remove distribution from hold, add vulnerability scanning in appview. · evan.jarrett.net/at-container-registry@de02e1f

+418

cmd/s3-test/main.go

··· 1 + // Command s3-test is a diagnostic tool that tests S3 connectivity using both 2 + // AWS SDK v1 (used by distribution's storage driver) and AWS SDK v2 (used by 3 + // ATCR's presigned URL service). It helps diagnose signature compatibility 4 + // issues with S3-compatible storage providers. 5 + package main 6 + 7 + import ( 8 + "bufio" 9 + "context" 10 + "flag" 11 + "fmt" 12 + "io" 13 + "net/http" 14 + "net/url" 15 + "os" 16 + "strings" 17 + "time" 18 + 19 + awsv1 "github.com/aws/aws-sdk-go/aws" 20 + credentialsv1 "github.com/aws/aws-sdk-go/aws/credentials" 21 + "github.com/aws/aws-sdk-go/aws/session" 22 + s3v1 "github.com/aws/aws-sdk-go/service/s3" 23 + 24 + awsv2 "github.com/aws/aws-sdk-go-v2/aws" 25 + configv2 "github.com/aws/aws-sdk-go-v2/config" 26 + credentialsv2 "github.com/aws/aws-sdk-go-v2/credentials" 27 + s3v2 "github.com/aws/aws-sdk-go-v2/service/s3" 28 + ) 29 + 30 + func main() { 31 + var ( 32 + envFile = flag.String("env-file", "", "Load environment variables from file (KEY=VALUE format)") 33 + accessKey = flag.String("access-key", "", "S3 access key (env: AWS_ACCESS_KEY_ID)") 34 + secretKey = flag.String("secret-key", "", "S3 secret key (env: AWS_SECRET_ACCESS_KEY)") 35 + region = flag.String("region", "", "S3 region (env: S3_REGION)") 36 + bucket = flag.String("bucket", "", "S3 bucket name (env: S3_BUCKET)") 37 + endpoint = flag.String("endpoint", "", "S3 endpoint URL (env: S3_ENDPOINT)") 38 + pullZone = flag.String("pull-zone", "", "CDN pull zone URL for presigned reads (env: PULL_ZONE)") 39 + prefix = flag.String("prefix", "docker/registry/v2/blobs", "Key prefix for list operations") 40 + verbose = flag.Bool("verbose", false, "Enable SDK debug signing logs") 41 + ) 42 + flag.Parse() 43 + 44 + // Load env file first, then let flags and real env vars override 45 + if *envFile != "" { 46 + if err := loadEnvFile(*envFile); err != nil { 47 + fmt.Fprintf(os.Stderr, "Error loading env file: %v\n", err) 48 + os.Exit(1) 49 + } 50 + } 51 + 52 + // Resolve: flag > env var > default 53 + if *accessKey == "" { 54 + *accessKey = os.Getenv("AWS_ACCESS_KEY_ID") 55 + } 56 + if *secretKey == "" { 57 + *secretKey = os.Getenv("AWS_SECRET_ACCESS_KEY") 58 + } 59 + if *region == "" { 60 + *region = envOr("S3_REGION", "us-east-1") 61 + } 62 + if *bucket == "" { 63 + *bucket = os.Getenv("S3_BUCKET") 64 + } 65 + if *endpoint == "" { 66 + *endpoint = os.Getenv("S3_ENDPOINT") 67 + } 68 + if *pullZone == "" { 69 + *pullZone = os.Getenv("PULL_ZONE") 70 + } 71 + 72 + if *accessKey == "" || *secretKey == "" || *bucket == "" { 73 + fmt.Fprintln(os.Stderr, "Usage: s3-test [--env-file FILE] [--access-key KEY] [--secret-key KEY] [--bucket BUCKET] [--endpoint URL] [--region REGION] [--prefix PREFIX] [--verbose]") 74 + fmt.Fprintln(os.Stderr, "Env vars: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, S3_BUCKET, S3_REGION, S3_ENDPOINT") 75 + os.Exit(1) 76 + } 77 + 78 + fmt.Println("S3 Connectivity Diagnostic") 79 + fmt.Println("==========================") 80 + fmt.Printf("Endpoint: %s\n", valueOr(*endpoint, "(default AWS)")) 81 + fmt.Printf("Pull Zone: %s\n", valueOr(*pullZone, "(none)")) 82 + fmt.Printf("Region: %s\n", *region) 83 + fmt.Printf("AccessKey: %s...%s (%d chars)\n", (*accessKey)[:3], (*accessKey)[len(*accessKey)-3:], len(*accessKey)) 84 + fmt.Printf("SecretKey: %s...%s (%d chars)\n", (*secretKey)[:3], (*secretKey)[len(*secretKey)-3:], len(*secretKey)) 85 + fmt.Printf("Bucket: %s\n", *bucket) 86 + fmt.Printf("Prefix: %s\n", *prefix) 87 + fmt.Println() 88 + 89 + ctx := context.Background() 90 + results := make([]result, 0, 6) 91 + 92 + // Build SDK v1 client (SigV4) — matches distribution driver's New() 93 + v1Client := buildV1Client(*accessKey, *secretKey, *region, *endpoint, *verbose) 94 + 95 + // Test 1: SDK v1 SigV4 HeadBucket 96 + results = append(results, runTest("SDK v1 / SigV4 / HeadBucket", func() error { 97 + _, err := v1Client.HeadBucketWithContext(ctx, &s3v1.HeadBucketInput{ 98 + Bucket: awsv1.String(*bucket), 99 + }) 100 + return err 101 + })) 102 + 103 + // Test 2: SDK v1 SigV4 ListObjectsV2 104 + results = append(results, runTest("SDK v1 / SigV4 / ListObjectsV2", func() error { 105 + _, err := v1Client.ListObjectsV2WithContext(ctx, &s3v1.ListObjectsV2Input{ 106 + Bucket: awsv1.String(*bucket), 107 + Prefix: awsv1.String(*prefix), 108 + MaxKeys: awsv1.Int64(5), 109 + }) 110 + return err 111 + })) 112 + 113 + // Test 3: SDK v1 SigV4 ListObjectsV2Pages (paginated, matches doWalk) 114 + results = append(results, runTest("SDK v1 / SigV4 / ListObjectsV2Pages", func() error { 115 + return v1Client.ListObjectsV2PagesWithContext(ctx, &s3v1.ListObjectsV2Input{ 116 + Bucket: awsv1.String(*bucket), 117 + Prefix: awsv1.String(*prefix), 118 + MaxKeys: awsv1.Int64(5), 119 + }, func(page *s3v1.ListObjectsV2Output, lastPage bool) bool { 120 + return false // stop after first page 121 + }) 122 + })) 123 + 124 + // Build SDK v2 client — matches NewS3Service() 125 + v2Client := buildV2Client(ctx, *accessKey, *secretKey, *region, *endpoint) 126 + 127 + // Test 5: SDK v2 SigV4 HeadBucket 128 + results = append(results, runTest("SDK v2 / SigV4 / HeadBucket", func() error { 129 + _, err := v2Client.HeadBucket(ctx, &s3v2.HeadBucketInput{ 130 + Bucket: awsv2.String(*bucket), 131 + }) 132 + return err 133 + })) 134 + 135 + // Test 6: SDK v2 SigV4 ListObjectsV2 136 + results = append(results, runTest("SDK v2 / SigV4 / ListObjectsV2", func() error { 137 + _, err := v2Client.ListObjectsV2(ctx, &s3v2.ListObjectsV2Input{ 138 + Bucket: awsv2.String(*bucket), 139 + Prefix: awsv2.String(*prefix), 140 + MaxKeys: awsv2.Int32(5), 141 + }) 142 + return err 143 + })) 144 + 145 + // Find a real object key for GetObject / presigned URL tests 146 + var testKey string 147 + listOut, err := v2Client.ListObjectsV2(ctx, &s3v2.ListObjectsV2Input{ 148 + Bucket: awsv2.String(*bucket), 149 + Prefix: awsv2.String(*prefix), 150 + MaxKeys: awsv2.Int32(1), 151 + }) 152 + if err == nil && len(listOut.Contents) > 0 { 153 + testKey = *listOut.Contents[0].Key 154 + } 155 + 156 + if testKey == "" { 157 + fmt.Printf("\n (Skipping GetObject/Presigned tests — no objects found under prefix %q)\n", *prefix) 158 + } else { 159 + fmt.Printf("\n Test object: %s\n\n", testKey) 160 + 161 + // Test 7: SDK v1 GetObject (HEAD only) 162 + results = append(results, runTest("SDK v1 / SigV4 / HeadObject", func() error { 163 + _, err := v1Client.HeadObjectWithContext(ctx, &s3v1.HeadObjectInput{ 164 + Bucket: awsv1.String(*bucket), 165 + Key: awsv1.String(testKey), 166 + }) 167 + return err 168 + })) 169 + 170 + // Test 8: SDK v2 GetObject (HEAD only) 171 + results = append(results, runTest("SDK v2 / SigV4 / HeadObject", func() error { 172 + _, err := v2Client.HeadObject(ctx, &s3v2.HeadObjectInput{ 173 + Bucket: awsv2.String(*bucket), 174 + Key: awsv2.String(testKey), 175 + }) 176 + return err 177 + })) 178 + 179 + // Test 9: SDK v2 Presigned GET URL (generate + fetch) 180 + presignClient := s3v2.NewPresignClient(v2Client) 181 + results = append(results, runTest("SDK v2 / Presigned GET URL", func() error { 182 + presigned, err := presignClient.PresignGetObject(ctx, &s3v2.GetObjectInput{ 183 + Bucket: awsv2.String(*bucket), 184 + Key: awsv2.String(testKey), 185 + }, func(opts *s3v2.PresignOptions) { 186 + opts.Expires = 5 * time.Minute 187 + }) 188 + if err != nil { 189 + return fmt.Errorf("presign: %w", err) 190 + } 191 + if *verbose { 192 + // Show host + query params (no path to avoid leaking key structure) 193 + u, _ := url.Parse(presigned.URL) 194 + fmt.Printf("\n Presigned host: %s\n", u.Host) 195 + fmt.Printf(" Signed headers: %s\n", presigned.SignedHeader) 196 + } 197 + resp, err := http.Get(presigned.URL) 198 + if err != nil { 199 + return fmt.Errorf("fetch: %w", err) 200 + } 201 + body, _ := io.ReadAll(io.LimitReader(resp.Body, 1024)) 202 + resp.Body.Close() 203 + if resp.StatusCode != 200 { 204 + return fmt.Errorf("presigned URL returned %d: %s", resp.StatusCode, string(body)) 205 + } 206 + return nil 207 + })) 208 + 209 + // Pull zone presigned tests — sign against real endpoint, swap host to pull zone 210 + if *pullZone != "" { 211 + results = append(results, runTest("SDK v2 / Presigned GET via Pull Zone", func() error { 212 + presigned, err := presignClient.PresignGetObject(ctx, &s3v2.GetObjectInput{ 213 + Bucket: awsv2.String(*bucket), 214 + Key: awsv2.String(testKey), 215 + }, func(opts *s3v2.PresignOptions) { 216 + opts.Expires = 5 * time.Minute 217 + }) 218 + if err != nil { 219 + return fmt.Errorf("presign: %w", err) 220 + } 221 + pzURL := swapHost(presigned.URL, *pullZone) 222 + if *verbose { 223 + fmt.Printf("\n Signed against: %s\n", presigned.URL[:40]+"...") 224 + fmt.Printf(" Fetching from: %s\n", pzURL[:40]+"...") 225 + } 226 + resp, err := http.Get(pzURL) 227 + if err != nil { 228 + return fmt.Errorf("fetch: %w", err) 229 + } 230 + body, _ := io.ReadAll(io.LimitReader(resp.Body, 1024)) 231 + resp.Body.Close() 232 + if resp.StatusCode != 200 { 233 + return fmt.Errorf("pull zone GET returned %d: %s", resp.StatusCode, string(body)) 234 + } 235 + return nil 236 + })) 237 + 238 + } 239 + 240 + // Test 10: SDK v2 Presigned PUT URL (generate + upload empty) 241 + results = append(results, runTest("SDK v2 / Presigned PUT URL", func() error { 242 + putKey := *prefix + "/_s3-test-probe" 243 + presigned, err := presignClient.PresignPutObject(ctx, &s3v2.PutObjectInput{ 244 + Bucket: awsv2.String(*bucket), 245 + Key: awsv2.String(putKey), 246 + }, func(opts *s3v2.PresignOptions) { 247 + opts.Expires = 5 * time.Minute 248 + }) 249 + if err != nil { 250 + return fmt.Errorf("presign: %w", err) 251 + } 252 + req, err := http.NewRequestWithContext(ctx, http.MethodPut, presigned.URL, strings.NewReader("")) 253 + if err != nil { 254 + return fmt.Errorf("build request: %w", err) 255 + } 256 + req.Header.Set("Content-Length", "0") 257 + resp, err := http.DefaultClient.Do(req) 258 + if err != nil { 259 + return fmt.Errorf("fetch: %w", err) 260 + } 261 + resp.Body.Close() 262 + if resp.StatusCode != 200 { 263 + return fmt.Errorf("presigned PUT returned %d", resp.StatusCode) 264 + } 265 + // Clean up 266 + _, _ = v2Client.DeleteObject(ctx, &s3v2.DeleteObjectInput{ 267 + Bucket: awsv2.String(*bucket), 268 + Key: awsv2.String(putKey), 269 + }) 270 + return nil 271 + })) 272 + } 273 + 274 + // Print summary 275 + fmt.Println() 276 + fmt.Println("Summary") 277 + fmt.Println("=======") 278 + 279 + allPass := true 280 + for _, r := range results { 281 + status := "PASS" 282 + if !r.ok { 283 + status = "FAIL" 284 + allPass = false 285 + } 286 + fmt.Printf(" [%s] %s (%s)\n", status, r.name, r.duration.Round(time.Millisecond)) 287 + if !r.ok { 288 + fmt.Printf(" Error: %s\n", r.err) 289 + } 290 + } 291 + 292 + fmt.Println() 293 + if allPass { 294 + fmt.Println("Diagnosis: All tests passed. S3 connectivity is working with both SDKs.") 295 + } else { 296 + fmt.Println("Diagnosis: Some tests failed. Review errors above.") 297 + } 298 + } 299 + 300 + type result struct { 301 + name string 302 + ok bool 303 + err error 304 + duration time.Duration 305 + } 306 + 307 + func runTest(name string, fn func() error) result { 308 + fmt.Printf(" Testing: %s ... ", name) 309 + start := time.Now() 310 + err := fn() 311 + d := time.Since(start) 312 + if err != nil { 313 + fmt.Printf("FAIL (%s)\n", d.Round(time.Millisecond)) 314 + return result{name: name, ok: false, err: err, duration: d} 315 + } 316 + fmt.Printf("PASS (%s)\n", d.Round(time.Millisecond)) 317 + return result{name: name, ok: true, duration: d} 318 + } 319 + 320 + func loadEnvFile(path string) error { 321 + f, err := os.Open(path) 322 + if err != nil { 323 + return err 324 + } 325 + defer f.Close() 326 + 327 + scanner := bufio.NewScanner(f) 328 + for scanner.Scan() { 329 + line := strings.TrimSpace(scanner.Text()) 330 + if line == "" || strings.HasPrefix(line, "#") { 331 + continue 332 + } 333 + line = strings.TrimPrefix(line, "export ") 334 + k, v, ok := strings.Cut(line, "=") 335 + if !ok { 336 + continue 337 + } 338 + v = strings.Trim(v, `"'`) 339 + os.Setenv(strings.TrimSpace(k), strings.TrimSpace(v)) 340 + } 341 + return scanner.Err() 342 + } 343 + 344 + func envOr(key, fallback string) string { 345 + if v := os.Getenv(key); v != "" { 346 + return v 347 + } 348 + return fallback 349 + } 350 + 351 + func swapHost(presignedURL, pullZone string) string { 352 + parsed, err := url.Parse(presignedURL) 353 + if err != nil { 354 + return presignedURL 355 + } 356 + pz, err := url.Parse(pullZone) 357 + if err != nil { 358 + return presignedURL 359 + } 360 + parsed.Scheme = pz.Scheme 361 + parsed.Host = pz.Host 362 + return parsed.String() 363 + } 364 + 365 + func valueOr(s, fallback string) string { 366 + if s == "" { 367 + return fallback 368 + } 369 + return s 370 + } 371 + 372 + // buildV1Client constructs an SDK v1 S3 client identically to 373 + // distribution/distribution's s3-aws driver New() function. 374 + func buildV1Client(accessKey, secretKey, region, endpoint string, verbose bool) *s3v1.S3 { 375 + awsConfig := awsv1.NewConfig() 376 + 377 + if verbose { 378 + awsConfig.WithLogLevel(awsv1.LogDebugWithSigning) 379 + } 380 + 381 + awsConfig.WithCredentials(credentialsv1.NewStaticCredentials(accessKey, secretKey, "")) 382 + awsConfig.WithRegion(region) 383 + 384 + if endpoint != "" { 385 + awsConfig.WithEndpoint(endpoint) 386 + awsConfig.WithS3ForcePathStyle(true) 387 + } 388 + 389 + sess, err := session.NewSession(awsConfig) 390 + if err != nil { 391 + fmt.Fprintf(os.Stderr, "Failed to create SDK v1 session: %v\n", err) 392 + os.Exit(1) 393 + } 394 + 395 + return s3v1.New(sess) 396 + } 397 + 398 + // buildV2Client constructs an SDK v2 S3 client identically to 399 + // ATCR's NewS3Service() in pkg/s3/types.go. 400 + func buildV2Client(ctx context.Context, accessKey, secretKey, region, endpoint string) *s3v2.Client { 401 + cfg, err := configv2.LoadDefaultConfig(ctx, 402 + configv2.WithRegion(region), 403 + configv2.WithCredentialsProvider( 404 + credentialsv2.NewStaticCredentialsProvider(accessKey, secretKey, ""), 405 + ), 406 + ) 407 + if err != nil { 408 + fmt.Fprintf(os.Stderr, "Failed to load SDK v2 config: %v\n", err) 409 + os.Exit(1) 410 + } 411 + 412 + return s3v2.NewFromConfig(cfg, func(o *s3v2.Options) { 413 + if endpoint != "" { 414 + o.BaseEndpoint = awsv2.String(endpoint) 415 + o.UsePathStyle = true 416 + } 417 + }) 418 + }

+33

deploy/upcloud/cloudinit.go

··· 192 192 return buf.String(), nil 193 193 } 194 194 195 + // syncServiceUnit compares a rendered systemd service unit against what's on 196 + // the server. If they differ, it writes the new unit file. Returns true if the 197 + // unit was updated (caller should daemon-reload before restart). 198 + func syncServiceUnit(name, ip, serviceName, renderedUnit string) (bool, error) { 199 + unitPath := "/etc/systemd/system/" + serviceName + ".service" 200 + 201 + remote, err := runSSH(ip, fmt.Sprintf("cat %s 2>/dev/null || echo '__MISSING__'", unitPath), false) 202 + if err != nil { 203 + fmt.Printf(" service unit sync: could not reach %s (%v)\n", name, err) 204 + return false, nil 205 + } 206 + remote = strings.TrimSpace(remote) 207 + rendered := strings.TrimSpace(renderedUnit) 208 + 209 + if remote == "__MISSING__" { 210 + fmt.Printf(" service unit: %s not found (cloud-init will handle it)\n", name) 211 + return false, nil 212 + } 213 + 214 + if remote == rendered { 215 + fmt.Printf(" service unit: %s up to date\n", name) 216 + return false, nil 217 + } 218 + 219 + // Write the updated unit file 220 + script := fmt.Sprintf("cat > %s << 'SVCEOF'\n%s\nSVCEOF", unitPath, rendered) 221 + if _, err := runSSH(ip, script, false); err != nil { 222 + return false, fmt.Errorf("write service unit: %w", err) 223 + } 224 + fmt.Printf(" service unit: %s updated\n", name) 225 + return true, nil 226 + } 227 + 195 228 // syncConfigKeys fetches the existing config from a server and merges in any 196 229 // missing keys from the rendered template. Existing values are never overwritten. 197 230 func syncConfigKeys(name, ip, configPath, templateYAML string) error {

+1

deploy/upcloud/configs/hold.yaml.tmpl

··· 51 51 new_crew_tier: deckhand 52 52 scanner: 53 53 secret: "" 54 +

+65 -1

deploy/upcloud/update.go

··· 55 55 return err 56 56 } 57 57 58 + vals := configValsFromState(state) 59 + 58 60 targets := map[string]struct { 59 61 ip string 60 62 binaryName string 61 63 buildCmd string 62 64 serviceName string 63 65 healthURL string 66 + configTmpl string 67 + configPath string 68 + unitTmpl string 64 69 }{ 65 70 "appview": { 66 71 ip: state.Appview.PublicIP, ··· 68 73 buildCmd: "appview", 69 74 serviceName: naming.Appview(), 70 75 healthURL: "http://localhost:5000/health", 76 + configTmpl: appviewConfigTmpl, 77 + configPath: naming.AppviewConfigPath(), 78 + unitTmpl: appviewServiceTmpl, 71 79 }, 72 80 "hold": { 73 81 ip: state.Hold.PublicIP, ··· 75 83 buildCmd: "hold", 76 84 serviceName: naming.Hold(), 77 85 healthURL: "http://localhost:8080/xrpc/_health", 86 + configTmpl: holdConfigTmpl, 87 + configPath: naming.HoldConfigPath(), 88 + unitTmpl: holdServiceTmpl, 78 89 }, 79 90 } 80 91 ··· 92 103 t := targets[name] 93 104 fmt.Printf("Updating %s (%s)...\n", name, t.ip) 94 105 106 + // Sync config keys (adds missing keys from template, never overwrites) 107 + configYAML, err := renderConfig(t.configTmpl, vals) 108 + if err != nil { 109 + return fmt.Errorf("render %s config: %w", name, err) 110 + } 111 + if err := syncConfigKeys(name, t.ip, t.configPath, configYAML); err != nil { 112 + return fmt.Errorf("%s config sync: %w", name, err) 113 + } 114 + 115 + // Sync systemd service unit 116 + renderedUnit, err := renderServiceUnit(t.unitTmpl, serviceUnitParams{ 117 + DisplayName: naming.DisplayName(), 118 + User: naming.SystemUser(), 119 + BinaryPath: naming.InstallDir() + "/bin/" + t.binaryName, 120 + ConfigPath: t.configPath, 121 + DataDir: naming.BasePath(), 122 + ServiceName: t.serviceName, 123 + }) 124 + if err != nil { 125 + return fmt.Errorf("render %s service unit: %w", name, err) 126 + } 127 + unitChanged, err := syncServiceUnit(name, t.ip, t.serviceName, renderedUnit) 128 + if err != nil { 129 + return fmt.Errorf("%s service unit sync: %w", name, err) 130 + } 131 + 132 + daemonReload := "" 133 + if unitChanged { 134 + daemonReload = "systemctl daemon-reload" 135 + } 136 + 95 137 updateScript := fmt.Sprintf(`set -euo pipefail 96 138 export PATH=$PATH:/usr/local/go/bin 97 139 export GOTMPDIR=/var/tmp ··· 113 155 -ldflags="-s -w -linkmode external -extldflags '-static'" \ 114 156 -tags sqlite_omit_load_extension -trimpath \ 115 157 -o bin/%s ./cmd/%s 158 + %s 116 159 systemctl restart %s 117 160 118 161 sleep 2 119 162 curl -sf %s > /dev/null && echo "HEALTH_OK" || echo "HEALTH_FAIL" 120 - `, goVersion, naming.InstallDir(), branch, t.binaryName, t.buildCmd, t.serviceName, t.healthURL) 163 + `, goVersion, naming.InstallDir(), branch, t.binaryName, t.buildCmd, daemonReload, t.serviceName, t.healthURL) 121 164 122 165 output, err := runSSH(t.ip, updateScript, true) 123 166 if err != nil { ··· 137 180 } 138 181 139 182 return nil 183 + } 184 + 185 + // configValsFromState builds ConfigValues from persisted state. 186 + // S3SecretKey is intentionally left empty — syncConfigKeys only adds missing 187 + // keys and never overwrites, so the server's existing secret is preserved. 188 + func configValsFromState(state *InfraState) *ConfigValues { 189 + naming := state.Naming() 190 + _, baseDomain, _, _ := extractFromAppviewTemplate() 191 + holdDomain := state.Zone + ".cove." + baseDomain 192 + 193 + return &ConfigValues{ 194 + S3Endpoint: state.ObjectStorage.Endpoint, 195 + S3Region: state.ObjectStorage.Region, 196 + S3Bucket: state.ObjectStorage.Bucket, 197 + S3AccessKey: state.ObjectStorage.AccessKeyID, 198 + S3SecretKey: "", // not persisted in state; existing value on server is preserved 199 + Zone: state.Zone, 200 + HoldDomain: holdDomain, 201 + HoldDid: "did:web:" + holdDomain, 202 + BasePath: naming.BasePath(), 203 + } 140 204 } 141 205 142 206 func cmdSSH(target string) error {

