From 40e7953ee514fd9cb747ee1299c80e949eb1d242 Mon Sep 17 00:00:00 2001 From: CyberRex <26585194+CyberRex0@users.noreply.github.com> Date: Sat, 23 May 2026 17:03:05 +0900 Subject: [PATCH] First commit --- .env.example | 8 + .gitignore | 5 + .prettierrc | 5 + AGENTS.md | 372 + README.md | 75 + db/schema.sql | 144 + development_plan.md | 342 + development_status.md | 378 + docker-compose.yml | 21 + eslint.config.js | 35 + index.html | 12 + package.json | 57 + pnpm-lock.yaml | 6089 +++++++++++++++++ pnpm-workspace.yaml | 4 + public/push-sw.js | 19 + src/client/App.jsx | 232 + src/client/api/client.js | 20 + src/client/components/ConfirmDialog.jsx | 41 + src/client/components/Field.jsx | 10 + src/client/components/Sidebar.jsx | 49 + src/client/components/Toast.jsx | 104 + src/client/main.jsx | 10 + src/client/routes/AccountView.jsx | 439 ++ src/client/routes/AlertsView.jsx | 214 + src/client/routes/AuthPanel.jsx | 161 + src/client/routes/NotificationMethodsView.jsx | 275 + src/client/routes/SiteSettingsPanel.jsx | 313 + src/client/routes/SitesView.jsx | 190 + src/client/styles/app.css | 1000 +++ src/server/app.js | 46 + src/server/config/env.js | 11 + src/server/db/pool.js | 10 + src/server/index.js | 16 + src/server/jobs/monitorCertificates.js | 20 + src/server/jobs/monitorWorker.js | 61 + src/server/middleware/auth.js | 61 + src/server/middleware/csrf.js | 33 + src/server/modules/account/routes.js | 201 + src/server/modules/alerts/routes.js | 158 + src/server/modules/auth/routes.js | 118 + src/server/modules/monitoring/certificate.js | 136 + src/server/modules/monitoring/monitor.js | 229 + .../modules/monitoring/notifications.js | 93 + .../modules/notificationMethods/routes.js | 184 + src/server/modules/sites/routes.js | 360 + src/server/utils/httpErrors.js | 23 + src/server/utils/logger.js | 23 + src/server/utils/urlPolicy.js | 46 + tests/apiSecurity.test.js | 293 + tests/monitoring.test.js | 225 + tests/urlPolicy.test.js | 21 + vite.config.js | 12 + 52 files changed, 13004 insertions(+) create mode 100644 .env.example create mode 100644 .gitignore create mode 100644 .prettierrc create mode 100644 AGENTS.md create mode 100644 README.md create mode 100644 db/schema.sql create mode 100644 development_plan.md create mode 100644 development_status.md create mode 100644 docker-compose.yml create mode 100644 eslint.config.js create mode 100644 index.html create mode 100644 package.json create mode 100644 pnpm-lock.yaml create mode 100644 pnpm-workspace.yaml create mode 100644 public/push-sw.js create mode 100644 src/client/App.jsx create mode 100644 src/client/api/client.js create mode 100644 src/client/components/ConfirmDialog.jsx create mode 100644 src/client/components/Field.jsx create mode 100644 src/client/components/Sidebar.jsx create mode 100644 src/client/components/Toast.jsx create mode 100644 src/client/main.jsx create mode 100644 src/client/routes/AccountView.jsx create mode 100644 src/client/routes/AlertsView.jsx create mode 100644 src/client/routes/AuthPanel.jsx create mode 100644 src/client/routes/NotificationMethodsView.jsx create mode 100644 src/client/routes/SiteSettingsPanel.jsx create mode 100644 src/client/routes/SitesView.jsx create mode 100644 src/client/styles/app.css create mode 100644 src/server/app.js create mode 100644 src/server/config/env.js create mode 100644 src/server/db/pool.js create mode 100644 src/server/index.js create mode 100644 src/server/jobs/monitorCertificates.js create mode 100644 src/server/jobs/monitorWorker.js create mode 100644 src/server/middleware/auth.js create mode 100644 src/server/middleware/csrf.js create mode 100644 src/server/modules/account/routes.js create mode 100644 src/server/modules/alerts/routes.js create mode 100644 src/server/modules/auth/routes.js create mode 100644 src/server/modules/monitoring/certificate.js create mode 100644 src/server/modules/monitoring/monitor.js create mode 100644 src/server/modules/monitoring/notifications.js create mode 100644 src/server/modules/notificationMethods/routes.js create mode 100644 src/server/modules/sites/routes.js create mode 100644 src/server/utils/httpErrors.js create mode 100644 src/server/utils/logger.js create mode 100644 src/server/utils/urlPolicy.js create mode 100644 tests/apiSecurity.test.js create mode 100644 tests/monitoring.test.js create mode 100644 tests/urlPolicy.test.js create mode 100644 vite.config.js diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..659e221 --- /dev/null +++ b/.env.example @@ -0,0 +1,8 @@ +NODE_ENV=development +PORT=3000 +DATABASE_URL=postgres://certremind:certremind@localhost:5432/certremind +COOKIE_SECRET=replace-with-a-long-random-string +VAPID_PUBLIC_KEY= +VAPID_PRIVATE_KEY= +VAPID_SUBJECT=mailto:admin@example.com +OPENSSL_PATH=openssl diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..439f434 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +node_modules/ +.pnpm-store/ +dist/ +.env +*.log diff --git a/.prettierrc b/.prettierrc new file mode 100644 index 0000000..2fec1f2 --- /dev/null +++ b/.prettierrc @@ -0,0 +1,5 @@ +{ + "singleQuote": true, + "trailingComma": "all", + "printWidth": 100 +} diff --git a/AGENTS.md b/AGENTS.md new file mode 100644 index 0000000..de28e69 --- /dev/null +++ b/AGENTS.md @@ -0,0 +1,372 @@ +# CertRemind 開発ガイド + +## 概要 + +- アプリケーション名: CertRemind +- 目的: ユーザーが登録した Web サイトの TLS/SSL 証明書の有効期限を監視し、期限切れ前にアプリ内アラート、Webhook、Push 通知で知らせる。 +- 現在の実装状況: `development_plan.md` のフェーズ 8 までの機能を実装済み。MVP の主要機能に加え、基本的な品質向上、テスト、運用準備も整備済み。 + +## 技術スタック + +- Node.js v22 +- pnpm +- Hono.js +- React.js / Vite +- Radix UI +- lucide-react +- PostgreSQL +- Docker Compose +- OpenSSL +- Argon2id +- TOTP: `otplib` +- Push 通知: `web-push` +- QR コード: `qrcode.react` +- テスト: Vitest +- Lint / Format: ESLint / Prettier + +## 主要コマンド + +```text +pnpm install +docker compose up -d postgres +pnpm dev +pnpm monitor:once +pnpm monitor:worker +pnpm lint +pnpm test +pnpm exec vite build +pnpm format +``` + +開発サーバー: + +```text +Frontend: http://127.0.0.1:5173/ +API: http://127.0.0.1:3000 +``` + +## ディレクトリ構成 + +```text +db/schema.sql +README.md +public/push-sw.js +src/client +src/client/api/client.js +src/client/components +src/client/components/Toast.jsx +src/client/routes +src/client/styles/app.css +src/server +src/server/app.js +src/server/index.js +src/server/config/env.js +src/server/db/pool.js +src/server/middleware +src/server/modules +src/server/jobs/monitorCertificates.js +src/server/jobs/monitorWorker.js +src/server/utils/logger.js +tests/apiSecurity.test.js +tests/monitoring.test.js +tests/urlPolicy.test.js +``` + +## 環境変数 + +`.env.example` を参照すること。 + +主な項目: + +- `NODE_ENV` +- `PORT` +- `DATABASE_URL` +- `COOKIE_SECRET` +- `VAPID_PUBLIC_KEY` +- `VAPID_PRIVATE_KEY` +- `VAPID_SUBJECT` +- `OPENSSL_PATH` + +補足: + +- `OPENSSL_PATH` 未設定時は `openssl` を使う。 +- Windows では Git 付属の `openssl.exe` を自動検出する実装がある。 +- VAPID private key が未設定の場合、Push 実送信は失敗として `delivery_result` に記録される。 + +## データベース + +DDL は `db/schema.sql` に保管している。 + +実装済みテーブル: + +- `users` +- `user_totp` +- `sessions` +- `sites` +- `notification_methods` +- `site_alert_conditions` +- `alert_history` + +設計メモ: + +- 主キーは UUID。 +- 全テーブルに `created_at` / `updated_at` を持つ。 +- `updated_at` はトリガーで更新する。 +- `sites` は最新の証明書期限、確認日時、取得失敗内容を保持する。 +- ユーザー関連データは `users` 削除を起点に CASCADE で削除する。 +- サイト削除時、通知条件は CASCADE で削除する。 +- アラート履歴の `site_id` はサイト削除時に `NULL` へ変更する。 +- アラート重複抑制は `alert_history.dedupe_key` を使う。 + +注意: + +- `docker-compose.yml` は初回 DB 起動時に `db/schema.sql` を読み込む。既存 volume がある場合、schema の変更は自動再適用されない。 + +## 実装済み API + +```text +GET /api/health + +GET /api/auth/csrf +POST /api/auth/register +POST /api/auth/login +POST /api/auth/logout +GET /api/auth/me + +GET /api/sites +POST /api/sites +GET /api/sites/:siteId +PATCH /api/sites/:siteId +DELETE /api/sites/:siteId + +GET /api/sites/:siteId/settings +PUT /api/sites/:siteId/settings +DELETE /api/sites/:siteId/settings + +GET /api/alerts +PATCH /api/alerts/:alertId/read +DELETE /api/alerts/:alertId + +GET /api/notification-methods +POST /api/notification-methods/webhooks +PATCH /api/notification-methods/webhooks/:methodId +DELETE /api/notification-methods/webhooks/:methodId +POST /api/notification-methods/push-subscriptions + +GET /api/account +PATCH /api/account/profile +PATCH /api/account/password +POST /api/account/totp/setup +POST /api/account/totp/verify +DELETE /api/account/totp +DELETE /api/account +``` + +## 実装済み画面 + +認証前: + +- 登録画面 +- ログイン画面 +- 2 段階認証コード入力 + +認証後: + +- URL ルーティング + - `/sites` + - `/sites/:siteId/settings` + - `/alerts` + - `/notifications` + - `/account` + - `/login` + - `/register` + - 直リンク、初期読込み、ブラウザバック / フォワードに対応 + - 未認証で保護画面 URL を開いた場合はログイン画面を表示し、ログイン後に元の画面へ復帰する +- 左サイドメニュー + - PC 幅では展開表示 + - 720px 以下ではアイコンのみの畳み表示 + - サイト一覧、アラート履歴、通知方法、アカウント、ログアウトに対応 +- 共通トースト通知 + - 認証後画面の正常メッセージ、エラーメッセージを右上に表示 + - 5 秒後の自動非表示と手動クローズに対応 + - ログイン / 登録画面のエラーはインライン表示を維持 +- サイト一覧 + - サイト追加 + - 最新監視結果に基づく証明書期限表示 + - 確認ダイアログ付きサイト削除 +- サイト設定 + - エイリアス編集 + - 通知タイミング設定 + - 時間 / 日 / 週間の単位指定 + - 複数タイミングの追加 + - 確認ダイアログ付き通知タイミング削除 + - アプリ内アラート必須表示 + - Webhook 選択 + - Push 通知フラグ設定 + - 確認ダイアログ付き設定削除 +- アラート一覧 + - サイト絞り込み + - アラート種類絞り込み + - 開始日時 / 終了日時絞り込み + - 既読更新 + - 確認ダイアログ付き履歴削除 +- 通知方法管理 + - Webhook 登録 + - Webhook 編集 + - 確認ダイアログ付き Webhook 削除 + - ブラウザ Push 通知の許可状態表示 + - VAPID public key がある場合の Push 購読登録 +- アカウント設定 + - 表示名更新 + - ダイアログでのパスワード更新 + - パスワード更新後の全セッション無効化 + - ステップ式ポップアップでの 2 段階認証セットアップ + - 2 段階認証 QR コード表示 + - シークレット文字列表示 + - 確認ダイアログ付き 2 段階認証解除 + - 確認ダイアログ付きアカウント削除 + +## 入力検証 + +サーバー側: + +- Zod でリクエストを検証する。 +- クライアントから送られる `user_id` は信用しない。 +- 認証済み API はセッションのユーザー ID を使う。 +- SQL はプレースホルダを使う。 + +クライアント側: + +- 登録 / ログイン、サイト、Webhook、アラート絞り込み、アカウント設定で入力必須チェックと形式チェックを実装済み。 +- クライアント側検証は UX 用であり、サーバー側検証を省略してはいけない。 + +## 認証・セッション + +- パスワードは Argon2id でハッシュ化する。 +- セッションは `sessions` テーブルで管理する。 +- セッション Cookie は HttpOnly / SameSite=Lax。 +- 本番環境では Secure Cookie を有効化する。 +- CSRF トークンを状態変更 API で必須にする。 +- パスワード更新時は対象ユーザーの全セッションを削除し、現在の Cookie も削除する。 +- TOTP が有効なユーザーはログイン時に OTP 検証が必須。 + +## サイト管理 + +- サイト URL は HTTPS のみ許可する。 +- URL は `normalizeHttpsUrl` で正規化する。 +- `localhost`、private IPv4、loopback IPv4 は拒否する。 +- サイト API は常にセッションユーザーの所有データのみ扱う。 +- サイト設定の通知タイミングは内部的に時間単位で保存する。 +- 通知タイミングは 1 時間以上、17520 時間以内。 +- 同じサイトに同じ通知タイミングを重複登録できない。 + +## アラート履歴 + +- アラート履歴は `alert_history` に保存する。 +- アラート一覧はログインユーザーの履歴のみ返す。 +- 既読更新、削除もログインユーザーの履歴のみ対象にする。 +- 絞り込み条件: + - サイト + - アラート種類 + - 開始日時 + - 終了日時 +- アラート重複抑制には `dedupe_key` を使う。 + +## 通知方法 + +Webhook: + +- HTTPS のみ許可する。 +- `normalizeHttpsUrl` を通し、localhost / private IPv4 / loopback IPv4 を拒否する。 +- Slack 互換 Webhook として送信する。 +- 更新・削除はログインユーザーの通知方法のみ対象。 + +Push: + +- ブラウザ Push 購読情報を `notification_methods` に保存する。 +- endpoint は HTTPS のみ許可する。 +- Service Worker は `public/push-sw.js`。 +- VAPID key は環境変数で管理する。 + +## 証明書監視ジョブ + +一回実行: + +```text +pnpm monitor:once +``` + +定期実行 worker: + +```text +pnpm monitor:worker +``` + +処理内容: + +- 登録サイトを取得する。 +- OpenSSL で証明書期限を取得する。 +- 成功時は `sites.certificate_expires_at` / `certificate_checked_at` を更新し、取得失敗内容をクリアする。 +- 失敗時は `sites.certificate_checked_at` / `certificate_check_error` を更新し、既存の期限値は残す。 +- サイトごとの通知条件を評価する。 +- 条件一致時にアラート履歴を作成する。 +- Webhook / Push 通知を送信する。 +- 証明書取得失敗も `certificate_check_failed` としてアラート化する。 +- サイト単位の失敗で全体を止めない。 +- 外部通信を伴う監視処理は並列数を制限する。 +- Webhook / Push の送信失敗は `delivery_result` に記録する。 +- 監視ジョブの開始、終了、失敗は構造化ログで出力する。 +- `pnpm monitor:worker` は 1 時間ごとに監視ジョブを実行する長時間起動プロセス。 + +注意: + +- サンドボックス内では外部 TLS 接続が `Permission denied` になる場合がある。その場合は権限付き実行が必要。 +- 定期実行は `pnpm monitor:worker` で提供済み。運用要件に応じて cron やタスクスケジューラから `pnpm monitor:once` を実行する構成も選択できる。 + +## セキュリティ方針 + +- リクエスト改ざんに注意する。 +- クライアントから送信されてきたデータを信頼しない。 +- CSRF トークンを使用する。 +- パスワードを平文保存しない。 +- SQL インジェクションを避けるためプレースホルダを使う。 +- 認可はセッションユーザーを基準に判定する。 +- URL ルーティングは表示状態の復元用であり、認可は必ず API 側のセッションユーザー基準で判定する。 +- 未認証時の復帰先 URL はアプリ内の許可済みパスのみ扱い、外部 URL へのリダイレクトに使わない。 +- 1 リクエストがサーバー全体の処理をブロックしないようにする。 +- 外部通信はタイムアウトや並列数制限を設定する。 +- 削除操作には確認ダイアログを置く。 +- API の未捕捉エラーは構造化ログで記録する。 + +## テスト・運用準備 + +- `tests/urlPolicy.test.js` で URL 正規化と基本的な SSRF 対策を検証する。 +- `tests/apiSecurity.test.js` で CSRF、認証必須、セッションユーザー基準の認可、Webhook URL 検証、通知条件の所有者確認を検証する。 +- `tests/monitoring.test.js` で証明書監視成功 / 失敗時の DB 更新、アラート作成、通知呼び出しを検証する。 +- `README.md` に開発環境起動手順、検証コマンド、DB 注意点、環境変数一覧を記載済み。 +- サンドボックス環境では Vite / Vitest の設定解決で権限付き実行が必要になる場合がある。 + +## 既知の強化候補 + +- API 単体テスト / 統合テストをさらに増やす。 +- ログイン試行回数制限を追加する。 +- SSRF 対策として DNS 解決後の IP チェックを追加する。 +- IPv6 private / link-local / unique local address の検証を追加する。 +- セッションローテーションを追加する。 +- E2E テストを追加する。 + +## 開発時の注意 + +- `development_status.md` は作業後に更新する。 +- DB 変更を行う場合は `db/schema.sql` も更新する。 +- API を追加したら、認証、CSRF、認可、入力検証を確認する。 +- UI の削除操作には確認ダイアログを追加する。 +- 既存の左サイドメニューとレスポンシブ挙動を崩さない。 +- フロントエンドの入力チェックを追加しても、サーバー側検証を必ず維持する。 +- 変更後は少なくとも以下を実行する。 + +```text +pnpm lint +pnpm test +pnpm exec vite build +``` diff --git a/README.md b/README.md new file mode 100644 index 0000000..11e34f2 --- /dev/null +++ b/README.md @@ -0,0 +1,75 @@ +# CertRemind + +CertRemind monitors the TLS/SSL certificate expiry dates of registered HTTPS sites and sends reminders through in-app alerts, webhooks, and browser push notifications. + +## Requirements + +- Node.js v22 +- pnpm +- Docker Compose +- PostgreSQL +- OpenSSL + +## Development Setup + +```text +pnpm install +docker compose up -d postgres +pnpm dev +``` + +Development URLs: + +```text +Frontend: http://127.0.0.1:5173/ +API: http://127.0.0.1:3000 +``` + +Run the one-shot certificate monitor: + +```text +pnpm monitor:once +``` + +Run the certificate monitor worker every hour: + +```text +pnpm monitor:worker +``` + +Run quality checks: + +```text +pnpm lint +pnpm test +pnpm exec vite build +``` + +## Database + +The initial schema is in `db/schema.sql`. Docker Compose loads it when the PostgreSQL volume is first created. + +If an existing database volume is already present, schema changes are not reapplied automatically. Apply the relevant `ALTER TABLE` statements from `db/schema.sql`, or recreate the development volume when data loss is acceptable. + +## Environment Variables + +Copy `.env.example` to `.env` for local development. + +| Name | Required | Default | Purpose | +| --- | --- | --- | --- | +| `NODE_ENV` | No | `development` | Runtime mode. `production` enables secure cookies. | +| `PORT` | No | `3000` | API server port. | +| `DATABASE_URL` | No | `postgres://certremind:certremind@localhost:5432/certremind` | PostgreSQL connection string. | +| `COOKIE_SECRET` | Reserved | none | Reserved for future signed-cookie support. | +| `VAPID_PUBLIC_KEY` | For Push | empty | Browser Push public key. | +| `VAPID_PRIVATE_KEY` | For Push | empty | Browser Push private key. Push delivery fails gracefully if missing. | +| `VAPID_SUBJECT` | For Push | `mailto:admin@example.com` | VAPID contact subject. | +| `OPENSSL_PATH` | No | `openssl` | OpenSSL executable path. On Windows, the app can also detect Git's bundled `openssl.exe`. | + +## Operational Notes + +- Run `pnpm monitor:worker` as a long-lived Node process for hourly certificate checks. +- `pnpm monitor:once` remains available for manual checks or external schedulers. +- The monitor limits concurrent external certificate checks and records per-site failures without stopping the whole run. +- Webhook URLs and monitored site URLs must be HTTPS and reject localhost/private IPv4 targets. +- Existing browser Push subscriptions require valid VAPID keys to deliver successfully. diff --git a/db/schema.sql b/db/schema.sql new file mode 100644 index 0000000..840c5be --- /dev/null +++ b/db/schema.sql @@ -0,0 +1,144 @@ +CREATE EXTENSION IF NOT EXISTS pgcrypto; + +CREATE OR REPLACE FUNCTION set_updated_at() +RETURNS TRIGGER AS $$ +BEGIN + NEW.updated_at = now(); + RETURN NEW; +END; +$$ LANGUAGE plpgsql; + +CREATE TABLE IF NOT EXISTS users ( + user_id uuid PRIMARY KEY DEFAULT gen_random_uuid(), + username text NOT NULL UNIQUE, + password_hash text NOT NULL, + display_name text NOT NULL, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now() +); + +DROP TRIGGER IF EXISTS users_set_updated_at ON users; +CREATE TRIGGER users_set_updated_at +BEFORE UPDATE ON users +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); + +CREATE TABLE IF NOT EXISTS user_totp ( + user_id uuid PRIMARY KEY REFERENCES users(user_id) ON DELETE CASCADE, + otp_secret text NOT NULL, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now() +); + +DROP TRIGGER IF EXISTS user_totp_set_updated_at ON user_totp; +CREATE TRIGGER user_totp_set_updated_at +BEFORE UPDATE ON user_totp +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); + +CREATE TABLE IF NOT EXISTS sessions ( + session_id uuid PRIMARY KEY DEFAULT gen_random_uuid(), + user_id uuid NOT NULL REFERENCES users(user_id) ON DELETE CASCADE, + expires_at timestamptz NOT NULL, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now() +); + +CREATE INDEX IF NOT EXISTS sessions_user_id_idx ON sessions(user_id); +CREATE INDEX IF NOT EXISTS sessions_expires_at_idx ON sessions(expires_at); + +DROP TRIGGER IF EXISTS sessions_set_updated_at ON sessions; +CREATE TRIGGER sessions_set_updated_at +BEFORE UPDATE ON sessions +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); + +CREATE TABLE IF NOT EXISTS sites ( + site_id uuid PRIMARY KEY DEFAULT gen_random_uuid(), + user_id uuid NOT NULL REFERENCES users(user_id) ON DELETE CASCADE, + url text NOT NULL, + alias text NOT NULL, + certificate_issuer text, + certificate_issued_at timestamptz, + certificate_expires_at timestamptz, + certificate_checked_at timestamptz, + certificate_check_error text, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now(), + UNIQUE (user_id, url) +); + +ALTER TABLE sites + ADD COLUMN IF NOT EXISTS certificate_issuer text, + ADD COLUMN IF NOT EXISTS certificate_issued_at timestamptz, + ADD COLUMN IF NOT EXISTS certificate_expires_at timestamptz, + ADD COLUMN IF NOT EXISTS certificate_checked_at timestamptz, + ADD COLUMN IF NOT EXISTS certificate_check_error text; + +CREATE INDEX IF NOT EXISTS sites_user_id_idx ON sites(user_id); + +DROP TRIGGER IF EXISTS sites_set_updated_at ON sites; +CREATE TRIGGER sites_set_updated_at +BEFORE UPDATE ON sites +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); + +CREATE TABLE IF NOT EXISTS notification_methods ( + notification_method_id uuid PRIMARY KEY DEFAULT gen_random_uuid(), + user_id uuid NOT NULL REFERENCES users(user_id) ON DELETE CASCADE, + notification_type text NOT NULL CHECK (notification_type IN ('webhook', 'push')), + alias text NOT NULL, + url text, + push_endpoint text, + push_p256dh text, + push_auth text, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now() +); + +CREATE INDEX IF NOT EXISTS notification_methods_user_id_idx ON notification_methods(user_id); + +DROP TRIGGER IF EXISTS notification_methods_set_updated_at ON notification_methods; +CREATE TRIGGER notification_methods_set_updated_at +BEFORE UPDATE ON notification_methods +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); + +CREATE TABLE IF NOT EXISTS site_alert_conditions ( + site_alert_condition_id uuid PRIMARY KEY DEFAULT gen_random_uuid(), + site_id uuid NOT NULL REFERENCES sites(site_id) ON DELETE CASCADE, + condition_type text NOT NULL CHECK (condition_type IN ('expires_within_hours')), + threshold_hours integer NOT NULL CHECK (threshold_hours > 0 AND threshold_hours <= 17520), + webhook_method_ids uuid[] NOT NULL DEFAULT '{}', + push_enabled boolean NOT NULL DEFAULT false, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now(), + UNIQUE (site_id, condition_type, threshold_hours) +); + +CREATE INDEX IF NOT EXISTS site_alert_conditions_site_id_idx ON site_alert_conditions(site_id); + +DROP TRIGGER IF EXISTS site_alert_conditions_set_updated_at ON site_alert_conditions; +CREATE TRIGGER site_alert_conditions_set_updated_at +BEFORE UPDATE ON site_alert_conditions +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); + +CREATE TABLE IF NOT EXISTS alert_history ( + alert_id uuid PRIMARY KEY DEFAULT gen_random_uuid(), + user_id uuid NOT NULL REFERENCES users(user_id) ON DELETE CASCADE, + site_id uuid REFERENCES sites(site_id) ON DELETE SET NULL, + alert_type text NOT NULL, + content text NOT NULL, + occurred_at timestamptz NOT NULL DEFAULT now(), + read_at timestamptz, + delivery_channels text[] NOT NULL DEFAULT ARRAY['app'], + delivery_result jsonb NOT NULL DEFAULT '{}'::jsonb, + dedupe_key text, + created_at timestamptz NOT NULL DEFAULT now(), + updated_at timestamptz NOT NULL DEFAULT now(), + UNIQUE (user_id, dedupe_key) +); + +CREATE INDEX IF NOT EXISTS alert_history_user_id_idx ON alert_history(user_id); +CREATE INDEX IF NOT EXISTS alert_history_site_id_idx ON alert_history(site_id); +CREATE INDEX IF NOT EXISTS alert_history_occurred_at_idx ON alert_history(occurred_at); + +DROP TRIGGER IF EXISTS alert_history_set_updated_at ON alert_history; +CREATE TRIGGER alert_history_set_updated_at +BEFORE UPDATE ON alert_history +FOR EACH ROW EXECUTE FUNCTION set_updated_at(); diff --git a/development_plan.md b/development_plan.md new file mode 100644 index 0000000..7c44edb --- /dev/null +++ b/development_plan.md @@ -0,0 +1,342 @@ +# CertRemind 開発計画 + +## 目的 + +CertRemind は、ユーザーが登録した Web サイトの TLS/SSL 証明書の有効期限を監視し、期限切れ前に Web アプリ内アラート、Webhook、プッシュ通知で知らせるサービスである。 + +この計画では、初期実装から運用可能な MVP までを段階的に進める。 + +## 前提 + +- Node.js v22 を使用する。 +- パッケージ管理は pnpm を使用する。 +- バックエンドは Hono.js を使用する。 +- フロントエンドは React.js と Radix UI を使用する。 +- データベースは PostgreSQL を使用する。 +- 証明書情報の取得には OpenSSL を使用する。 +- セキュリティ上、クライアントから送信された値は信頼しない。 +- CSRF 対策、セッション管理、パスワードハッシュ、入力検証を初期段階から組み込む。 + +## 全体方針 + +1. まず認証、DB、基本画面、API の土台を作る。 +2. 次にサイト登録、通知条件、アラート履歴までの主要業務フローを作る。 +3. その後、バックグラウンド監視、Webhook、プッシュ通知を追加する。 +4. 最後に 2 段階認証、アカウント削除、監視停止保証、テスト、運用設定を固める。 + +## 推奨ディレクトリ構成 + +```text +. +├── AGENTS.md +├── development_plan.md +├── package.json +├── pnpm-lock.yaml +├── docker-compose.yml +├── .env.example +├── db +│ ├── migrations +│ └── schema.sql +├── src +│ ├── server +│ │ ├── app.js +│ │ ├── index.js +│ │ ├── config +│ │ ├── db +│ │ ├── middleware +│ │ ├── modules +│ │ │ ├── auth +│ │ │ ├── users +│ │ │ ├── sites +│ │ │ ├── alerts +│ │ │ ├── notificationMethods +│ │ │ └── monitoring +│ │ └── jobs +│ └── client +│ ├── main.jsx +│ ├── App.jsx +│ ├── routes +│ ├── components +│ ├── api +│ └── styles +└── tests +``` + +## データベース設計方針 + +AGENTS.md の論理定義を基準に、実装時には次の補足を加える。 + +- 全テーブルに `created_at` と `updated_at` を持たせる。 +- 主キーは UUID を基本とする。 +- ユーザー ID に紐づくデータは外部キーで整合性を保つ。 +- アカウント削除時にユーザー関連データを確実に削除できるよう、外部キーの削除動作を設計する。 +- サイトにはエイリアス名が必要なため `alias` を追加する。 +- 通知方法は複数 Webhook に対応するため、主キーは `notification_method_id` とし、`user_id` は外部キーにする。 +- プッシュ通知はブラウザ購読情報を保持するため、endpoint と key 情報を保存できるテーブルを用意する。 +- アラート履歴には既読状態、対象サイト、発生日時、通知種別、送信結果を保存する。 +- 同じ条件でアラートを連続送信しすぎないよう、通知済み状態または抑制用の履歴を持つ。 + +## 実装フェーズ + +### フェーズ 0: プロジェクト基盤 + +目的: 開発を進められる最小構成を整える。 + +作業: + +- pnpm ベースの依存関係を追加する。 +- Hono サーバーを起動できるようにする。 +- React/Vite のフロントエンドを構成する。 +- PostgreSQL 用の `docker-compose.yml` を作成する。 +- `.env.example` を作成する。 +- DB 接続モジュールを作る。 +- マイグレーション管理方法を決める。 +- ESLint、Formatter、テストランナーを導入する。 + +成果物: + +- 開発サーバーが起動できる。 +- PostgreSQL が Docker で起動できる。 +- ヘルスチェック API が動く。 + +### フェーズ 1: 認証とセッション + +目的: ユーザー登録、ログイン、ログアウト、セッション管理を実装する。 + +作業: + +- ユーザーテーブルの DDL を作成する。 +- パスワードを Argon2id などの強力な方式でハッシュ化する。 +- 登録 API を作る。 +- ログイン API を作る。 +- ログアウト API を作る。 +- 現在のユーザー取得 API を作る。 +- CSRF トークンを導入する。 +- 認証必須ミドルウェアを作る。 +- 登録画面、ログイン画面を作る。 + +注意: + +- ユーザー名はユニーク制約を必須にする。 +- 認証エラーでは、ユーザー名の存在有無が推測されにくいレスポンスにする。 +- セッション Cookie は `HttpOnly`、`SameSite`、本番では `Secure` を有効にする。 + +### フェーズ 2: サイト管理 + +目的: 監視対象サイトを登録、表示、編集、削除できるようにする。 + +作業: + +- サイトテーブルの DDL を作成する。 +- サイト登録 API を作る。 +- サイト一覧 API を作る。 +- サイトエイリアス更新 API を作る。 +- サイト削除 API を作る。 +- URL の正規化と検証を実装する。 +- サイト一覧画面を作る。 + +注意: + +- リクエスト上の `user_id` は信用せず、必ずセッションから取得する。 +- URL は `https://` を基本とし、ホスト名を検証する。 +- 削除時は関連する通知条件と監視状態も削除する。 + +### フェーズ 3: サイト設定と通知条件 + +目的: サイトごとに通知タイミングと通知方法を設定できるようにする。 + +作業: + +- サイトアラート条件テーブルの DDL を作成する。 +- 通知条件の取得、作成、更新、削除 API を作る。 +- 通知タイミングを内部的には時間単位で保存する。 +- UI では時間、日、週間で指定できる入力を作る。 +- Web アプリ内アラートは必須通知先として扱う。 +- サイト設定画面を作る。 + +注意: + +- 0 以下の通知時間、過大な値、不正な単位を拒否する。 +- 同じサイトに同一条件が重複しないように制約またはアプリ側検証を入れる。 + +### フェーズ 4: アラート履歴 + +目的: システムが送信したアラートを Web アプリ内で確認できるようにする。 + +作業: + +- アラート履歴テーブルの DDL を作成する。 +- アラート一覧 API を作る。 +- 既読更新 API を作る。 +- サイト、日時、アラート種類で絞り込める API を作る。 +- アラート一覧画面を作る。 + +注意: + +- 履歴はユーザー単位で必ず分離する。 +- 絞り込み条件は SQL インジェクションを避けるため、プレースホルダを使用する。 + +### フェーズ 5: 通知方法管理 + +目的: Webhook とプッシュ通知の設定を管理できるようにする。 + +作業: + +- 通知方法テーブルの DDL を作成する。 +- Webhook 登録、一覧、更新、削除 API を作る。 +- Webhook URL とエイリアス名の検証を実装する。 +- プッシュ通知の購読情報登録 API を作る。 +- VAPID key を設定ファイルから読み込む。 +- 通知方法管理画面を作る。 + +注意: + +- Webhook URL は HTTPS を推奨し、ローカルアドレスやメタデータ IP への SSRF を防ぐ。 +- Slack 互換 Webhook の送信形式を固定する。 +- プッシュ通知はブラウザ許可状態を UI に反映する。 + +### フェーズ 6: 証明書監視ジョブ + +目的: 登録サイトの証明書期限を取得し、条件に合う場合にアラートを送信する。 + +作業: + +- OpenSSL を呼び出して証明書の期限を取得する処理を作る。 +- 監視対象サイトをユーザー単位で取得する。 +- サイトごとの通知条件を評価する。 +- 条件に一致したらアラート履歴を作成する。 +- Webhook 通知を送信する。 +- プッシュ通知を送信する。 +- 二重送信を防ぐ仕組みを作る。 +- ジョブ実行ログを残す。 + +注意: + +- OpenSSL 呼び出しはタイムアウトを設定する。 +- 1 件の監視失敗が全体を止めないようにする。 +- 外部通信と証明書取得は並列数を制限する。 +- 証明書取得失敗もアラート種類として扱う。 + +### フェーズ 7: アカウント設定と 2 段階認証 + +目的: ユーザー情報、パスワード、2 段階認証、アカウント削除を実装する。 + +作業: + +- 表示名更新 API を作る。 +- パスワード更新 API を作る。 +- パスワード更新時に全セッションを無効化する。 +- OTP シークレット登録、検証、解除 API を作る。 +- ログインフローに 2 段階認証を組み込む。 +- アカウント削除 API を作る。 +- アカウント設定画面を作る。 + +注意: + +- 2 段階認証解除には再認証を求める。 +- アカウント削除時は監視対象、通知先、アラート履歴、セッションをすべて削除する。 +- 削除後に監視ジョブが対象ユーザーを処理しないことを確認する。 + +### フェーズ 8: 品質向上と運用準備 + +目的: セキュリティ、安定性、テスト、運用手順を整える。 + +作業: + +- API の単体テストを追加する。 +- 認証、サイト管理、通知条件、アラート履歴の統合テストを追加する。 +- 証明書監視処理のテストを追加する。 +- CSRF、認可漏れ、SSRF、入力検証の観点でレビューする。 +- エラーハンドリングとログ出力を整理する。 +- README に開発環境起動手順を追加する。 +- 本番向け環境変数の一覧を整理する。 + +## API 設計メモ + +初期案として、以下のようにリソース単位で分ける。 + +```text +POST /api/auth/register +POST /api/auth/login +POST /api/auth/logout +GET /api/auth/me +GET /api/auth/csrf + +GET /api/sites +POST /api/sites +GET /api/sites/:siteId +PATCH /api/sites/:siteId +DELETE /api/sites/:siteId + +GET /api/sites/:siteId/settings +PUT /api/sites/:siteId/settings +DELETE /api/sites/:siteId/settings + +GET /api/alerts +PATCH /api/alerts/:alertId/read + +GET /api/notification-methods +POST /api/notification-methods/webhooks +PATCH /api/notification-methods/webhooks/:methodId +DELETE /api/notification-methods/webhooks/:methodId +POST /api/notification-methods/push-subscriptions + +GET /api/account +PATCH /api/account/profile +PATCH /api/account/password +POST /api/account/totp/setup +POST /api/account/totp/verify +DELETE /api/account/totp +DELETE /api/account +``` + +## 画面実装順 + +1. 登録画面 +2. ログイン画面 +3. サイト一覧 +4. サイト設定 +5. アラート一覧 +6. 通知方法の管理 +7. アカウント設定 + +## セキュリティチェックリスト + +- パスワードを平文保存しない。 +- 認証が必要な API ではセッションからユーザーを特定する。 +- 他ユーザーのサイト、通知先、アラート履歴にアクセスできないことをテストする。 +- CSRF トークンを状態変更 API に必須化する。 +- Cookie に `HttpOnly`、`SameSite`、本番 `Secure` を設定する。 +- Webhook 送信先の SSRF 対策を行う。 +- OpenSSL 呼び出しにタイムアウトを設定する。 +- 外部入力はスキーマ検証する。 +- SQL はプレースホルダを使う。 +- アカウント削除で関連データが残らないことを確認する。 + +## MVP の完了条件 + +- ユーザーが登録、ログイン、ログアウトできる。 +- ユーザーが監視対象サイトを登録、一覧、編集、削除できる。 +- サイトごとに通知タイミングを設定できる。 +- 証明書期限を監視してアラート履歴に記録できる。 +- Webhook に通知できる。 +- アラート一覧で履歴を確認し、既読にできる。 +- 基本的な認可テストと入力検証テストが通る。 + +## MVP 後に追加する機能 + +- プッシュ通知 +- 2 段階認証 +- パスワード更新時の全セッション無効化 +- アカウント削除時の完全削除と監視停止保証 +- 監視ジョブの詳細ログと管理用メトリクス +- 通知失敗時のリトライ制御 + +## 初回実装の推奨タスク + +1. Hono と React/Vite の最小構成を作成する。 +2. Docker Compose で PostgreSQL を起動できるようにする。 +3. DB マイグレーションまたは `db/schema.sql` を作成する。 +4. 認証 API とセッション管理を実装する。 +5. 登録画面とログイン画面を実装する。 +6. サイト管理 API とサイト一覧画面を実装する。 diff --git a/development_status.md b/development_status.md new file mode 100644 index 0000000..2173245 --- /dev/null +++ b/development_status.md @@ -0,0 +1,378 @@ +# CertRemind 開発進捗 + +最終更新: 2026-05-22 + +## 現在の実装状況 + +`development_plan.md` のフェーズ 8 までを中心に、MVP の土台、サイト設定、アラート履歴、通知方法管理、証明書監視ジョブ、アカウント設定、品質向上と運用準備を実装済み。 + +### 完了済み + +- Hono.js ベースの API サーバー構成 +- React / Vite ベースのフロントエンド構成 +- PostgreSQL 開発環境用の `docker-compose.yml` +- 環境変数サンプル `.env.example` +- DB 論理定義に基づく `db/schema.sql` +- DB 接続モジュール +- CSRF トークン発行と状態変更 API での検証 +- Cookie セッション管理 +- 認証必須ミドルウェア +- 登録 API +- ログイン API +- ログアウト API +- 現在ユーザー取得 API +- サイト一覧 API +- サイト一覧 API で最新の証明書発行元・発行日時・期限・確認日時・取得失敗状態を返却 +- サイト登録 API +- サイト登録時の証明書発行元・発行日時・期限の初期取得 +- サイト詳細 API +- サイトエイリアス更新 API +- サイト削除 API +- サイト設定取得 API +- サイト設定保存 API +- サイト設定削除 API +- アラート一覧 API +- アラート既読更新 API +- アラート履歴削除 API +- サイト、日時、アラート種類によるアラート絞り込み API +- 通知方法一覧 API +- Webhook 登録 API +- Webhook 更新 API +- Webhook 削除 API +- Push 購読情報登録 API +- OpenSSL による証明書発行元・発行日時・期限取得処理 +- 監視ジョブで取得した最新の証明書発行元・発行日時・期限・確認日時・取得失敗状態をサイトに保存 +- サイトごとの通知条件評価 +- 条件一致時のアラート履歴作成 +- 証明書取得失敗時のアラート履歴作成 +- Webhook 通知送信処理 +- Push 通知送信処理 +- 二重送信を防ぐ `dedupe_key` 利用 +- 並列数を制限した監視ジョブ +- 監視ジョブの一回実行スクリプト +- 1 時間ごとに監視ジョブを実行する Node worker +- アカウント情報取得 API +- 表示名更新 API +- パスワード更新 API +- パスワード更新時の全セッション無効化 +- TOTP セットアップ API +- TOTP 検証・有効化 API +- TOTP 解除 API +- ログイン時の TOTP 検証 +- アカウント削除 API +- URL 正規化と基本的な SSRF 対策 +- 登録 / ログイン画面 +- サイト一覧・登録・編集・削除画面 +- サイト設定画面 +- アラート一覧画面 +- 通知方法管理画面 +- アカウント設定画面 +- ESLint / Prettier / Vitest / Vite 設定 +- URL ポリシーの単体テスト +- API セキュリティ境界の統合テスト +- 証明書監視処理の単体テスト +- API 未捕捉エラーと監視ジョブの構造化ログ +- README に開発環境起動手順と環境変数一覧を追加 +- `.gitignore` の整備 + +## 作成・更新した主なファイル + +- `package.json` +- `pnpm-lock.yaml` +- `pnpm-workspace.yaml` +- `docker-compose.yml` +- `.env.example` +- `.gitignore` +- `README.md` +- `.prettierrc` +- `eslint.config.js` +- `vite.config.js` +- `index.html` +- `db/schema.sql` +- `src/server/app.js` +- `src/server/index.js` +- `src/server/config/env.js` +- `src/server/db/pool.js` +- `src/server/middleware/auth.js` +- `src/server/middleware/csrf.js` +- `src/server/modules/account/routes.js` +- `src/server/modules/alerts/routes.js` +- `src/server/modules/auth/routes.js` +- `src/server/modules/notificationMethods/routes.js` +- `src/server/modules/monitoring/certificate.js` +- `src/server/modules/monitoring/monitor.js` +- `src/server/modules/monitoring/notifications.js` +- `src/server/modules/sites/routes.js` +- `src/server/jobs/monitorCertificates.js` +- `src/server/utils/httpErrors.js` +- `src/server/utils/logger.js` +- `src/server/utils/urlPolicy.js` +- `src/client/main.jsx` +- `src/client/App.jsx` +- `src/client/api/client.js` +- `src/client/components/Field.jsx` +- `src/client/routes/AlertsView.jsx` +- `src/client/routes/AuthPanel.jsx` +- `src/client/routes/AccountView.jsx` +- `src/client/routes/NotificationMethodsView.jsx` +- `src/client/routes/SiteSettingsPanel.jsx` +- `src/client/routes/SitesView.jsx` +- `src/client/styles/app.css` +- `public/push-sw.js` +- `tests/urlPolicy.test.js` +- `tests/apiSecurity.test.js` +- `tests/monitoring.test.js` + +## データベース + +`db/schema.sql` に以下のテーブルを定義済み。 + +- `users` +- `user_totp` +- `sessions` +- `sites` +- `notification_methods` +- `site_alert_conditions` +- `alert_history` + +補足: + +- 主キーは UUID。 +- 全テーブルに `created_at` / `updated_at` を付与。 +- `sites` は最新の証明書発行元、発行日時、期限、確認日時、取得失敗内容を保持。 +- `updated_at` 更新用トリガーを定義。 +- ユーザー関連データは `ON DELETE CASCADE` を中心に設計。 +- サイト削除時は通知条件も削除される。 +- アラート履歴のサイト参照は `ON DELETE SET NULL`。 + +## API + +### 実装済み + +```text +GET /api/health +GET /api/auth/csrf +POST /api/auth/register +POST /api/auth/login +POST /api/auth/logout +GET /api/auth/me + +GET /api/sites +POST /api/sites +GET /api/sites/:siteId +PATCH /api/sites/:siteId +DELETE /api/sites/:siteId +GET /api/sites/:siteId/settings +PUT /api/sites/:siteId/settings +DELETE /api/sites/:siteId/settings + +GET /api/alerts +PATCH /api/alerts/:alertId/read +DELETE /api/alerts/:alertId + +GET /api/notification-methods +POST /api/notification-methods/webhooks +PATCH /api/notification-methods/webhooks/:methodId +DELETE /api/notification-methods/webhooks/:methodId +POST /api/notification-methods/push-subscriptions + +GET /api/account +PATCH /api/account/profile +PATCH /api/account/password +POST /api/account/totp/setup +POST /api/account/totp/verify +DELETE /api/account/totp +DELETE /api/account +``` + +### 実装済みジョブ + +```text +pnpm monitor:once +pnpm monitor:worker +``` + +### 未実装 + +```text +なし +``` + +## フロントエンド + +### 実装済み画面 + +- 登録画面 +- ログイン画面 +- サイト一覧画面 + - サイト追加 + - 最新監視結果に基づく証明書期限表示 + - 確認ダイアログ付きサイト削除 + - ログアウト +- サイト設定画面 + - エイリアス編集 + - 証明書情報として発行元、発行日時、失効日時を表示 + - 通知タイミング設定 + - 時間 / 日 / 週間の単位指定 + - 複数タイミングの追加・確認ダイアログ付き削除 + - アプリ内アラート必須表示 + - Webhook 選択 + - プッシュ通知フラグ設定 +- アラート一覧画面 + - サイト絞り込み + - アラート種類絞り込み + - 開始日時 / 終了日時絞り込み + - 既読更新 + - 確認ダイアログ付き履歴削除 +- 通知方法管理画面 + - Webhook 登録 + - Webhook 編集 + - 確認ダイアログ付き Webhook 削除 + - ブラウザ Push 通知の許可状態表示 + - VAPID public key がある場合の Push 購読登録 +- アカウント設定画面 + - 表示名更新 + - ダイアログでのパスワード更新 + - ステップ式ポップアップでの 2 段階認証セットアップ + - 2 段階認証 QR コード表示 + - 確認ダイアログ付き 2 段階認証解除 + - 確認ダイアログ付きアカウント削除 +- 認証後画面共通の左サイドメニュー + - PC 幅では展開表示 + - スマートフォンなど狭い幅ではアイコンのみの畳み表示 + - サイト一覧、アラート履歴、通知方法、アカウント、ログアウトに対応 +- 認証後画面の URL ルーティング + - サイト一覧、サイト設定、アラート履歴、通知方法、アカウントに個別 URL を付与 + - 直リンク、初期読込み、ブラウザバック / フォワードに対応 + - 未認証時はログイン後に元の保護画面へ復帰 +- 認証後画面共通のトースト通知 + - 正常メッセージとエラーメッセージを右上に表示 + - 5 秒後の自動非表示と手動クローズに対応 + +### 未実装画面 + +- なし + +## セキュリティ対応状況 + +### 対応済み + +- パスワードは Argon2id でハッシュ化。 +- セッションは HttpOnly Cookie。 +- Cookie は `SameSite=Lax`。 +- 本番環境では Secure Cookie を有効化する設定。 +- 状態変更 API では CSRF トークンを必須化。 +- 認証済み API はセッションからユーザーを取得。 +- サイト API ではリクエスト上の `user_id` を信用しない。 +- サイト設定 API でもサイト所有者をセッションユーザーで確認。 +- サイト設定で選択された Webhook がログインユーザーのものか検証。 +- アラート履歴 API はログインユーザーの履歴のみ返す。 +- アラート既読更新 API はログインユーザーの履歴のみ更新する。 +- アラート履歴削除 API はログインユーザーの履歴のみ削除する。 +- アラート絞り込み条件は Zod で検証し、SQL はプレースホルダで組み立て。 +- Webhook URL は HTTPS のみ許可。 +- Webhook URL は `normalizeHttpsUrl` を通し、localhost / private IPv4 / loopback IPv4 を拒否。 +- Webhook 更新・削除はログインユーザーの通知方法のみ対象。 +- Push endpoint は HTTPS のみ許可。 +- OpenSSL 呼び出しはタイムアウトを設定。 +- 監視ジョブはサイト単位の失敗で全体を止めない。 +- 外部通信を伴う監視処理は並列数を制限。 +- API の未捕捉エラーと監視ジョブの開始・終了・失敗を構造化ログで出力。 +- 証明書取得失敗も `certificate_check_failed` としてアラート化。 +- Webhook / Push の送信失敗は `delivery_result` に記録。 +- パスワード更新時は全セッションを削除し、現在の Cookie も削除。 +- 2 段階認証解除には現在のパスワードと OTP を要求。 +- アカウント削除には現在のパスワードを要求。 +- アカウント削除は `users` の削除を起点に関連データを CASCADE で削除。 +- ログイン時、TOTP が有効なユーザーは OTP 検証を必須化。 +- 通知タイミングは 1 時間以上、17520 時間以内に制限。 +- 同一サイト内の重複した通知タイミングを拒否。 +- SQL はプレースホルダを使用。 +- サイト URL は HTTPS のみ許可。 +- `localhost`、private IPv4、loopback IPv4 を監視対象から拒否。 +- サイト登録時は 3 秒以内に証明書期限を取得できる場合のみ登録する。 + +### 今後強化が必要 + +- IPv6 private / link-local / unique local address の追加検証。 +- DNS 解決後の SSRF 対策。 +- Webhook 送信先の詳細な SSRF 対策。 +- ログイン試行回数制限。 +- セッションローテーション。 +- 2 段階認証。 +- パスワード更新時の全セッション失効。 +- アカウント削除時の完全削除確認。 + +## 検証結果 + +以下は成功済み。 + +```text +pnpm lint +pnpm test +pnpm exec vite build +``` + +API 動作確認: + +- `GET /api/health` 成功。 +- API 経由でユーザー登録成功。 +- API 経由でサイト登録成功。 +- API 経由でサイト設定保存成功。 +- API 経由でサイト設定取得成功。 +- API 経由でアラート履歴取得成功。 +- API 経由でアラート既読更新成功。 +- API 経由で Webhook 登録成功。 +- API 経由で Webhook 更新成功。 +- API 経由で Webhook 削除成功。 +- API 経由で Push 購読情報登録成功。 +- `pnpm monitor:once` 成功。 +- API セキュリティ境界と証明書監視処理のテスト成功。 +- サイト登録時の証明書期限初期取得と取得失敗時の登録拒否テスト成功。 +- 権限付き実行で OpenSSL による実サイトの証明書期限取得成功。 +- サンドボックス内の外部接続拒否時に証明書取得失敗アラート作成を確認。 +- API 経由で表示名更新成功。 +- API 経由で TOTP セットアップ・有効化成功。 +- TOTP 有効ユーザーの OTP なしログインが 401 になることを確認。 +- TOTP 有効ユーザーの OTP ありログイン成功。 +- API 経由で TOTP 解除成功。 +- API 経由でパスワード更新成功。 +- パスワード更新後、旧セッションが 401 になることを確認。 +- 新パスワードでログイン成功。 +- API 経由でアカウント削除成功。 + +## 起動状況 + +実装時点で以下を起動確認済み。 + +```text +docker compose up -d postgres +pnpm dev +``` + +確認 URL: + +```text +Frontend: http://127.0.0.1:5173/ +API: http://127.0.0.1:3000 +``` + +## 既知の注意点 + +- `pnpm` の build script 承認で `esbuild` を承認済み。 +- サンドボックス環境では Vite / Vitest の設定解決時に権限付き実行が必要だった。 +- `docker-compose.yml` は初回 DB 起動時に `db/schema.sql` を読み込む。既存 volume がある場合、schema の変更は自動再適用されない。 +- 実装確認用に API 経由でテストユーザーと `https://example.com/` / `https://example.org/` / `https://example.net/` のサイトを登録済み。 +- 実装確認用にアラート履歴を手動挿入済み。 +- 実装確認用に Webhook と Push 購読情報を API 経由で登録済み。 +- サンドボックス内で `pnpm monitor:once` を実行すると、外部 TLS 接続が `Permission denied` になる場合がある。その場合は権限付き実行が必要。 +- OpenSSL は PATH 上にない場合でも、Windows では Git 付属の `openssl.exe` を自動検出する。 +- VAPID private key が未設定の場合、Push 通知送信は `delivery_result` に失敗として記録される。 +- TOTP セットアップ画面は QR コードとシークレット文字列の両方を表示。 + +## 次に実装する候補 + +1. API 単体テスト / 統合テストの追加 +2. ログイン試行回数制限 +3. SSRF 対策の DNS 解決後チェック強化 +4. E2E テストの追加 diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..5ac63cf --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,21 @@ +services: + postgres: + image: postgres:17-alpine + container_name: certremind-postgres + environment: + POSTGRES_DB: certremind + POSTGRES_USER: certremind + POSTGRES_PASSWORD: certremind + ports: + - '5432:5432' + volumes: + - postgres-data:/var/lib/postgresql/data + - ./db/schema.sql:/docker-entrypoint-initdb.d/001-schema.sql:ro + healthcheck: + test: ['CMD-SHELL', 'pg_isready -U certremind -d certremind'] + interval: 10s + timeout: 5s + retries: 5 + +volumes: + postgres-data: diff --git a/eslint.config.js b/eslint.config.js new file mode 100644 index 0000000..9d1d06f --- /dev/null +++ b/eslint.config.js @@ -0,0 +1,35 @@ +import js from '@eslint/js'; +import globals from 'globals'; +import react from 'eslint-plugin-react'; +import reactHooks from 'eslint-plugin-react-hooks'; +import reactRefresh from 'eslint-plugin-react-refresh'; + +export default [ + { ignores: ['dist', 'coverage'] }, + js.configs.recommended, + { + files: ['src/**/*.{js,jsx}', 'tests/**/*.js'], + languageOptions: { + ecmaVersion: 2024, + globals: { + ...globals.browser, + ...globals.node, + }, + parserOptions: { + ecmaFeatures: { jsx: true }, + }, + }, + plugins: { + react, + 'react-hooks': reactHooks, + 'react-refresh': reactRefresh, + }, + rules: { + 'react/jsx-uses-vars': 'error', + 'react/react-in-jsx-scope': 'off', + ...reactHooks.configs.recommended.rules, + 'react-refresh/only-export-components': ['warn', { allowConstantExport: true }], + 'react-hooks/set-state-in-effect': 'off', + }, + }, +]; diff --git a/index.html b/index.html new file mode 100644 index 0000000..17f213d --- /dev/null +++ b/index.html @@ -0,0 +1,12 @@ + + + + + + CertRemind + + +
