zidane 5.1.3 → 5.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. package/dist/{agent-B0vrSTQ9.d.ts → agent-BEtOGMct.d.ts} +2 -2
  2. package/dist/{agent-B0vrSTQ9.d.ts.map → agent-BEtOGMct.d.ts.map} +1 -1
  3. package/dist/chat.d.ts +4 -4
  4. package/dist/chat.js +1 -1
  5. package/dist/contexts/docker.d.ts +1 -1
  6. package/dist/contexts.d.ts +2 -2
  7. package/dist/{index-DYcymRtr.d.ts → index-BiO_5Hm4.d.ts} +2 -2
  8. package/dist/{index-DYcymRtr.d.ts.map → index-BiO_5Hm4.d.ts.map} +1 -1
  9. package/dist/{index-CFxhms_B.d.ts → index-CYnIU6Pp.d.ts} +3 -3
  10. package/dist/{index-CFxhms_B.d.ts.map → index-CYnIU6Pp.d.ts.map} +1 -1
  11. package/dist/{index-X6Q9PN_A.d.ts → index-CsJOjP5T.d.ts} +3 -3
  12. package/dist/{index-X6Q9PN_A.d.ts.map → index-CsJOjP5T.d.ts.map} +1 -1
  13. package/dist/index.d.ts +5 -5
  14. package/dist/index.js +4 -4
  15. package/dist/{login-B7b7NNJQ.js → login-B3yZG4iI.js} +3 -3
  16. package/dist/{login-B7b7NNJQ.js.map → login-B3yZG4iI.js.map} +1 -1
  17. package/dist/{mcp-BgwK6ySj.js → mcp-8S8mSbr2.js} +29 -14
  18. package/dist/mcp-8S8mSbr2.js.map +1 -0
  19. package/dist/mcp.d.ts +1 -1
  20. package/dist/mcp.js +1 -1
  21. package/dist/{presets-CI8_fyvX.js → presets-B800CKGw.js} +2 -2
  22. package/dist/{presets-CI8_fyvX.js.map → presets-B800CKGw.js.map} +1 -1
  23. package/dist/presets.d.ts +2 -2
  24. package/dist/presets.js +1 -1
  25. package/dist/providers.d.ts +1 -1
  26. package/dist/session/sqlite.d.ts +1 -1
  27. package/dist/session.d.ts +1 -1
  28. package/dist/skills.d.ts +2 -2
  29. package/dist/stdio-loader-C48v4hPt.js +2120 -0
  30. package/dist/stdio-loader-C48v4hPt.js.map +1 -0
  31. package/dist/{tool-formatters-D7cN3T_W.d.ts → tool-formatters-Depi9Hwr.d.ts} +3 -3
  32. package/dist/{tool-formatters-D7cN3T_W.d.ts.map → tool-formatters-Depi9Hwr.d.ts.map} +1 -1
  33. package/dist/{tools-d1yeA6xK.js → tools-DngHXth6.js} +2 -2
  34. package/dist/{tools-d1yeA6xK.js.map → tools-DngHXth6.js.map} +1 -1
  35. package/dist/tools.d.ts +2 -2
  36. package/dist/tools.js +1 -1
  37. package/dist/tui.d.ts +2 -2
  38. package/dist/tui.js +4 -4
  39. package/dist/{turn-operations-2cgnXS2d.js → turn-operations-BF8_mSmx.js} +4 -4
  40. package/dist/{turn-operations-2cgnXS2d.js.map → turn-operations-BF8_mSmx.js.map} +1 -1
  41. package/dist/{types-OtrV6LJT.d.ts → types-Ce78ds4h.d.ts} +1 -1
  42. package/dist/{types-OtrV6LJT.d.ts.map → types-Ce78ds4h.d.ts.map} +1 -1
  43. package/dist/types.d.ts +4 -4
  44. package/package.json +1 -1
  45. package/dist/mcp-BgwK6ySj.js.map +0 -1
package/dist/{types-OtrV6LJT.d.ts → types-Ce78ds4h.d.ts} RENAMED
@@ -85,4 +85,4 @@ interface ExecutionContext {
85
85
  }
86
86
  //#endregion
87
87
  export { ExecutionHandle as a, ExecutionContext as i, ContextType as n, SpawnConfig as o, ExecResult as r, ContextCapabilities as t };
88
- //# sourceMappingURL=types-OtrV6LJT.d.ts.map
88
+ //# sourceMappingURL=types-Ce78ds4h.d.ts.map
package/dist/{types-OtrV6LJT.d.ts.map → types-Ce78ds4h.d.ts.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"file":"types-OtrV6LJT.d.ts","names":[],"sources":["../src/contexts/types.ts"],"mappings":";;AAaA;;;;;;;UAAiB,mBAAA;EAQZ;EANH,KAAA;EAce;EAZf,UAAA;;EAEA,OAAA;EAWA;EATA,GAAA;AAAA;;UAQe,eAAA;EACf,EAAA;EACA,IAAA,EAAM,WAAA;EASmB;EAPzB,GAAA;AAAA;AAAA,UAOe,UAAA;EACf,MAAA;EACA,MAAA;EACA,QAAA;AAAA;AAAA,UAOe,WAAA;EAAW;EAE1B,GAAA;EAEY;EAAZ,GAAA,GAAM,MAAA;EAAN;EAEA,KAAA;EAAA;EAEA,MAAA;IAEE,yBAAA,MAAA,WAIA;IAFA,GAAA,WAMA;IAJA,OAAA;EAAA;EAMY;EAHd,OAAA;IACE,QAAA;IACA,MAAA;IAAA,CACC,GAAA;EAAA;AAAA;AAAA,KAQO,WAAA;AAAA,UAEK,gBAAA;;WAEN,IAAA,EAAM,WAAA;EAGQ;EAAA,SAAd,YAAA,EAAc,mBAAA;EAGkB;EAAzC,KAAA,GAAQ,MAAA,GAAS,WAAA,KAAgB,OAAA,CAAQ,eAAA;EAG1B;EAAf,IAAA,GAAO,MAAA,EAAQ,eAAA,EAAiB,OAAA,UAAiB,OAAA;IAAY,GAAA;IAAc,GAAA,GAAM,MAAA;IAAwB,OAAA;EAAA,MAAuB,OAAA,CAAQ,UAAA;EAe9G;EAZ1B,QAAA,GAAW,MAAA,EAAQ,eAAA,EAAiB,IAAA,aAAiB,OAAA;EAYO;;;;;;;;;;EAA5D,cAAA,IAAkB,MAAA,EAAQ,eAAA,EAAiB,IAAA,aAAiB,OAAA,CAAQ,UAAA;EArB3D;EAwBT,SAAA,GAAY,MAAA,EAAQ,eAAA,EAAiB,IAAA,UAAc,OAAA,aAAoB,OAAA;EArBvE;EAwBA,SAAA,GAAY,MAAA,EAAQ,eAAA,EAAiB,IAAA,aAAiB,OAAA;EAxB9C;EA2BR,OAAA,GAAU,MAAA,EAAQ,eAAA,KAAoB,OAAA;AAAA"}
1
+ {"version":3,"file":"types-Ce78ds4h.d.ts","names":[],"sources":["../src/contexts/types.ts"],"mappings":";;AAaA;;;;;;;UAAiB,mBAAA;EAQZ;EANH,KAAA;EAce;EAZf,UAAA;;EAEA,OAAA;EAWA;EATA,GAAA;AAAA;;UAQe,eAAA;EACf,EAAA;EACA,IAAA,EAAM,WAAA;EASmB;EAPzB,GAAA;AAAA;AAAA,UAOe,UAAA;EACf,MAAA;EACA,MAAA;EACA,QAAA;AAAA;AAAA,UAOe,WAAA;EAAW;EAE1B,GAAA;EAEY;EAAZ,GAAA,GAAM,MAAA;EAAN;EAEA,KAAA;EAAA;EAEA,MAAA;IAEE,yBAAA,MAAA,WAIA;IAFA,GAAA,WAMA;IAJA,OAAA;EAAA;EAMY;EAHd,OAAA;IACE,QAAA;IACA,MAAA;IAAA,CACC,GAAA;EAAA;AAAA;AAAA,KAQO,WAAA;AAAA,UAEK,gBAAA;;WAEN,IAAA,EAAM,WAAA;EAGQ;EAAA,SAAd,YAAA,EAAc,mBAAA;EAGkB;EAAzC,KAAA,GAAQ,MAAA,GAAS,WAAA,KAAgB,OAAA,CAAQ,eAAA;EAG1B;EAAf,IAAA,GAAO,MAAA,EAAQ,eAAA,EAAiB,OAAA,UAAiB,OAAA;IAAY,GAAA;IAAc,GAAA,GAAM,MAAA;IAAwB,OAAA;EAAA,MAAuB,OAAA,CAAQ,UAAA;EAe9G;EAZ1B,QAAA,GAAW,MAAA,EAAQ,eAAA,EAAiB,IAAA,aAAiB,OAAA;EAYO;;;;;;;;;;EAA5D,cAAA,IAAkB,MAAA,EAAQ,eAAA,EAAiB,IAAA,aAAiB,OAAA,CAAQ,UAAA;EArB3D;EAwBT,SAAA,GAAY,MAAA,EAAQ,eAAA,EAAiB,IAAA,UAAc,OAAA,aAAoB,OAAA;EArBvE;EAwBA,SAAA,GAAY,MAAA,EAAQ,eAAA,EAAiB,IAAA,aAAiB,OAAA;EAxB9C;EA2BR,OAAA,GAAU,MAAA,EAAQ,eAAA,KAAoB,OAAA;AAAA"}
package/dist/types.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import { a as ExecutionHandle, i as ExecutionContext, n as ContextType, o as SpawnConfig, r as ExecResult, t as ContextCapabilities } from "./types-OtrV6LJT.js";
2
- import { t as SandboxProvider } from "./index-DYcymRtr.js";
3
- import { A as SessionStore, At as StreamHookContext, Bt as toolResultToText, C as SkillResource, Ct as RunHookMap, D as Session, Dt as SessionMessage, E as CreateSessionOptions, Et as SessionHookContext, Ft as ToolResultImageContent, G as ProviderCapabilities, Gt as CONTEXT_EXCEEDED_MESSAGE_PATTERNS, Ht as AgentContextExceededError, It as ToolResultTextContent, J as ToolCall, Jt as matchesContextExceeded, K as StreamCallbacks, Kt as ClassifiedError, Lt as TurnFinishReason, Mt as ToolExecutionMode, N as RemoteStoreOptions, Nt as ToolHookContext, O as SessionData, Ot as SessionTurn, Pt as ToolResultContent, Q as OpenRouterParams, Rt as TurnUsage, St as PromptTextPart, T as SkillsConfig, Tt as SessionEndStatus, Ut as AgentProviderError, Vt as AgentAbortedError, W as Provider, Wt as AgentToolNotAllowedError, X as ToolSpec, Y as ToolResult, Z as TurnResult, _t as McpToolHookContext, b as ToolMap, bt as PromptImagePart, ct as CerebrasParams, ft as AgentBehavior, gt as McpServerConfig, ht as ChildRunStats, i as AgentOptions, jt as ThinkingLevel, k as SessionRun, kt as SpawnHookContext, mt as AgentStats, ot as OpenAIParams, p as McpConnection, pt as AgentRunOptions, q as StreamOptions, qt as ClassifiedErrorKind, r as AgentHooks, t as Agent, ut as AnthropicParams, v as ToolContext, vt as OAuthRefreshHookContext, wt as SessionContentBlock, x as SkillConfig, xt as PromptPart, y as ToolDef, yt as PromptDocumentPart, zt as toolOutputByteLength } from "./agent-B0vrSTQ9.js";
4
- import { I as ModelUsage, L as flattenTurns, R as statsByModel, _ as ChildAgent, f as ValidationResult, j as InteractionToolOptions, t as Preset, v as SpawnToolOptions, y as SpawnToolState } from "./index-CFxhms_B.js";
1
+ import { a as ExecutionHandle, i as ExecutionContext, n as ContextType, o as SpawnConfig, r as ExecResult, t as ContextCapabilities } from "./types-Ce78ds4h.js";
2
+ import { t as SandboxProvider } from "./index-BiO_5Hm4.js";
3
+ import { A as SessionStore, At as StreamHookContext, Bt as toolResultToText, C as SkillResource, Ct as RunHookMap, D as Session, Dt as SessionMessage, E as CreateSessionOptions, Et as SessionHookContext, Ft as ToolResultImageContent, G as ProviderCapabilities, Gt as CONTEXT_EXCEEDED_MESSAGE_PATTERNS, Ht as AgentContextExceededError, It as ToolResultTextContent, J as ToolCall, Jt as matchesContextExceeded, K as StreamCallbacks, Kt as ClassifiedError, Lt as TurnFinishReason, Mt as ToolExecutionMode, N as RemoteStoreOptions, Nt as ToolHookContext, O as SessionData, Ot as SessionTurn, Pt as ToolResultContent, Q as OpenRouterParams, Rt as TurnUsage, St as PromptTextPart, T as SkillsConfig, Tt as SessionEndStatus, Ut as AgentProviderError, Vt as AgentAbortedError, W as Provider, Wt as AgentToolNotAllowedError, X as ToolSpec, Y as ToolResult, Z as TurnResult, _t as McpToolHookContext, b as ToolMap, bt as PromptImagePart, ct as CerebrasParams, ft as AgentBehavior, gt as McpServerConfig, ht as ChildRunStats, i as AgentOptions, jt as ThinkingLevel, k as SessionRun, kt as SpawnHookContext, mt as AgentStats, ot as OpenAIParams, p as McpConnection, pt as AgentRunOptions, q as StreamOptions, qt as ClassifiedErrorKind, r as AgentHooks, t as Agent, ut as AnthropicParams, v as ToolContext, vt as OAuthRefreshHookContext, wt as SessionContentBlock, x as SkillConfig, xt as PromptPart, y as ToolDef, yt as PromptDocumentPart, zt as toolOutputByteLength } from "./agent-BEtOGMct.js";
4
+ import { I as ModelUsage, L as flattenTurns, R as statsByModel, _ as ChildAgent, f as ValidationResult, j as InteractionToolOptions, t as Preset, v as SpawnToolOptions, y as SpawnToolState } from "./index-CYnIU6Pp.js";
5
5