+304 -461

docs/APPVIEW-UI-FUTURE.md

··· 1 - # ATCR AppView UI - Future Features 1 + # ATCR UI - Feature Roadmap 2 2 3 - This document outlines potential features for future versions of the ATCR AppView UI, beyond the V1 MVP. These are ideas to consider as the project matures and user needs evolve. 3 + This document tracks the status of ATCR features beyond the V1 MVP. Features are marked with their current status: 4 + 5 + - **DONE** — Fully implemented and shipping 6 + - **PARTIAL** — Some parts implemented 7 + - **BACKEND ONLY** — Backend exists, no UI yet 8 + - **NOT STARTED** — Future work 9 + - **BLOCKED** — Waiting on external dependency 10 + 11 + --- 12 + 13 + ## What's Already Built (not in original roadmap) 14 + 15 + These features were implemented but weren't in the original future features list: 16 + 17 + | Feature | Location | Notes | 18 + |---------|----------|-------| 19 + | **Billing (Stripe)** | `pkg/hold/billing/` | Checkout sessions, customer portal, subscription webhooks, tier upgrades. Build with `-tags billing`. | 20 + | **Garbage collection** | `pkg/hold/gc/` | Mark-and-sweep for orphaned blobs. Preview (dry-run) and execute modes. Triggered from hold admin UI. | 21 + | **libSQL embedded replicas** | AppView + Hold | Sync to Turso, Bunny DB, or self-hosted libsql-server. Configurable sync interval. | 22 + | **Hold successor/migration** | `pkg/hold/` | Promote a hold as successor to migrate users to new storage. | 23 + | **Relay management** | Hold admin | Manage firehose relay connections from admin panel. | 24 + | **Data export** | `pkg/appview/handlers/export.go` | GDPR-compliant export of all user data from AppView + all holds where user is member/captain. | 25 + | **Dark/light mode** | AppView UI | System preference detection, toggle, localStorage persistence. | 26 + | **Credential helper install page** | `/install` | Install scripts for macOS/Linux/Windows, version API. | 27 + | **Stars** | AppView UI | Star/unstar repos stored as `io.atcr.star` ATProto records, counts displayed. | 28 + 29 + --- 4 30 5 31 ## Advanced Image Management 6 32 7 - ### Multi-Architecture Image Support 33 + ### Multi-Architecture Image Support — DONE (display) / NOT STARTED (creation) 8 34 9 - **Display image indexes:** 10 - - Show when a tag points to an image index (multi-arch manifest) 11 - - Display all architectures/platforms in the index (linux/amd64, linux/arm64, darwin/arm64, etc.) 35 + **Display image indexes — DONE:** 36 + - Show when a tag points to an image index (multi-arch manifest) — `IsMultiArch` flag, "Multi-arch" badge 37 + - Display all architectures/platforms in the index — platform badges (e.g., linux/amd64, linux/arm64) 12 38 - Allow viewing individual manifests within the index 13 - - Show platform-specific layer details 39 + - Show platform-specific details 14 40 15 - **Image index creation:** 41 + **Image index creation — NOT STARTED:** 16 42 - UI for combining multiple single-arch manifests into an image index 17 43 - Automatic platform detection from manifest metadata 18 44 - Validate that all manifests are for the same image (different platforms) 19 45 20 - ### Layer Inspection & Visualization 46 + ### Layer Inspection & Visualization — NOT STARTED 47 + 48 + DB stores layer metadata (digest, size, media type, layer index) but there's no UI for any of this. 21 49 22 50 **Layer details page:** 23 51 - Show Dockerfile command that created each layer (if available in history) ··· 30 58 - Calculate storage savings from layer sharing 31 59 - Identify duplicate layers with different digests (potential optimization) 32 60 33 - ### Image Operations 61 + ### Image Operations — PARTIAL (delete only) 34 62 35 - **Tag Management:** 36 - - **Tag promotion workflow:** dev → staging → prod with one click 37 - - **Tag aliases:** Create multiple tags pointing to same digest 38 - - **Tag patterns:** Auto-tag based on git commit, semantic version, date 39 - - **Tag protection:** Mark tags as immutable (prevent deletion/re-pointing) 63 + **Tag/manifest deletion — DONE:** 64 + - Delete tags with `DeleteTagHandler` (cascade + confirmation modal) 65 + - Delete manifests with `DeleteManifestHandler` (handles tagged manifests gracefully) 40 66 41 - **Image Copying:** 67 + **Tag Management — NOT STARTED:** 68 + - Tag promotion workflow (dev → staging → prod) 69 + - Tag aliases (multiple tags → same digest) 70 + - Tag patterns (auto-tag based on git commit, semantic version, date) 71 + - Tag protection (mark tags as immutable) 72 + 73 + **Image Copying — NOT STARTED:** 42 74 - Copy image from one repository to another 43 75 - Copy image from another user's repository (fork) 44 - - Bulk copy operations (copy all tags, copy all manifests) 76 + - Bulk copy operations 45 77 46 - **Image History:** 47 - - Timeline view of tag changes (what digest did "latest" point to over time) 48 - - Rollback functionality (revert tag to previous digest) 49 - - Audit log of all image operations (push, delete, tag changes) 78 + **Image History — NOT STARTED:** 79 + - Timeline view of tag changes 80 + - Rollback functionality 81 + - Audit log of image operations 50 82 51 - ### Vulnerability Scanning 83 + ### Vulnerability Scanning — DONE (backend) / NOT STARTED (UI) 52 84 53 - **Integration with security scanners:** 54 - - **Trivy** - Comprehensive vulnerability scanner 55 - - **Grype** - Anchore's vulnerability scanner 56 - - **Clair** - CoreOS vulnerability scanner 85 + **Backend — DONE:** 86 + - Separate scanner service (`scanner/` module) with Syft (SBOM) + Grype (vulnerabilities) 87 + - WebSocket-based job queue connecting scanner to hold service 88 + - Priority queue with tier-based scheduling (quartermaster > bosun > deckhand) 89 + - Scan results stored as ORAS artifacts in S3, referenced in hold PDS 90 + - Automatic scanning dispatched by hold on manifest push 91 + - See `docs/SBOM_SCANNING.md` 57 92 58 - **Features:** 59 - - Automatic scanning on image push 93 + **AppView UI — NOT STARTED:** 60 94 - Display CVE count by severity (critical, high, medium, low) 61 95 - Show detailed CVE information (description, CVSS score, affected packages) 62 96 - Filter images by vulnerability status 63 97 - Subscribe to CVE notifications for your images 64 98 - Compare vulnerability status across tags/versions 65 99 66 - ### Image Signing & Verification 100 + ### Image Signing & Verification — NOT STARTED 67 101 68 - **Cosign/Sigstore integration:** 69 - - Sign images with Cosign 70 - - Display signature verification status 71 - - Show keyless signing certificate chains 72 - - Integrate with transparency log (Rekor) 102 + Concept doc exists at `docs/SIGNATURE_INTEGRATION.md` but no implementation. 73 103 74 - **Features:** 75 - - UI for signing images (generate key, sign manifest) 76 - - Verify signatures before pull (browser-based verification) 77 - - Display signature metadata (signer, timestamp, transparency log entry) 104 + - Sign images 105 + - Display signature verification status 106 + - Display signature metadata 78 107 - Require signatures for protected repositories 79 108 80 - ### SBOM (Software Bill of Materials) 109 + ### SBOM (Software Bill of Materials) — DONE (backend) / NOT STARTED (UI) 81 110 82 - **SBOM generation and display:** 83 - - Generate SBOM on push (SPDX or CycloneDX format) 111 + **Backend — DONE:** 112 + - Syft generates SPDX JSON format SBOMs 113 + - Stored as ORAS artifacts (referenced via `artifactType: "application/spdx+json"`) 114 + - Blobs in S3, metadata in hold's PDS 115 + - Accessible via ORAS CLI and hold XRPC endpoints 116 + 117 + **UI — NOT STARTED:** 84 118 - Display package list from SBOM 85 119 - Show license information 86 120 - Link to upstream package sources 87 - - Compare SBOMs across versions (what packages changed) 121 + - Compare SBOMs across versions 88 122 89 - **SBOM attestation:** 90 - - Store SBOM as attestation (in-toto format) 91 - - Link SBOM to image signature 92 - - Verify SBOM integrity 123 + --- 93 124 94 - ## Hold Management Dashboard 125 + ## Hold Management Dashboard — DONE (on hold admin panel) 95 126 96 - ### Hold Discovery & Registration 127 + Hold management is implemented as a separate admin panel on the hold service itself (`pkg/hold/admin/`), not in the AppView UI. This makes sense architecturally — hold owners manage their own holds. 97 128 98 - **Create hold:** 99 - - UI wizard for deploying hold service 100 - - One-click deployment to Fly.io, Railway, Render 101 - - Configuration generator (environment variables, docker-compose) 102 - - Test connectivity after deployment 129 + ### Hold Discovery & Registration — PARTIAL 103 130 104 - **Hold registration:** 105 - - Automatic registration via OAuth (already implemented) 106 - - Manual registration form (for existing holds) 107 - - Bulk import holds from JSON/YAML 131 + **Hold registration — DONE:** 132 + - Automatic registration on hold startup (captain + crew records created in embedded PDS) 133 + - Auto-detection of region from cloud metadata 108 134 109 - ### Hold Configuration 135 + **NOT STARTED:** 136 + - UI wizard for deploying hold service 137 + - One-click deployment to cloud platforms 138 + - Configuration generator 139 + - Test connectivity UI 110 140 111 - **Hold settings page:** 112 - - Edit hold metadata (name, description, icon) 141 + ### Hold Configuration — DONE (admin panel) 142 + 143 + **Hold settings — DONE (hold admin):** 113 144 - Toggle public/private flag 114 - - Configure storage backend (S3, Storj, Minio, filesystem) 115 - - Set storage quotas and limits 116 - - Configure retention policies (auto-delete old blobs) 145 + - Toggle allow-all-crew 146 + - Toggle Bluesky post announcements 147 + - Set successor hold DID for migration 148 + - Writes changes back to YAML config file 117 149 118 - **Hold credentials:** 119 - - Rotate S3 access keys 120 - - Test hold connectivity 121 - - View hold service logs (if accessible) 150 + **Storage config — YAML-only:** 151 + - S3 credentials, region, bucket, endpoint, CDN pull zone all configured via YAML 152 + - No UI for editing S3 credentials or rotating keys 122 153 123 - ### Crew Management 154 + **Quotas — DONE (read-only UI):** 155 + - Tier-based limits (deckhand 5GB, bosun 50GB, quartermaster 100GB) 156 + - Per-user quota tracking and display in admin 157 + - Not editable via UI (requires YAML change) 124 158 125 - **Invite crew members:** 126 - - Send invitation links (OAuth-based) 127 - - Invite by handle or DID 128 - - Set crew permissions (read-only, read-write, admin) 129 - - Bulk invite (upload CSV) 159 + **NOT STARTED:** 160 + - Retention policies (auto-delete old blobs) 161 + - Hold service log viewer 130 162 131 - **Crew list:** 132 - - Display all crew members 133 - - Show last activity (last push, last pull) 163 + ### Crew Management — DONE (hold admin panel) 164 + 165 + **Implemented in `pkg/hold/admin/handlers_crew.go`:** 166 + - Add crew by DID with role, permissions (`blob:read`, `blob:write`, `crew:admin`), and tier 167 + - Crew list showing handle, role, permissions, tier, usage, quota 168 + - Edit crew permissions and tier 134 169 - Remove crew members 135 - - Change crew permissions 170 + - Bulk JSON import/export with deduplication (`handlers_crew_io.go`) 136 171 137 - **Crew request workflow:** 138 - - Allow users to request access to a hold 139 - - Hold owner approves/rejects requests 140 - - Notification system for requests 172 + **NOT STARTED:** 173 + - Invitation links (OAuth-based, currently must know DID) 174 + - Invite by handle (currently DID-only) 175 + - Crew request workflow (users can't self-request access) 176 + - Approval/rejection flow 141 177 142 - ### Hold Analytics 178 + ### Hold Analytics — PARTIAL 143 179 144 - **Storage metrics:** 145 - - Total storage used (bytes) 146 - - Blob count 147 - - Largest blobs 148 - - Growth over time (chart) 149 - - Deduplication savings 180 + **Storage metrics — DONE (hold admin):** 181 + - Total blobs, total size, unique digests 182 + - Per-user quota stats (total size, blob count) 183 + - Top users by storage (lazy-loaded HTMX partial) 184 + - Crew count and tier distribution 150 185 151 - **Access metrics:** 152 - - Total downloads (pulls) 153 - - Bandwidth used 154 - - Popular images (most pulled) 155 - - Geographic distribution (if available) 156 - - Access logs (who pulled what, when) 186 + **NOT STARTED:** 187 + - Access metrics (downloads, pulls, bandwidth) 188 + - Growth over time charts 189 + - Cost estimation 190 + - Geographic distribution 191 + - Access logs 157 192 158 - **Cost estimation:** 159 - - Calculate S3 storage costs 160 - - Calculate bandwidth costs 161 - - Compare costs across storage backends 162 - - Budget alerts (notify when approaching limit) 193 + --- 163 194 164 195 ## Discovery & Social Features 165 196 166 - ### Federated Browse & Search 197 + ### Federated Browse & Search — PARTIAL 167 198 168 - **Enhanced discovery:** 169 - - Full-text search across all ATCR images (repository name, tag, description) 199 + **Basic search — DONE:** 200 + - Full-text search across handles, DIDs, repo names, and annotations 201 + - Search UI with HTMX lazy loading and pagination 202 + - Navigation bar search component 203 + 204 + **NOT STARTED:** 170 205 - Filter by user, hold, architecture, date range 171 206 - Sort by popularity, recency, size 172 - - Advanced query syntax (e.g., "user:alice tag:latest arch:arm64") 173 - 174 - **Popular/Trending:** 175 - - Most pulled images (past day, week, month) 176 - - Fastest growing images (new pulls) 177 - - Recently updated images (new tags) 178 - - Community favorites (curated list) 207 + - Advanced query syntax 208 + - Popular/trending images 209 + - Categories and user-defined tags 179 210 180 - **Categories & Tags:** 181 - - User-defined categories (web, database, ml, etc.) 182 - - Tag images with keywords (nginx, proxy, reverse-proxy) 183 - - Browse by category 184 - - Tag cloud visualization 211 + ### Sailor Profiles — PARTIAL 185 212 186 - ### Sailor Profiles (Public) 213 + **Public profile page — DONE:** 214 + - `/u/{handle}` shows user's avatar, handle, DID, and all public repositories 215 + - OpenGraph meta tags and JSON-LD structured data 187 216 188 - **Public profile page:** 189 - - `/ui/@alice` shows alice's public repositories 190 - - Bio, avatar, website links 217 + **NOT STARTED:** 218 + - Bio/description field 219 + - Website links 191 220 - Statistics (total images, total pulls, joined date) 192 - - Pinned repositories (showcase best images) 221 + - Pinned/featured repositories 193 222 194 - **Social features:** 195 - - Follow other sailors (get notified of their pushes) 196 - - Star repositories (bookmark favorites) 197 - - Comment on images (feedback, questions) 198 - - Like/upvote images 223 + ### Social Features — PARTIAL (stars only) 199 224 200 - **Activity feed:** 201 - - Timeline of followed sailors' activity 202 - - Recent pushes from community 203 - - Popular images from followed users 225 + **Stars — DONE:** 226 + - Star/unstar repositories stored as `io.atcr.star` ATProto records 227 + - Star counts displayed on repository pages 204 228 205 - ### Federated Timeline 229 + **NOT STARTED:** 230 + - Follow other sailors 231 + - Comment on images 232 + - Like/upvote images 233 + - Activity feed 234 + - Federated timeline / custom feeds 235 + - Sharing to Bluesky/ATProto social apps 206 236 207 - **ATProto-native feed:** 208 - - Real-time feed of container pushes (like Bluesky's timeline) 209 - - Filter by follows, community, or global 210 - - React to pushes (like, share, comment) 211 - - Share images to Bluesky/ATProto social apps 212 - 213 - **Custom feeds:** 214 - - Create algorithmic feeds (e.g., "Show me all ML images") 215 - - Subscribe to curated feeds 216 - - Publish feeds for others to subscribe 237 + --- 217 238 218 239 ## Access Control & Permissions 219 240 220 - ### Repository-Level Permissions 241 + ### Hold-Level Access Control — DONE 221 242 222 - **Private repositories:** 223 - - Mark repositories as private (only owner + collaborators can pull) 224 - - Invite collaborators by handle/DID 225 - - Set permissions (read-only, read-write, admin) 243 + - Public/private hold toggle (admin UI + OCI enforcement) 244 + - Crew permissions: `blob:read`, `blob:write`, `crew:admin` 245 + - `blob:write` implicitly grants `blob:read` 246 + - Captain has all permissions implicitly 247 + - See `docs/BYOS.md` 226 248 227 - **Public repositories:** 228 - - Default: public (anyone can pull) 229 - - Require authentication for private repos 230 - - Generate read-only tokens (for CI/CD) 249 + ### Repository-Level Permissions — BLOCKED 231 250 232 - **Implementation challenge:** 233 - - ATProto doesn't support private records yet 234 - - May require proxy layer for access control 235 - - Or use encrypted blobs with shared keys 251 + - **Private repositories blocked by ATProto** — no private records support yet 252 + - Repository-level permissions, collaborator invites, read-only tokens all depend on this 253 + - May require proxy layer or encrypted blobs when ATProto adds private record support 236 254 237 - ### Team/Organization Accounts 255 + ### Team/Organization Accounts — NOT STARTED 238 256 239 - **Multi-user organizations:** 240 - - Create organization account (e.g., `@acme-corp`) 241 - - Add members with roles (owner, maintainer, member) 242 - - Organization-owned repositories 243 - - Billing and quotas at org level 257 + - Organization accounts, RBAC, SSO, audit logs 258 + - Likely a later-stage feature 244 259 245 - **Features:** 246 - - Team-based access control 247 - - Shared hold for organization 248 - - Audit logs for all org activity 249 - - Single sign-on (SSO) integration 260 + --- 250 261 251 262 ## Analytics & Monitoring 252 263 253 - ### Dashboard 264 + ### Dashboard — PARTIAL 254 265 255 - **Personal dashboard:** 256 - - Overview of your images, holds, activity 257 - - Quick stats (total size, pull count, last push) 258 - - Recent activity (your pushes, pulls) 259 - - Alerts and notifications 266 + **Hold dashboard — DONE (hold admin):** 267 + - Storage usage, crew count, tier distribution 260 268 261 - **Hold dashboard:** 262 - - Storage usage, bandwidth, costs 263 - - Active crew members 264 - - Recent uploads/downloads 265 - - Health status of hold service 269 + **Personal dashboard — NOT STARTED:** 270 + - Overview of your images, holds, activity 271 + - Quick stats, recent activity, alerts 266 272 267 - ### Pull Analytics 273 + ### Pull Analytics — NOT STARTED 268 274 269 - **Detailed metrics:** 270 275 - Pull count per image/tag 271 - - Pull count by client (Docker, containerd, podman) 272 - - Pull count by geography (country, region) 273 - - Pull count over time (chart) 274 - - Failed pulls (errors, retries) 276 + - Pull count by client, geography, over time 277 + - User analytics (authenticated vs anonymous) 275 278 276 - **User analytics:** 277 - - Who is pulling your images (if authenticated) 278 - - Anonymous vs authenticated pulls 279 - - Repeat users vs new users 279 + ### Alerts & Notifications — NOT STARTED 280 280 281 - ### Alerts & Notifications 281 + - Alert types (quota exceeded, vulnerability detected, hold down, etc.) 282 + - Notification channels (email, webhook, ATProto, Slack/Discord) 282 283 283 - **Alert types:** 284 - - Storage quota exceeded 285 - - High bandwidth usage 286 - - New vulnerability detected 287 - - Image signature invalid 288 - - Hold service down 289 - - Crew member joined/left 290 - 291 - **Notification channels:** 292 - - Email 293 - - Webhook (POST to custom URL) 294 - - ATProto app notification (future: in-app notifications in Bluesky) 295 - - Slack, Discord, Telegram integrations 284 + --- 296 285 297 286 ## Developer Tools & Integrations 298 287 299 - ### API Documentation 300 - 301 - **Interactive API docs:** 302 - - Swagger/OpenAPI spec for OCI API 303 - - Swagger/OpenAPI spec for UI API 304 - - Interactive API explorer (try API calls in browser) 305 - - Code examples in multiple languages (curl, Go, Python, JavaScript) 288 + ### Credential Helper — DONE 306 289 307 - **SDK/Client Libraries:** 308 - - Official Go client library 309 - - JavaScript/TypeScript client 310 - - Python client 311 - - Rust client 290 + - Install page at `/install` with shell scripts 291 + - Version API endpoint for automatic updates 312 292 313 - ### Webhooks 293 + ### API Documentation — NOT STARTED 314 294 315 - **Webhook configuration:** 316 - - Register webhook URLs per repository 317 - - Select events to trigger (push, delete, tag update) 318 - - Test webhooks (send test payload) 319 - - View webhook delivery history 320 - - Retry failed deliveries 295 + - Swagger/OpenAPI specs 296 + - Interactive API explorer 297 + - Code examples, SDKs 321 298 322 - **Webhook events:** 323 - - `manifest.pushed` 324 - - `manifest.deleted` 325 - - `tag.created` 326 - - `tag.updated` 327 - - `tag.deleted` 328 - - `scan.completed` (vulnerability scan finished) 299 + ### Webhooks — NOT STARTED 329 300 330 - ### CI/CD Integration Guides 301 + - Repository-level webhook registration 302 + - Events: manifest.pushed, tag.created, scan.completed, etc. 303 + - Test, retry, delivery history 331 304 332 - **Documentation for popular CI/CD platforms:** 333 - - GitHub Actions (example workflows) 334 - - GitLab CI (.gitlab-ci.yml examples) 335 - - CircleCI (config.yml examples) 336 - - Jenkins (Jenkinsfile examples) 337 - - Drone CI 305 + ### CI/CD Integration — NOT STARTED 338 306 339 - **Features:** 340 - - One-click workflow generation 341 - - Pre-built actions/plugins for ATCR 342 - - Cache layer optimization for faster builds 343 - - Build status badges (show build status in README) 307 + - GitHub Actions, GitLab CI, CircleCI example workflows 308 + - Pre-built actions/plugins 309 + - Build status badges 344 310 345 - ### Infrastructure as Code 311 + ### Infrastructure as Code — PARTIAL 346 312 347 - **IaC examples:** 348 - - Terraform module for deploying hold service 349 - - Pulumi program for ATCR infrastructure 350 - - Kubernetes manifests for hold service 351 - - Docker Compose for local development 352 - - Helm chart for AppView + hold 313 + **DONE:** 314 + - Custom UpCloud deployment tool (`deploy/upcloud/`) with Go-based provisioning, cloud-init, systemd, config templates 315 + - Docker Compose for dev and production 353 316 354 - **GitOps workflows:** 355 - - ArgoCD integration (deploy images from ATCR) 356 - - FluxCD integration 357 - - Automated deployments on tag push 317 + **NOT STARTED:** 318 + - Terraform modules 319 + - Helm charts 320 + - Kubernetes manifests (only an example verification webhook exists) 321 + - GitOps integrations (ArgoCD, FluxCD) 358 322 359 - ## Documentation & Onboarding 323 + --- 360 324 361 - ### Interactive Getting Started 325 + ## Documentation & Onboarding — PARTIAL 362 326 363 - **Onboarding wizard:** 364 - - Step-by-step guide for first-time users 365 - - Interactive tutorial (push your first image) 366 - - Verify setup (test authentication, test push/pull) 367 - - Completion checklist 327 + **DONE:** 328 + - Install page with credential helper setup 329 + - Learn more page 330 + - Internal developer docs (`docs/`) 368 331 369 - **Guided tours:** 370 - - Product tour of UI features 371 - - Tooltips and hints for new users 332 + **NOT STARTED:** 333 + - Interactive onboarding wizard 334 + - Product tour / tooltips 372 335 - Help center with FAQs 336 + - Video tutorials 337 + - Comprehensive user-facing documentation site 373 338 374 - ### Comprehensive Documentation 375 - 376 - **Documentation sections:** 377 - - Quickstart guide 378 - - Detailed user manual 379 - - API reference 380 - - ATProto record schemas 381 - - Deployment guides (hold service, AppView) 382 - - Troubleshooting guide 383 - - Security best practices 384 - 385 - **Video tutorials:** 386 - - YouTube channel with how-to videos 387 - - Screen recordings of common tasks 388 - - Conference talks and demos 389 - 390 - ### Community & Support 391 - 392 - **Community features:** 393 - - Discussion forum (or integrate with Discourse) 394 - - GitHub Discussions for ATCR project 395 - - Discord/Slack community 396 - - Monthly community calls 397 - 398 - **Support channels:** 399 - - Email support 400 - - Live chat (for paid tiers) 401 - - Priority support (for enterprise) 339 + --- 402 340 403 341 ## Advanced ATProto Integration 404 342 405 - ### Record Viewer 343 + ### Data Export — DONE 406 344 407 - **ATProto record browser:** 408 - - Browse all your `io.atcr.*` records 409 - - Raw JSON view with ATProto metadata (CID, commit info, timestamp) 410 - - Diff viewer for record updates 411 - - History view (see all versions of a record) 412 - - Link to ATP URI (`at://did/collection/rkey`) 345 + - GDPR-compliant data export (`ExportUserDataHandler`) 346 + - Fetches data from AppView DB + all holds where user is member/captain 413 347 414 - **Export/Import:** 415 - - Export all records as JSON (backup) 416 - - Import records from JSON (restore, migration) 417 - - CAR file export (ATProto native format) 348 + ### Record Viewer — NOT STARTED 418 349 419 - ### PDS Integration 350 + - Browse `io.atcr.*` records with raw JSON view 351 + - Record history, diff viewer 352 + - ATP URI links 420 353 421 - **Multi-PDS support:** 422 - - Switch between multiple PDS accounts 423 - - Manage images across different PDSs 424 - - Unified view of all your images (across PDSs) 425 - 426 - **PDS health monitoring:** 427 - - Show PDS connection status 428 - - Alert if PDS is unreachable 429 - - Fallback to alternate PDS (if configured) 430 - 431 - **PDS migration tools:** 432 - - Migrate images from one PDS to another 433 - - Bulk update hold endpoints 434 - - Re-sign OAuth tokens for new PDS 435 - 436 - ### Decentralization Features 437 - 438 - **Data sovereignty:** 439 - - "Verify on PDS" button (proves manifest is in your PDS) 440 - - "Clone my registry" guide (backup to another PDS) 441 - - "Export registry" (download all manifests + metadata) 354 + ### PDS Integration — NOT STARTED 442 355 443 - **Federation:** 444 - - Cross-AppView image pulls (pull from other ATCR AppViews) 445 - - AppView discovery (find other ATCR instances) 446 - - Federated search (search across multiple AppViews) 447 - 448 - ## Enterprise Features (Future Commercial Offering) 449 - 450 - ### Team Collaboration 451 - 452 - **Organizations:** 453 - - Enterprise org accounts with unlimited members 454 - - RBAC (role-based access control) 455 - - SSO integration (SAML, OIDC) 456 - - Audit logs for compliance 457 - 458 - ### Compliance & Security 459 - 460 - **Compliance tools:** 461 - - SOC 2 compliance reporting 462 - - HIPAA-compliant storage options 463 - - GDPR data export/deletion 464 - - Retention policies (auto-delete after N days) 465 - 466 - **Security features:** 467 - - Image scanning with policy enforcement (block vulnerable images) 468 - - Malware scanning (scan blobs for malware) 469 - - Secrets scanning (detect leaked credentials in layers) 470 - - Content trust (require signed images) 356 + - Multi-PDS support, PDS health monitoring 357 + - PDS migration tools 358 + - "Verify on PDS" button 471 359 472 - ### SLA & Support 360 + ### Federation — NOT STARTED 473 361 474 - **Paid tiers:** 475 - - Free tier: 5GB storage, community support 476 - - Pro tier: 100GB storage, email support, SLA 477 - - Enterprise tier: Unlimited storage, priority support, dedicated instance 362 + - Cross-AppView image pulls 363 + - AppView discovery 364 + - Federated search 478 365 479 - **Features:** 480 - - Guaranteed uptime (99.9%) 481 - - Premium support (24/7, faster response) 482 - - Dedicated account manager 483 - - Custom contract terms 366 + --- 484 367 485 368 ## UI/UX Enhancements 486 369 487 - ### Design System 370 + ### Theming — PARTIAL 488 371 489 - **Theming:** 490 - - Light and dark modes (system preference) 491 - - Custom themes (nautical, cyberpunk, minimalist) 492 - - Accessibility (WCAG 2.1 AA compliance) 372 + **DONE:** 373 + - Light/dark mode with system preference detection and toggle 374 + - Responsive design (Tailwind/DaisyUI, mobile-friendly) 375 + - PWA manifest with icons (no service worker yet) 376 + 377 + **NOT STARTED:** 378 + - Custom themes 379 + - WCAG 2.1 AA accessibility audit 493 380 - High contrast mode 381 + - Internationalization (i18n) 382 + - Native mobile apps 494 383 495 - **Responsive design:** 496 - - Mobile-first design 497 - - Progressive web app (PWA) with offline support 498 - - Native mobile apps (iOS, Android) 384 + ### Performance — PARTIAL 499 385 500 - ### Performance Optimizations 386 + **DONE:** 387 + - HTMX lazy loading for data-heavy partials 388 + - Efficient server-side rendering 501 389 502 - **Frontend optimizations:** 503 - - Lazy loading for images and data 390 + **NOT STARTED:** 391 + - Service worker for offline caching 504 392 - Virtual scrolling for large lists 505 - - Service worker for caching 506 - - Code splitting (load only what's needed) 393 + - GraphQL API 394 + - Real-time WebSocket updates in UI 507 395 508 - **Backend optimizations:** 509 - - GraphQL API (fetch only required fields) 510 - - Real-time updates via WebSocket 511 - - Server-sent events for firehose 512 - - Edge caching (CloudFlare, Fastly) 396 + --- 513 397 514 - ### Internationalization 398 + ## Enterprise Features — NOT STARTED (except billing) 515 399 516 - **Multi-language support:** 517 - - UI translations (English, Spanish, French, German, Japanese, Chinese, etc.) 518 - - RTL (right-to-left) language support 519 - - Localized date/time formats 520 - - Locale-specific formatting (numbers, currencies) 400 + ### Billing — DONE 521 401 522 - ## Miscellaneous Ideas 402 + - Stripe integration (`pkg/hold/billing/`, requires `-tags billing` build tag) 403 + - Checkout sessions, customer portal, subscription webhooks 404 + - Tier upgrades/downgrades 523 405 524 - ### Image Build Service 406 + ### Everything Else — NOT STARTED 525 407 526 - **Cloud-based builds:** 527 - - Build images from Dockerfile in the UI 528 - - Multi-stage build support 529 - - Build cache optimization 530 - - Build logs and status 408 + - Organization accounts with SSO (SAML, OIDC) 409 + - RBAC, audit logs for compliance 410 + - SOC 2, HIPAA, GDPR compliance tooling (data export exists, see above) 411 + - Image scanning policy enforcement 412 + - Paid tier SLAs 531 413 532 - **Automated builds:** 533 - - Connect GitHub/GitLab repository 534 - - Auto-build on git push 535 - - Build matrix (multiple architectures, versions) 536 - - Build notifications 414 + --- 537 415 538 - ### Image Registry Mirroring 416 + ## Miscellaneous Ideas — NOT STARTED 539 417 540 - **Mirror external registries:** 541 - - Cache images from Docker Hub, ghcr.io, quay.io 542 - - Transparent proxy (pull-through cache) 543 - - Reduce external bandwidth costs 544 - - Faster pulls (cache locally) 418 + These remain future ideas with no implementation: 545 419 546 - **Features:** 547 - - Configurable cache retention 548 - - Whitelist/blacklist registries 549 - - Statistics (cache hit rate, savings) 420 + - **Image build service** — Cloud-based Dockerfile builds 421 + - **Registry mirroring** — Pull-through cache for Docker Hub, ghcr.io, etc. 422 + - **Deployment tools** — One-click deploy to K8s, ECS, Fly.io 423 + - **Image recommendations** — ML-based "similar images" and "people also pulled" 424 + - **Gamification** — Achievement badges, leaderboards 425 + - **Advanced search** — Semantic/AI-powered search, saved searches 550 426 551 - ### Deployment Tools 427 + --- 552 428 553 - **One-click deployments:** 554 - - Deploy image to Kubernetes 555 - - Deploy to Docker Swarm 556 - - Deploy to AWS ECS/Fargate 557 - - Deploy to Fly.io, Railway, Render 429 + ## Updated Priority List 558 430 559 - **Deployment tracking:** 560 - - Track where images are deployed 561 - - Show running versions (which environments use which tags) 562 - - Notify on new deployments 431 + **Already done (was "High Priority"):** 432 + 1. ~~Multi-architecture image support~~ — display working 433 + 2. ~~Vulnerability scanning integration~~ — backend complete 434 + 3. ~~Hold management dashboard~~ — implemented on hold admin panel 435 + 4. ~~Basic search~~ — working 563 436 564 - ### Image Recommendations 437 + **Remaining high priority:** 438 + 1. Scan results UI in AppView (backend exists, just needs frontend) 439 + 2. SBOM display UI in AppView (backend exists, just needs frontend) 440 + 3. Webhooks for CI/CD integration 441 + 4. Enhanced search (filters, sorting, advanced queries) 442 + 5. Richer sailor profiles (bio, stats, pinned repos) 565 443 566 - **ML-based recommendations:** 567 - - "Similar images" (based on layers, packages, tags) 568 - - "People who pulled this also pulled..." (collaborative filtering) 569 - - "Recommended for you" (personalized based on history) 444 + **Medium priority:** 445 + 1. Layer inspection UI 446 + 2. Pull analytics and monitoring 447 + 3. API documentation (Swagger/OpenAPI) 448 + 4. Tag management (promotion, protection, aliases) 449 + 5. Onboarding wizard / getting started guide 570 450 571 - ### Gamification 572 - 573 - **Achievements:** 574 - - Badges for milestones (first push, 100 pulls, 1GB storage, etc.) 575 - - Leaderboards (most popular images, most active sailors) 576 - - Community contributions (points for helping others) 577 - 578 - ### Advanced Search 579 - 580 - **Semantic search:** 581 - - Search by description, README, labels 582 - - Natural language queries ("show me nginx images with SSL") 583 - - AI-powered search (GPT-based understanding) 584 - 585 - **Saved searches:** 586 - - Save frequently used queries 587 - - Subscribe to search results (get notified of new matches) 588 - - Share searches with team 589 - 590 - ## Implementation Priority 591 - 592 - If implementing these features, suggested priority order: 593 - 594 - **High Priority (Next 6 months):** 595 - 1. Multi-architecture image support 596 - 2. Vulnerability scanning integration 597 - 3. Hold management dashboard 598 - 4. Enhanced search and filtering 599 - 5. Webhooks for CI/CD integration 600 - 601 - **Medium Priority (6-12 months):** 451 + **Low priority / long-term:** 602 452 1. Team/organization accounts 603 - 2. Repository-level permissions 604 - 3. Image signing and verification 605 - 4. Pull analytics and monitoring 606 - 5. API documentation and SDKs 607 - 608 - **Low Priority (12+ months):** 609 - 1. Enterprise features (SSO, compliance, SLA) 610 453 2. Image build service 611 454 3. Registry mirroring 612 - 4. Mobile apps 613 - 5. ML-based recommendations 455 + 4. Federation features 456 + 5. Internationalization 614 457 615 - **Research/Experimental:** 458 + **Blocked on external dependencies:** 616 459 1. Private repositories (requires ATProto private records) 617 460 2. Federated timeline (requires ATProto feed infrastructure) 618 - 3. Deployment tools integration 619 - 4. Semantic search 620 461 621 462 --- 622 463 623 464 **Note:** This is a living document. Features may be added, removed, or reprioritized based on user feedback, technical feasibility, and ATProto ecosystem evolution. 465 + 466 + *Last audited: 2026-02-12*