+ + + diff --git a/package.json b/package.json new file mode 100644 index 0000000..15fe459 --- /dev/null +++ b/package.json @@ -0,0 +1,57 @@ +{ + "name": "ssl-expiry-checker", + "version": "1.0.0", + "description": "CertRemind SSL certificate expiry reminder service", + "main": "src/server/index.js", + "scripts": { + "dev": "concurrently \"pnpm dev:server\" \"pnpm dev:client\"", + "dev:server": "node --watch src/server/index.js", + "dev:client": "vite --host 127.0.0.1", + "start": "node src/server/index.js", + "monitor:once": "node src/server/jobs/monitorCertificates.js", + "monitor:worker": "node src/server/jobs/monitorWorker.js", + "test": "vitest run", + "lint": "eslint .", + "format": "prettier --write ." + }, + "keywords": [], + "author": "", + "license": "ISC", + "dependencies": { + "@hono/node-server": "^1.19.6", + "@node-rs/argon2": "^2.0.2", + "@radix-ui/react-dialog": "^1.1.15", + "@radix-ui/react-label": "^2.1.8", + "@radix-ui/react-tabs": "^1.1.13", + "@vitejs/plugin-react": "^5.1.1", + "hono": "^4.10.7", + "lucide-react": "^0.555.0", + "otplib": "^13.4.0", + "pg": "^8.16.3", + "qrcode.react": "^4.2.0", + "react": "^19.2.0", + "react-dom": "^19.2.0", + "web-push": "^3.6.7", + "zod": "^4.1.13" + }, + "devDependencies": { + "@eslint/js": "^9.39.1", + "concurrently": "^9.2.1", + "eslint": "^9.39.1", + "eslint-plugin-react": "^7.37.5", + "eslint-plugin-react-hooks": "^7.0.1", + "eslint-plugin-react-refresh": "^0.4.24", + "globals": "^16.5.0", + "prettier": "^3.7.4", + "vite": "^7.2.4", + "vitest": "^4.0.15" + }, + "devEngines": { + "packageManager": { + "name": "pnpm", + "version": "^11.1.3", + "onFail": "download" + } + }, + "type": "module" +} diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml new file mode 100644 index 0000000..c49825a --- /dev/null +++ b/pnpm-lock.yaml @@ -0,0 +1,6089 @@ +--- +lockfileVersion: '9.0' + +importers: + .: + configDependencies: {} + packageManagerDependencies: + '@pnpm/exe': + specifier: ^11.1.3 + version: 11.1.3 + pnpm: + specifier: ^11.1.3 + version: 11.1.3 + +packages: + '@pnpm/exe@11.1.3': + resolution: + { + integrity: sha512-J6bSMpZlHVUKuMKtPT/+lrFPpvBiOIgk6HnNC3vmoM/fsMgFhao6ITFwdsUMzdCl2qHf9cnVYA4ZBdsGmVUnpg==, + } + hasBin: true + + '@pnpm/linux-arm64@11.1.3': + resolution: + { + integrity: sha512-sz3fc0hSqguk2eGe/InelpBD3LP82MzF+8pLzDpYNGuhasGY+VWkuxEo02HczQYRVXTsbpZVepk+Qs2CONc04Q==, + } + cpu: [arm64] + os: [linux] + + '@pnpm/linux-x64@11.1.3': + resolution: + { + integrity: sha512-UadJh5fJZWa47OtdZTWLKWDj4z5WpZFB5pS2wOh/kfKypUmQyjmbOMClP7/yJGS2ZtrSjRgYjIEWAjndkWsMaA==, + } + cpu: [x64] + os: [linux] + + '@pnpm/linuxstatic-arm64@11.1.3': + resolution: + { + integrity: sha512-lWmGr96w+VrIRVsEfTXROB3GeQNxrX2Hy32j3USHr6WlqmpH1i7YjavJGpoXeVZbb77fCFjNFAtsJzGXSgy/Og==, + } + cpu: [arm64] + os: [linux] + libc: [musl] + + '@pnpm/linuxstatic-x64@11.1.3': + resolution: + { + integrity: sha512-I74GDBOPbr5TXgob3ct4hv6BQtLGdsjGJrII2qNl/e2xYHXekjIWE4Eh7RGN4C7xu+BZYKtvnOOr149yR7KxUw==, + } + cpu: [x64] + os: [linux] + libc: [musl] + + '@pnpm/macos-arm64@11.1.3': + resolution: + { + integrity: sha512-nWn155BVa54iNyg4iolVhjMtqumXHPh8ul5CFjQFJXdwgr9MRUgc5EUBML1+7mS8C/7Wcex5HUgn/w3fliHCsQ==, + } + cpu: [arm64] + os: [darwin] + + '@pnpm/win-arm64@11.1.3': + resolution: + { + integrity: sha512-4u6PQL7/WgwdweC2ZJcdCzhM1koRFG5ofcUSrIVsdyo9ePfGq2D9p1rkZbiLEfIGvl3GKOsfMB5DRTgs8es4AQ==, + } + cpu: [arm64] + os: [win32] + + '@pnpm/win-x64@11.1.3': + resolution: + { + integrity: sha512-JmhH7ljJ3MWjvWFz/YHbu/27ISCNLZsQb1JG+ib3uHlfUwIJuF6BudXYsbS5Uu0o7xUvC9sPPm+Uho4Or6R3vA==, + } + cpu: [x64] + os: [win32] + + '@reflink/reflink-darwin-arm64@0.1.19': + resolution: + { + integrity: sha512-ruy44Lpepdk1FqDz38vExBY/PVUsjxZA+chd9wozjUH9JjuDT/HEaQYA6wYN9mf041l0yLVar6BCZuWABJvHSA==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [darwin] + + '@reflink/reflink-darwin-x64@0.1.19': + resolution: + { + integrity: sha512-By85MSWrMZa+c26TcnAy8SDk0sTUkYlNnwknSchkhHpGXOtjNDUOxJE9oByBnGbeuIE1PiQsxDG3Ud+IVV9yuA==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [darwin] + + '@reflink/reflink-linux-arm64-gnu@0.1.19': + resolution: + { + integrity: sha512-7P+er8+rP9iNeN+bfmccM4hTAaLP6PQJPKWSA4iSk2bNvo6KU6RyPgYeHxXmzNKzPVRcypZQTpFgstHam6maVg==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [linux] + libc: [glibc] + + '@reflink/reflink-linux-arm64-musl@0.1.19': + resolution: + { + integrity: sha512-37iO/Dp6m5DDaC2sf3zPtx/hl9FV3Xze4xoYidrxxS9bgP3S8ALroxRK6xBG/1TtfXKTvolvp+IjrUU6ujIGmA==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [linux] + libc: [musl] + + '@reflink/reflink-linux-x64-gnu@0.1.19': + resolution: + { + integrity: sha512-jbI8jvuYCaA3MVUdu8vLoLAFqC+iNMpiSuLbxlAgg7x3K5bsS8nOpTRnkLF7vISJ+rVR8W+7ThXlXlUQ93ulkw==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [linux] + libc: [glibc] + + '@reflink/reflink-linux-x64-musl@0.1.19': + resolution: + { + integrity: sha512-e9FBWDe+lv7QKAwtKOt6A2W/fyy/aEEfr0g6j/hWzvQcrzHCsz07BNQYlNOjTfeytrtLU7k449H1PI95jA4OjQ==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [linux] + libc: [musl] + + '@reflink/reflink-win32-arm64-msvc@0.1.19': + resolution: + { + integrity: sha512-09PxnVIQcd+UOn4WAW73WU6PXL7DwGS6wPlkMhMg2zlHHG65F3vHepOw06HFCq+N42qkaNAc8AKIabWvtk6cIQ==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [win32] + + '@reflink/reflink-win32-x64-msvc@0.1.19': + resolution: + { + integrity: sha512-E//yT4ni2SyhwP8JRjVGWr3cbnhWDiPLgnQ66qqaanjjnMiu3O/2tjCPQXlcGc/DEYofpDc9fvhv6tALQsMV9w==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [win32] + + '@reflink/reflink@0.1.19': + resolution: + { + integrity: sha512-DmCG8GzysnCZ15bres3N5AHCmwBwYgp0As6xjhQ47rAUTUXxJiK+lLUxaGsX3hd/30qUpVElh05PbGuxRPgJwA==, + } + engines: { node: '>= 10' } + + detect-libc@2.1.2: + resolution: + { + integrity: sha512-Btj2BOOO83o3WyH59e8MgXsxEQVcarkUOpEYrubB0urwnN10yQ364rsiByU11nZlqWYZm05i/of7io4mzihBtQ==, + } + engines: { node: '>=8' } + + pnpm@11.1.3: + resolution: + { + integrity: sha512-yFNX/hfKEt0j3XBxgiZm39fjy3b+IU4zcLXqL7NPKiMRhVCbY+cX880KyzjdP42CvNXoFyQArmeLcOpPvtCJbQ==, + } + engines: { node: '>=22.13' } + hasBin: true + +snapshots: + '@pnpm/exe@11.1.3': + dependencies: + '@reflink/reflink': 0.1.19 + detect-libc: 2.1.2 + optionalDependencies: + '@pnpm/linux-arm64': 11.1.3 + '@pnpm/linux-x64': 11.1.3 + '@pnpm/linuxstatic-arm64': 11.1.3 + '@pnpm/linuxstatic-x64': 11.1.3 + '@pnpm/macos-arm64': 11.1.3 + '@pnpm/win-arm64': 11.1.3 + '@pnpm/win-x64': 11.1.3 + + '@pnpm/linux-arm64@11.1.3': + optional: true + + '@pnpm/linux-x64@11.1.3': + optional: true + + '@pnpm/linuxstatic-arm64@11.1.3': + optional: true + + '@pnpm/linuxstatic-x64@11.1.3': + optional: true + + '@pnpm/macos-arm64@11.1.3': + optional: true + + '@pnpm/win-arm64@11.1.3': + optional: true + + '@pnpm/win-x64@11.1.3': + optional: true + + '@reflink/reflink-darwin-arm64@0.1.19': + optional: true + + '@reflink/reflink-darwin-x64@0.1.19': + optional: true + + '@reflink/reflink-linux-arm64-gnu@0.1.19': + optional: true + + '@reflink/reflink-linux-arm64-musl@0.1.19': + optional: true + + '@reflink/reflink-linux-x64-gnu@0.1.19': + optional: true + + '@reflink/reflink-linux-x64-musl@0.1.19': + optional: true + + '@reflink/reflink-win32-arm64-msvc@0.1.19': + optional: true + + '@reflink/reflink-win32-x64-msvc@0.1.19': + optional: true + + '@reflink/reflink@0.1.19': + optionalDependencies: + '@reflink/reflink-darwin-arm64': 0.1.19 + '@reflink/reflink-darwin-x64': 0.1.19 + '@reflink/reflink-linux-arm64-gnu': 0.1.19 + '@reflink/reflink-linux-arm64-musl': 0.1.19 + '@reflink/reflink-linux-x64-gnu': 0.1.19 + '@reflink/reflink-linux-x64-musl': 0.1.19 + '@reflink/reflink-win32-arm64-msvc': 0.1.19 + '@reflink/reflink-win32-x64-msvc': 0.1.19 + + detect-libc@2.1.2: {} + + pnpm@11.1.3: {} + +--- +lockfileVersion: '9.0' + +settings: + autoInstallPeers: true + excludeLinksFromLockfile: false + +importers: + .: + dependencies: + '@hono/node-server': + specifier: ^1.19.6 + version: 1.19.14(hono@4.12.21) + '@node-rs/argon2': + specifier: ^2.0.2 + version: 2.0.2 + '@radix-ui/react-dialog': + specifier: ^1.1.15 + version: 1.1.15(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-label': + specifier: ^2.1.8 + version: 2.1.8(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-tabs': + specifier: ^1.1.13 + version: 1.1.13(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@vitejs/plugin-react': + specifier: ^5.1.1 + version: 5.2.0(vite@7.3.3) + hono: + specifier: ^4.10.7 + version: 4.12.21 + lucide-react: + specifier: ^0.555.0 + version: 0.555.0(react@19.2.6) + otplib: + specifier: ^13.4.0 + version: 13.4.0 + pg: + specifier: ^8.16.3 + version: 8.21.0 + qrcode.react: + specifier: ^4.2.0 + version: 4.2.0(react@19.2.6) + react: + specifier: ^19.2.0 + version: 19.2.6 + react-dom: + specifier: ^19.2.0 + version: 19.2.6(react@19.2.6) + web-push: + specifier: ^3.6.7 + version: 3.6.7 + zod: + specifier: ^4.1.13 + version: 4.4.3 + devDependencies: + '@eslint/js': + specifier: ^9.39.1 + version: 9.39.4 + concurrently: + specifier: ^9.2.1 + version: 9.2.1 + eslint: + specifier: ^9.39.1 + version: 9.39.4 + eslint-plugin-react: + specifier: ^7.37.5 + version: 7.37.5(eslint@9.39.4) + eslint-plugin-react-hooks: + specifier: ^7.0.1 + version: 7.1.1(eslint@9.39.4) + eslint-plugin-react-refresh: + specifier: ^0.4.24 + version: 0.4.26(eslint@9.39.4) + globals: + specifier: ^16.5.0 + version: 16.5.0 + prettier: + specifier: ^3.7.4 + version: 3.8.3 + vite: + specifier: ^7.2.4 + version: 7.3.3 + vitest: + specifier: ^4.0.15 + version: 4.1.6(vite@7.3.3) + +packages: + '@babel/code-frame@7.29.0': + resolution: + { + integrity: sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==, + } + engines: { node: '>=6.9.0' } + + '@babel/compat-data@7.29.3': + resolution: + { + integrity: sha512-LIVqM46zQWZhj17qA8wb4nW/ixr2y1Nw+r1etiAWgRM6U1IqP+LNhL1yg440jYZR72jCWcWbLWzIosH+uP1fqg==, + } + engines: { node: '>=6.9.0' } + + '@babel/core@7.29.0': + resolution: + { + integrity: sha512-CGOfOJqWjg2qW/Mb6zNsDm+u5vFQ8DxXfbM09z69p5Z6+mE1ikP2jUXw+j42Pf1XTYED2Rni5f95npYeuwMDQA==, + } + engines: { node: '>=6.9.0' } + + '@babel/generator@7.29.1': + resolution: + { + integrity: sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-compilation-targets@7.28.6': + resolution: + { + integrity: sha512-JYtls3hqi15fcx5GaSNL7SCTJ2MNmjrkHXg4FSpOA/grxK8KwyZ5bubHsCq8FXCkua6xhuaaBit+3b7+VZRfcA==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-globals@7.28.0': + resolution: + { + integrity: sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-module-imports@7.28.6': + resolution: + { + integrity: sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-module-transforms@7.28.6': + resolution: + { + integrity: sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==, + } + engines: { node: '>=6.9.0' } + peerDependencies: + '@babel/core': ^7.0.0 + + '@babel/helper-plugin-utils@7.28.6': + resolution: + { + integrity: sha512-S9gzZ/bz83GRysI7gAD4wPT/AI3uCnY+9xn+Mx/KPs2JwHJIz1W8PZkg2cqyt3RNOBM8ejcXhV6y8Og7ly/Dug==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-string-parser@7.27.1': + resolution: + { + integrity: sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-validator-identifier@7.28.5': + resolution: + { + integrity: sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==, + } + engines: { node: '>=6.9.0' } + + '@babel/helper-validator-option@7.27.1': + resolution: + { + integrity: sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg==, + } + engines: { node: '>=6.9.0' } + + '@babel/helpers@7.29.2': + resolution: + { + integrity: sha512-HoGuUs4sCZNezVEKdVcwqmZN8GoHirLUcLaYVNBK2J0DadGtdcqgr3BCbvH8+XUo4NGjNl3VOtSjEKNzqfFgKw==, + } + engines: { node: '>=6.9.0' } + + '@babel/parser@7.29.3': + resolution: + { + integrity: sha512-b3ctpQwp+PROvU/cttc4OYl4MzfJUWy6FZg+PMXfzmt/+39iHVF0sDfqay8TQM3JA2EUOyKcFZt75jWriQijsA==, + } + engines: { node: '>=6.0.0' } + hasBin: true + + '@babel/plugin-transform-react-jsx-self@7.27.1': + resolution: + { + integrity: sha512-6UzkCs+ejGdZ5mFFC/OCUrv028ab2fp1znZmCZjAOBKiBK2jXD1O+BPSfX8X2qjJ75fZBMSnQn3Rq2mrBJK2mw==, + } + engines: { node: '>=6.9.0' } + peerDependencies: + '@babel/core': ^7.0.0-0 + + '@babel/plugin-transform-react-jsx-source@7.27.1': + resolution: + { + integrity: sha512-zbwoTsBruTeKB9hSq73ha66iFeJHuaFkUbwvqElnygoNbj/jHRsSeokowZFN3CZ64IvEqcmmkVe89OPXc7ldAw==, + } + engines: { node: '>=6.9.0' } + peerDependencies: + '@babel/core': ^7.0.0-0 + + '@babel/template@7.28.6': + resolution: + { + integrity: sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==, + } + engines: { node: '>=6.9.0' } + + '@babel/traverse@7.29.0': + resolution: + { + integrity: sha512-4HPiQr0X7+waHfyXPZpWPfWL/J7dcN1mx9gL6WdQVMbPnF3+ZhSMs8tCxN7oHddJE9fhNE7+lxdnlyemKfJRuA==, + } + engines: { node: '>=6.9.0' } + + '@babel/types@7.29.0': + resolution: + { + integrity: sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==, + } + engines: { node: '>=6.9.0' } + + '@emnapi/core@1.10.0': + resolution: + { + integrity: sha512-yq6OkJ4p82CAfPl0u9mQebQHKPJkY7WrIuk205cTYnYe+k2Z8YBh11FrbRG/H6ihirqcacOgl2BIO8oyMQLeXw==, + } + + '@emnapi/runtime@1.10.0': + resolution: + { + integrity: sha512-ewvYlk86xUoGI0zQRNq/mC+16R1QeDlKQy21Ki3oSYXNgLb45GV1P6A0M+/s6nyCuNDqe5VpaY84BzXGwVbwFA==, + } + + '@emnapi/wasi-threads@1.2.1': + resolution: + { + integrity: sha512-uTII7OYF+/Mes/MrcIOYp5yOtSMLBWSIoLPpcgwipoiKbli6k322tcoFsxoIIxPDqW01SQGAgko4EzZi2BNv2w==, + } + + '@esbuild/aix-ppc64@0.27.7': + resolution: + { + integrity: sha512-EKX3Qwmhz1eMdEJokhALr0YiD0lhQNwDqkPYyPhiSwKrh7/4KRjQc04sZ8db+5DVVnZ1LmbNDI1uAMPEUBnQPg==, + } + engines: { node: '>=18' } + cpu: [ppc64] + os: [aix] + + '@esbuild/android-arm64@0.27.7': + resolution: + { + integrity: sha512-62dPZHpIXzvChfvfLJow3q5dDtiNMkwiRzPylSCfriLvZeq0a1bWChrGx/BbUbPwOrsWKMn8idSllklzBy+dgQ==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [android] + + '@esbuild/android-arm@0.27.7': + resolution: + { + integrity: sha512-jbPXvB4Yj2yBV7HUfE2KHe4GJX51QplCN1pGbYjvsyCZbQmies29EoJbkEc+vYuU5o45AfQn37vZlyXy4YJ8RQ==, + } + engines: { node: '>=18' } + cpu: [arm] + os: [android] + + '@esbuild/android-x64@0.27.7': + resolution: + { + integrity: sha512-x5VpMODneVDb70PYV2VQOmIUUiBtY3D3mPBG8NxVk5CogneYhkR7MmM3yR/uMdITLrC1ml/NV1rj4bMJuy9MCg==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [android] + + '@esbuild/darwin-arm64@0.27.7': + resolution: + { + integrity: sha512-5lckdqeuBPlKUwvoCXIgI2D9/ABmPq3Rdp7IfL70393YgaASt7tbju3Ac+ePVi3KDH6N2RqePfHnXkaDtY9fkw==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [darwin] + + '@esbuild/darwin-x64@0.27.7': + resolution: + { + integrity: sha512-rYnXrKcXuT7Z+WL5K980jVFdvVKhCHhUwid+dDYQpH+qu+TefcomiMAJpIiC2EM3Rjtq0sO3StMV/+3w3MyyqQ==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [darwin] + + '@esbuild/freebsd-arm64@0.27.7': + resolution: + { + integrity: sha512-B48PqeCsEgOtzME2GbNM2roU29AMTuOIN91dsMO30t+Ydis3z/3Ngoj5hhnsOSSwNzS+6JppqWsuhTp6E82l2w==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [freebsd] + + '@esbuild/freebsd-x64@0.27.7': + resolution: + { + integrity: sha512-jOBDK5XEjA4m5IJK3bpAQF9/Lelu/Z9ZcdhTRLf4cajlB+8VEhFFRjWgfy3M1O4rO2GQ/b2dLwCUGpiF/eATNQ==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [freebsd] + + '@esbuild/linux-arm64@0.27.7': + resolution: + { + integrity: sha512-RZPHBoxXuNnPQO9rvjh5jdkRmVizktkT7TCDkDmQ0W2SwHInKCAV95GRuvdSvA7w4VMwfCjUiPwDi0ZO6Nfe9A==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [linux] + + '@esbuild/linux-arm@0.27.7': + resolution: + { + integrity: sha512-RkT/YXYBTSULo3+af8Ib0ykH8u2MBh57o7q/DAs3lTJlyVQkgQvlrPTnjIzzRPQyavxtPtfg0EopvDyIt0j1rA==, + } + engines: { node: '>=18' } + cpu: [arm] + os: [linux] + + '@esbuild/linux-ia32@0.27.7': + resolution: + { + integrity: sha512-GA48aKNkyQDbd3KtkplYWT102C5sn/EZTY4XROkxONgruHPU72l+gW+FfF8tf2cFjeHaRbWpOYa/uRBz/Xq1Pg==, + } + engines: { node: '>=18' } + cpu: [ia32] + os: [linux] + + '@esbuild/linux-loong64@0.27.7': + resolution: + { + integrity: sha512-a4POruNM2oWsD4WKvBSEKGIiWQF8fZOAsycHOt6JBpZ+JN2n2JH9WAv56SOyu9X5IqAjqSIPTaJkqN8F7XOQ5Q==, + } + engines: { node: '>=18' } + cpu: [loong64] + os: [linux] + + '@esbuild/linux-mips64el@0.27.7': + resolution: + { + integrity: sha512-KabT5I6StirGfIz0FMgl1I+R1H73Gp0ofL9A3nG3i/cYFJzKHhouBV5VWK1CSgKvVaG4q1RNpCTR2LuTVB3fIw==, + } + engines: { node: '>=18' } + cpu: [mips64el] + os: [linux] + + '@esbuild/linux-ppc64@0.27.7': + resolution: + { + integrity: sha512-gRsL4x6wsGHGRqhtI+ifpN/vpOFTQtnbsupUF5R5YTAg+y/lKelYR1hXbnBdzDjGbMYjVJLJTd2OFmMewAgwlQ==, + } + engines: { node: '>=18' } + cpu: [ppc64] + os: [linux] + + '@esbuild/linux-riscv64@0.27.7': + resolution: + { + integrity: sha512-hL25LbxO1QOngGzu2U5xeXtxXcW+/GvMN3ejANqXkxZ/opySAZMrc+9LY/WyjAan41unrR3YrmtTsUpwT66InQ==, + } + engines: { node: '>=18' } + cpu: [riscv64] + os: [linux] + + '@esbuild/linux-s390x@0.27.7': + resolution: + { + integrity: sha512-2k8go8Ycu1Kb46vEelhu1vqEP+UeRVj2zY1pSuPdgvbd5ykAw82Lrro28vXUrRmzEsUV0NzCf54yARIK8r0fdw==, + } + engines: { node: '>=18' } + cpu: [s390x] + os: [linux] + + '@esbuild/linux-x64@0.27.7': + resolution: + { + integrity: sha512-hzznmADPt+OmsYzw1EE33ccA+HPdIqiCRq7cQeL1Jlq2gb1+OyWBkMCrYGBJ+sxVzve2ZJEVeePbLM2iEIZSxA==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [linux] + + '@esbuild/netbsd-arm64@0.27.7': + resolution: + { + integrity: sha512-b6pqtrQdigZBwZxAn1UpazEisvwaIDvdbMbmrly7cDTMFnw/+3lVxxCTGOrkPVnsYIosJJXAsILG9XcQS+Yu6w==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [netbsd] + + '@esbuild/netbsd-x64@0.27.7': + resolution: + { + integrity: sha512-OfatkLojr6U+WN5EDYuoQhtM+1xco+/6FSzJJnuWiUw5eVcicbyK3dq5EeV/QHT1uy6GoDhGbFpprUiHUYggrw==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [netbsd] + + '@esbuild/openbsd-arm64@0.27.7': + resolution: + { + integrity: sha512-AFuojMQTxAz75Fo8idVcqoQWEHIXFRbOc1TrVcFSgCZtQfSdc1RXgB3tjOn/krRHENUB4j00bfGjyl2mJrU37A==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [openbsd] + + '@esbuild/openbsd-x64@0.27.7': + resolution: + { + integrity: sha512-+A1NJmfM8WNDv5CLVQYJ5PshuRm/4cI6WMZRg1by1GwPIQPCTs1GLEUHwiiQGT5zDdyLiRM/l1G0Pv54gvtKIg==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [openbsd] + + '@esbuild/openharmony-arm64@0.27.7': + resolution: + { + integrity: sha512-+KrvYb/C8zA9CU/g0sR6w2RBw7IGc5J2BPnc3dYc5VJxHCSF1yNMxTV5LQ7GuKteQXZtspjFbiuW5/dOj7H4Yw==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [openharmony] + + '@esbuild/sunos-x64@0.27.7': + resolution: + { + integrity: sha512-ikktIhFBzQNt/QDyOL580ti9+5mL/YZeUPKU2ivGtGjdTYoqz6jObj6nOMfhASpS4GU4Q/Clh1QtxWAvcYKamA==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [sunos] + + '@esbuild/win32-arm64@0.27.7': + resolution: + { + integrity: sha512-7yRhbHvPqSpRUV7Q20VuDwbjW5kIMwTHpptuUzV+AA46kiPze5Z7qgt6CLCK3pWFrHeNfDd1VKgyP4O+ng17CA==, + } + engines: { node: '>=18' } + cpu: [arm64] + os: [win32] + + '@esbuild/win32-ia32@0.27.7': + resolution: + { + integrity: sha512-SmwKXe6VHIyZYbBLJrhOoCJRB/Z1tckzmgTLfFYOfpMAx63BJEaL9ExI8x7v0oAO3Zh6D/Oi1gVxEYr5oUCFhw==, + } + engines: { node: '>=18' } + cpu: [ia32] + os: [win32] + + '@esbuild/win32-x64@0.27.7': + resolution: + { + integrity: sha512-56hiAJPhwQ1R4i+21FVF7V8kSD5zZTdHcVuRFMW0hn753vVfQN8xlx4uOPT4xoGH0Z/oVATuR82AiqSTDIpaHg==, + } + engines: { node: '>=18' } + cpu: [x64] + os: [win32] + + '@eslint-community/eslint-utils@4.9.1': + resolution: + { + integrity: sha512-phrYmNiYppR7znFEdqgfWHXR6NCkZEK7hwWDHZUjit/2/U0r6XvkDl0SYnoM51Hq7FhCGdLDT6zxCCOY1hexsQ==, + } + engines: { node: ^12.22.0 || ^14.17.0 || >=16.0.0 } + peerDependencies: + eslint: ^6.0.0 || ^7.0.0 || >=8.0.0 + + '@eslint-community/regexpp@4.12.2': + resolution: + { + integrity: sha512-EriSTlt5OC9/7SXkRSCAhfSxxoSUgBm33OH+IkwbdpgoqsSsUg7y3uh+IICI/Qg4BBWr3U2i39RpmycbxMq4ew==, + } + engines: { node: ^12.0.0 || ^14.0.0 || >=16.0.0 } + + '@eslint/config-array@0.21.2': + resolution: + { + integrity: sha512-nJl2KGTlrf9GjLimgIru+V/mzgSK0ABCDQRvxw5BjURL7WfH5uoWmizbH7QB6MmnMBd8cIC9uceWnezL1VZWWw==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@eslint/config-helpers@0.4.2': + resolution: + { + integrity: sha512-gBrxN88gOIf3R7ja5K9slwNayVcZgK6SOUORm2uBzTeIEfeVaIhOpCtTox3P6R7o2jLFwLFTLnC7kU/RGcYEgw==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@eslint/core@0.17.0': + resolution: + { + integrity: sha512-yL/sLrpmtDaFEiUj1osRP4TI2MDz1AddJL+jZ7KSqvBuliN4xqYY54IfdN8qD8Toa6g1iloph1fxQNkjOxrrpQ==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@eslint/eslintrc@3.3.5': + resolution: + { + integrity: sha512-4IlJx0X0qftVsN5E+/vGujTRIFtwuLbNsVUe7TO6zYPDR1O6nFwvwhIKEKSrl6dZchmYBITazxKoUYOjdtjlRg==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@eslint/js@9.39.4': + resolution: + { + integrity: sha512-nE7DEIchvtiFTwBw4Lfbu59PG+kCofhjsKaCWzxTpt4lfRjRMqG6uMBzKXuEcyXhOHoUp9riAm7/aWYGhXZ9cw==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@eslint/object-schema@2.1.7': + resolution: + { + integrity: sha512-VtAOaymWVfZcmZbp6E2mympDIHvyjXs/12LqWYjVw6qjrfF+VK+fyG33kChz3nnK+SU5/NeHOqrTEHS8sXO3OA==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@eslint/plugin-kit@0.4.1': + resolution: + { + integrity: sha512-43/qtrDUokr7LJqoF2c3+RInu/t4zfrpYdoSDfYyhg52rwLV6TnOvdG4fXm7IkSB3wErkcmJS9iEhjVtOSEjjA==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + '@hono/node-server@1.19.14': + resolution: + { + integrity: sha512-GwtvgtXxnWsucXvbQXkRgqksiH2Qed37H9xHZocE5sA3N8O8O8/8FA3uclQXxXVzc9XBZuEOMK7+r02FmSpHtw==, + } + engines: { node: '>=18.14.1' } + peerDependencies: + hono: ^4 + + '@humanfs/core@0.19.2': + resolution: + { + integrity: sha512-UhXNm+CFMWcbChXywFwkmhqjs3PRCmcSa/hfBgLIb7oQ5HNb1wS0icWsGtSAUNgefHeI+eBrA8I1fxmbHsGdvA==, + } + engines: { node: '>=18.18.0' } + + '@humanfs/node@0.16.8': + resolution: + { + integrity: sha512-gE1eQNZ3R++kTzFUpdGlpmy8kDZD/MLyHqDwqjkVQI0JMdI1D51sy1H958PNXYkM2rAac7e5/CnIKZrHtPh3BQ==, + } + engines: { node: '>=18.18.0' } + + '@humanfs/types@0.15.0': + resolution: + { + integrity: sha512-ZZ1w0aoQkwuUuC7Yf+7sdeaNfqQiiLcSRbfI08oAxqLtpXQr9AIVX7Ay7HLDuiLYAaFPu8oBYNq/QIi9URHJ3Q==, + } + engines: { node: '>=18.18.0' } + + '@humanwhocodes/module-importer@1.0.1': + resolution: + { + integrity: sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==, + } + engines: { node: '>=12.22' } + + '@humanwhocodes/retry@0.4.3': + resolution: + { + integrity: sha512-bV0Tgo9K4hfPCek+aMAn81RppFKv2ySDQeMoSZuvTASywNTnVJCArCZE2FWqpvIatKu7VMRLWlR1EazvVhDyhQ==, + } + engines: { node: '>=18.18' } + + '@jridgewell/gen-mapping@0.3.13': + resolution: + { + integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==, + } + + '@jridgewell/remapping@2.3.5': + resolution: + { + integrity: sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==, + } + + '@jridgewell/resolve-uri@3.1.2': + resolution: + { + integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==, + } + engines: { node: '>=6.0.0' } + + '@jridgewell/sourcemap-codec@1.5.5': + resolution: + { + integrity: sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==, + } + + '@jridgewell/trace-mapping@0.3.31': + resolution: + { + integrity: sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==, + } + + '@napi-rs/wasm-runtime@0.2.12': + resolution: + { + integrity: sha512-ZVWUcfwY4E/yPitQJl481FjFo3K22D6qF0DuFH6Y/nbnE11GY5uguDxZMGXPQ8WQ0128MXQD7TnfHyK4oWoIJQ==, + } + + '@noble/hashes@2.2.0': + resolution: + { + integrity: sha512-IYqDGiTXab6FniAgnSdZwgWbomxpy9FtYvLKs7wCUs2a8RkITG+DFGO1DM9cr+E3/RgADRpFjrKVaJ1z6sjtEg==, + } + engines: { node: '>= 20.19.0' } + + '@node-rs/argon2-android-arm-eabi@2.0.2': + resolution: + { + integrity: sha512-DV/H8p/jt40lrao5z5g6nM9dPNPGEHL+aK6Iy/og+dbL503Uj0AHLqj1Hk9aVUSCNnsDdUEKp4TVMi0YakDYKw==, + } + engines: { node: '>= 10' } + cpu: [arm] + os: [android] + + '@node-rs/argon2-android-arm64@2.0.2': + resolution: + { + integrity: sha512-1LKwskau+8O1ktKx7TbK7jx1oMOMt4YEXZOdSNIar1TQKxm6isZ0cRXgHLibPHEcNHgYRsJWDE9zvDGBB17QDg==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [android] + + '@node-rs/argon2-darwin-arm64@2.0.2': + resolution: + { + integrity: sha512-3TTNL/7wbcpNju5YcqUrCgXnXUSbD7ogeAKatzBVHsbpjZQbNb1NDxDjqqrWoTt6XL3z9mJUMGwbAk7zQltHtA==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [darwin] + + '@node-rs/argon2-darwin-x64@2.0.2': + resolution: + { + integrity: sha512-vNPfkLj5Ij5111UTiYuwgxMqE7DRbOS2y58O2DIySzSHbcnu+nipmRKg+P0doRq6eKIJStyBK8dQi5Ic8pFyDw==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [darwin] + + '@node-rs/argon2-freebsd-x64@2.0.2': + resolution: + { + integrity: sha512-M8vQZk01qojQfCqQU0/O1j1a4zPPrz93zc9fSINY7Q/6RhQRBCYwDw7ltDCZXg5JRGlSaeS8cUXWyhPGar3cGg==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [freebsd] + + '@node-rs/argon2-linux-arm-gnueabihf@2.0.2': + resolution: + { + integrity: sha512-7EmmEPHLzcu0G2GDh30L6G48CH38roFC2dqlQJmtRCxs6no3tTE/pvgBGatTp/o2n2oyOJcfmgndVFcUpwMnww==, + } + engines: { node: '>= 10' } + cpu: [arm] + os: [linux] + + '@node-rs/argon2-linux-arm64-gnu@2.0.2': + resolution: + { + integrity: sha512-6lsYh3Ftbk+HAIZ7wNuRF4SZDtxtFTfK+HYFAQQyW7Ig3LHqasqwfUKRXVSV5tJ+xTnxjqgKzvZSUJCAyIfHew==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [linux] + libc: [glibc] + + '@node-rs/argon2-linux-arm64-musl@2.0.2': + resolution: + { + integrity: sha512-p3YqVMNT/4DNR67tIHTYGbedYmXxW9QlFmF39SkXyEbGQwpgSf6pH457/fyXBIYznTU/smnG9EH+C1uzT5j4hA==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [linux] + libc: [musl] + + '@node-rs/argon2-linux-x64-gnu@2.0.2': + resolution: + { + integrity: sha512-ZM3jrHuJ0dKOhvA80gKJqBpBRmTJTFSo2+xVZR+phQcbAKRlDMSZMFDiKbSTnctkfwNFtjgDdh5g1vaEV04AvA==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [linux] + libc: [glibc] + + '@node-rs/argon2-linux-x64-musl@2.0.2': + resolution: + { + integrity: sha512-of5uPqk7oCRF/44a89YlWTEfjsftPywyTULwuFDKyD8QtVZoonrJR6ZWvfFE/6jBT68S0okAkAzzMEdBVWdxWw==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [linux] + libc: [musl] + + '@node-rs/argon2-wasm32-wasi@2.0.2': + resolution: + { + integrity: sha512-U3PzLYKSQYzTERstgtHLd4ZTkOF9co57zTXT77r0cVUsleGZOrd6ut7rHzeWwoJSiHOVxxa0OhG1JVQeB7lLoQ==, + } + engines: { node: '>=14.0.0' } + cpu: [wasm32] + + '@node-rs/argon2-win32-arm64-msvc@2.0.2': + resolution: + { + integrity: sha512-Eisd7/NM0m23ijrGr6xI2iMocdOuyl6gO27gfMfya4C5BODbUSP7ljKJ7LrA0teqZMdYHesRDzx36Js++/vhiQ==, + } + engines: { node: '>= 10' } + cpu: [arm64] + os: [win32] + + '@node-rs/argon2-win32-ia32-msvc@2.0.2': + resolution: + { + integrity: sha512-GsE2ezwAYwh72f9gIjbGTZOf4HxEksb5M2eCaj+Y5rGYVwAdt7C12Q2e9H5LRYxWcFvLH4m4jiSZpQQ4upnPAQ==, + } + engines: { node: '>= 10' } + cpu: [ia32] + os: [win32] + + '@node-rs/argon2-win32-x64-msvc@2.0.2': + resolution: + { + integrity: sha512-cJxWXanH4Ew9CfuZ4IAEiafpOBCe97bzoKowHCGk5lG/7kR4WF/eknnBlHW9m8q7t10mKq75kruPLtbSDqgRTw==, + } + engines: { node: '>= 10' } + cpu: [x64] + os: [win32] + + '@node-rs/argon2@2.0.2': + resolution: + { + integrity: sha512-t64wIsPEtNd4aUPuTAyeL2ubxATCBGmeluaKXEMAFk/8w6AJIVVkeLKMBpgLW6LU2t5cQxT+env/c6jxbtTQBg==, + } + engines: { node: '>= 10' } + + '@otplib/core@13.4.0': + resolution: + { + integrity: sha512-JqOGcvZQi2wIkEQo8f3/iAjstavpXy6gouIDMHygjNuH6Q0FjbHOiXMdcE94RwfgDNMABhzwUmvaPsxvgm9NYw==, + } + + '@otplib/hotp@13.4.0': + resolution: + { + integrity: sha512-MJjE0x06mn2ptymz5qZmQveb+vWFuaIftqE0b5/TZZqUOK7l97cV8lRTmid5BpAQMwJDNLW6RnYxGeCRiNdekw==, + } + + '@otplib/plugin-base32-scure@13.4.0': + resolution: + { + integrity: sha512-/t9YWJmMbB8bF5z8mXrBZc2FXBe8B/3hG5FhWr9K8cFwFhyxScbPysmZe8s1UTzSA6N+s8Uv8aIfCtVXPNjJWw==, + } + + '@otplib/plugin-crypto-noble@13.4.0': + resolution: + { + integrity: sha512-KrvE4m7Zv+TT1944HzgqFJWJpKb6AyoxDbvhPStmBqdMlv5Gekb80d66cuFRL08kkPgJ5gXUSb5SFpYeB+bACg==, + } + + '@otplib/totp@13.4.0': + resolution: + { + integrity: sha512-dK+vl0f0ekzf6mCENRI9AKS2NJUC7OjI3+X8e7QSnhQ2WM7I+i4PGpb3QxKi5hxjTtwVuoZwXR2CFtXdcRtNdQ==, + } + + '@otplib/uri@13.4.0': + resolution: + { + integrity: sha512-x1ozBa5bPbdZCrrTL/HK21qchiK7jYElTu+0ft22abeEhiLYgH1+SIULvOcVk3CK8YwF4kdcidvkq4ciejucJA==, + } + + '@radix-ui/primitive@1.1.3': + resolution: + { + integrity: sha512-JTF99U/6XIjCBo0wqkU5sK10glYe27MRRsfwoiq5zzOEZLHU3A3KCMa5X/azekYRCJ0HlwI0crAXS/5dEHTzDg==, + } + + '@radix-ui/react-collection@1.1.7': + resolution: + { + integrity: sha512-Fh9rGN0MoI4ZFUNyfFVNU4y9LUz93u9/0K+yLgA2bwRojxM8JU1DyvvMBabnZPBgMWREAJvU2jjVzq+LrFUglw==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-compose-refs@1.1.2': + resolution: + { + integrity: sha512-z4eqJvfiNnFMHIIvXP3CY57y2WJs5g2v3X0zm9mEJkrkNv4rDxu+sg9Jh8EkXyeqBkB7SOcboo9dMVqhyrACIg==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-context@1.1.2': + resolution: + { + integrity: sha512-jCi/QKUM2r1Ju5a3J64TH2A5SpKAgh0LpknyqdQ4m6DCV0xJ2HG1xARRwNGPQfi1SLdLWZ1OJz6F4OMBBNiGJA==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-dialog@1.1.15': + resolution: + { + integrity: sha512-TCglVRtzlffRNxRMEyR36DGBLJpeusFcgMVD9PZEzAKnUs1lKCgX5u9BmC2Yg+LL9MgZDugFFs1Vl+Jp4t/PGw==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-direction@1.1.1': + resolution: + { + integrity: sha512-1UEWRX6jnOA2y4H5WczZ44gOOjTEmlqv1uNW4GAJEO5+bauCBhv8snY65Iw5/VOS/ghKN9gr2KjnLKxrsvoMVw==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-dismissable-layer@1.1.11': + resolution: + { + integrity: sha512-Nqcp+t5cTB8BinFkZgXiMJniQH0PsUt2k51FUhbdfeKvc4ACcG2uQniY/8+h1Yv6Kza4Q7lD7PQV0z0oicE0Mg==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-focus-guards@1.1.3': + resolution: + { + integrity: sha512-0rFg/Rj2Q62NCm62jZw0QX7a3sz6QCQU0LpZdNrJX8byRGaGVTqbrW9jAoIAHyMQqsNpeZ81YgSizOt5WXq0Pw==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-focus-scope@1.1.7': + resolution: + { + integrity: sha512-t2ODlkXBQyn7jkl6TNaw/MtVEVvIGelJDCG41Okq/KwUsJBwQ4XVZsHAVUkK4mBv3ewiAS3PGuUWuY2BoK4ZUw==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-id@1.1.1': + resolution: + { + integrity: sha512-kGkGegYIdQsOb4XjsfM97rXsiHaBwco+hFI66oO4s9LU+PLAC5oJ7khdOVFxkhsmlbpUqDAvXw11CluXP+jkHg==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-label@2.1.8': + resolution: + { + integrity: sha512-FmXs37I6hSBVDlO4y764TNz1rLgKwjJMQ0EGte6F3Cb3f4bIuHB/iLa/8I9VKkmOy+gNHq8rql3j686ACVV21A==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-portal@1.1.9': + resolution: + { + integrity: sha512-bpIxvq03if6UNwXZ+HTK71JLh4APvnXntDc6XOX8UVq4XQOVl7lwok0AvIl+b8zgCw3fSaVTZMpAPPagXbKmHQ==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-presence@1.1.5': + resolution: + { + integrity: sha512-/jfEwNDdQVBCNvjkGit4h6pMOzq8bHkopq458dPt2lMjx+eBQUohZNG9A7DtO/O5ukSbxuaNGXMjHicgwy6rQQ==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-primitive@2.1.3': + resolution: + { + integrity: sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-primitive@2.1.4': + resolution: + { + integrity: sha512-9hQc4+GNVtJAIEPEqlYqW5RiYdrr8ea5XQ0ZOnD6fgru+83kqT15mq2OCcbe8KnjRZl5vF3ks69AKz3kh1jrhg==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-roving-focus@1.1.11': + resolution: + { + integrity: sha512-7A6S9jSgm/S+7MdtNDSb+IU859vQqJ/QAtcYQcfFC6W8RS4IxIZDldLR0xqCFZ6DCyrQLjLPsxtTNch5jVA4lA==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-slot@1.2.3': + resolution: + { + integrity: sha512-aeNmHnBxbi2St0au6VBVC7JXFlhLlOnvIIlePNniyUNAClzmtAUEY8/pBiK3iHjufOlwA+c20/8jngo7xcrg8A==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-slot@1.2.4': + resolution: + { + integrity: sha512-Jl+bCv8HxKnlTLVrcDE8zTMJ09R9/ukw4qBs/oZClOfoQk/cOTbDn+NceXfV7j09YPVQUryJPHurafcSg6EVKA==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-tabs@1.1.13': + resolution: + { + integrity: sha512-7xdcatg7/U+7+Udyoj2zodtI9H/IIopqo+YOIcZOq1nJwXWBZ9p8xiu5llXlekDbZkca79a/fozEYQXIA4sW6A==, + } + peerDependencies: + '@types/react': '*' + '@types/react-dom': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + '@types/react-dom': + optional: true + + '@radix-ui/react-use-callback-ref@1.1.1': + resolution: + { + integrity: sha512-FkBMwD+qbGQeMu1cOHnuGB6x4yzPjho8ap5WtbEJ26umhgqVXbhekKUQO+hZEL1vU92a3wHwdp0HAcqAUF5iDg==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-use-controllable-state@1.2.2': + resolution: + { + integrity: sha512-BjasUjixPFdS+NKkypcyyN5Pmg83Olst0+c6vGov0diwTEo6mgdqVR6hxcEgFuh4QrAs7Rc+9KuGJ9TVCj0Zzg==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-use-effect-event@0.0.2': + resolution: + { + integrity: sha512-Qp8WbZOBe+blgpuUT+lw2xheLP8q0oatc9UpmiemEICxGvFLYmHm9QowVZGHtJlGbS6A6yJ3iViad/2cVjnOiA==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-use-escape-keydown@1.1.1': + resolution: + { + integrity: sha512-Il0+boE7w/XebUHyBjroE+DbByORGR9KKmITzbR7MyQ4akpORYP/ZmbhAr0DG7RmmBqoOnZdy2QlvajJ2QA59g==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@radix-ui/react-use-layout-effect@1.1.1': + resolution: + { + integrity: sha512-RbJRS4UWQFkzHTTwVymMTUv8EqYhOp8dOOviLj2ugtTiXRaRQS7GLGxZTLL1jWhMeoSCf5zmcZkqTl9IiYfXcQ==, + } + peerDependencies: + '@types/react': '*' + react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + '@rolldown/pluginutils@1.0.0-rc.3': + resolution: + { + integrity: sha512-eybk3TjzzzV97Dlj5c+XrBFW57eTNhzod66y9HrBlzJ6NsCrWCp/2kaPS3K9wJmurBC0Tdw4yPjXKZqlznim3Q==, + } + + '@rollup/rollup-android-arm-eabi@4.60.4': + resolution: + { + integrity: sha512-F5QXMSiFebS9hKZj02XhWLLnRpJ3B3AROP0tWbFBSj+6kCbg5m9j5JoHKd4mmSVy5mS/IMQloYgYxCuJC0fxEQ==, + } + cpu: [arm] + os: [android] + + '@rollup/rollup-android-arm64@4.60.4': + resolution: + { + integrity: sha512-GxxTKApUpzRhof7poWvCJHRF51C67u1R7D6DiluBE8wKU1u5GWE8t+v81JvJYtbawoBFX1hLv5Ei4eVjkWokaw==, + } + cpu: [arm64] + os: [android] + + '@rollup/rollup-darwin-arm64@4.60.4': + resolution: + { + integrity: sha512-tua0TaJxMOB1R0V0RS1jFZ/RpURFDJIOR2A6jWwQeawuFyS4gBW+rntLRaQd0EQ4bd6Vp44Z2rXW+YYDBsj6IA==, + } + cpu: [arm64] + os: [darwin] + + '@rollup/rollup-darwin-x64@4.60.4': + resolution: + { + integrity: sha512-CSKq7MsP+5PFIcydhAiR1K0UhEI1A2jWXVKHPCBZ151yOutENwvnPocgVHkivu2kviURtCEB6zUQw0vs8RrhMg==, + } + cpu: [x64] + os: [darwin] + + '@rollup/rollup-freebsd-arm64@4.60.4': + resolution: + { + integrity: sha512-+O8OkVdyvXMtJEciu2wS/pzm1IxntEEQx3z5TAVy4l32G0etZn+RsA48ARRrFm6Ri8fvqPQfgrvNxSjKAbnd3g==, + } + cpu: [arm64] + os: [freebsd] + + '@rollup/rollup-freebsd-x64@4.60.4': + resolution: + { + integrity: sha512-Iw3oMskH3AfNuhU0MSN7vNbdi4me/NiYo2azqPz/Le16zHSa+3RRmliCMWWQmh4lcndccU40xcJuTYJZxNo/lw==, + } + cpu: [x64] + os: [freebsd] + + '@rollup/rollup-linux-arm-gnueabihf@4.60.4': + resolution: + { + integrity: sha512-EIPRXTVQpHyF8WOo219AD2yEltPehLTcTMz2fn6JsatLYSzQf00hj3rulF+yauOlF9/FtM2WpkT/hJh/KJFGhA==, + } + cpu: [arm] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-arm-musleabihf@4.60.4': + resolution: + { + integrity: sha512-J3Yh9PzzF1Ovah2At+lHiGQdsYgArxBbXv/zHfSyaiFQEqvNv7DcW98pCrmdjCZBrqBiKrKKe2V+aaSGWuBe/w==, + } + cpu: [arm] + os: [linux] + libc: [musl] + + '@rollup/rollup-linux-arm64-gnu@4.60.4': + resolution: + { + integrity: sha512-BFDEZMYfUvLn37ONE1yMBojPxnMlTFsdyNoqncT0qFq1mAfllL+ATMMJd8TeuVMiX84s1KbcxcZbXInmcO2mRg==, + } + cpu: [arm64] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-arm64-musl@4.60.4': + resolution: + { + integrity: sha512-pc9EYOSlOgdQ2uPl1o9PF6/kLSgaUosia7gOuS8mB69IxJvlclko1MECXysjs5ryez1/5zjYqx3+xYU0TU6R1A==, + } + cpu: [arm64] + os: [linux] + libc: [musl] + + '@rollup/rollup-linux-loong64-gnu@4.60.4': + resolution: + { + integrity: sha512-NxnomyxYerDh5n4iLrNa+sH+Z+U4BMEE46V2PgQ/hoB909i8gV1M5wPojWg9fk1jWpO3IQnOs20K4wyZuFLEFQ==, + } + cpu: [loong64] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-loong64-musl@4.60.4': + resolution: + { + integrity: sha512-nbJnQ8a3z1mtmrwImCYhc6BGpThAyYVRQxw9uKSKG4wR6aAYno9sVjJ0zaZcW9BPJX1GbrDPf+SvdWjgTuDmnw==, + } + cpu: [loong64] + os: [linux] + libc: [musl] + + '@rollup/rollup-linux-ppc64-gnu@4.60.4': + resolution: + { + integrity: sha512-2EU6acNrQLd8tYvo/LXW535wupT3m6fo7HKo6lr7ktQoItxTyOL1ZCR/GfGCuXl2vR+zmfI6eRXkSemafv+iVg==, + } + cpu: [ppc64] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-ppc64-musl@4.60.4': + resolution: + { + integrity: sha512-WeBtoMuaMxiiIrO2IYP3xs6GMWkJP2C0EoT8beTLkUPmzV1i/UcOSVw1d5r9KBODtHKilG5yFxsGRnBbK3wJ4A==, + } + cpu: [ppc64] + os: [linux] + libc: [musl] + + '@rollup/rollup-linux-riscv64-gnu@4.60.4': + resolution: + { + integrity: sha512-FJHFfqpKUI3A10WrWKiFbBZ7yVbGT4q4B5o1qKFFojqpaYoh9LrQgqWCmmcxQzVSXYtyB5bzkXrYzlHTs21MYA==, + } + cpu: [riscv64] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-riscv64-musl@4.60.4': + resolution: + { + integrity: sha512-mcEl6CUT5IAUmQf1m9FYSmVqCJlpQ8r8eyftFUHG8i9OhY7BkBXSUdnLH5DOf0wCOjcP9v/QO93zpmF1SptCCw==, + } + cpu: [riscv64] + os: [linux] + libc: [musl] + + '@rollup/rollup-linux-s390x-gnu@4.60.4': + resolution: + { + integrity: sha512-ynt3JxVd2w2buzoKDWIyiV1pJW93xlQic1THVLXilz429oijRpSHivZAgp65KBu+cMcgf1eVVjdnTLvPxgCuoQ==, + } + cpu: [s390x] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-x64-gnu@4.60.4': + resolution: + { + integrity: sha512-Boiz5+MsaROEWDf+GGEwF8VMHGhlUoQMtIPjOgA5fv4osupqTVnJteQNKJwUcnUog2G55jYXH7KZFFiJe0TEzQ==, + } + cpu: [x64] + os: [linux] + libc: [glibc] + + '@rollup/rollup-linux-x64-musl@4.60.4': + resolution: + { + integrity: sha512-+qfSY27qIrFfI/Hom04KYFw3GKZSGU4lXus51wsb5EuySfFlWRwjkKWoE9emgRw/ukoT4Udsj4W/+xxG8VbPKg==, + } + cpu: [x64] + os: [linux] + libc: [musl] + + '@rollup/rollup-openbsd-x64@4.60.4': + resolution: + { + integrity: sha512-VpTfOPHgVXEBeeR8hZ2O0F3aSso+JDWqTWmTmzcQKted54IAdUVbxE+j/MVxUsKa8L20HJhv3vUezVPoquqWjA==, + } + cpu: [x64] + os: [openbsd] + + '@rollup/rollup-openharmony-arm64@4.60.4': + resolution: + { + integrity: sha512-IPOsh5aRYuLv/nkU51X10Bf75Bsf6+gZdx1X+QP5QM6lIJFHHqbHLG0uJn/hWthzo13UAc2umiUorqZy3axoZg==, + } + cpu: [arm64] + os: [openharmony] + + '@rollup/rollup-win32-arm64-msvc@4.60.4': + resolution: + { + integrity: sha512-4QzE9E81OohJ/HKzHhsqU+zcYYojVOXlFMs1DdyMT6qXl/niOH7AVElmmEdUNHHS/oRkc++d5k6Vy85zFs0DEw==, + } + cpu: [arm64] + os: [win32] + + '@rollup/rollup-win32-ia32-msvc@4.60.4': + resolution: + { + integrity: sha512-zTPgT1YuHHcd+Tmx7h8aml0FWFVelV5N54oHow9SLj+GfoDy/huQ+UV396N/C7KpMDMiPspRktzM1/0r1usYEA==, + } + cpu: [ia32] + os: [win32] + + '@rollup/rollup-win32-x64-gnu@4.60.4': + resolution: + { + integrity: sha512-DRS4G7mi9lJxqEDezIkKCaUIKCrLUUDCUaCsTPCi/rtqaC6D/jjwslMQyiDU50Ka0JKpeXeRBFBAXwArY52vBw==, + } + cpu: [x64] + os: [win32] + + '@rollup/rollup-win32-x64-msvc@4.60.4': + resolution: + { + integrity: sha512-QVTUovf40zgTqlFVrKA1uXMVvU2QWEFWfAH8Wdc48IxLvrJMQVMBRjuQyUpzZCDkakImib9eVazbWlC6ksWtJw==, + } + cpu: [x64] + os: [win32] + + '@scure/base@2.2.0': + resolution: + { + integrity: sha512-b8XEupJibegiXV+tDUseI8oLQc8ei3d/4Jkb2RpbHh3MfE054ov3uIz2dhFkB3FI8iwYkEh0gGCApkrYggkPNg==, + } + + '@standard-schema/spec@1.1.0': + resolution: + { + integrity: sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==, + } + + '@tybys/wasm-util@0.10.2': + resolution: + { + integrity: sha512-RoBvJ2X0wuKlWFIjrwffGw1IqZHKQqzIchKaadZZfnNpsAYp2mM0h36JtPCjNDAHGgYez/15uMBpfGwchhiMgg==, + } + + '@types/babel__core@7.20.5': + resolution: + { + integrity: sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA==, + } + + '@types/babel__generator@7.27.0': + resolution: + { + integrity: sha512-ufFd2Xi92OAVPYsy+P4n7/U7e68fex0+Ee8gSG9KX7eo084CWiQ4sdxktvdl0bOPupXtVJPY19zk6EwWqUQ8lg==, + } + + '@types/babel__template@7.4.4': + resolution: + { + integrity: sha512-h/NUaSyG5EyxBIp8YRxo4RMe2/qQgvyowRwVMzhYhBCONbW8PUsg4lkFMrhgZhUe5z3L3MiLDuvyJ/CaPa2A8A==, + } + + '@types/babel__traverse@7.28.0': + resolution: + { + integrity: sha512-8PvcXf70gTDZBgt9ptxJ8elBeBjcLOAcOtoO/mPJjtji1+CdGbHgm77om1GrsPxsiE+uXIpNSK64UYaIwQXd4Q==, + } + + '@types/chai@5.2.3': + resolution: + { + integrity: sha512-Mw558oeA9fFbv65/y4mHtXDs9bPnFMZAL/jxdPFUpOHHIXX91mcgEHbS5Lahr+pwZFR8A7GQleRWeI6cGFC2UA==, + } + + '@types/deep-eql@4.0.2': + resolution: + { + integrity: sha512-c9h9dVVMigMPc4bwTvC5dxqtqJZwQPePsWjPlpSOnojbor6pGqdk541lfA7AqFQr5pB1BRdq0juY9db81BwyFw==, + } + + '@types/estree@1.0.8': + resolution: + { + integrity: sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==, + } + + '@types/estree@1.0.9': + resolution: + { + integrity: sha512-GhdPgy1el4/ImP05X05Uw4cw2/M93BCUmnEvWZNStlCzEKME4Fkk+YpoA5OiHNQmoS7Cafb8Xa3Pya8m1Qrzeg==, + } + + '@types/json-schema@7.0.15': + resolution: + { + integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==, + } + + '@vitejs/plugin-react@5.2.0': + resolution: + { + integrity: sha512-YmKkfhOAi3wsB1PhJq5Scj3GXMn3WvtQ/JC0xoopuHoXSdmtdStOpFrYaT1kie2YgFBcIe64ROzMYRjCrYOdYw==, + } + engines: { node: ^20.19.0 || >=22.12.0 } + peerDependencies: + vite: ^4.2.