  export { type Agent, AgentAbortedError, type AgentBehavior, AgentContextExceededError, type AgentHooks, type AgentOptions, AgentProviderError, type AgentRunOptions, type AgentStats, AgentToolNotAllowedError, type AnthropicParams, CONTEXT_EXCEEDED_MESSAGE_PATTERNS, type CerebrasParams, type ChildAgent, type ChildRunStats, type ClassifiedError, type ClassifiedErrorKind, type ContextCapabilities, type ContextType, type CreateSessionOptions, type ExecResult, type ExecutionContext, type ExecutionHandle, type InteractionToolOptions, type McpConnection, type McpServerConfig, type McpToolHookContext, type ModelUsage, type OAuthRefreshHookContext, type OpenAIParams, type OpenRouterParams, type Preset, type PromptDocumentPart, type PromptImagePart, type PromptPart, type PromptTextPart, type Provider, type ProviderCapabilities, type RemoteStoreOptions, type RunHookMap, type SandboxProvider, type Session, type SessionContentBlock, type SessionData, type SessionEndStatus, type SessionHookContext, type SessionMessage, type SessionRun, type SessionStore, type SessionTurn, type SkillConfig, type SkillResource, type SkillsConfig, type SpawnConfig, type SpawnHookContext, type SpawnToolOptions, type SpawnToolState, type StreamCallbacks, type StreamHookContext, type StreamOptions, type ThinkingLevel, type ToolCall, type ToolContext, type ToolDef, type ToolExecutionMode, type ToolHookContext, type ToolMap, type ToolResult, type ToolResultContent, type ToolResultImageContent, type ToolResultTextContent, type ToolSpec, type TurnFinishReason, type TurnResult, type TurnUsage, type ValidationResult, flattenTurns, matchesContextExceeded, statsByModel, toolOutputByteLength, toolResultToText };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "zidane",
3
- "version": "5.1.3",
3
+ "version": "5.1.7",
4
4
  "description": "an agent that goes straight to the goal",
5
5
  "type": "module",
6
6
  "private": false,
package/dist/mcp-BgwK6ySj.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"mcp-BgwK6ySj.js","names":[],"sources":["../src/mcp/oauth-provider.ts","../src/mcp/sse-to-json-fetch.ts","../src/mcp/tolerant-client.ts","../src/mcp/index.ts"],"sourcesContent":["/**\n * OAuth 2.1 client provider for MCP servers.\n *\n * Implements the MCP SDK's `OAuthClientProvider` interface — the SDK handles\n * the protocol (PKCE, RFC 9728 protected-resource discovery, RFC 8414 / OIDC\n * authorization-server metadata, RFC 7591 dynamic client registration, token\n * refresh). This class provides the two halves the SDK delegates to consumers:\n *\n * - **Persistence** — tokens, registered client info, optional discovery\n * state cache, and PKCE code verifier. Storage is injected via the\n * `McpCredentialStore` interface so the SDK adapter has no FS dependency;\n * the chat layer wires a file-backed store, tests use the in-memory one.\n *\n * - **Redirect** — when the SDK wants the user agent to navigate to the\n * authorization URL, we hand the URL to the host (the TUI opens a\n * browser + surfaces the URL in a status row). The PKCE code verifier\n * stays in process memory for the lifetime of the flow; persisting it\n * across process restarts would expose it on disk for no real benefit\n * since the loopback callback server is also process-local.\n *\n * Two modes by `redirectUri`:\n *\n * - **Non-interactive** (`redirectUri: undefined`) — used during bootstrap.\n * The SDK will use stored tokens, auto-refresh on expiry, but cannot\n * trigger a browser flow. Missing tokens cause the SDK to throw\n * `UnauthorizedError`, which the caller catches and converts to a\n * `mcp:auth:required` signal.\n *\n * - **Interactive** (`redirectUri: 'http://127.0.0.1:<port>/callback'`) —\n * used when the user explicitly triggers login. The caller has already\n * stood up a loopback callback server (see `oauth-callback.ts`) and\n * orchestrates: `client.connect()` → catches `UnauthorizedError` →\n * waits on the callback for the `code` → `transport.finishAuth(code)`\n * → retry `client.connect()`.\n */\n\nimport type {\n OAuthClientProvider,\n OAuthDiscoveryState,\n} from '@modelcontextprotocol/sdk/client/auth.js'\nimport type {\n OAuthClientInformationMixed,\n OAuthClientMetadata,\n OAuthTokens,\n} from '@modelcontextprotocol/sdk/shared/auth.js'\n\n/**\n * Per-server persisted state. Subfields are optional so a partial save\n * (e.g. `saveCodeVerifier` arriving before `saveTokens`) doesn't blow away\n * earlier subfields — the provider always patches, never replaces.\n */\nexport interface McpCredentialEntry {\n tokens?: OAuthTokens\n clientInformation?: OAuthClientInformationMixed\n discoveryState?: OAuthDiscoveryState\n}\n\nexport interface McpCredentialStore {\n load: (name: string) => McpCredentialEntry | undefined\n save: (name: string, entry: McpCredentialEntry) => void\n delete: (name: string) => void\n}\n\n/**\n * In-memory store — primarily for tests, but valid as a no-persistence option\n * (tokens evaporate on process exit, the user re-auths every cold start).\n */\nexport function createMemoryMcpCredentialStore(seed?: Record<string, McpCredentialEntry>): McpCredentialStore {\n const state = new Map<string, McpCredentialEntry>(Object.entries(seed ?? {}))\n return {\n load: name => state.get(name),\n save: (name, entry) => { state.set(name, entry) },\n delete: (name) => { state.delete(name) },\n }\n}\n\nexport interface McpOAuthProviderOptions {\n /** Server name — used as the storage key. */\n name: string\n /** Persistence backend. */\n store: McpCredentialStore\n /**\n * Loopback callback URI. Pass `undefined` for bootstrap (non-interactive\n * mode — stored tokens + refresh only, never opens a browser).\n */\n redirectUri?: string\n /**\n * Invoked when the SDK wants the user agent to navigate to the authorization\n * URL. Typically the host opens the browser AND emits a hook so the TUI can\n * render the URL in a status row. No-op in non-interactive mode (the SDK\n * still calls this before throwing `UnauthorizedError` from connect).\n */\n onAuthorizationUrl?: (url: URL) => void | Promise<void>\n /**\n * `client_name` used in dynamic client registration. Defaults to `'zidane'`.\n * Some servers display this string to the user on the consent screen.\n */\n clientName?: string\n /**\n * Override the requested OAuth scope. Default: unset (the SDK negotiates\n * via the server's metadata).\n */\n scope?: string\n}\n\nconst DEFAULT_CLIENT_NAME = 'zidane'\n\nexport class McpOAuthProvider implements OAuthClientProvider {\n private readonly name: string\n private readonly store: McpCredentialStore\n private readonly _redirectUri?: string\n private readonly onAuthorizationUrl?: (url: URL) => void | Promise<void>\n private readonly clientName: string\n private readonly _scope?: string\n // PKCE verifier is process-local — see file header. Module-scoped Map would\n // leak across concurrent flows for different servers; per-instance is the\n // right granularity.\n private codeVerifierValue: string | undefined\n\n constructor(opts: McpOAuthProviderOptions) {\n this.name = opts.name\n this.store = opts.store\n this._redirectUri = opts.redirectUri\n this.onAuthorizationUrl = opts.onAuthorizationUrl\n this.clientName = opts.clientName ?? DEFAULT_CLIENT_NAME\n this._scope = opts.scope\n }\n\n get redirectUrl(): string | URL | undefined {\n return this._redirectUri\n }\n\n get clientMetadata(): OAuthClientMetadata {\n return {\n // The SDK validates `redirect_uris` non-empty; we use a placeholder\n // when running non-interactively (no callback server is up). The\n // server won't actually redirect anywhere because the SDK throws\n // `UnauthorizedError` before any browser navigation in that mode.\n redirect_uris: [this._redirectUri ?? 'http://127.0.0.1:0/callback'],\n client_name: this.clientName,\n // PKCE-only public client — no client_secret. RFC 8252 native-app pattern.\n token_endpoint_auth_method: 'none',\n grant_types: ['authorization_code', 'refresh_token'],\n response_types: ['code'],\n ...(this._scope ? { scope: this._scope } : {}),\n }\n }\n\n tokens(): OAuthTokens | undefined {\n return this.store.load(this.name)?.tokens\n }\n\n saveTokens(tokens: OAuthTokens): void {\n this.patch({ tokens })\n }\n\n clientInformation(): OAuthClientInformationMixed | undefined {\n return this.store.load(this.name)?.clientInformation\n }\n\n saveClientInformation(info: OAuthClientInformationMixed): void {\n this.patch({ clientInformation: info })\n }\n\n discoveryState(): OAuthDiscoveryState | undefined {\n return this.store.load(this.name)?.discoveryState\n }\n\n saveDiscoveryState(state: OAuthDiscoveryState): void {\n this.patch({ discoveryState: state })\n }\n\n saveCodeVerifier(verifier: string): void {\n this.codeVerifierValue = verifier\n }\n\n codeVerifier(): string {\n if (!this.codeVerifierValue) {\n // Spec-correct error — the SDK would otherwise complete the code\n // exchange with an empty verifier and the auth server would 400.\n throw new Error(\n `MCP OAuth: code verifier missing for \"${this.name}\" — `\n + 'the flow must call saveCodeVerifier() before the redirect',\n )\n }\n return this.codeVerifierValue\n }\n\n async redirectToAuthorization(url: URL): Promise<void> {\n await this.onAuthorizationUrl?.(url)\n }\n\n /**\n * Wipe stored credentials when the server reports the cached state is no\n * longer valid. The SDK calls this with a scope hint:\n * - `'tokens'` → access/refresh revoked, keep client registration\n * - `'client'` → client registration invalidated, reset everything\n * - `'verifier'`→ PKCE state stale (e.g. mismatched state param)\n * - `'discovery'` → discovery metadata stale (servers re-keyed)\n * - `'all'` → full reset\n */\n async invalidateCredentials(scope: 'all' | 'client' | 'tokens' | 'verifier' | 'discovery'): Promise<void> {\n if (scope === 'verifier') {\n this.codeVerifierValue = undefined\n return\n }\n const current = this.store.load(this.name)\n if (!current)\n return\n if (scope === 'all') {\n this.codeVerifierValue = undefined\n this.store.delete(this.name)\n return\n }\n const next: McpCredentialEntry = { ...current }\n if (scope === 'tokens')\n delete next.tokens\n if (scope === 'client') {\n delete next.clientInformation\n // Client identity changed; previously-issued tokens and discovery\n // are no longer valid against the new registration.