docs/DISTRIBUTION.md docs/CREDENTIAL_HELPER.md

+480

docs/REMOVING_DISTRIBUTION.md

··· 1 + # Removing distribution/distribution 2 + 3 + This document analyzes what it would take to remove the `github.com/distribution/distribution/v3` library and implement ATCR's own OCI Distribution Spec HTTP endpoints. 4 + 5 + ## Why Consider Removing It 6 + 7 + 1. **Impedance mismatch** -- Distribution assumes manifests and blobs live in the same storage backend. ATCR routes manifests to ATProto PDS and blobs to hold/S3. Every storage interface is overridden. 8 + 2. **Context value workaround** -- `Repository()` receives only `context.Context` from distribution's interface, forcing auth/identity data through context keys into `RegistryContext`. 9 + 3. **Per-request repository creation** -- `RoutingRepository` is recreated on every request because distribution's caching assumptions conflict with ATCR's OAuth session model. 10 + 4. **Stale transitive dependencies** -- Distribution pulls in AWS SDK v1 (EOL) via its S3 storage driver, even though ATCR doesn't use that driver. 11 + 5. **Unused features** -- GC, notifications, storage drivers, replication -- none are used. ATCR has its own GC, its own event dispatch (`processManifest` XRPC), and its own S3 integration. 12 + 6. **Upstream maintenance pace** -- Slow to merge dependency updates and bug fixes. 13 + 14 + ## What Distribution Currently Provides 15 + 16 + Only these pieces are actually used: 17 + 18 + | What | Distribution Package | ATCR Usage | 19 + |------|---------------------|------------| 20 + | HTTP endpoint routing | `registry/handlers` | `handlers.NewApp()` creates the `/v2/` handler | 21 + | OCI error responses | `registry/api/errcode` | `ErrorCodeUnauthorized`, `ErrorCodeDenied`, `ErrorCodeUnsupported` | 22 + | Middleware registration | `registry/middleware/registry` | `Register("atproto-resolver", ...)` | 23 + | Repository interface | `distribution` (root) | `Repository`, `ManifestService`, `BlobStore`, `TagService` | 24 + | Reference parsing | `distribution/reference` | `reference.Named` for `identity/image` parsing | 25 + | Token auth | `registry/auth/token` | Blank import for registration | 26 + | In-memory driver | `registry/storage/driver/inmemory` | Blank import; placeholder since real storage is external | 27 + | Configuration types | `configuration` | `configuration.Configuration` struct | 28 + 29 + Everything else (S3 driver, GC, notifications, replication, schema validation) is dead weight. 30 + 31 + ## Files That Import Distribution 32 + 33 + All in `pkg/appview/` -- hold and scanner are unaffected. 34 + 35 + **Core implementation (8 files):** 36 + - `storage/routing_repository.go` -- `distribution.Repository` wrapper 37 + - `storage/manifest_store.go` -- `distribution.ManifestService` impl 38 + - `storage/proxy_blob_store.go` -- `distribution.BlobStore` + `BlobWriter` impl 39 + - `storage/tag_store.go` -- `distribution.TagService` impl 40 + - `middleware/registry.go` -- `distribution.Namespace` + middleware registration 41 + - `config.go` -- Builds `configuration.Configuration` 42 + - `server.go` -- `handlers.NewApp()`, `errcode` for error responses 43 + - `cmd/appview/main.go` -- Blank imports for driver/auth registration 44 + 45 + **Tests (6 files):** 46 + - `storage/routing_repository_test.go` 47 + - `storage/manifest_store_test.go` 48 + - `storage/proxy_blob_store_test.go` 49 + - `storage/tag_store_test.go` 50 + - `middleware/registry_test.go` 51 + 52 + ## OCI Distribution Spec Endpoints to Implement 53 + 54 + The spec defines these HTTP endpoints. ATCR would need handlers for each. 55 + 56 + ### Version Check 57 + 58 + ``` 59 + GET /v2/ 60 + 200 OK (confirms OCI compliance) 61 + 401 Unauthorized (triggers auth flow) 62 + ``` 63 + 64 + Docker clients hit this first. Must return 200 for authenticated requests. A 401 response with `WWW-Authenticate` header triggers the Docker auth handshake. 65 + 66 + ### Manifests 67 + 68 + ``` 69 + GET /v2/<name>/manifests/<reference> -> 200 + manifest body 70 + HEAD /v2/<name>/manifests/<reference> -> 200 + headers only 71 + PUT /v2/<name>/manifests/<reference> -> 201 Created 72 + DELETE /v2/<name>/manifests/<reference> -> 202 Accepted 73 + ``` 74 + 75 + `<reference>` is either a tag (`latest`) or digest (`sha256:abc...`). 76 + 77 + **Required headers:** 78 + - Request `Accept`: manifest media types the client supports 79 + - Response `Content-Type`: actual manifest media type 80 + - Response `Docker-Content-Digest`: canonical digest of manifest 81 + 82 + **Media types to support:** 83 + - `application/vnd.oci.image.manifest.v1+json` 84 + - `application/vnd.oci.image.index.v1+json` 85 + - `application/vnd.docker.distribution.manifest.v2+json` 86 + - `application/vnd.docker.distribution.manifest.list.v2+json` 87 + 88 + ### Blobs 89 + 90 + ``` 91 + GET /v2/<name>/blobs/<digest> -> 200 + blob body (or 307 redirect) 92 + HEAD /v2/<name>/blobs/<digest> -> 200 + headers only 93 + DELETE /v2/<name>/blobs/<digest> -> 202 Accepted 94 + ``` 95 + 96 + ATCR already redirects to presigned S3 URLs via `ServeBlob()` -- this would become a direct 307 redirect in the handler. 97 + 98 + ### Blob Uploads (Chunked/Resumable) 99 + 100 + **Initiate:** 101 + ``` 102 + POST /v2/<name>/blobs/uploads/ 103 + 202 Accepted 104 + Location: /v2/<name>/blobs/uploads/<uuid> 105 + ``` 106 + 107 + **Monolithic (single request):** 108 + ``` 109 + POST /v2/<name>/blobs/uploads/?digest=sha256:... 110 + Content-Type: application/octet-stream 111 + Body: <entire blob> 112 + 201 Created 113 + ``` 114 + 115 + **Chunked:** 116 + ``` 117 + PATCH /v2/<name>/blobs/uploads/<uuid> 118 + Content-Type: application/octet-stream 119 + Content-Range: <start>-<end> 120 + Body: <chunk data> 121 + 202 Accepted 122 + Range: 0-<end> 123 + 124 + (repeat PATCH for each chunk) 125 + 126 + PUT /v2/<name>/blobs/uploads/<uuid>?digest=sha256:... 127 + 201 Created 128 + Location: /v2/<name>/blobs/<digest> 129 + ``` 130 + 131 + **Check progress:** 132 + ``` 133 + GET /v2/<name>/blobs/uploads/<uuid> 134 + 204 No Content 135 + Range: 0-<bytes received> 136 + ``` 137 + 138 + **Cancel:** 139 + ``` 140 + DELETE /v2/<name>/blobs/uploads/<uuid> 141 + 204 No Content 142 + ``` 143 + 144 + **Cross-repo mount:** 145 + ``` 146 + POST /v2/<name>/blobs/uploads/?mount=<digest>&from=<other-repo> 147 + 201 Created (if blob exists in source repo) 148 + 202 Accepted (fall back to regular upload) 149 + ``` 150 + 151 + ### Tags 152 + 153 + ``` 154 + GET /v2/<name>/tags/list 155 + 200 OK 156 + { 157 + "name": "<name>", 158 + "tags": ["latest", "v1.0"] 159 + } 160 + ``` 161 + 162 + Supports pagination via `n` (count) and `last` (cursor) query params. 163 + 164 + ### Referrers (OCI v1.1) 165 + 166 + ``` 167 + GET /v2/<name>/referrers/<digest> 168 + 200 OK 169 + Content-Type: application/vnd.oci.image.index.v1+json 170 + Body: image index of referring manifests 171 + ``` 172 + 173 + Supports `artifactType` query filter. Returns manifests whose `subject` field points to the given digest. 174 + 175 + ### Catalog (Optional) 176 + 177 + ``` 178 + GET /v2/_catalog 179 + 200 OK 180 + { "repositories": ["alice/app", "bob/tool"] } 181 + ``` 182 + 183 + Pagination via `n` and `last`. ATCR may choose not to implement this (many registries don't). 184 + 185 + ## Error Response Format 186 + 187 + All 4xx/5xx responses must use the OCI error envelope: 188 + 189 + ```json 190 + { 191 + "errors": [ 192 + { 193 + "code": "MANIFEST_UNKNOWN", 194 + "message": "manifest not found", 195 + "detail": { "tag": "latest" } 196 + } 197 + ] 198 + } 199 + ``` 200 + 201 + **Standard error codes:** 202 + 203 + | Code | HTTP Status | Meaning | 204 + |------|-------------|---------| 205 + | `BLOB_UNKNOWN` | 404 | Blob not found | 206 + | `BLOB_UPLOAD_INVALID` | 400 | Bad digest or size mismatch | 207 + | `BLOB_UPLOAD_UNKNOWN` | 404 | Upload session expired/missing | 208 + | `DIGEST_INVALID` | 400 | Digest doesn't match content | 209 + | `MANIFEST_BLOB_UNKNOWN` | 404 | Manifest references missing blob | 210 + | `MANIFEST_INVALID` | 400 | Malformed manifest | 211 + | `MANIFEST_UNKNOWN` | 404 | Manifest not found | 212 + | `NAME_INVALID` | 400 | Bad repository name | 213 + | `NAME_UNKNOWN` | 404 | Repository doesn't exist | 214 + | `SIZE_INVALID` | 400 | Content-Length mismatch | 215 + | `UNAUTHORIZED` | 401 | Authentication required | 216 + | `DENIED` | 403 | Permission denied | 217 + | `UNSUPPORTED` | 405 | Operation not supported | 218 + | `TOOMANYREQUESTS` | 429 | Rate limited | 219 + 220 + ## What Exists Today vs What's New 221 + 222 + For each handler, this breaks down what logic already exists in the storage layer (and just needs to be called) vs what new HTTP glue code must be written. Distribution's handler layer currently handles all the HTTP parsing, header validation, content negotiation, and response formatting -- all of that becomes our responsibility. 223 + 224 + ### Shared New Code 225 + 226 + **Error helpers (~50 lines, new):** 227 + OCI error envelope formatting. Currently provided by `errcode.ErrorCodeUnauthorized` etc. 228 + 229 + ```go 230 + type RegistryError struct { 231 + Code string `json:"code"` 232 + Message string `json:"message"` 233 + Detail interface{} `json:"detail,omitempty"` 234 + } 235 + 236 + func WriteError(w http.ResponseWriter, status int, code, message string) { 237 + w.Header().Set("Content-Type", "application/json") 238 + w.WriteHeader(status) 239 + json.NewEncoder(w).Encode(struct { 240 + Errors []RegistryError `json:"errors"` 241 + }{Errors: []RegistryError{{Code: code, Message: message}}}) 242 + } 243 + ``` 244 + 245 + **Auth middleware (~80 lines, mostly exists):** 246 + `ExtractAuthMethod()` already exists in `middleware/registry.go`. Needs adaptation to work standalone (currently wraps distribution's app). Must also generate `WWW-Authenticate` header for 401 responses -- distribution's token auth handler currently does this via blank import of `registry/auth/token`. 247 + 248 + **Identity resolution middleware (~250 lines, exists):** 249 + `NamespaceResolver.Repository()` in `middleware/registry.go` does identity resolution, hold discovery, service token acquisition, and ATProto client creation. This logic moves into an HTTP middleware but the code is the same -- resolves DID, finds hold, gets service token, builds `RegistryContext`. The validation cache (concurrent service token deduplication) comes along as-is. 250 + 251 + **Router (~30 lines, new):** 252 + ```go 253 + mux.HandleFunc("GET /v2/", handleVersionCheck) 254 + mux.HandleFunc("GET /v2/{name...}/manifests/{reference}", handleManifestGet) 255 + // ... etc 256 + ``` 257 + 258 + ### Handler-by-Handler Breakdown 259 + 260 + --- 261 + 262 + **`handleVersionCheck`** -- `GET /v2/` 263 + 264 + | | | 265 + |---|---| 266 + | Existing logic | None needed -- this is just a 200 OK response | 267 + | New code | ~10 lines. Return 200 with `Docker-Distribution-API-Version: registry/2.0` header. If unauthenticated, return 401 with `WWW-Authenticate` header to trigger Docker's auth flow | 268 + 269 + --- 270 + 271 + **`handleManifestGet`** -- `GET /v2/<name>/manifests/<reference>` 272 + 273 + | | | 274 + |---|---| 275 + | Existing logic | `ManifestStore.Get()` fetches manifest from PDS (record lookup, optional blob download for new-format records). Returns media type + raw bytes. Also fires async pull notification to hold for stats. `TagStore.Get()` resolves tag → digest when reference is a tag | 276 + | New code (~40 lines) | Parse `<reference>` to determine tag vs digest. If tag, call `TagStore.Get()` first to resolve digest. Call `ManifestStore.Get()`. Set response headers: `Content-Type` (manifest media type), `Docker-Content-Digest` (canonical digest), `Content-Length`. Write body. Handle 404 (manifest not found → `MANIFEST_UNKNOWN` error) | 277 + | Subtle | Content negotiation: must check client's `Accept` header against the manifest's actual media type. Distribution handles this transparently. If client doesn't accept the type, return 404. In practice most clients accept everything, but `crane` and `skopeo` can be picky | 278 + 279 + --- 280 + 281 + **`handleManifestHead`** -- `HEAD /v2/<name>/manifests/<reference>` 282 + 283 + | | | 284 + |---|---| 285 + | Existing logic | `ManifestStore.Exists()` checks PDS record existence. `ManifestStore.Get()` needed for full headers | 286 + | New code (~30 lines) | Same as GET but write headers only, no body. Needs `Content-Type`, `Docker-Content-Digest`, `Content-Length`. Could call `Exists()` for a fast path and `Get()` for full header population, or just call `Get()` and skip the body write | 287 + | Note | Some clients (Docker) use HEAD to check existence before pulling. Must return same headers as GET | 288 + 289 + --- 290 + 291 + **`handleManifestPut`** -- `PUT /v2/<name>/manifests/<reference>` 292 + 293 + | | | 294 + |---|---| 295 + | Existing logic | `ManifestStore.Put()` does a LOT: calculates digest, uploads manifest bytes as blob to PDS, creates `ManifestRecord` with structured metadata, validates manifest list child references, extracts config labels, fetches README/icon, creates tag record, fires async notifications to hold, creates repo page records, handles successor migration | 296 + | New code (~50 lines) | Read request body. Extract `Content-Type` header as media type. Parse `<reference>` to determine if this is a tag push. Call `ManifestStore.Put()` with payload, media type, and optional tag. Set response headers: `Location` (`/v2/<name>/manifests/<digest>`), `Docker-Content-Digest`. Return 201 Created. Handle errors: `MANIFEST_INVALID` (bad JSON), `MANIFEST_BLOB_UNKNOWN` (missing child manifest in manifest list) | 297 + | Subtle | Distribution currently wraps the manifest in a `distribution.Manifest` interface (with `Payload()` and `References()` methods) before passing to `Put()`. Without distribution, we'd change `Put()` to accept raw `[]byte` + `mediaType` + optional tag directly -- simpler but requires updating the method signature and its internals | 298 + 299 + --- 300 + 301 + **`handleManifestDelete`** -- `DELETE /v2/<name>/manifests/<reference>` 302 + 303 + | | | 304 + |---|---| 305 + | Existing logic | `ManifestStore.Delete()` calls `ATProtoClient.DeleteRecord()` | 306 + | New code (~15 lines) | Parse digest from `<reference>`. Call `ManifestStore.Delete()`. Return 202 Accepted. Handle 404 | 307 + 308 + --- 309 + 310 + **`handleBlobGet`** -- `GET /v2/<name>/blobs/<digest>` 311 + 312 + | | | 313 + |---|---| 314 + | Existing logic | `ProxyBlobStore.ServeBlob()` checks read access, gets presigned URL from hold, and issues 307 redirect. This is already essentially an HTTP handler | 315 + | New code (~20 lines) | Parse digest from path. Call the presigned URL logic (read access check + hold XRPC call). Write 307 redirect with `Location` header pointing to presigned S3 URL | 316 + | Note | `ServeBlob()` currently takes `http.ResponseWriter` and `*http.Request` -- it's already doing the HTTP work. This handler is mostly just calling it. Could almost be used as-is | 317 + 318 + --- 319 + 320 + **`handleBlobHead`** -- `HEAD /v2/<name>/blobs/<digest>` 321 + 322 + | | | 323 + |---|---| 324 + | Existing logic | `ProxyBlobStore.Stat()` checks read access, gets presigned HEAD URL, makes HEAD request to S3, returns size | 325 + | New code (~20 lines) | Parse digest. Call `Stat()`. Set `Content-Length`, `Docker-Content-Digest`, `Content-Type: application/octet-stream`. Return 200. Handle 404 (`BLOB_UNKNOWN`) | 326 + 327 + --- 328 + 329 + **`handleBlobUploadInit`** -- `POST /v2/<name>/blobs/uploads/` 330 + 331 + | | | 332 + |---|---| 333 + | Existing logic | `ProxyBlobStore.Create()` checks write access, generates upload ID, calls `startMultipartUpload()` XRPC to hold, creates `ProxyBlobWriter`, stores in `globalUploads` map | 334 + | New code (~50 lines) | Check for `?mount=<digest>&from=<repo>` query params (cross-repo mount). Check for `?digest=<digest>` (monolithic upload -- read body, write to store, complete in one shot). Otherwise, call `Create()` to start a new upload session. Return 202 Accepted with `Location: /v2/<name>/blobs/uploads/<uuid>` header, `Docker-Upload-UUID` header | 335 + | Subtle | Monolithic upload (single POST with digest and body) is a shortcut some clients use. Distribution handles this transparently. We'd need to handle it explicitly: read body, create writer, write, commit. Cross-repo mount is also handled here -- check if blob exists in source repo, skip upload if so | 336 + 337 + --- 338 + 339 + **`handleBlobUploadChunk`** -- `PATCH /v2/<name>/blobs/uploads/<uuid>` 340 + 341 + | | | 342 + |---|---| 343 + | Existing logic | `ProxyBlobWriter.Write()` buffers data and auto-flushes 10MB chunks to S3 via presigned URLs. `flushPart()` handles the XRPC call to hold for part upload URLs and ETag tracking | 344 + | New code (~40 lines) | Look up writer from `globalUploads` by UUID. Parse `Content-Range` header (format: `<start>-<end>`). Read request body. Call `writer.Write(body)`. Return 202 Accepted with `Location` header (same upload URL), `Range: 0-<total bytes received>` header. Handle missing upload (`BLOB_UPLOAD_UNKNOWN`) | 345 + | Subtle | `Content-Range` validation: must verify start offset matches current writer position (no gaps, no out-of-order). Return 416 Range Not Satisfiable if misaligned. Distribution handles this; we'd need to track and validate | 346 + 347 + --- 348 + 349 + **`handleBlobUploadComplete`** -- `PUT /v2/<name>/blobs/uploads/<uuid>?digest=sha256:...` 350 + 351 + | | | 352 + |---|---| 353 + | Existing logic | `ProxyBlobWriter.Commit()` flushes remaining buffer, calls `completeMultipartUpload()` XRPC to hold, removes writer from `globalUploads` | 354 + | New code (~40 lines) | Look up writer from `globalUploads`. Parse `?digest=` query param. If request has body, write it to the writer (final chunk can be in the PUT). Call `writer.Commit()` with digest descriptor. Return 201 Created with `Location: /v2/<name>/blobs/<digest>`, `Docker-Content-Digest` header. Handle errors: `DIGEST_INVALID` (provided digest doesn't match), `BLOB_UPLOAD_UNKNOWN` (expired session) | 355 + | Subtle | Digest validation: distribution verifies the provided digest matches what was actually uploaded. Our writer doesn't currently track a running digest hash -- `Commit()` just passes the digest through to hold. Need to decide: trust the hold to validate, or add client-side validation. Currently hold does the final validation since it has all the parts | 356 + 357 + --- 358 + 359 + **`handleBlobUploadStatus`** -- `GET /v2/<name>/blobs/uploads/<uuid>` 360 + 361 + | | | 362 + |---|---| 363 + | Existing logic | `ProxyBlobWriter.Size()` returns total bytes written | 364 + | New code (~15 lines) | Look up writer from `globalUploads`. Return 204 No Content with `Range: 0-<size - 1>`, `Docker-Upload-UUID`, `Location` headers. Handle missing upload | 365 + 366 + --- 367 + 368 + **`handleBlobUploadCancel`** -- `DELETE /v2/<name>/blobs/uploads/<uuid>` 369 + 370 + | | | 371 + |---|---| 372 + | Existing logic | `ProxyBlobWriter.Cancel()` calls `abortMultipartUpload()` XRPC to hold, removes from `globalUploads` | 373 + | New code (~15 lines) | Look up writer. Call `Cancel()`. Return 204 No Content. Handle missing upload | 374 + 375 + --- 376 + 377 + **`handleTagsList`** -- `GET /v2/<name>/tags/list` 378 + 379 + | | | 380 + |---|---| 381 + | Existing logic | `TagStore.All()` lists all tag records from PDS, filters by repository | 382 + | New code (~30 lines) | Call `TagStore.All()`. Parse `?n=` and `?last=` query params for pagination (slice the results). Return JSON: `{"name": "<name>", "tags": [...]}`. Set `Link` header for pagination if there are more results | 383 + | Note | Distribution handles pagination. We'd need to implement it ourselves -- sort tags, apply cursor, set Link header with next page URL | 384 + 385 + --- 386 + 387 + **`handleReferrers`** -- `GET /v2/<name>/referrers/<digest>` 388 + 389 + | | | 390 + |---|---| 391 + | Existing logic | Not currently implemented in ATCR's storage layer. Distribution may return an empty index | 392 + | New code (~30 lines) | Query manifests that have a `subject` field pointing to the given digest. Return an OCI image index containing descriptors for each referrer. Support `?artifactType=` filter. If no referrers, return empty index | 393 + | Note | This is new functionality either way. ATCR would need to query PDS for manifests with matching subject digests. Could defer this (return empty index) and implement properly later | 394 + 395 + --- 396 + 397 + ### Interface Changes to Storage Layer 398 + 399 + The existing stores would need their method signatures simplified. This is mostly mechanical -- removing distribution wrapper types: 400 + 401 + **ManifestStore changes:** 402 + - `Get()`: returns `(distribution.Manifest, error)` → returns `(mediaType string, payload []byte, err error)` 403 + - `Put()`: accepts `distribution.Manifest` + `...distribution.ManifestServiceOption` → accepts `payload []byte, mediaType string, tag string` 404 + - `Exists()` and `Delete()`: signatures stay roughly the same (just `digest.Digest` in, error out) 405 + - Remove `rawManifest` struct (wrapper implementing `distribution.Manifest` interface) 406 + - Remove `distribution.WithTagOption` extraction logic in `Put()` 407 + 408 + **ProxyBlobStore changes:** 409 + - `Stat()`: returns `distribution.Descriptor` → returns `(size int64, err error)` 410 + - `Get()`: stays the same (returns `[]byte`) 411 + - `ServeBlob()`: already takes `http.ResponseWriter`/`*http.Request` -- could become the handler itself 412 + - `Create()`: returns `distribution.BlobWriter` → returns `*ProxyBlobWriter` directly 413 + - `Resume()`: same change 414 + - Remove `distribution.BlobCreateOption` / `distribution.CreateOptions` parsing 415 + - `ProxyBlobWriter.Commit()`: accepts `distribution.Descriptor` → accepts `digest string, size int64` 416 + 417 + **TagStore changes:** 418 + - `Get()`: returns `distribution.Descriptor` → returns `(digest string, err error)` 419 + - `Tag()`: accepts `distribution.Descriptor` → accepts `digest string` 420 + - `All()`, `Untag()`, `Lookup()`: minimal changes 421 + 422 + **RoutingRepository:** 423 + - Removed entirely. Handlers call stores directly. The lazy initialization via `sync.Once` goes away since there's no interface requiring a `Repository` object. 424 + 425 + **Estimated interface change work:** ~150 lines changed across storage files + ~150 lines changed across test files. 426 + 427 + ## What Stays 428 + 429 + These dependencies are used directly and stay regardless: 430 + 431 + - `github.com/opencontainers/go-digest` -- Digest parsing/validation (standard, lightweight) 432 + - `github.com/opencontainers/image-spec` -- OCI manifest/index structs (optional but useful for validation) 433 + - `github.com/distribution/reference` -- Could stay (lightweight, no heavy transitive deps) or replace with string splitting since ATCR's name format is always `<identity>/<image>` 434 + 435 + ## Revised Effort Estimate 436 + 437 + | Component | New Lines | Changed Lines | Notes | 438 + |-----------|-----------|---------------|-------| 439 + | Router + version check | ~40 | 0 | Trivial | 440 + | Error helpers | ~50 | 0 | OCI error envelope, error code constants | 441 + | Auth middleware adaptation | ~30 | ~50 | `WWW-Authenticate` header generation is new; `ExtractAuthMethod` moves | 442 + | Identity resolution middleware | ~20 | ~30 | `NamespaceResolver.Repository()` logic moves to HTTP middleware; code is the same | 443 + | Manifest handlers (GET/HEAD/PUT/DELETE) | ~135 | 0 | Content negotiation, header writing, tag vs digest parsing | 444 + | Blob handlers (GET/HEAD/DELETE) | ~55 | 0 | Presigned URL redirect, stat, delete stub | 445 + | Blob upload handlers (POST/PATCH/PUT/GET/DELETE) | ~160 | 0 | Chunked upload protocol, Content-Range validation, monolithic upload, cross-repo mount | 446 + | Tags list handler | ~30 | 0 | Pagination logic | 447 + | Referrers handler | ~30 | 0 | Could defer with empty index | 448 + | Storage interface changes | 0 | ~150 | Remove distribution types from method signatures | 449 + | Test updates | 0 | ~150 | Update mocks and assertions for new signatures | 450 + | Config cleanup | 0 | ~80 | Remove `buildDistributionConfig()`, blank imports | 451 + | **Total** | **~550 new** | **~460 changed** | **~1010 lines total** | 452 + 453 + This is not a trivial migration. The ~550 new lines are genuine new HTTP handler code that doesn't exist today -- distribution's handler layer provides all of it currently. The changed lines are mostly mechanical (removing distribution type wrappers) but still need care and test updates. 454 + 455 + ## Risk Assessment 456 + 457 + **Low risk:** 458 + - Storage logic is unchanged -- same PDS calls, same hold XRPC calls, same presigned URLs 459 + - Auth flow is unchanged -- same JWT validation, same OAuth refresh 460 + - Tests can be adapted incrementally 461 + 462 + **Medium risk:** 463 + - Subtle OCI spec compliance gaps (edge cases in content negotiation, digest validation, chunked upload semantics) 464 + - Docker client compatibility -- different clients (Docker, Podman, crane, skopeo) may exercise different code paths 465 + 466 + **Mitigation:** 467 + - Use [OCI conformance tests](https://github.com/opencontainers/distribution-spec/tree/main/conformance) to validate 468 + - Test against Docker, Podman, crane, and skopeo before shipping 469 + - Can be done incrementally: build new router, test alongside distribution handler, swap when ready 470 + 471 + ## Dependencies Removed 472 + 473 + Removing distribution eliminates ~30-40 transitive packages, notably: 474 + - `github.com/aws/aws-sdk-go` (v1, EOL) 475 + - Azure cloud SDK packages 476 + - Google Cloud Storage packages 477 + - Distribution-specific logging/metrics 478 + - Unused storage driver registrations 479 + 480 + Most other transitive deps (gRPC, protobuf, OpenTelemetry, logrus) are also pulled by `bluesky-social/indigo` and would remain.

+1 -1

go.mod

··· 3 3 go 1.25.7 4 4 5 5 require ( 6 + github.com/aws/aws-sdk-go v1.55.8 6 7 github.com/aws/aws-sdk-go-v2 v1.41.1 7 8 github.com/aws/aws-sdk-go-v2/config v1.32.7 8 9 github.com/aws/aws-sdk-go-v2/credentials v1.19.7 ··· 52 53 github.com/RussellLuo/slidingwindow v0.0.0-20200528002341-535bb99d338b // indirect 53 54 github.com/ajg/form v1.6.1 // indirect 54 55 github.com/antlr4-go/antlr/v4 v4.13.1 // indirect 55 - github.com/aws/aws-sdk-go v1.55.8 // indirect 56 56 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4 // indirect 57 57 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 // indirect 58 58 github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 // indirect

+77

lexicons/io/atcr/hold/scan.json

··· 1 + { 2 + "lexicon": 1, 3 + "id": "io.atcr.hold.scan", 4 + "defs": { 5 + "main": { 6 + "type": "record", 7 + "key": "any", 8 + "description": "Vulnerability scan results for a container manifest. Stored in the hold's embedded PDS. Record key is deterministic: the manifest digest hex without the 'sha256:' prefix, so re-scans upsert the existing record.", 9 + "record": { 10 + "type": "object", 11 + "required": ["manifest", "repository", "userDid", "critical", "high", "medium", "low", "total", "scannerVersion", "scannedAt"], 12 + "properties": { 13 + "manifest": { 14 + "type": "string", 15 + "format": "at-uri", 16 + "description": "AT-URI of the scanned manifest (e.g., at://did:plc:xyz/io.atcr.manifest/abc123...)" 17 + }, 18 + "repository": { 19 + "type": "string", 20 + "description": "Repository name (e.g., myapp)", 21 + "maxLength": 256 22 + }, 23 + "userDid": { 24 + "type": "string", 25 + "format": "did", 26 + "description": "DID of the image owner" 27 + }, 28 + "sbomBlob": { 29 + "type": "blob", 30 + "description": "SBOM blob (SPDX JSON format) uploaded to the hold's blob storage", 31 + "accept": ["application/spdx+json"] 32 + }, 33 + "vulnReportBlob": { 34 + "type": "blob", 35 + "description": "Grype vulnerability report blob (JSON) with full CVE details", 36 + "accept": ["application/vnd.atcr.vulnerabilities+json"] 37 + }, 38 + "critical": { 39 + "type": "integer", 40 + "minimum": 0, 41 + "description": "Count of critical severity vulnerabilities" 42 + }, 43 + "high": { 44 + "type": "integer", 45 + "minimum": 0, 46 + "description": "Count of high severity vulnerabilities" 47 + }, 48 + "medium": { 49 + "type": "integer", 50 + "minimum": 0, 51 + "description": "Count of medium severity vulnerabilities" 52 + }, 53 + "low": { 54 + "type": "integer", 55 + "minimum": 0, 56 + "description": "Count of low severity vulnerabilities" 57 + }, 58 + "total": { 59 + "type": "integer", 60 + "minimum": 0, 61 + "description": "Total vulnerability count" 62 + }, 63 + "scannerVersion": { 64 + "type": "string", 65 + "description": "Version of the scanner that produced this result (e.g., atcr-scanner-v1.0.0)", 66 + "maxLength": 64 67 + }, 68 + "scannedAt": { 69 + "type": "string", 70 + "format": "datetime", 71 + "description": "RFC3339 timestamp of when the scan completed" 72 + } 73 + } 74 + } 75 + } 76 + } 77 + }

+25

pkg/appview/db/migrations/0011_fix_captain_successor_column.yaml

··· 1 + description: Rebuild hold_captain_records to match schema.sql (provider→successor rename was missed when migration 0010 was recorded but not executed on a fresh DB) 2 + query: | 3 + -- Recreate table to match schema.sql exactly 4 + CREATE TABLE IF NOT EXISTS hold_captain_records_new ( 5 + hold_did TEXT PRIMARY KEY, 6 + owner_did TEXT NOT NULL, 7 + public BOOLEAN NOT NULL, 8 + allow_all_crew BOOLEAN NOT NULL, 9 + deployed_at TEXT, 10 + region TEXT, 11 + successor TEXT, 12 + updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP 13 + ); 14 + 15 + -- Copy data (only guaranteed-common columns; successor will be NULL) 16 + INSERT OR IGNORE INTO hold_captain_records_new (hold_did, owner_did, public, allow_all_crew, deployed_at, region, updated_at) 17 + SELECT hold_did, owner_did, public, allow_all_crew, deployed_at, region, updated_at 18 + FROM hold_captain_records; 19 + 20 + -- Swap tables 21 + DROP TABLE hold_captain_records; 22 + ALTER TABLE hold_captain_records_new RENAME TO hold_captain_records; 23 + 24 + -- Recreate index 25 + CREATE INDEX IF NOT EXISTS idx_hold_captain_updated ON hold_captain_records(updated_at);

+125

pkg/appview/handlers/scan_result.go

··· 1 + package handlers 2 + 3 + import ( 4 + "context" 5 + "encoding/json" 6 + "fmt" 7 + "log/slog" 8 + "net/http" 9 + "net/url" 10 + "strings" 11 + "time" 12 + 13 + "atcr.io/pkg/atproto" 14 + ) 15 + 16 + // ScanResultHandler handles HTMX requests for vulnerability scan badges. 17 + // Returns an HTML fragment (vuln-badge partial) that replaces the placeholder span. 18 + type ScanResultHandler struct { 19 + BaseUIHandler 20 + } 21 + 22 + // vulnBadgeData is the template data for the vuln-badge partial. 23 + type vulnBadgeData struct { 24 + Critical int64 25 + High int64 26 + Medium int64 27 + Low int64 28 + Total int64 29 + ScannedAt string 30 + Found bool // true if scan record exists 31 + Error bool // true if hold unreachable or error 32 + Digest string // for the detail modal link 33 + HoldEndpoint string // for the detail modal link 34 + } 35 + 36 + func (h *ScanResultHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 37 + digest := r.URL.Query().Get("digest") 38 + holdEndpoint := r.URL.Query().Get("holdEndpoint") 39 + 40 + if digest == "" || holdEndpoint == "" { 41 + // Missing params — render nothing 42 + w.Header().Set("Content-Type", "text/html") 43 + return 44 + } 45 + 46 + // Derive hold DID from endpoint URL 47 + holdDID := atproto.ResolveHoldDIDFromURL(holdEndpoint) 48 + if holdDID == "" { 49 + h.renderBadge(w, vulnBadgeData{Error: true}) 50 + return 51 + } 52 + 53 + // Compute rkey from digest (strip sha256: prefix) 54 + rkey := strings.TrimPrefix(digest, "sha256:") 55 + 56 + // Fetch scan record from hold's PDS 57 + ctx, cancel := context.WithTimeout(r.Context(), 3*time.Second) 58 + defer cancel() 59 + 60 + scanURL := fmt.Sprintf("%s/xrpc/com.atproto.repo.getRecord?repo=%s&collection=%s&rkey=%s", 61 + holdEndpoint, 62 + url.QueryEscape(holdDID), 63 + url.QueryEscape(atproto.ScanCollection), 64 + url.QueryEscape(rkey), 65 + ) 66 + 67 + req, err := http.NewRequestWithContext(ctx, "GET", scanURL, nil) 68 + if err != nil { 69 + h.renderBadge(w, vulnBadgeData{Error: true}) 70 + return 71 + } 72 + 73 + resp, err := http.DefaultClient.Do(req) 74 + if err != nil { 75 + // Hold unreachable or timeout — render nothing 76 + h.renderBadge(w, vulnBadgeData{Error: true}) 77 + return 78 + } 79 + defer resp.Body.Close() 80 + 81 + if resp.StatusCode == http.StatusNotFound { 82 + // No scan record — scanning disabled or not yet scanned. Render nothing. 83 + h.renderBadge(w, vulnBadgeData{Error: true}) 84 + return 85 + } 86 + 87 + if resp.StatusCode != http.StatusOK { 88 + h.renderBadge(w, vulnBadgeData{Error: true}) 89 + return 90 + } 91 + 92 + // Parse the getRecord response envelope 93 + var envelope struct { 94 + Value json.RawMessage `json:"value"` 95 + } 96 + if err := json.NewDecoder(resp.Body).Decode(&envelope); err != nil { 97 + h.renderBadge(w, vulnBadgeData{Error: true}) 98 + return 99 + } 100 + 101 + var scanRecord atproto.ScanRecord 102 + if err := json.Unmarshal(envelope.Value, &scanRecord); err != nil { 103 + h.renderBadge(w, vulnBadgeData{Error: true}) 104 + return 105 + } 106 + 107 + h.renderBadge(w, vulnBadgeData{ 108 + Critical: scanRecord.Critical, 109 + High: scanRecord.High, 110 + Medium: scanRecord.Medium, 111 + Low: scanRecord.Low, 112 + Total: scanRecord.Total, 113 + ScannedAt: scanRecord.ScannedAt, 114 + Found: true, 115 + Digest: digest, 116 + HoldEndpoint: holdEndpoint, 117 + }) 118 + } 119 + 120 + func (h *ScanResultHandler) renderBadge(w http.ResponseWriter, data vulnBadgeData) { 121 + w.Header().Set("Content-Type", "text/html") 122 + if err := h.Templates.ExecuteTemplate(w, "vuln-badge", data); err != nil { 123 + slog.Warn("Failed to render vuln badge", "error", err) 124 + } 125 + }