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 + + '@vitest/expect@4.1.6': + resolution: + { + integrity: sha512-7EHDquPthALSV0jhhjgEW8FXaviMx7rSqu8W6oqCoAuOhKov814P99QDV1pxMA3QPv21YudvJngIhjrNI4opLg==, + } + + '@vitest/mocker@4.1.6': + resolution: + { + integrity: sha512-MCFc63czMjEInOlcY2cpQCvCN+KgbAn+60xu9cMgP4sKaLC5JNAKw7JH8QdAnoAC88hW1IiSNZ+GgVXlN1UcMQ==, + } + peerDependencies: + msw: ^2.4.9 + vite: ^6.0.0 || ^7.0.0 || ^8.0.0 + peerDependenciesMeta: + msw: + optional: true + vite: + optional: true + + '@vitest/pretty-format@4.1.6': + resolution: + { + integrity: sha512-h5SxD/IzNhZYnrSZRsUZQIC+vD0GY8cUvq0iwsmkFKixRCKLLWqCXa/FIQ4S1R+sI+PGoojkHsdNrbZiM9Qpgw==, + } + + '@vitest/runner@4.1.6': + resolution: + { + integrity: sha512-nOPCmn2+yD0ZNmKdsXGv/UxMMWbMuKeD6GyYncNwdkYDxpQvrPSKYj2rWuDjC2Y4b6w6hjip5dBKFzEUuZe3vA==, + } + + '@vitest/snapshot@4.1.6': + resolution: + { + integrity: sha512-YhsdE6xAVfTDmzjxL2ZDUvjj+ZsgyOKe+TdQzqkD72wIOmHka8NuGQ6NpTNZv9D2Z63fbwWKJPeVpEw4EQgYxw==, + } + + '@vitest/spy@4.1.6': + resolution: + { + integrity: sha512-JFKxMx6udhwKh/Ldo270e17QX710vgunMkuPAvXjHSvC6oqLWAHhVhjg/I71q0u0CBSErIODV1Kjv0FQNSWjdg==, + } + + '@vitest/utils@4.1.6': + resolution: + { + integrity: sha512-FxIY+U81R3LGKCxaHHFRQ5+g6/iRgGLmeHWdp2Amj4ljQRrEIWHmZyDfDYBRZlpyqA7qKxtS9DD1dhk8RnRIVQ==, + } + + acorn-jsx@5.3.2: + resolution: + { + integrity: sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==, + } + peerDependencies: + acorn: ^6.0.0 || ^7.0.0 || ^8.0.0 + + acorn@8.16.0: + resolution: + { + integrity: sha512-UVJyE9MttOsBQIDKw1skb9nAwQuR5wuGD3+82K6JgJlm/Y+KI92oNsMNGZCYdDsVtRHSak0pcV5Dno5+4jh9sw==, + } + engines: { node: '>=0.4.0' } + hasBin: true + + agent-base@7.1.4: + resolution: + { + integrity: sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==, + } + engines: { node: '>= 14' } + + ajv@6.15.0: + resolution: + { + integrity: sha512-fgFx7Hfoq60ytK2c7DhnF8jIvzYgOMxfugjLOSMHjLIPgenqa7S7oaagATUq99mV6IYvN2tRmC0wnTYX6iPbMw==, + } + + ansi-regex@5.0.1: + resolution: + { + integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==, + } + engines: { node: '>=8' } + + ansi-styles@4.3.0: + resolution: + { + integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==, + } + engines: { node: '>=8' } + + argparse@2.0.1: + resolution: + { + integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==, + } + + aria-hidden@1.2.6: + resolution: + { + integrity: sha512-ik3ZgC9dY/lYVVM++OISsaYDeg1tb0VtP5uL3ouh1koGOaUMDPpbFIei4JkFimWUFPn90sbMNMXQAIVOlnYKJA==, + } + engines: { node: '>=10' } + + array-buffer-byte-length@1.0.2: + resolution: + { + integrity: sha512-LHE+8BuR7RYGDKvnrmcuSq3tDcKv9OFEXQt/HpbZhY7V6h0zlUXutnAD82GiFx9rdieCMjkvtcsPqBwgUl1Iiw==, + } + engines: { node: '>= 0.4' } + + array-includes@3.1.9: + resolution: + { + integrity: sha512-FmeCCAenzH0KH381SPT5FZmiA/TmpndpcaShhfgEN9eCVjnFBqq3l1xrI42y8+PPLI6hypzou4GXw00WHmPBLQ==, + } + engines: { node: '>= 0.4' } + + array.prototype.findlast@1.2.5: + resolution: + { + integrity: sha512-CVvd6FHg1Z3POpBLxO6E6zr+rSKEQ9L6rZHAaY7lLfhKsWYUBBOuMs0e9o24oopj6H+geRCX0YJ+TJLBK2eHyQ==, + } + engines: { node: '>= 0.4' } + + array.prototype.flat@1.3.3: + resolution: + { + integrity: sha512-rwG/ja1neyLqCuGZ5YYrznA62D4mZXg0i1cIskIUKSiqF3Cje9/wXAls9B9s1Wa2fomMsIv8czB8jZcPmxCXFg==, + } + engines: { node: '>= 0.4' } + + array.prototype.flatmap@1.3.3: + resolution: + { + integrity: sha512-Y7Wt51eKJSyi80hFrJCePGGNo5ktJCslFuboqJsbf57CCPcm5zztluPlc4/aD8sWsKvlwatezpV4U1efk8kpjg==, + } + engines: { node: '>= 0.4' } + + array.prototype.tosorted@1.1.4: + resolution: + { + integrity: sha512-p6Fx8B7b7ZhL/gmUsAy0D15WhvDccw3mnGNbZpi3pmeJdxtWsj2jEaI4Y6oo3XiHfzuSgPwKc04MYt6KgvC/wA==, + } + engines: { node: '>= 0.4' } + + arraybuffer.prototype.slice@1.0.4: + resolution: + { + integrity: sha512-BNoCY6SXXPQ7gF2opIP4GBE+Xw7U+pHMYKuzjgCN3GwiaIR09UUeKfheyIry77QtrCBlC0KK0q5/TER/tYh3PQ==, + } + engines: { node: '>= 0.4' } + + asn1.js@5.4.1: + resolution: + { + integrity: sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==, + } + + assertion-error@2.0.1: + resolution: + { + integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==, + } + engines: { node: '>=12' } + + async-function@1.0.0: + resolution: + { + integrity: sha512-hsU18Ae8CDTR6Kgu9DYf0EbCr/a5iGL0rytQDobUcdpYOKokk8LEjVphnXkDkgpi0wYVsqrXuP0bZxJaTqdgoA==, + } + engines: { node: '>= 0.4' } + + available-typed-arrays@1.0.7: + resolution: + { + integrity: sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==, + } + engines: { node: '>= 0.4' } + + balanced-match@1.0.2: + resolution: + { + integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==, + } + + baseline-browser-mapping@2.10.31: + resolution: + { + integrity: sha512-MujYO3eP72uvmSE0i4wltsodRfIpZATP3jvzRNRGGxgzId7aVocVJJV3nf01qnzzKFGxQVC9bpWxl5cjxTr/7Q==, + } + engines: { node: '>=6.0.0' } + hasBin: true + + bn.js@4.12.3: + resolution: + { + integrity: sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==, + } + + brace-expansion@1.1.14: + resolution: + { + integrity: sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==, + } + + browserslist@4.28.2: + resolution: + { + integrity: sha512-48xSriZYYg+8qXna9kwqjIVzuQxi+KYWp2+5nCYnYKPTr0LvD89Jqk2Or5ogxz0NUMfIjhh2lIUX/LyX9B4oIg==, + } + engines: { node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7 } + hasBin: true + + buffer-equal-constant-time@1.0.1: + resolution: + { + integrity: sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==, + } + + call-bind-apply-helpers@1.0.2: + resolution: + { + integrity: sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==, + } + engines: { node: '>= 0.4' } + + call-bind@1.0.9: + resolution: + { + integrity: sha512-a/hy+pNsFUTR+Iz8TCJvXudKVLAnz/DyeSUo10I5yvFDQJBFU2s9uqQpoSrJlroHUKoKqzg+epxyP9lqFdzfBQ==, + } + engines: { node: '>= 0.4' } + + call-bound@1.0.4: + resolution: + { + integrity: sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==, + } + engines: { node: '>= 0.4' } + + callsites@3.1.0: + resolution: + { + integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==, + } + engines: { node: '>=6' } + + caniuse-lite@1.0.30001793: + resolution: + { + integrity: sha512-iwSsYWaCOoh26cV8NwNRViHlrfUvYsHDfRVcbtmw0Kg6PJIZZXwMkj1442FYLBGkeUf1juAsU3DTfxW579mrPA==, + } + + chai@6.2.2: + resolution: + { + integrity: sha512-NUPRluOfOiTKBKvWPtSD4PhFvWCqOi0BGStNWs57X9js7XGTprSmFoz5F0tWhR4WPjNeR9jXqdC7/UpSJTnlRg==, + } + engines: { node: '>=18' } + + chalk@4.1.2: + resolution: + { + integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==, + } + engines: { node: '>=10' } + + cliui@8.0.1: + resolution: + { + integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==, + } + engines: { node: '>=12' } + + color-convert@2.0.1: + resolution: + { + integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==, + } + engines: { node: '>=7.0.0' } + + color-name@1.1.4: + resolution: + { + integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==, + } + + concat-map@0.0.1: + resolution: + { + integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==, + } + + concurrently@9.2.1: + resolution: + { + integrity: sha512-fsfrO0MxV64Znoy8/l1vVIjjHa29SZyyqPgQBwhiDcaW8wJc2W3XWVOGx4M3oJBnv/zdUZIIp1gDeS98GzP8Ng==, + } + engines: { node: '>=18' } + hasBin: true + + convert-source-map@2.0.0: + resolution: + { + integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==, + } + + cross-spawn@7.0.6: + resolution: + { + integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==, + } + engines: { node: '>= 8' } + + data-view-buffer@1.0.2: + resolution: + { + integrity: sha512-EmKO5V3OLXh1rtK2wgXRansaK1/mtVdTUEiEI0W8RkvgT05kfxaH29PliLnpLP73yYO6142Q72QNa8Wx/A5CqQ==, + } + engines: { node: '>= 0.4' } + + data-view-byte-length@1.0.2: + resolution: + { + integrity: sha512-tuhGbE6CfTM9+5ANGf+oQb72Ky/0+s3xKUpHvShfiz2RxMFgFPjsXuRLBVMtvMs15awe45SRb83D6wH4ew6wlQ==, + } + engines: { node: '>= 0.4' } + + data-view-byte-offset@1.0.1: + resolution: + { + integrity: sha512-BS8PfmtDGnrgYdOonGZQdLZslWIeCGFP9tpan0hi1Co2Zr2NKADsvGYA8XxuG/4UWgJ6Cjtv+YJnB6MM69QGlQ==, + } + engines: { node: '>= 0.4' } + + debug@4.4.3: + resolution: + { + integrity: sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==, + } + engines: { node: '>=6.0' } + peerDependencies: + supports-color: '*' + peerDependenciesMeta: + supports-color: + optional: true + + deep-is@0.1.4: + resolution: + { + integrity: sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==, + } + + define-data-property@1.1.4: + resolution: + { + integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==, + } + engines: { node: '>= 0.4' } + + define-properties@1.2.1: + resolution: + { + integrity: sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==, + } + engines: { node: '>= 0.4' } + + detect-node-es@1.1.0: + resolution: + { + integrity: sha512-ypdmJU/TbBby2Dxibuv7ZLW3Bs1QEmM7nHjEANfohJLvE0XVujisn1qPJcZxg+qDucsr+bP6fLD1rPS3AhJ7EQ==, + } + + doctrine@2.1.0: + resolution: + { + integrity: sha512-35mSku4ZXK0vfCuHEDAwt55dg2jNajHZ1odvF+8SSr82EsZY4QmXfuWso8oEd8zRhVObSN18aM0CjSdoBX7zIw==, + } + engines: { node: '>=0.10.0' } + + dunder-proto@1.0.1: + resolution: + { + integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==, + } + engines: { node: '>= 0.4' } + + ecdsa-sig-formatter@1.0.11: + resolution: + { + integrity: sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==, + } + + electron-to-chromium@1.5.359: + resolution: + { + integrity: sha512-8lPELWuYZIWk7NDvCNthtmMw/7Q5Wu25NpM4djFMHBmk8DubPAtL4YTOp7ou0e7HyJtwkVlWv8XMLURnrtgJQw==, + } + + emoji-regex@8.0.0: + resolution: + { + integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==, + } + + es-abstract@1.24.2: + resolution: + { + integrity: sha512-2FpH9Q5i2RRwyEP1AylXe6nYLR5OhaJTZwmlcP0dL/+JCbgg7yyEo/sEK6HeGZRf3dFpWwThaRHVApXSkW3xeg==, + } + engines: { node: '>= 0.4' } + + es-define-property@1.0.1: + resolution: + { + integrity: sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==, + } + engines: { node: '>= 0.4' } + + es-errors@1.3.0: + resolution: + { + integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==, + } + engines: { node: '>= 0.4' } + + es-iterator-helpers@1.3.2: + resolution: + { + integrity: sha512-HVLACW1TppGYjJ8H6/jqH/pqOtKRw6wMlrB23xfExmFWxFquAIWCmwoLsOyN96K4a5KbmOf5At9ZUO3GZbetAw==, + } + engines: { node: '>= 0.4' } + + es-module-lexer@2.1.0: + resolution: + { + integrity: sha512-n27zTYMjYu1aj4MjCWzSP7G9r75utsaoc8m61weK+W8JMBGGQybd43GstCXZ3WNmSFtGT9wi59qQTW6mhTR5LQ==, + } + + es-object-atoms@1.1.1: + resolution: + { + integrity: sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==, + } + engines: { node: '>= 0.4' } + + es-set-tostringtag@2.1.0: + resolution: + { + integrity: sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==, + } + engines: { node: '>= 0.4' } + + es-shim-unscopables@1.1.0: + resolution: + { + integrity: sha512-d9T8ucsEhh8Bi1woXCf+TIKDIROLG5WCkxg8geBCbvk22kzwC5G2OnXVMO6FUsvQlgUUXQ2itephWDLqDzbeCw==, + } + engines: { node: '>= 0.4' } + + es-to-primitive@1.3.0: + resolution: + { + integrity: sha512-w+5mJ3GuFL+NjVtJlvydShqE1eN3h3PbI7/5LAsYJP/2qtuMXjfL2LpHSRqo4b4eSF5K/DH1JXKUAHSB2UW50g==, + } + engines: { node: '>= 0.4' } + + esbuild@0.27.7: + resolution: + { + integrity: sha512-IxpibTjyVnmrIQo5aqNpCgoACA/dTKLTlhMHihVHhdkxKyPO1uBBthumT0rdHmcsk9uMonIWS0m4FljWzILh3w==, + } + engines: { node: '>=18' } + hasBin: true + + escalade@3.2.0: + resolution: + { + integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==, + } + engines: { node: '>=6' } + + escape-string-regexp@4.0.0: + resolution: + { + integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==, + } + engines: { node: '>=10' } + + eslint-plugin-react-hooks@7.1.1: + resolution: + { + integrity: sha512-f2I7Gw6JbvCexzIInuSbZpfdQ44D7iqdWX01FKLvrPgqxoE7oMj8clOfto8U6vYiz4yd5oKu39rRSVOe1zRu0g==, + } + engines: { node: '>=18' } + peerDependencies: + eslint: ^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0-0 || ^9.0.0 || ^10.0.0 + + eslint-plugin-react-refresh@0.4.26: + resolution: + { + integrity: sha512-1RETEylht2O6FM/MvgnyvT+8K21wLqDNg4qD51Zj3guhjt433XbnnkVttHMyaVyAFD03QSV4LPS5iE3VQmO7XQ==, + } + peerDependencies: + eslint: '>=8.40' + + eslint-plugin-react@7.37.5: + resolution: + { + integrity: sha512-Qteup0SqU15kdocexFNAJMvCJEfa2xUKNV4CC1xsVMrIIqEy3SQ/rqyxCWNzfrd3/ldy6HMlD2e0JDVpDg2qIA==, + } + engines: { node: '>=4' } + peerDependencies: + eslint: ^3 || ^4 || ^5 || ^6 || ^7 || ^8 || ^9.7 + + eslint-scope@8.4.0: + resolution: + { + integrity: sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + eslint-visitor-keys@3.4.3: + resolution: + { + integrity: sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==, + } + engines: { node: ^12.22.0 || ^14.17.0 || >=16.0.0 } + + eslint-visitor-keys@4.2.1: + resolution: + { + integrity: sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + eslint@9.39.4: + resolution: + { + integrity: sha512-XoMjdBOwe/esVgEvLmNsD3IRHkm7fbKIUGvrleloJXUZgDHig2IPWNniv+GwjyJXzuNqVjlr5+4yVUZjycJwfQ==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + hasBin: true + peerDependencies: + jiti: '*' + peerDependenciesMeta: + jiti: + optional: true + + espree@10.4.0: + resolution: + { + integrity: sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ==, + } + engines: { node: ^18.18.0 || ^20.9.0 || >=21.1.0 } + + esquery@1.7.0: + resolution: + { + integrity: sha512-Ap6G0WQwcU/LHsvLwON1fAQX9Zp0A2Y6Y/cJBl9r/JbW90Zyg4/zbG6zzKa2OTALELarYHmKu0GhpM5EO+7T0g==, + } + engines: { node: '>=0.10' } + + esrecurse@4.3.0: + resolution: + { + integrity: sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==, + } + engines: { node: '>=4.0' } + + estraverse@5.3.0: + resolution: + { + integrity: sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==, + } + engines: { node: '>=4.0' } + + estree-walker@3.0.3: + resolution: + { + integrity: sha512-7RUKfXgSMMkzt6ZuXmqapOurLGPPfgj6l9uRZ7lRGolvk0y2yocc35LdcxKC5PQZdn2DMqioAQ2NoWcrTKmm6g==, + } + + esutils@2.0.3: + resolution: + { + integrity: sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==, + } + engines: { node: '>=0.10.0' } + + expect-type@1.3.0: + resolution: + { + integrity: sha512-knvyeauYhqjOYvQ66MznSMs83wmHrCycNEN6Ao+2AeYEfxUIkuiVxdEa1qlGEPK+We3n0THiDciYSsCcgW/DoA==, + } + engines: { node: '>=12.0.0' } + + fast-deep-equal@3.1.3: + resolution: + { + integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==, + } + + fast-json-stable-stringify@2.1.0: + resolution: + { + integrity: sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==, + } + + fast-levenshtein@2.0.6: + resolution: + { + integrity: sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==, + } + + fdir@6.5.0: + resolution: + { + integrity: sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==, + } + engines: { node: '>=12.0.0' } + peerDependencies: + picomatch: ^3 || ^4 + peerDependenciesMeta: + picomatch: + optional: true + + file-entry-cache@8.0.0: + resolution: + { + integrity: sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==, + } + engines: { node: '>=16.0.0' } + + find-up@5.0.0: + resolution: + { + integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==, + } + engines: { node: '>=10' } + + flat-cache@4.0.1: + resolution: + { + integrity: sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==, + } + engines: { node: '>=16' } + + flatted@3.4.2: + resolution: + { + integrity: sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==, + } + + for-each@0.3.5: + resolution: + { + integrity: sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg==, + } + engines: { node: '>= 0.4' } + + fsevents@2.3.3: + resolution: + { + integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==, + } + engines: { node: ^8.16.0 || ^10.6.0 || >=11.0.0 } + os: [darwin] + + function-bind@1.1.2: + resolution: + { + integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==, + } + + function.prototype.name@1.1.8: + resolution: + { + integrity: sha512-e5iwyodOHhbMr/yNrc7fDYG4qlbIvI5gajyzPnb5TCwyhjApznQh1BMFou9b30SevY43gCJKXycoCBjMbsuW0Q==, + } + engines: { node: '>= 0.4' } + + functions-have-names@1.2.3: + resolution: + { + integrity: sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==, + } + + generator-function@2.0.1: + resolution: + { + integrity: sha512-SFdFmIJi+ybC0vjlHN0ZGVGHc3lgE0DxPAT0djjVg+kjOnSqclqmj0KQ7ykTOLP6YxoqOvuAODGdcHJn+43q3g==, + } + engines: { node: '>= 0.4' } + + gensync@1.0.0-beta.2: + resolution: + { + integrity: sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==, + } + engines: { node: '>=6.9.0' } + + get-caller-file@2.0.5: + resolution: + { + integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==, + } + engines: { node: 6.* || 8.* || >= 10.* } + + get-intrinsic@1.3.0: + resolution: + { + integrity: sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==, + } + engines: { node: '>= 0.4' } + + get-nonce@1.0.1: + resolution: + { + integrity: sha512-FJhYRoDaiatfEkUK8HKlicmu/3SGFD51q3itKDGoSTysQJBnfOcxU5GxnhE1E6soB76MbT0MBtnKJuXyAx+96Q==, + } + engines: { node: '>=6' } + + get-proto@1.0.1: + resolution: + { + integrity: sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==, + } + engines: { node: '>= 0.4' } + + get-symbol-description@1.1.0: + resolution: + { + integrity: sha512-w9UMqWwJxHNOvoNzSJ2oPF5wvYcvP7jUvYzhp67yEhTi17ZDBBC1z9pTdGuzjD+EFIqLSYRweZjqfiPzQ06Ebg==, + } + engines: { node: '>= 0.4' } + + glob-parent@6.0.2: + resolution: + { + integrity: sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==, + } + engines: { node: '>=10.13.0' } + + globals@14.0.0: + resolution: + { + integrity: sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==, + } + engines: { node: '>=18' } + + globals@16.5.0: + resolution: + { + integrity: sha512-c/c15i26VrJ4IRt5Z89DnIzCGDn9EcebibhAOjw5ibqEHsE1wLUgkPn9RDmNcUKyU87GeaL633nyJ+pplFR2ZQ==, + } + engines: { node: '>=18' } + + globalthis@1.0.4: + resolution: + { + integrity: sha512-DpLKbNU4WylpxJykQujfCcwYWiV/Jhm50Goo0wrVILAv5jOr9d+H+UR3PhSCD2rCCEIg0uc+G+muBTwD54JhDQ==, + } + engines: { node: '>= 0.4' } + + gopd@1.2.0: + resolution: + { + integrity: sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==, + } + engines: { node: '>= 0.4' } + + has-bigints@1.1.0: + resolution: + { + integrity: sha512-R3pbpkcIqv2Pm3dUwgjclDRVmWpTJW2DcMzcIhEXEx1oh/CEMObMm3KLmRJOdvhM7o4uQBnwr8pzRK2sJWIqfg==, + } + engines: { node: '>= 0.4' } + + has-flag@4.0.0: + resolution: + { + integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==, + } + engines: { node: '>=8' } + + has-property-descriptors@1.0.2: + resolution: + { + integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==, + } + + has-proto@1.2.0: + resolution: + { + integrity: sha512-KIL7eQPfHQRC8+XluaIw7BHUwwqL19bQn4hzNgdr+1wXoU0KKj6rufu47lhY7KbJR2C6T6+PfyN0Ea7wkSS+qQ==, + } + engines: { node: '>= 0.4' } + + has-symbols@1.1.0: + resolution: + { + integrity: sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==, + } + engines: { node: '>= 0.4' } + + has-tostringtag@1.0.2: + resolution: + { + integrity: sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==, + } + engines: { node: '>= 0.4' } + + hasown@2.0.3: + resolution: + { + integrity: sha512-ej4AhfhfL2Q2zpMmLo7U1Uv9+PyhIZpgQLGT1F9miIGmiCJIoCgSmczFdrc97mWT4kVY72KA+WnnhJ5pghSvSg==, + } + engines: { node: '>= 0.4' } + + hermes-estree@0.25.1: + resolution: + { + integrity: sha512-0wUoCcLp+5Ev5pDW2OriHC2MJCbwLwuRx+gAqMTOkGKJJiBCLjtrvy4PWUGn6MIVefecRpzoOZ/UV6iGdOr+Cw==, + } + + hermes-parser@0.25.1: + resolution: + { + integrity: sha512-6pEjquH3rqaI6cYAXYPcz9MS4rY6R4ngRgrgfDshRptUZIc3lw0MCIJIGDj9++mfySOuPTHB4nrSW99BCvOPIA==, + } + + hono@4.12.21: + resolution: + { + integrity: sha512-uV63apnb0kyPtAUwoWgaGh9HyIFcv8lgmzPZSiTBQAFOFGIzka5EZ1dZocmGnn0XdX0+XTqJ6Tqv7selMuGLRQ==, + } + engines: { node: '>=16.9.0' } + + http_ece@1.2.0: + resolution: + { + integrity: sha512-JrF8SSLVmcvc5NducxgyOrKXe3EsyHMgBFgSaIUGmArKe+rwr0uphRkRXvwiom3I+fpIfoItveHrfudL8/rxuA==, + } + engines: { node: '>=16' } + + https-proxy-agent@7.0.6: + resolution: + { + integrity: sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==, + } + engines: { node: '>= 14' } + + ignore@5.3.2: + resolution: + { + integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==, + } + engines: { node: '>= 4' } + + import-fresh@3.3.1: + resolution: + { + integrity: sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==, + } + engines: { node: '>=6' } + + imurmurhash@0.1.4: + resolution: + { + integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==, + } + engines: { node: '>=0.8.19' } + + inherits@2.0.4: + resolution: + { + integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==, + } + + internal-slot@1.1.0: + resolution: + { + integrity: sha512-4gd7VpWNQNB4UKKCFFVcp1AVv+FMOgs9NKzjHKusc8jTMhd5eL1NqQqOpE0KzMds804/yHlglp3uxgluOqAPLw==, + } + engines: { node: '>= 0.4' } + + is-array-buffer@3.0.5: + resolution: + { + integrity: sha512-DDfANUiiG2wC1qawP66qlTugJeL5HyzMpfr8lLK+jMQirGzNod0B12cFB/9q838Ru27sBwfw78/rdoU7RERz6A==, + } + engines: { node: '>= 0.4' } + + is-async-function@2.1.1: + resolution: + { + integrity: sha512-9dgM/cZBnNvjzaMYHVoxxfPj2QXt22Ev7SuuPrs+xav0ukGB0S6d4ydZdEiM48kLx5kDV+QBPrpVnFyefL8kkQ==, + } + engines: { node: '>= 0.4' } + + is-bigint@1.1.0: + resolution: + { + integrity: sha512-n4ZT37wG78iz03xPRKJrHTdZbe3IicyucEtdRsV5yglwc3GyUfbAfpSeD0FJ41NbUNSt5wbhqfp1fS+BgnvDFQ==, + } + engines: { node: '>= 0.4' } + + is-boolean-object@1.2.2: + resolution: + { + integrity: sha512-wa56o2/ElJMYqjCjGkXri7it5FbebW5usLw/nPmCMs5DeZ7eziSYZhSmPRn0txqeW4LnAmQQU7FgqLpsEFKM4A==, + } + engines: { node: '>= 0.4' } + + is-callable@1.2.7: + resolution: + { + integrity: sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA==, + } + engines: { node: '>= 0.4' } + + is-core-module@2.16.2: + resolution: + { + integrity: sha512-evOr8xfXKxE6qSR0hSXL2r3sd7ALj8+7jQEUvPYcm5sgZFdJ+AYzT6yNmJenvIYQBgIGwfwz08sL8zoL7yq2BA==, + } + engines: { node: '>= 0.4' } + + is-data-view@1.0.2: + resolution: + { + integrity: sha512-RKtWF8pGmS87i2D6gqQu/l7EYRlVdfzemCJN/P3UOs//x1QE7mfhvzHIApBTRf7axvT6DMGwSwBXYCT0nfB9xw==, + } + engines: { node: '>= 0.4' } + + is-date-object@1.1.0: + resolution: + { + integrity: sha512-PwwhEakHVKTdRNVOw+/Gyh0+MzlCl4R6qKvkhuvLtPMggI1WAHt9sOwZxQLSGpUaDnrdyDsomoRgNnCfKNSXXg==, + } + engines: { node: '>= 0.4' } + + is-extglob@2.1.1: + resolution: + { + integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==, + } + engines: { node: '>=0.10.0' } + + is-finalizationregistry@1.1.1: + resolution: + { + integrity: sha512-1pC6N8qWJbWoPtEjgcL2xyhQOP491EQjeUo3qTKcmV8YSDDJrOepfG8pcC7h/QgnQHYSv0mJ3Z/ZWxmatVrysg==, + } + engines: { node: '>= 0.4' } + + is-fullwidth-code-point@3.0.0: + resolution: + { + integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==, + } + engines: { node: '>=8' } + + is-generator-function@1.1.2: + resolution: + { + integrity: sha512-upqt1SkGkODW9tsGNG5mtXTXtECizwtS2kA161M+gJPc1xdb/Ax629af6YrTwcOeQHbewrPNlE5Dx7kzvXTizA==, + } + engines: { node: '>= 0.4' } + + is-glob@4.0.3: + resolution: + { + integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==, + } + engines: { node: '>=0.10.0' } + + is-map@2.0.3: + resolution: + { + integrity: sha512-1Qed0/Hr2m+YqxnM09CjA2d/i6YZNfF6R2oRAOj36eUdS6qIV/huPJNSEpKbupewFs+ZsJlxsjjPbc0/afW6Lw==, + } + engines: { node: '>= 0.4' } + + is-negative-zero@2.0.3: + resolution: + { + integrity: sha512-5KoIu2Ngpyek75jXodFvnafB6DJgr3u8uuK0LEZJjrU19DrMD3EVERaR8sjz8CCGgpZvxPl9SuE1GMVPFHx1mw==, + } + engines: { node: '>= 0.4' } + + is-number-object@1.1.1: + resolution: + { + integrity: sha512-lZhclumE1G6VYD8VHe35wFaIif+CTy5SJIi5+3y4psDgWu4wPDoBhF8NxUOinEc7pHgiTsT6MaBb92rKhhD+Xw==, + } + engines: { node: '>= 0.4' } + + is-regex@1.2.1: + resolution: + { + integrity: sha512-MjYsKHO5O7mCsmRGxWcLWheFqN9DJ/2TmngvjKXihe6efViPqc274+Fx/4fYj/r03+ESvBdTXK0V6tA3rgez1g==, + } + engines: { node: '>= 0.4' } + + is-set@2.0.3: + resolution: + { + integrity: sha512-iPAjerrse27/ygGLxw+EBR9agv9Y6uLeYVJMu+QNCoouJ1/1ri0mGrcWpfCqFZuzzx3WjtwxG098X+n4OuRkPg==, + } + engines: { node: '>= 0.4' } + + is-shared-array-buffer@1.0.4: + resolution: + { + integrity: sha512-ISWac8drv4ZGfwKl5slpHG9OwPNty4jOWPRIhBpxOoD+hqITiwuipOQ2bNthAzwA3B4fIjO4Nln74N0S9byq8A==, + } + engines: { node: '>= 0.4' } + + is-string@1.1.1: + resolution: + { + integrity: sha512-BtEeSsoaQjlSPBemMQIrY1MY0uM6vnS1g5fmufYOtnxLGUZM2178PKbhsk7Ffv58IX+ZtcvoGwccYsh0PglkAA==, + } + engines: { node: '>= 0.4' } + + is-symbol@1.1.1: + resolution: + { + integrity: sha512-9gGx6GTtCQM73BgmHQXfDmLtfjjTUDSyoxTCbp5WtoixAhfgsDirWIcVQ/IHpvI5Vgd5i/J5F7B9cN/WlVbC/w==, + } + engines: { node: '>= 0.4' } + + is-typed-array@1.1.15: + resolution: + { + integrity: sha512-p3EcsicXjit7SaskXHs1hA91QxgTw46Fv6EFKKGS5DRFLD8yKnohjF3hxoju94b/OcMZoQukzpPpBE9uLVKzgQ==, + } + engines: { node: '>= 0.4' } + + is-weakmap@2.0.2: + resolution: + { + integrity: sha512-K5pXYOm9wqY1RgjpL3YTkF39tni1XajUIkawTLUo9EZEVUFga5gSQJF8nNS7ZwJQ02y+1YCNYcMh+HIf1ZqE+w==, + } + engines: { node: '>= 0.4' } + + is-weakref@1.1.1: + resolution: + { + integrity: sha512-6i9mGWSlqzNMEqpCp93KwRS1uUOodk2OJ6b+sq7ZPDSy2WuI5NFIxp/254TytR8ftefexkWn5xNiHUNpPOfSew==, + } + engines: { node: '>= 0.4' } + + is-weakset@2.0.4: + resolution: + { + integrity: sha512-mfcwb6IzQyOKTs84CQMrOwW4gQcaTOAWJ0zzJCl2WSPDrWk/OzDaImWFH3djXhb24g4eudZfLRozAvPGw4d9hQ==, + } + engines: { node: '>= 0.4' } + + isarray@2.0.5: + resolution: + { + integrity: sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==, + } + + isexe@2.0.0: + resolution: + { + integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==, + } + + iterator.prototype@1.1.5: + resolution: + { + integrity: sha512-H0dkQoCa3b2VEeKQBOxFph+JAbcrQdE7KC0UkqwpLmv2EC4P41QXP+rqo9wYodACiG5/WM5s9oDApTU8utwj9g==, + } + engines: { node: '>= 0.4' } + + js-tokens@4.0.0: + resolution: + { + integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==, + } + + js-yaml@4.1.1: + resolution: + { + integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==, + } + hasBin: true + + jsesc@3.1.0: + resolution: + { + integrity: sha512-/sM3dO2FOzXjKQhJuo0Q173wf2KOo8t4I8vHy6lF9poUp7bKT0/NHE8fPX23PwfhnykfqnC2xRxOnVw5XuGIaA==, + } + engines: { node: '>=6' } + hasBin: true + + json-buffer@3.0.1: + resolution: + { + integrity: sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==, + } + + json-schema-traverse@0.4.1: + resolution: + { + integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==, + } + + json-stable-stringify-without-jsonify@1.0.1: + resolution: + { + integrity: sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==, + } + + json5@2.2.3: + resolution: + { + integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==, + } + engines: { node: '>=6' } + hasBin: true + + jsx-ast-utils@3.3.5: + resolution: + { + integrity: sha512-ZZow9HBI5O6EPgSJLUb8n2NKgmVWTwCvHGwFuJlMjvLFqlGG6pjirPhtdsseaLZjSibD8eegzmYpUZwoIlj2cQ==, + } + engines: { node: '>=4.0' } + + jwa@2.0.1: + resolution: + { + integrity: sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==, + } + + jws@4.0.1: + resolution: + { + integrity: sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==, + } + + keyv@4.5.4: + resolution: + { + integrity: sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==, + } + + levn@0.4.1: + resolution: + { + integrity: sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==, + } + engines: { node: '>= 0.8.0' } + + locate-path@6.0.0: + resolution: + { + integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==, + } + engines: { node: '>=10' } + + lodash.merge@4.6.2: + resolution: + { + integrity: sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==, + } + + loose-envify@1.4.0: + resolution: + { + integrity: sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==, + } + hasBin: true + + lru-cache@5.1.1: + resolution: + { + integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==, + } + + lucide-react@0.555.0: + resolution: + { + integrity: sha512-D8FvHUGbxWBRQM90NZeIyhAvkFfsh3u9ekrMvJ30Z6gnpBHS6HC6ldLg7tL45hwiIz/u66eKDtdA23gwwGsAHA==, + } + peerDependencies: + react: ^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0 + + magic-string@0.30.21: + resolution: + { + integrity: sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==, + } + + math-intrinsics@1.1.0: + resolution: + { + integrity: sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==, + } + engines: { node: '>= 0.4' } + + minimalistic-assert@1.0.1: + resolution: + { + integrity: sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==, + } + + minimatch@3.1.5: + resolution: + { + integrity: sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==, + } + + minimist@1.2.8: + resolution: + { + integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==, + } + + ms@2.1.3: + resolution: + { + integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==, + } + + nanoid@3.3.12: + resolution: + { + integrity: sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==, + } + engines: { node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1 } + hasBin: true + + natural-compare@1.4.0: + resolution: + { + integrity: sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==, + } + + node-exports-info@1.6.0: + resolution: + { + integrity: sha512-pyFS63ptit/P5WqUkt+UUfe+4oevH+bFeIiPPdfb0pFeYEu/1ELnJu5l+5EcTKYL5M7zaAa7S8ddywgXypqKCw==, + } + engines: { node: '>= 0.4' } + + node-releases@2.0.44: + resolution: + { + integrity: sha512-5WUyunoPMsvvEhS8AxHtRzP+oA8UCkJ7YRxatWKjngndhDGLiqEVAQKWjFAiAiuL8zMRGzGSJxFnLetoa43qGQ==, + } + + object-assign@4.1.1: + resolution: + { + integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==, + } + engines: { node: '>=0.10.0' } + + object-inspect@1.13.4: + resolution: + { + integrity: sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==, + } + engines: { node: '>= 0.4' } + + object-keys@1.1.1: + resolution: + { + integrity: sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==, + } + engines: { node: '>= 0.4' } + + object.assign@4.1.7: + resolution: + { + integrity: sha512-nK28WOo+QIjBkDduTINE4JkF/UJJKyf2EJxvJKfblDpyg0Q+pkOHNTL0Qwy6NP6FhE/EnzV73BxxqcJaXY9anw==, + } + engines: { node: '>= 0.4' } + + object.entries@1.1.9: + resolution: + { + integrity: sha512-8u/hfXFRBD1O0hPUjioLhoWFHRmt6tKA4/vZPyckBr18l1KE9uHrFaFaUi8MDRTpi4uak2goyPTSNJLXX2k2Hw==, + } + engines: { node: '>= 0.4' } + + object.fromentries@2.0.8: + resolution: + { + integrity: sha512-k6E21FzySsSK5a21KRADBd/NGneRegFO5pLHfdQLpRDETUNJueLXs3WCzyQ3tFRDYgbq3KHGXfTbi2bs8WQ6rQ==, + } + engines: { node: '>= 0.4' } + + object.values@1.2.1: + resolution: + { + integrity: sha512-gXah6aZrcUxjWg2zR2MwouP2eHlCBzdV4pygudehaKXSGW4v2AsRQUK+lwwXhii6KFZcunEnmSUoYp5CXibxtA==, + } + engines: { node: '>= 0.4' } + + obug@2.1.1: + resolution: + { + integrity: sha512-uTqF9MuPraAQ+IsnPf366RG4cP9RtUi7MLO1N3KEc+wb0a6yKpeL0lmk2IB1jY5KHPAlTc6T/JRdC/YqxHNwkQ==, + } + + optionator@0.9.4: + resolution: + { + integrity: sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==, + } + engines: { node: '>= 0.8.0' } + + otplib@13.4.0: + resolution: + { + integrity: sha512-RUcYcRMCgRWhUE/XabRppXpUwCwaWBNHe5iPXhdvP8wwDGpGpsIf/kxX/ec3zFsOaM1Oq8lEhUqDwk6W7DHkwg==, + } + + own-keys@1.0.1: + resolution: + { + integrity: sha512-qFOyK5PjiWZd+QQIh+1jhdb9LpxTF0qs7Pm8o5QHYZ0M3vKqSqzsZaEB6oWlxZ+q2sJBMI/Ktgd2N5ZwQoRHfg==, + } + engines: { node: '>= 0.4' } + + p-limit@3.1.0: + resolution: + { + integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==, + } + engines: { node: '>=10' } + + p-locate@5.0.0: + resolution: + { + integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==, + } + engines: { node: '>=10' } + + parent-module@1.0.1: + resolution: + { + integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==, + } + engines: { node: '>=6' } + + path-exists@4.0.0: + resolution: + { + integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==, + } + engines: { node: '>=8' } + + path-key@3.1.1: + resolution: + { + integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==, + } + engines: { node: '>=8' } + + path-parse@1.0.7: + resolution: + { + integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==, + } + + pathe@2.0.3: + resolution: + { + integrity: sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==, + } + + pg-cloudflare@1.4.0: + resolution: + { + integrity: sha512-Vo7z/6rrQYxpNRylp4Tlob2elzbh+N/MOQbxFVWCxS7oEx6jF53GTJFxK2WWpKuBRkmiin4Mt+xofFDjx09R0A==, + } + + pg-connection-string@2.13.0: + resolution: + { + integrity: sha512-EMnU9E2fSULdsbErBbMaXJvFeD9B4+nPcM3f+4lsiCR0BHLPrLVjv3DbyM2hgQQviKJaTWIRRTjKjWlHg3p2ig==, + } + + pg-int8@1.0.1: + resolution: + { + integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==, + } + engines: { node: '>=4.0.0' } + + pg-pool@3.14.0: + resolution: + { + integrity: sha512-gKtPkFdQPU3DksooVLi9LsjZxrsBUZIpa+7aVx+LV5pNh0KzP4Zleud2po+ConrxbuXGBJ6Hfer6hdgpIBpBaw==, + } + peerDependencies: + pg: '>=8.0' + + pg-protocol@1.14.0: + resolution: + { + integrity: sha512-n5taZ1kO3s9ngDTVxsEznOqCyToTgz0FLuPq0B33COy5pPpuWJpY3/2oRBVETuOgzdqRXfWpM9HIhp2LBBT1BA==, + } + + pg-types@2.2.0: + resolution: + { + integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==, + } + engines: { node: '>=4' } + + pg@8.21.0: + resolution: + { + integrity: sha512-AUP1EYJuHraQGsVoCQVIcM7TEJVGtDzxWtGFZd8rds9d+CCXlU5Js1rYgfLNvxy9iJrpHjGrRjoi/3BT9fRyiA==, + } + engines: { node: '>= 16.0.0' } + peerDependencies: + pg-native: '>=3.0.1' + peerDependenciesMeta: + pg-native: + optional: true + + pgpass@1.0.5: + resolution: + { + integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==, + } + + picocolors@1.1.1: + resolution: + { + integrity: sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==, + } + + picomatch@4.0.4: + resolution: + { + integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==, + } + engines: { node: '>=12' } + + possible-typed-array-names@1.1.0: + resolution: + { + integrity: sha512-/+5VFTchJDoVj3bhoqi6UeymcD00DAwb1nJwamzPvHEszJ4FpF6SNNbUbOS8yI56qHzdV8eK0qEfOSiodkTdxg==, + } + engines: { node: '>= 0.4' } + + postcss@8.5.15: + resolution: + { + integrity: sha512-FfR8sjd4em2T6fb3I2MwAJU7HWVMr9zba+enmQeeWFfCbm+UOC/0X4DS8XtpUTMwWMGbjKYP7xjfNekzyGmB3A==, + } + engines: { node: ^10 || ^12 || >=14 } + + postgres-array@2.0.0: + resolution: + { + integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==, + } + engines: { node: '>=4' } + + postgres-bytea@1.0.1: + resolution: + { + integrity: sha512-5+5HqXnsZPE65IJZSMkZtURARZelel2oXUEO8rH83VS/hxH5vv1uHquPg5wZs8yMAfdv971IU+kcPUczi7NVBQ==, + } + engines: { node: '>=0.10.0' } + + postgres-date@1.0.7: + resolution: + { + integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==, + } + engines: { node: '>=0.10.0' } + + postgres-interval@1.2.0: + resolution: + { + integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==, + } + engines: { node: '>=0.10.0' } + + prelude-ls@1.2.1: + resolution: + { + integrity: sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==, + } + engines: { node: '>= 0.8.0' } + + prettier@3.8.3: + resolution: + { + integrity: sha512-7igPTM53cGHMW8xWuVTydi2KO233VFiTNyF5hLJqpilHfmn8C8gPf+PS7dUT64YcXFbiMGZxS9pCSxL/Dxm/Jw==, + } + engines: { node: '>=14' } + hasBin: true + + prop-types@15.8.1: + resolution: + { + integrity: sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==, + } + + punycode@2.3.1: + resolution: + { + integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==, + } + engines: { node: '>=6' } + + qrcode.react@4.2.0: + resolution: + { + integrity: sha512-QpgqWi8rD9DsS9EP3z7BT+5lY5SFhsqGjpgW5DY/i3mK4M9DTBNz3ErMi8BWYEfI3L0d8GIbGmcdFAS1uIRGjA==, + } + peerDependencies: + react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 + + react-dom@19.2.6: + resolution: + { + integrity: sha512-0prMI+hvBbPjsWnxDLxlCGyM8PN6UuWjEUCYmZhO67xIV9Xasa/r/vDnq+Xyq4Lo27g8QSbO5YzARu0D1Sps3g==, + } + peerDependencies: + react: ^19.2.6 + + react-is@16.13.1: + resolution: + { + integrity: sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==, + } + + react-refresh@0.18.0: + resolution: + { + integrity: sha512-QgT5//D3jfjJb6Gsjxv0Slpj23ip+HtOpnNgnb2S5zU3CB26G/IDPGoy4RJB42wzFE46DRsstbW6tKHoKbhAxw==, + } + engines: { node: '>=0.10.0' } + + react-remove-scroll-bar@2.3.8: + resolution: + { + integrity: sha512-9r+yi9+mgU33AKcj6IbT9oRCO78WriSj6t/cF8DWBZJ9aOGPOTEDvdUDz1FwKim7QXWwmHqtdHnRJfhAxEG46Q==, + } + engines: { node: '>=10' } + peerDependencies: + '@types/react': '*' + react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 + peerDependenciesMeta: + '@types/react': + optional: true + + react-remove-scroll@2.7.2: + resolution: + { + integrity: sha512-Iqb9NjCCTt6Hf+vOdNIZGdTiH1QSqr27H/Ek9sv/a97gfueI/5h1s3yRi1nngzMUaOOToin5dI1dXKdXiF+u0Q==, + } + engines: { node: '>=10' } + peerDependencies: + '@types/react': '*' + react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + react-style-singleton@2.2.3: + resolution: + { + integrity: sha512-b6jSvxvVnyptAiLjbkWLE/lOnR4lfTtDAl+eUC7RZy+QQWc6wRzIV2CE6xBuMmDxc2qIihtDCZD5NPOFl7fRBQ==, + } + engines: { node: '>=10' } + peerDependencies: + '@types/react': '*' + react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + react@19.2.6: + resolution: + { + integrity: sha512-sfWGGfavi0xr8Pg0sVsyHMAOziVYKgPLNrS7ig+ivMNb3wbCBw3KxtflsGBAwD3gYQlE/AEZsTLgToRrSCjb0Q==, + } + engines: { node: '>=0.10.0' } + + reflect.getprototypeof@1.0.10: + resolution: + { + integrity: sha512-00o4I+DVrefhv+nX0ulyi3biSHCPDe+yLv5o/p6d/UVlirijB8E16FtfwSAi4g3tcqrQ4lRAqQSoFEZJehYEcw==, + } + engines: { node: '>= 0.4' } + + regexp.prototype.flags@1.5.4: + resolution: + { + integrity: sha512-dYqgNSZbDwkaJ2ceRd9ojCGjBq+mOm9LmtXnAnEGyHhN/5R7iDW2TRw3h+o/jCFxus3P2LfWIIiwowAjANm7IA==, + } + engines: { node: '>= 0.4' } + + require-directory@2.1.1: + resolution: + { + integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==, + } + engines: { node: '>=0.10.0' } + + resolve-from@4.0.0: + resolution: + { + integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==, + } + engines: { node: '>=4' } + + resolve@2.0.0-next.7: + resolution: + { + integrity: sha512-tqt+NBWwyaMgw3zDsnygx4CByWjQEJHOPMdslYhppaQSJUtL/D4JO9CcBBlhPoI8lz9oJIDXkwXfhF4aWqP8xQ==, + } + engines: { node: '>= 0.4' } + hasBin: true + + rollup@4.60.4: + resolution: + { + integrity: sha512-WHeFSbZYsPu3+bLoNRUuAO+wavNlocOPf3wSHTP7hcFKVnJeWsYlCDbr3mTS14FCizf9ccIxXA8sGL8zKeQN3g==, + } + engines: { node: '>=18.0.0', npm: '>=8.0.0' } + hasBin: true + + rxjs@7.8.2: + resolution: + { + integrity: sha512-dhKf903U/PQZY6boNNtAGdWbG85WAbjT/1xYoZIC7FAY0yWapOBQVsVrDl58W86//e1VpMNBtRV4MaXfdMySFA==, + } + + safe-array-concat@1.1.4: + resolution: + { + integrity: sha512-wtZlHyOje6OZTGqAoaDKxFkgRtkF9CnHAVnCHKfuj200wAgL+bSJhdsCD2l0Qx/2ekEXjPWcyKkfGb5CPboslg==, + } + engines: { node: '>=0.4' } + + safe-buffer@5.2.1: + resolution: + { + integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==, + } + + safe-push-apply@1.0.0: + resolution: + { + integrity: sha512-iKE9w/Z7xCzUMIZqdBsp6pEQvwuEebH4vdpjcDWnyzaI6yl6O9FHvVpmGelvEHNsoY6wGblkxR6Zty/h00WiSA==, + } + engines: { node: '>= 0.4' } + + safe-regex-test@1.1.0: + resolution: + { + integrity: sha512-x/+Cz4YrimQxQccJf5mKEbIa1NzeCRNI5Ecl/ekmlYaampdNLPalVyIcCZNNH3MvmqBugV5TMYZXv0ljslUlaw==, + } + engines: { node: '>= 0.4' } + + safer-buffer@2.1.2: + resolution: + { + integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==, + } + + scheduler@0.27.0: + resolution: + { + integrity: sha512-eNv+WrVbKu1f3vbYJT/xtiF5syA5HPIMtf9IgY/nKg0sWqzAUEvqY/xm7OcZc/qafLx/iO9FgOmeSAp4v5ti/Q==, + } + + semver@6.3.1: + resolution: + { + integrity: sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==, + } + hasBin: true + + set-function-length@1.2.2: + resolution: + { + integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==, + } + engines: { node: '>= 0.4' } + + set-function-name@2.0.2: + resolution: + { + integrity: sha512-7PGFlmtwsEADb0WYyvCMa1t+yke6daIG4Wirafur5kcf+MhUnPms1UeR0CKQdTZD81yESwMHbtn+TR+dMviakQ==, + } + engines: { node: '>= 0.4' } + + set-proto@1.0.0: + resolution: + { + integrity: sha512-RJRdvCo6IAnPdsvP/7m6bsQqNnn1FCBX5ZNtFL98MmFF/4xAIJTIg1YbHW5DC2W5SKZanrC6i4HsJqlajw/dZw==, + } + engines: { node: '>= 0.4' } + + shebang-command@2.0.0: + resolution: + { + integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==, + } + engines: { node: '>=8' } + + shebang-regex@3.0.0: + resolution: + { + integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==, + } + engines: { node: '>=8' } + + shell-quote@1.8.3: + resolution: + { + integrity: sha512-ObmnIF4hXNg1BqhnHmgbDETF8dLPCggZWBjkQfhZpbszZnYur5DUljTcCHii5LC3J5E0yeO/1LIMyH+UvHQgyw==, + } + engines: { node: '>= 0.4' } + + side-channel-list@1.0.1: + resolution: + { + integrity: sha512-mjn/0bi/oUURjc5Xl7IaWi/OJJJumuoJFQJfDDyO46+hBWsfaVM65TBHq2eoZBhzl9EchxOijpkbRC8SVBQU0w==, + } + engines: { node: '>= 0.4' } + + side-channel-map@1.0.1: + resolution: + { + integrity: sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==, + } + engines: { node: '>= 0.4' } + + side-channel-weakmap@1.0.2: + resolution: + { + integrity: sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==, + } + engines: { node: '>= 0.4' } + + side-channel@1.1.0: + resolution: + { + integrity: sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==, + } + engines: { node: '>= 0.4' } + + siginfo@2.0.0: + resolution: + { + integrity: sha512-ybx0WO1/8bSBLEWXZvEd7gMW3Sn3JFlW3TvX1nREbDLRNQNaeNN8WK0meBwPdAaOI7TtRRRJn/Es1zhrrCHu7g==, + } + + source-map-js@1.2.1: + resolution: + { + integrity: sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==, + } + engines: { node: '>=0.10.0' } + + split2@4.2.0: + resolution: + { + integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==, + } + engines: { node: '>= 10.x' } + + stackback@0.0.2: + resolution: + { + integrity: sha512-1XMJE5fQo1jGH6Y/7ebnwPOBEkIEnT4QF32d5R1+VXdXveM0IBMJt8zfaxX1P3QhVwrYe+576+jkANtSS2mBbw==, + } + + std-env@4.1.0: + resolution: + { + integrity: sha512-Rq7ybcX2RuC55r9oaPVEW7/xu3tj8u4GeBYHBWCychFtzMIr86A7e3PPEBPT37sHStKX3+TiX/Fr/ACmJLVlLQ==, + } + + stop-iteration-iterator@1.1.0: + resolution: + { + integrity: sha512-eLoXW/DHyl62zxY4SCaIgnRhuMr6ri4juEYARS8E6sCEqzKpOiE521Ucofdx+KnDZl5xmvGYaaKCk5FEOxJCoQ==, + } + engines: { node: '>= 0.4' } + + string-width@4.2.3: + resolution: + { + integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==, + } + engines: { node: '>=8' } + + string.prototype.matchall@4.0.12: + resolution: + { + integrity: sha512-6CC9uyBL+/48dYizRf7H7VAYCMCNTBeM78x/VTUe9bFEaxBepPJDa1Ow99LqI/1yF7kuy7Q3cQsYMrcjGUcskA==, + } + engines: { node: '>= 0.4' } + + string.prototype.repeat@1.0.0: + resolution: + { + integrity: sha512-0u/TldDbKD8bFCQ/4f5+mNRrXwZ8hg2w7ZR8wa16e8z9XpePWl3eGEcUD0OXpEH/VJH/2G3gjUtR3ZOiBe2S/w==, + } + + string.prototype.trim@1.2.10: + resolution: + { + integrity: sha512-Rs66F0P/1kedk5lyYyH9uBzuiI/kNRmwJAR9quK6VOtIpZ2G+hMZd+HQbbv25MgCA6gEffoMZYxlTod4WcdrKA==, + } + engines: { node: '>= 0.4' } + + string.prototype.trimend@1.0.9: + resolution: + { + integrity: sha512-G7Ok5C6E/j4SGfyLCloXTrngQIQU3PWtXGst3yM7Bea9FRURf1S42ZHlZZtsNque2FN2PoUhfZXYLNWwEr4dLQ==, + } + engines: { node: '>= 0.4' } + + string.prototype.trimstart@1.0.8: + resolution: + { + integrity: sha512-UXSH262CSZY1tfu3G3Secr6uGLCFVPMhIqHjlgCUtCCcgihYc/xKs9djMTMUOb2j1mVSeU8EU6NWc/iQKU6Gfg==, + } + engines: { node: '>= 0.4' } + + strip-ansi@6.0.1: + resolution: + { + integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==, + } + engines: { node: '>=8' } + + strip-json-comments@3.1.1: + resolution: + { + integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==, + } + engines: { node: '>=8' } + + supports-color@7.2.0: + resolution: + { + integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==, + } + engines: { node: '>=8' } + + supports-color@8.1.1: + resolution: + { + integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==, + } + engines: { node: '>=10' } + + supports-preserve-symlinks-flag@1.0.0: + resolution: + { + integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==, + } + engines: { node: '>= 0.4' } + + tinybench@2.9.0: + resolution: + { + integrity: sha512-0+DUvqWMValLmha6lr4kD8iAMK1HzV0/aKnCtWb9v9641TnP/MFb7Pc2bxoxQjTXAErryXVgUOfv2YqNllqGeg==, + } + + tinyexec@1.1.2: + resolution: + { + integrity: sha512-dAqSqE/RabpBKI8+h26GfLq6Vb3JVXs30XYQjdMjaj/c2tS8IYYMbIzP599KtRj7c57/wYApb3QjgRgXmrCukA==, + } + engines: { node: '>=18' } + + tinyglobby@0.2.16: + resolution: + { + integrity: sha512-pn99VhoACYR8nFHhxqix+uvsbXineAasWm5ojXoN8xEwK5Kd3/TrhNn1wByuD52UxWRLy8pu+kRMniEi6Eq9Zg==, + } + engines: { node: '>=12.0.0' } + + tinyrainbow@3.1.0: + resolution: + { + integrity: sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==, + } + engines: { node: '>=14.0.0' } + + tree-kill@1.2.2: + resolution: + { + integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==, + } + hasBin: true + + tslib@2.8.1: + resolution: + { + integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==, + } + + type-check@0.4.0: + resolution: + { + integrity: sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==, + } + engines: { node: '>= 0.8.0' } + + typed-array-buffer@1.0.3: + resolution: + { + integrity: sha512-nAYYwfY3qnzX30IkA6AQZjVbtK6duGontcQm1WSG1MD94YLqK0515GNApXkoxKOWMusVssAHWLh9SeaoefYFGw==, + } + engines: { node: '>= 0.4' } + + typed-array-byte-length@1.0.3: + resolution: + { + integrity: sha512-BaXgOuIxz8n8pIq3e7Atg/7s+DpiYrxn4vdot3w9KbnBhcRQq6o3xemQdIfynqSeXeDrF32x+WvfzmOjPiY9lg==, + } + engines: { node: '>= 0.4' } + + typed-array-byte-offset@1.0.4: + resolution: + { + integrity: sha512-bTlAFB/FBYMcuX81gbL4OcpH5PmlFHqlCCpAl8AlEzMz5k53oNDvN8p1PNOWLEmI2x4orp3raOFB51tv9X+MFQ==, + } + engines: { node: '>= 0.4' } + + typed-array-length@1.0.7: + resolution: + { + integrity: sha512-3KS2b+kL7fsuk/eJZ7EQdnEmQoaho/r6KUef7hxvltNA5DR8NAUM+8wJMbJyZ4G9/7i3v5zPBIMN5aybAh2/Jg==, + } + engines: { node: '>= 0.4' } + + unbox-primitive@1.1.0: + resolution: + { + integrity: sha512-nWJ91DjeOkej/TA8pXQ3myruKpKEYgqvpw9lz4OPHj/NWFNluYrjbz9j01CJ8yKQd2g4jFoOkINCTW2I5LEEyw==, + } + engines: { node: '>= 0.4' } + + update-browserslist-db@1.2.3: + resolution: + { + integrity: sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==, + } + hasBin: true + peerDependencies: + browserslist: '>= 4.21.0' + + uri-js@4.4.1: + resolution: + { + integrity: sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==, + } + + use-callback-ref@1.3.3: + resolution: + { + integrity: sha512-jQL3lRnocaFtu3V00JToYz/4QkNWswxijDaCVNZRiRTO3HQDLsdu1ZtmIUvV4yPp+rvWm5j0y0TG/S61cuijTg==, + } + engines: { node: '>=10' } + peerDependencies: + '@types/react': '*' + react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + use-sidecar@1.1.3: + resolution: + { + integrity: sha512-Fedw0aZvkhynoPYlA5WXrMCAMm+nSWdZt6lzJQ7Ok8S6Q+VsHmHpRWndVRJ8Be0ZbkfPc5LRYH+5XrzXcEeLRQ==, + } + engines: { node: '>=10' } + peerDependencies: + '@types/react': '*' + react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc + peerDependenciesMeta: + '@types/react': + optional: true + + vite@7.3.3: + resolution: + { + integrity: sha512-/4XH147Ui7OGTjg3HbdWe5arnZQSbfuRzdr9Ec7TQi5I7R+ir0Rlc9GIvD4v0XZurELqA035KVXJXpR61xhiTA==, + } + engines: { node: ^20.19.0 || >=22.12.0 } + hasBin: true + peerDependencies: + '@types/node': ^20.19.0 || >=22.12.0 + jiti: '>=1.21.0' + less: ^4.0.0 + lightningcss: ^1.21.0 + sass: ^1.70.0 + sass-embedded: ^1.70.0 + stylus: '>=0.54.8' + sugarss: ^5.0.0 + terser: ^5.16.0 + tsx: ^4.8.1 + yaml: ^2.4.2 + peerDependenciesMeta: + '@types/node': + optional: true + jiti: + optional: true + less: + optional: true + lightningcss: + optional: true + sass: + optional: true + sass-embedded: + optional: true + stylus: + optional: true + sugarss: + optional: true + terser: + optional: true + tsx: + optional: true + yaml: + optional: true + + vitest@4.1.6: + resolution: + { + integrity: sha512-6lvjbS3p9b4CrdCmguzbh2/4uoXhGE2q71R4OX5sqF9R1bo9Xd6fGrMAfvp5wnCzlBnFVdCOp6onuTQVbo8iUQ==, + } + engines: { node: ^20.0.0 || ^22.0.0 || >=24.0.0 } + hasBin: true + peerDependencies: + '@edge-runtime/vm': '*' + '@opentelemetry/api': ^1.9.0 + '@types/node': ^20.0.0 || ^22.0.0 || >=24.0.0 + '@vitest/browser-playwright': 4.1.6 + '@vitest/browser-preview': 4.1.6 + '@vitest/browser-webdriverio': 4.1.6 + '@vitest/coverage-istanbul': 4.1.6 + '@vitest/coverage-v8': 4.1.6 + '@vitest/ui': 4.1.6 + happy-dom: '*' + jsdom: '*' + vite: ^6.0.0 || ^7.0.0 || ^8.0.0 + peerDependenciesMeta: + '@edge-runtime/vm': + optional: true + '@opentelemetry/api': + optional: true + '@types/node': + optional: true + '@vitest/browser-playwright': + optional: true + '@vitest/browser-preview': + optional: true + '@vitest/browser-webdriverio': + optional: true + '@vitest/coverage-istanbul': + optional: true + '@vitest/coverage-v8': + optional: true + '@vitest/ui': + optional: true + happy-dom: + optional: true + jsdom: + optional: true + + web-push@3.6.7: + resolution: + { + integrity: sha512-OpiIUe8cuGjrj3mMBFWY+e4MMIkW3SVT+7vEIjvD9kejGUypv8GPDf84JdPWskK8zMRIJ6xYGm+Kxr8YkPyA0A==, + } + engines: { node: '>= 16' } + hasBin: true + + which-boxed-primitive@1.1.1: + resolution: + { + integrity: sha512-TbX3mj8n0odCBFVlY8AxkqcHASw3L60jIuF8jFP78az3C2YhmGvqbHBpAjTRH2/xqYunrJ9g1jSyjCjpoWzIAA==, + } + engines: { node: '>= 0.4' } + + which-builtin-type@1.2.1: + resolution: + { + integrity: sha512-6iBczoX+kDQ7a3+YJBnh3T+KZRxM/iYNPXicqk66/Qfm1b93iu+yOImkg0zHbj5LNOcNv1TEADiZ0xa34B4q6Q==, + } + engines: { node: '>= 0.4' } + + which-collection@1.0.2: + resolution: + { + integrity: sha512-K4jVyjnBdgvc86Y6BkaLZEN933SwYOuBFkdmBu9ZfkcAbdVbpITnDmjvZ/aQjRXQrv5EPkTnD1s39GiiqbngCw==, + } + engines: { node: '>= 0.4' } + + which-typed-array@1.1.20: + resolution: + { + integrity: sha512-LYfpUkmqwl0h9A2HL09Mms427Q1RZWuOHsukfVcKRq9q95iQxdw0ix1JQrqbcDR9PH1QDwf5Qo8OZb5lksZ8Xg==, + } + engines: { node: '>= 0.4' } + + which@2.0.2: + resolution: + { + integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==, + } + engines: { node: '>= 8' } + hasBin: true + + why-is-node-running@2.3.0: + resolution: + { + integrity: sha512-hUrmaWBdVDcxvYqnyh09zunKzROWjbZTiNy8dBEjkS7ehEDQibXJ7XvlmtbwuTclUiIyN+CyXQD4Vmko8fNm8w==, + } + engines: { node: '>=8' } + hasBin: true + + word-wrap@1.2.5: + resolution: + { + integrity: sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==, + } + engines: { node: '>=0.10.0' } + + wrap-ansi@7.0.0: + resolution: + { + integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==, + } + engines: { node: '>=10' } + + xtend@4.0.2: + resolution: + { + integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==, + } + engines: { node: '>=0.4' } + + y18n@5.0.8: + resolution: + { + integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==, + } + engines: { node: '>=10' } + + yallist@3.1.1: + resolution: + { + integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==, + } + + yargs-parser@21.1.1: + resolution: + { + integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==, + } + engines: { node: '>=12' } + + yargs@17.7.2: + resolution: + { + integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==, + } + engines: { node: '>=12' } + + yocto-queue@0.1.0: + resolution: + { + integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==, + } + engines: { node: '>=10' } + + zod-validation-error@4.0.2: + resolution: + { + integrity: sha512-Q6/nZLe6jxuU80qb/4uJ4t5v2VEZ44lzQjPDhYJNztRQ4wyWc6VF3D3Kb/fAuPetZQnhS3hnajCf9CsWesghLQ==, + } + engines: { node: '>=18.0.0' } + peerDependencies: + zod: ^3.25.0 || ^4.0.0 + + zod@4.4.3: + resolution: + { + integrity: sha512-ytENFjIJFl2UwYglde2jchW2Hwm4GJFLDiSXWdTrJQBIN9Fcyp7n4DhxJEiWNAJMV1/BqWfW/kkg71UDcHJyTQ==, + } + +snapshots: + '@babel/code-frame@7.29.0': + dependencies: + '@babel/helper-validator-identifier': 7.28.5 + js-tokens: 4.0.0 + picocolors: 1.1.1 + + '@babel/compat-data@7.29.3': {} + + '@babel/core@7.29.0': + dependencies: + '@babel/code-frame': 7.29.0 + '@babel/generator': 7.29.1 + '@babel/helper-compilation-targets': 7.28.6 + '@babel/helper-module-transforms': 7.28.6(@babel/core@7.29.0) + '@babel/helpers': 7.29.2 + '@babel/parser': 7.29.3 + '@babel/template': 7.28.6 + '@babel/traverse': 7.29.0 + '@babel/types': 7.29.0 + '@jridgewell/remapping': 2.3.5 + convert-source-map: 2.0.0 + debug: 4.4.3 + gensync: 1.0.0-beta.2 + json5: 2.2.3 + semver: 6.3.1 + transitivePeerDependencies: + - supports-color + + '@babel/generator@7.29.1': + dependencies: + '@babel/parser': 7.29.3 + '@babel/types': 7.29.0 + '@jridgewell/gen-mapping': 0.3.13 + '@jridgewell/trace-mapping': 0.3.31 + jsesc: 3.1.0 + + '@babel/helper-compilation-targets@7.28.6': + dependencies: + '@babel/compat-data': 7.29.3 + '@babel/helper-validator-option': 7.27.1 + browserslist: 4.28.2 + lru-cache: 5.1.1 + semver: 6.3.1 + + '@babel/helper-globals@7.28.0': {} + + '@babel/helper-module-imports@7.28.6': + dependencies: + '@babel/traverse': 7.29.0 + '@babel/types': 7.29.0 + transitivePeerDependencies: + - supports-color + + '@babel/helper-module-transforms@7.28.6(@babel/core@7.29.0)': + dependencies: + '@babel/core': 7.29.0 + '@babel/helper-module-imports': 7.28.6 + '@babel/helper-validator-identifier': 7.28.5 + '@babel/traverse': 7.29.0 + transitivePeerDependencies: + - supports-color + + '@babel/helper-plugin-utils@7.28.6': {} + + '@babel/helper-string-parser@7.27.1': {} + + '@babel/helper-validator-identifier@7.28.5': {} + + '@babel/helper-validator-option@7.27.1': {} + + '@babel/helpers@7.29.2': + dependencies: + '@babel/template': 7.28.6 + '@babel/types': 7.29.0 + + '@babel/parser@7.29.3': + dependencies: + '@babel/types': 7.29.0 + + '@babel/plugin-transform-react-jsx-self@7.27.1(@babel/core@7.29.0)': + dependencies: + '@babel/core': 7.29.0 + '@babel/helper-plugin-utils': 7.28.6 + + '@babel/plugin-transform-react-jsx-source@7.27.1(@babel/core@7.29.0)': + dependencies: + '@babel/core': 7.29.0 + '@babel/helper-plugin-utils': 7.28.6 + + '@babel/template@7.28.6': + dependencies: + '@babel/code-frame': 7.29.0 + '@babel/parser': 7.29.3 + '@babel/types': 7.29.0 + + '@babel/traverse@7.29.0': + dependencies: + '@babel/code-frame': 7.29.0 + '@babel/generator': 7.29.1 + '@babel/helper-globals': 7.28.0 + '@babel/parser': 7.29.3 + '@babel/template': 7.28.6 + '@babel/types': 7.29.0 + debug: 4.4.3 + transitivePeerDependencies: + - supports-color + + '@babel/types@7.29.0': + dependencies: + '@babel/helper-string-parser': 7.27.1 + '@babel/helper-validator-identifier': 7.28.5 + + '@emnapi/core@1.10.0': + dependencies: + '@emnapi/wasi-threads': 1.2.1 + tslib: 2.8.1 + optional: true + + '@emnapi/runtime@1.10.0': + dependencies: + tslib: 2.8.1 + optional: true + + '@emnapi/wasi-threads@1.2.1': + dependencies: + tslib: 2.8.1 + optional: true + + '@esbuild/aix-ppc64@0.27.7': + optional: true + + '@esbuild/android-arm64@0.27.7': + optional: true + + '@esbuild/android-arm@0.27.7': + optional: true + + '@esbuild/android-x64@0.27.7': + optional: true + + '@esbuild/darwin-arm64@0.27.7': + optional: true + + '@esbuild/darwin-x64@0.27.7': + optional: true + + '@esbuild/freebsd-arm64@0.27.7': + optional: true + + '@esbuild/freebsd-x64@0.27.7': + optional: true + + '@esbuild/linux-arm64@0.27.7': + optional: true + + '@esbuild/linux-arm@0.27.7': + optional: true + + '@esbuild/linux-ia32@0.27.7': + optional: true + + '@esbuild/linux-loong64@0.27.7': + optional: true + + '@esbuild/linux-mips64el@0.27.7': + optional: true + + '@esbuild/linux-ppc64@0.27.7': + optional: true + + '@esbuild/linux-riscv64@0.27.7': + optional: true + + '@esbuild/linux-s390x@0.27.7': + optional: true + + '@esbuild/linux-x64@0.27.7': + optional: true + + '@esbuild/netbsd-arm64@0.27.7': + optional: true + + '@esbuild/netbsd-x64@0.27.7': + optional: true + + '@esbuild/openbsd-arm64@0.27.7': + optional: true + + '@esbuild/openbsd-x64@0.27.7': + optional: true + + '@esbuild/openharmony-arm64@0.27.7': + optional: true + + '@esbuild/sunos-x64@0.27.7': + optional: true + + '@esbuild/win32-arm64@0.27.7': + optional: true + + '@esbuild/win32-ia32@0.27.7': + optional: true + + '@esbuild/win32-x64@0.27.7': + optional: true + + '@eslint-community/eslint-utils@4.9.1(eslint@9.39.4)': + dependencies: + eslint: 9.39.4 + eslint-visitor-keys: 3.4.3 + + '@eslint-community/regexpp@4.12.2': {} + + '@eslint/config-array@0.21.2': + dependencies: + '@eslint/object-schema': 2.1.7 + debug: 4.4.3 + minimatch: 3.1.5 + transitivePeerDependencies: + - supports-color + + '@eslint/config-helpers@0.4.2': + dependencies: + '@eslint/core': 0.17.0 + + '@eslint/core@0.17.0': + dependencies: + '@types/json-schema': 7.0.15 + + '@eslint/eslintrc@3.3.5': + dependencies: + ajv: 6.15.0 + debug: 4.4.3 + espree: 10.4.0 + globals: 14.0.0 + ignore: 5.3.2 + import-fresh: 3.3.1 + js-yaml: 4.1.1 + minimatch: 3.1.5 + strip-json-comments: 3.1.1 + transitivePeerDependencies: + - supports-color + + '@eslint/js@9.39.4': {} + + '@eslint/object-schema@2.1.7': {} + + '@eslint/plugin-kit@0.4.1': + dependencies: + '@eslint/core': 0.17.0 + levn: 0.4.1 + + '@hono/node-server@1.19.14(hono@4.12.21)': + dependencies: + hono: 4.12.21 + + '@humanfs/core@0.19.2': + dependencies: + '@humanfs/types': 0.15.0 + + '@humanfs/node@0.16.8': + dependencies: + '@humanfs/core': 0.19.2 + '@humanfs/types': 0.15.0 + '@humanwhocodes/retry': 0.4.3 + + '@humanfs/types@0.15.0': {} + + '@humanwhocodes/module-importer@1.0.1': {} + + '@humanwhocodes/retry@0.4.3': {} + + '@jridgewell/gen-mapping@0.3.13': + dependencies: + '@jridgewell/sourcemap-codec': 1.5.5 + '@jridgewell/trace-mapping': 0.3.31 + + '@jridgewell/remapping@2.3.5': + dependencies: + '@jridgewell/gen-mapping': 0.3.13 + '@jridgewell/trace-mapping': 0.3.31 + + '@jridgewell/resolve-uri@3.1.2': {} + + '@jridgewell/sourcemap-codec@1.5.5': {} + + '@jridgewell/trace-mapping@0.3.31': + dependencies: + '@jridgewell/resolve-uri': 3.1.2 + '@jridgewell/sourcemap-codec': 1.5.5 + + '@napi-rs/wasm-runtime@0.2.12': + dependencies: + '@emnapi/core': 1.10.0 + '@emnapi/runtime': 1.10.0 + '@tybys/wasm-util': 0.10.2 + optional: true + + '@noble/hashes@2.2.0': {} + + '@node-rs/argon2-android-arm-eabi@2.0.2': + optional: true + + '@node-rs/argon2-android-arm64@2.0.2': + optional: true + + '@node-rs/argon2-darwin-arm64@2.0.2': + optional: true + + '@node-rs/argon2-darwin-x64@2.0.2': + optional: true + + '@node-rs/argon2-freebsd-x64@2.0.2': + optional: true + + '@node-rs/argon2-linux-arm-gnueabihf@2.0.2': + optional: true + + '@node-rs/argon2-linux-arm64-gnu@2.0.2': + optional: true + + '@node-rs/argon2-linux-arm64-musl@2.0.2': + optional: true + + '@node-rs/argon2-linux-x64-gnu@2.0.2': + optional: true + + '@node-rs/argon2-linux-x64-musl@2.0.2': + optional: true + + '@node-rs/argon2-wasm32-wasi@2.0.2': + dependencies: + '@napi-rs/wasm-runtime': 0.2.12 + optional: true + + '@node-rs/argon2-win32-arm64-msvc@2.0.2': + optional: true + + '@node-rs/argon2-win32-ia32-msvc@2.0.2': + optional: true + + '@node-rs/argon2-win32-x64-msvc@2.0.2': + optional: true + + '@node-rs/argon2@2.0.2': + optionalDependencies: + '@node-rs/argon2-android-arm-eabi': 2.0.2 + '@node-rs/argon2-android-arm64': 2.0.2 + '@node-rs/argon2-darwin-arm64': 2.0.2 + '@node-rs/argon2-darwin-x64': 2.0.2 + '@node-rs/argon2-freebsd-x64': 2.0.2 + '@node-rs/argon2-linux-arm-gnueabihf': 2.0.2 + '@node-rs/argon2-linux-arm64-gnu': 2.0.2 + '@node-rs/argon2-linux-arm64-musl': 2.0.2 + '@node-rs/argon2-linux-x64-gnu': 2.0.2 + '@node-rs/argon2-linux-x64-musl': 2.0.2 + '@node-rs/argon2-wasm32-wasi': 2.0.2 + '@node-rs/argon2-win32-arm64-msvc': 2.0.2 + '@node-rs/argon2-win32-ia32-msvc': 2.0.2 + '@node-rs/argon2-win32-x64-msvc': 2.0.2 + + '@otplib/core@13.4.0': {} + + '@otplib/hotp@13.4.0': + dependencies: + '@otplib/core': 13.4.0 + '@otplib/uri': 13.4.0 + + '@otplib/plugin-base32-scure@13.4.0': + dependencies: + '@otplib/core': 13.4.0 + '@scure/base': 2.2.0 + + '@otplib/plugin-crypto-noble@13.4.0': + dependencies: + '@noble/hashes': 2.2.0 + '@otplib/core': 13.4.0 + + '@otplib/totp@13.4.0': + dependencies: + '@otplib/core': 13.4.0 + '@otplib/hotp': 13.4.0 + '@otplib/uri': 13.4.0 + + '@otplib/uri@13.4.0': + dependencies: + '@otplib/core': 13.4.0 + + '@radix-ui/primitive@1.1.3': {} + + '@radix-ui/react-collection@1.1.7(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + '@radix-ui/react-context': 1.1.2(react@19.2.6) + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-slot': 1.2.3(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-compose-refs@1.1.2(react@19.2.6)': + dependencies: + react: 19.2.6 + + '@radix-ui/react-context@1.1.2(react@19.2.6)': + dependencies: + react: 19.2.6 + + '@radix-ui/react-dialog@1.1.15(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/primitive': 1.1.3 + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + '@radix-ui/react-context': 1.1.2(react@19.2.6) + '@radix-ui/react-dismissable-layer': 1.1.11(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-focus-guards': 1.1.3(react@19.2.6) + '@radix-ui/react-focus-scope': 1.1.7(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-id': 1.1.1(react@19.2.6) + '@radix-ui/react-portal': 1.1.9(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-presence': 1.1.5(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-slot': 1.2.3(react@19.2.6) + '@radix-ui/react-use-controllable-state': 1.2.2(react@19.2.6) + aria-hidden: 1.2.6 + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + react-remove-scroll: 2.7.2(react@19.2.6) + + '@radix-ui/react-direction@1.1.1(react@19.2.6)': + dependencies: + react: 19.2.6 + + '@radix-ui/react-dismissable-layer@1.1.11(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/primitive': 1.1.3 + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-use-callback-ref': 1.1.1(react@19.2.6) + '@radix-ui/react-use-escape-keydown': 1.1.1(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-focus-guards@1.1.3(react@19.2.6)': + dependencies: + react: 19.2.6 + + '@radix-ui/react-focus-scope@1.1.7(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-use-callback-ref': 1.1.1(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-id@1.1.1(react@19.2.6)': + dependencies: + '@radix-ui/react-use-layout-effect': 1.1.1(react@19.2.6) + react: 19.2.6 + + '@radix-ui/react-label@2.1.8(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-primitive': 2.1.4(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-portal@1.1.9(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-use-layout-effect': 1.1.1(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-presence@1.1.5(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + '@radix-ui/react-use-layout-effect': 1.1.1(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-primitive@2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-slot': 1.2.3(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-primitive@2.1.4(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/react-slot': 1.2.4(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-roving-focus@1.1.11(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/primitive': 1.1.3 + '@radix-ui/react-collection': 1.1.7(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + '@radix-ui/react-context': 1.1.2(react@19.2.6) + '@radix-ui/react-direction': 1.1.1(react@19.2.6) + '@radix-ui/react-id': 1.1.1(react@19.2.6) + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-use-callback-ref': 1.1.1(react@19.2.6) + '@radix-ui/react-use-controllable-state': 1.2.2(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-slot@1.2.3(react@19.2.6)': + dependencies: + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + react: 19.2.6 + + '@radix-ui/react-slot@1.2.4(react@19.2.6)': + dependencies: + '@radix-ui/react-compose-refs': 1.1.2(react@19.2.6) + react: 19.2.6 + + '@radix-ui/react-tabs@1.1.13(react-dom@19.2.6(react@19.2.6))(react@19.2.6)': + dependencies: + '@radix-ui/primitive': 1.1.3 + '@radix-ui/react-context': 1.1.2(react@19.2.6) + '@radix-ui/react-direction': 1.1.1(react@19.2.6) + '@radix-ui/react-id': 1.1.1(react@19.2.6) + '@radix-ui/react-presence': 1.1.5(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-primitive': 2.1.3(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-roving-focus': 1.1.11(react-dom@19.2.6(react@19.2.6))(react@19.2.6) + '@radix-ui/react-use-controllable-state': 1.2.2(react@19.2.6) + react: 19.2.6 + react-dom: 19.2.6(react@19.2.6) + + '@radix-ui/react-use-callback-ref@1.1.1(react@19.2.6)': + dependencies: + react: 19.2.6 + + '@radix-ui/react-use-controllable-state@1.2.2(react@19.2.6)': + dependencies: + '@radix-ui/react-use-effect-event': 0.0.2(react@19.2.6) + '@radix-ui/react-use-layout-effect': 1.1.1(react@19.2.6) + react: 19.2.6 + + '@radix-ui/react-use-effect-event@0.0.2(react@19.2.6)': + dependencies: + '@radix-ui/react-use-layout-effect': 1.1.1(react@19.2.6) + react: 19.2.6 + + '@radix-ui/react-use-escape-keydown@1.1.1(react@19.2.6)': + dependencies: + '@radix-ui/react-use-callback-ref': 1.1.1(react@19.2.6) + react: 19.2.6 + + '@radix-ui/react-use-layout-effect@1.1.1(react@19.2.6)': + dependencies: + react: 19.2.6 + + '@rolldown/pluginutils@1.0.0-rc.3': {} + + '@rollup/rollup-android-arm-eabi@4.60.4': + optional: true + + '@rollup/rollup-android-arm64@4.60.4': + optional: true + + '@rollup/rollup-darwin-arm64@4.60.4': + optional: true + + '@rollup/rollup-darwin-x64@4.60.4': + optional: true + + '@rollup/rollup-freebsd-arm64@4.60.4': + optional: true + + '@rollup/rollup-freebsd-x64@4.60.4': + optional: true + + '@rollup/rollup-linux-arm-gnueabihf@4.60.4': + optional: true + + '@rollup/rollup-linux-arm-musleabihf@4.60.4': + optional: true + + '@rollup/rollup-linux-arm64-gnu@4.60.4': + optional: true + + '@rollup/rollup-linux-arm64-musl@4.60.4': + optional: true + + '@rollup/rollup-linux-loong64-gnu@4.60.4': + optional: true + + '@rollup/rollup-linux-loong64-musl@4.60.4': + optional: true + + '@rollup/rollup-linux-ppc64-gnu@4.60.4': + optional: true + + '@rollup/rollup-linux-ppc64-musl@4.60.4': + optional: true + + '@rollup/rollup-linux-riscv64-gnu@4.60.4': + optional: true + + '@rollup/rollup-linux-riscv64-musl@4.60.4': + optional: true + + '@rollup/rollup-linux-s390x-gnu@4.60.4': + optional: true + + '@rollup/rollup-linux-x64-gnu@4.60.4': + optional: true + + '@rollup/rollup-linux-x64-musl@4.60.4': + optional: true + + '@rollup/rollup-openbsd-x64@4.60.4': + optional: true + + '@rollup/rollup-openharmony-arm64@4.60.4': + optional: true + + '@rollup/rollup-win32-arm64-msvc@4.60.4': + optional: true + + '@rollup/rollup-win32-ia32-msvc@4.60.4': + optional: true + + '@rollup/rollup-win32-x64-gnu@4.60.4': + optional: true + + '@rollup/rollup-win32-x64-msvc@4.60.4': + optional: true + + '@scure/base@2.2.0': {} + + '@standard-schema/spec@1.1.0': {} + + '@tybys/wasm-util@0.10.2': + dependencies: + tslib: 2.8.1 + optional: true + + '@types/babel__core@7.20.5': + dependencies: + '@babel/parser': 7.29.3 + '@babel/types': 7.29.0 + '@types/babel__generator': 7.27.0 + '@types/babel__template': 7.4.4 + '@types/babel__traverse': 7.28.0 + + '@types/babel__generator@7.27.0': + dependencies: + '@babel/types': 7.29.0 + + '@types/babel__template@7.4.4': + dependencies: + '@babel/parser': 7.29.3 + '@babel/types': 7.29.0 + + '@types/babel__traverse@7.28.0': + dependencies: + '@babel/types': 7.29.0 + + '@types/chai@5.2.3': + dependencies: + '@types/deep-eql': 4.0.2 + assertion-error: 2.0.1 + + '@types/deep-eql@4.0.2': {} + + '@types/estree@1.0.8': {} + + '@types/estree@1.0.9': {} + + '@types/json-schema@7.0.15': {} + + '@vitejs/plugin-react@5.2.0(vite@7.3.3)': + dependencies: + '@babel/core': 7.29.0 + '@babel/plugin-transform-react-jsx-self': 7.27.1(@babel/core@7.29.0) + '@babel/plugin-transform-react-jsx-source': 7.27.1(@babel/core@7.29.0) + '@rolldown/pluginutils': 1.0.0-rc.3 + '@types/babel__core': 7.20.5 + react-refresh: 0.18.0 + vite: 7.3.3 + transitivePeerDependencies: + - supports-color + + '@vitest/expect@4.1.6': + dependencies: + '@standard-schema/spec': 1.1.0 + '@types/chai': 5.2.3 + '@vitest/spy': 4.1.6 + '@vitest/utils': 4.1.6 + chai: 6.2.2 + tinyrainbow: 3.1.0 + + '@vitest/mocker@4.1.6(vite@7.3.3)': + dependencies: + '@vitest/spy': 4.1.6 + estree-walker: 3.0.3 + magic-string: 0.30.21 + optionalDependencies: + vite: 7.3.3 + + '@vitest/pretty-format@4.1.6': + dependencies: + tinyrainbow: 3.1.0 + + '@vitest/runner@4.1.6': + dependencies: + '@vitest/utils': 4.1.6 + pathe: 2.0.3 + + '@vitest/snapshot@4.1.6': + dependencies: + '@vitest/pretty-format': 4.1.6 + '@vitest/utils': 4.1.6 + magic-string: 0.30.21 + pathe: 2.0.3 + + '@vitest/spy@4.1.6': {} + + '@vitest/utils@4.1.6': + dependencies: + '@vitest/pretty-format': 4.1.6 + convert-source-map: 2.0.0 + tinyrainbow: 3.1.0 + + acorn-jsx@5.3.2(acorn@8.16.0): + dependencies: + acorn: 8.16.0 + + acorn@8.16.0: {} + + agent-base@7.1.4: {} + + ajv@6.15.0: + dependencies: + fast-deep-equal: 3.1.3 + fast-json-stable-stringify: 2.1.0 + json-schema-traverse: 0.4.1 + uri-js: 4.4.1 + + ansi-regex@5.0.1: {} + + ansi-styles@4.3.0: + dependencies: + color-convert: 2.0.1 + + argparse@2.0.1: {} + + aria-hidden@1.2.6: + dependencies: + tslib: 2.8.1 + + array-buffer-byte-length@1.0.2: + dependencies: + call-bound: 1.0.4 + is-array-buffer: 3.0.5 + + array-includes@3.1.9: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-object-atoms: 1.1.1 + get-intrinsic: 1.3.0 + is-string: 1.1.1 + math-intrinsics: 1.1.0 + + array.prototype.findlast@1.2.5: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-errors: 1.3.0 + es-object-atoms: 1.1.1 + es-shim-unscopables: 1.1.0 + + array.prototype.flat@1.3.3: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-shim-unscopables: 1.1.0 + + array.prototype.flatmap@1.3.3: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-shim-unscopables: 1.1.0 + + array.prototype.tosorted@1.1.4: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-errors: 1.3.0 + es-shim-unscopables: 1.1.0 + + arraybuffer.prototype.slice@1.0.4: + dependencies: + array-buffer-byte-length: 1.0.2 + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-errors: 1.3.0 + get-intrinsic: 1.3.0 + is-array-buffer: 3.0.5 + + asn1.js@5.4.1: + dependencies: + bn.js: 4.12.3 + inherits: 2.0.4 + minimalistic-assert: 1.0.1 + safer-buffer: 2.1.2 + + assertion-error@2.0.1: {} + + async-function@1.0.0: {} + + available-typed-arrays@1.0.7: + dependencies: + possible-typed-array-names: 1.1.0 + + balanced-match@1.0.2: {} + + baseline-browser-mapping@2.10.31: {} + + bn.js@4.12.3: {} + + brace-expansion@1.1.14: + dependencies: + balanced-match: 1.0.2 + concat-map: 0.0.1 + + browserslist@4.28.2: + dependencies: + baseline-browser-mapping: 2.10.31 + caniuse-lite: 1.0.30001793 + electron-to-chromium: 1.5.359 + node-releases: 2.0.44 + update-browserslist-db: 1.2.3(browserslist@4.28.2) + + buffer-equal-constant-time@1.0.1: {} + + call-bind-apply-helpers@1.0.2: + dependencies: + es-errors: 1.3.0 + function-bind: 1.1.2 + + call-bind@1.0.9: + dependencies: + call-bind-apply-helpers: 1.0.2 + es-define-property: 1.0.1 + get-intrinsic: 1.3.0 + set-function-length: 1.2.2 + + call-bound@1.0.4: + dependencies: + call-bind-apply-helpers: 1.0.2 + get-intrinsic: 1.3.0 + + callsites@3.1.0: {} + + caniuse-lite@1.0.30001793: {} + + chai@6.2.2: {} + + chalk@4.1.2: + dependencies: + ansi-styles: 4.3.0 + supports-color: 7.2.0 + + cliui@8.0.1: + dependencies: + string-width: 4.2.3 + strip-ansi: 6.0.1 + wrap-ansi: 7.0.0 + + color-convert@2.0.1: + dependencies: + color-name: 1.1.4 + + color-name@1.1.4: {} + + concat-map@0.0.1: {} + + concurrently@9.2.1: + dependencies: + chalk: 4.1.2 + rxjs: 7.8.2 + shell-quote: 1.8.3 + supports-color: 8.1.1 + tree-kill: 1.2.2 + yargs: 17.7.2 + + convert-source-map@2.0.0: {} + + cross-spawn@7.0.6: + dependencies: + path-key: 3.1.1 + shebang-command: 2.0.0 + which: 2.0.2 + + data-view-buffer@1.0.2: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + is-data-view: 1.0.2 + + data-view-byte-length@1.0.2: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + is-data-view: 1.0.2 + + data-view-byte-offset@1.0.1: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + is-data-view: 1.0.2 + + debug@4.4.3: + dependencies: + ms: 2.1.3 + + deep-is@0.1.4: {} + + define-data-property@1.1.4: + dependencies: + es-define-property: 1.0.1 + es-errors: 1.3.0 + gopd: 1.2.0 + + define-properties@1.2.1: + dependencies: + define-data-property: 1.1.4 + has-property-descriptors: 1.0.2 + object-keys: 1.1.1 + + detect-node-es@1.1.0: {} + + doctrine@2.1.0: + dependencies: + esutils: 2.0.3 + + dunder-proto@1.0.1: + dependencies: + call-bind-apply-helpers: 1.0.2 + es-errors: 1.3.0 + gopd: 1.2.0 + + ecdsa-sig-formatter@1.0.11: + dependencies: + safe-buffer: 5.2.1 + + electron-to-chromium@1.5.359: {} + + emoji-regex@8.0.0: {} + + es-abstract@1.24.2: + dependencies: + array-buffer-byte-length: 1.0.2 + arraybuffer.prototype.slice: 1.0.4 + available-typed-arrays: 1.0.7 + call-bind: 1.0.9 + call-bound: 1.0.4 + data-view-buffer: 1.0.2 + data-view-byte-length: 1.0.2 + data-view-byte-offset: 1.0.1 + es-define-property: 1.0.1 + es-errors: 1.3.0 + es-object-atoms: 1.1.1 + es-set-tostringtag: 2.1.0 + es-to-primitive: 1.3.0 + function.prototype.name: 1.1.8 + get-intrinsic: 1.3.0 + get-proto: 1.0.1 + get-symbol-description: 1.1.0 + globalthis: 1.0.4 + gopd: 1.2.0 + has-property-descriptors: 1.0.2 + has-proto: 1.2.0 + has-symbols: 1.1.0 + hasown: 2.0.3 + internal-slot: 1.1.0 + is-array-buffer: 3.0.5 + is-callable: 1.2.7 + is-data-view: 1.0.2 + is-negative-zero: 2.0.3 + is-regex: 1.2.1 + is-set: 2.0.3 + is-shared-array-buffer: 1.0.4 + is-string: 1.1.1 + is-typed-array: 1.1.15 + is-weakref: 1.1.1 + math-intrinsics: 1.1.0 + object-inspect: 1.13.4 + object-keys: 1.1.1 + object.assign: 4.1.7 + own-keys: 1.0.1 + regexp.prototype.flags: 1.5.4 + safe-array-concat: 1.1.4 + safe-push-apply: 1.0.0 + safe-regex-test: 1.1.0 + set-proto: 1.0.0 + stop-iteration-iterator: 1.1.0 + string.prototype.trim: 1.2.10 + string.prototype.trimend: 1.0.9 + string.prototype.trimstart: 1.0.8 + typed-array-buffer: 1.0.3 + typed-array-byte-length: 1.0.3 + typed-array-byte-offset: 1.0.4 + typed-array-length: 1.0.7 + unbox-primitive: 1.1.0 + which-typed-array: 1.1.20 + + es-define-property@1.0.1: {} + + es-errors@1.3.0: {} + + es-iterator-helpers@1.3.2: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-errors: 1.3.0 + es-set-tostringtag: 2.1.0 + function-bind: 1.1.2 + get-intrinsic: 1.3.0 + globalthis: 1.0.4 + gopd: 1.2.0 + has-property-descriptors: 1.0.2 + has-proto: 1.2.0 + has-symbols: 1.1.0 + internal-slot: 1.1.0 + iterator.prototype: 1.1.5 + math-intrinsics: 1.1.0 + + es-module-lexer@2.1.0: {} + + es-object-atoms@1.1.1: + dependencies: + es-errors: 1.3.0 + + es-set-tostringtag@2.1.0: + dependencies: + es-errors: 1.3.0 + get-intrinsic: 1.3.0 + has-tostringtag: 1.0.2 + hasown: 2.0.3 + + es-shim-unscopables@1.1.0: + dependencies: + hasown: 2.0.3 + + es-to-primitive@1.3.0: + dependencies: + is-callable: 1.2.7 + is-date-object: 1.1.0 + is-symbol: 1.1.1 + + esbuild@0.27.7: + optionalDependencies: + '@esbuild/aix-ppc64': 0.27.7 + '@esbuild/android-arm': 0.27.7 + '@esbuild/android-arm64': 0.27.7 + '@esbuild/android-x64': 0.27.7 + '@esbuild/darwin-arm64': 0.27.7 + '@esbuild/darwin-x64': 0.27.7 + '@esbuild/freebsd-arm64': 0.27.7 + '@esbuild/freebsd-x64': 0.27.7 + '@esbuild/linux-arm': 0.27.7 + '@esbuild/linux-arm64': 0.27.7 + '@esbuild/linux-ia32': 0.27.7 + '@esbuild/linux-loong64': 0.27.7 + '@esbuild/linux-mips64el': 0.27.7 + '@esbuild/linux-ppc64': 0.27.7 + '@esbuild/linux-riscv64': 0.27.7 + '@esbuild/linux-s390x': 0.27.7 + '@esbuild/linux-x64': 0.27.7 + '@esbuild/netbsd-arm64': 0.27.7 + '@esbuild/netbsd-x64': 0.27.7 + '@esbuild/openbsd-arm64': 0.27.7 + '@esbuild/openbsd-x64': 0.27.7 + '@esbuild/openharmony-arm64': 0.27.7 + '@esbuild/sunos-x64': 0.27.7 + '@esbuild/win32-arm64': 0.27.7 + '@esbuild/win32-ia32': 0.27.7 + '@esbuild/win32-x64': 0.27.7 + + escalade@3.2.0: {} + + escape-string-regexp@4.0.0: {} + + eslint-plugin-react-hooks@7.1.1(eslint@9.39.4): + dependencies: + '@babel/core': 7.29.0 + '@babel/parser': 7.29.3 + eslint: 9.39.4 + hermes-parser: 0.25.1 + zod: 4.4.3 + zod-validation-error: 4.0.2(zod@4.4.3) + transitivePeerDependencies: + - supports-color + + eslint-plugin-react-refresh@0.4.26(eslint@9.39.4): + dependencies: + eslint: 9.39.4 + + eslint-plugin-react@7.37.5(eslint@9.39.4): + dependencies: + array-includes: 3.1.9 + array.prototype.findlast: 1.2.5 + array.prototype.flatmap: 1.3.3 + array.prototype.tosorted: 1.1.4 + doctrine: 2.1.0 + es-iterator-helpers: 1.3.2 + eslint: 9.39.4 + estraverse: 5.3.0 + hasown: 2.0.3 + jsx-ast-utils: 3.3.5 + minimatch: 3.1.5 + object.entries: 1.1.9 + object.fromentries: 2.0.8 + object.values: 1.2.1 + prop-types: 15.8.1 + resolve: 2.0.0-next.7 + semver: 6.3.1 + string.prototype.matchall: 4.0.12 + string.prototype.repeat: 1.0.0 + + eslint-scope@8.4.0: + dependencies: + esrecurse: 4.3.0 + estraverse: 5.3.0 + + eslint-visitor-keys@3.4.3: {} + + eslint-visitor-keys@4.2.1: {} + + eslint@9.39.4: + dependencies: + '@eslint-community/eslint-utils': 4.9.1(eslint@9.39.4) + '@eslint-community/regexpp': 4.12.2 + '@eslint/config-array': 0.21.2 + '@eslint/config-helpers': 0.4.2 + '@eslint/core': 0.17.0 + '@eslint/eslintrc': 3.3.5 + '@eslint/js': 9.39.4 + '@eslint/plugin-kit': 0.4.1 + '@humanfs/node': 0.16.8 + '@humanwhocodes/module-importer': 1.0.1 + '@humanwhocodes/retry': 0.4.3 + '@types/estree': 1.0.9 + ajv: 6.15.0 + chalk: 4.1.2 + cross-spawn: 7.0.6 + debug: 4.4.3 + escape-string-regexp: 4.0.0 + eslint-scope: 8.4.0 + eslint-visitor-keys: 4.2.1 + espree: 10.4.0 + esquery: 1.7.0 + esutils: 2.0.3 + fast-deep-equal: 3.1.3 + file-entry-cache: 8.0.0 + find-up: 5.0.0 + glob-parent: 6.0.2 + ignore: 5.3.2 + imurmurhash: 0.1.4 + is-glob: 4.0.3 + json-stable-stringify-without-jsonify: 1.0.1 + lodash.merge: 4.6.2 + minimatch: 3.1.5 + natural-compare: 1.4.0 + optionator: 0.9.4 + transitivePeerDependencies: + - supports-color + + espree@10.4.0: + dependencies: + acorn: 8.16.0 + acorn-jsx: 5.3.2(acorn@8.16.0) + eslint-visitor-keys: 4.2.1 + + esquery@1.7.0: + dependencies: + estraverse: 5.3.0 + + esrecurse@4.3.0: + dependencies: + estraverse: 5.3.0 + + estraverse@5.3.0: {} + + estree-walker@3.0.3: + dependencies: + '@types/estree': 1.0.9 + + esutils@2.0.3: {} + + expect-type@1.3.0: {} + + fast-deep-equal@3.1.3: {} + + fast-json-stable-stringify@2.1.0: {} + + fast-levenshtein@2.0.6: {} + + fdir@6.5.0(picomatch@4.0.4): + optionalDependencies: + picomatch: 4.0.4 + + file-entry-cache@8.0.0: + dependencies: + flat-cache: 4.0.1 + + find-up@5.0.0: + dependencies: + locate-path: 6.0.0 + path-exists: 4.0.0 + + flat-cache@4.0.1: + dependencies: + flatted: 3.4.2 + keyv: 4.5.4 + + flatted@3.4.2: {} + + for-each@0.3.5: + dependencies: + is-callable: 1.2.7 + + fsevents@2.3.3: + optional: true + + function-bind@1.1.2: {} + + function.prototype.name@1.1.8: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + functions-have-names: 1.2.3 + hasown: 2.0.3 + is-callable: 1.2.7 + + functions-have-names@1.2.3: {} + + generator-function@2.0.1: {} + + gensync@1.0.0-beta.2: {} + + get-caller-file@2.0.5: {} + + get-intrinsic@1.3.0: + dependencies: + call-bind-apply-helpers: 1.0.2 + es-define-property: 1.0.1 + es-errors: 1.3.0 + es-object-atoms: 1.1.1 + function-bind: 1.1.2 + get-proto: 1.0.1 + gopd: 1.2.0 + has-symbols: 1.1.0 + hasown: 2.0.3 + math-intrinsics: 1.1.0 + + get-nonce@1.0.1: {} + + get-proto@1.0.1: + dependencies: + dunder-proto: 1.0.1 + es-object-atoms: 1.1.1 + + get-symbol-description@1.1.0: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + get-intrinsic: 1.3.0 + + glob-parent@6.0.2: + dependencies: + is-glob: 4.0.3 + + globals@14.0.0: {} + + globals@16.5.0: {} + + globalthis@1.0.4: + dependencies: + define-properties: 1.2.1 + gopd: 1.2.0 + + gopd@1.2.0: {} + + has-bigints@1.1.0: {} + + has-flag@4.0.0: {} + + has-property-descriptors@1.0.2: + dependencies: + es-define-property: 1.0.1 + + has-proto@1.2.0: + dependencies: + dunder-proto: 1.0.1 + + has-symbols@1.1.0: {} + + has-tostringtag@1.0.2: + dependencies: + has-symbols: 1.1.0 + + hasown@2.0.3: + dependencies: + function-bind: 1.1.2 + + hermes-estree@0.25.1: {} + + hermes-parser@0.25.1: + dependencies: + hermes-estree: 0.25.1 + + hono@4.12.21: {} + + http_ece@1.2.0: {} + + https-proxy-agent@7.0.6: + dependencies: + agent-base: 7.1.4 + debug: 4.4.3 + transitivePeerDependencies: + - supports-color + + ignore@5.3.2: {} + + import-fresh@3.3.1: + dependencies: + parent-module: 1.0.1 + resolve-from: 4.0.0 + + imurmurhash@0.1.4: {} + + inherits@2.0.4: {} + + internal-slot@1.1.0: + dependencies: + es-errors: 1.3.0 + hasown: 2.0.3 + side-channel: 1.1.0 + + is-array-buffer@3.0.5: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + get-intrinsic: 1.3.0 + + is-async-function@2.1.1: + dependencies: + async-function: 1.0.0 + call-bound: 1.0.4 + get-proto: 1.0.1 + has-tostringtag: 1.0.2 + safe-regex-test: 1.1.0 + + is-bigint@1.1.0: + dependencies: + has-bigints: 1.1.0 + + is-boolean-object@1.2.2: + dependencies: + call-bound: 1.0.4 + has-tostringtag: 1.0.2 + + is-callable@1.2.7: {} + + is-core-module@2.16.2: + dependencies: + hasown: 2.0.3 + + is-data-view@1.0.2: + dependencies: + call-bound: 1.0.4 + get-intrinsic: 1.3.0 + is-typed-array: 1.1.15 + + is-date-object@1.1.0: + dependencies: + call-bound: 1.0.4 + has-tostringtag: 1.0.2 + + is-extglob@2.1.1: {} + + is-finalizationregistry@1.1.1: + dependencies: + call-bound: 1.0.4 + + is-fullwidth-code-point@3.0.0: {} + + is-generator-function@1.1.2: + dependencies: + call-bound: 1.0.4 + generator-function: 2.0.1 + get-proto: 1.0.1 + has-tostringtag: 1.0.2 + safe-regex-test: 1.1.0 + + is-glob@4.0.3: + dependencies: + is-extglob: 2.1.1 + + is-map@2.0.3: {} + + is-negative-zero@2.0.3: {} + + is-number-object@1.1.1: + dependencies: + call-bound: 1.0.4 + has-tostringtag: 1.0.2 + + is-regex@1.2.1: + dependencies: + call-bound: 1.0.4 + gopd: 1.2.0 + has-tostringtag: 1.0.2 + hasown: 2.0.3 + + is-set@2.0.3: {} + + is-shared-array-buffer@1.0.4: + dependencies: + call-bound: 1.0.4 + + is-string@1.1.1: + dependencies: + call-bound: 1.0.4 + has-tostringtag: 1.0.2 + + is-symbol@1.1.1: + dependencies: + call-bound: 1.0.4 + has-symbols: 1.1.0 + safe-regex-test: 1.1.0 + + is-typed-array@1.1.15: + dependencies: + which-typed-array: 1.1.20 + + is-weakmap@2.0.2: {} + + is-weakref@1.1.1: + dependencies: + call-bound: 1.0.4 + + is-weakset@2.0.4: + dependencies: + call-bound: 1.0.4 + get-intrinsic: 1.3.0 + + isarray@2.0.5: {} + + isexe@2.0.0: {} + + iterator.prototype@1.1.5: + dependencies: + define-data-property: 1.1.4 + es-object-atoms: 1.1.1 + get-intrinsic: 1.3.0 + get-proto: 1.0.1 + has-symbols: 1.1.0 + set-function-name: 2.0.2 + + js-tokens@4.0.0: {} + + js-yaml@4.1.1: + dependencies: + argparse: 2.0.1 + + jsesc@3.1.0: {} + + json-buffer@3.0.1: {} + + json-schema-traverse@0.4.1: {} + + json-stable-stringify-without-jsonify@1.0.1: {} + + json5@2.2.3: {} + + jsx-ast-utils@3.3.5: + dependencies: + array-includes: 3.1.9 + array.prototype.flat: 1.3.3 + object.assign: 4.1.7 + object.values: 1.2.1 + + jwa@2.0.1: + dependencies: + buffer-equal-constant-time: 1.0.1 + ecdsa-sig-formatter: 1.0.11 + safe-buffer: 5.2.1 + + jws@4.0.1: + dependencies: + jwa: 2.0.1 + safe-buffer: 5.2.1 + + keyv@4.5.4: + dependencies: + json-buffer: 3.0.1 + + levn@0.4.1: + dependencies: + prelude-ls: 1.2.1 + type-check: 0.4.0 + + locate-path@6.0.0: + dependencies: + p-locate: 5.0.0 + + lodash.merge@4.6.2: {} + + loose-envify@1.4.0: + dependencies: + js-tokens: 4.0.0 + + lru-cache@5.1.1: + dependencies: + yallist: 3.1.1 + + lucide-react@0.555.0(react@19.2.6): + dependencies: + react: 19.2.6 + + magic-string@0.30.21: + dependencies: + '@jridgewell/sourcemap-codec': 1.5.5 + + math-intrinsics@1.1.0: {} + + minimalistic-assert@1.0.1: {} + + minimatch@3.1.5: + dependencies: + brace-expansion: 1.1.14 + + minimist@1.2.8: {} + + ms@2.1.3: {} + + nanoid@3.3.12: {} + + natural-compare@1.4.0: {} + + node-exports-info@1.6.0: + dependencies: + array.prototype.flatmap: 1.3.3 + es-errors: 1.3.0 + object.entries: 1.1.9 + semver: 6.3.1 + + node-releases@2.0.44: {} + + object-assign@4.1.1: {} + + object-inspect@1.13.4: {} + + object-keys@1.1.1: {} + + object.assign@4.1.7: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-object-atoms: 1.1.1 + has-symbols: 1.1.0 + object-keys: 1.1.1 + + object.entries@1.1.9: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-object-atoms: 1.1.1 + + object.fromentries@2.0.8: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-object-atoms: 1.1.1 + + object.values@1.2.1: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-object-atoms: 1.1.1 + + obug@2.1.1: {} + + optionator@0.9.4: + dependencies: + deep-is: 0.1.4 + fast-levenshtein: 2.0.6 + levn: 0.4.1 + prelude-ls: 1.2.1 + type-check: 0.4.0 + word-wrap: 1.2.5 + + otplib@13.4.0: + dependencies: + '@otplib/core': 13.4.0 + '@otplib/hotp': 13.4.0 + '@otplib/plugin-base32-scure': 13.4.0 + '@otplib/plugin-crypto-noble': 13.4.0 + '@otplib/totp': 13.4.0 + '@otplib/uri': 13.4.0 + + own-keys@1.0.1: + dependencies: + get-intrinsic: 1.3.0 + object-keys: 1.1.1 + safe-push-apply: 1.0.0 + + p-limit@3.1.0: + dependencies: + yocto-queue: 0.1.0 + + p-locate@5.0.0: + dependencies: + p-limit: 3.1.0 + + parent-module@1.0.1: + dependencies: + callsites: 3.1.0 + + path-exists@4.0.0: {} + + path-key@3.1.1: {} + + path-parse@1.0.7: {} + + pathe@2.0.3: {} + + pg-cloudflare@1.4.0: + optional: true + + pg-connection-string@2.13.0: {} + + pg-int8@1.0.1: {} + + pg-pool@3.14.0(pg@8.21.0): + dependencies: + pg: 8.21.0 + + pg-protocol@1.14.0: {} + + pg-types@2.2.0: + dependencies: + pg-int8: 1.0.1 + postgres-array: 2.0.0 + postgres-bytea: 1.0.1 + postgres-date: 1.0.7 + postgres-interval: 1.2.0 + + pg@8.21.0: + dependencies: + pg-connection-string: 2.13.0 + pg-pool: 3.14.0(pg@8.21.0) + pg-protocol: 1.14.0 + pg-types: 2.2.0 + pgpass: 1.0.5 + optionalDependencies: + pg-cloudflare: 1.4.0 + + pgpass@1.0.5: + dependencies: + split2: 4.2.0 + + picocolors@1.1.1: {} + + picomatch@4.0.4: {} + + possible-typed-array-names@1.1.0: {} + + postcss@8.5.15: + dependencies: + nanoid: 3.3.12 + picocolors: 1.1.1 + source-map-js: 1.2.1 + + postgres-array@2.0.0: {} + + postgres-bytea@1.0.1: {} + + postgres-date@1.0.7: {} + + postgres-interval@1.2.0: + dependencies: + xtend: 4.0.2 + + prelude-ls@1.2.1: {} + + prettier@3.8.3: {} + + prop-types@15.8.1: + dependencies: + loose-envify: 1.4.0 + object-assign: 4.1.1 + react-is: 16.13.1 + + punycode@2.3.1: {} + + qrcode.react@4.2.0(react@19.2.6): + dependencies: + react: 19.2.6 + + react-dom@19.2.6(react@19.2.6): + dependencies: + react: 19.2.6 + scheduler: 0.27.0 + + react-is@16.13.1: {} + + react-refresh@0.18.0: {} + + react-remove-scroll-bar@2.3.8(react@19.2.6): + dependencies: + react: 19.2.6 + react-style-singleton: 2.2.3(react@19.2.6) + tslib: 2.8.1 + + react-remove-scroll@2.7.2(react@19.2.6): + dependencies: + react: 19.2.6 + react-remove-scroll-bar: 2.3.8(react@19.2.6) + react-style-singleton: 2.2.3(react@19.2.6) + tslib: 2.8.1 + use-callback-ref: 1.3.3(react@19.2.6) + use-sidecar: 1.1.3(react@19.2.6) + + react-style-singleton@2.2.3(react@19.2.6): + dependencies: + get-nonce: 1.0.1 + react: 19.2.6 + tslib: 2.8.1 + + react@19.2.6: {} + + reflect.getprototypeof@1.0.10: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-errors: 1.3.0 + es-object-atoms: 1.1.1 + get-intrinsic: 1.3.0 + get-proto: 1.0.1 + which-builtin-type: 1.2.1 + + regexp.prototype.flags@1.5.4: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-errors: 1.3.0 + get-proto: 1.0.1 + gopd: 1.2.0 + set-function-name: 2.0.2 + + require-directory@2.1.1: {} + + resolve-from@4.0.0: {} + + resolve@2.0.0-next.7: + dependencies: + es-errors: 1.3.0 + is-core-module: 2.16.2 + node-exports-info: 1.6.0 + object-keys: 1.1.1 + path-parse: 1.0.7 + supports-preserve-symlinks-flag: 1.0.0 + + rollup@4.60.4: + dependencies: + '@types/estree': 1.0.8 + optionalDependencies: + '@rollup/rollup-android-arm-eabi': 4.60.4 + '@rollup/rollup-android-arm64': 4.60.4 + '@rollup/rollup-darwin-arm64': 4.60.4 + '@rollup/rollup-darwin-x64': 4.60.4 + '@rollup/rollup-freebsd-arm64': 4.60.4 + '@rollup/rollup-freebsd-x64': 4.60.4 + '@rollup/rollup-linux-arm-gnueabihf': 4.60.4 + '@rollup/rollup-linux-arm-musleabihf': 4.60.4 + '@rollup/rollup-linux-arm64-gnu': 4.60.4 + '@rollup/rollup-linux-arm64-musl': 4.60.4 + '@rollup/rollup-linux-loong64-gnu': 4.60.4 + '@rollup/rollup-linux-loong64-musl': 4.60.4 + '@rollup/rollup-linux-ppc64-gnu': 4.60.4 + '@rollup/rollup-linux-ppc64-musl': 4.60.4 + '@rollup/rollup-linux-riscv64-gnu': 4.60.4 + '@rollup/rollup-linux-riscv64-musl': 4.60.4 + '@rollup/rollup-linux-s390x-gnu': 4.60.4 + '@rollup/rollup-linux-x64-gnu': 4.60.4 + '@rollup/rollup-linux-x64-musl': 4.60.4 + '@rollup/rollup-openbsd-x64': 4.60.4 + '@rollup/rollup-openharmony-arm64': 4.60.4 + '@rollup/rollup-win32-arm64-msvc': 4.60.4 + '@rollup/rollup-win32-ia32-msvc': 4.60.4 + '@rollup/rollup-win32-x64-gnu': 4.60.4 + '@rollup/rollup-win32-x64-msvc': 4.60.4 + fsevents: 2.3.3 + + rxjs@7.8.2: + dependencies: + tslib: 2.8.1 + + safe-array-concat@1.1.4: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + get-intrinsic: 1.3.0 + has-symbols: 1.1.0 + isarray: 2.0.5 + + safe-buffer@5.2.1: {} + + safe-push-apply@1.0.0: + dependencies: + es-errors: 1.3.0 + isarray: 2.0.5 + + safe-regex-test@1.1.0: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + is-regex: 1.2.1 + + safer-buffer@2.1.2: {} + + scheduler@0.27.0: {} + + semver@6.3.1: {} + + set-function-length@1.2.2: + dependencies: + define-data-property: 1.1.4 + es-errors: 1.3.0 + function-bind: 1.1.2 + get-intrinsic: 1.3.0 + gopd: 1.2.0 + has-property-descriptors: 1.0.2 + + set-function-name@2.0.2: + dependencies: + define-data-property: 1.1.4 + es-errors: 1.3.0 + functions-have-names: 1.2.3 + has-property-descriptors: 1.0.2 + + set-proto@1.0.0: + dependencies: + dunder-proto: 1.0.1 + es-errors: 1.3.0 + es-object-atoms: 1.1.1 + + shebang-command@2.0.0: + dependencies: + shebang-regex: 3.0.0 + + shebang-regex@3.0.0: {} + + shell-quote@1.8.3: {} + + side-channel-list@1.0.1: + dependencies: + es-errors: 1.3.0 + object-inspect: 1.13.4 + + side-channel-map@1.0.1: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + get-intrinsic: 1.3.0 + object-inspect: 1.13.4 + + side-channel-weakmap@1.0.2: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + get-intrinsic: 1.3.0 + object-inspect: 1.13.4 + side-channel-map: 1.0.1 + + side-channel@1.1.0: + dependencies: + es-errors: 1.3.0 + object-inspect: 1.13.4 + side-channel-list: 1.0.1 + side-channel-map: 1.0.1 + side-channel-weakmap: 1.0.2 + + siginfo@2.0.0: {} + + source-map-js@1.2.1: {} + + split2@4.2.0: {} + + stackback@0.0.2: {} + + std-env@4.1.0: {} + + stop-iteration-iterator@1.1.0: + dependencies: + es-errors: 1.3.0 + internal-slot: 1.1.0 + + string-width@4.2.3: + dependencies: + emoji-regex: 8.0.0 + is-fullwidth-code-point: 3.0.0 + strip-ansi: 6.0.1 + + string.prototype.matchall@4.0.12: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-errors: 1.3.0 + es-object-atoms: 1.1.1 + get-intrinsic: 1.3.0 + gopd: 1.2.0 + has-symbols: 1.1.0 + internal-slot: 1.1.0 + regexp.prototype.flags: 1.5.4 + set-function-name: 2.0.2 + side-channel: 1.1.0 + + string.prototype.repeat@1.0.0: + dependencies: + define-properties: 1.2.1 + es-abstract: 1.24.2 + + string.prototype.trim@1.2.10: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-data-property: 1.1.4 + define-properties: 1.2.1 + es-abstract: 1.24.2 + es-object-atoms: 1.1.1 + has-property-descriptors: 1.0.2 + + string.prototype.trimend@1.0.9: + dependencies: + call-bind: 1.0.9 + call-bound: 1.0.4 + define-properties: 1.2.1 + es-object-atoms: 1.1.1 + + string.prototype.trimstart@1.0.8: + dependencies: + call-bind: 1.0.9 + define-properties: 1.2.1 + es-object-atoms: 1.1.1 + + strip-ansi@6.0.1: + dependencies: + ansi-regex: 5.0.1 + + strip-json-comments@3.1.1: {} + + supports-color@7.2.0: + dependencies: + has-flag: 4.0.0 + + supports-color@8.1.1: + dependencies: + has-flag: 4.0.0 + + supports-preserve-symlinks-flag@1.0.0: {} + + tinybench@2.9.0: {} + + tinyexec@1.1.2: {} + + tinyglobby@0.2.16: + dependencies: + fdir: 6.5.0(picomatch@4.0.4) + picomatch: 4.0.4 + + tinyrainbow@3.1.0: {} + + tree-kill@1.2.2: {} + + tslib@2.8.1: {} + + type-check@0.4.0: + dependencies: + prelude-ls: 1.2.1 + + typed-array-buffer@1.0.3: + dependencies: + call-bound: 1.0.4 + es-errors: 1.3.0 + is-typed-array: 1.1.15 + + typed-array-byte-length@1.0.3: + dependencies: + call-bind: 1.0.9 + for-each: 0.3.5 + gopd: 1.2.0 + has-proto: 1.2.0 + is-typed-array: 1.1.15 + + typed-array-byte-offset@1.0.4: + dependencies: + available-typed-arrays: 1.0.7 + call-bind: 1.0.9 + for-each: 0.3.5 + gopd: 1.2.0 + has-proto: 1.2.0 + is-typed-array: 1.1.15 + reflect.getprototypeof: 1.0.10 + + typed-array-length@1.0.7: + dependencies: + call-bind: 1.0.9 + for-each: 0.3.5 + gopd: 1.2.0 + is-typed-array: 1.1.15 + possible-typed-array-names: 1.1.0 + reflect.getprototypeof: 1.0.10 + + unbox-primitive@1.1.0: + dependencies: + call-bound: 1.0.4 + has-bigints: 1.1.0 + has-symbols: 1.1.0 + which-boxed-primitive: 1.1.1 + + update-browserslist-db@1.2.3(browserslist@4.28.2): + dependencies: + browserslist: 4.28.2 + escalade: 3.2.0 + picocolors: 1.1.1 + + uri-js@4.4.1: + dependencies: + punycode: 2.3.1 + + use-callback-ref@1.3.3(react@19.2.6): + dependencies: + react: 19.2.6 + tslib: 2.8.1 + + use-sidecar@1.1.3(react@19.2.6): + dependencies: + detect-node-es: 1.1.0 + react: 19.2.6 + tslib: 2.8.1 + + vite@7.3.3: + dependencies: + esbuild: 0.27.7 + fdir: 6.5.0(picomatch@4.0.4) + picomatch: 4.0.4 + postcss: 8.5.15 + rollup: 4.60.4 + tinyglobby: 0.2.16 + optionalDependencies: + fsevents: 2.3.3 + + vitest@4.1.6(vite@7.3.3): + dependencies: + '@vitest/expect': 4.1.6 + '@vitest/mocker': 4.1.6(vite@7.3.3) + '@vitest/pretty-format': 4.1.6 + '@vitest/runner': 4.1.6 + '@vitest/snapshot': 4.1.6 + '@vitest/spy': 4.1.6 + '@vitest/utils': 4.1.6 + es-module-lexer: 2.1.0 + expect-type: 1.3.0 + magic-string: 0.30.21 + obug: 2.1.1 + pathe: 2.0.3 + picomatch: 4.0.4 + std-env: 4.1.0 + tinybench: 2.9.0 + tinyexec: 1.1.2 + tinyglobby: 0.2.16 + tinyrainbow: 3.1.0 + vite: 7.3.3 + why-is-node-running: 2.3.0 + transitivePeerDependencies: + - msw + + web-push@3.6.7: + dependencies: + asn1.js: 5.4.1 + http_ece: 1.2.0 + https-proxy-agent: 7.0.6 + jws: 4.0.1 + minimist: 1.2.8 + transitivePeerDependencies: + - supports-color + + which-boxed-primitive@1.1.1: + dependencies: + is-bigint: 1.1.0 + is-boolean-object: 1.2.2 + is-number-object: 1.1.1 + is-string: 1.1.1 + is-symbol: 1.1.1 + + which-builtin-type@1.2.1: + dependencies: + call-bound: 1.0.4 + function.prototype.name: 1.1.8 + has-tostringtag: 1.0.2 + is-async-function: 2.1.1 + is-date-object: 1.1.0 + is-finalizationregistry: 1.1.1 + is-generator-function: 1.1.2 + is-regex: 1.2.1 + is-weakref: 1.1.1 + isarray: 2.0.5 + which-boxed-primitive: 1.1.1 + which-collection: 1.0.2 + which-typed-array: 1.1.20 + + which-collection@1.0.2: + dependencies: + is-map: 2.0.3 + is-set: 2.0.3 + is-weakmap: 2.0.2 + is-weakset: 2.0.4 + + which-typed-array@1.1.20: + dependencies: + available-typed-arrays: 1.0.7 + call-bind: 1.0.9 + call-bound: 1.0.4 + for-each: 0.3.5 + get-proto: 1.0.1 + gopd: 1.2.0 + has-tostringtag: 1.0.2 + + which@2.0.2: + dependencies: + isexe: 2.0.0 + + why-is-node-running@2.3.0: + dependencies: + siginfo: 2.0.0 + stackback: 0.0.2 + + word-wrap@1.2.5: {} + + wrap-ansi@7.0.0: + dependencies: + ansi-styles: 4.3.0 + string-width: 4.2.3 + strip-ansi: 6.0.1 + + xtend@4.0.2: {} + + y18n@5.0.8: {} + + yallist@3.1.1: {} + + yargs-parser@21.1.1: {} + + yargs@17.7.2: + dependencies: + cliui: 8.0.1 + escalade: 3.2.0 + get-caller-file: 2.0.5 + require-directory: 2.1.1 + string-width: 4.2.3 + y18n: 5.0.8 + yargs-parser: 21.1.1 + + yocto-queue@0.1.0: {} + + zod-validation-error@4.0.2(zod@4.4.3): + dependencies: + zod: 4.4.3 + + zod@4.4.3: {} diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml new file mode 100644 index 0000000..09a02ca --- /dev/null +++ b/pnpm-workspace.yaml @@ -0,0 +1,4 @@ +allowBuilds: + esbuild: true +onlyBuiltDependencies: + - esbuild diff --git a/public/push-sw.js b/public/push-sw.js new file mode 100644 index 0000000..285cebf --- /dev/null +++ b/public/push-sw.js @@ -0,0 +1,19 @@ +/* global self */ + +self.addEventListener('push', (event) => { + const payload = event.data?.json?.() ?? { + title: 'CertRemind', + body: '証明書に関する通知があります', + }; + + event.waitUntil( + self.registration.showNotification(payload.title || 'CertRemind', { + body: payload.body || '証明書に関する通知があります', + }), + ); +}); + +self.addEventListener('notificationclick', (event) => { + event.notification.close(); + event.waitUntil(self.clients.openWindow('/')); +}); diff --git a/src/client/App.jsx b/src/client/App.jsx new file mode 100644 index 0000000..d1c0d2e --- /dev/null +++ b/src/client/App.jsx @@ -0,0 +1,232 @@ +import { useCallback, useEffect, useMemo, useRef, useState } from 'react'; +import { request } from './api/client.js'; +import { Sidebar } from './components/Sidebar.jsx'; +import { ToastProvider, useToast } from './components/Toast.jsx'; +import { AccountView } from './routes/AccountView.jsx'; +import { AlertsView } from './routes/AlertsView.jsx'; +import { AuthPanel } from './routes/AuthPanel.jsx'; +import { NotificationMethodsView } from './routes/NotificationMethodsView.jsx'; +import { SiteSettingsPanel } from './routes/SiteSettingsPanel.jsx'; +import { SitesView } from './routes/SitesView.jsx'; + +const viewPaths = { + sites: '/sites', + alerts: '/alerts', + notifications: '/notifications', + account: '/account', +}; + +function normalizedPath(pathname) { + if (!pathname || pathname === '/') return '/'; + return pathname.endsWith('/') ? pathname.slice(0, -1) : pathname; +} + +function parseRoute(pathname) { + const path = normalizedPath(pathname); + if (path === '/') return { kind: 'root' }; + if (path === '/login') return { kind: 'auth', mode: 'login' }; + if (path === '/register') return { kind: 'auth', mode: 'register' }; + if (path === '/sites') return { kind: 'sites', activeView: 'sites', protected: true }; + if (path === '/alerts') return { kind: 'alerts', activeView: 'alerts', protected: true }; + if (path === '/notifications') { + return { kind: 'notifications', activeView: 'notifications', protected: true }; + } + if (path === '/account') return { kind: 'account', activeView: 'account', protected: true }; + + const siteSettingsMatch = path.match(/^\/sites\/([^/]+)\/settings$/); + if (siteSettingsMatch) { + return { + kind: 'siteSettings', + activeView: 'sites', + protected: true, + siteId: decodeURIComponent(siteSettingsMatch[1]), + }; + } + + return { kind: 'notFound' }; +} + +function isProtectedPath(pathname) { + return Boolean(parseRoute(pathname).protected); +} + +function currentPath() { + return normalizedPath(window.location.pathname); +} + +export function App() { + const [user, setUser] = useState(null); + const [locationPath, setLocationPath] = useState(currentPath); + const [ready, setReady] = useState(false); + const pendingReturnPath = useRef(null); + + const route = parseRoute(locationPath); + + const navigate = useCallback((path, options = {}) => { + const nextPath = normalizedPath(path); + if (currentPath() !== nextPath) { + const method = options.replace ? 'replaceState' : 'pushState'; + window.history[method](null, '', nextPath); + } + setLocationPath(nextPath); + }, []); + + const logout = useMemo( + () => async () => { + await request('/api/auth/logout', { method: 'POST' }).catch(() => {}); + pendingReturnPath.current = null; + setUser(null); + navigate('/login', { replace: true }); + }, + [navigate], + ); + + useEffect(() => { + function handlePopState() { + setLocationPath(currentPath()); + } + window.addEventListener('popstate', handlePopState); + return () => window.removeEventListener('popstate', handlePopState); + }, []); + + useEffect(() => { + async function boot() { + const csrf = await request('/api/auth/csrf'); + localStorage.setItem('csrfToken', csrf.csrfToken); + const me = await request('/api/auth/me').catch(() => null); + setUser(me?.user ?? null); + setReady(true); + } + boot(); + }, []); + + useEffect(() => { + if (!ready) return; + + if (user) { + if (route.kind === 'auth' || route.kind === 'root' || route.kind === 'notFound') { + navigate('/sites', { replace: true }); + } + return; + } + + if (route.protected) { + pendingReturnPath.current = locationPath; + navigate('/login', { replace: true }); + return; + } + + if (route.kind === 'root' || route.kind === 'notFound') { + navigate('/login', { replace: true }); + } + }, [locationPath, navigate, ready, route.kind, route.protected, user]); + + if (!ready) { + return
CertRemind
; + } + + if (!user) { + const mode = route.kind === 'auth' ? route.mode : 'login'; + return ( + navigate(nextMode === 'register' ? '/register' : '/login')} + onAuthed={(nextUser) => { + setUser(nextUser); + const returnPath = pendingReturnPath.current; + pendingReturnPath.current = null; + navigate(isProtectedPath(returnPath) ? returnPath : '/sites', { replace: true }); + }} + /> + ); + } + + function withShell(content) { + return ( + +
+ navigate(viewPaths[nextView] ?? '/sites')} + onLogout={logout} + /> +
{content}
+
+ + ); + } + + if (route.kind === 'siteSettings') { + return withShell( + navigate('/sites')} navigate={navigate} />, + ); + } + + if (route.kind === 'alerts') { + return withShell( navigate('/sites')} />); + } + + if (route.kind === 'notifications') { + return withShell( navigate('/sites')} />); + } + + if (route.kind === 'account') { + return withShell( + navigate('/sites')} + onSignedOut={() => { + pendingReturnPath.current = null; + setUser(null); + navigate('/login', { replace: true }); + }} + />, + ); + } + + return withShell( + + navigate(`/sites/${encodeURIComponent(site.siteId)}/settings`) + } + />, + ); +} + +function SiteSettingsRoute({ siteId, onBack, navigate }) { + const [site, setSite] = useState(null); + const [loadingSiteId, setLoadingSiteId] = useState(siteId); + const { showToast } = useToast(); + + useEffect(() => { + let active = true; + setSite(null); + setLoadingSiteId(siteId); + + async function loadSite() { + try { + const data = await request(`/api/sites/${siteId}`); + if (active) { + setSite(data.site); + } + } catch (err) { + if (active) { + showToast({ type: 'error', message: err.message }); + navigate('/sites', { replace: true }); + } + } + } + + loadSite(); + return () => { + active = false; + }; + }, [navigate, showToast, siteId]); + + if (!site || loadingSiteId !== siteId) { + return
CertRemind
; + } + + return ; +} diff --git a/src/client/api/client.js b/src/client/api/client.js new file mode 100644 index 0000000..f577ad7 --- /dev/null +++ b/src/client/api/client.js @@ -0,0 +1,20 @@ +export async function request(path, options = {}) { + const csrf = localStorage.getItem('csrfToken'); + const response = await fetch(path, { + credentials: 'include', + headers: { + 'Content-Type': 'application/json', + ...(csrf ? { 'x-csrf-token': csrf } : {}), + ...options.headers, + }, + ...options, + }); + + const data = await response.json().catch(() => ({})); + if (!response.ok) { + const error = new Error(data.error || 'リクエストに失敗しました'); + Object.assign(error, data); + throw error; + } + return data; +} diff --git a/src/client/components/ConfirmDialog.jsx b/src/client/components/ConfirmDialog.jsx new file mode 100644 index 0000000..30c223f --- /dev/null +++ b/src/client/components/ConfirmDialog.jsx @@ -0,0 +1,41 @@ +import * as Dialog from '@radix-ui/react-dialog'; + +export function ConfirmDialog({ + trigger, + title, + description, + confirmLabel = '削除', + cancelLabel = 'キャンセル', + onConfirm, + disabled = false, +}) { + return ( + + {trigger} + + + + {title} + {description} +
+ + + + + + +
+ + + + ); +} diff --git a/src/client/components/Field.jsx b/src/client/components/Field.jsx new file mode 100644 index 0000000..394f044 --- /dev/null +++ b/src/client/components/Field.jsx @@ -0,0 +1,10 @@ +import * as Label from '@radix-ui/react-label'; + +export function Field({ label, children }) { + return ( +
+ {label} + {children} +
+ ); +} diff --git a/src/client/components/Sidebar.jsx b/src/client/components/Sidebar.jsx new file mode 100644 index 0000000..a658057 --- /dev/null +++ b/src/client/components/Sidebar.jsx @@ -0,0 +1,49 @@ +import { Bell, Globe2, Link, LogOut, ShieldCheck, UserRound } from 'lucide-react'; + +const navItems = [ + { view: 'sites', label: 'サイト一覧', icon: Globe2 }, + { view: 'alerts', label: 'アラート履歴', icon: Bell }, + { view: 'notifications', label: '通知方法', icon: Link }, + { view: 'account', label: 'アカウント', icon: UserRound }, +]; + +export function Sidebar({ activeView, user, onNavigate, onLogout }) { + return ( + + ); +} diff --git a/src/client/components/Toast.jsx b/src/client/components/Toast.jsx new file mode 100644 index 0000000..651bfae --- /dev/null +++ b/src/client/components/Toast.jsx @@ -0,0 +1,104 @@ +/* eslint-disable react-refresh/only-export-components */ +import { createContext, useCallback, useContext, useEffect, useMemo, useRef, useState } from 'react'; +import { AlertCircle, CheckCircle2, X } from 'lucide-react'; + +const ToastContext = createContext(null); +let nextToastId = 0; + +export function ToastProvider({ children }) { + const [toasts, setToasts] = useState([]); + const timeoutIds = useRef(new Map()); + + const dismissToast = useCallback((toastId) => { + const timeoutId = timeoutIds.current.get(toastId); + if (timeoutId) { + window.clearTimeout(timeoutId); + timeoutIds.current.delete(toastId); + } + setToasts((current) => current.filter((item) => item.toastId !== toastId)); + }, []); + + const showToast = useCallback( + ({ type = 'success', message, timeout = 5000 }) => { + if (!message) return; + const toastId = nextToastId + 1; + nextToastId = toastId; + const timeoutId = + timeout > 0 ? window.setTimeout(() => dismissToast(toastId), timeout) : undefined; + if (timeoutId) { + timeoutIds.current.set(toastId, timeoutId); + } + setToasts((current) => { + const next = [{ toastId, type, message }, ...current].slice(0, 4); + current + .filter((toast) => !next.some((nextToast) => nextToast.toastId === toast.toastId)) + .forEach((toast) => { + const staleTimeoutId = timeoutIds.current.get(toast.toastId); + if (staleTimeoutId) { + window.clearTimeout(staleTimeoutId); + timeoutIds.current.delete(toast.toastId); + } + }); + return next; + }); + }, + [dismissToast], + ); + + useEffect(() => { + const timeouts = timeoutIds.current; + return () => { + timeouts.forEach((timeoutId) => window.clearTimeout(timeoutId)); + timeouts.clear(); + }; + }, []); + + const value = useMemo(() => ({ showToast }), [showToast]); + + return ( + + {children} + + + ); +} + +export function useToast() { + const context = useContext(ToastContext); + if (!context) { + throw new Error('useToast must be used within ToastProvider'); + } + return context; +} + +function ToastViewport({ toasts, onDismiss }) { + if (toasts.length === 0) return null; + + return ( +
+ {toasts.map((toast) => { + const isError = toast.type === 'error'; + const Icon = isError ? AlertCircle : CheckCircle2; + return ( +
+
+ ); + })} +
+ ); +} diff --git a/src/client/main.jsx b/src/client/main.jsx new file mode 100644 index 0000000..51417c2 --- /dev/null +++ b/src/client/main.jsx @@ -0,0 +1,10 @@ +import React from 'react'; +import { createRoot } from 'react-dom/client'; +import { App } from './App.jsx'; +import './styles/app.css'; + +createRoot(document.getElementById('root')).render( + + + , +); diff --git a/src/client/routes/AccountView.jsx b/src/client/routes/AccountView.jsx new file mode 100644 index 0000000..00aa0ee --- /dev/null +++ b/src/client/routes/AccountView.jsx @@ -0,0 +1,439 @@ +import { useEffect, useState } from 'react'; +import * as Dialog from '@radix-ui/react-dialog'; +import { ArrowLeft, KeyRound, ShieldCheck, Trash2, UserRound } from 'lucide-react'; +import { QRCodeSVG } from 'qrcode.react'; +import { request } from '../api/client.js'; +import { ConfirmDialog } from '../components/ConfirmDialog.jsx'; +import { Field } from '../components/Field.jsx'; +import { useToast } from '../components/Toast.jsx'; + +function requireValue(value, label) { + if (!value.trim()) { + throw new Error(`${label}を入力してください`); + } +} + +function validatePassword(value, label) { + requireValue(value, label); + if (value.length < 12) { + throw new Error(`${label}は12文字以上で入力してください`); + } + if (value.length > 200) { + throw new Error(`${label}は200文字以内で入力してください`); + } +} + +function validateOtp(value) { + requireValue(value, '認証コード'); + if (!/^\d{6}$/.test(value)) { + throw new Error('認証コードは6桁の数字で入力してください'); + } +} + +export function AccountView({ onBack, onSignedOut }) { + const [account, setAccount] = useState(null); + const [profile, setProfile] = useState({ displayName: '' }); + const [passwordForm, setPasswordForm] = useState({ currentPassword: '', newPassword: '' }); + const [totpSetup, setTotpSetup] = useState(null); + const [totpStep, setTotpStep] = useState(1); + const [totpForm, setTotpForm] = useState({ otp: '', currentPassword: '' }); + const [deletePassword, setDeletePassword] = useState(''); + const [passwordDialogOpen, setPasswordDialogOpen] = useState(false); + const [totpDialogOpen, setTotpDialogOpen] = useState(false); + const [busy, setBusy] = useState(false); + const { showToast } = useToast(); + + async function loadAccount() { + const data = await request('/api/account'); + setAccount(data.account); + setProfile({ displayName: data.account.displayName }); + } + + useEffect(() => { + loadAccount().catch((err) => showToast({ type: 'error', message: err.message })); + }, [showToast]); + + async function saveProfile(event) { + event.preventDefault(); + setBusy(true); + try { + requireValue(profile.displayName, '表示名'); + if (profile.displayName.trim().length > 80) { + throw new Error('表示名は80文字以内で入力してください'); + } + const data = await request('/api/account/profile', { + method: 'PATCH', + body: JSON.stringify({ displayName: profile.displayName.trim() }), + }); + setAccount(data.account); + showToast({ type: 'success', message: '表示名を更新しました' }); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function updatePassword(event) { + event.preventDefault(); + setBusy(true); + try { + requireValue(passwordForm.currentPassword, '現在のパスワード'); + validatePassword(passwordForm.newPassword, '新しいパスワード'); + await request('/api/account/password', { + method: 'PATCH', + body: JSON.stringify(passwordForm), + }); + setPasswordDialogOpen(false); + onSignedOut(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function startTotpSetup() { + setBusy(true); + try { + const data = await request('/api/account/totp/setup', { method: 'POST' }); + setTotpSetup(data); + setTotpStep(1); + setTotpForm({ otp: '', currentPassword: '' }); + setTotpDialogOpen(true); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function verifyTotp(event) { + event.preventDefault(); + setBusy(true); + try { + validateOtp(totpForm.otp); + await request('/api/account/totp/verify', { + method: 'POST', + body: JSON.stringify({ secret: totpSetup.secret, otp: totpForm.otp.trim() }), + }); + setTotpSetup(null); + setTotpDialogOpen(false); + setTotpStep(1); + showToast({ type: 'success', message: '2段階認証を有効にしました' }); + await loadAccount(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function disableTotp() { + setBusy(true); + try { + requireValue(totpForm.currentPassword, '現在のパスワード'); + validateOtp(totpForm.otp); + await request('/api/account/totp', { + method: 'DELETE', + body: JSON.stringify({ + currentPassword: totpForm.currentPassword, + otp: totpForm.otp.trim(), + }), + }); + setTotpForm({ otp: '', currentPassword: '' }); + showToast({ type: 'success', message: '2段階認証を解除しました' }); + await loadAccount(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function deleteAccount() { + setBusy(true); + try { + requireValue(deletePassword, '現在のパスワード'); + await request('/api/account', { + method: 'DELETE', + body: JSON.stringify({ currentPassword: deletePassword }), + }); + onSignedOut(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + if (!account) { + return
CertRemind
; + } + + return ( +
+
+ +
+ アカウント +

