\n pathname: string,\n headers: NextHeader[],\n ctx: RequestContext,\n): Array<{ key: string; value: string }> {\n const result: Array<{ key: string; value: string }> = [];\n for (const rule of headers) {\n // Cache the compiled source regex — escapeHeaderSource() + safeRegExp() are\n // pure functions of rule.source and the result never changes between requests.\n let sourceRegex = _compiledHeaderSourceCache.get(rule.source);\n if (sourceRegex === undefined) {\n const escaped = escapeHeaderSource(rule.source);\n sourceRegex = safeRegExp(\"^\" + escaped + \"$\");\n _compiledHeaderSourceCache.set(rule.source, sourceRegex);\n }\n if (sourceRegex && sourceRegex.test(pathname)) {\n if (rule.has || rule.missing) {\n if (!checkHasConditions(rule.has, rule.missing, ctx)) {\n continue;\n }\n }\n result.push(...rule.headers);\n }\n }\n return result;\n}\n"]}