+255

pkg/appview/handlers/scan_result_test.go

··· 1 + package handlers_test 2 + 3 + import ( 4 + "encoding/json" 5 + "net/http" 6 + "net/http/httptest" 7 + "strings" 8 + "testing" 9 + 10 + "atcr.io/pkg/appview" 11 + "atcr.io/pkg/appview/handlers" 12 + ) 13 + 14 + // mockScanRecord returns a getRecord JSON envelope wrapping a scan record 15 + func mockScanRecord(critical, high, medium, low, total int64) string { 16 + record := map[string]any{ 17 + "$type": "io.atcr.hold.scan", 18 + "manifest": "at://did:plc:test/io.atcr.manifest/abc123", 19 + "repository": "myapp", 20 + "userDid": "did:plc:test", 21 + "critical": critical, 22 + "high": high, 23 + "medium": medium, 24 + "low": low, 25 + "total": total, 26 + "scannerVersion": "atcr-scanner-v1.0.0", 27 + "scannedAt": "2025-01-15T10:30:00Z", 28 + } 29 + envelope := map[string]any{ 30 + "uri": "at://did:web:hold.example.com/io.atcr.hold.scan/abc123", 31 + "cid": "bafyreiabc123", 32 + "value": record, 33 + } 34 + b, _ := json.Marshal(envelope) 35 + return string(b) 36 + } 37 + 38 + func setupScanResultHandler(t *testing.T, holdURL string) *handlers.ScanResultHandler { 39 + t.Helper() 40 + templates, err := appview.Templates(nil) 41 + if err != nil { 42 + t.Fatalf("Failed to load templates: %v", err) 43 + } 44 + return &handlers.ScanResultHandler{ 45 + BaseUIHandler: handlers.BaseUIHandler{ 46 + Templates: templates, 47 + }, 48 + } 49 + } 50 + 51 + func TestScanResult_WithVulnerabilities(t *testing.T) { 52 + // Mock hold that returns a scan record with vulnerabilities 53 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 54 + w.Header().Set("Content-Type", "application/json") 55 + w.Write([]byte(mockScanRecord(2, 5, 10, 3, 20))) 56 + })) 57 + defer hold.Close() 58 + 59 + handler := setupScanResultHandler(t, hold.URL) 60 + 61 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 62 + rr := httptest.NewRecorder() 63 + handler.ServeHTTP(rr, req) 64 + 65 + if rr.Code != http.StatusOK { 66 + t.Errorf("Expected status %d, got %d", http.StatusOK, rr.Code) 67 + } 68 + 69 + body := rr.Body.String() 70 + 71 + // Should contain severity badges 72 + if !strings.Contains(body, "badge-error") { 73 + t.Error("Expected body to contain badge-error for critical vulnerabilities") 74 + } 75 + if !strings.Contains(body, "C:2") { 76 + t.Error("Expected body to contain 'C:2' for critical count") 77 + } 78 + if !strings.Contains(body, "badge-warning") { 79 + t.Error("Expected body to contain badge-warning for high vulnerabilities") 80 + } 81 + if !strings.Contains(body, "H:5") { 82 + t.Error("Expected body to contain 'H:5' for high count") 83 + } 84 + if !strings.Contains(body, "M:10") { 85 + t.Error("Expected body to contain 'M:10' for medium count") 86 + } 87 + if !strings.Contains(body, "L:3") { 88 + t.Error("Expected body to contain 'L:3' for low count") 89 + } 90 + // Should be clickable (has openVulnDetails) 91 + if !strings.Contains(body, "openVulnDetails") { 92 + t.Error("Expected body to contain openVulnDetails click handler") 93 + } 94 + } 95 + 96 + func TestScanResult_Clean(t *testing.T) { 97 + // Mock hold that returns a scan record with zero vulnerabilities 98 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 99 + w.Header().Set("Content-Type", "application/json") 100 + w.Write([]byte(mockScanRecord(0, 0, 0, 0, 0))) 101 + })) 102 + defer hold.Close() 103 + 104 + handler := setupScanResultHandler(t, hold.URL) 105 + 106 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 107 + rr := httptest.NewRecorder() 108 + handler.ServeHTTP(rr, req) 109 + 110 + body := rr.Body.String() 111 + 112 + if !strings.Contains(body, "Clean") { 113 + t.Error("Expected body to contain 'Clean' for zero-vulnerability scan") 114 + } 115 + if !strings.Contains(body, "badge-success") { 116 + t.Error("Expected body to contain badge-success for clean scan") 117 + } 118 + // Should NOT be clickable 119 + if strings.Contains(body, "openVulnDetails") { 120 + t.Error("Clean badge should not have openVulnDetails click handler") 121 + } 122 + } 123 + 124 + func TestScanResult_NotFound(t *testing.T) { 125 + // Mock hold that returns 404 (no scan record — scanning disabled or not yet scanned) 126 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 127 + http.Error(w, "record not found", http.StatusNotFound) 128 + })) 129 + defer hold.Close() 130 + 131 + handler := setupScanResultHandler(t, hold.URL) 132 + 133 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 134 + rr := httptest.NewRecorder() 135 + handler.ServeHTTP(rr, req) 136 + 137 + body := strings.TrimSpace(rr.Body.String()) 138 + 139 + // 404 = no scan record. Should render NOTHING — not "Scan pending". 140 + if body != "" { 141 + t.Errorf("Expected empty body for 404, got: %q", body) 142 + } 143 + } 144 + 145 + func TestScanResult_HoldError(t *testing.T) { 146 + // Mock hold that returns 500 147 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 148 + http.Error(w, "internal error", http.StatusInternalServerError) 149 + })) 150 + defer hold.Close() 151 + 152 + handler := setupScanResultHandler(t, hold.URL) 153 + 154 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 155 + rr := httptest.NewRecorder() 156 + handler.ServeHTTP(rr, req) 157 + 158 + body := strings.TrimSpace(rr.Body.String()) 159 + 160 + if body != "" { 161 + t.Errorf("Expected empty body for hold error, got: %q", body) 162 + } 163 + } 164 + 165 + func TestScanResult_HoldUnreachable(t *testing.T) { 166 + // Use a server that's already closed (unreachable) 167 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) 168 + hold.Close() 169 + 170 + handler := setupScanResultHandler(t, hold.URL) 171 + 172 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 173 + rr := httptest.NewRecorder() 174 + handler.ServeHTTP(rr, req) 175 + 176 + body := strings.TrimSpace(rr.Body.String()) 177 + 178 + if body != "" { 179 + t.Errorf("Expected empty body for unreachable hold, got: %q", body) 180 + } 181 + } 182 + 183 + func TestScanResult_MissingParams(t *testing.T) { 184 + handler := setupScanResultHandler(t, "") 185 + 186 + // No params at all 187 + req := httptest.NewRequest("GET", "/api/scan-result", nil) 188 + rr := httptest.NewRecorder() 189 + handler.ServeHTTP(rr, req) 190 + 191 + body := strings.TrimSpace(rr.Body.String()) 192 + 193 + if body != "" { 194 + t.Errorf("Expected empty body for missing params, got: %q", body) 195 + } 196 + } 197 + 198 + func TestScanResult_MissingDigest(t *testing.T) { 199 + handler := setupScanResultHandler(t, "") 200 + 201 + req := httptest.NewRequest("GET", "/api/scan-result?holdEndpoint=https://hold.example.com", nil) 202 + rr := httptest.NewRecorder() 203 + handler.ServeHTTP(rr, req) 204 + 205 + body := strings.TrimSpace(rr.Body.String()) 206 + 207 + if body != "" { 208 + t.Errorf("Expected empty body for missing digest, got: %q", body) 209 + } 210 + } 211 + 212 + func TestScanResult_MissingHoldEndpoint(t *testing.T) { 213 + handler := setupScanResultHandler(t, "") 214 + 215 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123", nil) 216 + rr := httptest.NewRecorder() 217 + handler.ServeHTTP(rr, req) 218 + 219 + body := strings.TrimSpace(rr.Body.String()) 220 + 221 + if body != "" { 222 + t.Errorf("Expected empty body for missing holdEndpoint, got: %q", body) 223 + } 224 + } 225 + 226 + func TestScanResult_OnlyCriticalShown(t *testing.T) { 227 + // Only critical vulns, no high/medium/low 228 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 229 + w.Header().Set("Content-Type", "application/json") 230 + w.Write([]byte(mockScanRecord(3, 0, 0, 0, 3))) 231 + })) 232 + defer hold.Close() 233 + 234 + handler := setupScanResultHandler(t, hold.URL) 235 + 236 + req := httptest.NewRequest("GET", "/api/scan-result?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 237 + rr := httptest.NewRecorder() 238 + handler.ServeHTTP(rr, req) 239 + 240 + body := rr.Body.String() 241 + 242 + if !strings.Contains(body, "C:3") { 243 + t.Error("Expected body to contain 'C:3'") 244 + } 245 + // Zero-count badges should NOT appear 246 + if strings.Contains(body, "H:0") { 247 + t.Error("Should not contain 'H:0' for zero high count") 248 + } 249 + if strings.Contains(body, "M:0") { 250 + t.Error("Should not contain 'M:0' for zero medium count") 251 + } 252 + if strings.Contains(body, "L:0") { 253 + t.Error("Should not contain 'L:0' for zero low count") 254 + } 255 + }

+244

pkg/appview/handlers/vuln_details.go

··· 1 + package handlers 2 + 3 + import ( 4 + "context" 5 + "encoding/json" 6 + "fmt" 7 + "log/slog" 8 + "net/http" 9 + "net/url" 10 + "sort" 11 + "strings" 12 + "time" 13 + 14 + "atcr.io/pkg/atproto" 15 + ) 16 + 17 + // VulnDetailsHandler handles requests for the vulnerability detail modal content. 18 + // Returns an HTML fragment (vuln-details partial) for insertion into the modal body. 19 + type VulnDetailsHandler struct { 20 + BaseUIHandler 21 + } 22 + 23 + // grypeReport is the minimal Grype JSON structure we need. 24 + type grypeReport struct { 25 + Matches []grypeMatch `json:"matches"` 26 + } 27 + 28 + type grypeMatch struct { 29 + Vulnerability grypeVuln `json:"vulnerability"` 30 + Artifact grypeArtifact `json:"artifact"` 31 + } 32 + 33 + type grypeVuln struct { 34 + ID string `json:"id"` 35 + Severity string `json:"severity"` 36 + Fix grypeFix `json:"fix"` 37 + } 38 + 39 + type grypeFix struct { 40 + Versions []string `json:"versions"` 41 + State string `json:"state"` 42 + } 43 + 44 + type grypeArtifact struct { 45 + Name string `json:"name"` 46 + Version string `json:"version"` 47 + Type string `json:"type"` 48 + } 49 + 50 + // vulnDetailsData is the template data for the vuln-details partial. 51 + type vulnDetailsData struct { 52 + Matches []vulnMatch 53 + Summary vulnSummary 54 + Error string // non-empty if something went wrong 55 + ScannedAt string 56 + } 57 + 58 + type vulnMatch struct { 59 + CVEURL string 60 + CVEID string 61 + Severity string // Critical, High, Medium, Low, Negligible, Unknown 62 + Package string 63 + Version string 64 + FixedIn string 65 + Type string // deb, npm, gem, etc. 66 + } 67 + 68 + type vulnSummary struct { 69 + Critical int64 70 + High int64 71 + Medium int64 72 + Low int64 73 + Total int64 74 + } 75 + 76 + // severityOrder maps severity strings to sort order (lower = more severe). 77 + var severityOrder = map[string]int{ 78 + "Critical": 0, 79 + "High": 1, 80 + "Medium": 2, 81 + "Low": 3, 82 + "Negligible": 4, 83 + "Unknown": 5, 84 + } 85 + 86 + func (h *VulnDetailsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 87 + digest := r.URL.Query().Get("digest") 88 + holdEndpoint := r.URL.Query().Get("holdEndpoint") 89 + 90 + if digest == "" || holdEndpoint == "" { 91 + h.renderDetails(w, vulnDetailsData{Error: "Missing required parameters"}) 92 + return 93 + } 94 + 95 + holdDID := atproto.ResolveHoldDIDFromURL(holdEndpoint) 96 + if holdDID == "" { 97 + h.renderDetails(w, vulnDetailsData{Error: "Could not resolve hold identity"}) 98 + return 99 + } 100 + 101 + rkey := strings.TrimPrefix(digest, "sha256:") 102 + 103 + ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second) 104 + defer cancel() 105 + 106 + // Step 1: Fetch the scan record to get the VulnReportBlob CID 107 + scanURL := fmt.Sprintf("%s/xrpc/com.atproto.repo.getRecord?repo=%s&collection=%s&rkey=%s", 108 + holdEndpoint, 109 + url.QueryEscape(holdDID), 110 + url.QueryEscape(atproto.ScanCollection), 111 + url.QueryEscape(rkey), 112 + ) 113 + 114 + req, err := http.NewRequestWithContext(ctx, "GET", scanURL, nil) 115 + if err != nil { 116 + h.renderDetails(w, vulnDetailsData{Error: "Failed to build request"}) 117 + return 118 + } 119 + 120 + resp, err := http.DefaultClient.Do(req) 121 + if err != nil { 122 + h.renderDetails(w, vulnDetailsData{Error: "Hold service unreachable"}) 123 + return 124 + } 125 + defer resp.Body.Close() 126 + 127 + if resp.StatusCode != http.StatusOK { 128 + h.renderDetails(w, vulnDetailsData{Error: "No scan record found"}) 129 + return 130 + } 131 + 132 + var envelope struct { 133 + Value json.RawMessage `json:"value"` 134 + } 135 + if err := json.NewDecoder(resp.Body).Decode(&envelope); err != nil { 136 + h.renderDetails(w, vulnDetailsData{Error: "Failed to parse scan record"}) 137 + return 138 + } 139 + 140 + var scanRecord atproto.ScanRecord 141 + if err := json.Unmarshal(envelope.Value, &scanRecord); err != nil { 142 + h.renderDetails(w, vulnDetailsData{Error: "Failed to parse scan record"}) 143 + return 144 + } 145 + 146 + summary := vulnSummary{ 147 + Critical: scanRecord.Critical, 148 + High: scanRecord.High, 149 + Medium: scanRecord.Medium, 150 + Low: scanRecord.Low, 151 + Total: scanRecord.Total, 152 + } 153 + 154 + // Step 2: Fetch the vulnerability report blob 155 + if scanRecord.VulnReportBlob == nil || scanRecord.VulnReportBlob.Ref.String() == "" { 156 + h.renderDetails(w, vulnDetailsData{ 157 + Summary: summary, 158 + ScannedAt: scanRecord.ScannedAt, 159 + Error: "No detailed vulnerability report available. Only summary counts were recorded.", 160 + }) 161 + return 162 + } 163 + 164 + blobCID := scanRecord.VulnReportBlob.Ref.String() 165 + blobURL := fmt.Sprintf("%s/xrpc/com.atproto.sync.getBlob?did=%s&cid=%s", 166 + holdEndpoint, 167 + url.QueryEscape(holdDID), 168 + url.QueryEscape(blobCID), 169 + ) 170 + 171 + blobReq, err := http.NewRequestWithContext(ctx, "GET", blobURL, nil) 172 + if err != nil { 173 + h.renderDetails(w, vulnDetailsData{Summary: summary, ScannedAt: scanRecord.ScannedAt, Error: "Failed to build blob request"}) 174 + return 175 + } 176 + 177 + blobResp, err := http.DefaultClient.Do(blobReq) 178 + if err != nil { 179 + h.renderDetails(w, vulnDetailsData{Summary: summary, ScannedAt: scanRecord.ScannedAt, Error: "Failed to fetch vulnerability report"}) 180 + return 181 + } 182 + defer blobResp.Body.Close() 183 + 184 + if blobResp.StatusCode != http.StatusOK { 185 + h.renderDetails(w, vulnDetailsData{Summary: summary, ScannedAt: scanRecord.ScannedAt, Error: "Vulnerability report not accessible"}) 186 + return 187 + } 188 + 189 + // Step 3: Parse the Grype JSON 190 + var report grypeReport 191 + if err := json.NewDecoder(blobResp.Body).Decode(&report); err != nil { 192 + h.renderDetails(w, vulnDetailsData{Summary: summary, ScannedAt: scanRecord.ScannedAt, Error: "Failed to parse vulnerability report"}) 193 + return 194 + } 195 + 196 + // Convert to template data 197 + matches := make([]vulnMatch, 0, len(report.Matches)) 198 + for _, m := range report.Matches { 199 + fixedIn := "" 200 + if len(m.Vulnerability.Fix.Versions) > 0 { 201 + fixedIn = strings.Join(m.Vulnerability.Fix.Versions, ", ") 202 + } 203 + 204 + cveURL := "" 205 + if strings.HasPrefix(m.Vulnerability.ID, "CVE-") { 206 + cveURL = "https://nvd.nist.gov/vuln/detail/" + m.Vulnerability.ID 207 + } else if strings.HasPrefix(m.Vulnerability.ID, "GHSA-") { 208 + cveURL = "https://github.com/advisories/" + m.Vulnerability.ID 209 + } 210 + 211 + matches = append(matches, vulnMatch{ 212 + CVEID: m.Vulnerability.ID, 213 + CVEURL: cveURL, 214 + Severity: m.Vulnerability.Severity, 215 + Package: m.Artifact.Name, 216 + Version: m.Artifact.Version, 217 + FixedIn: fixedIn, 218 + Type: m.Artifact.Type, 219 + }) 220 + } 221 + 222 + // Sort by severity (critical first) 223 + sort.Slice(matches, func(i, j int) bool { 224 + oi := severityOrder[matches[i].Severity] 225 + oj := severityOrder[matches[j].Severity] 226 + if oi != oj { 227 + return oi < oj 228 + } 229 + return matches[i].CVEID < matches[j].CVEID 230 + }) 231 + 232 + h.renderDetails(w, vulnDetailsData{ 233 + Matches: matches, 234 + Summary: summary, 235 + ScannedAt: scanRecord.ScannedAt, 236 + }) 237 + } 238 + 239 + func (h *VulnDetailsHandler) renderDetails(w http.ResponseWriter, data vulnDetailsData) { 240 + w.Header().Set("Content-Type", "text/html") 241 + if err := h.Templates.ExecuteTemplate(w, "vuln-details", data); err != nil { 242 + slog.Warn("Failed to render vuln details", "error", err) 243 + } 244 + }