{account.username}

+
+
+ +
+
+
+
+ + setProfile({ displayName: event.target.value })} + maxLength="80" + required + /> + + +
+ +
+
+
+ + + + + + + + パスワード変更 + + 更新後はすべてのセッションからログアウトします。
+ 新しいパスワードで再ログインが必要になります。 + +
+ + + setPasswordForm({ ...passwordForm, currentPassword: event.target.value }) + } + required + /> + + + + setPasswordForm({ ...passwordForm, newPassword: event.target.value }) + } + required + /> + +
+ + + + +
+
+ + + +
+ +
+
+
+ + {!account.totpEnabled ? ( + <> + + {totpSetup ? ( + + + + + 2段階認証セットアップ + + ステップ {totpStep} / 3 + + + {totpStep === 1 ? ( +
+

認証アプリを準備

+

+ Google Authenticator、1Password、Microsoft Authenticator + などを使用できます。 +

+
+ ) : null} + + {totpStep === 2 ? ( +
+

QR コードを読み取り

+
+ +
+

+ 読み取れない場合は以下のシークレットを手動入力してください。
+ 種類:時間ベース +

+ {totpSetup.secret} +
+ ) : null} + + {totpStep === 3 ? ( +
+

認証コードを確認

+ + + setTotpForm({ ...totpForm, otp: event.target.value }) + } + inputMode="numeric" + maxLength="6" + pattern="[0-9]{6}" + required + /> + +
+ + +
+
+ ) : ( +
+ + + + +
+ )} + + + + ) : null} + + ) : ( +
event.preventDefault()}> + + + setTotpForm({ ...totpForm, currentPassword: event.target.value }) + } + required + /> + + + setTotpForm({ ...totpForm, otp: event.target.value })} + inputMode="numeric" + maxLength="6" + pattern="[0-9]{6}" + required + /> + + + 解除 + + } + /> + + )} +
+ +
event.preventDefault()}> +
+
+ + setDeletePassword(event.target.value)} + required + /> + + + アカウントを削除 + + } + /> + +
+
+ ); +} diff --git a/src/client/routes/AlertsView.jsx b/src/client/routes/AlertsView.jsx new file mode 100644 index 0000000..b69ea49 --- /dev/null +++ b/src/client/routes/AlertsView.jsx @@ -0,0 +1,214 @@ +import { useCallback, useEffect, useMemo, useState } from 'react'; +import { ArrowLeft, Check, Filter, RotateCcw, Trash2 } from 'lucide-react'; +import { request } from '../api/client.js'; +import { ConfirmDialog } from '../components/ConfirmDialog.jsx'; +import { Field } from '../components/Field.jsx'; +import { useToast } from '../components/Toast.jsx'; + +function toIsoFromLocal(value) { + if (!value) return undefined; + return new Date(value).toISOString(); +} + +function formatDateTime(value) { + return new Intl.DateTimeFormat('ja-JP', { + dateStyle: 'medium', + timeStyle: 'short', + }).format(new Date(value)); +} + +function buildQuery(filters) { + const params = new URLSearchParams(); + if (filters.siteId) params.set('siteId', filters.siteId); + if (filters.alertType) params.set('alertType', filters.alertType); + const from = toIsoFromLocal(filters.from); + const to = toIsoFromLocal(filters.to); + if (from) params.set('from', from); + if (to) params.set('to', to); + const query = params.toString(); + return query ? `?${query}` : ''; +} + +export function AlertsView({ onBack }) { + const [alerts, setAlerts] = useState([]); + const [sites, setSites] = useState([]); + const [filters, setFilters] = useState({ siteId: '', alertType: '', from: '', to: '' }); + const [busy, setBusy] = useState(false); + const { showToast } = useToast(); + + const alertTypes = useMemo( + () => [...new Set(alerts.map((alert) => alert.alertType))].sort(), + [alerts], + ); + + const loadAlerts = useCallback(async (nextFilters) => { + setBusy(true); + try { + const data = await request(`/api/alerts${buildQuery(nextFilters)}`); + setAlerts(data.alerts); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + }, [showToast]); + + useEffect(() => { + async function loadInitialData() { + const siteData = await request('/api/sites'); + setSites(siteData.sites); + await loadAlerts({ siteId: '', alertType: '', from: '', to: '' }); + } + loadInitialData().catch((err) => showToast({ type: 'error', message: err.message })); + }, [loadAlerts, showToast]); + + async function applyFilters(event) { + event.preventDefault(); + if (filters.from && filters.to && new Date(filters.from) > new Date(filters.to)) { + showToast({ type: 'error', message: '開始日時は終了日時より前にしてください' }); + return; + } + await loadAlerts(filters); + } + + async function resetFilters() { + const empty = { siteId: '', alertType: '', from: '', to: '' }; + setFilters(empty); + await loadAlerts(empty); + } + + async function markRead(alertId) { + try { + const data = await request(`/api/alerts/${alertId}/read`, { method: 'PATCH' }); + setAlerts((current) => + current.map((alert) => + alert.alertId === alertId ? { ...alert, readAt: data.alert.readAt } : alert, + ), + ); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } + } + + async function deleteAlert(alertId) { + try { + await request(`/api/alerts/${alertId}`, { method: 'DELETE' }); + setAlerts((current) => current.filter((alert) => alert.alertId !== alertId)); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } + } + + return ( +
+
+ +
+ アラート履歴 +

送信済みアラート

+
+
+ +
+
+ + + + + setFilters({ ...filters, alertType: event.target.value })} + placeholder="certificate_expiring" + /> + + {alertTypes.map((type) => ( + + + + setFilters({ ...filters, from: event.target.value })} + /> + + + setFilters({ ...filters, to: event.target.value })} + /> + +
+ + +
+
+
+ {alerts.length === 0 ? ( +
アラート履歴はまだありません。
+ ) : ( + alerts.map((alert) => ( +
+
+
+ {alert.alertType} + +
+

{alert.siteAlias || '削除済みサイト'}

+

{alert.content}

+ {alert.siteUrl || 'サイト情報なし'} +
+
+ + {alert.readAt ? '既読' : '未読'} + + + deleteAlert(alert.alertId)} + trigger={ + + } + /> +
+
+ )) + )} +
+
+
+ ); +} diff --git a/src/client/routes/AuthPanel.jsx b/src/client/routes/AuthPanel.jsx new file mode 100644 index 0000000..c239b6f --- /dev/null +++ b/src/client/routes/AuthPanel.jsx @@ -0,0 +1,161 @@ +import { useEffect, useState } from 'react'; +import { ShieldCheck } from 'lucide-react'; +import { request } from '../api/client.js'; +import { Field } from '../components/Field.jsx'; + +function validateAuthForm(mode, form) { + if (mode === 'register' && !form.displayName.trim()) { + throw new Error('表示名を入力してください'); + } + if (!form.username.trim()) { + throw new Error('ユーザー名を入力してください'); + } + if (!/^[a-zA-Z0-9_.-]{3,40}$/.test(form.username.trim())) { + throw new Error('ユーザー名は3〜40文字の英数字、_、.、-で入力してください'); + } + if (!form.password) { + throw new Error('パスワードを入力してください'); + } + if (mode === 'register' && form.password.length < 12) { + throw new Error('パスワードは12文字以上で入力してください'); + } + if (form.otp && !/^\d{6}$/.test(form.otp.trim())) { + throw new Error('2段階認証コードは6桁の数字で入力してください'); + } +} + +export function AuthPanel({ mode, onModeChange, onAuthed }) { + const [form, setForm] = useState({ displayName: '', username: '', password: '', otp: '' }); + const [totpRequired, setTotpRequired] = useState(false); + const [error, setError] = useState(''); + const [busy, setBusy] = useState(false); + + useEffect(() => { + setError(''); + setTotpRequired(false); + }, [mode]); + + async function submit(event) { + event.preventDefault(); + setBusy(true); + setError(''); + try { + validateAuthForm(mode, form); + const endpoint = mode === 'login' ? '/api/auth/login' : '/api/auth/register'; + const payload = + mode === 'login' + ? { + username: form.username.trim(), + password: form.password, + otp: form.otp.trim() || undefined, + } + : { + displayName: form.displayName.trim(), + username: form.username.trim(), + password: form.password, + }; + const data = await request(endpoint, { + method: 'POST', + body: JSON.stringify(payload), + }); + onAuthed(data.user); + } catch (err) { + if (err.totpRequired) { + setTotpRequired(true); + setError('2段階認証コードを入力してください'); + return; + } + setError(err.message); + } finally { + setBusy(false); + } + } + + return ( +
+
+
+
+ +
+ + +
+ +
+ {mode === 'register' ? ( + + setForm({ ...form, displayName: event.target.value })} + autoComplete="name" + maxLength="80" + required + /> + + ) : null} + + + setForm({ ...form, username: event.target.value })} + autoComplete="username" + minLength="3" + maxLength="40" + pattern="[a-zA-Z0-9_.-]+" + required + /> + + + + setForm({ ...form, password: event.target.value })} + type="password" + autoComplete={mode === 'login' ? 'current-password' : 'new-password'} + minLength={mode === 'register' ? 12 : 1} + maxLength="200" + required + /> + + + {mode === 'login' && totpRequired ? ( + + setForm({ ...form, otp: event.target.value })} + inputMode="numeric" + maxLength="6" + pattern="[0-9]{6}" + autoComplete="one-time-code" + required + /> + + ) : null} + + {error ?

{error}

: null} + +
+
+
+ ); +} diff --git a/src/client/routes/NotificationMethodsView.jsx b/src/client/routes/NotificationMethodsView.jsx new file mode 100644 index 0000000..02d4942 --- /dev/null +++ b/src/client/routes/NotificationMethodsView.jsx @@ -0,0 +1,275 @@ +import { useEffect, useState } from 'react'; +import { ArrowLeft, BellRing, Link, Pencil, Plus, Trash2 } from 'lucide-react'; +import { request } from '../api/client.js'; +import { ConfirmDialog } from '../components/ConfirmDialog.jsx'; +import { Field } from '../components/Field.jsx'; +import { useToast } from '../components/Toast.jsx'; + +function validateWebhookForm(form) { + if (!form.alias.trim()) { + throw new Error('エイリアス名を入力してください'); + } + if (form.alias.trim().length > 120) { + throw new Error('エイリアス名は120文字以内で入力してください'); + } + if (!form.url.trim()) { + throw new Error('Webhook URL を入力してください'); + } + const url = new URL(form.url.trim()); + if (url.protocol !== 'https:') { + throw new Error('Webhook URL は HTTPS で入力してください'); + } +} + +function urlBase64ToUint8Array(base64String) { + const padding = '='.repeat((4 - (base64String.length % 4)) % 4); + const base64 = `${base64String}${padding}`.replaceAll('-', '+').replaceAll('_', '/'); + const rawData = window.atob(base64); + return Uint8Array.from([...rawData].map((char) => char.charCodeAt(0))); +} + +function permissionText(permission) { + if (permission === 'granted') return '許可済み'; + if (permission === 'denied') return '拒否されています'; + return '未設定'; +} + +export function NotificationMethodsView({ onBack }) { + const [webhooks, setWebhooks] = useState([]); + const [pushSubscriptions, setPushSubscriptions] = useState([]); + const [vapidPublicKey, setVapidPublicKey] = useState(''); + const [form, setForm] = useState({ alias: '', url: '' }); + const [editingId, setEditingId] = useState(''); + const [permission, setPermission] = useState( + typeof Notification === 'undefined' ? 'unsupported' : Notification.permission, + ); + const [busy, setBusy] = useState(false); + const { showToast } = useToast(); + + async function loadMethods() { + const data = await request('/api/notification-methods'); + setWebhooks(data.webhooks); + setPushSubscriptions(data.pushSubscriptions); + setVapidPublicKey(data.vapidPublicKey); + } + + useEffect(() => { + loadMethods().catch((err) => showToast({ type: 'error', message: err.message })); + }, [showToast]); + + async function submitWebhook(event) { + event.preventDefault(); + setBusy(true); + try { + validateWebhookForm(form); + const endpoint = editingId + ? `/api/notification-methods/webhooks/${editingId}` + : '/api/notification-methods/webhooks'; + await request(endpoint, { + method: editingId ? 'PATCH' : 'POST', + body: JSON.stringify({ alias: form.alias.trim(), url: form.url.trim() }), + }); + setForm({ alias: '', url: '' }); + setEditingId(''); + showToast({ + type: 'success', + message: editingId ? 'Webhookを更新しました' : 'Webhookを登録しました', + }); + await loadMethods(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + function startEdit(webhook) { + setEditingId(webhook.notificationMethodId); + setForm({ alias: webhook.alias, url: webhook.url }); + } + + async function deleteWebhook(methodId) { + setBusy(true); + try { + await request(`/api/notification-methods/webhooks/${methodId}`, { method: 'DELETE' }); + showToast({ type: 'success', message: 'Webhookを削除しました' }); + await loadMethods(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function subscribePush() { + setBusy(true); + try { + if (!('serviceWorker' in navigator) || !('PushManager' in window)) { + throw new Error('このブラウザはプッシュ通知に対応していません'); + } + if (!vapidPublicKey) { + throw new Error('VAPID public key が設定されていません'); + } + + const nextPermission = await Notification.requestPermission(); + setPermission(nextPermission); + if (nextPermission !== 'granted') { + throw new Error('ブラウザ通知が許可されませんでした'); + } + + const registration = await navigator.serviceWorker.register('/push-sw.js'); + const subscription = await registration.pushManager.subscribe({ + userVisibleOnly: true, + applicationServerKey: urlBase64ToUint8Array(vapidPublicKey), + }); + + await request('/api/notification-methods/push-subscriptions', { + method: 'POST', + body: JSON.stringify(subscription.toJSON()), + }); + showToast({ type: 'success', message: 'プッシュ通知を登録しました' }); + await loadMethods(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + return ( +
+
+ +
+ 通知方法 +

通知方法の管理

+
+
+ +
+
+
+ +
+

Webhook

+

Slack互換Webhookとして送信します。

+
+
+ +
+ + setForm({ ...form, alias: event.target.value })} + placeholder="Slack 通知" + maxLength="120" + required + /> + + + setForm({ ...form, url: event.target.value })} + placeholder="https://hooks.slack.com/services/..." + maxLength="2048" + required + /> + + +
+
+ +
+

登録済みWebhook

+
+ {webhooks.length === 0 ? ( +
Webhookはまだ登録されていません。
+ ) : ( + webhooks.map((webhook) => ( +
+
+ {webhook.alias} + {webhook.url} +
+
+ + deleteWebhook(webhook.notificationMethodId)} + disabled={busy} + trigger={ + + } + /> +
+
+ )) + )} +
+
+ +
+
+
+ +
+ + {!vapidPublicKey ? ( +

VAPID public key を設定すると登録できます。

+ ) : null} +
+ +
+ {pushSubscriptions.length === 0 ? ( +
登録済みのブラウザはありません。
+ ) : ( + pushSubscriptions.map((subscription) => ( +
+
+ Browser Push + {subscription.endpoint} +
+
+ )) + )} +
+
+
+
+ ); +} diff --git a/src/client/routes/SiteSettingsPanel.jsx b/src/client/routes/SiteSettingsPanel.jsx new file mode 100644 index 0000000..20317ff --- /dev/null +++ b/src/client/routes/SiteSettingsPanel.jsx @@ -0,0 +1,313 @@ +import { useEffect, useMemo, useState } from 'react'; +import { ArrowLeft, Bell, Plus, Save, Trash2 } from 'lucide-react'; +import { request } from '../api/client.js'; +import { ConfirmDialog } from '../components/ConfirmDialog.jsx'; +import { Field } from '../components/Field.jsx'; +import { useToast } from '../components/Toast.jsx'; + +const unitToHours = { + hours: 1, + days: 24, + weeks: 168, +}; + +function toDisplayThreshold(thresholdHours) { + if (thresholdHours % unitToHours.weeks === 0) { + return { value: thresholdHours / unitToHours.weeks, unit: 'weeks' }; + } + if (thresholdHours % unitToHours.days === 0) { + return { value: thresholdHours / unitToHours.days, unit: 'days' }; + } + return { value: thresholdHours, unit: 'hours' }; +} + +function toThresholdHours(condition) { + return Number.parseInt(condition.value, 10) * unitToHours[condition.unit]; +} + +function formatCertificateValue(value) { + if (!value) return '未取得'; + const date = new Date(value); + if (Number.isNaN(date.getTime())) return '未取得'; + return date.toLocaleString(); +} + +export function SiteSettingsPanel({ site, onBack }) { + const [alias, setAlias] = useState(site.alias); + const [savedAlias, setSavedAlias] = useState(site.alias); + const [conditions, setConditions] = useState([{ value: 7, unit: 'days' }]); + const [availableWebhooks, setAvailableWebhooks] = useState([]); + const [webhookMethodIds, setWebhookMethodIds] = useState([]); + const [pushEnabled, setPushEnabled] = useState(false); + const [busy, setBusy] = useState(false); + const { showToast } = useToast(); + + const previewText = useMemo(() => { + const hours = conditions + .map(toThresholdHours) + .filter((value) => Number.isInteger(value) && value > 0) + .sort((a, b) => a - b); + if (hours.length === 0) return '通知タイミング未設定'; + return hours.map((hour) => `${hour} 時間前`).join(' / '); + }, [conditions]); + + useEffect(() => { + setAlias(site.alias); + setSavedAlias(site.alias); + }, [site.alias, site.siteId]); + + useEffect(() => { + async function loadSettings() { + const data = await request(`/api/sites/${site.siteId}/settings`); + setAvailableWebhooks(data.settings.availableWebhooks); + if (data.settings.conditions.length > 0) { + setConditions( + data.settings.conditions.map((condition) => toDisplayThreshold(condition.thresholdHours)), + ); + setWebhookMethodIds(data.settings.conditions[0].webhookMethodIds); + setPushEnabled(data.settings.conditions[0].pushEnabled); + } + } + loadSettings().catch((err) => showToast({ type: 'error', message: err.message })); + }, [showToast, site.siteId]); + + function updateCondition(index, patch) { + setConditions((current) => + current.map((condition, currentIndex) => + currentIndex === index ? { ...condition, ...patch } : condition, + ), + ); + } + + function addCondition() { + setConditions((current) => [...current, { value: 7, unit: 'days' }]); + } + + function removeCondition(index) { + setConditions((current) => current.filter((_, currentIndex) => currentIndex !== index)); + } + + function toggleWebhook(methodId) { + setWebhookMethodIds((current) => + current.includes(methodId) ? current.filter((id) => id !== methodId) : [...current, methodId], + ); + } + + async function saveSettings(event) { + event.preventDefault(); + setBusy(true); + try { + const nextAlias = alias.trim(); + if (!nextAlias) { + throw new Error('エイリアス名を入力してください'); + } + if (nextAlias.length > 120) { + throw new Error('エイリアス名は120文字以内で入力してください'); + } + const thresholdHours = conditions.map(toThresholdHours); + if (thresholdHours.some((value) => !Number.isInteger(value) || value <= 0 || value > 17520)) { + throw new Error('通知タイミングは 1 時間以上、2 年以内で指定してください'); + } + if (nextAlias !== savedAlias) { + await request(`/api/sites/${site.siteId}`, { + method: 'PATCH', + body: JSON.stringify({ alias: nextAlias }), + }); + setAlias(nextAlias); + setSavedAlias(nextAlias); + } + await request(`/api/sites/${site.siteId}/settings`, { + method: 'PUT', + body: JSON.stringify({ + conditions: thresholdHours.map((value) => ({ thresholdHours: value })), + webhookMethodIds, + pushEnabled, + }), + }); + showToast({ type: 'success', message: '設定を保存しました' }); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function deleteSettings() { + setBusy(true); + try { + await request(`/api/sites/${site.siteId}/settings`, { method: 'DELETE' }); + setConditions([{ value: 7, unit: 'days' }]); + setWebhookMethodIds([]); + setPushEnabled(false); + showToast({ type: 'success', message: '設定を削除しました' }); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + return ( +
+
+ +
+ サイト設定 +

{savedAlias}

+

{site.url}

+
+
+ +
+
+
+

基本情報

+ + setAlias(event.target.value)} + maxLength="120" + required + /> + +
+ +
+

証明書情報

+
+
+
発行元
+
{site.certificateIssuer || '未取得'}
+
+
+
発行日時
+
{formatCertificateValue(site.certificateIssuedAt)}
+
+
+
失効日時
+
{formatCertificateValue(site.certificateExpiresAt)}
+
+
+
+ +
+
+
+ +
+ {conditions.map((condition, index) => ( +
+ + updateCondition(index, { value: event.target.value })} + required + /> + + + + + removeCondition(index)} + disabled={conditions.length === 1} + trigger={ + + } + /> +
+ ))} +
+ + +
+ +
+