\n delete next.tokens\n delete next.discoveryState\n }\n if (scope === 'discovery')\n delete next.discoveryState\n this.store.save(this.name, next)\n }\n\n private patch(updates: Partial<McpCredentialEntry>): void {\n const existing = this.store.load(this.name) ?? {}\n this.store.save(this.name, { ...existing, ...updates })\n }\n}\n\n/**\n * True when an HTTP transport's auth headers already include an explicit\n * Authorization. Used by the bootstrap escape-hatch: a user who provided\n * their own bearer token shouldn't be auto-promoted to OAuth on a 401.\n *\n * Case-insensitive — Node normalizes outgoing headers to lowercase but\n * users hand-write `Authorization` in configs.\n */\nexport function hasAuthorizationHeader(headers: Record<string, string> | undefined): boolean {\n if (!headers)\n return false\n for (const key of Object.keys(headers)) {\n if (key.toLowerCase() === 'authorization')\n return true\n }\n return false\n}\n","/**\n * `fetch` shim that converts streamable-http POST responses with\n * `Content-Type: text/event-stream` into synthetic `application/json`\n * responses, preserving every original header (notably `mcp-session-id`).\n *\n * Why this exists\n * ----------------\n * The MCP SDK's streamable-http transport handles POST responses two ways\n * depending on `content-type`:\n *\n * - `application/json` → `await response.json()` (works on every runtime).\n * - `text/event-stream` → `body.pipeThrough(TextDecoderStream)\n * .pipeThrough(EventSourceParserStream)`\n * and forward each parsed event to `onmessage`.\n *\n * On Bun + MCP SDK 1.29.x the second pipeline silently drops the parsed\n * event: the full `event: message\\ndata: {...}\\n\\n` arrives intact, the\n * stream closes, but `onmessage` is never called. Bootstrap then waits the\n * full `bootstrapTimeout` (10s default) and the agent loses every tool the\n * server would have exposed.\n *\n * The MCP spec lets clients accept either content type\n * (`Accept: application/json, text/event-stream`), so flipping the stream\n * to JSON at the boundary is a transparent, server-agnostic workaround.\n *\n * Scope of the shim\n * -----------------\n * - POST + `text/event-stream` → drain, parse SSE message events, return\n * a synthetic `application/json` response. Single event becomes a JSON\n * object (matching the shape the SDK expects from non-streaming\n * servers); multiple events become a JSON array (the SDK already\n * iterates `Array.isArray(data)` from a JSON response).\n * - GET (long-lived `_startOrAuthSse` listener) → untouched. Per-event\n * latency matters there and the SSE pipeline isn't always broken on\n * GET in the same way (different code path inside Bun's stream impl).\n * - 202 / non-SSE / malformed SSE / no body → passthrough.\n *\n * Runtime gating\n * --------------\n * `sseToJsonFetchIfNeeded()` only returns a wrapper on Bun. Node + browser\n * runtimes get `undefined` and the SDK uses global `fetch` directly — no\n * extra buffer-and-redrain on the happy path, and no risk of collapsing a\n * future progress-streaming response into a single batched array. If you\n * need to apply the shim unconditionally (testing, custom hosts), call\n * `sseToJsonFetch()` directly.\n *\n * Cleanup\n * -------\n * Remove this file and its `fetch:` injection in `createTransport` once\n * either Bun fixes the `pipeThrough` chain or the SDK switches off the\n * streaming pipeline by default.\n */\n\n/**\n * Detect whether we're running on Bun. The `Bun` global is set by the\n * runtime itself and isn't faked by Bun's Node-compat layer.\n */\nfunction isBunRuntime(): boolean {\n return typeof (globalThis as { Bun?: unknown }).Bun !== 'undefined'\n}\n\n/**\n * Returns the `sseToJsonFetch` wrapper only on runtimes that need it\n * (currently Bun). Returns `undefined` everywhere else, which makes the\n * SDK fall back to the global `fetch` and keeps the streaming pipeline\n * intact on Node where it works correctly.\n *\n * Designed as the value to pass directly to `StreamableHTTPClientTransport`'s\n * `fetch` option:\n *\n * new StreamableHTTPClientTransport(url, {\n * fetch: sseToJsonFetchIfNeeded(),\n * })\n */\nexport function sseToJsonFetchIfNeeded(): typeof fetch | undefined {\n return isBunRuntime() ? sseToJsonFetch() : undefined\n}\n\n/**\n * Wrap a `fetch` implementation so streamable-http POST responses that come\n * back as `text/event-stream` are converted to JSON. Pass the result as\n * `opts.fetch` to `StreamableHTTPClientTransport`.\n *\n * Always-on (i.e. unconditional) — for the runtime-gated entry point,\n * use {@link sseToJsonFetchIfNeeded} instead.\n */\nexport function sseToJsonFetch(baseFetch: typeof fetch = fetch): typeof fetch {\n return async function sseToJsonWrappedFetch(input, init) {\n const response = await baseFetch(input, init)\n\n // Only intercept POSTs. The SDK's GET path opens a long-lived SSE\n // listener (`_startOrAuthSse`) that we must not buffer-drain.\n const method = (init?.method ?? 'GET').toString().toUpperCase()\n if (method !== 'POST')\n return response\n\n const contentType = response.headers.get('content-type')\n if (!contentType || !contentType.includes('text/event-stream'))\n return response\n\n if (!response.body)\n return response\n\n let raw: string\n try {\n raw = await response.text()\n }\n catch {\n // Bun edge case: if even .text() fails, surrender — the original\n // response is already drained, so we can't recover. Return it; the\n // SDK will surface the underlying read error.\n return response\n }\n\n const events = parseSseDataEvents(raw)\n // Single event → bare object; multi-event or zero → array. The SDK's\n // JSON branch handles both shapes (`Array.isArray(data) ? data.map(…) : …`).\n const payload = events.length === 1 ? events[0] : events\n return synthesizeJsonResponse(response, payload)\n } as typeof fetch\n}\n\n/**\n * Parse a buffered SSE body into the JSON payloads of its `message` events.\n *\n * Skips:\n * - SSE comments (lines starting with `:`).\n * - Non-default event types (`event: foo` ≠ `message`). The MCP server\n * only ever emits `message` events for JSON-RPC; anything else is out of\n * band and the SDK wouldn't have surfaced it to `onmessage` either.\n * - Malformed `data:` payloads (anything that fails `JSON.parse`).\n */\nfunction parseSseDataEvents(raw: string): unknown[] {\n const events: unknown[] = []\n for (const block of raw.split(/\\r?\\n\\r?\\n/)) {\n if (!block.trim())\n continue\n\n const dataLines: string[] = []\n let isMessageEvent = true\n for (const line of block.split(/\\r?\\n/)) {\n if (line.startsWith(':'))\n continue\n if (line.startsWith('event:')) {\n const eventType = line.slice('event:'.length).trim()\n if (eventType && eventType !== 'message')\n isMessageEvent = false\n }\n else if (line.startsWith('data:')) {\n // Per SSE spec: a single leading space after `data:` is part of the\n // separator, not the payload. Anything beyond it is.\n const value = line.slice('data:'.length)\n dataLines.push(value.startsWith(' ') ? value.slice(1) : value)\n }\n }\n\n if (!isMessageEvent || dataLines.length === 0)\n continue\n\n try {\n events.push(JSON.parse(dataLines.join('\\n')))\n }\n catch {\n // Drop malformed events. The SDK's broken pipe would have dropped\n // them too — staying silent here matches that baseline.\n }\n }\n return events\n}\n\n/**\n * Build a `Response` mirroring the original's status / statusText / headers\n * but with a JSON body and `content-type: application/json`. Header\n * preservation is the whole point — `mcp-session-id` is set by the server\n * on the initialize POST and must round-trip into the SDK's\n * `_sessionId` capture (`response.headers.get('mcp-session-id')`).\n */\nfunction synthesizeJsonResponse(original: Response, payload: unknown): Response {\n const headers = new Headers(original.headers)\n headers.set('content-type', 'application/json')\n return new Response(JSON.stringify(payload), {\n status: original.status,\n statusText: original.statusText,\n headers,\n })\n}\n","/**\n * Drop-in `Client` subclass whose `connect()` mirrors the upstream MCP SDK\n * sequence but treats `notifications/initialized` as best-effort.\n *\n * The MCP spec marks that notification fire-and-forget, but the SDK awaits\n * the underlying transport `send()` and rethrows on any HTTP 4xx. Several\n * real-world streamable-http servers (e.g. browser-codemode, custom MCPs\n * that gate non-initialize routes on a session id that didn't yet exist when\n * the notification posted) reject the notification with a 4xx and still\n * accept every subsequent request. The base `Client.connect()` then closes\n * the transport, the bootstrap fails, and the agent silently loses every\n * tool the server would have exposed.\n *\n * This module changes only that single step — log + continue if the\n * notification throws. Initialize, capability/version capture,\n * `setProtocolVersion`, listChanged handler wiring, and the close-on-failure\n * path for everything else are preserved verbatim from the SDK.\n *\n * Lazy SDK load: `@modelcontextprotocol/sdk` is an *optional* peer dep, so\n * the class is built inside `createTolerantClient()` via dynamic imports.\n * Importing this module does NOT trigger SDK resolution — callers only\n * incur the cost when they actually instantiate a client.\n *\n * Should be removed when the SDK lands an opt-in tolerance flag upstream.\n */\nimport type { Client } from '@modelcontextprotocol/sdk/client/index.js'\n\n// Private fields the override needs to read/write to mirror upstream behavior.\n// Cast surface is isolated to this one type so the rest of the file stays clean.