+336

pkg/appview/handlers/vuln_details_test.go

··· 1 + package handlers_test 2 + 3 + import ( 4 + "crypto/sha256" 5 + "encoding/json" 6 + "net/http" 7 + "net/http/httptest" 8 + "strings" 9 + "testing" 10 + 11 + "atcr.io/pkg/appview" 12 + "atcr.io/pkg/appview/handlers" 13 + lexutil "github.com/bluesky-social/indigo/lex/util" 14 + "github.com/ipfs/go-cid" 15 + "github.com/multiformats/go-multihash" 16 + ) 17 + 18 + // mockGrypeReport returns a minimal Grype JSON report 19 + func mockGrypeReport() string { 20 + report := map[string]any{ 21 + "matches": []map[string]any{ 22 + { 23 + "vulnerability": map[string]any{ 24 + "id": "CVE-2024-1234", 25 + "severity": "Critical", 26 + "fix": map[string]any{"versions": []string{"1.2.4"}, "state": "fixed"}, 27 + }, 28 + "artifact": map[string]any{ 29 + "name": "libssl", 30 + "version": "1.1.1", 31 + "type": "deb", 32 + }, 33 + }, 34 + { 35 + "vulnerability": map[string]any{ 36 + "id": "CVE-2024-5678", 37 + "severity": "Low", 38 + "fix": map[string]any{"versions": []string{}, "state": "not-fixed"}, 39 + }, 40 + "artifact": map[string]any{ 41 + "name": "zlib", 42 + "version": "1.2.11", 43 + "type": "deb", 44 + }, 45 + }, 46 + { 47 + "vulnerability": map[string]any{ 48 + "id": "GHSA-abcd-efgh-ijkl", 49 + "severity": "High", 50 + "fix": map[string]any{"versions": []string{"2.0.0"}, "state": "fixed"}, 51 + }, 52 + "artifact": map[string]any{ 53 + "name": "express", 54 + "version": "4.17.1", 55 + "type": "npm", 56 + }, 57 + }, 58 + }, 59 + } 60 + b, _ := json.Marshal(report) 61 + return string(b) 62 + } 63 + 64 + // testCID creates a valid CIDv1 from arbitrary data (for test fixtures) 65 + func testCID(data string) cid.Cid { 66 + hash := sha256.Sum256([]byte(data)) 67 + mh, _ := multihash.Encode(hash[:], multihash.SHA2_256) 68 + return cid.NewCidV1(0x55, mh) // raw codec 69 + } 70 + 71 + // mockScanRecordWithBlob returns a getRecord envelope with a VulnReportBlob reference. 72 + // Uses a real CID so LexBlob JSON unmarshaling works correctly. 73 + func mockScanRecordWithBlob(critical, high, medium, low, total int64) string { 74 + blobCID := testCID("test-vuln-report") 75 + 76 + // Build the record using the actual LexBlob type for correct JSON format 77 + blob := &lexutil.LexBlob{ 78 + Ref: lexutil.LexLink(blobCID), 79 + MimeType: "application/vnd.atcr.vulnerabilities+json", 80 + Size: 12345, 81 + } 82 + 83 + // Marshal blob separately to get the canonical JSON format 84 + blobJSON, _ := json.Marshal(blob) 85 + 86 + // Build the full record as a map, inserting the pre-marshaled blob 87 + record := map[string]json.RawMessage{ 88 + "$type": jsonStr("io.atcr.hold.scan"), 89 + "manifest": jsonStr("at://did:plc:test/io.atcr.manifest/abc123"), 90 + "repository": jsonStr("myapp"), 91 + "userDid": jsonStr("did:plc:test"), 92 + "vulnReportBlob": blobJSON, 93 + "critical": jsonInt(critical), 94 + "high": jsonInt(high), 95 + "medium": jsonInt(medium), 96 + "low": jsonInt(low), 97 + "total": jsonInt(total), 98 + "scannerVersion": jsonStr("atcr-scanner-v1.0.0"), 99 + "scannedAt": jsonStr("2025-01-15T10:30:00Z"), 100 + } 101 + recordJSON, _ := json.Marshal(record) 102 + 103 + envelope := map[string]any{ 104 + "uri": "at://did:web:hold.example.com/io.atcr.hold.scan/abc123", 105 + "cid": "bafyreiabc123", 106 + "value": json.RawMessage(recordJSON), 107 + } 108 + b, _ := json.Marshal(envelope) 109 + return string(b) 110 + } 111 + 112 + func jsonStr(s string) json.RawMessage { 113 + b, _ := json.Marshal(s) 114 + return b 115 + } 116 + 117 + func jsonInt(n int64) json.RawMessage { 118 + b, _ := json.Marshal(n) 119 + return b 120 + } 121 + 122 + // mockScanRecordWithoutBlob returns a getRecord envelope without VulnReportBlob 123 + func mockScanRecordWithoutBlob(critical, high, medium, low, total int64) string { 124 + record := map[string]any{ 125 + "$type": "io.atcr.hold.scan", 126 + "manifest": "at://did:plc:test/io.atcr.manifest/abc123", 127 + "repository": "myapp", 128 + "userDid": "did:plc:test", 129 + "critical": critical, 130 + "high": high, 131 + "medium": medium, 132 + "low": low, 133 + "total": total, 134 + "scannerVersion": "atcr-scanner-v1.0.0", 135 + "scannedAt": "2025-01-15T10:30:00Z", 136 + } 137 + envelope := map[string]any{ 138 + "uri": "at://did:web:hold.example.com/io.atcr.hold.scan/abc123", 139 + "cid": "bafyreiabc123", 140 + "value": record, 141 + } 142 + b, _ := json.Marshal(envelope) 143 + return string(b) 144 + } 145 + 146 + func setupVulnDetailsHandler(t *testing.T) *handlers.VulnDetailsHandler { 147 + t.Helper() 148 + templates, err := appview.Templates(nil) 149 + if err != nil { 150 + t.Fatalf("Failed to load templates: %v", err) 151 + } 152 + return &handlers.VulnDetailsHandler{ 153 + BaseUIHandler: handlers.BaseUIHandler{ 154 + Templates: templates, 155 + }, 156 + } 157 + } 158 + 159 + func TestVulnDetails_FullReport(t *testing.T) { 160 + grypeJSON := mockGrypeReport() 161 + 162 + // Mock hold that serves both getRecord and getBlob 163 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 164 + path := r.URL.Path 165 + if strings.Contains(path, "getRecord") { 166 + w.Header().Set("Content-Type", "application/json") 167 + w.Write([]byte(mockScanRecordWithBlob(1, 1, 0, 1, 3))) 168 + } else if strings.Contains(path, "getBlob") { 169 + // Serve the Grype JSON directly (no redirect in tests) 170 + w.Header().Set("Content-Type", "application/json") 171 + w.Write([]byte(grypeJSON)) 172 + } else { 173 + http.Error(w, "not found", http.StatusNotFound) 174 + } 175 + })) 176 + defer hold.Close() 177 + 178 + handler := setupVulnDetailsHandler(t) 179 + 180 + req := httptest.NewRequest("GET", "/api/vuln-details?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 181 + rr := httptest.NewRecorder() 182 + handler.ServeHTTP(rr, req) 183 + 184 + if rr.Code != http.StatusOK { 185 + t.Errorf("Expected status %d, got %d", http.StatusOK, rr.Code) 186 + } 187 + 188 + body := rr.Body.String() 189 + 190 + // Should contain CVE IDs 191 + if !strings.Contains(body, "CVE-2024-1234") { 192 + t.Error("Expected body to contain CVE-2024-1234") 193 + } 194 + if !strings.Contains(body, "GHSA-abcd-efgh-ijkl") { 195 + t.Error("Expected body to contain GHSA-abcd-efgh-ijkl") 196 + } 197 + 198 + // Should contain package names 199 + if !strings.Contains(body, "libssl") { 200 + t.Error("Expected body to contain package name 'libssl'") 201 + } 202 + if !strings.Contains(body, "express") { 203 + t.Error("Expected body to contain package name 'express'") 204 + } 205 + 206 + // Should contain NVD link for CVE 207 + if !strings.Contains(body, "nvd.nist.gov") { 208 + t.Error("Expected body to contain NVD link") 209 + } 210 + // Should contain GitHub advisory link for GHSA 211 + if !strings.Contains(body, "github.com/advisories") { 212 + t.Error("Expected body to contain GitHub advisory link") 213 + } 214 + 215 + // Should contain fix version 216 + if !strings.Contains(body, "1.2.4") { 217 + t.Error("Expected body to contain fix version '1.2.4'") 218 + } 219 + 220 + // Should contain "No fix" for unfixed vuln 221 + if !strings.Contains(body, "No fix") { 222 + t.Error("Expected body to contain 'No fix' for unfixed vulnerability") 223 + } 224 + 225 + // Should contain a table 226 + if !strings.Contains(body, "<table") { 227 + t.Error("Expected body to contain a table element") 228 + } 229 + } 230 + 231 + func TestVulnDetails_NoVulnReportBlob(t *testing.T) { 232 + // Mock hold returns scan record WITHOUT VulnReportBlob 233 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 234 + w.Header().Set("Content-Type", "application/json") 235 + w.Write([]byte(mockScanRecordWithoutBlob(2, 5, 10, 3, 20))) 236 + })) 237 + defer hold.Close() 238 + 239 + handler := setupVulnDetailsHandler(t) 240 + 241 + req := httptest.NewRequest("GET", "/api/vuln-details?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 242 + rr := httptest.NewRecorder() 243 + handler.ServeHTTP(rr, req) 244 + 245 + body := rr.Body.String() 246 + 247 + // Should show summary counts 248 + if !strings.Contains(body, "2 Critical") { 249 + t.Error("Expected body to contain '2 Critical' summary") 250 + } 251 + 252 + // Should indicate no detailed report 253 + if !strings.Contains(body, "No detailed vulnerability report") { 254 + t.Error("Expected body to indicate no detailed report available") 255 + } 256 + 257 + // Should NOT contain a table 258 + if strings.Contains(body, "<table") { 259 + t.Error("Should not render a table when no VulnReportBlob") 260 + } 261 + } 262 + 263 + func TestVulnDetails_NotFound(t *testing.T) { 264 + // Mock hold returns 404 265 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 266 + http.Error(w, "not found", http.StatusNotFound) 267 + })) 268 + defer hold.Close() 269 + 270 + handler := setupVulnDetailsHandler(t) 271 + 272 + req := httptest.NewRequest("GET", "/api/vuln-details?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 273 + rr := httptest.NewRecorder() 274 + handler.ServeHTTP(rr, req) 275 + 276 + body := rr.Body.String() 277 + 278 + // Should show an error message (modal still needs content) 279 + if !strings.Contains(body, "No scan record found") { 280 + t.Error("Expected body to contain error message for 404") 281 + } 282 + } 283 + 284 + func TestVulnDetails_SortsBySeverity(t *testing.T) { 285 + grypeJSON := mockGrypeReport() // Has Critical, Low, High in that order 286 + 287 + hold := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 288 + path := r.URL.Path 289 + if strings.Contains(path, "getRecord") { 290 + w.Header().Set("Content-Type", "application/json") 291 + w.Write([]byte(mockScanRecordWithBlob(1, 1, 0, 1, 3))) 292 + } else if strings.Contains(path, "getBlob") { 293 + w.Header().Set("Content-Type", "application/json") 294 + w.Write([]byte(grypeJSON)) 295 + } 296 + })) 297 + defer hold.Close() 298 + 299 + handler := setupVulnDetailsHandler(t) 300 + 301 + req := httptest.NewRequest("GET", "/api/vuln-details?digest=sha256:abc123&holdEndpoint="+hold.URL, nil) 302 + rr := httptest.NewRecorder() 303 + handler.ServeHTTP(rr, req) 304 + 305 + body := rr.Body.String() 306 + 307 + // Critical should appear before High, which should appear before Low 308 + critIdx := strings.Index(body, "CVE-2024-1234") // Critical 309 + highIdx := strings.Index(body, "GHSA-abcd-efgh") // High 310 + lowIdx := strings.Index(body, "CVE-2024-5678") // Low 311 + 312 + if critIdx == -1 || highIdx == -1 || lowIdx == -1 { 313 + t.Fatal("Expected all three CVEs to be present in body") 314 + } 315 + 316 + if critIdx > highIdx { 317 + t.Error("Critical CVE should appear before High CVE") 318 + } 319 + if highIdx > lowIdx { 320 + t.Error("High CVE should appear before Low CVE") 321 + } 322 + } 323 + 324 + func TestVulnDetails_MissingParams(t *testing.T) { 325 + handler := setupVulnDetailsHandler(t) 326 + 327 + req := httptest.NewRequest("GET", "/api/vuln-details", nil) 328 + rr := httptest.NewRecorder() 329 + handler.ServeHTTP(rr, req) 330 + 331 + body := rr.Body.String() 332 + 333 + if !strings.Contains(body, "Missing required parameters") { 334 + t.Error("Expected error message for missing parameters") 335 + } 336 + }