通知方法

+ + + +
+

Webhook

+ {availableWebhooks.length === 0 ? ( +

登録済みのWebhookはありません。

+ ) : ( + availableWebhooks.map((webhook) => ( + + )) + )} +
+
+ +
+ + + 設定を削除 + + } + /> +
+
+
+
+ ); +} diff --git a/src/client/routes/SitesView.jsx b/src/client/routes/SitesView.jsx new file mode 100644 index 0000000..d8c0f03 --- /dev/null +++ b/src/client/routes/SitesView.jsx @@ -0,0 +1,190 @@ +import { useEffect, useState } from 'react'; +import { Plus, Settings, Trash2 } from 'lucide-react'; +import { request } from '../api/client.js'; +import { ConfirmDialog } from '../components/ConfirmDialog.jsx'; +import { Field } from '../components/Field.jsx'; +import { useToast } from '../components/Toast.jsx'; + +function validateSiteForm(form) { + if (!form.url.trim()) { + throw new Error('監視 URL を入力してください'); + } + const rawUrl = /^https?:\/\//i.test(form.url.trim()) + ? form.url.trim() + : `https://${form.url.trim()}`; + const url = new URL(rawUrl); + if (url.protocol !== 'https:') { + throw new Error('監視 URL は HTTPS で入力してください'); + } + if (form.alias.trim().length > 120) { + throw new Error('エイリアス名は120文字以内で入力してください'); + } +} + +function parseCertificateDate(value) { + if (!value) return '未確認'; + const date = new Date(value); + if (Number.isNaN(date.getTime())) return '未確認'; + return date; +} + +function formatCertificateDate(value) { + const date = parseCertificateDate(value); + if (typeof date === 'string') return date; + return new Intl.DateTimeFormat('ja-JP', { + year: 'numeric', + month: '2-digit', + day: '2-digit', + }).format(date); +} + +function formatCertificateDateTime(value) { + const date = parseCertificateDate(value); + if (typeof date === 'string') return date; + return new Intl.DateTimeFormat('ja-JP', { + year: 'numeric', + month: '2-digit', + day: '2-digit', + hour: '2-digit', + minute: '2-digit', + hour12: false, + }).format(date); +} + +function certificateTooltip(site) { + const dateTime = formatCertificateDateTime(site.certificateExpiresAt); + const lines = [`${dateTime}`]; + if (site.certificateCheckError) { + lines.push(`直近の取得失敗: ${site.certificateCheckError}`); + } + return lines.join('\n'); +} + +export function SitesView({ user, onConfigureSite }) { + const [sites, setSites] = useState([]); + const [form, setForm] = useState({ url: '', alias: '' }); + const [busy, setBusy] = useState(false); + const { showToast } = useToast(); + + async function loadSites() { + const data = await request('/api/sites'); + setSites(data.sites); + } + + useEffect(() => { + loadSites().catch((err) => showToast({ type: 'error', message: err.message })); + }, [showToast]); + + async function addSite(event) { + event.preventDefault(); + setBusy(true); + try { + validateSiteForm(form); + await request('/api/sites', { + method: 'POST', + body: JSON.stringify({ url: form.url.trim(), alias: form.alias.trim() }), + }); + setForm({ url: '', alias: '' }); + await loadSites(); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } finally { + setBusy(false); + } + } + + async function deleteSite(siteId) { + try { + await request(`/api/sites/${siteId}`, { method: 'DELETE' }); + setSites((current) => current.filter((site) => site.siteId !== siteId)); + } catch (err) { + showToast({ type: 'error', message: err.message }); + } + } + + return ( +
+
+
+ CertRemind +