\ninterface ClientPrivates {\n _capabilities: unknown\n _clientInfo: unknown\n _serverCapabilities: unknown\n _serverVersion: unknown\n _instructions: unknown\n _pendingListChangedConfig?: unknown\n _setupListChangedHandlers: (config: unknown) => void\n}\n\ninterface MaybeSessionedTransport {\n sessionId?: unknown\n setProtocolVersion?: (v: string) => void\n}\n\n/**\n * Options forwarded to the upstream `Client` constructor. Mirrors the\n * publicly-observable shape so we don't have to re-export `Client`'s\n * private `ClientOptions` type (which would force consumers of the lazy\n * factory below to install the SDK at type-check time too).\n */\nexport interface TolerantClientOptions {\n /** Capabilities advertised to the server on `initialize`. */\n capabilities?: Record<string, unknown>\n /** When true, the SDK rejects requests for methods the server didn't advertise. */\n enforceStrictCapabilities?: boolean\n /** Per-request timeout in ms; the SDK falls back to its own default when unset. */\n defaultRequestTimeout?: number\n}\n\n/**\n * Async factory — builds an instance of the tolerant MCP client. The\n * actual `Client` subclass definition lives inside the factory so the\n * `@modelcontextprotocol/sdk` import only resolves when MCP is in use.\n *\n * Second `options` arg forwards directly into the upstream `Client`\n * constructor so tests / advanced consumers can supply capabilities,\n * `enforceStrictCapabilities`, etc.\n */\nexport async function createTolerantClient(\n info: { name: string, version: string },\n options?: TolerantClientOptions,\n): Promise<Client> {\n const { Client } = await import('@modelcontextprotocol/sdk/client/index.js')\n const { Protocol } = await import('@modelcontextprotocol/sdk/shared/protocol.js')\n const { InitializeResultSchema, LATEST_PROTOCOL_VERSION, SUPPORTED_PROTOCOL_VERSIONS } = await import('@modelcontextprotocol/sdk/types.js')\n\n class TolerantMcpClient extends Client {\n async connect(\n transport: Parameters<Client['connect']>[0],\n options?: Parameters<Client['connect']>[1],\n ): Promise<void> {\n // Wire the transport (Protocol.connect — onmessage/onclose/onerror hooks\n // and transport.start) without sending any messages. We MUST NOT call\n // `super.connect()` here — that's `Client.connect`, which would\n // re-execute the very initialize+notification dance we're overriding.\n await Protocol.prototype.connect.call(this as never, transport)\n\n // Reconnect path: the upstream client short-circuits on a transport that\n // already carries a session id, so do we.\n if ((transport as MaybeSessionedTransport).sessionId !== undefined)\n return\n\n const self = this as unknown as ClientPrivates\n\n try {\n const result = await this.request(\n {\n method: 'initialize',\n params: {\n protocolVersion: LATEST_PROTOCOL_VERSION,\n capabilities: self._capabilities,\n clientInfo: self._clientInfo,\n },\n },\n InitializeResultSchema,\n options,\n )\n\n if (result === undefined)\n throw new Error(`Server sent invalid initialize result: ${result}`)\n if (!SUPPORTED_PROTOCOL_VERSIONS.includes(result.protocolVersion))\n throw new Error(`Server's protocol version is not supported: ${result.protocolVersion}`)\n\n self._serverCapabilities = result.capabilities\n self._serverVersion = result.serverInfo\n\n const setProtocolVersion = (transport as MaybeSessionedTransport).setProtocolVersion\n if (setProtocolVersion)\n setProtocolVersion.call(transport, result.protocolVersion)\n\n self._instructions = result.instructions\n\n // Best-effort. The session id (if any) is already captured by the\n // transport from the `initialize` response headers, so subsequent\n // requests like `tools/list` still authenticate. Don't bring down the\n // whole connection on a 4xx for a fire-and-forget notification.\n try {\n await this.notification({ method: 'notifications/initialized' })\n }\n catch (notifyError) {\n const msg = notifyError instanceof Error ? notifyError.message : String(notifyError)\n console.warn(`[zidane:mcp] server rejected notifications/initialized (continuing): ${msg}`)\n }\n\n if (self._pendingListChangedConfig) {\n self._setupListChangedHandlers(self._pendingListChangedConfig)\n self._pendingListChangedConfig = undefined\n }\n }\n catch (error) {\n // Same failure path as upstream Client — anything *other* than the\n // tolerated notification failure tears the transport down so the\n // bootstrap surfaces a clear error.\n void this.close()\n throw error\n }\n }\n }\n\n return new TolerantMcpClient(info, options)\n}\n","/**\n * MCP (Model Context Protocol) server support.\n *\n * Connects to one or more MCP servers, discovers their tools,\n * and wraps them as zidane ToolDefs for use in agent loops.\n */\n\nimport type { OAuthClientProvider } from '@modelcontextprotocol/sdk/client/auth.js'\nimport type { Client } from '@modelcontextprotocol/sdk/client/index.js'\nimport type { Hookable } from 'hookable'\nimport type { AgentHooks } from '../agent'\nimport type { ToolContext, ToolDef } from '../tools/types'\nimport type { McpServerConfig, ToolResultContent } from '../types'\nimport { Buffer } from 'node:buffer'\nimport { toolOutputByteLength } from '../types'\nimport { hasAuthorizationHeader } from './oauth-provider'\nimport { sseToJsonFetchIfNeeded } from './sse-to-json-fetch'\nimport { createTolerantClient } from './tolerant-client'\n\n// NOTE: `@modelcontextprotocol/sdk` is an *optional* peer dependency\n// (see package.json). Static imports here would force every consumer of\n// `zidane` to install the SDK even if they never wire any MCP servers —\n// which fails on install with `--no-optional` or in restricted CI\n// environments. All runtime imports are inside `createTransport` /\n// `loadTolerantClient` below so the SDK is only resolved when MCP is\n// actually used. Type-only imports above are erased at compile time.\n\nexport type { McpServerConfig } from '../types'\n\nexport interface McpConnection {\n tools: Record<string, ToolDef>\n close: () => Promise<void>\n}\n\n// ---------------------------------------------------------------------------\n// Shape normalization\n// ---------------------------------------------------------------------------\n\ninterface RawServerShape {\n name?: string\n transport?: string\n type?: string\n command?: string\n args?: string[]\n env?: Record<string, string>\n strictEnv?: boolean\n url?: string\n httpUrl?: string\n sseUrl?: string\n headers?: Record<string, string>\n bootstrapTimeout?: number\n toolTimeout?: number\n enabledTools?: string[]\n disabledTools?: string[]\n toolFilter?: McpServerConfig['toolFilter']\n /** Canonical OAuth flag. */\n auth?: McpServerConfig['auth']\n /** Cursor runtime-state alias for `auth: 'oauth'`. */\n authMethod?: string\n [key: string]: unknown\n}\n\nconst DEFAULT_MCP_BOOTSTRAP_TIMEOUT_MS = 10_000\n\nfunction inferTransport(raw: RawServerShape): McpServerConfig['transport'] {\n if (raw.transport === 'stdio' || raw.transport === 'sse' || raw.transport === 'streamable-http')\n return raw.transport\n if (raw.type === 'stdio' || raw.type === 'sse' || raw.type === 'streamable-http' || raw.type === 'http')\n return raw.type === 'http' ? 'streamable-http' : raw.type\n if (raw.command)\n return 'stdio'\n if (raw.httpUrl)\n return 'streamable-http'\n if (raw.sseUrl)\n return 'sse'\n if (raw.url)\n return 'streamable-http'\n throw new Error(`Cannot infer MCP transport from config: ${JSON.stringify(raw)}`)\n}\n\nfunction normalizeOne(name: string, raw: RawServerShape): McpServerConfig {\n const transport = inferTransport(raw)\n const url = raw.url ?? raw.httpUrl ?? raw.sseUrl\n\n const config: McpServerConfig = { name, transport }\n if (raw.command)\n config.command = raw.command\n if (raw.args)\n config.args = raw.args\n if (raw.env)\n config.env = raw.env\n if (raw.strictEnv === true)\n config.strictEnv = true\n if (url)\n config.url = url\n if (raw.headers)\n config.headers = raw.headers\n if (typeof raw.bootstrapTimeout === 'number')\n config.bootstrapTimeout = raw.bootstrapTimeout\n if (typeof raw.toolTimeout === 'number')\n config.toolTimeout = raw.toolTimeout\n if (Array.isArray(raw.enabledTools))\n config.enabledTools = raw.enabledTools\n if (Array.isArray(raw.disabledTools))\n config.disabledTools = raw.disabledTools\n if (typeof raw.toolFilter === 'function')\n config.toolFilter = raw.toolFilter\n // Canonical `auth` field; also recognize Cursor's `authMethod: 'mcpOAuth'`\n // runtime-state shape so pasted ~/.cursor/mcp.json entries Just Work.\n if (raw.auth === 'oauth' || raw.authMethod === 'mcpOAuth')\n config.auth = 'oauth'\n\n return config\n}\n\n/**\n * True when the input looks like a single config object (flat fields like `command`,\n * `transport`, `url`) rather than a record whose values are configs.\n */\nfunction looksLikeSingleConfig(obj: Record<string, unknown>): boolean {\n const singleConfigKeys = ['transport', 'type', 'command', 'url', 'httpUrl', 'sseUrl']\n return singleConfigKeys.some(key => typeof obj[key] === 'string')\n}\n\n/**\n * Normalize MCP server configs from any common shape to `McpServerConfig[]`.\n *\n * Accepts:\n * - `McpServerConfig[]` — zidane native (pass-through).\n * - `McpServerConfig` — a single config object (wrapped to a 1-element array).\n * - `Record<string, RawShape>` — name-keyed map (common in host-SDK configs), where the key is the server name.\n * - Mixed shapes with `type` vs `transport`, `httpUrl`/`sseUrl` vs `url`.\n *\n * Returns `[]` when `input` is nullish. Throws a descriptive error when the transport\n * cannot be inferred from a given entry, or when the input shape is unsupported.\n */\nexport function normalizeMcpServers(input: unknown): McpServerConfig[] {\n if (input == null)\n return []\n\n if (Array.isArray(input)) {\n return input.map((raw, idx) => {\n const obj = raw as RawServerShape\n const name = obj.name ?? `mcp_${idx}`\n return normalizeOne(name, obj)\n })\n }\n\n if (typeof input === 'object') {\n const obj = input as Record<string, unknown>\n // Single-config heuristic: flat fields like `transport`/`command`/`url` at the top\n // level indicate a single McpServerConfig, not a record of configs.