+2 -2

pkg/appview/public/js/bundle.min.js

··· 1 - var se=(function(){"use strict";let htmx={onLoad:null,process:null,on:null,off:null,trigger:null,ajax:null,find:null,findAll:null,closest:null,values:function(e,t){return getInputValues(e,t||"post").values},remove:null,addClass:null,removeClass:null,toggleClass:null,takeClass:null,swap:null,defineExtension:null,removeExtension:null,logAll:null,logNone:null,logger:null,config:{historyEnabled:!0,historyCacheSize:10,refreshOnHistoryMiss:!1,defaultSwapStyle:"innerHTML",defaultSwapDelay:0,defaultSettleDelay:20,includeIndicatorStyles:!0,indicatorClass:"htmx-indicator",requestClass:"htmx-request",addedClass:"htmx-added",settlingClass:"htmx-settling",swappingClass:"htmx-swapping",allowEval:!0,allowScriptTags:!0,inlineScriptNonce:"",inlineStyleNonce:"",attributesToSettle:["class","style","width","height"],withCredentials:!1,timeout:0,wsReconnectDelay:"full-jitter",wsBinaryType:"blob",disableSelector:"[hx-disable], [data-hx-disable]",scrollBehavior:"instant",defaultFocusScroll:!1,getCacheBusterParam:!1,globalViewTransitions:!1,methodsThatUseUrlParams:["get","delete"],selfRequestsOnly:!0,ignoreTitle:!1,scrollIntoViewOnBoost:!0,triggerSpecsCache:null,disableInheritance:!1,responseHandling:[{code:"204",swap:!1},{code:"[23]..",swap:!0},{code:"[45]..",swap:!1,error:!0}],allowNestedOobSwaps:!0,historyRestoreAsHxRequest:!0,reportValidityOfForms:!1},parseInterval:null,location,_:null,version:"2.0.8"};htmx.onLoad=onLoadHelper,htmx.process=processNode,htmx.on=addEventListenerImpl,htmx.off=removeEventListenerImpl,htmx.trigger=triggerEvent,htmx.ajax=ajaxHelper,htmx.find=find,htmx.findAll=findAll,htmx.closest=closest,htmx.remove=removeElement,htmx.addClass=addClassToElement,htmx.removeClass=removeClassFromElement,htmx.toggleClass=toggleClassOnElement,htmx.takeClass=takeClassForElement,htmx.swap=swap,htmx.defineExtension=defineExtension,htmx.removeExtension=removeExtension,htmx.logAll=logAll,htmx.logNone=logNone,htmx.parseInterval=parseInterval,htmx._=internalEval;let internalAPI={addTriggerHandler,bodyContains,canAccessLocalStorage,findThisElement,filterValues,swap,hasAttribute,getAttributeValue,getClosestAttributeValue,getClosestMatch,getExpressionVars,getHeaders,getInputValues,getInternalData,getSwapSpecification,getTriggerSpecs,getTarget,makeFragment,mergeObjects,makeSettleInfo,oobSwap,querySelectorExt,settleImmediately,shouldCancel,triggerEvent,triggerErrorEvent,withExtensions},VERBS=["get","post","put","delete","patch"],VERB_SELECTOR=VERBS.map(function(e){return"[hx-"+e+"], [data-hx-"+e+"]"}).join(", ");function parseInterval(e){if(e==null)return;let t=NaN;return e.slice(-2)=="ms"?t=parseFloat(e.slice(0,-2)):e.slice(-1)=="s"?t=parseFloat(e.slice(0,-1))*1e3:e.slice(-1)=="m"?t=parseFloat(e.slice(0,-1))*1e3*60:t=parseFloat(e),isNaN(t)?void 0:t}function getRawAttribute(e,t){return e instanceof Element&&e.getAttribute(t)}function hasAttribute(e,t){return!!e.hasAttribute&&(e.hasAttribute(t)||e.hasAttribute("data-"+t))}function getAttributeValue(e,t){return getRawAttribute(e,t)||getRawAttribute(e,"data-"+t)}function parentElt(e){let t=e.parentElement;return!t&&e.parentNode instanceof ShadowRoot?e.parentNode:t}function getDocument(){return document}function getRootNode(e,t){return e.getRootNode?e.getRootNode({composed:t}):getDocument()}function getClosestMatch(e,t){for(;e&&!t(e);)e=parentElt(e);return e||null}function getAttributeValueWithDisinheritance(e,t,n){let r=getAttributeValue(t,n),o=getAttributeValue(t,"hx-disinherit");var i=getAttributeValue(t,"hx-inherit");if(e!==t){if(htmx.config.disableInheritance)return i&&(i==="*"||i.split(" ").indexOf(n)>=0)?r:null;if(o&&(o==="*"||o.split(" ").indexOf(n)>=0))return"unset"}return r}function getClosestAttributeValue(e,t){let n=null;if(getClosestMatch(e,function(r){return!!(n=getAttributeValueWithDisinheritance(e,asElement(r),t))}),n!=="unset")return n}function matches(e,t){return e instanceof Element&&e.matches(t)}function getStartTag(e){let n=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i.exec(e);return n?n[1].toLowerCase():""}function parseHTML(e){return"parseHTMLUnsafe"in Document?Document.parseHTMLUnsafe(e):new DOMParser().parseFromString(e,"text/html")}function takeChildrenFor(e,t){for(;t.childNodes.length>0;)e.append(t.childNodes[0])}function duplicateScript(e){let t=getDocument().createElement("script");return forEach(e.attributes,function(n){t.setAttribute(n.name,n.value)}),t.textContent=e.textContent,t.async=!1,htmx.config.inlineScriptNonce&&(t.nonce=htmx.config.inlineScriptNonce),t}function isJavaScriptScriptNode(e){return e.matches("script")&&(e.type==="text/javascript"||e.type==="module"||e.type==="")}function normalizeScriptTags(e){Array.from(e.querySelectorAll("script")).forEach(t=>{if(isJavaScriptScriptNode(t)){let n=duplicateScript(t),r=t.parentNode;try{r.insertBefore(n,t)}catch(o){logError(o)}finally{t.remove()}}})}function makeFragment(e){let t=e.replace(/<head(\s[^>]*)?>[\s\S]*?<\/head>/i,""),n=getStartTag(t),r;if(n==="html"){r=new DocumentFragment;let i=parseHTML(e);takeChildrenFor(r,i.body),r.title=i.title}else if(n==="body"){r=new DocumentFragment;let i=parseHTML(t);takeChildrenFor(r,i.body),r.title=i.title}else{let i=parseHTML('<body><template class="internal-htmx-wrapper">'+t+"</template></body>");r=i.querySelector("template").content,r.title=i.title;var o=r.querySelector("title");o&&o.parentNode===r&&(o.remove(),r.title=o.innerText)}return r&&(htmx.config.allowScriptTags?normalizeScriptTags(r):r.querySelectorAll("script").forEach(i=>i.remove())),r}function maybeCall(e){e&&e()}function isType(e,t){return Object.prototype.toString.call(e)==="[object "+t+"]"}function isFunction(e){return typeof e=="function"}function isRawObject(e){return isType(e,"Object")}function getInternalData(e){let t="htmx-internal-data",n=e[t];return n||(n=e[t]={}),n}function toArray(e){let t=[];if(e)for(let n=0;n<e.length;n++)t.push(e[n]);return t}function forEach(e,t){if(e)for(let n=0;n<e.length;n++)t(e[n])}function isScrolledIntoView(e){let t=e.getBoundingClientRect(),n=t.top,r=t.bottom;return n<window.innerHeight&&r>=0}function bodyContains(e){return e.getRootNode({composed:!0})===document}function splitOnWhitespace(e){return e.trim().split(/\s+/)}function mergeObjects(e,t){for(let n in t)t.hasOwnProperty(n)&&(e[n]=t[n]);return e}function parseJSON(e){try{return JSON.parse(e)}catch(t){return logError(t),null}}function canAccessLocalStorage(){let e="htmx:sessionStorageTest";try{return sessionStorage.setItem(e,e),sessionStorage.removeItem(e),!0}catch{return!1}}function normalizePath(e){let t=new URL(e,"http://x");return t&&(e=t.pathname+t.search),e!="/"&&(e=e.replace(/\/+$/,"")),e}function internalEval(str){return maybeEval(getDocument().body,function(){return eval(str)})}function onLoadHelper(e){return htmx.on("htmx:load",function(n){e(n.detail.elt)})}function logAll(){htmx.logger=function(e,t,n){console&&console.log(t,e,n)}}function logNone(){htmx.logger=null}function find(e,t){return typeof e!="string"?e.querySelector(t):find(getDocument(),e)}function findAll(e,t){return typeof e!="string"?e.querySelectorAll(t):findAll(getDocument(),e)}function getWindow(){return window}function removeElement(e,t){e=resolveTarget(e),t?getWindow().setTimeout(function(){removeElement(e),e=null},t):parentElt(e).removeChild(e)}function asElement(e){return e instanceof Element?e:null}function asHtmlElement(e){return e instanceof HTMLElement?e:null}function asString(e){return typeof e=="string"?e:null}function asParentNode(e){return e instanceof Element||e instanceof Document||e instanceof DocumentFragment?e:null}function addClassToElement(e,t,n){e=asElement(resolveTarget(e)),e&&(n?getWindow().setTimeout(function(){addClassToElement(e,t),e=null},n):e.classList&&e.classList.add(t))}function removeClassFromElement(e,t,n){let r=asElement(resolveTarget(e));r&&(n?getWindow().setTimeout(function(){removeClassFromElement(r,t),r=null},n):r.classList&&(r.classList.remove(t),r.classList.length===0&&r.removeAttribute("class")))}function toggleClassOnElement(e,t){e=resolveTarget(e),e.classList.toggle(t)}function takeClassForElement(e,t){e=resolveTarget(e),forEach(e.parentElement.children,function(n){removeClassFromElement(n,t)}),addClassToElement(asElement(e),t)}function closest(e,t){return e=asElement(resolveTarget(e)),e?e.closest(t):null}function startsWith(e,t){return e.substring(0,t.length)===t}function endsWith(e,t){return e.substring(e.length-t.length)===t}function normalizeSelector(e){let t=e.trim();return startsWith(t,"<")&&endsWith(t,"/>")?t.substring(1,t.length-2):t}function querySelectorAllExt(e,t,n){if(t.indexOf("global ")===0)return querySelectorAllExt(e,t.slice(7),!0);e=resolveTarget(e);let r=[];{let s=0,a=0;for(let l=0;l<t.length;l++){let c=t[l];if(c===","&&s===0){r.push(t.substring(a,l)),a=l+1;continue}c==="<"?s++:c==="/"&&l<t.length-1&&t[l+1]===">"&&s--}a<t.length&&r.push(t.substring(a))}let o=[],i=[];for(;r.length>0;){let s=normalizeSelector(r.shift()),a;s.indexOf("closest ")===0?a=closest(asElement(e),normalizeSelector(s.slice(8))):s.indexOf("find ")===0?a=find(asParentNode(e),normalizeSelector(s.slice(5))):s==="next"||s==="nextElementSibling"?a=asElement(e).nextElementSibling:s.indexOf("next ")===0?a=scanForwardQuery(e,normalizeSelector(s.slice(5)),!!n):s==="previous"||s==="previousElementSibling"?a=asElement(e).previousElementSibling:s.indexOf("previous ")===0?a=scanBackwardsQuery(e,normalizeSelector(s.slice(9)),!!n):s==="document"?a=document:s==="window"?a=window:s==="body"?a=document.body:s==="root"?a=getRootNode(e,!!n):s==="host"?a=e.getRootNode().host:i.push(s),a&&o.push(a)}if(i.length>0){let s=i.join(","),a=asParentNode(getRootNode(e,!!n));o.push(...toArray(a.querySelectorAll(s)))}return o}var scanForwardQuery=function(e,t,n){let r=asParentNode(getRootNode(e,n)).querySelectorAll(t);for(let o=0;o<r.length;o++){let i=r[o];if(i.compareDocumentPosition(e)===Node.DOCUMENT_POSITION_PRECEDING)return i}},scanBackwardsQuery=function(e,t,n){let r=asParentNode(getRootNode(e,n)).querySelectorAll(t);for(let o=r.length-1;o>=0;o--){let i=r[o];if(i.compareDocumentPosition(e)===Node.DOCUMENT_POSITION_FOLLOWING)return i}};function querySelectorExt(e,t){return typeof e!="string"?querySelectorAllExt(e,t)[0]:querySelectorAllExt(getDocument().body,e)[0]}function resolveTarget(e,t){return typeof e=="string"?find(asParentNode(t)||document,e):e}function processEventArgs(e,t,n,r){return isFunction(t)?{target:getDocument().body,event:asString(e),listener:t,options:n}:{target:resolveTarget(e),event:asString(t),listener:n,options:r}}function addEventListenerImpl(e,t,n,r){return ready(function(){let i=processEventArgs(e,t,n,r);i.target.addEventListener(i.event,i.listener,i.options)}),isFunction(t)?t:n}function removeEventListenerImpl(e,t,n){return ready(function(){let r=processEventArgs(e,t,n);r.target.removeEventListener(r.event,r.listener)}),isFunction(t)?t:n}let DUMMY_ELT=getDocument().createElement("output");function findAttributeTargets(e,t){let n=getClosestAttributeValue(e,t);if(n){if(n==="this")return[findThisElement(e,t)];{let r=querySelectorAllExt(e,n);if(/(^|,)(\s*)inherit(\s*)($|,)/.test(n)){let i=asElement(getClosestMatch(e,function(s){return s!==e&&hasAttribute(asElement(s),t)}));i&&r.push(...findAttributeTargets(i,t))}return r.length===0?(logError('The selector "'+n+'" on '+t+" returned no matches!"),[DUMMY_ELT]):r}}}function findThisElement(e,t){return asElement(getClosestMatch(e,function(n){return getAttributeValue(asElement(n),t)!=null}))}function getTarget(e){let t=getClosestAttributeValue(e,"hx-target");return t?t==="this"?findThisElement(e,"hx-target"):querySelectorExt(e,t):getInternalData(e).boosted?getDocument().body:e}function shouldSettleAttribute(e){return htmx.config.attributesToSettle.includes(e)}function cloneAttributes(e,t){forEach(Array.from(e.attributes),function(n){!t.hasAttribute(n.name)&&shouldSettleAttribute(n.name)&&e.removeAttribute(n.name)}),forEach(t.attributes,function(n){shouldSettleAttribute(n.name)&&e.setAttribute(n.name,n.value)})}function isInlineSwap(e,t){let n=getExtensions(t);for(let r=0;r<n.length;r++){let o=n[r];try{if(o.isInlineSwap(e))return!0}catch(i){logError(i)}}return e==="outerHTML"}function oobSwap(e,t,n,r){r=r||getDocument();let o="#"+CSS.escape(getRawAttribute(t,"id")),i="outerHTML";e==="true"||(e.indexOf(":")>0?(i=e.substring(0,e.indexOf(":")),o=e.substring(e.indexOf(":")+1)):i=e),t.removeAttribute("hx-swap-oob"),t.removeAttribute("data-hx-swap-oob");let s=querySelectorAllExt(r,o,!1);return s.length?(forEach(s,function(a){let l,c=t.cloneNode(!0);l=getDocument().createDocumentFragment(),l.appendChild(c),isInlineSwap(i,a)||(l=asParentNode(c));let h={shouldSwap:!0,target:a,fragment:l};triggerEvent(a,"htmx:oobBeforeSwap",h)&&(a=h.target,h.shouldSwap&&(handlePreservedElements(l),swapWithStyle(i,a,a,l,n),restorePreservedElements()),forEach(n.elts,function(u){triggerEvent(u,"htmx:oobAfterSwap",h)}))}),t.parentNode.removeChild(t)):(t.parentNode.removeChild(t),triggerErrorEvent(getDocument().body,"htmx:oobErrorNoTarget",{content:t})),e}function restorePreservedElements(){let e=find("#--htmx-preserve-pantry--");if(e){for(let t of[...e.children]){let n=find("#"+t.id);n.parentNode.moveBefore(t,n),n.remove()}e.remove()}}function handlePreservedElements(e){forEach(findAll(e,"[hx-preserve], [data-hx-preserve]"),function(t){let n=getAttributeValue(t,"id"),r=getDocument().getElementById(n);if(r!=null)if(t.moveBefore){let o=find("#--htmx-preserve-pantry--");o==null&&(getDocument().body.insertAdjacentHTML("afterend","<div id='--htmx-preserve-pantry--'></div>"),o=find("#--htmx-preserve-pantry--")),o.moveBefore(r,null)}else t.parentNode.replaceChild(r,t)})}function handleAttributes(e,t,n){forEach(t.querySelectorAll("[id]"),function(r){let o=getRawAttribute(r,"id");if(o&&o.length>0){let i=o.replace("'","\\'"),s=r.tagName.replace(":","\\:"),a=asParentNode(e),l=a&&a.querySelector(s+"[id='"+i+"']");if(l&&l!==a){let c=r.cloneNode();cloneAttributes(r,l),n.tasks.push(function(){cloneAttributes(r,c)})}}})}function makeAjaxLoadTask(e){return function(){removeClassFromElement(e,htmx.config.addedClass),processNode(asElement(e)),processFocus(asParentNode(e)),triggerEvent(e,"htmx:load")}}function processFocus(e){let t="[autofocus]",n=asHtmlElement(matches(e,t)?e:e.querySelector(t));n?.focus()}function insertNodesBefore(e,t,n,r){for(handleAttributes(e,n,r);n.childNodes.length>0;){let o=n.firstChild;addClassToElement(asElement(o),htmx.config.addedClass),e.insertBefore(o,t),o.nodeType!==Node.TEXT_NODE&&o.nodeType!==Node.COMMENT_NODE&&r.tasks.push(makeAjaxLoadTask(o))}}function stringHash(e,t){let n=0;for(;n<e.length;)t=(t<<5)-t+e.charCodeAt(n++)|0;return t}function attributeHash(e){let t=0;for(let n=0;n<e.attributes.length;n++){let r=e.attributes[n];r.value&&(t=stringHash(r.name,t),t=stringHash(r.value,t))}return t}function deInitOnHandlers(e){let t=getInternalData(e);if(t.onHandlers){for(let n=0;n<t.onHandlers.length;n++){let r=t.onHandlers[n];removeEventListenerImpl(e,r.event,r.listener)}delete t.onHandlers}}function deInitNode(e){let t=getInternalData(e);t.timeout&&clearTimeout(t.timeout),t.listenerInfos&&forEach(t.listenerInfos,function(n){n.on&&removeEventListenerImpl(n.on,n.trigger,n.listener)}),deInitOnHandlers(e),forEach(Object.keys(t),function(n){n!=="firstInitCompleted"&&delete t[n]})}function cleanUpElement(e){triggerEvent(e,"htmx:beforeCleanupElement"),deInitNode(e),forEach(e.children,function(t){cleanUpElement(t)})}function swapOuterHTML(e,t,n){if(e.tagName==="BODY")return swapInnerHTML(e,t,n);let r,o=e.previousSibling,i=parentElt(e);if(i){for(insertNodesBefore(i,e,t,n),o==null?r=i.firstChild:r=o.nextSibling,n.elts=n.elts.filter(function(s){return s!==e});r&&r!==e;)r instanceof Element&&n.elts.push(r),r=r.nextSibling;cleanUpElement(e),e.remove()}}function swapAfterBegin(e,t,n){return insertNodesBefore(e,e.firstChild,t,n)}function swapBeforeBegin(e,t,n){return insertNodesBefore(parentElt(e),e,t,n)}function swapBeforeEnd(e,t,n){return insertNodesBefore(e,null,t,n)}function swapAfterEnd(e,t,n){return insertNodesBefore(parentElt(e),e.nextSibling,t,n)}function swapDelete(e){cleanUpElement(e);let t=parentElt(e);if(t)return t.removeChild(e)}function swapInnerHTML(e,t,n){let r=e.firstChild;if(insertNodesBefore(e,r,t,n),r){for(;r.nextSibling;)cleanUpElement(r.nextSibling),e.removeChild(r.nextSibling);cleanUpElement(r),e.removeChild(r)}}function swapWithStyle(e,t,n,r,o){switch(e){case"none":return;case"outerHTML":swapOuterHTML(n,r,o);return;case"afterbegin":swapAfterBegin(n,r,o);return;case"beforebegin":swapBeforeBegin(n,r,o);return;case"beforeend":swapBeforeEnd(n,r,o);return;case"afterend":swapAfterEnd(n,r,o);return;case"delete":swapDelete(n);return;default:var i=getExtensions(t);for(let s=0;s<i.length;s++){let a=i[s];try{let l=a.handleSwap(e,n,r,o);if(l){if(Array.isArray(l))for(let c=0;c<l.length;c++){let h=l[c];h.nodeType!==Node.TEXT_NODE&&h.nodeType!==Node.COMMENT_NODE&&o.tasks.push(makeAjaxLoadTask(h))}return}}catch(l){logError(l)}}e==="innerHTML"?swapInnerHTML(n,r,o):swapWithStyle(htmx.config.defaultSwapStyle,t,n,r,o)}}function findAndSwapOobElements(e,t,n){var r=findAll(e,"[hx-swap-oob], [data-hx-swap-oob]");return forEach(r,function(o){if(htmx.config.allowNestedOobSwaps||o.parentElement===null){let i=getAttributeValue(o,"hx-swap-oob");i!