サイト一覧

+
+
+ {user.displayName} +
+
+ +
+
+ + setForm({ ...form, url: event.target.value })} + maxLength="2048" + required + /> + + + setForm({ ...form, alias: event.target.value })} + maxLength="120" + /> + + +
+
+ {sites.length === 0 ? ( +
監視対象のサイトはまだ登録されていません。
+ ) : ( + sites.map((site) => ( +
+
+ {site.alias} + {site.url} +
+
+ {formatCertificateDate(site.certificateExpiresAt)} + {site.certificateCheckError ? 取得失敗 : null} +
+
+ + deleteSite(site.siteId)} + trigger={ + + } + /> +
+
+ )) + )} +
+
+
+ ); +} diff --git a/src/client/styles/app.css b/src/client/styles/app.css new file mode 100644 index 0000000..ca578ae --- /dev/null +++ b/src/client/styles/app.css @@ -0,0 +1,1000 @@ +:root { + color-scheme: light; + font-family: + Inter, + ui-sans-serif, + system-ui, + -apple-system, + BlinkMacSystemFont, + 'Segoe UI', + sans-serif; + background: #f4f7f6; + color: #17201d; +} + +* { + box-sizing: border-box; +} + +body { + margin: 0; + min-width: 320px; +} + +button, +input, +select { + font: inherit; +} + +button { + cursor: pointer; +} + +.loading, +.auth-shell, +.app-shell { + min-height: 100vh; +} + +.loading { + display: grid; + place-items: center; + color: #4b5c55; + font-weight: 700; +} + +.auth-shell { + display: grid; + place-items: center; + padding: 24px; + background: + linear-gradient(135deg, rgba(39, 103, 97, 0.16), transparent 38%), + linear-gradient(315deg, rgba(199, 75, 63, 0.12), transparent 42%), #f4f7f6; +} + +.auth-panel { + width: min(440px, 100%); + background: #ffffff; + border: 1px solid #d9e1de; + border-radius: 8px; + padding: 28px; + box-shadow: 0 24px 50px rgba(26, 41, 37, 0.12); +} + +.brand-row { + display: flex; + gap: 14px; + align-items: center; + margin-bottom: 24px; +} + +.brand-row svg { + color: #276761; + flex: 0 0 auto; +} + +h1, +p { + margin: 0; +} + +h1 { + font-size: 28px; + line-height: 1.15; +} + +.brand-row p { + margin-top: 6px; + color: #5a6a65; + font-size: 14px; +} + +.segmented { + display: grid; + grid-template-columns: 1fr 1fr; + gap: 4px; + padding: 4px; + margin-bottom: 22px; + border: 1px solid #d9e1de; + border-radius: 8px; + background: #eef3f1; +} + +.segmented button { + border: 0; + border-radius: 6px; + background: transparent; + min-height: 40px; + color: #40504b; +} + +.segmented button.active { + background: #ffffff; + color: #17201d; + box-shadow: 0 1px 4px rgba(26, 41, 37, 0.12); +} + +.stack, +.field { + display: grid; + gap: 14px; +} + +.field { + gap: 7px; +} + +.label { + color: #40504b; + font-size: 13px; + font-weight: 700; +} + +input, +select { + width: 100%; + min-height: 42px; + border: 1px solid #c9d4d0; + border-radius: 6px; + padding: 9px 11px; + color: #17201d; + background: #ffffff; +} + +input:focus { + outline: 3px solid rgba(39, 103, 97, 0.18); + border-color: #276761; +} + +select:focus { + outline: 3px solid rgba(39, 103, 97, 0.18); + border-color: #276761; +} + +.primary { + min-height: 42px; + border: 0; + border-radius: 6px; + padding: 0 16px; + color: #ffffff; + background: #276761; + font-weight: 700; + display: inline-flex; + align-items: center; + justify-content: center; + gap: 8px; +} + +.secondary { + min-height: 42px; + border: 1px solid #c9d4d0; + border-radius: 6px; + padding: 0 14px; + color: #40504b; + background: #ffffff; + font-weight: 700; + display: inline-flex; + align-items: center; + justify-content: center; + gap: 8px; +} + +.secondary:hover { + border-color: #276761; + color: #276761; +} + +.primary:disabled { + opacity: 0.64; +} + +.error { + color: #a63b31; + font-size: 14px; +} + +.notice { + color: #276761; + font-size: 14px; + font-weight: 700; +} + +.toast-viewport { + position: fixed; + z-index: 60; + top: 112px; + right: 24px; + width: min(380px, calc(100vw - 240px - 48px)); + display: grid; + gap: 10px; + pointer-events: none; +} + +.toast { + display: grid; + grid-template-columns: auto minmax(0, 1fr) auto; + gap: 10px; + align-items: flex-start; + border: 1px solid #d9e1de; + border-left-width: 4px; + border-radius: 8px; + padding: 12px; + background: #ffffff; + box-shadow: 0 16px 40px rgba(26, 41, 37, 0.16); + pointer-events: auto; +} + +.toast p { + color: #17201d; + font-size: 14px; + line-height: 1.45; + overflow-wrap: anywhere; +} + +.toast-success { + border-left-color: #276761; +} + +.toast-success > svg { + color: #276761; +} + +.toast-error { + border-left-color: #a63b31; +} + +.toast-error > svg { + color: #a63b31; +} + +.toast-close { + width: 28px; + height: 28px; + display: grid; + place-items: center; + border: 0; + border-radius: 6px; + background: transparent; + color: #5a6a65; +} + +.toast-close:hover { + background: #eef3f1; + color: #17201d; +} + +.app-shell { + background: #f4f7f6; +} + +.app-frame { + min-height: 100vh; + display: grid; + grid-template-columns: 240px minmax(0, 1fr); + background: #f4f7f6; +} + +.app-content { + min-width: 0; +} + +.sidebar { + position: sticky; + top: 0; + height: 100vh; + display: grid; + grid-template-rows: auto 1fr auto; + gap: 18px; + border-right: 1px solid #d9e1de; + background: #ffffff; + padding: 18px 14px; +} + +.sidebar-brand, +.sidebar-link, +.sidebar-user { + display: flex; + align-items: center; + gap: 10px; +} + +.sidebar-brand { + min-height: 44px; + padding: 0 8px; + color: #276761; + font-weight: 900; + font-size: 18px; +} + +.sidebar-nav, +.sidebar-footer { + display: grid; + align-content: start; + gap: 8px; +} + +.sidebar-footer { + border-top: 1px solid #d9e1de; + padding-top: 12px; +} + +.sidebar-link { + width: 100%; + min-height: 42px; + border: 0; + border-radius: 6px; + padding: 0 10px; + background: transparent; + color: #40504b; + font-weight: 700; + text-align: left; +} + +.sidebar-link:hover, +.sidebar-link.active { + background: #eef3f1; + color: #276761; +} + +.sidebar-user { + min-width: 0; + min-height: 38px; + padding: 0 10px; + color: #5a6a65; + font-size: 14px; + font-weight: 700; +} + +.sidebar-user span, +.sidebar-link span, +.sidebar-brand span { + overflow: hidden; + text-overflow: ellipsis; + white-space: nowrap; +} + +.topbar { + min-height: 96px; + padding: 22px clamp(18px, 4vw, 48px); + border-bottom: 1px solid #d9e1de; + background: #ffffff; + display: flex; + justify-content: space-between; + gap: 18px; + align-items: center; +} + +.eyebrow { + display: block; + color: #276761; + font-size: 12px; + font-weight: 800; + letter-spacing: 0; + margin-bottom: 4px; +} + +.user-box { + display: flex; + align-items: center; + gap: 10px; + color: #40504b; + font-weight: 700; +} + +.icon-button { + width: 38px; + height: 38px; + display: grid; + place-items: center; + border: 1px solid #c9d4d0; + border-radius: 6px; + background: #ffffff; + color: #40504b; +} + +.icon-button:hover { + border-color: #276761; + color: #276761; +} + +.icon-button.danger:hover { + border-color: #a63b31; + color: #a63b31; +} + +.workspace { + width: min(980px, calc(100% - 36px)); + margin: 28px auto; +} + +.site-form { + display: grid; + grid-template-columns: minmax(220px, 1.4fr) minmax(180px, 0.8fr) auto; + gap: 14px; + align-items: end; + margin-bottom: 18px; +} + +.add-button { + min-width: 104px; +} + +.site-list { + display: grid; + gap: 10px; +} + +.site-row, +.empty { + border: 1px solid #d9e1de; + border-radius: 8px; + background: #ffffff; +} + +.empty { + padding: 26px; + color: #5a6a65; + text-align: center; +} + +.site-row { + display: grid; + grid-template-columns: minmax(0, 1fr) auto auto; + gap: 12px; + align-items: center; + padding: 12px; +} + +.site-actions { + display: flex; + gap: 8px; +} + +.site-main { + border: 0; + background: transparent; + display: grid; + gap: 5px; + text-align: left; + min-width: 0; + color: #17201d; +} + +.site-main strong, +.site-main span { + overflow: hidden; + text-overflow: ellipsis; +} + +.site-main span { + color: #5a6a65; + font-size: 14px; + white-space: nowrap; +} + +.certificate-summary { + display: flex; + flex-direction: column; + align-items: center; + justify-content: center; + gap: 4px; + min-width: 136px; + padding: 0 4px; + color: #40504b; + text-align: center; +} + +.certificate-summary span { + color: #17201d; + font-size: 20px; + font-weight: 700; + line-height: 1.15; + white-space: nowrap; +} + +.certificate-summary small { + border-radius: 999px; + padding: 3px 8px; + color: #a63b31; + background: rgba(166, 59, 49, 0.1); + font-size: 12px; + font-weight: 800; +} + +.certificate-details { + display: grid; + gap: 12px; + margin: 0; +} + +.certificate-details div { + display: grid; + grid-template-columns: 112px minmax(0, 1fr); + gap: 14px; + align-items: start; +} + +.certificate-details dt { + color: #40504b; + font-size: 13px; + font-weight: 800; +} + +.certificate-details dd { + margin: 0; + min-width: 0; + color: #17201d; + overflow-wrap: anywhere; +} + +.back-button { + min-height: 42px; + border: 1px solid #c9d4d0; + border-radius: 6px; + background: #ffffff; + color: #40504b; + display: inline-flex; + align-items: center; + gap: 8px; + padding: 0 12px; + font-weight: 700; +} + +.settings-title { + text-align: right; + min-width: 0; +} + +.settings-title p { + color: #5a6a65; + margin-top: 5px; + max-width: min(560px, 52vw); + overflow: hidden; + text-overflow: ellipsis; + white-space: nowrap; +} + +.settings-layout { + width: min(880px, calc(100% - 36px)); +} + +.settings-form { + display: grid; + gap: 16px; +} + +.panel { + background: #ffffff; + border: 1px solid #d9e1de; + border-radius: 8px; + padding: 18px; + display: grid; + gap: 16px; +} + +.panel h2, +.panel h3 { + margin: 0; +} + +.panel h2 { + font-size: 18px; +} + +.panel h3 { + font-size: 15px; +} + +.panel-heading { + display: flex; + gap: 12px; + align-items: center; +} + +.panel-heading svg { + color: #276761; + flex: 0 0 auto; +} + +.panel-heading p, +.muted { + color: #5a6a65; + font-size: 14px; +} + +.condition-list { + display: grid; + gap: 10px; +} + +.condition-row { + display: grid; + grid-template-columns: minmax(100px, 1fr) minmax(140px, 1fr) auto; + gap: 12px; + align-items: end; +} + +.check-row { + display: flex; + align-items: flex-start; + gap: 10px; + color: #17201d; + font-weight: 700; +} + +.check-row input { + width: 18px; + min-height: 18px; + margin-top: 2px; +} + +.check-row.locked { + color: #276761; +} + +.check-row span { + display: grid; + gap: 3px; + min-width: 0; +} + +.check-row small { + color: #5a6a65; + font-weight: 500; + overflow: hidden; + text-overflow: ellipsis; +} + +.webhook-box { + display: grid; + gap: 10px; +} + +.settings-actions { + display: flex; + gap: 10px; + flex-wrap: wrap; +} + +.danger-text { + color: #a63b31; +} + +.notification-layout { + width: min(980px, calc(100% - 36px)); + display: grid; + gap: 16px; +} + +.webhook-form { + display: grid; + grid-template-columns: minmax(180px, 0.7fr) minmax(260px, 1.3fr) auto; + gap: 12px; + align-items: end; +} + +.method-list { + display: grid; + gap: 10px; +} + +.method-row { + display: grid; + grid-template-columns: 1fr auto; + gap: 12px; + align-items: center; + border: 1px solid #d9e1de; + border-radius: 8px; + padding: 12px; +} + +.method-row div:first-child { + display: grid; + gap: 4px; + min-width: 0; +} + +.method-row span { + color: #5a6a65; + overflow: hidden; + text-overflow: ellipsis; + white-space: nowrap; +} + +.push-actions { + display: flex; + gap: 12px; + flex-wrap: wrap; + align-items: center; +} + +.account-layout { + width: min(760px, calc(100% - 36px)); + display: grid; + gap: 16px; +} + +.fit-button { + width: fit-content; +} + +.totp-box { + display: grid; + gap: 12px; +} + +.totp-box code { + display: block; + overflow-wrap: anywhere; + border: 1px solid #d9e1de; + border-radius: 6px; + padding: 10px; + background: #eef3f1; + color: #17201d; +} + +.danger-panel { + border-color: rgba(166, 59, 49, 0.32); +} + +.dialog-overlay { + position: fixed; + inset: 0; + background: rgba(23, 32, 29, 0.42); + z-index: 40; +} + +.dialog-content { + position: fixed; + z-index: 50; + top: 50%; + left: 50%; + width: min(480px, calc(100% - 32px)); + max-height: calc(100vh - 32px); + overflow: auto; + transform: translate(-50%, -50%); + background: #ffffff; + border: 1px solid #d9e1de; + border-radius: 8px; + box-shadow: 0 24px 70px rgba(26, 41, 37, 0.28); + padding: 22px; + display: grid; + gap: 14px; +} + +.totp-dialog { + width: min(520px, calc(100% - 32px)); +} + +.dialog-title { + margin: 0; + font-size: 20px; +} + +.dialog-description { + margin: 0; + color: #5a6a65; + font-size: 14px; +} + +.dialog-form, +.totp-step { + display: grid; + gap: 14px; +} + +.totp-step h3 { + margin: 0; + font-size: 17px; +} + +.dialog-actions { + display: flex; + justify-content: flex-end; + gap: 10px; + flex-wrap: wrap; +} + +.qr-box { + display: grid; + place-items: center; + border: 1px solid #d9e1de; + border-radius: 8px; + padding: 18px; + background: #ffffff; +} + +.alerts-layout { + width: min(1080px, calc(100% - 36px)); +} + +.alert-filter { + display: grid; + grid-template-columns: + minmax(150px, 1fr) minmax(170px, 1fr) minmax(180px, 1fr) minmax(180px, 1fr) + auto; + gap: 12px; + align-items: end; + margin-bottom: 18px; +} + +.filter-actions { + display: flex; + gap: 8px; +} + +.alert-list { + display: grid; + gap: 10px; +} + +.alert-row { + display: grid; + grid-template-columns: 1fr auto; + gap: 16px; + align-items: center; + background: #ffffff; + border: 1px solid #d9e1de; + border-radius: 8px; + padding: 14px; +} + +.alert-row.unread { + border-left: 4px solid #276761; +} + +.alert-main { + display: grid; + gap: 6px; + min-width: 0; +} + +.alert-main h2 { + margin: 0; + font-size: 17px; +} + +.alert-main p { + color: #17201d; +} + +.alert-main small { + color: #5a6a65; + overflow: hidden; + text-overflow: ellipsis; + white-space: nowrap; +} + +.alert-meta { + display: flex; + gap: 10px; + flex-wrap: wrap; + color: #5a6a65; + font-size: 13px; + font-weight: 700; +} + +.alert-side { + display: flex; + align-items: center; + gap: 10px; +} + +.status-pill { + min-width: 54px; + border-radius: 999px; + padding: 5px 9px; + text-align: center; + font-size: 12px; + font-weight: 800; +} + +.status-pill.read { + color: #40504b; + background: #eef3f1; +} + +.status-pill.unread { + color: #ffffff; + background: #276761; +} + +@media (max-width: 720px) { + .app-frame { + grid-template-columns: 64px minmax(0, 1fr); + } + + .sidebar { + padding: 12px 8px; + gap: 12px; + } + + .sidebar-brand, + .sidebar-link, + .sidebar-user { + justify-content: center; + padding-left: 0; + padding-right: 0; + } + + .sidebar-brand span, + .sidebar-link span, + .sidebar-user span { + position: absolute; + width: 1px; + height: 1px; + overflow: hidden; + clip: rect(0, 0, 0, 0); + white-space: nowrap; + } + + .topbar { + align-items: flex-start; + flex-direction: column; + } + + .toast-viewport { + top: 172px; + right: 12px; + width: min(360px, calc(100vw - 64px - 24px)); + } + + .site-form { + grid-template-columns: 1fr; + } + + .add-button { + width: 100%; + } + + .site-row { + grid-template-columns: minmax(0, 1fr) auto; + } + + .certificate-summary { + align-items: flex-start; + grid-column: 1; + grid-row: 2; + min-width: 0; + padding: 0; + text-align: left; + } + + .site-actions { + grid-column: 2; + grid-row: 1 / span 2; + } + + .settings-title { + text-align: left; + } + + .settings-title p { + max-width: 100%; + } + + .condition-row { + grid-template-columns: 1fr; + } + + .certificate-details div { + grid-template-columns: 1fr; + gap: 4px; + } + + .webhook-form, + .method-row { + grid-template-columns: 1fr; + } + + .alert-filter, + .alert-row { + grid-template-columns: 1fr; + } + + .filter-actions, + .alert-side { + justify-content: flex-start; + } +} diff --git a/src/server/app.js b/src/server/app.js new file mode 100644 index 0000000..18a182f --- /dev/null +++ b/src/server/app.js @@ -0,0 +1,46 @@ +import { Hono } from 'hono'; +import { serveStatic } from '@hono/node-server/serve-static'; +import { HttpError } from './utils/httpErrors.js'; +import { loadUser } from './middleware/auth.js'; +import { requireCsrf } from './middleware/csrf.js'; +import accountRoutes from './modules/account/routes.js'; +import alertRoutes from './modules/alerts/routes.js'; +import authRoutes from './modules/auth/routes.js'; +import notificationMethodRoutes from './modules/notificationMethods/routes.js'; +import siteRoutes from './modules/sites/routes.js'; +import { logger } from './utils/logger.js'; + +export function createApp() { + const app = new Hono(); + + app.use('*', loadUser); + app.use('/api/*', requireCsrf); + + app.get('/api/health', (c) => c.json({ ok: true, service: 'CertRemind' })); + app.route('/api/auth', authRoutes); + app.route('/api/account', accountRoutes); + app.route('/api/sites', siteRoutes); + app.route('/api/alerts', alertRoutes); + app.route('/api/notification-methods', notificationMethodRoutes); + + app.use('/assets/*', serveStatic({ root: './dist' })); + app.get('*', serveStatic({ path: './dist/index.html' })); + + app.onError((error, c) => { + if (error instanceof HttpError) { + return c.json({ error: error.message, details: error.details }, error.status); + } + + logger.error('api.unhandled_error', { + message: error.message, + stack: envSafeStack(error), + }); + return c.json({ error: 'サーバーエラーが発生しました' }, 500); + }); + + return app; +} + +function envSafeStack(error) { + return process.env.NODE_ENV === 'production' ? undefined : error.stack; +} diff --git a/src/server/config/env.js b/src/server/config/env.js new file mode 100644 index 0000000..a0cf054 --- /dev/null +++ b/src/server/config/env.js @@ -0,0 +1,11 @@ +export const env = { + nodeEnv: process.env.NODE_ENV ?? 'development', + port: Number.parseInt(process.env.PORT ?? '3000', 10), + databaseUrl: + process.env.DATABASE_URL ?? 'postgres://certremind:certremind@localhost:5432/certremind', + cookieSecure: process.env.NODE_ENV === 'production', + vapidPublicKey: process.env.VAPID_PUBLIC_KEY ?? '', + vapidPrivateKey: process.env.VAPID_PRIVATE_KEY ?? '', + vapidSubject: process.env.VAPID_SUBJECT ?? 'mailto:admin@example.com', + opensslPath: process.env.OPENSSL_PATH ?? 'openssl', +}; diff --git a/src/server/db/pool.js b/src/server/db/pool.js new file mode 100644 index 0000000..fb1fdd4 --- /dev/null +++ b/src/server/db/pool.js @@ -0,0 +1,10 @@ +import pg from 'pg'; +import { env } from '../config/env.js'; + +export const pool = new pg.Pool({ + connectionString: env.databaseUrl, +}); + +export async function query(text, params = []) { + return pool.query(text, params); +} diff --git a/src/server/index.js b/src/server/index.js new file mode 100644 index 0000000..b75775a --- /dev/null +++ b/src/server/index.js @@ -0,0 +1,16 @@ +import { serve } from '@hono/node-server'; +import { createApp } from './app.js'; +import { env } from './config/env.js'; + +const app = createApp(); + +serve( + { + fetch: app.fetch, + port: env.port, + hostname: '127.0.0.1', + }, + (info) => { + console.log(`CertRemind API listening on http://${info.address}:${info.port}`); + }, +); diff --git a/src/server/jobs/monitorCertificates.js b/src/server/jobs/monitorCertificates.js new file mode 100644 index 0000000..4584542 --- /dev/null +++ b/src/server/jobs/monitorCertificates.js @@ -0,0 +1,20 @@ +import { runCertificateMonitoring } from '../modules/monitoring/monitor.js'; +import { logger } from '../utils/logger.js'; + +try { + logger.info('monitor.start'); + const result = await runCertificateMonitoring(); + logger.info('monitor.finish', { + checkedSites: result.checkedSites, + alertsCreated: result.alertsCreated, + startedAt: result.startedAt, + finishedAt: result.finishedAt, + }); + console.log(JSON.stringify(result, null, 2)); +} catch (error) { + logger.error('monitor.failed', { + message: error.message, + stack: process.env.NODE_ENV === 'production' ? undefined : error.stack, + }); + process.exitCode = 1; +} diff --git a/src/server/jobs/monitorWorker.js b/src/server/jobs/monitorWorker.js new file mode 100644 index 0000000..793b6b2 --- /dev/null +++ b/src/server/jobs/monitorWorker.js @@ -0,0 +1,61 @@ +import { pool } from '../db/pool.js'; +import { runCertificateMonitoring } from '../modules/monitoring/monitor.js'; +import { logger } from '../utils/logger.js'; + +const MONITOR_INTERVAL_MS = 60 * 60 * 1000; + +let timer = null; +let shuttingDown = false; + +async function runOnce() { + logger.info('monitor.worker.tick.start'); + const result = await runCertificateMonitoring(); + logger.info('monitor.worker.tick.finish', { + checkedSites: result.checkedSites, + alertsCreated: result.alertsCreated, + startedAt: result.startedAt, + finishedAt: result.finishedAt, + }); +} + +function scheduleNextRun() { + if (shuttingDown) return; + + const nextRunAt = new Date(Date.now() + MONITOR_INTERVAL_MS); + logger.info('monitor.worker.next_run_scheduled', { nextRunAt }); + timer = setTimeout(runLoop, MONITOR_INTERVAL_MS); +} + +async function runLoop() { + try { + await runOnce(); + } catch (error) { + logger.error('monitor.worker.tick.failed', { + message: error.message, + stack: process.env.NODE_ENV === 'production' ? undefined : error.stack, + }); + } finally { + scheduleNextRun(); + } +} + +async function shutdown(signal) { + if (shuttingDown) return; + + shuttingDown = true; + if (timer) clearTimeout(timer); + + logger.info('monitor.worker.shutdown', { signal }); + await pool.end(); +} + +process.on('SIGINT', () => { + shutdown('SIGINT').finally(() => process.exit(0)); +}); + +process.on('SIGTERM', () => { + shutdown('SIGTERM').finally(() => process.exit(0)); +}); + +logger.info('monitor.worker.start', { intervalMs: MONITOR_INTERVAL_MS }); +runLoop(); diff --git a/src/server/middleware/auth.js b/src/server/middleware/auth.js new file mode 100644 index 0000000..78bfa5b --- /dev/null +++ b/src/server/middleware/auth.js @@ -0,0 +1,61 @@ +import { getCookie, setCookie, deleteCookie } from 'hono/cookie'; +import { query } from '../db/pool.js'; +import { env } from '../config/env.js'; +import { unauthorized } from '../utils/httpErrors.js'; + +const SESSION_COOKIE = 'certremind_session'; +const SESSION_DAYS = 30; + +export async function createSession(c, userId) { + const expiresAt = new Date(Date.now() + SESSION_DAYS * 24 * 60 * 60 * 1000); + const result = await query( + `INSERT INTO sessions (user_id, expires_at) + VALUES ($1, $2) + RETURNING session_id`, + [userId, expiresAt], + ); + + setCookie(c, SESSION_COOKIE, result.rows[0].session_id, { + path: '/', + httpOnly: true, + sameSite: 'Lax', + secure: env.cookieSecure, + expires: expiresAt, + }); +} + +export async function destroySession(c) { + const sessionId = getCookie(c, SESSION_COOKIE); + if (sessionId) { + await query('DELETE FROM sessions WHERE session_id = $1', [sessionId]); + } + deleteCookie(c, SESSION_COOKIE, { path: '/' }); +} + +export async function loadUser(c, next) { + const sessionId = getCookie(c, SESSION_COOKIE); + if (!sessionId) { + c.set('user', null); + return next(); + } + + const result = await query( + `SELECT u.user_id, u.username, u.display_name + FROM sessions s + JOIN users u ON u.user_id = s.user_id + WHERE s.session_id = $1 + AND s.expires_at > now()`, + [sessionId], + ); + + c.set('user', result.rows[0] ?? null); + return next(); +} + +export async function requireAuth(c, next) { + const user = c.get('user'); + if (!user) { + throw unauthorized(); + } + return next(); +} diff --git a/src/server/middleware/csrf.js b/src/server/middleware/csrf.js new file mode 100644 index 0000000..b6c86ad --- /dev/null +++ b/src/server/middleware/csrf.js @@ -0,0 +1,33 @@ +import { getCookie, setCookie } from 'hono/cookie'; +import { randomBytes } from 'node:crypto'; +import { forbidden } from '../utils/httpErrors.js'; +import { env } from '../config/env.js'; + +const CSRF_COOKIE = 'certremind_csrf'; +const HEADER = 'x-csrf-token'; + +export function issueCsrf(c) { + const existing = getCookie(c, CSRF_COOKIE); + const token = existing || randomBytes(32).toString('base64url'); + setCookie(c, CSRF_COOKIE, token, { + path: '/', + httpOnly: false, + sameSite: 'Lax', + secure: env.cookieSecure, + }); + return token; +} + +export async function requireCsrf(c, next) { + if (['GET', 'HEAD', 'OPTIONS'].includes(c.req.method)) { + return next(); + } + + const cookieToken = getCookie(c, CSRF_COOKIE); + const headerToken = c.req.header(HEADER); + if (!cookieToken || !headerToken || cookieToken !== headerToken) { + throw forbidden('CSRF トークンが不正です'); + } + + return next(); +} diff --git a/src/server/modules/account/routes.js b/src/server/modules/account/routes.js new file mode 100644 index 0000000..be725ab --- /dev/null +++ b/src/server/modules/account/routes.js @@ -0,0 +1,201 @@ +import { Hono } from 'hono'; +import { hash, verify } from '@node-rs/argon2'; +import * as otplib from 'otplib'; +import { z } from 'zod'; +import { pool, query } from '../../db/pool.js'; +import { destroySession, requireAuth } from '../../middleware/auth.js'; +import { badRequest, unauthorized } from '../../utils/httpErrors.js'; + +const router = new Hono(); + +const profileSchema = z.object({ + displayName: z.string().trim().min(1).max(80), +}); + +const passwordSchema = z.object({ + currentPassword: z.string().min(1).max(200), + newPassword: z.string().min(12).max(200), +}); + +const totpVerifySchema = z.object({ + secret: z.string().trim().min(1).max(128), + otp: z + .string() + .trim() + .regex(/^\d{6}$/), +}); + +const totpDeleteSchema = z.object({ + currentPassword: z.string().min(1).max(200), + otp: z + .string() + .trim() + .regex(/^\d{6}$/), +}); + +const deleteAccountSchema = z.object({ + currentPassword: z.string().min(1).max(200), +}); + +function publicAccount(row) { + return { + userId: row.user_id, + username: row.username, + displayName: row.display_name, + totpEnabled: Boolean(row.otp_secret), + }; +} + +async function getAccount(userId) { + const result = await query( + `SELECT u.user_id, u.username, u.display_name, u.password_hash, t.otp_secret + FROM users u + LEFT JOIN user_totp t ON t.user_id = u.user_id + WHERE u.user_id = $1`, + [userId], + ); + return result.rows[0] ?? null; +} + +async function verifyCurrentPassword(userId, password) { + const account = await getAccount(userId); + if (!account) { + throw unauthorized(); + } + const valid = await verify(account.password_hash, password); + if (!valid) { + throw badRequest('現在のパスワードが違います'); + } + return account; +} + +router.use('*', requireAuth); + +router.get('/', async (c) => { + const account = await getAccount(c.get('user').user_id); + return c.json({ account: publicAccount(account) }); +}); + +router.patch('/profile', async (c) => { + const body = profileSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const result = await query( + `WITH updated AS ( + UPDATE users + SET display_name = $2 + WHERE user_id = $1 + RETURNING user_id, username, display_name + ) + SELECT u.user_id, u.username, u.display_name, t.otp_secret + FROM updated u + LEFT JOIN user_totp t ON t.user_id = u.user_id`, + [c.get('user').user_id, body.data.displayName], + ); + + return c.json({ account: publicAccount(result.rows[0]) }); +}); + +router.patch('/password', async (c) => { + const body = passwordSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const userId = c.get('user').user_id; + await verifyCurrentPassword(userId, body.data.currentPassword); + const passwordHash = await hash(body.data.newPassword, { + algorithm: 2, + memoryCost: 19456, + timeCost: 2, + parallelism: 1, + }); + + const client = await pool.connect(); + try { + await client.query('BEGIN'); + await client.query('UPDATE users SET password_hash = $2 WHERE user_id = $1', [ + userId, + passwordHash, + ]); + await client.query('DELETE FROM sessions WHERE user_id = $1', [userId]); + await client.query('COMMIT'); + } catch (error) { + await client.query('ROLLBACK').catch(() => {}); + throw error; + } finally { + client.release(); + } + + await destroySession(c); + return c.json({ ok: true }); +}); + +router.post('/totp/setup', async (c) => { + const user = c.get('user'); + const account = await getAccount(user.user_id); + if (account.otp_secret) { + throw badRequest('2段階認証はすでに有効です'); + } + + const secret = otplib.generateSecret(); + const otpauthUrl = otplib.generateURI({ issuer: 'CertRemind', label: account.username, secret }); + return c.json({ secret, otpauthUrl }); +}); + +router.post('/totp/verify', async (c) => { + const body = totpVerifySchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('認証コードを確認してください', body.error.flatten()); + } + + const otpValid = await otplib.verify({ token: body.data.otp, secret: body.data.secret }); + if (!otpValid.valid) { + throw badRequest('認証コードが違います'); + } + + await query( + `INSERT INTO user_totp (user_id, otp_secret) + VALUES ($1, $2) + ON CONFLICT (user_id) DO UPDATE SET otp_secret = EXCLUDED.otp_secret`, + [c.get('user').user_id, body.data.secret], + ); + + return c.json({ ok: true }); +}); + +router.delete('/totp', async (c) => { + const body = totpDeleteSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const account = await verifyCurrentPassword(c.get('user').user_id, body.data.currentPassword); + if (!account.otp_secret) { + throw badRequest('2段階認証は有効ではありません'); + } + const otpValid = await otplib.verify({ token: body.data.otp, secret: account.otp_secret }); + if (!otpValid.valid) { + throw badRequest('認証コードが違います'); + } + + await query('DELETE FROM user_totp WHERE user_id = $1', [c.get('user').user_id]); + return c.json({ ok: true }); +}); + +router.delete('/', async (c) => { + const body = deleteAccountSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const userId = c.get('user').user_id; + await verifyCurrentPassword(userId, body.data.currentPassword); + await query('DELETE FROM users WHERE user_id = $1', [userId]); + await destroySession(c); + return c.json({ ok: true }); +}); + +export default router; diff --git a/src/server/modules/alerts/routes.js b/src/server/modules/alerts/routes.js new file mode 100644 index 0000000..50b246e --- /dev/null +++ b/src/server/modules/alerts/routes.js @@ -0,0 +1,158 @@ +import { Hono } from 'hono'; +import { z } from 'zod'; +import { query } from '../../db/pool.js'; +import { requireAuth } from '../../middleware/auth.js'; +import { badRequest, notFound } from '../../utils/httpErrors.js'; + +const router = new Hono(); + +const filterSchema = z.object({ + siteId: z.string().uuid().optional(), + alertType: z.string().trim().min(1).max(80).optional(), + from: z.string().datetime({ offset: true }).optional(), + to: z.string().datetime({ offset: true }).optional(), +}); + +function serializeAlert(row) { + return { + alertId: row.alert_id, + userId: row.user_id, + siteId: row.site_id, + siteAlias: row.site_alias, + siteUrl: row.site_url, + alertType: row.alert_type, + content: row.content, + occurredAt: row.occurred_at, + readAt: row.read_at, + deliveryChannels: row.delivery_channels ?? [], + deliveryResult: row.delivery_result ?? {}, + }; +} + +router.use('*', requireAuth); + +router.get('/', async (c) => { + const rawFilters = { + siteId: c.req.query('siteId') || undefined, + alertType: c.req.query('alertType') || undefined, + from: c.req.query('from') || undefined, + to: c.req.query('to') || undefined, + }; + const filters = filterSchema.safeParse(rawFilters); + if (!filters.success) { + throw badRequest('絞り込み条件を確認してください', filters.error.flatten()); + } + + const conditions = ['a.user_id = $1']; + const params = [c.get('user').user_id]; + + if (filters.data.siteId) { + params.push(filters.data.siteId); + conditions.push(`a.site_id = $${params.length}`); + } + + if (filters.data.alertType) { + params.push(filters.data.alertType); + conditions.push(`a.alert_type = $${params.length}`); + } + + if (filters.data.from) { + params.push(filters.data.from); + conditions.push(`a.occurred_at >= $${params.length}`); + } + + if (filters.data.to) { + params.push(filters.data.to); + conditions.push(`a.occurred_at <= $${params.length}`); + } + + const result = await query( + `SELECT a.alert_id, + a.user_id, + a.site_id, + s.alias AS site_alias, + s.url AS site_url, + a.alert_type, + a.content, + a.occurred_at, + a.read_at, + a.delivery_channels, + a.delivery_result + FROM alert_history a + LEFT JOIN sites s ON s.site_id = a.site_id + WHERE ${conditions.join(' AND ')} + ORDER BY a.occurred_at DESC, a.created_at DESC + LIMIT 200`, + params, + ); + + return c.json({ alerts: result.rows.map(serializeAlert) }); +}); + +router.patch('/:alertId/read', async (c) => { + const alertId = z.string().uuid().safeParse(c.req.param('alertId')); + if (!alertId.success) { + throw badRequest('アラート ID が不正です'); + } + + const result = await query( + `WITH updated AS ( + UPDATE alert_history + SET read_at = COALESCE(read_at, now()) + WHERE user_id = $1 + AND alert_id = $2 + RETURNING alert_id, + user_id, + site_id, + alert_type, + content, + occurred_at, + read_at, + delivery_channels, + delivery_result + ) + SELECT u.alert_id, + u.user_id, + u.site_id, + s.alias AS site_alias, + s.url AS site_url, + u.alert_type, + u.content, + u.occurred_at, + u.read_at, + u.delivery_channels, + u.delivery_result + FROM updated u + LEFT JOIN sites s ON s.site_id = u.site_id`, + [c.get('user').user_id, alertId.data], + ); + + if (!result.rows[0]) { + throw notFound('アラートが見つかりません'); + } + + return c.json({ alert: serializeAlert(result.rows[0]) }); +}); + +router.delete('/:alertId', async (c) => { + const alertId = z.string().uuid().safeParse(c.req.param('alertId')); + if (!alertId.success) { + throw badRequest('アラート ID が不正です'); + } + + const result = await query( + `DELETE FROM alert_history + WHERE user_id = $1 + AND alert_id = $2 + RETURNING alert_id`, + [c.get('user').user_id, alertId.data], + ); + + if (!result.rows[0]) { + throw notFound('アラートが見つかりません'); + } + + return c.json({ ok: true }); +}); + +export default router; diff --git a/src/server/modules/auth/routes.js b/src/server/modules/auth/routes.js new file mode 100644 index 0000000..4406f51 --- /dev/null +++ b/src/server/modules/auth/routes.js @@ -0,0 +1,118 @@ +import { Hono } from 'hono'; +import { hash, verify } from '@node-rs/argon2'; +import * as otplib from 'otplib'; +import { z } from 'zod'; +import { query } from '../../db/pool.js'; +import { createSession, destroySession, requireAuth } from '../../middleware/auth.js'; +import { issueCsrf } from '../../middleware/csrf.js'; +import { badRequest, unauthorized } from '../../utils/httpErrors.js'; + +const router = new Hono(); + +const registerSchema = z.object({ + displayName: z.string().trim().min(1).max(80), + username: z + .string() + .trim() + .min(3) + .max(40) + .regex(/^[a-zA-Z0-9_.-]+$/), + password: z.string().min(12).max(200), +}); + +const loginSchema = z.object({ + username: z.string().trim().min(1).max(80), + password: z.string().min(1).max(200), + otp: z + .string() + .trim() + .regex(/^\d{6}$/) + .optional(), +}); + +function publicUser(row) { + return { + userId: row.user_id, + username: row.username, + displayName: row.display_name, + }; +} + +router.get('/csrf', (c) => c.json({ csrfToken: issueCsrf(c) })); + +router.post('/register', async (c) => { + const body = registerSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const passwordHash = await hash(body.data.password, { + algorithm: 2, + memoryCost: 19456, + timeCost: 2, + parallelism: 1, + }); + + try { + const result = await query( + `INSERT INTO users (username, password_hash, display_name) + VALUES ($1, $2, $3) + RETURNING user_id, username, display_name`, + [body.data.username, passwordHash, body.data.displayName], + ); + await createSession(c, result.rows[0].user_id); + return c.json({ user: publicUser(result.rows[0]) }, 201); + } catch (error) { + if (error?.code === '23505') { + throw badRequest('このユーザー名は使用できません'); + } + throw error; + } +}); + +router.post('/login', async (c) => { + const body = loginSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw unauthorized('ユーザー名またはパスワードが違います'); + } + + const result = await query( + `SELECT u.user_id, + u.username, + u.display_name, + u.password_hash, + t.otp_secret + FROM users u + LEFT JOIN user_totp t ON t.user_id = u.user_id + WHERE u.username = $1`, + [body.data.username], + ); + + const user = result.rows[0]; + const valid = user ? await verify(user.password_hash, body.data.password) : false; + if (!valid) { + throw unauthorized('ユーザー名またはパスワードが違います'); + } + + if (user.otp_secret) { + if (!body.data.otp) { + return c.json({ totpRequired: true }, 401); + } + const otpValid = await otplib.verify({ token: body.data.otp, secret: user.otp_secret }); + if (!otpValid.valid) { + throw unauthorized('ユーザー名またはパスワードが違います'); + } + } + + await createSession(c, user.user_id); + return c.json({ user: publicUser(user) }); +}); + +router.post('/logout', requireAuth, async (c) => { + await destroySession(c); + return c.json({ ok: true }); +}); + +router.get('/me', requireAuth, (c) => c.json({ user: publicUser(c.get('user')) })); + +export default router; diff --git a/src/server/modules/monitoring/certificate.js b/src/server/modules/monitoring/certificate.js new file mode 100644 index 0000000..f2a2cfc --- /dev/null +++ b/src/server/modules/monitoring/certificate.js @@ -0,0 +1,136 @@ +import { spawn } from 'node:child_process'; +import { existsSync } from 'node:fs'; +import { env } from '../../config/env.js'; + +const DEFAULT_TIMEOUT_MS = 10_000; +const WINDOWS_OPENSSL_FALLBACKS = [ + 'C:\\Program Files\\Git\\usr\\bin\\openssl.exe', + 'C:\\Program Files\\Git\\mingw64\\bin\\openssl.exe', +]; + +function resolveOpenSslPath() { + if (env.opensslPath !== 'openssl') return env.opensslPath; + return WINDOWS_OPENSSL_FALLBACKS.find((path) => existsSync(path)) ?? env.opensslPath; +} + +function runOpenSsl(args, { input, timeoutMs = DEFAULT_TIMEOUT_MS } = {}) { + return new Promise((resolve, reject) => { + const child = spawn(resolveOpenSslPath(), args, { stdio: ['pipe', 'pipe', 'pipe'] }); + let stdout = ''; + let stderr = ''; + let settled = false; + + const timer = setTimeout(() => { + if (settled) return; + settled = true; + child.kill('SIGKILL'); + reject(new Error('OpenSSL の実行がタイムアウトしました')); + }, timeoutMs); + + child.stdout.setEncoding('utf8'); + child.stderr.setEncoding('utf8'); + child.stdout.on('data', (chunk) => { + stdout += chunk; + }); + child.stderr.on('data', (chunk) => { + stderr += chunk; + }); + + child.on('error', (error) => { + if (settled) return; + settled = true; + clearTimeout(timer); + reject(new Error(`OpenSSL を実行できませんでした: ${error.message}`)); + }); + + child.on('close', (code) => { + if (settled) return; + settled = true; + clearTimeout(timer); + if (code !== 0) { + reject(new Error(stderr.trim() || `OpenSSL が終了コード ${code} で失敗しました`)); + return; + } + resolve(stdout); + }); + + if (input) { + child.stdin.end(input); + } else { + child.stdin.end(); + } + }); +} + +function extractCertificate(output) { + const match = output.match(/-----BEGIN CERTIFICATE-----[\s\S]+?-----END CERTIFICATE-----/); + if (!match) { + throw new Error('証明書を取得できませんでした'); + } + return match[0]; +} + +function parseCertificateDate(value, errorMessage) { + const date = new Date(value); + if (Number.isNaN(date.getTime())) { + throw new Error(errorMessage); + } + return date; +} + +function parseCertificateDetails(output) { + const details = Object.fromEntries( + output + .trim() + .split(/\r?\n/) + .map((line) => { + const separatorIndex = line.indexOf('='); + return separatorIndex === -1 + ? [line, ''] + : [line.slice(0, separatorIndex), line.slice(separatorIndex + 1)]; + }), + ); + + if (!details.issuer) { + throw new Error('証明書の発行元を解析できませんでした'); + } + if (!details.notBefore) { + throw new Error('証明書の発行日時を解析できませんでした'); + } + if (!details.notAfter) { + throw new Error('証明書の期限を解析できませんでした'); + } + + return { + issuer: details.issuer, + issuedAt: parseCertificateDate(details.notBefore, '証明書の発行日時を解析できませんでした'), + expiresAt: parseCertificateDate(details.notAfter, '証明書の期限を解析できませんでした'), + }; +} + +export async function getCertificateExpiry(urlValue, { timeoutMs = DEFAULT_TIMEOUT_MS } = {}) { + const url = new URL(urlValue); + const host = url.hostname; + const port = url.port || '443'; + const startedAt = Date.now(); + const remainingTimeout = () => Math.max(1, timeoutMs - (Date.now() - startedAt)); + const serverOutput = await runOpenSsl( + ['s_client', '-servername', host, '-connect', `${host}:${port}`, '-showcerts'], + { timeoutMs }, + ); + const certificate = extractCertificate(serverOutput); + const detailsOutput = await runOpenSsl(['x509', '-noout', '-issuer', '-startdate', '-enddate'], { + input: certificate, + timeoutMs: remainingTimeout(), + }); + const details = parseCertificateDetails(detailsOutput); + + return { + host, + port, + issuer: details.issuer, + issuedAt: details.issuedAt, + expiresAt: details.expiresAt, + hoursUntilExpiry: Math.floor((details.expiresAt.getTime() - Date.now()) / 3_600_000), + }; +} diff --git a/src/server/modules/monitoring/monitor.js b/src/server/modules/monitoring/monitor.js new file mode 100644 index 0000000..55bff31 --- /dev/null +++ b/src/server/modules/monitoring/monitor.js @@ -0,0 +1,229 @@ +import { pool } from '../../db/pool.js'; +import { getCertificateExpiry } from './certificate.js'; +import { deliverNotifications } from './notifications.js'; + +const DEFAULT_CONCURRENCY = 4; + +function alertChannels(condition) { + const channels = ['app']; + if ((condition.webhook_method_ids ?? []).length > 0) channels.push('webhook'); + if (condition.push_enabled) channels.push('push'); + return channels; +} + +function buildExpiryMessage(site, condition, certificate) { + return { + title: `CertRemind: ${site.alias} の証明書期限が近づいています`, + body: `${site.url} の証明書は ${certificate.expiresAt.toISOString()} に期限切れになります。通知条件: ${condition.threshold_hours} 時間前`, + severity: certificate.hoursUntilExpiry <= 24 ? 'error' : 'warning', + }; +} + +function buildFailureMessage(site, error) { + return { + title: `CertRemind: ${site.alias} の証明書を確認できません`, + body: `${site.url} の証明書取得に失敗しました。${error.message}`, + severity: 'error', + }; +} + +async function loadMonitoringTargets(client) { + const result = await client.query( + `SELECT s.site_id, + s.user_id, + s.url, + s.alias, + COALESCE( + jsonb_agg( + jsonb_build_object( + 'site_alert_condition_id', c.site_alert_condition_id, + 'threshold_hours', c.threshold_hours, + 'webhook_method_ids', c.webhook_method_ids, + 'push_enabled', c.push_enabled + ) + ORDER BY c.threshold_hours ASC + ) FILTER (WHERE c.site_alert_condition_id IS NOT NULL), + '[]'::jsonb + ) AS conditions + FROM sites s + LEFT JOIN site_alert_conditions c ON c.site_id = s.site_id + GROUP BY s.site_id + ORDER BY s.created_at ASC`, + ); + + return result.rows; +} + +async function loadWebhooks(client, userId, methodIds) { + if (!methodIds || methodIds.length === 0) return []; + const result = await client.query( + `SELECT notification_method_id, alias, url + FROM notification_methods + WHERE user_id = $1 + AND notification_type = 'webhook' + AND notification_method_id = ANY($2::uuid[])`, + [userId, methodIds], + ); + return result.rows; +} + +async function loadPushSubscriptions(client, userId) { + const result = await client.query( + `SELECT notification_method_id, push_endpoint, push_p256dh, push_auth + FROM notification_methods + WHERE user_id = $1 + AND notification_type = 'push'`, + [userId], + ); + return result.rows; +} + +async function createAlert( + client, + { site, alertType, message, deliveryChannels, deliveryResult, dedupeKey }, +) { + const result = await client.query( + `INSERT INTO alert_history + (user_id, site_id, alert_type, content, delivery_channels, delivery_result, dedupe_key) + VALUES ($1, $2, $3, $4, $5::text[], $6::jsonb, $7) + ON CONFLICT (user_id, dedupe_key) DO NOTHING + RETURNING alert_id`, + [ + site.user_id, + site.site_id, + alertType, + message.body, + deliveryChannels, + JSON.stringify(deliveryResult), + dedupeKey, + ], + ); + return result.rows[0] ?? null; +} + +async function recordCertificateSuccess(client, site, certificate) { + await client.query( + `UPDATE sites + SET certificate_issuer = $2, + certificate_issued_at = $3, + certificate_expires_at = $4, + certificate_checked_at = now(), + certificate_check_error = NULL + WHERE site_id = $1`, + [site.site_id, certificate.issuer, certificate.issuedAt, certificate.expiresAt], + ); +} + +async function recordCertificateFailure(client, site, error) { + await client.query( + `UPDATE sites + SET certificate_checked_at = now(), + certificate_check_error = $2 + WHERE site_id = $1`, + [site.site_id, error.message], + ); +} + +async function processMatchingCondition(client, site, condition, certificate) { + if (certificate.hoursUntilExpiry > condition.threshold_hours) { + return { alerted: false }; + } + + const message = buildExpiryMessage(site, condition, certificate); + const webhooks = await loadWebhooks(client, site.user_id, condition.webhook_method_ids); + const pushSubscriptions = condition.push_enabled + ? await loadPushSubscriptions(client, site.user_id) + : []; + const deliveryResult = await deliverNotifications({ + webhooks, + pushSubscriptions, + pushEnabled: condition.push_enabled, + message, + }); + const dedupeKey = `certificate-expiring:${site.site_id}:${condition.threshold_hours}:${certificate.expiresAt.toISOString()}`; + const alert = await createAlert(client, { + site, + alertType: 'certificate_expiring', + message, + deliveryChannels: alertChannels(condition), + deliveryResult, + dedupeKey, + }); + + return { alerted: Boolean(alert), dedupeKey }; +} + +async function processFailure(client, site, error) { + await recordCertificateFailure(client, site, error); + const message = buildFailureMessage(site, error); + const day = new Date().toISOString().slice(0, 10); + const alert = await createAlert(client, { + site, + alertType: 'certificate_check_failed', + message, + deliveryChannels: ['app'], + deliveryResult: { app: { ok: true }, error: error.message }, + dedupeKey: `certificate-check-failed:${site.site_id}:${day}`, + }); + return { alerted: Boolean(alert) }; +} + +async function processSite(client, site) { + try { + const certificate = await getCertificateExpiry(site.url); + await recordCertificateSuccess(client, site, certificate); + const results = []; + for (const condition of site.conditions) { + results.push(await processMatchingCondition(client, site, condition, certificate)); + } + return { + siteId: site.site_id, + ok: true, + expiresAt: certificate.expiresAt, + alertsCreated: results.filter((result) => result.alerted).length, + }; + } catch (error) { + const failure = await processFailure(client, site, error); + return { + siteId: site.site_id, + ok: false, + error: error.message, + alertsCreated: failure.alerted ? 1 : 0, + }; + } +} + +async function runLimited(items, concurrency, worker) { + const results = []; + let index = 0; + + async function runNext() { + const currentIndex = index; + index += 1; + if (currentIndex >= items.length) return; + results[currentIndex] = await worker(items[currentIndex]); + await runNext(); + } + + await Promise.all(Array.from({ length: Math.min(concurrency, items.length) }, runNext)); + return results; +} + +export async function runCertificateMonitoring({ concurrency = DEFAULT_CONCURRENCY } = {}) { + const client = await pool.connect(); + const startedAt = new Date(); + try { + const targets = await loadMonitoringTargets(client); + const results = await runLimited(targets, concurrency, (site) => processSite(client, site)); + const finishedAt = new Date(); + return { + startedAt, + finishedAt, + checkedSites: targets.length, + alertsCreated: results.reduce((total, result) => total + result.alertsCreated, 0), + results, + }; + } finally { + client.release(); + } +} diff --git a/src/server/modules/monitoring/notifications.js b/src/server/modules/monitoring/notifications.js new file mode 100644 index 0000000..28835c6 --- /dev/null +++ b/src/server/modules/monitoring/notifications.js @@ -0,0 +1,93 @@ +import webpush from 'web-push'; +import { env } from '../../config/env.js'; + +let webPushConfigured = false; + +function configureWebPush() { + if (webPushConfigured) return true; + if (!env.vapidPublicKey || !env.vapidPrivateKey) return false; + webpush.setVapidDetails(env.vapidSubject, env.vapidPublicKey, env.vapidPrivateKey); + webPushConfigured = true; + return true; +} + +export async function sendWebhookNotification(webhook, message) { + const response = await fetch(webhook.url, { + method: 'POST', + headers: { 'content-type': 'application/json' }, + body: JSON.stringify({ + text: message.title, + attachments: [ + { + color: message.severity === 'error' ? 'danger' : 'warning', + text: message.body, + }, + ], + }), + }); + + if (!response.ok) { + throw new Error(`Webhook 送信に失敗しました (${response.status})`); + } +} + +export async function sendPushNotification(subscription, message) { + if (!configureWebPush()) { + throw new Error('VAPID key が設定されていません'); + } + + await webpush.sendNotification( + { + endpoint: subscription.push_endpoint, + keys: { + p256dh: subscription.push_p256dh, + auth: subscription.push_auth, + }, + }, + JSON.stringify({ + title: message.title, + body: message.body, + }), + ); +} + +export async function deliverNotifications({ webhooks, pushSubscriptions, pushEnabled, message }) { + const results = { + app: { ok: true }, + webhooks: [], + push: [], + }; + + for (const webhook of webhooks) { + try { + await sendWebhookNotification(webhook, message); + results.webhooks.push({ notificationMethodId: webhook.notification_method_id, ok: true }); + } catch (error) { + results.webhooks.push({ + notificationMethodId: webhook.notification_method_id, + ok: false, + error: error.message, + }); + } + } + + if (pushEnabled) { + for (const subscription of pushSubscriptions) { + try { + await sendPushNotification(subscription, message); + results.push.push({ + notificationMethodId: subscription.notification_method_id, + ok: true, + }); + } catch (error) { + results.push.push({ + notificationMethodId: subscription.notification_method_id, + ok: false, + error: error.message, + }); + } + } + } + + return results; +} diff --git a/src/server/modules/notificationMethods/routes.js b/src/server/modules/notificationMethods/routes.js new file mode 100644 index 0000000..fe53e91 --- /dev/null +++ b/src/server/modules/notificationMethods/routes.js @@ -0,0 +1,184 @@ +import { Hono } from 'hono'; +import { z } from 'zod'; +import { env } from '../../config/env.js'; +import { query } from '../../db/pool.js'; +import { requireAuth } from '../../middleware/auth.js'; +import { badRequest, notFound } from '../../utils/httpErrors.js'; +import { normalizeHttpsUrl } from '../../utils/urlPolicy.js'; + +const router = new Hono(); + +const webhookSchema = z.object({ + alias: z.string().trim().min(1).max(120), + url: z.string().trim().min(1).max(2048), +}); + +const pushSubscriptionSchema = z.object({ + endpoint: z.string().trim().url().max(2048), + keys: z.object({ + p256dh: z.string().trim().min(1).max(512), + auth: z.string().trim().min(1).max(512), + }), +}); + +function serializeWebhook(row) { + return { + notificationMethodId: row.notification_method_id, + alias: row.alias, + url: row.url, + createdAt: row.created_at, + updatedAt: row.updated_at, + }; +} + +function serializePushSubscription(row) { + return { + notificationMethodId: row.notification_method_id, + endpoint: row.push_endpoint, + createdAt: row.created_at, + updatedAt: row.updated_at, + }; +} + +router.use('*', requireAuth); + +router.get('/', async (c) => { + const user = c.get('user'); + const result = await query( + `SELECT notification_method_id, + notification_type, + alias, + url, + push_endpoint, + created_at, + updated_at + FROM notification_methods + WHERE user_id = $1 + ORDER BY created_at DESC`, + [user.user_id], + ); + + return c.json({ + webhooks: result.rows + .filter((row) => row.notification_type === 'webhook') + .map(serializeWebhook), + pushSubscriptions: result.rows + .filter((row) => row.notification_type === 'push') + .map(serializePushSubscription), + vapidPublicKey: env.vapidPublicKey, + }); +}); + +router.post('/webhooks', async (c) => { + const body = webhookSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + let normalizedUrl; + try { + normalizedUrl = normalizeHttpsUrl(body.data.url); + } catch (error) { + throw badRequest(error.message); + } + + const result = await query( + `INSERT INTO notification_methods (user_id, notification_type, alias, url) + VALUES ($1, 'webhook', $2, $3) + RETURNING notification_method_id, alias, url, created_at, updated_at`, + [c.get('user').user_id, body.data.alias, normalizedUrl], + ); + + return c.json({ webhook: serializeWebhook(result.rows[0]) }, 201); +}); + +router.patch('/webhooks/:methodId', async (c) => { + const methodId = z.string().uuid().safeParse(c.req.param('methodId')); + if (!methodId.success) { + throw badRequest('通知方法 ID が不正です'); + } + + const body = webhookSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + let normalizedUrl; + try { + normalizedUrl = normalizeHttpsUrl(body.data.url); + } catch (error) { + throw badRequest(error.message); + } + + const result = await query( + `UPDATE notification_methods + SET alias = $3, + url = $4 + WHERE user_id = $1 + AND notification_method_id = $2 + AND notification_type = 'webhook' + RETURNING notification_method_id, alias, url, created_at, updated_at`, + [c.get('user').user_id, methodId.data, body.data.alias, normalizedUrl], + ); + + if (!result.rows[0]) { + throw notFound('Webhook が見つかりません'); + } + + return c.json({ webhook: serializeWebhook(result.rows[0]) }); +}); + +router.delete('/webhooks/:methodId', async (c) => { + const methodId = z.string().uuid().safeParse(c.req.param('methodId')); + if (!methodId.success) { + throw badRequest('通知方法 ID が不正です'); + } + + const result = await query( + `DELETE FROM notification_methods + WHERE user_id = $1 + AND notification_method_id = $2 + AND notification_type = 'webhook' + RETURNING notification_method_id`, + [c.get('user').user_id, methodId.data], + ); + + if (!result.rows[0]) { + throw notFound('Webhook が見つかりません'); + } + + return c.json({ ok: true }); +}); + +router.post('/push-subscriptions', async (c) => { + const body = pushSubscriptionSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('購読情報を確認してください', body.error.flatten()); + } + + const endpoint = new URL(body.data.endpoint); + if (endpoint.protocol !== 'https:') { + throw badRequest('Push endpoint は HTTPS である必要があります'); + } + + const user = c.get('user'); + await query( + `DELETE FROM notification_methods + WHERE user_id = $1 + AND notification_type = 'push' + AND push_endpoint = $2`, + [user.user_id, body.data.endpoint], + ); + + const result = await query( + `INSERT INTO notification_methods + (user_id, notification_type, alias, push_endpoint, push_p256dh, push_auth) + VALUES ($1, 'push', 'Browser Push', $2, $3, $4) + RETURNING notification_method_id, push_endpoint, created_at, updated_at`, + [user.user_id, body.data.endpoint, body.data.keys.p256dh, body.data.keys.auth], + ); + + return c.json({ pushSubscription: serializePushSubscription(result.rows[0]) }, 201); +}); + +export default router; diff --git a/src/server/modules/sites/routes.js b/src/server/modules/sites/routes.js new file mode 100644 index 0000000..b1b3f6c --- /dev/null +++ b/src/server/modules/sites/routes.js @@ -0,0 +1,360 @@ +import { Hono } from 'hono'; +import { z } from 'zod'; +import { pool, query } from '../../db/pool.js'; +import { requireAuth } from '../../middleware/auth.js'; +import { getCertificateExpiry } from '../monitoring/certificate.js'; +import { badRequest, notFound } from '../../utils/httpErrors.js'; +import { defaultAliasForUrl, normalizeHttpsUrl } from '../../utils/urlPolicy.js'; + +const router = new Hono(); +const INITIAL_CERTIFICATE_TIMEOUT_MS = 3_000; + +const createSiteSchema = z.object({ + url: z.string().trim().min(1).max(2048), + alias: z.string().trim().max(120).optional(), +}); + +const updateSiteSchema = z.object({ + alias: z.string().trim().min(1).max(120), +}); + +const settingsSchema = z.object({ + conditions: z + .array( + z.object({ + thresholdHours: z.number().int().min(1).max(17520), + }), + ) + .min(1) + .max(12), + webhookMethodIds: z.array(z.string().uuid()).max(20).default([]), + pushEnabled: z.boolean().default(false), +}); + +function serializeSite(row) { + return { + siteId: row.site_id, + url: row.url, + alias: row.alias, + certificateIssuer: row.certificate_issuer, + certificateIssuedAt: row.certificate_issued_at, + certificateExpiresAt: row.certificate_expires_at, + certificateCheckedAt: row.certificate_checked_at, + certificateCheckError: row.certificate_check_error, + createdAt: row.created_at, + updatedAt: row.updated_at, + }; +} + +function serializeCondition(row) { + return { + siteAlertConditionId: row.site_alert_condition_id, + conditionType: row.condition_type, + thresholdHours: row.threshold_hours, + webhookMethodIds: row.webhook_method_ids ?? [], + pushEnabled: row.push_enabled, + }; +} + +function serializeWebhook(row) { + return { + notificationMethodId: row.notification_method_id, + alias: row.alias, + url: row.url, + }; +} + +async function getSiteForUser(userId, siteId) { + const result = await query( + `SELECT site_id, + url, + alias, + certificate_issuer, + certificate_issued_at, + certificate_expires_at, + certificate_checked_at, + certificate_check_error, + created_at, + updated_at + FROM sites + WHERE user_id = $1 AND site_id = $2`, + [userId, siteId], + ); + return result.rows[0] ?? null; +} + +async function assertWebhookOwnership(userId, webhookMethodIds) { + if (webhookMethodIds.length === 0) return; + + const result = await query( + `SELECT notification_method_id + FROM notification_methods + WHERE user_id = $1 + AND notification_type = 'webhook' + AND notification_method_id = ANY($2::uuid[])`, + [userId, webhookMethodIds], + ); + + if (result.rowCount !== new Set(webhookMethodIds).size) { + throw badRequest('選択された Webhook が見つかりません'); + } +} + +router.use('*', requireAuth); + +router.get('/', async (c) => { + const user = c.get('user'); + const result = await query( + `SELECT site_id, + url, + alias, + certificate_issuer, + certificate_issued_at, + certificate_expires_at, + certificate_checked_at, + certificate_check_error, + created_at, + updated_at + FROM sites + WHERE user_id = $1 + ORDER BY created_at DESC`, + [user.user_id], + ); + return c.json({ sites: result.rows.map(serializeSite) }); +}); + +router.get('/:siteId/settings', async (c) => { + const user = c.get('user'); + const site = await getSiteForUser(user.user_id, c.req.param('siteId')); + if (!site) { + throw notFound('サイトが見つかりません'); + } + + const [conditions, webhooks] = await Promise.all([ + query( + `SELECT site_alert_condition_id, + condition_type, + threshold_hours, + webhook_method_ids, + push_enabled + FROM site_alert_conditions + WHERE site_id = $1 + ORDER BY threshold_hours ASC`, + [site.site_id], + ), + query( + `SELECT notification_method_id, alias, url + FROM notification_methods + WHERE user_id = $1 + AND notification_type = 'webhook' + ORDER BY created_at DESC`, + [user.user_id], + ), + ]); + + return c.json({ + site: serializeSite(site), + settings: { + appAlertEnabled: true, + conditions: conditions.rows.map(serializeCondition), + availableWebhooks: webhooks.rows.map(serializeWebhook), + }, + }); +}); + +router.put('/:siteId/settings', async (c) => { + const body = settingsSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const user = c.get('user'); + const site = await getSiteForUser(user.user_id, c.req.param('siteId')); + if (!site) { + throw notFound('サイトが見つかりません'); + } + + const uniqueThresholds = new Set( + body.data.conditions.map((condition) => condition.thresholdHours), + ); + if (uniqueThresholds.size !== body.data.conditions.length) { + throw badRequest('同じ通知タイミングは重複して登録できません'); + } + + const webhookMethodIds = [...new Set(body.data.webhookMethodIds)]; + await assertWebhookOwnership(user.user_id, webhookMethodIds); + + const client = await pool.connect(); + + try { + await client.query('BEGIN'); + await client.query('DELETE FROM site_alert_conditions WHERE site_id = $1', [site.site_id]); + + const inserted = []; + for (const condition of body.data.conditions) { + const result = await client.query( + `INSERT INTO site_alert_conditions + (site_id, condition_type, threshold_hours, webhook_method_ids, push_enabled) + VALUES ($1, 'expires_within_hours', $2, $3::uuid[], $4) + RETURNING site_alert_condition_id, + condition_type, + threshold_hours, + webhook_method_ids, + push_enabled`, + [site.site_id, condition.thresholdHours, webhookMethodIds, body.data.pushEnabled], + ); + inserted.push(serializeCondition(result.rows[0])); + } + + await client.query('COMMIT'); + return c.json({ + site: serializeSite(site), + settings: { + appAlertEnabled: true, + conditions: inserted, + }, + }); + } catch (error) { + await client.query('ROLLBACK').catch(() => {}); + throw error; + } finally { + client.release(); + } +}); + +router.delete('/:siteId/settings', async (c) => { + const user = c.get('user'); + const site = await getSiteForUser(user.user_id, c.req.param('siteId')); + if (!site) { + throw notFound('サイトが見つかりません'); + } + + await query('DELETE FROM site_alert_conditions WHERE site_id = $1', [site.site_id]); + return c.json({ ok: true }); +}); + +router.post('/', async (c) => { + const body = createSiteSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + let normalizedUrl; + try { + normalizedUrl = normalizeHttpsUrl(body.data.url); + } catch (error) { + throw badRequest(error.message); + } + + const alias = body.data.alias || defaultAliasForUrl(normalizedUrl); + const user = c.get('user'); + let certificate; + + try { + certificate = await getCertificateExpiry(normalizedUrl, { + timeoutMs: INITIAL_CERTIFICATE_TIMEOUT_MS, + }); + } catch (error) { + throw badRequest('証明書の期限を取得できませんでした', { + reason: error.message, + }); + } + + try { + const result = await query( + `INSERT INTO sites + (user_id, url, alias, certificate_issuer, certificate_issued_at, certificate_expires_at, certificate_checked_at) + VALUES ($1, $2, $3, $4, $5, $6, now()) + RETURNING site_id, + url, + alias, + certificate_issuer, + certificate_issued_at, + certificate_expires_at, + certificate_checked_at, + certificate_check_error, + created_at, + updated_at`, + [ + user.user_id, + normalizedUrl, + alias, + certificate.issuer, + certificate.issuedAt, + certificate.expiresAt, + ], + ); + return c.json({ site: serializeSite(result.rows[0]) }, 201); + } catch (error) { + if (error?.code === '23505') { + throw badRequest('このサイトはすでに登録されています'); + } + throw error; + } +}); + +router.get('/:siteId', async (c) => { + const user = c.get('user'); + const result = await query( + `SELECT site_id, + url, + alias, + certificate_issuer, + certificate_issued_at, + certificate_expires_at, + certificate_checked_at, + certificate_check_error, + created_at, + updated_at + FROM sites + WHERE user_id = $1 AND site_id = $2`, + [user.user_id, c.req.param('siteId')], + ); + if (!result.rows[0]) { + throw notFound('サイトが見つかりません'); + } + return c.json({ site: serializeSite(result.rows[0]) }); +}); + +router.patch('/:siteId', async (c) => { + const body = updateSiteSchema.safeParse(await c.req.json().catch(() => null)); + if (!body.success) { + throw badRequest('入力内容を確認してください', body.error.flatten()); + } + + const user = c.get('user'); + const result = await query( + `UPDATE sites + SET alias = $3 + WHERE user_id = $1 AND site_id = $2 + RETURNING site_id, + url, + alias, + certificate_issuer, + certificate_issued_at, + certificate_expires_at, + certificate_checked_at, + certificate_check_error, + created_at, + updated_at`, + [user.user_id, c.req.param('siteId'), body.data.alias], + ); + if (!result.rows[0]) { + throw notFound('サイトが見つかりません'); + } + return c.json({ site: serializeSite(result.rows[0]) }); +}); + +router.delete('/:siteId', async (c) => { + const user = c.get('user'); + const result = await query( + 'DELETE FROM sites WHERE user_id = $1 AND site_id = $2 RETURNING site_id', + [user.user_id, c.req.param('siteId')], + ); + if (!result.rows[0]) { + throw notFound('サイトが見つかりません'); + } + return c.json({ ok: true }); +}); + +export default router; diff --git a/src/server/utils/httpErrors.js b/src/server/utils/httpErrors.js new file mode 100644 index 0000000..de66b51 --- /dev/null +++ b/src/server/utils/httpErrors.js @@ -0,0 +1,23 @@ +export class HttpError extends Error { + constructor(status, message, details) { + super(message); + this.status = status; + this.details = details; + } +} + +export function badRequest(message, details) { + return new HttpError(400, message, details); +} + +export function unauthorized(message = '認証が必要です') { + return new HttpError(401, message); +} + +export function forbidden(message = '操作できません') { + return new HttpError(403, message); +} + +export function notFound(message = '見つかりません') { + return new HttpError(404, message); +} diff --git a/src/server/utils/logger.js b/src/server/utils/logger.js new file mode 100644 index 0000000..6ea6269 --- /dev/null +++ b/src/server/utils/logger.js @@ -0,0 +1,23 @@ +function write(level, event, details = {}) { + const payload = { + level, + event, + timestamp: new Date().toISOString(), + ...details, + }; + const line = JSON.stringify(payload); + if (level === 'error') { + console.error(line); + } else { + console.log(line); + } +} + +export const logger = { + info(event, details) { + write('info', event, details); + }, + error(event, details) { + write('error', event, details); + }, +}; diff --git a/src/server/utils/urlPolicy.js b/src/server/utils/urlPolicy.js new file mode 100644 index 0000000..722874d --- /dev/null +++ b/src/server/utils/urlPolicy.js @@ -0,0 +1,46 @@ +import { z } from 'zod'; + +const blockedHosts = new Set(['localhost', 'localhost.localdomain']); + +function isPrivateIPv4(hostname) { + const parts = hostname.split('.').map((part) => Number.parseInt(part, 10)); + if (parts.length !== 4 || parts.some((part) => Number.isNaN(part) || part < 0 || part > 255)) { + return false; + } + + const [a, b] = parts; + return ( + a === 10 || + a === 127 || + (a === 172 && b >= 16 && b <= 31) || + (a === 192 && b === 168) || + (a === 169 && b === 254) || + a === 0 + ); +} + +export function normalizeHttpsUrl(value) { + const raw = z.string().trim().min(1).max(2048).parse(value); + const withScheme = /^https?:\/\//i.test(raw) ? raw : `https://${raw}`; + const url = new URL(withScheme); + + if (url.protocol !== 'https:') { + throw new Error('HTTPS の URL を指定してください'); + } + + url.hash = ''; + url.username = ''; + url.password = ''; + + const hostname = url.hostname.toLowerCase(); + if (!hostname || blockedHosts.has(hostname) || isPrivateIPv4(hostname) || hostname === '::1') { + throw new Error('監視できないホストです'); + } + + return url.toString(); +} + +export function defaultAliasForUrl(urlValue) { + const url = new URL(urlValue); + return url.hostname; +} diff --git a/tests/apiSecurity.test.js b/tests/apiSecurity.test.js new file mode 100644 index 0000000..dc16c88 --- /dev/null +++ b/tests/apiSecurity.test.js @@ -0,0 +1,293 @@ +import { beforeEach, describe, expect, it, vi } from 'vitest'; +import { createApp } from '../src/server/app.js'; +import { query } from '../src/server/db/pool.js'; +import { getCertificateExpiry } from '../src/server/modules/monitoring/certificate.js'; + +vi.mock('../src/server/db/pool.js', () => ({ + pool: { + connect: vi.fn(), + }, + query: vi.fn(), +})); + +vi.mock('../src/server/modules/monitoring/certificate.js', () => ({ + getCertificateExpiry: vi.fn(), +})); + +const USER_ID = '11111111-1111-4111-8111-111111111111'; +const SITE_ID = '22222222-2222-4222-8222-222222222222'; +const ALERT_ID = '33333333-3333-4333-8333-333333333333'; +const WEBHOOK_ID = '44444444-4444-4444-8444-444444444444'; + +function authCookie() { + return 'certremind_session=session-1'; +} + +function csrfCookie() { + return `${authCookie()}; certremind_csrf=csrf-token`; +} + +function mockAuthenticatedUser() { + query.mockImplementation(async (sql, params) => { + if (sql.includes('FROM sessions s')) { + expect(params).toEqual(['session-1']); + return { + rows: [ + { + user_id: USER_ID, + username: 'alice', + display_name: 'Alice', + }, + ], + }; + } + + throw new Error(`Unexpected query: ${sql}`); + }); +} + +describe('API security boundaries', () => { + beforeEach(() => { + query.mockReset(); + getCertificateExpiry.mockReset(); + }); + + it('requires a CSRF token for state-changing API requests', async () => { + const app = createApp(); + + const response = await app.request('/api/sites', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ url: 'https://example.com', alias: 'Example' }), + }); + + expect(response.status).toBe(403); + await expect(response.json()).resolves.toMatchObject({ + error: 'CSRF トークンが不正です', + }); + expect(query).not.toHaveBeenCalled(); + }); + + it('requires authentication for site listing', async () => { + const app = createApp(); + + const response = await app.request('/api/sites'); + + expect(response.status).toBe(401); + await expect(response.json()).resolves.toMatchObject({ + error: '認証が必要です', + }); + expect(query).not.toHaveBeenCalled(); + }); + + it('uses the session user when listing sites', async () => { + mockAuthenticatedUser(); + query.mockImplementationOnce(query.getMockImplementation()).mockImplementationOnce(async (sql, params) => { + expect(sql).toContain('FROM sites'); + expect(params).toEqual([USER_ID]); + return { + rows: [ + { + site_id: SITE_ID, + url: 'https://example.com/', + alias: 'Example', + certificate_issuer: 'C = US, O = Example CA, CN = Example Root', + certificate_issued_at: '2026-01-01T00:00:00.000Z', + certificate_expires_at: '2026-12-31T00:00:00.000Z', + certificate_checked_at: '2026-05-21T00:00:00.000Z', + certificate_check_error: null, + created_at: '2026-05-20T00:00:00.000Z', + updated_at: '2026-05-21T00:00:00.000Z', + }, + ], + }; + }); + + const app = createApp(); + const response = await app.request('/api/sites', { + headers: { + Cookie: authCookie(), + }, + }); + + expect(response.status).toBe(200); + await expect(response.json()).resolves.toMatchObject({ + sites: [ + { + siteId: SITE_ID, + certificateIssuer: 'C = US, O = Example CA, CN = Example Root', + certificateIssuedAt: '2026-01-01T00:00:00.000Z', + certificateExpiresAt: '2026-12-31T00:00:00.000Z', + }, + ], + }); + }); + + it('rejects private webhook URLs before insertion', async () => { + mockAuthenticatedUser(); + const app = createApp(); + + const response = await app.request('/api/notification-methods/webhooks', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + Cookie: csrfCookie(), + 'x-csrf-token': 'csrf-token', + }, + body: JSON.stringify({ alias: 'Internal', url: 'https://127.0.0.1/hook' }), + }); + + expect(response.status).toBe(400); + expect(query).toHaveBeenCalledTimes(1); + }); + + it('stores the initial certificate metadata when creating a site', async () => { + const issuer = 'C = US, O = Example CA, CN = Example Root'; + const issuedAt = new Date('2026-01-01T00:00:00.000Z'); + const expiresAt = new Date('2026-12-31T00:00:00.000Z'); + getCertificateExpiry.mockResolvedValue({ issuer, issuedAt, expiresAt, hoursUntilExpiry: 24 * 30 }); + mockAuthenticatedUser(); + query.mockImplementationOnce(query.getMockImplementation()).mockImplementationOnce(async (sql, params) => { + expect(sql).toContain('INSERT INTO sites'); + expect(sql).toContain('certificate_issuer'); + expect(sql).toContain('certificate_issued_at'); + expect(sql).toContain('certificate_expires_at'); + expect(sql).toContain('certificate_checked_at'); + expect(params).toEqual([USER_ID, 'https://example.com/', 'Example', issuer, issuedAt, expiresAt]); + return { + rows: [ + { + site_id: SITE_ID, + url: 'https://example.com/', + alias: 'Example', + certificate_issuer: issuer, + certificate_issued_at: issuedAt.toISOString(), + certificate_expires_at: expiresAt.toISOString(), + certificate_checked_at: '2026-05-21T00:00:00.000Z', + certificate_check_error: null, + created_at: '2026-05-20T00:00:00.000Z', + updated_at: '2026-05-21T00:00:00.000Z', + }, + ], + }; + }); + + const app = createApp(); + const response = await app.request('/api/sites', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + Cookie: csrfCookie(), + 'x-csrf-token': 'csrf-token', + }, + body: JSON.stringify({ url: 'https://example.com', alias: 'Example' }), + }); + + expect(response.status).toBe(201); + expect(getCertificateExpiry).toHaveBeenCalledWith('https://example.com/', { + timeoutMs: 3000, + }); + await expect(response.json()).resolves.toMatchObject({ + site: { + siteId: SITE_ID, + certificateIssuer: issuer, + certificateIssuedAt: issuedAt.toISOString(), + certificateExpiresAt: expiresAt.toISOString(), + }, + }); + }); + + it('rejects site creation when the initial certificate expiry cannot be fetched', async () => { + getCertificateExpiry.mockRejectedValue(new Error('OpenSSL の実行がタイムアウトしました')); + mockAuthenticatedUser(); + + const app = createApp(); + const response = await app.request('/api/sites', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + Cookie: csrfCookie(), + 'x-csrf-token': 'csrf-token', + }, + body: JSON.stringify({ url: 'https://example.com', alias: 'Example' }), + }); + + expect(response.status).toBe(400); + expect(query).toHaveBeenCalledTimes(1); + await expect(response.json()).resolves.toMatchObject({ + error: '証明書の期限を取得できませんでした', + details: { + reason: 'OpenSSL の実行がタイムアウトしました', + }, + }); + }); + + it('does not mark another user alert as read', async () => { + mockAuthenticatedUser(); + query.mockImplementationOnce(query.getMockImplementation()).mockImplementationOnce(async (sql, params) => { + expect(sql).toContain('UPDATE alert_history'); + expect(params).toEqual([USER_ID, ALERT_ID]); + return { rows: [] }; + }); + + const app = createApp(); + const response = await app.request(`/api/alerts/${ALERT_ID}/read`, { + method: 'PATCH', + headers: { + Cookie: csrfCookie(), + 'x-csrf-token': 'csrf-token', + }, + }); + + expect(response.status).toBe(404); + }); + + it('rejects settings that reference another user webhook', async () => { + mockAuthenticatedUser(); + query + .mockImplementationOnce(query.getMockImplementation()) + .mockImplementationOnce(async () => ({ + rows: [ + { + site_id: SITE_ID, + url: 'https://example.com/', + alias: 'Example', + certificate_issuer: null, + certificate_issued_at: null, + certificate_expires_at: null, + certificate_checked_at: null, + certificate_check_error: null, + created_at: '2026-05-20T00:00:00.000Z', + updated_at: '2026-05-21T00:00:00.000Z', + }, + ], + })) + .mockImplementationOnce(async (sql, params) => { + expect(sql).toContain('FROM notification_methods'); + expect(params).toEqual([USER_ID, [WEBHOOK_ID]]); + return { rowCount: 0, rows: [] }; + }); + + const app = createApp(); + const response = await app.request(`/api/sites/${SITE_ID}/settings`, { + method: 'PUT', + headers: { + 'Content-Type': 'application/json', + Cookie: csrfCookie(), + 'x-csrf-token': 'csrf-token', + }, + body: JSON.stringify({ + conditions: [{ thresholdHours: 24 }], + webhookMethodIds: [WEBHOOK_ID], + pushEnabled: false, + }), + }); + + expect(response.status).toBe(400); + await expect(response.json()).resolves.toMatchObject({ + error: '選択された Webhook が見つかりません', + }); + }); +}); diff --git a/tests/monitoring.test.js b/tests/monitoring.test.js new file mode 100644 index 0000000..22df864 --- /dev/null +++ b/tests/monitoring.test.js @@ -0,0 +1,225 @@ +import { beforeEach, describe, expect, it, vi } from 'vitest'; +import { runCertificateMonitoring } from '../src/server/modules/monitoring/monitor.js'; +import { pool } from '../src/server/db/pool.js'; +import { getCertificateExpiry } from '../src/server/modules/monitoring/certificate.js'; +import { deliverNotifications } from '../src/server/modules/monitoring/notifications.js'; + +const mocks = vi.hoisted(() => ({ + client: { + query: vi.fn(), + release: vi.fn(), + }, + getCertificateExpiry: vi.fn(), + deliverNotifications: vi.fn(), +})); + +vi.mock('../src/server/db/pool.js', () => ({ + pool: { + connect: vi.fn(async () => mocks.client), + }, +})); + +vi.mock('../src/server/modules/monitoring/certificate.js', () => ({ + getCertificateExpiry: mocks.getCertificateExpiry, +})); + +vi.mock('../src/server/modules/monitoring/notifications.js', () => ({ + deliverNotifications: mocks.deliverNotifications, +})); + +const SITE_ID = '22222222-2222-4222-8222-222222222222'; +const USER_ID = '11111111-1111-4111-8111-111111111111'; +const WEBHOOK_ID = '44444444-4444-4444-8444-444444444444'; + +describe('certificate monitoring', () => { + beforeEach(() => { + vi.clearAllMocks(); + }); + + it('stores the latest certificate expiry and creates an alert when a threshold matches', async () => { + const issuer = 'C = US, O = Example CA, CN = Example Root'; + const issuedAt = new Date('2026-01-01T00:00:00.000Z'); + const expiresAt = new Date(Date.now() + 12 * 60 * 60 * 1000); + + getCertificateExpiry.mockResolvedValue({ + issuer, + issuedAt, + expiresAt, + hoursUntilExpiry: 12, + }); + deliverNotifications.mockResolvedValue({ + webhook: [{ ok: true }], + push: { ok: true }, + }); + + mocks.client.query.mockImplementation(async (sql, params) => { + if (sql.includes('FROM sites s') && sql.includes('LEFT JOIN site_alert_conditions')) { + return { + rows: [ + { + site_id: SITE_ID, + user_id: USER_ID, + url: 'https://example.com/', + alias: 'Example', + conditions: [ + { + site_alert_condition_id: '55555555-5555-4555-8555-555555555555', + threshold_hours: 24, + webhook_method_ids: [WEBHOOK_ID], + push_enabled: true, + }, + ], + }, + ], + }; + } + + if (sql.includes('SET certificate_issuer')) { + expect(sql).toContain('certificate_issued_at'); + expect(sql).toContain('certificate_expires_at'); + expect(params).toEqual([SITE_ID, issuer, issuedAt, expiresAt]); + return { rows: [] }; + } + + if (sql.includes('FROM notification_methods') && sql.includes("notification_type = 'webhook'")) { + expect(params).toEqual([USER_ID, [WEBHOOK_ID]]); + return { + rows: [ + { + notification_method_id: WEBHOOK_ID, + alias: 'Deploy hook', + url: 'https://hooks.example.com/', + }, + ], + }; + } + + if (sql.includes('FROM notification_methods') && sql.includes("notification_type = 'push'")) { + expect(params).toEqual([USER_ID]); + return { + rows: [ + { + notification_method_id: '66666666-6666-4666-8666-666666666666', + push_endpoint: 'https://push.example.com/subscription', + push_p256dh: 'p256dh', + push_auth: 'auth', + }, + ], + }; + } + + if (sql.includes('INSERT INTO alert_history')) { + expect(params[0]).toBe(USER_ID); + expect(params[1]).toBe(SITE_ID); + expect(params[2]).toBe('certificate_expiring'); + expect(params[4]).toEqual(['app', 'webhook', 'push']); + return { rows: [{ alert_id: '77777777-7777-4777-8777-777777777777' }] }; + } + + throw new Error(`Unexpected query: ${sql}`); + }); + + const result = await runCertificateMonitoring({ concurrency: 1 }); + + expect(pool.connect).toHaveBeenCalledOnce(); + expect(getCertificateExpiry).toHaveBeenCalledWith('https://example.com/'); + expect(deliverNotifications).toHaveBeenCalledOnce(); + expect(mocks.client.release).toHaveBeenCalledOnce(); + expect(result).toMatchObject({ + checkedSites: 1, + alertsCreated: 1, + results: [{ siteId: SITE_ID, ok: true, alertsCreated: 1 }], + }); + }); + + it('stores certificate check errors without clearing the previous expiry', async () => { + const error = new Error('openssl failed'); + + getCertificateExpiry.mockRejectedValue(error); + mocks.client.query.mockImplementation(async (sql, params) => { + if (sql.includes('FROM sites s') && sql.includes('LEFT JOIN site_alert_conditions')) { + return { + rows: [ + { + site_id: SITE_ID, + user_id: USER_ID, + url: 'https://example.com/', + alias: 'Example', + conditions: [], + }, + ], + }; + } + + if (sql.includes('SET certificate_checked_at') && sql.includes('certificate_check_error = $2')) { + expect(sql).not.toContain('certificate_expires_at'); + expect(params).toEqual([SITE_ID, error.message]); + return { rows: [] }; + } + + if (sql.includes('INSERT INTO alert_history')) { + expect(params[2]).toBe('certificate_check_failed'); + expect(JSON.parse(params[5])).toMatchObject({ error: error.message }); + return { rows: [{ alert_id: '77777777-7777-4777-8777-777777777777' }] }; + } + + throw new Error(`Unexpected query: ${sql}`); + }); + + const result = await runCertificateMonitoring({ concurrency: 1 }); + + expect(result).toMatchObject({ + checkedSites: 1, + alertsCreated: 1, + results: [{ siteId: SITE_ID, ok: false, error: error.message }], + }); + }); + + it('checks and stores certificate expiry for sites without alert conditions', async () => { + const issuer = 'C = US, O = Example CA, CN = Example Root'; + const issuedAt = new Date('2026-01-01T00:00:00.000Z'); + const expiresAt = new Date(Date.now() + 90 * 24 * 60 * 60 * 1000); + + getCertificateExpiry.mockResolvedValue({ + issuer, + issuedAt, + expiresAt, + hoursUntilExpiry: 90 * 24, + }); + + mocks.client.query.mockImplementation(async (sql, params) => { + if (sql.includes('FROM sites s') && sql.includes('LEFT JOIN site_alert_conditions')) { + return { + rows: [ + { + site_id: SITE_ID, + user_id: USER_ID, + url: 'https://example.com/', + alias: 'Example', + conditions: [], + }, + ], + }; + } + + if (sql.includes('SET certificate_issuer')) { + expect(sql).toContain('certificate_issued_at'); + expect(sql).toContain('certificate_expires_at'); + expect(params).toEqual([SITE_ID, issuer, issuedAt, expiresAt]); + return { rows: [] }; + } + + throw new Error(`Unexpected query: ${sql}`); + }); + + const result = await runCertificateMonitoring({ concurrency: 1 }); + + expect(getCertificateExpiry).toHaveBeenCalledWith('https://example.com/'); + expect(deliverNotifications).not.toHaveBeenCalled(); + expect(result).toMatchObject({ + checkedSites: 1, + alertsCreated: 0, + results: [{ siteId: SITE_ID, ok: true, alertsCreated: 0 }], + }); + }); +}); diff --git a/tests/urlPolicy.test.js b/tests/urlPolicy.test.js new file mode 100644 index 0000000..b6aba3a --- /dev/null +++ b/tests/urlPolicy.test.js @@ -0,0 +1,21 @@ +import { describe, expect, it } from 'vitest'; +import { defaultAliasForUrl, normalizeHttpsUrl } from '../src/server/utils/urlPolicy.js'; + +describe('urlPolicy', () => { + it('normalizes host-only values to https URLs', () => { + expect(normalizeHttpsUrl('example.com')).toBe('https://example.com/'); + }); + + it('rejects non-https URLs', () => { + expect(() => normalizeHttpsUrl('http://example.com')).toThrow('HTTPS'); + }); + + it('rejects localhost addresses', () => { + expect(() => normalizeHttpsUrl('https://localhost')).toThrow('監視できない'); + expect(() => normalizeHttpsUrl('https://127.0.0.1')).toThrow('監視できない'); + }); + + it('uses the hostname as a default alias', () => { + expect(defaultAliasForUrl('https://www.example.com/path')).toBe('www.example.com'); + }); +}); diff --git a/vite.config.js b/vite.config.js new file mode 100644 index 0000000..fd4489b --- /dev/null +++ b/vite.config.js @@ -0,0 +1,12 @@ +import react from '@vitejs/plugin-react'; +import { defineConfig } from 'vite'; + +export default defineConfig({ + plugins: [react()], + server: { + port: 5173, + proxy: { + '/api': 'http://127.0.0.1:3000', + }, + }, +});