\n if (looksLikeSingleConfig(obj)) {\n const raw = obj as RawServerShape\n const name = raw.name ?? 'mcp_0'\n return [normalizeOne(name, raw)]\n }\n return Object.entries(obj as Record<string, RawServerShape>).map(\n ([name, raw]) => normalizeOne(name, raw ?? {}),\n )\n }\n\n throw new Error(`Unsupported MCP server config shape: ${typeof input}`)\n}\n\n/**\n * Lossy flattener — converts MCP `CallToolResult.content` blocks to a single\n * string. Text blocks are extracted; non-text blocks are JSON-stringified.\n *\n * Use this only at UI / log boundaries that require a string. The agent\n * loop itself routes through {@link normalizeMcpBlocks} so image blocks\n * survive into provider-native tool_result content (Anthropic blocks,\n * OpenAI companion-user-message).\n */\nexport function resultToString(content: unknown[]): string {\n if (!content || !Array.isArray(content))\n return ''\n return content\n .map((block) => {\n if (block && typeof block === 'object' && (block as { type?: unknown }).type === 'text') {\n const text = (block as { text?: unknown }).text\n if (typeof text === 'string')\n return text\n }\n return JSON.stringify(block)\n })\n .join('\\n')\n}\n\n/**\n * Normalize MCP `CallToolResult.content` to zidane's {@link ToolResultContent[]} shape.\n *\n * Handles the four MCP content block types:\n * - `text` → preserved as `{type:'text', text}`\n * - `image` → preserved as `{type:'image', mediaType, data}` (MCP uses `mimeType`)\n * - `resource` with embedded text → flattened to a text block\n * - `resource` with embedded blob whose `mimeType` is `image/*` → flattened to an image block\n * - Any unrecognized block → JSON-stringified fallback text block (lossy but safe)\n *\n * Returns `null` when the input is not an array — callers should fall back to an empty\n * result in that case.\n */\nexport function normalizeMcpBlocks(content: unknown): ToolResultContent[] | null {\n if (!Array.isArray(content))\n return null\n\n const out: ToolResultContent[] = []\n for (const raw of content) {\n if (!raw || typeof raw !== 'object')\n continue\n const block = raw as Record<string, unknown>\n\n if (block.type === 'text' && typeof block.text === 'string') {\n out.push({ type: 'text', text: block.text })\n continue\n }\n\n if (block.type === 'image' && typeof block.data === 'string') {\n const mediaType = typeof block.mimeType === 'string'\n ? block.mimeType\n : (typeof block.mediaType === 'string' ? block.mediaType : 'image/png')\n out.push({ type: 'image', mediaType, data: block.data })\n continue\n }\n\n if (block.type === 'resource' && block.resource && typeof block.resource === 'object') {\n const res = block.resource as Record<string, unknown>\n if (typeof res.text === 'string') {\n out.push({ type: 'text', text: res.text })\n continue\n }\n if (typeof res.blob === 'string' && typeof res.mimeType === 'string' && res.mimeType.startsWith('image/')) {\n out.push({ type: 'image', mediaType: res.mimeType, data: res.blob })\n continue\n }\n }\n\n // Audio, resource_link, and unknown block shapes — fall back to a JSON-stringified\n // text block. Lossy but keeps the information addressable by the model.\n out.push({ type: 'text', text: JSON.stringify(block) })\n }\n\n return out\n}\n\n/**\n * Route the MCP result content through the narrowest appropriate zidane shape:\n *\n * - All blocks are `text` → return a joined string (smaller wire payload,\n * string-friendly for hook consumers that don't need structured access).\n * - Any block is non-text → return a structured `ToolResultContent[]`.\n * - Empty / non-array input → return `''`.\n */\nfunction packMcpResult(content: unknown): string | ToolResultContent[] {\n const normalized = normalizeMcpBlocks(content)\n if (!normalized || normalized.length === 0)\n return ''\n\n // Single pass: build the joined string as we go. Bail to the structured array\n // the moment we hit a non-text block.\n const parts: string[] = []\n for (const block of normalized) {\n if (block.type !== 'text')\n return normalized\n parts.push(block.text)\n }\n return parts.join('\\n')\n}\n\n/**\n * Create the appropriate MCP transport for a server config.\n *\n * For stdio: when `config.env` is provided, it is merged on top of the MCP SDK's\n * `getDefaultEnvironment()` whitelist (`PATH`, `HOME`, `LANG`, `SHELL`, `USER` on\n * POSIX; `APPDATA`, `PATH`, ... on Win32). Without this defensive merge, older\n * MCP SDK versions strip `PATH` the moment a consumer sets any env, breaking\n * `spawn('node', ...)` with ENOENT. Pass `strictEnv: true` to opt out and send\n * `env` verbatim.\n */\nasync function createTransport(config: McpServerConfig, authProvider?: OAuthClientProvider) {\n switch (config.transport) {\n case 'stdio': {\n const { StdioClientTransport, getDefaultEnvironment } = await import('@modelcontextprotocol/sdk/client/stdio.js')\n const mergedEnv = config.env && !config.strictEnv\n ? { ...getDefaultEnvironment(), ...config.env }\n : config.env\n return new StdioClientTransport({\n command: config.command!,\n args: config.args,\n env: mergedEnv,\n })\n }\n case 'sse': {\n const { SSEClientTransport } = await import('@modelcontextprotocol/sdk/client/sse.js')\n return new SSEClientTransport(new URL(config.url!), {\n requestInit: config.headers ? { headers: config.headers } : undefined,\n authProvider,\n })\n }\n case 'streamable-http': {\n // `fetch: sseToJsonFetchIfNeeded()` works around a Bun + MCP SDK\n // 1.29.x bug where `text/event-stream` POST responses are buffered\n // correctly but never surface to `onmessage`, dead-locking bootstrap.\n // The helper returns the wrapper only on Bun and `undefined` on Node\n // (so the SDK's streaming pipeline stays intact where it works).\n // See ./sse-to-json-fetch.ts.\n const { StreamableHTTPClientTransport } = await import('@modelcontextprotocol/sdk/client/streamableHttp.js')\n return new StreamableHTTPClientTransport(new URL(config.url!), {\n requestInit: config.headers ? { headers: config.headers } : undefined,\n fetch: sseToJsonFetchIfNeeded(),\n authProvider,\n })\n }\n default:\n throw new Error(`Unknown MCP transport: ${config.transport}`)\n }\n}\n\n/**\n * True when an error from `client.connect()` indicates the server requires\n * OAuth (it advertises RFC 9728 protected-resource metadata and our token,\n * if any, was rejected). The SDK only throws `UnauthorizedError` after\n * confirming the resource is OAuth-protected — so this signal is more\n * specific than a generic 401.\n *\n * Detected by class name + the SDK's \"Unauthorized\" message prefix, since\n * the SDK's `UnauthorizedError` class isn't a stable export across versions.\n */\nfunction isUnauthorizedError(err: unknown): boolean {\n if (!err || typeof err !== 'object')\n return false\n const e = err as { name?: string, message?: string, constructor?: { name?: string } }\n if (e.name === 'UnauthorizedError' || e.constructor?.name === 'UnauthorizedError')\n return true\n return typeof e.message === 'string' && e.message.toLowerCase().startsWith('unauthorized')\n}\n\n/**\n * Optional knobs threaded into per-server bootstrap. Reserved for runtime\n * concerns the agent shell injects (credential storage, OAuth providers);\n * the `McpServerConfig` shape stays pure data.\n */\nexport interface ConnectMcpServersOptions {\n /**\n * Build a non-interactive `OAuthClientProvider` for a given server. Called\n * lazily — only invoked when the bootstrap actually needs auth (explicit\n * `auth: 'oauth'` flag, or a UnauthorizedError that meets the auto-detect\n * criteria). Return `undefined` to opt this server out of OAuth even if it\n * was requested (e.g. the host doesn't have a credential store for it).\n *\n * \"Non-interactive\" — the provider must NOT trigger a browser flow during\n * bootstrap. Use a `redirectUri` of `undefined` so the SDK reads stored\n * tokens, refreshes on expiry, and throws `UnauthorizedError` if tokens\n * are missing or refresh fails. The host then surfaces an\n * `mcp:auth:required` event so the user can opt in to interactive login.\n */\n buildAuthProvider?: (config: McpServerConfig) => OAuthClientProvider | undefined\n}\n\n/**\n * Connect to MCP servers and discover their tools.\n *\n * Each tool is namespaced as `mcp_{serverName}_{toolName}` to avoid\n * collisions with agent tools or tools from other servers.\n *\n * @param configs - Array of MCP server configurations\n * @param _clientFactory - Internal: override client construction for testing\n * @param hooks - Optional agent hooks for firing mcp:connect, mcp:error, mcp:close events\n * @param options - Optional bootstrap knobs (e.g. OAuth provider injection)\n */\nexport async function connectMcpServers(\n configs: McpServerConfig[],\n _clientFactory?: () => Client,\n hooks?: Hookable<AgentHooks>,\n options?: ConnectMcpServersOptions,\n): Promise<McpConnection> {\n const connections: { name: string, client: Client }[] = []\n const tools: Record<string, ToolDef> = {}\n const errors: { name: string, error: Error }[] = []\n let closed = false\n\n // Bootstrap every server in parallel. Previously this was a sequential for-loop,\n // which meant a single slow server (GitHub MCP, cold streamable-http endpoints,\n // anything on a flaky network) blocked the whole first `agent.run()` for up to\n // N × bootstrapTimeout. With `Promise.all` + per-server try/catch, wall-clock\n // collapses to the slowest server, and the existing partial-failure tolerance\n // keeps the agent alive when any subset connects.