=null&&oobSwap(i,o,t,n)}else o.removeAttribute("hx-swap-oob"),o.removeAttribute("data-hx-swap-oob")}),r.length>0}function swap(e,t,n,r){r||(r={});let o=null,i=null,s=function(){maybeCall(r.beforeSwapCallback),e=resolveTarget(e);let c=r.contextElement?getRootNode(r.contextElement,!1):getDocument(),h=document.activeElement,u={};u={elt:h,start:h?h.selectionStart:null,end:h?h.selectionEnd:null};let f=makeSettleInfo(e);if(n.swapStyle==="textContent")e.textContent=t;else{let d=makeFragment(t);if(f.title=r.title||d.title,r.historyRequest&&(d=d.querySelector("[hx-history-elt],[data-hx-history-elt]")||d),r.selectOOB){let y=r.selectOOB.split(",");for(let m=0;m<y.length;m++){let x=y[m].split(":",2),b=x[0].trim();b.indexOf("#")===0&&(b=b.substring(1));let E=x[1]||"true",g=d.querySelector("#"+b);g&&oobSwap(E,g,f,c)}}if(findAndSwapOobElements(d,f,c),forEach(findAll(d,"template"),function(y){y.content&&findAndSwapOobElements(y.content,f,c)&&y.remove()}),r.select){let y=getDocument().createDocumentFragment();forEach(d.querySelectorAll(r.select),function(m){y.appendChild(m)}),d=y}handlePreservedElements(d),swapWithStyle(n.swapStyle,r.contextElement,e,d,f),restorePreservedElements()}if(u.elt&&!bodyContains(u.elt)&&getRawAttribute(u.elt,"id")){let d=document.getElementById(getRawAttribute(u.elt,"id")),y={preventScroll:n.focusScroll!==void 0?!n.focusScroll:!htmx.config.defaultFocusScroll};if(d){if(u.start&&d.setSelectionRange)try{d.setSelectionRange(u.start,u.end)}catch{}d.focus(y)}}e.classList.remove(htmx.config.swappingClass),forEach(f.elts,function(d){d.classList&&d.classList.add(htmx.config.settlingClass),triggerEvent(d,"htmx:afterSwap",r.eventInfo)}),maybeCall(r.afterSwapCallback),n.ignoreTitle||handleTitle(f.title);let v=function(){if(forEach(f.tasks,function(d){d.call()}),forEach(f.elts,function(d){d.classList&&d.classList.remove(htmx.config.settlingClass),triggerEvent(d,"htmx:afterSettle",r.eventInfo)}),r.anchor){let d=asElement(resolveTarget("#"+r.anchor));d&&d.scrollIntoView({block:"start",behavior:"auto"})}updateScrollState(f.elts,n),maybeCall(r.afterSettleCallback),maybeCall(o)};n.settleDelay>0?getWindow().setTimeout(v,n.settleDelay):v()},a=htmx.config.globalViewTransitions;n.hasOwnProperty("transition")&&(a=n.transition);let l=r.contextElement||getDocument();if(a&&triggerEvent(l,"htmx:beforeTransition",r.eventInfo)&&typeof Promise<"u"&&document.startViewTransition){let c=new Promise(function(u,f){o=u,i=f}),h=s;s=function(){document.startViewTransition(function(){return h(),c})}}try{n?.swapDelay&&n.swapDelay>0?getWindow().setTimeout(s,n.swapDelay):s()}catch(c){throw triggerErrorEvent(l,"htmx:swapError",r.eventInfo),maybeCall(i),c}}function handleTriggerHeader(e,t,n){let r=e.getResponseHeader(t);if(r.indexOf("{")===0){let o=parseJSON(r);for(let i in o)if(o.hasOwnProperty(i)){let s=o[i];isRawObject(s)?n=s.target!==void 0?s.target:n:s={value:s},triggerEvent(n,i,s)}}else{let o=r.split(",");for(let i=0;i<o.length;i++)triggerEvent(n,o[i].trim(),[])}}let WHITESPACE=/\s/,WHITESPACE_OR_COMMA=/[\s,]/,SYMBOL_START=/[_$a-zA-Z]/,SYMBOL_CONT=/[_$a-zA-Z0-9]/,STRINGISH_START=['"',"'","/"],NOT_WHITESPACE=/[^\s]/,COMBINED_SELECTOR_START=/[{(]/,COMBINED_SELECTOR_END=/[})]/;function tokenizeString(e){let t=[],n=0;for(;n<e.length;){if(SYMBOL_START.exec(e.charAt(n))){for(var r=n;SYMBOL_CONT.exec(e.charAt(n+1));)n++;t.push(e.substring(r,n+1))}else if(STRINGISH_START.indexOf(e.charAt(n))!==-1){let o=e.charAt(n);var r=n;for(n++;n<e.length&&e.charAt(n)!==o;)e.charAt(n)==="\\"&&n++,n++;t.push(e.substring(r,n+1))}else{let o=e.charAt(n);t.push(o)}n++}return t}function isPossibleRelativeReference(e,t,n){return SYMBOL_START.exec(e.charAt(0))&&e!=="true"&&e!=="false"&&e!=="this"&&e!==n&&t!=="."}function maybeGenerateConditional(e,t,n){if(t[0]==="["){t.shift();let r=1,o=" return (function("+n+"){ return (",i=null;for(;t.length>0;){let s=t[0];if(s==="]"){if(r--,r===0){i===null&&(o=o+"true"),t.shift(),o+=")})";try{let a=maybeEval(e,function(){return Function(o)()},function(){return!0});return a.source=o,a}catch(a){return triggerErrorEvent(getDocument().body,"htmx:syntax:error",{error:a,source:o}),null}}}else s==="["&&r++;isPossibleRelativeReference(s,i,n)?o+="(("+n+"."+s+") ? ("+n+"."+s+") : (window."+s+"))":o=o+s,i=t.shift()}}}function consumeUntil(e,t){let n="";for(;e.length>0&&!t.test(e[0]);)n+=e.shift();return n}function consumeCSSSelector(e){let t;return e.length>0&&COMBINED_SELECTOR_START.test(e[0])?(e.shift(),t=consumeUntil(e,COMBINED_SELECTOR_END).trim(),e.shift()):t=consumeUntil(e,WHITESPACE_OR_COMMA),t}let INPUT_SELECTOR="input, textarea, select";function parseAndCacheTrigger(e,t,n){let r=[],o=tokenizeString(t);do{consumeUntil(o,NOT_WHITESPACE);let a=o.length,l=consumeUntil(o,/[,\[\s]/);if(l!=="")if(l==="every"){let c={trigger:"every"};consumeUntil(o,NOT_WHITESPACE),c.pollInterval=parseInterval(consumeUntil(o,/[,\[\s]/)),consumeUntil(o,NOT_WHITESPACE);var i=maybeGenerateConditional(e,o,"event");i&&(c.eventFilter=i),r.push(c)}else{let c={trigger:l};var i=maybeGenerateConditional(e,o,"event");for(i&&(c.eventFilter=i),consumeUntil(o,NOT_WHITESPACE);o.length>0&&o[0]!==",";){let u=o.shift();if(u==="changed")c.changed=!0;else if(u==="once")c.once=!0;else if(u==="consume")c.consume=!0;else if(u==="delay"&&o[0]===":")o.shift(),c.delay=parseInterval(consumeUntil(o,WHITESPACE_OR_COMMA));else if(u==="from"&&o[0]===":"){if(o.shift(),COMBINED_SELECTOR_START.test(o[0]))var s=consumeCSSSelector(o);else{var s=consumeUntil(o,WHITESPACE_OR_COMMA);if(s==="closest"||s==="find"||s==="next"||s==="previous"){o.shift();let v=consumeCSSSelector(o);v.length>0&&(s+=" "+v)}}c.from=s}else u==="target"&&o[0]===":"?(o.shift(),c.target=consumeCSSSelector(o)):u==="throttle"&&o[0]===":"?(o.shift(),c.throttle=parseInterval(consumeUntil(o,WHITESPACE_OR_COMMA))):u==="queue"&&o[0]===":"?(o.shift(),c.queue=consumeUntil(o,WHITESPACE_OR_COMMA)):u==="root"&&o[0]===":"?(o.shift(),c[u]=consumeCSSSelector(o)):u==="threshold"&&o[0]===":"?(o.shift(),c[u]=consumeUntil(o,WHITESPACE_OR_COMMA)):triggerErrorEvent(e,"htmx:syntax:error",{token:o.shift()});consumeUntil(o,NOT_WHITESPACE)}r.push(c)}o.length===a&&triggerErrorEvent(e,"htmx:syntax:error",{token:o.shift()}),consumeUntil(o,NOT_WHITESPACE)}while(o[0]===","&&o.shift());return n&&(n[t]=r),r}function getTriggerSpecs(e){let t=getAttributeValue(e,"hx-trigger"),n=[];if(t){let r=htmx.config.triggerSpecsCache;n=r&&r[t]||parseAndCacheTrigger(e,t,r)}return n.length>0?n:matches(e,"form")?[{trigger:"submit"}]:matches(e,'input[type="button"], input[type="submit"]')?[{trigger:"click"}]:matches(e,INPUT_SELECTOR)?[{trigger:"change"}]:[{trigger:"click"}]}function cancelPolling(e){getInternalData(e).cancelled=!0}function processPolling(e,t,n){let r=getInternalData(e);r.timeout=getWindow().setTimeout(function(){bodyContains(e)&&r.cancelled!==!0&&(maybeFilterEvent(n,e,makeEvent("hx:poll:trigger",{triggerSpec:n,target:e}))||t(e),processPolling(e,t,n))},n.pollInterval)}function isLocalLink(e){return location.hostname===e.hostname&&getRawAttribute(e,"href")&&getRawAttribute(e,"href").indexOf("#")!==0}function eltIsDisabled(e){return closest(e,htmx.config.disableSelector)}function boostElement(e,t,n){if(e instanceof HTMLAnchorElement&&isLocalLink(e)&&(e.target===""||e.target==="_self")||e.tagName==="FORM"&&String(getRawAttribute(e,"method")).toLowerCase()!=="dialog"){t.boosted=!0;let r,o;if(e.tagName==="A")r="get",o=getRawAttribute(e,"href");else{let i=getRawAttribute(e,"method");r=i?i.toLowerCase():"get",o=getRawAttribute(e,"action"),(o==null||o==="")&&(o=location.href),r==="get"&&o.includes("?")&&(o=o.replace(/\?[^#]+/,""))}n.forEach(function(i){addEventListener(e,function(s,a){let l=asElement(s);if(eltIsDisabled(l)){cleanUpElement(l);return}issueAjaxRequest(r,o,l,a)},t,i,!0)})}}function shouldCancel(e,t){if(e.type==="submit"&&t.tagName==="FORM")return!0;if(e.type==="click"){let n=t.closest('input[type="submit"], button');if(n&&n.form&&n.type==="submit")return!0;let r=t.closest("a"),o=/^#.+/;if(r&&r.href&&!o.test(r.getAttribute("href")))return!0}return!1}function ignoreBoostedAnchorCtrlClick(e,t){return getInternalData(e).boosted&&e instanceof HTMLAnchorElement&&t.type==="click"&&(t.ctrlKey||t.metaKey)}function maybeFilterEvent(e,t,n){let r=e.eventFilter;if(r)try{return r.call(t,n)!==!0}catch(o){let i=r.source;return triggerErrorEvent(getDocument().body,"htmx:eventFilter:error",{error:o,source:i}),!0}return!1}function addEventListener(e,t,n,r,o){let i=getInternalData(e),s;r.from?s=querySelectorAllExt(e,r.from):s=[e],r.changed&&("lastValue"in i||(i.lastValue=new WeakMap),s.forEach(function(a){i.lastValue.has(r)||i.lastValue.set(r,new WeakMap),i.lastValue.get(r).set(a,a.value)})),forEach(s,function(a){let l=function(c){if(!bodyContains(e)){a.removeEventListener(r.trigger,l);return}if(ignoreBoostedAnchorCtrlClick(e,c)||((o||shouldCancel(c,a))&&c.preventDefault(),maybeFilterEvent(r,e,c)))return;let h=getInternalData(c);if(h.triggerSpec=r,h.handledFor==null&&(h.handledFor=[]),h.handledFor.indexOf(e)<0){if(h.handledFor.push(e),r.consume&&c.stopPropagation(),r.target&&c.target&&!matches(asElement(c.target),r.target))return;if(r.once){if(i.triggeredOnce)return;i.triggeredOnce=!0}if(r.changed){let u=c.target,f=u.value,v=i.lastValue.get(r);if(v.has(u)&&v.get(u)===f)return;v.set(u,f)}if(i.delayed&&clearTimeout(i.delayed),i.throttle)return;r.throttle>0?i.throttle||(triggerEvent(e,"htmx:trigger"),t(e,c),i.throttle=getWindow().setTimeout(function(){i.throttle=null},r.throttle)):r.delay>0?i.delayed=getWindow().setTimeout(function(){triggerEvent(e,"htmx:trigger"),t(e,c)},r.delay):(triggerEvent(e,"htmx:trigger"),t(e,c))}};n.listenerInfos==null&&(n.listenerInfos=[]),n.listenerInfos.push({trigger:r.trigger,listener:l,on:a}),a.addEventListener(r.trigger,l)})}let windowIsScrolling=!1,scrollHandler=null;function initScrollHandler(){scrollHandler||(scrollHandler=function(){windowIsScrolling=!0},window.addEventListener("scroll",scrollHandler),window.addEventListener("resize",scrollHandler),setInterval(function(){windowIsScrolling&&(windowIsScrolling=!1,forEach(getDocument().querySelectorAll("[hx-trigger*='revealed'],[data-hx-trigger*='revealed']"),function(e){maybeReveal(e)}))},200))}function maybeReveal(e){!hasAttribute(e,"data-hx-revealed")&&isScrolledIntoView(e)&&(e.setAttribute("data-hx-revealed","true"),getInternalData(e).initHash?triggerEvent(e,"revealed"):e.addEventListener("htmx:afterProcessNode",function(){triggerEvent(e,"revealed")},{once:!0}))}function loadImmediately(e,t,n,r){let o=function(){n.loaded||(n.loaded=!0,triggerEvent(e,"htmx:trigger"),t(e))};r>0?getWindow().setTimeout(o,r):o()}function processVerbs(e,t,n){let r=!1;return forEach(VERBS,function(o){if(hasAttribute(e,"hx-"+o)){let i=getAttributeValue(e,"hx-"+o);r=!0,t.path=i,t.verb=o,n.forEach(function(s){addTriggerHandler(e,s,t,function(a,l){let c=asElement(a);if(eltIsDisabled(c)){cleanUpElement(c);return}issueAjaxRequest(o,i,c,l)})})}}),r}function addTriggerHandler(e,t,n,r){if(t.trigger==="revealed")initScrollHandler(),addEventListener(e,r,n,t),maybeReveal(asElement(e));else if(t.trigger==="intersect"){let o={};t.root&&(o.root=querySelectorExt(e,t.root)),t.threshold&&(o.threshold=parseFloat(t.threshold)),new IntersectionObserver(function(s){for(let a=0;a<s.length;a++)if(s[a].isIntersecting){triggerEvent(e,"intersect");break}},o).observe(asElement(e)),addEventListener(asElement(e),r,n,t)}else!n.firstInitCompleted&&t.trigger==="load"?maybeFilterEvent(t,e,makeEvent("load",{elt:e}))||loadImmediately(asElement(e),r,n,t.delay):t.pollInterval>0?(n.polling=!0,processPolling(asElement(e),r,t)):addEventListener(e,r,n,t)}function shouldProcessHxOn(e){let t=asElement(e);if(!t)return!1;let n=t.attributes;for(let r=0;r<n.length;r++){let o=n[r].name;if(startsWith(o,"hx-on:")||startsWith(o,"data-hx-on:")||startsWith(o,"hx-on-")||startsWith(o,"data-hx-on-"))return!0}return!1}let HX_ON_QUERY=new XPathEvaluator().createExpression('.//*[@*[ starts-with(name(), "hx-on:") or starts-with(name(), "data-hx-on:") or starts-with(name(), "hx-on-") or starts-with(name(), "data-hx-on-") ]]');function processHXOnRoot(e,t){shouldProcessHxOn(e)&&t.push(asElement(e));let n=HX_ON_QUERY.evaluate(e),r=null;for(;r=n.iterateNext();)t.push(asElement(r))}function findHxOnWildcardElements(e){let t=[];if(e instanceof DocumentFragment)for(let n of e.childNodes)processHXOnRoot(n,t);else processHXOnRoot(e,t);return t}function findElementsToProcess(e){if(e.querySelectorAll){let n=", [hx-boost] a, [data-hx-boost] a, a[hx-boost], a[data-hx-boost]",r=[];for(let i in extensions){let s=extensions[i];if(s.getSelectors){var t=s.getSelectors();t&&r.push(t)}}return e.querySelectorAll(VERB_SELECTOR+n+", form, [type='submit'], [hx-ext], [data-hx-ext], [hx-trigger], [data-hx-trigger]"+r.flat().map(i=>", "+i).join(""))}else return[]}function maybeSetLastButtonClicked(e){let t=getTargetButton(e.target),n=getRelatedFormData(e);n&&(n.lastButtonClicked=t)}function maybeUnsetLastButtonClicked(e){let t=getRelatedFormData(e);t&&(t.lastButtonClicked=null)}function getTargetButton(e){return closest(asElement(e),"button, input[type='submit']")}function getRelatedForm(e){return e.form||closest(e,"form")}function getRelatedFormData(e){let t=getTargetButton(e.target);if(!t)return;let n=getRelatedForm(t);if(n)return getInternalData(n)}function initButtonTracking(e){e.addEventListener("click",maybeSetLastButtonClicked),e.addEventListener("focusin",maybeSetLastButtonClicked),e.addEventListener("focusout",maybeUnsetLastButtonClicked)}function addHxOnEventHandler(e,t,n){let r=getInternalData(e);Array.isArray(r.onHandlers)||(r.onHandlers=[]);let o,i=function(s){maybeEval(e,function(){eltIsDisabled(e)||(o||(o=new Function("event",n)),o.call(e,s))})};e.addEventListener(t,i),r.onHandlers.push({event:t,listener:i})}function processHxOnWildcard(e){deInitOnHandlers(e);for(let t=0;t<e.attributes.length;t++){let n=e.attributes[t].name,r=e.attributes[t].value;if(startsWith(n,"hx-on")||startsWith(n,"data-hx-on")){let o=n.indexOf("-on")+3,i=n.slice(o,o+1);if(i==="-"||i===":"){let s=n.slice(o+1);startsWith(s,":")?s="htmx"+s:startsWith(s,"-")?s="htmx:"+s.slice(1):startsWith(s,"htmx-")&&(s="htmx:"+s.slice(5)),addHxOnEventHandler(e,s,r)}}}}function initNode(e){triggerEvent(e,"htmx:beforeProcessNode");let t=getInternalData(e),n=getTriggerSpecs(e);processVerbs(e,t,n)||(getClosestAttributeValue(e,"hx-boost")==="true"?boostElement(e,t,n):hasAttribute(e,"hx-trigger")&&n.forEach(function(o){addTriggerHandler(e,o,t,function(){})})),(e.tagName==="FORM"||getRawAttribute(e,"type")==="submit"&&hasAttribute(e,"form"))&&initButtonTracking(e),t.firstInitCompleted=!0,triggerEvent(e,"htmx:afterProcessNode")}function maybeDeInitAndHash(e){if(!(e instanceof Element))return!1;let t=getInternalData(e),n=attributeHash(e);return t.initHash!==n?(deInitNode(e),t.initHash=n,!0):!1}function processNode(e){if(e=resolveTarget(e),eltIsDisabled(e)){cleanUpElement(e);return}let t=[];maybeDeInitAndHash(e)&&t.push(e),forEach(findElementsToProcess(e),function(n){if(eltIsDisabled(n)){cleanUpElement(n);return}maybeDeInitAndHash(n)&&t.push(n)}),forEach(findHxOnWildcardElements(e),processHxOnWildcard),forEach(t,initNode)}function kebabEventName(e){return e.replace(/([a-z0-9])([A-Z])/g,"$1-$2").toLowerCase()}function makeEvent(e,t){return new CustomEvent(e,{bubbles:!0,cancelable:!0,composed:!0,detail:t})}function triggerErrorEvent(e,t,n){triggerEvent(e,t,mergeObjects({error:t},n))}function ignoreEventForLogging(e){return e==="htmx:afterProcessNode"}function withExtensions(e,t,n){forEach(getExtensions(e,[],n),function(r){try{t(r)}catch(o){logError(o)}})}function logError(e){console.error(e)}function triggerEvent(e,t,n){e=resolveTarget(e),n==null&&(n={}),n.elt=e;let r=makeEvent(t,n);htmx.logger&&!ignoreEventForLogging(t)&&htmx.logger(e,t,n),n.error&&(logError(n.error),triggerEvent(e,"htmx:error",{errorInfo:n}));let o=e.dispatchEvent(r),i=kebabEventName(t);if(o&&i!==t){let s=makeEvent(i,r.detail);o=o&&e.dispatchEvent(s)}return withExtensions(asElement(e),function(s){o=o&&s.onEvent(t,r)!==!1&&!r.defaultPrevented}),o}let currentPathForHistory;function setCurrentPathForHistory(e){currentPathForHistory=e,canAccessLocalStorage()&&sessionStorage.setItem("htmx-current-path-for-history",e)}setCurrentPathForHistory(location.pathname+location.search);function getHistoryElement(){return getDocument().querySelector("[hx-history-elt],[data-hx-history-elt]")||getDocument().body}function saveToHistoryCache(e,t){if(!canAccessLocalStorage())return;let n=cleanInnerHtmlForHistory(t),r=getDocument().title,o=window.scrollY;if(htmx.config.historyCacheSize<=0){sessionStorage.removeItem("htmx-history-cache");return}e=normalizePath(e);let i=parseJSON(sessionStorage.getItem("htmx-history-cache"))||[];for(let a=0;a<i.length;a++)if(i[a].url===e){i.splice(a,1);break}let s={url:e,content:n,title:r,scroll:o};for(triggerEvent(getDocument().body,"htmx:historyItemCreated",{item:s,cache:i}),i.push(s);i.length>htmx.config.historyCacheSize;)i.shift();for(;i.length>0;)try{sessionStorage.setItem("htmx-history-cache",JSON.stringify(i));break}catch(a){triggerErrorEvent(getDocument().body,"htmx:historyCacheError",{cause:a,cache:i}),i.shift()}}function getCachedHistory(e){if(!canAccessLocalStorage())return null;e=normalizePath(e);let t=parseJSON(sessionStorage.getItem("htmx-history-cache"))||[];for(let n=0;n<t.length;n++)if(t[n].url===e)return t[n];return null}function cleanInnerHtmlForHistory(e){let t=htmx.config.requestClass,n=e.cloneNode(!0);return forEach(findAll(n,"."