\n const bootstrapResults = await Promise.all(configs.map(config => bootstrapServer(config, _clientFactory, hooks, options)))\n\n for (const result of bootstrapResults) {\n if (result.skipped) {\n // Auth required but no tokens — already emitted `mcp:auth:required`.\n // Bootstrap continues with the other servers; the user opts in via\n // the host's interactive login path (`loginMcpServer`).\n continue\n }\n if (!result.ok) {\n errors.push({ name: result.name, error: result.error })\n await hooks?.callHook('mcp:error', { name: result.name, error: result.error })\n continue\n }\n\n connections.push({ name: result.name, client: result.client })\n const toolNames: string[] = []\n for (const tool of result.tools) {\n const namespacedName = `mcp_${result.config.name}_${tool.name}`\n toolNames.push(namespacedName)\n tools[namespacedName] = buildMcpToolDef(result.config, result.client, tool, namespacedName, hooks)\n }\n await hooks?.callHook('mcp:connect', {\n name: result.name,\n transport: result.config.transport,\n tools: toolNames,\n })\n }\n\n // If all servers failed, throw; partial failures are tolerated\n if (errors.length > 0 && connections.length === 0) {\n const messages = errors.map(e => `${e.name}: ${e.error.message}`).join(', ')\n throw new Error(`All MCP servers failed to connect: ${messages}`)\n }\n\n return {\n tools,\n close: async () => {\n // Idempotent — double-close on `agent.destroy()` retry should not\n // re-fire the hook or call `client.close()` twice (the stdio transport\n // treats a second close as a no-op but some transports throw).\n if (closed)\n return\n closed = true\n await Promise.allSettled(\n connections.map(async ({ name, client }) => {\n await hooks?.callHook('mcp:close', { name })\n await client.close()\n }),\n )\n },\n }\n}\n\n/**\n * Discriminated result returned by `bootstrapServer` so `connectMcpServers` can\n * aggregate successes + failures without letting a rejected promise tear down\n * the whole parallel batch.\n *\n * `skipped` is the third state: server needs OAuth login but has no tokens.\n * Not an error (we don't want a noisy `mcp:error`), not a success (no\n * connection). Caller already heard `mcp:auth:required` and decides whether\n * to surface a status row, prompt for login, etc.\n */\ntype BootstrapResult\n = | { ok: true, skipped?: false, name: string, config: McpServerConfig, client: Client, tools: Array<{ name: string, description?: string | null, inputSchema?: unknown }> }\n | { ok: false, skipped?: false, name: string, error: Error }\n | { ok: false, skipped: true, name: string }\n\n/**\n * Connect one MCP server and list its tools, wrapped in a single race against\n * `config.bootstrapTimeout` (default 10s). Always emits `mcp:bootstrap:start`\n * before network I/O and `mcp:bootstrap:end` with `durationMs` + outcome, so a\n * host can build a timing view even when every server succeeds.\n *\n * Errors are captured into the `{ ok: false }` result rather than thrown — the\n * parent uses `Promise.all` across every server and we can't let one rejection\n * short-circuit the batch.\n */\nasync function bootstrapServer(\n config: McpServerConfig,\n _clientFactory: (() => Client) | undefined,\n hooks: Hookable<AgentHooks> | undefined,\n options: ConnectMcpServersOptions | undefined,\n): Promise<BootstrapResult> {\n const start = Date.now()\n // Validate mutually-exclusive filter fields up-front so the consumer gets a\n // typed `mcp:bootstrap:end` failure rather than a silent later-stage drop.\n if (config.enabledTools && config.disabledTools) {\n const error = new Error(\n `MCP server \"${config.name}\": enabledTools and disabledTools are mutually exclusive — set one or the other, not both.`,\n )\n await hooks?.callHook('mcp:bootstrap:start', { name: config.name, transport: config.transport })\n await hooks?.callHook('mcp:bootstrap:end', {\n name: config.name,\n transport: config.transport,\n durationMs: 0,\n ok: false,\n error,\n })\n return { ok: false, name: config.name, error }\n }\n\n await hooks?.callHook('mcp:bootstrap:start', { name: config.name, transport: config.transport })\n\n // Build an auth provider when the config asks for OAuth and the host\n // wired a factory. Non-interactive — the SDK uses stored tokens / refresh,\n // never opens a browser during bootstrap. Missing tokens surface as\n // `UnauthorizedError` from `connect()`, which we convert to a skip below.\n const explicitAuth = config.auth === 'oauth'\n const authProvider = explicitAuth ? options?.buildAuthProvider?.(config) : undefined\n\n let client: Client | null = null\n try {\n // TolerantMcpClient is a drop-in subclass that survives a 4xx on the\n // `notifications/initialized` post (some real-world servers reject it\n // without that breaking subsequent `tools/list` etc.). See\n // ./tolerant-client.ts for the exact semantics.\n client = _clientFactory\n ? _clientFactory()\n : await createTolerantClient({ name: 'zidane', version: '1.0.0' })\n const currentClient = client\n\n const transport = await createTransport(config, authProvider)\n const bootstrapTimeout = config.bootstrapTimeout ?? DEFAULT_MCP_BOOTSTRAP_TIMEOUT_MS\n const { tools: mcpTools } = await raceWithTimeout(\n async () => {\n await currentClient.connect(transport)\n return await currentClient.listTools()\n },\n bootstrapTimeout,\n `MCP server \"${config.name}\" bootstrap timed out after ${bootstrapTimeout}ms`,\n )\n\n // Per-tool filtering — config-side first (static host policy), then the\n // `mcp:tools:filter` hook (runtime / dynamic decisions). Both compose AND-\n // style: a tool needs to pass every stage to land in the agent registry.\n const filteredTools = await applyMcpToolFilters(config, mcpTools, hooks)\n\n const durationMs = Date.now() - start\n await hooks?.callHook('mcp:bootstrap:end', {\n name: config.name,\n transport: config.transport,\n durationMs,\n ok: true,\n toolCount: filteredTools.length,\n })\n return { ok: true, name: config.name, config, client: currentClient, tools: filteredTools }\n }\n catch (err) {\n const error = err instanceof Error ? err : new Error(String(err))\n await closeClientQuietly(client)\n const durationMs = Date.now() - start\n\n // OAuth path — convert \"needs login\" into a skip instead of an error.\n // Two cases reach here:\n // 1. Explicit `auth: 'oauth'` with no stored tokens (provider built,\n // SDK threw UnauthorizedError when none could be refreshed).\n // 2. No auth flag, but the server returned 401 + RFC 9728 metadata\n // AND the user did not provide a static Authorization header\n // (the headers escape hatch — see McpServerConfig.auth docs).\n // The auto-promote path requires `buildAuthProvider` so the host\n // can complete the login. Without it, this falls through as a\n // regular bootstrap error.\n if (isUnauthorizedError(err)) {\n const eligibleAutoPromote = !explicitAuth\n && !hasAuthorizationHeader(config.headers)\n && !!options?.buildAuthProvider\n if (explicitAuth || eligibleAutoPromote) {\n await hooks?.callHook('mcp:bootstrap:end', {\n name: config.name,\n transport: config.transport,\n durationMs,\n ok: false,\n error,\n })\n await hooks?.callHook('mcp:auth:required', {\n name: config.name,\n transport: config.transport,\n reason: explicitAuth ? 'no-tokens' : 'auto-promoted',\n })\n return { ok: false, skipped: true, name: config.name }\n }\n }\n\n await hooks?.callHook('mcp:bootstrap:end', {\n name: config.name,\n transport: config.transport,\n durationMs,\n ok: false,\n error,\n })\n return { ok: false, name: config.name, error }\n }\n}\n\n/**\n * Apply config-side filters (`enabledTools` / `disabledTools` / `toolFilter`)\n * and then the `mcp:tools:filter` hook to the upstream tool list.\n *\n * Composition order — narrowest-to-widest:\n * 1. Allow-list (`enabledTools`) — keep only listed tools.\n * 2. Deny-list (`disabledTools`) — drop listed tools.\n * 3. Predicate (`toolFilter`) — fine-grained metadata filtering.\n * 4. Hook (`mcp:tools:filter`) — runtime / per-host decisions.\n *\n * The mutual exclusion of `enabledTools` and `disabledTools` is checked in\n * `bootstrapServer` so this stays a pure data transform.\n */\nasync function applyMcpToolFilters(\n config: McpServerConfig,\n tools: Array<{ name: string, description?: string | null, inputSchema?: unknown }>,\n hooks: Hookable<AgentHooks> | undefined,\n): Promise<Array<{ name: string, description?: string | null, inputSchema?: unknown }>> {\n let filtered = tools\n\n if (config.enabledTools && config.enabledTools.length > 0) {\n const allow = new Set(config.enabledTools)\n filtered = filtered.filter(t => allow.has(t.name))\n }\n\n if (config.disabledTools && config.disabledTools.length > 0) {\n const deny = new Set(config.disabledTools)\n filtered = filtered.filter(t => !deny.has(t.name))\n }\n\n if (config.toolFilter) {\n const predicate = config.toolFilter\n filtered = filtered.filter(t => predicate(t))\n }\n\n if (hooks) {\n // Pass a fresh array so handlers cannot retroactively mutate the caller's\n // upstream list; mutations they make to `ctx.tools` are scoped to this turn.\n const ctx = { server: config.name, transport: config.transport, tools: [...filtered] }\n await hooks.callHook('mcp:tools:filter', ctx)\n filtered = ctx.tools\n }\n\n return filtered\n}\n\n/**\n * Build the zidane `ToolDef` that wraps a single MCP tool. Extracted so the\n * parallel bootstrap path can assemble tools from a results array without\n * inlining a 70-line closure inside the collector loop.\n *\n * The returned `execute` closes over the bootstrapped `client` — reconnects /\n * swap-outs must go through a fresh `connectMcpServers` call rather than\n * rewiring the tool in place.\n */\nfunction buildMcpToolDef(\n config: McpServerConfig,\n client: Client,\n tool: { name: string, description?: string | null, inputSchema?: unknown },\n namespacedName: string,\n hooks: Hookable<AgentHooks> | undefined,\n): ToolDef {\n return {\n spec: {\n name: namespacedName,\n description: tool.description || '',\n inputSchema: (tool.inputSchema ?? { type: 'object', properties: {} }) as Record<string, unknown>,\n },\n execute: async (input: Record<string, unknown>, ctx: ToolContext) => {\n const { turnId, callId, signal } = ctx\n const displayName = ctx.toolAliases?.[namespacedName] ?? namespacedName\n\n // Gate — block MCP tool execution or substitute a synthetic result.\n const gateCtx: {\n turnId: string\n callId: string\n server: string\n tool: string\n displayName: string\n input: Record<string, unknown>\n block: boolean\n reason: string\n result?: string | ToolResultContent[]\n } = {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input,\n block: false,\n reason: 'MCP tool execution was blocked',\n }\n await hooks?.callHook('mcp:tool:gate', gateCtx)\n\n // Conflict resolution mirrors the loop's `tool:gate`: when both `block`\n // and `result` are set (e.g. a policy gate refuses on top of a consumer\n // cache substitute), `block` wins.\n if (gateCtx.block)\n return `Blocked: ${gateCtx.reason}`\n\n const effectiveInput = gateCtx.input\n\n // MCP gate `result` substitute — skip the upstream callTool, fire the\n // transform + after hooks so consumers see the substitute consistently\n // with normally-executed calls.\n if (gateCtx.result !== undefined) {\n let substitute: string | ToolResultContent[] = gateCtx.result\n const transformCtx = {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n result: substitute,\n outputBytes: toolOutputByteLength(substitute),\n }\n await hooks?.callHook('mcp:tool:transform', transformCtx)\n substitute = transformCtx.result\n await hooks?.callHook('mcp:tool:after', {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n result: substitute,\n outputBytes: toolOutputByteLength(substitute),\n })\n return substitute\n }\n await hooks?.callHook('mcp:tool:before', {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n })\n const timeout = config.toolTimeout ?? 30_000\n try {\n // Race the call against the configured timeout AND the run-level\n // abort signal. Aborting the run has to propagate into MCP calls\n // — otherwise a hung stdio server keeps the tool call alive\n // until `destroy()` eventually closes the client, which can be\n // minutes if the agent is waiting on `waitForIdle()`.\n const result = await raceWithTimeoutAndSignal(\n () => client.callTool({ name: tool.name, arguments: effectiveInput }),\n timeout,\n `MCP tool \"${tool.name}\" on server \"${config.name}\" timed out after ${timeout}ms`,\n signal,\n )\n let output: string | ToolResultContent[] = packMcpResult(result.content)\n\n // Transform — mutate result before returning. `outputBytes` reflects\n // the size before any consumer mutation so a truncation hook can size-budget.\n const transformCtx = {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n result: output,\n outputBytes: toolOutputByteLength(output),\n }\n await hooks?.callHook('mcp:tool:transform', transformCtx)\n output = transformCtx.result\n\n await hooks?.callHook('mcp:tool:after', {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n result: output,\n outputBytes: toolOutputByteLength(output),\n })\n return output\n }\n catch (err) {\n const error = err instanceof Error ? err : new Error(String(err))\n await hooks?.callHook('mcp:tool:error', {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n error,\n })\n await hooks?.callHook('mcp:tool:after', {\n turnId,\n callId,\n server: config.name,\n tool: tool.name,\n displayName,\n input: effectiveInput,\n result: error.message,\n outputBytes: Buffer.byteLength(error.message),\n })\n throw error\n }\n },\n }\n}\n\nasync function closeClientQuietly(client: Pick<Client, 'close'> | null | undefined): Promise<void> {\n if (!client)\n return\n try {\n await client.close()\n }\n catch {\n // Best-effort cleanup — original bootstrap error is more actionable.\n }\n}\n\nasync function raceWithTimeout<T>(\n task: () => Promise<T>,\n timeoutMs: number,\n timeoutMessage: string,\n): Promise<T> {\n let timer: ReturnType<typeof setTimeout> | undefined\n try {\n return await new Promise<T>((resolvePromise, rejectPromise) => {\n timer = setTimeout(() => rejectPromise(new Error(timeoutMessage)), timeoutMs)\n task().then(resolvePromise, rejectPromise)\n })\n }\n finally {\n if (timer)\n clearTimeout(timer)\n }\n}\n\n/**\n * Race a promise-returning task against (a) a timeout and (b) an optional\n * abort signal. Cleans up its timer and abort listener on every exit path.\n *\n * The task itself isn't cancellable (the MCP SDK doesn't take a signal), so\n * the rejection unblocks the tool call while the underlying RPC completes in\n * the background. When the agent subsequently calls `connection.close()` the\n * stdio transport kills the subprocess, which clears any stuck in-flight work.\n */\nasync function raceWithTimeoutAndSignal<T>(\n task: () => Promise<T>,\n timeoutMs: number,\n timeoutMessage: string,\n signal: AbortSignal | undefined,\n): Promise<T> {\n if (signal?.aborted)\n throw new Error('MCP tool call aborted')\n\n let timer: ReturnType<typeof setTimeout> | undefined\n let onAbort: (() => void) | undefined\n try {\n return await new Promise<T>((resolvePromise, rejectPromise) => {\n timer = setTimeout(() => rejectPromise(new Error(timeoutMessage)), timeoutMs)\n if (signal) {\n onAbort = () => rejectPromise(new Error('MCP tool call aborted'))\n signal.addEventListener('abort', onAbort, { once: true })\n }\n task().then(resolvePromise, rejectPromise)\n })\n }\n finally {\n if (timer)\n clearTimeout(timer)\n if (signal && onAbort)\n signal.removeEventListener('abort', onAbort)\n }\n}\n"],"mappings":";;;;;;;AAmEA,SAAgB,+BAA+B,MAA+D;CAC5G,MAAM,QAAQ,IAAI,IAAgC,OAAO,QAAQ,QAAQ,EAAE,CAAC,CAAC;CAC7E,OAAO;EACL,OAAM,SAAQ,MAAM,IAAI,KAAK;EAC7B,OAAO,MAAM,UAAU;GAAE,MAAM,IAAI,MAAM,MAAM;;EAC/C,SAAS,SAAS;GAAE,MAAM,OAAO,KAAK;;EACvC;;AAgCH,MAAM,sBAAsB;AAE5B,IAAa,mBAAb,MAA6D;CAC3D;CACA;CACA;CACA;CACA;CACA;CAIA;CAEA,YAAY,MAA+B;EACzC,KAAK,OAAO,KAAK;EACjB,KAAK,QAAQ,KAAK;EAClB,KAAK,eAAe,KAAK;EACzB,KAAK,qBAAqB,KAAK;EAC/B,KAAK,aAAa,KAAK,cAAc;EACrC,KAAK,SAAS,KAAK;;CAGrB,IAAI,cAAwC;EAC1C,OAAO,KAAK;;CAGd,IAAI,iBAAsC;EACxC,OAAO;GAKL,eAAe,CAAC,KAAK,gBAAgB,8BAA8B;GACnE,aAAa,KAAK;GAElB,4BAA4B;GAC5B,aAAa,CAAC,sBAAsB,gBAAgB;GACpD,gBAAgB,CAAC,OAAO;GACxB,GAAI,KAAK,SAAS,EAAE,OAAO,KAAK,QAAQ,GAAG,EAAE;GAC9C;;CAGH,SAAkC;EAChC,OAAO,KAAK,MAAM,KAAK,KAAK,KAAK,EAAE;;CAGrC,WAAW,QAA2B;EACpC,KAAK,MAAM,EAAE,QAAQ,CAAC;;CAGxB,oBAA6D;EAC3D,OAAO,KAAK,MAAM,KAAK,KAAK,KAAK,EAAE;;CAGrC,sBAAsB,MAAyC;EAC7D,KAAK,MAAM,EAAE,mBAAmB,MAAM,CAAC;;CAGzC,iBAAkD;EAChD,OAAO,KAAK,MAAM,KAAK,KAAK,KAAK,EAAE;;CAGrC,mBAAmB,OAAkC;EACnD,KAAK,MAAM,EAAE,gBAAgB,OAAO,CAAC;;CAGvC,iBAAiB,UAAwB;EACvC,KAAK,oBAAoB;;CAG3B,eAAuB;EACrB,IAAI,CAAC,KAAK,mBAGR,MAAM,IAAI,MACR,yCAAyC,KAAK,KAAK,+DAEpD;EAEH,OAAO,KAAK;;CAGd,MAAM,wBAAwB,KAAyB;EACrD,MAAM,KAAK,qBAAqB,IAAI;;;;;;;;;;;CAYtC,MAAM,sBAAsB,OAA8E;EACxG,IAAI,UAAU,YAAY;GACxB,KAAK,oBAAoB,KAAA;GACzB;;EAEF,MAAM,UAAU,KAAK,MAAM,KAAK,KAAK,KAAK;EAC1C,IAAI,CAAC,SACH;EACF,IAAI,UAAU,OAAO;GACnB,KAAK,oBAAoB,KAAA;GACzB,KAAK,MAAM,OAAO,KAAK,KAAK;GAC5B;;EAEF,MAAM,OAA2B,EAAE,GAAG,SAAS;EAC/C,IAAI,UAAU,UACZ,OAAO,KAAK;EACd,IAAI,UAAU,UAAU;GACtB,OAAO,KAAK;GAGZ,OAAO,KAAK;GACZ,OAAO,KAAK;;EAEd,IAAI,UAAU,aACZ,OAAO,KAAK;EACd,KAAK,MAAM,KAAK,KAAK,MAAM,KAAK;;CAGlC,MAAc,SAA4C;EACxD,MAAM,WAAW,KAAK,MAAM,KAAK,KAAK,KAAK,IAAI,EAAE;EACjD,KAAK,MAAM,KAAK,KAAK,MAAM;GAAE,GAAG;GAAU,GAAG;GAAS,CAAC;;;;;;;;;;;AAY3D,SAAgB,uBAAuB,SAAsD;CAC3F,IAAI,CAAC,SACH,OAAO;CACT,KAAK,MAAM,OAAO,OAAO,KAAK,QAAQ,EACpC,IAAI,IAAI,aAAa,KAAK,iBACxB,OAAO;CAEX,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACjMT,SAAS,eAAwB;CAC/B,OAAO,OAAQ,WAAiC,QAAQ;;;;;;;;;;;;;;;AAgB1D,SAAgB,yBAAmD;CACjE,OAAO,cAAc,GAAG,gBAAgB,GAAG,KAAA;;;;;;;;;;AAW7C,SAAgB,eAAe,YAA0B,OAAqB;CAC5E,OAAO,eAAe,sBAAsB,OAAO,MAAM;EACvD,MAAM,WAAW,MAAM,UAAU,OAAO,KAAK;EAK7C,KADgB,MAAM,UAAU,OAAO,UAAU,CAAC,aACxC,KAAK,QACb,OAAO;EAET,MAAM,cAAc,SAAS,QAAQ,IAAI,eAAe;EACxD,IAAI,CAAC,eAAe,CAAC,YAAY,SAAS,oBAAoB,EAC5D,OAAO;EAET,IAAI,CAAC,SAAS,MACZ,OAAO;EAET,IAAI;EACJ,IAAI;GACF,MAAM,MAAM,SAAS,MAAM;UAEvB;GAIJ,OAAO;;EAGT,MAAM,SAAS,mBAAmB,IAAI;EAItC,OAAO,uBAAuB,UADd,OAAO,WAAW,IAAI,OAAO,KAAK,OACF;;;;;;;;;;;;;AAcpD,SAAS,mBAAmB,KAAwB;CAClD,MAAM,SAAoB,EAAE;CAC5B,KAAK,MAAM,SAAS,IAAI,MAAM,aAAa,EAAE;EAC3C,IAAI,CAAC,MAAM,MAAM,EACf;EAEF,MAAM,YAAsB,EAAE;EAC9B,IAAI,iBAAiB;EACrB,KAAK,MAAM,QAAQ,MAAM,MAAM,QAAQ,EAAE;GACvC,IAAI,KAAK,WAAW,IAAI,EACtB;GACF,IAAI,KAAK,WAAW,SAAS,EAAE;IAC7B,MAAM,YAAY,KAAK,MAAM,EAAgB,CAAC,MAAM;IACpD,IAAI,aAAa,cAAc,WAC7B,iBAAiB;UAEhB,IAAI,KAAK,WAAW,QAAQ,EAAE;IAGjC,MAAM,QAAQ,KAAK,MAAM,EAAe;IACxC,UAAU,KAAK,MAAM,WAAW,IAAI,GAAG,MAAM,MAAM,EAAE,GAAG,MAAM;;;EAIlE,IAAI,CAAC,kBAAkB,UAAU,WAAW,GAC1C;EAEF,IAAI;GACF,OAAO,KAAK,KAAK,MAAM,UAAU,KAAK,KAAK,CAAC,CAAC;UAEzC;;CAKR,OAAO;;;;;;;;;AAUT,SAAS,uBAAuB,UAAoB,SAA4B;CAC9E,MAAM,UAAU,IAAI,QAAQ,SAAS,QAAQ;CAC7C,QAAQ,IAAI,gBAAgB,mBAAmB;CAC/C,OAAO,IAAI,SAAS,KAAK,UAAU,QAAQ,EAAE;EAC3C,QAAQ,SAAS;EACjB,YAAY,SAAS;EACrB;EACD,CAAC;;;;;;;;;;;;;ACpHJ,eAAsB,qBACpB,MACA,SACiB;CACjB,MAAM,EAAE,WAAW,MAAM,OAAO;CAChC,MAAM,EAAE,aAAa,MAAM,OAAO;CAClC,MAAM,EAAE,wBAAwB,yBAAyB,gCAAgC,MAAM,OAAO;CAEtG,MAAM,0BAA0B,OAAO;EACrC,MAAM,QACJ,WACA,SACe;GAKf,MAAM,SAAS,UAAU,QAAQ,KAAK,MAAe,UAAU;GAI/D,IAAK,UAAsC,cAAc,KAAA,GACvD;GAEF,MAAM,OAAO;GAEb,IAAI;IACF,MAAM,SAAS,MAAM,KAAK,QACxB;KACE,QAAQ;KACR,QAAQ;MACN,iBAAiB;MACjB,cAAc,KAAK;MACnB,YAAY,KAAK;MAClB;KACF,EACD,wBACA,QACD;IAED,IAAI,WAAW,KAAA,GACb,MAAM,IAAI,MAAM,0CAA0C,SAAS;IACrE,IAAI,CAAC,4BAA4B,SAAS,OAAO,gBAAgB,EAC/D,MAAM,IAAI,MAAM,+CAA+C,OAAO,kBAAkB;IAE1F,KAAK,sBAAsB,OAAO;IAClC,KAAK,iBAAiB,OAAO;IAE7B,MAAM,qBAAsB,UAAsC;IAClE,IAAI,oBACF,mBAAmB,KAAK,WAAW,OAAO,gBAAgB;IAE5D,KAAK,gBAAgB,OAAO;IAM5B,IAAI;KACF,MAAM,KAAK,aAAa,EAAE,QAAQ,6BAA6B,CAAC;aAE3D,aAAa;KAClB,MAAM,MAAM,uBAAuB,QAAQ,YAAY,UAAU,OAAO,YAAY;KACpF,QAAQ,KAAK,wEAAwE,MAAM;;IAG7F,IAAI,KAAK,2BAA2B;KAClC,KAAK,0BAA0B,KAAK,0BAA0B;KAC9D,KAAK,4BAA4B,KAAA;;YAG9B,OAAO;IAIZ,KAAU,OAAO;IACjB,MAAM;;;;CAKZ,OAAO,IAAI,kBAAkB,MAAM,QAAQ;;;;ACvF7C,MAAM,mCAAmC;AAEzC,SAAS,eAAe,KAAmD;CACzE,IAAI,IAAI,cAAc,WAAW,IAAI,cAAc,SAAS,IAAI,cAAc,mBAC5E,OAAO,IAAI;CACb,IAAI,IAAI,SAAS,WAAW,IAAI,SAAS,SAAS,IAAI,SAAS,qBAAqB,IAAI,SAAS,QAC/F,OAAO,IAAI,SAAS,SAAS,oBAAoB,IAAI;CACvD,IAAI,IAAI,SACN,OAAO;CACT,IAAI,IAAI,SACN,OAAO;CACT,IAAI,IAAI,QACN,OAAO;CACT,IAAI,IAAI,KACN,OAAO;CACT,MAAM,IAAI,MAAM,2CAA2C,KAAK,UAAU,IAAI,GAAG;;AAGnF,SAAS,aAAa,MAAc,KAAsC;CACxE,MAAM,YAAY,eAAe,IAAI;CACrC,MAAM,MAAM,IAAI,OAAO,IAAI,WAAW,IAAI;CAE1C,MAAM,SAA0B;EAAE;EAAM;EAAW;CACnD,IAAI,IAAI,SACN,OAAO,UAAU,IAAI;CACvB,IAAI,IAAI,MACN,OAAO,OAAO,IAAI;CACpB,IAAI,IAAI,KACN,OAAO,MAAM,IAAI;CACnB,IAAI,IAAI,cAAc,MACpB,OAAO,YAAY;CACrB,IAAI,KACF,OAAO,MAAM;CACf,IAAI,IAAI,SACN,OAAO,UAAU,IAAI;CACvB,IAAI,OAAO,IAAI,qBAAqB,UAClC,OAAO,mBAAmB,IAAI;CAChC,IAAI,OAAO,IAAI,gBAAgB,UAC7B,OAAO,cAAc,IAAI;CAC3B,IAAI,MAAM,QAAQ,IAAI,aAAa,EACjC,OAAO,eAAe,IAAI;CAC5B,IAAI,MAAM,QAAQ,IAAI,cAAc,EAClC,OAAO,gBAAgB,IAAI;CAC7B,IAAI,OAAO,IAAI,eAAe,YAC5B,OAAO,aAAa,IAAI;CAG1B,IAAI,IAAI,SAAS,WAAW,IAAI,eAAe,YAC7C,OAAO,OAAO;CAEhB,OAAO;;;;;;AAOT,SAAS,sBAAsB,KAAuC;CAEpE,OAAO;EADmB;EAAa;EAAQ;EAAW;EAAO;EAAW;EACrD,CAAC,MAAK,QAAO,OAAO,IAAI,SAAS,SAAS;;;;;;;;;;;;;;AAenE,SAAgB,oBAAoB,OAAmC;CACrE,IAAI,SAAS,MACX,OAAO,EAAE;CAEX,IAAI,MAAM,QAAQ,MAAM,EACtB,OAAO,MAAM,KAAK,KAAK,QAAQ;EAC7B,MAAM,MAAM;EAEZ,OAAO,aADM,IAAI,QAAQ,OAAO,OACN,IAAI;GAC9B;CAGJ,IAAI,OAAO,UAAU,UAAU;EAC7B,MAAM,MAAM;EAGZ,IAAI,sBAAsB,IAAI,EAAE;GAC9B,MAAM,MAAM;GAEZ,OAAO,CAAC,aADK,IAAI,QAAQ,SACE,IAAI,CAAC;;EAElC,OAAO,OAAO,QAAQ,IAAsC,CAAC,KAC1D,CAAC,MAAM,SAAS,aAAa,MAAM,OAAO,EAAE,CAAC,CAC/C;;CAGH,MAAM,IAAI,MAAM,wCAAwC,OAAO,QAAQ;;;;;;;;;;;AAYzE,SAAgB,eAAe,SAA4B;CACzD,IAAI,CAAC,WAAW,CAAC,MAAM,QAAQ,QAAQ,EACrC,OAAO;CACT,OAAO,QACJ,KAAK,UAAU;EACd,IAAI,SAAS,OAAO,UAAU,YAAa,MAA6B,SAAS,QAAQ;GACvF,MAAM,OAAQ,MAA6B;GAC3C,IAAI,OAAO,SAAS,UAClB,OAAO;;EAEX,OAAO,KAAK,UAAU,MAAM;GAC5B,CACD,KAAK,KAAK;;;;;;;;;;;;;;;AAgBf,SAAgB,mBAAmB,SAA8C;CAC/E,IAAI,CAAC,MAAM,QAAQ,QAAQ,EACzB,OAAO;CAET,MAAM,MAA2B,EAAE;CACnC,KAAK,MAAM,OAAO,SAAS;EACzB,IAAI,CAAC,OAAO,OAAO,QAAQ,UACzB;EACF,MAAM,QAAQ;EAEd,IAAI,MAAM,SAAS,UAAU,OAAO,MAAM,SAAS,UAAU;GAC3D,IAAI,KAAK;IAAE,MAAM;IAAQ,MAAM,MAAM;IAAM,CAAC;GAC5C;;EAGF,IAAI,MAAM,SAAS,WAAW,OAAO,MAAM,SAAS,UAAU;GAC5D,MAAM,YAAY,OAAO,MAAM,aAAa,WACxC,MAAM,WACL,OAAO,MAAM,cAAc,WAAW,MAAM,YAAY;GAC7D,IAAI,KAAK;IAAE,MAAM;IAAS;IAAW,MAAM,MAAM;IAAM,CAAC;GACxD;;EAGF,IAAI,MAAM,SAAS,cAAc,MAAM,YAAY,OAAO,MAAM,aAAa,UAAU;GACrF,MAAM,MAAM,MAAM;GAClB,IAAI,OAAO,IAAI,SAAS,UAAU;IAChC,IAAI,KAAK;KAAE,MAAM;KAAQ,MAAM,IAAI;KAAM,CAAC;IAC1C;;GAEF,IAAI,OAAO,IAAI,SAAS,YAAY,OAAO,IAAI,aAAa,YAAY,IAAI,SAAS,WAAW,SAAS,EAAE;IACzG,IAAI,KAAK;KAAE,MAAM;KAAS,WAAW,IAAI;KAAU,MAAM,IAAI;KAAM,CAAC;IACpE;;;EAMJ,IAAI,KAAK;GAAE,MAAM;GAAQ,MAAM,KAAK,UAAU,MAAM;GAAE,CAAC;;CAGzD,OAAO;;;;;;;;;;AAWT,SAAS,cAAc,SAAgD;CACrE,MAAM,aAAa,mBAAmB,QAAQ;CAC9C,IAAI,CAAC,cAAc,WAAW,WAAW,GACvC,OAAO;CAIT,MAAM,QAAkB,EAAE;CAC1B,KAAK,MAAM,SAAS,YAAY;EAC9B,IAAI,MAAM,SAAS,QACjB,OAAO;EACT,MAAM,KAAK,MAAM,KAAK;;CAExB,OAAO,MAAM,KAAK,KAAK;;;;;;;;;;;;AAazB,eAAe,gBAAgB,QAAyB,cAAoC;CAC1F,QAAQ,OAAO,WAAf;EACE,KAAK,SAAS;GACZ,MAAM,EAAE,sBAAsB,0BAA0B,MAAM,OAAO;GACrE,MAAM,YAAY,OAAO,OAAO,CAAC,OAAO,YACpC;IAAE,GAAG,uBAAuB;IAAE,GAAG,OAAO;IAAK,GAC7C,OAAO;GACX,OAAO,IAAI,qBAAqB;IAC9B,SAAS,OAAO;IAChB,MAAM,OAAO;IACb,KAAK;IACN,CAAC;;EAEJ,KAAK,OAAO;GACV,MAAM,EAAE,uBAAuB,MAAM,OAAO;GAC5C,OAAO,IAAI,mBAAmB,IAAI,IAAI,OAAO,IAAK,EAAE;IAClD,aAAa,OAAO,UAAU,EAAE,SAAS,OAAO,SAAS,GAAG,KAAA;IAC5D;IACD,CAAC;;EAEJ,KAAK,mBAAmB;GAOtB,MAAM,EAAE,kCAAkC,MAAM,OAAO;GACvD,OAAO,IAAI,8BAA8B,IAAI,IAAI,OAAO,IAAK,EAAE;IAC7D,aAAa,OAAO,UAAU,EAAE,SAAS,OAAO,SAAS,GAAG,KAAA;IAC5D,OAAO,wBAAwB;IAC/B;IACD,CAAC;;EAEJ,SACE,MAAM,IAAI,MAAM,0BAA0B,OAAO,YAAY;;;;;;;;;;;;;AAcnE,SAAS,oBAAoB,KAAuB;CAClD,IAAI,CAAC,OAAO,OAAO,QAAQ,UACzB,OAAO;CACT,MAAM,IAAI;CACV,IAAI,EAAE,SAAS,uBAAuB,EAAE,aAAa,SAAS,qBAC5D,OAAO;CACT,OAAO,OAAO,EAAE,YAAY,YAAY,EAAE,QAAQ,aAAa,CAAC,WAAW,eAAe;;;;;;;;;;;;;AAoC5F,eAAsB,kBACpB,SACA,gBACA,OACA,SACwB;CACxB,MAAM,cAAkD,EAAE;CAC1D,MAAM,QAAiC,EAAE;CACzC,MAAM,SAA2C,EAAE;CACnD,IAAI,SAAS;CAQb,MAAM,mBAAmB,MAAM,QAAQ,IAAI,QAAQ,KAAI,WAAU,gBAAgB,QAAQ,gBAAgB,OAAO,QAAQ,CAAC,CAAC;CAE1H,KAAK,MAAM,UAAU,kBAAkB;EACrC,IAAI,OAAO,SAIT;EAEF,IAAI,CAAC,OAAO,IAAI;GACd,OAAO,KAAK;IAAE,MAAM,OAAO;IAAM,OAAO,OAAO;IAAO,CAAC;GACvD,MAAM,OAAO,SAAS,aAAa;IAAE,MAAM,OAAO;IAAM,OAAO,OAAO;IAAO,CAAC;GAC9E;;EAGF,YAAY,KAAK;GAAE,MAAM,OAAO;GAAM,QAAQ,OAAO;GAAQ,CAAC;EAC9D,MAAM,YAAsB,EAAE;EAC9B,KAAK,MAAM,QAAQ,OAAO,OAAO;GAC/B,MAAM,iBAAiB,OAAO,OAAO,OAAO,KAAK,GAAG,KAAK;GACzD,UAAU,KAAK,eAAe;GAC9B,MAAM,kBAAkB,gBAAgB,OAAO,QAAQ,OAAO,QAAQ,MAAM,gBAAgB,MAAM;;EAEpG,MAAM,OAAO,SAAS,eAAe;GACnC,MAAM,OAAO;GACb,WAAW,OAAO,OAAO;GACzB,OAAO;GACR,CAAC;;CAIJ,IAAI,OAAO,SAAS,KAAK,YAAY,WAAW,GAAG;EACjD,MAAM,WAAW,OAAO,KAAI,MAAK,GAAG,EAAE,KAAK,IAAI,EAAE,MAAM,UAAU,CAAC,KAAK,KAAK;EAC5E,MAAM,IAAI,MAAM,sCAAsC,WAAW;;CAGnE,OAAO;EACL;EACA,OAAO,YAAY;GAIjB,IAAI,QACF;GACF,SAAS;GACT,MAAM,QAAQ,WACZ,YAAY,IAAI,OAAO,EAAE,MAAM,aAAa;IAC1C,MAAM,OAAO,SAAS,aAAa,EAAE,MAAM,CAAC;IAC5C,MAAM,OAAO,OAAO;KACpB,CACH;;EAEJ;;;;;;;;;;;;AA4BH,eAAe,gBACb,QACA,gBACA,OACA,SAC0B;CAC1B,MAAM,QAAQ,KAAK,KAAK;CAGxB,IAAI,OAAO,gBAAgB,OAAO,eAAe;EAC/C,MAAM,wBAAQ,IAAI,MAChB,eAAe,OAAO,KAAK,4FAC5B;EACD,MAAM,OAAO,SAAS,uBAAuB;GAAE,MAAM,OAAO;GAAM,WAAW,OAAO;GAAW,CAAC;EAChG,MAAM,OAAO,SAAS,qBAAqB;GACzC,MAAM,OAAO;GACb,WAAW,OAAO;GAClB,YAAY;GACZ,IAAI;GACJ;GACD,CAAC;EACF,OAAO;GAAE,IAAI;GAAO,MAAM,OAAO;GAAM;GAAO;;CAGhD,MAAM,OAAO,SAAS,uBAAuB;EAAE,MAAM,OAAO;EAAM,WAAW,OAAO;EAAW,CAAC;CAMhG,MAAM,eAAe,OAAO,SAAS;CACrC,MAAM,eAAe,eAAe,SAAS,oBAAoB,OAAO,GAAG,KAAA;CAE3E,IAAI,SAAwB;CAC5B,IAAI;EAKF,SAAS,iBACL,gBAAgB,GAChB,MAAM,qBAAqB;GAAE,MAAM;GAAU,SAAS;GAAS,CAAC;EACpE,MAAM,gBAAgB;EAEtB,MAAM,YAAY,MAAM,gBAAgB,QAAQ,aAAa;EAC7D,MAAM,mBAAmB,OAAO,oBAAoB;EACpD,MAAM,EAAE,OAAO,aAAa,MAAM,gBAChC,YAAY;GACV,MAAM,cAAc,QAAQ,UAAU;GACtC,OAAO,MAAM,cAAc,WAAW;KAExC,kBACA,eAAe,OAAO,KAAK,8BAA8B,iBAAiB,IAC3E;EAKD,MAAM,gBAAgB,MAAM,oBAAoB,QAAQ,UAAU,MAAM;EAExE,MAAM,aAAa,KAAK,KAAK,GAAG;EAChC,MAAM,OAAO,SAAS,qBAAqB;GACzC,MAAM,OAAO;GACb,WAAW,OAAO;GAClB;GACA,IAAI;GACJ,WAAW,cAAc;GAC1B,CAAC;EACF,OAAO;GAAE,IAAI;GAAM,MAAM,OAAO;GAAM;GAAQ,QAAQ;GAAe,OAAO;GAAe;UAEtF,KAAK;EACV,MAAM,QAAQ,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,IAAI,CAAC;EACjE,MAAM,mBAAmB,OAAO;EAChC,MAAM,aAAa,KAAK,KAAK,GAAG;EAYhC,IAAI,oBAAoB,IAAI,EAAE;GAC5B,MAAM,sBAAsB,CAAC,gBACxB,CAAC,uBAAuB,OAAO,QAAQ,IACvC,CAAC,CAAC,SAAS;GAChB,IAAI,gBAAgB,qBAAqB;IACvC,MAAM,OAAO,SAAS,qBAAqB;KACzC,MAAM,OAAO;KACb,WAAW,OAAO;KAClB;KACA,IAAI;KACJ;KACD,CAAC;IACF,MAAM,OAAO,SAAS,qBAAqB;KACzC,MAAM,OAAO;KACb,WAAW,OAAO;KAClB,QAAQ,eAAe,cAAc;KACtC,CAAC;IACF,OAAO;KAAE,IAAI;KAAO,SAAS;KAAM,MAAM,OAAO;KAAM;;;EAI1D,MAAM,OAAO,SAAS,qBAAqB;GACzC,MAAM,OAAO;GACb,WAAW,OAAO;GAClB;GACA,IAAI;GACJ;GACD,CAAC;EACF,OAAO;GAAE,IAAI;GAAO,MAAM,OAAO;GAAM;GAAO;;;;;;;;;;;;;;;;AAiBlD,eAAe,oBACb,QACA,OACA,OACsF;CACtF,IAAI,WAAW;CAEf,IAAI,OAAO,gBAAgB,OAAO,aAAa,SAAS,GAAG;EACzD,MAAM,QAAQ,IAAI,IAAI,OAAO,aAAa;EAC1C,WAAW,SAAS,QAAO,MAAK,MAAM,IAAI,EAAE,KAAK,CAAC;;CAGpD,IAAI,OAAO,iBAAiB,OAAO,cAAc,SAAS,GAAG;EAC3D,MAAM,OAAO,IAAI,IAAI,OAAO,cAAc;EAC1C,WAAW,SAAS,QAAO,MAAK,CAAC,KAAK,IAAI,EAAE,KAAK,CAAC;;CAGpD,IAAI,OAAO,YAAY;EACrB,MAAM,YAAY,OAAO;EACzB,WAAW,SAAS,QAAO,MAAK,UAAU,EAAE,CAAC;;CAG/C,IAAI,OAAO;EAGT,MAAM,MAAM;GAAE,QAAQ,OAAO;GAAM,WAAW,OAAO;GAAW,OAAO,CAAC,GAAG,SAAS;GAAE;EACtF,MAAM,MAAM,SAAS,oBAAoB,IAAI;EAC7C,WAAW,IAAI;;CAGjB,OAAO;;;;;;;;;;;AAYT,SAAS,gBACP,QACA,QACA,MACA,gBACA,OACS;CACT,OAAO;EACL,MAAM;GACJ,MAAM;GACN,aAAa,KAAK,eAAe;GACjC,aAAc,KAAK,eAAe;IAAE,MAAM;IAAU,YAAY,EAAE;IAAE;GACrE;EACD,SAAS,OAAO,OAAgC,QAAqB;GACnE,MAAM,EAAE,QAAQ,QAAQ,WAAW;GACnC,MAAM,cAAc,IAAI,cAAc,mBAAmB;GAGzD,MAAM,UAUF;IACF;IACA;IACA,QAAQ,OAAO;IACf,MAAM,KAAK;IACX;IACA;IACA,OAAO;IACP,QAAQ;IACT;GACD,MAAM,OAAO,SAAS,iBAAiB,QAAQ;GAK/C,IAAI,QAAQ,OACV,OAAO,YAAY,QAAQ;GAE7B,MAAM,iBAAiB,QAAQ;GAK/B,IAAI,QAAQ,WAAW,KAAA,GAAW;IAChC,IAAI,aAA2C,QAAQ;IACvD,MAAM,eAAe;KACnB;KACA;KACA,QAAQ,OAAO;KACf,MAAM,KAAK;KACX;KACA,OAAO;KACP,QAAQ;KACR,aAAa,qBAAqB,WAAW;KAC9C;IACD,MAAM,OAAO,SAAS,sBAAsB,aAAa;IACzD,aAAa,aAAa;IAC1B,MAAM,OAAO,SAAS,kBAAkB;KACtC;KACA;KACA,QAAQ,OAAO;KACf,MAAM,KAAK;KACX;KACA,OAAO;KACP,QAAQ;KACR,aAAa,qBAAqB,WAAW;KAC9C,CAAC;IACF,OAAO;;GAET,MAAM,OAAO,SAAS,mBAAmB;IACvC;IACA;IACA,QAAQ,OAAO;IACf,MAAM,KAAK;IACX;IACA,OAAO;IACR,CAAC;GACF,MAAM,UAAU,OAAO,eAAe;GACtC,IAAI;IAYF,IAAI,SAAuC,eAAc,MANpC,+BACb,OAAO,SAAS;KAAE,MAAM,KAAK;KAAM,WAAW;KAAgB,CAAC,EACrE,SACA,aAAa,KAAK,KAAK,eAAe,OAAO,KAAK,oBAAoB,QAAQ,KAC9E,OACD,EAC+D,QAAQ;IAIxE,MAAM,eAAe;KACnB;KACA;KACA,QAAQ,OAAO;KACf,MAAM,KAAK;KACX;KACA,OAAO;KACP,QAAQ;KACR,aAAa,qBAAqB,OAAO;KAC1C;IACD,MAAM,OAAO,SAAS,sBAAsB,aAAa;IACzD,SAAS,aAAa;IAEtB,MAAM,OAAO,SAAS,kBAAkB;KACtC;KACA;KACA,QAAQ,OAAO;KACf,MAAM,KAAK;KACX;KACA,OAAO;KACP,QAAQ;KACR,aAAa,qBAAqB,OAAO;KAC1C,CAAC;IACF,OAAO;YAEF,KAAK;IACV,MAAM,QAAQ,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,IAAI,CAAC;IACjE,MAAM,OAAO,SAAS,kBAAkB;KACtC;KACA;KACA,QAAQ,OAAO;KACf,MAAM,KAAK;KACX;KACA,OAAO;KACP;KACD,CAAC;IACF,MAAM,OAAO,SAAS,kBAAkB;KACtC;KACA;KACA,QAAQ,OAAO;KACf,MAAM,KAAK;KACX;KACA,OAAO;KACP,QAAQ,MAAM;KACd,aAAa,OAAO,WAAW,MAAM,QAAQ;KAC9C,CAAC;IACF,MAAM;;;EAGX;;AAGH,eAAe,mBAAmB,QAAiE;CACjG,IAAI,CAAC,QACH;CACF,IAAI;EACF,MAAM,OAAO,OAAO;SAEhB;;AAKR,eAAe,gBACb,MACA,WACA,gBACY;CACZ,IAAI;CACJ,IAAI;EACF,OAAO,MAAM,IAAI,SAAY,gBAAgB,kBAAkB;GAC7D,QAAQ,iBAAiB,cAAc,IAAI,MAAM,eAAe,CAAC,EAAE,UAAU;GAC7E,MAAM,CAAC,KAAK,gBAAgB,cAAc;IAC1C;WAEI;EACN,IAAI,OACF,aAAa,MAAM;;;;;;;;;;;;AAazB,eAAe,yBACb,MACA,WACA,gBACA,QACY;CACZ,IAAI,QAAQ,SACV,MAAM,IAAI,MAAM,wBAAwB;CAE1C,IAAI;CACJ,IAAI;CACJ,IAAI;EACF,OAAO,MAAM,IAAI,SAAY,gBAAgB,kBAAkB;GAC7D,QAAQ,iBAAiB,cAAc,IAAI,MAAM,eAAe,CAAC,EAAE,UAAU;GAC7E,IAAI,QAAQ;IACV,gBAAgB,8BAAc,IAAI,MAAM,wBAAwB,CAAC;IACjE,OAAO,iBAAiB,SAAS,SAAS,EAAE,MAAM,MAAM,CAAC;;GAE3D,MAAM,CAAC,KAAK,gBAAgB,cAAc;IAC1C;WAEI;EACN,IAAI,OACF,aAAa,MAAM;EACrB,IAAI,UAAU,SACZ,OAAO,oBAAoB,SAAS,QAAQ"}