+t),function(r){removeClassFromElement(r,t)}),forEach(findAll(n,"[data-disabled-by-htmx]"),function(r){r.removeAttribute("disabled")}),n.innerHTML}function saveCurrentPageToHistory(){let e=getHistoryElement(),t=currentPathForHistory;canAccessLocalStorage()&&(t=sessionStorage.getItem("htmx-current-path-for-history")),t=t||location.pathname+location.search,getDocument().querySelector('[hx-history="false" i],[data-hx-history="false" i]')||(triggerEvent(getDocument().body,"htmx:beforeHistorySave",{path:t,historyElt:e}),saveToHistoryCache(t,e)),htmx.config.historyEnabled&&history.replaceState({htmx:!0},getDocument().title,location.href)}function pushUrlIntoHistory(e){htmx.config.getCacheBusterParam&&(e=e.replace(/org\.htmx\.cache-buster=[^&]*&?/,""),(endsWith(e,"&")||endsWith(e,"?"))&&(e=e.slice(0,-1))),htmx.config.historyEnabled&&history.pushState({htmx:!0},"",e),setCurrentPathForHistory(e)}function replaceUrlInHistory(e){htmx.config.historyEnabled&&history.replaceState({htmx:!0},"",e),setCurrentPathForHistory(e)}function settleImmediately(e){forEach(e,function(t){t.call(void 0)})}function loadHistoryFromServer(e){let t=new XMLHttpRequest,n={swapStyle:"innerHTML",swapDelay:0,settleDelay:0},r={path:e,xhr:t,historyElt:getHistoryElement(),swapSpec:n};t.open("GET",e,!0),htmx.config.historyRestoreAsHxRequest&&t.setRequestHeader("HX-Request","true"),t.setRequestHeader("HX-History-Restore-Request","true"),t.setRequestHeader("HX-Current-URL",location.href),t.onload=function(){this.status>=200&&this.status<400?(r.response=this.response,triggerEvent(getDocument().body,"htmx:historyCacheMissLoad",r),swap(r.historyElt,r.response,n,{contextElement:r.historyElt,historyRequest:!0}),setCurrentPathForHistory(r.path),triggerEvent(getDocument().body,"htmx:historyRestore",{path:e,cacheMiss:!0,serverResponse:r.response})):triggerErrorEvent(getDocument().body,"htmx:historyCacheMissLoadError",r)},triggerEvent(getDocument().body,"htmx:historyCacheMiss",r)&&t.send()}function restoreHistory(e){saveCurrentPageToHistory(),e=e||location.pathname+location.search;let t=getCachedHistory(e);if(t){let n={swapStyle:"innerHTML",swapDelay:0,settleDelay:0,scroll:t.scroll},r={path:e,item:t,historyElt:getHistoryElement(),swapSpec:n};triggerEvent(getDocument().body,"htmx:historyCacheHit",r)&&(swap(r.historyElt,t.content,n,{contextElement:r.historyElt,title:t.title}),setCurrentPathForHistory(r.path),triggerEvent(getDocument().body,"htmx:historyRestore",r))}else htmx.config.refreshOnHistoryMiss?htmx.location.reload(!0):loadHistoryFromServer(e)}function addRequestIndicatorClasses(e){let t=findAttributeTargets(e,"hx-indicator");return t==null&&(t=[e]),forEach(t,function(n){let r=getInternalData(n);r.requestCount=(r.requestCount||0)+1,n.classList.add.call(n.classList,htmx.config.requestClass)}),t}function disableElements(e){let t=findAttributeTargets(e,"hx-disabled-elt");return t==null&&(t=[]),forEach(t,function(n){let r=getInternalData(n);r.requestCount=(r.requestCount||0)+1,n.setAttribute("disabled",""),n.setAttribute("data-disabled-by-htmx","")}),t}function removeRequestIndicators(e,t){forEach(e.concat(t),function(n){let r=getInternalData(n);r.requestCount=(r.requestCount||1)-1}),forEach(e,function(n){getInternalData(n).requestCount===0&&n.classList.remove.call(n.classList,htmx.config.requestClass)}),forEach(t,function(n){getInternalData(n).requestCount===0&&(n.removeAttribute("disabled"),n.removeAttribute("data-disabled-by-htmx"))})}function haveSeenNode(e,t){for(let n=0;n<e.length;n++)if(e[n].isSameNode(t))return!0;return!1}function shouldInclude(e){let t=e;return t.name===""||t.name==null||t.disabled||closest(t,"fieldset[disabled]")||t.type==="button"||t.type==="submit"||t.tagName==="image"||t.tagName==="reset"||t.tagName==="file"?!1:t.type==="checkbox"||t.type==="radio"?t.checked:!0}function addValueToFormData(e,t,n){e!=null&&t!=null&&(Array.isArray(t)?t.forEach(function(r){n.append(e,r)}):n.append(e,t))}function removeValueFromFormData(e,t,n){if(e!=null&&t!=null){let r=n.getAll(e);Array.isArray(t)?r=r.filter(o=>t.indexOf(o)<0):r=r.filter(o=>o!==t),n.delete(e),forEach(r,o=>n.append(e,o))}}function getValueFromInput(e){return e instanceof HTMLSelectElement&&e.multiple?toArray(e.querySelectorAll("option:checked")).map(function(t){return t.value}):e instanceof HTMLInputElement&&e.files?toArray(e.files):e.value}function processInputValue(e,t,n,r,o){if(!(r==null||haveSeenNode(e,r))){if(e.push(r),shouldInclude(r)){let i=getRawAttribute(r,"name");addValueToFormData(i,getValueFromInput(r),t),o&&validateElement(r,n)}r instanceof HTMLFormElement&&(forEach(r.elements,function(i){e.indexOf(i)>=0?removeValueFromFormData(i.name,getValueFromInput(i),t):e.push(i),o&&validateElement(i,n)}),new FormData(r).forEach(function(i,s){i instanceof File&&i.name===""||addValueToFormData(s,i,t)}))}}function validateElement(e,t){let n=e;n.willValidate&&(triggerEvent(n,"htmx:validation:validate"),n.checkValidity()||(triggerEvent(n,"htmx:validation:failed",{message:n.validationMessage,validity:n.validity})&&!t.length&&htmx.config.reportValidityOfForms&&n.reportValidity(),t.push({elt:n,message:n.validationMessage,validity:n.validity})))}function overrideFormData(e,t){for(let n of t.keys())e.delete(n);return t.forEach(function(n,r){e.append(r,n)}),e}function getInputValues(e,t){let n=[],r=new FormData,o=new FormData,i=[],s=getInternalData(e);s.lastButtonClicked&&!bodyContains(s.lastButtonClicked)&&(s.lastButtonClicked=null);let a=e instanceof HTMLFormElement&&e.noValidate!==!0||getAttributeValue(e,"hx-validate")==="true";if(s.lastButtonClicked&&(a=a&&s.lastButtonClicked.formNoValidate!==!0),t!=="get"&&processInputValue(n,o,i,getRelatedForm(e),a),processInputValue(n,r,i,e,a),s.lastButtonClicked||e.tagName==="BUTTON"||e.tagName==="INPUT"&&getRawAttribute(e,"type")==="submit"){let c=s.lastButtonClicked||e,h=getRawAttribute(c,"name");addValueToFormData(h,c.value,o)}let l=findAttributeTargets(e,"hx-include");return forEach(l,function(c){processInputValue(n,r,i,asElement(c),a),matches(c,"form")||forEach(asParentNode(c).querySelectorAll(INPUT_SELECTOR),function(h){processInputValue(n,r,i,h,a)})}),overrideFormData(r,o),{errors:i,formData:r,values:formDataProxy(r)}}function appendParam(e,t,n){e!==""&&(e+="&"),String(n)==="[object Object]"&&(n=JSON.stringify(n));let r=encodeURIComponent(n);return e+=encodeURIComponent(t)+"="+r,e}function urlEncode(e){e=formDataFromObject(e);let t="";return e.forEach(function(n,r){t=appendParam(t,r,n)}),t}function getHeaders(e,t,n){let r={"HX-Request":"true","HX-Trigger":getRawAttribute(e,"id"),"HX-Trigger-Name":getRawAttribute(e,"name"),"HX-Target":getAttributeValue(t,"id"),"HX-Current-URL":location.href};return getValuesForElement(e,"hx-headers",!1,r),n!==void 0&&(r["HX-Prompt"]=n),getInternalData(e).boosted&&(r["HX-Boosted"]="true"),r}function filterValues(e,t){let n=getClosestAttributeValue(t,"hx-params");if(n){if(n==="none")return new FormData;if(n==="*")return e;if(n.indexOf("not ")===0)return forEach(n.slice(4).split(","),function(r){r=r.trim(),e.delete(r)}),e;{let r=new FormData;return forEach(n.split(","),function(o){o=o.trim(),e.has(o)&&e.getAll(o).forEach(function(i){r.append(o,i)})}),r}}else return e}function isAnchorLink(e){return!!getRawAttribute(e,"href")&&getRawAttribute(e,"href").indexOf("#")>=0}function getSwapSpecification(e,t){let n=t||getClosestAttributeValue(e,"hx-swap"),r={swapStyle:getInternalData(e).boosted?"innerHTML":htmx.config.defaultSwapStyle,swapDelay:htmx.config.defaultSwapDelay,settleDelay:htmx.config.defaultSettleDelay};if(htmx.config.scrollIntoViewOnBoost&&getInternalData(e).boosted&&!isAnchorLink(e)&&(r.show="top"),n){let s=splitOnWhitespace(n);if(s.length>0)for(let a=0;a<s.length;a++){let l=s[a];if(l.indexOf("swap:")===0)r.swapDelay=parseInterval(l.slice(5));else if(l.indexOf("settle:")===0)r.settleDelay=parseInterval(l.slice(7));else if(l.indexOf("transition:")===0)r.transition=l.slice(11)==="true";else if(l.indexOf("ignoreTitle:")===0)r.ignoreTitle=l.slice(12)==="true";else if(l.indexOf("scroll:")===0){var o=l.slice(7).split(":");let h=o.pop();var i=o.length>0?o.join(":"):null;r.scroll=h,r.scrollTarget=i}else if(l.indexOf("show:")===0){var o=l.slice(5).split(":");let u=o.pop();var i=o.length>0?o.join(":"):null;r.show=u,r.showTarget=i}else if(l.indexOf("focus-scroll:")===0){let c=l.slice(13);r.focusScroll=c=="true"}else a==0?r.swapStyle=l:logError("Unknown modifier in hx-swap: "+l)}}return r}function usesFormData(e){return getClosestAttributeValue(e,"hx-encoding")==="multipart/form-data"||matches(e,"form")&&getRawAttribute(e,"enctype")==="multipart/form-data"}function encodeParamsForBody(e,t,n){let r=null;return withExtensions(t,function(o){r==null&&(r=o.encodeParameters(e,n,t))}),r??(usesFormData(t)?overrideFormData(new FormData,formDataFromObject(n)):urlEncode(n))}function makeSettleInfo(e){return{tasks:[],elts:[e]}}function updateScrollState(e,t){let n=e[0],r=e[e.length-1];if(t.scroll){var o=null;t.scrollTarget&&(o=asElement(querySelectorExt(n,t.scrollTarget))),t.scroll==="top"&&(n||o)&&(o=o||n,o.scrollTop=0),t.scroll==="bottom"&&(r||o)&&(o=o||r,o.scrollTop=o.scrollHeight),typeof t.scroll=="number"&&getWindow().setTimeout(function(){window.scrollTo(0,t.scroll)},0)}if(t.show){var o=null;if(t.showTarget){let s=t.showTarget;t.showTarget==="window"&&(s="body"),o=asElement(querySelectorExt(n,s))}t.show==="top"&&(n||o)&&(o=o||n,o.scrollIntoView({block:"start",behavior:htmx.config.scrollBehavior})),t.show==="bottom"&&(r||o)&&(o=o||r,o.scrollIntoView({block:"end",behavior:htmx.config.scrollBehavior}))}}function getValuesForElement(e,t,n,r,o){if(r==null&&(r={}),e==null)return r;let i=getAttributeValue(e,t);if(i){let s=i.trim(),a=n;if(s==="unset")return null;s.indexOf("javascript:")===0?(s=s.slice(11),a=!0):s.indexOf("js:")===0&&(s=s.slice(3),a=!0),s.indexOf("{")!==0&&(s="{"+s+"}");let l;a?l=maybeEval(e,function(){return o?Function("event","return ("+s+")").call(e,o):Function("return ("+s+")").call(e)},{}):l=parseJSON(s);for(let c in l)l.hasOwnProperty(c)&&r[c]==null&&(r[c]=l[c])}return getValuesForElement(asElement(parentElt(e)),t,n,r,o)}function maybeEval(e,t,n){return htmx.config.allowEval?t():(triggerErrorEvent(e,"htmx:evalDisallowedError"),n)}function getHXVarsForElement(e,t,n){return getValuesForElement(e,"hx-vars",!0,n,t)}function getHXValsForElement(e,t,n){return getValuesForElement(e,"hx-vals",!1,n,t)}function getExpressionVars(e,t){return mergeObjects(getHXVarsForElement(e,t),getHXValsForElement(e,t))}function safelySetHeaderValue(e,t,n){if(n!==null)try{e.setRequestHeader(t,n)}catch{e.setRequestHeader(t,encodeURIComponent(n)),e.setRequestHeader(t+"-URI-AutoEncoded","true")}}function getPathFromResponse(e){if(e.responseURL)try{let t=new URL(e.responseURL);return t.pathname+t.search}catch{triggerErrorEvent(getDocument().body,"htmx:badResponseUrl",{url:e.responseURL})}}function hasHeader(e,t){return t.test(e.getAllResponseHeaders())}function ajaxHelper(e,t,n){if(e=e.toLowerCase(),n){if(n instanceof Element||typeof n=="string")return issueAjaxRequest(e,t,null,null,{targetOverride:resolveTarget(n)||DUMMY_ELT,returnPromise:!0});{let r=resolveTarget(n.target);return(n.target&&!r||n.source&&!r&&!resolveTarget(n.source))&&(r=DUMMY_ELT),issueAjaxRequest(e,t,resolveTarget(n.source),n.event,{handler:n.handler,headers:n.headers,values:n.values,targetOverride:r,swapOverride:n.swap,select:n.select,returnPromise:!0,push:n.push,replace:n.replace,selectOOB:n.selectOOB})}}else return issueAjaxRequest(e,t,null,null,{returnPromise:!0})}function hierarchyForElt(e){let t=[];for(;e;)t.push(e),e=e.parentElement;return t}function verifyPath(e,t,n){let r=new URL(t,location.protocol!=="about:"?location.href:window.origin),i=(location.protocol!=="about:"?location.origin:window.origin)===r.origin;return htmx.config.selfRequestsOnly&&!i?!1:triggerEvent(e,"htmx:validateUrl",mergeObjects({url:r,sameHost:i},n))}function formDataFromObject(e){if(e instanceof FormData)return e;let t=new FormData;for(let n in e)e.hasOwnProperty(n)&&(e[n]&&typeof e[n].forEach=="function"?e[n].forEach(function(r){t.append(n,r)}):typeof e[n]=="object"&&!(e[n]instanceof Blob)?t.append(n,JSON.stringify(e[n])):t.append(n,e[n]));return t}function formDataArrayProxy(e,t,n){return new Proxy(n,{get:function(r,o){return typeof o=="number"?r[o]:o==="length"?r.length:o==="push"?function(i){r.push(i),e.append(t,i)}:typeof r[o]=="function"?function(){r[o].apply(r,arguments),e.delete(t),r.forEach(function(i){e.append(t,i)})}:r[o]&&r[o].length===1?r[o][0]:r[o]},set:function(r,o,i){return r[o]=i,e.delete(t),r.forEach(function(s){e.append(t,s)}),!0}})}function formDataProxy(e){return new Proxy(e,{get:function(t,n){if(typeof n=="symbol"){let o=Reflect.get(t,n);return typeof o=="function"?function(){return o.apply(e,arguments)}:o}if(n==="toJSON")return()=>Object.fromEntries(e);if(n in t&&typeof t[n]=="function")return function(){return e[n].apply(e,arguments)};let r=e.getAll(n);if(r.length!==0)return r.length===1?r[0]:formDataArrayProxy(t,n,r)},set:function(t,n,r){return typeof n!="string"?!1:(t.delete(n),r&&typeof r.forEach=="function"?r.forEach(function(o){t.append(n,o)}):typeof r=="object"&&!(r instanceof Blob)?t.append(n,JSON.stringify(r)):t.append(n,r),!0)},deleteProperty:function(t,n){return typeof n=="string"&&t.delete(n),!0},ownKeys:function(t){return Reflect.ownKeys(Object.fromEntries(t))},getOwnPropertyDescriptor:function(t,n){return Reflect.getOwnPropertyDescriptor(Object.fromEntries(t),n)}})}function issueAjaxRequest(e,t,n,r,o,i){let s=null,a=null;if(o=o??{},o.returnPromise&&typeof Promise<"u")var l=new Promise(function(p,w){s=p,a=w});n==null&&(n=getDocument().body);let c=o.handler||handleAjaxResponse,h=o.select||null;if(!bodyContains(n))return maybeCall(s),l;let u=o.targetOverride||asElement(getTarget(n));if(u==null||u==DUMMY_ELT)return triggerErrorEvent(n,"htmx:targetError",{target:getClosestAttributeValue(n,"hx-target")}),maybeCall(a),l;let f=getInternalData(n),v=f.lastButtonClicked;if(v){let p=getRawAttribute(v,"formaction");p!=null&&(t=p);let w=getRawAttribute(v,"formmethod");if(w!=null)if(VERBS.includes(w.toLowerCase()))e=w;else return maybeCall(s),l}let d=getClosestAttributeValue(n,"hx-confirm");if(i===void 0&&triggerEvent(n,"htmx:confirm",{target:u,elt:n,path:t,verb:e,triggeringEvent:r,etc:o,issueRequest:function(T){return issueAjaxRequest(e,t,n,r,o,!!T)},question:d})===!1)return maybeCall(s),l;let y=n,m=getClosestAttributeValue(n,"hx-sync"),x=null,b=!1;if(m){let p=m.split(":"),w=p[0].trim();if(w==="this"?y=findThisElement(n,"hx-sync"):y=asElement(querySelectorExt(n,w)),m=(p[1]||"drop").trim(),f=getInternalData(y),m==="drop"&&f.xhr&&f.abortable!==!0)return maybeCall(s),l;if(m==="abort"){if(f.xhr)return maybeCall(s),l;b=!0}else m==="replace"?triggerEvent(y,"htmx:abort"):m.indexOf("queue")===0&&(x=(m.split(" ")[1]||"last").trim())}if(f.xhr)if(f.abortable)triggerEvent(y,"htmx:abort");else{if(x==null){if(r){let p=getInternalData(r);p&&p.triggerSpec&&p.triggerSpec.queue&&(x=p.triggerSpec.queue)}x==null&&(x="last")}return f.queuedRequests==null&&(f.queuedRequests=[]),x==="first"&&f.queuedRequests.length===0?f.queuedRequests.push(function(){issueAjaxRequest(e,t,n,r,o)}):x==="all"?f.queuedRequests.push(function(){issueAjaxRequest(e,t,n,r,o)}):x==="last"&&(f.queuedRequests=[],f.queuedRequests.push(function(){issueAjaxRequest(e,t,n,r,o)})),maybeCall(s),l}let E=new XMLHttpRequest;f.xhr=E,f.abortable=b;let g=function(){f.xhr=null,f.abortable=!1,f.queuedRequests!=null&&f.queuedRequests.length>0&&f.queuedRequests.shift()()},W=getClosestAttributeValue(n,"hx-prompt");if(W){var q=prompt(W);if(q===null||!triggerEvent(n,"htmx:prompt",{prompt:q,target:u}))return maybeCall(s),g(),l}if(d&&!i&&!confirm(d))return maybeCall(s),g(),l;let H=getHeaders(n,u,q);e!=="get"&&!usesFormData(n)&&(H["Content-Type"]="application/x-www-form-urlencoded"),o.headers&&(H=mergeObjects(H,o.headers));let X=getInputValues(n,e),R=X.errors,$=X.formData;o.values&&overrideFormData($,formDataFromObject(o.values));let re=formDataFromObject(getExpressionVars(n,r)),P=overrideFormData($,re),D=filterValues(P,n);htmx.config.getCacheBusterParam&&e==="get"&&D.set("org.htmx.cache-buster",getRawAttribute(u,"id")||"true"),(t==null||t==="")&&(t=location.href);let k=getValuesForElement(n,"hx-request"),J=getInternalData(n).boosted,I=htmx.config.methodsThatUseUrlParams.indexOf(e)>=0,S={boosted:J,useUrlParams:I,formData:D,parameters:formDataProxy(D),unfilteredFormData:P,unfilteredParameters:formDataProxy(P),headers:H,elt:n,target:u,verb:e,errors:R,withCredentials:o.credentials||k.credentials||htmx.config.withCredentials,timeout:o.timeout||k.timeout||htmx.config.timeout,path:t,triggeringEvent:r};if(!triggerEvent(n,"htmx:configRequest",S))return maybeCall(s),g(),l;if(t=S.path,e=S.verb,H=S.headers,D=formDataFromObject(S.parameters),R=S.errors,I=S.useUrlParams,R&&R.length>0)return triggerEvent(n,"htmx:validation:halted",S),maybeCall(s),g(),l;let z=t.split("#"),oe=z[0],N=z[1],A=t;if(I&&(A=oe,!D.keys().next().done&&(A.indexOf("?")<0?A+="?":A+="&",A+=urlEncode(D),N&&(A+="#"+N))),!verifyPath(n,A,S))return triggerErrorEvent(n,"htmx:invalidPath",S),maybeCall(a),g(),l;if(E.open(e.toUpperCase(),A,!0),E.overrideMimeType("text/html"),E.withCredentials=S.withCredentials,E.timeout=S.timeout,!k.noHeaders){for(let p in H)if(H.hasOwnProperty(p)){let w=H[p];safelySetHeaderValue(E,p,w)}}let C={xhr:E,target:u,requestConfig:S,etc:o,boosted:J,select:h,pathInfo:{requestPath:t,finalRequestPath:A,responsePath:null,anchor:N}};if(E.onload=function(){try{let p=hierarchyForElt(n);if(C.pathInfo.responsePath=getPathFromResponse(E),c(n,C),C.keepIndicators!==!0&&removeRequestIndicators(L,O),triggerEvent(n,"htmx:afterRequest",C),triggerEvent(n,"htmx:afterOnLoad",C),!bodyContains(n)){let w=null;for(;p.length>0&&w==null;){let T=p.shift();bodyContains(T)&&(w=T)}w&&(triggerEvent(w,"htmx:afterRequest",C),triggerEvent(w,"htmx:afterOnLoad",C))}maybeCall(s)}catch(p){throw triggerErrorEvent(n,"htmx:onLoadError",mergeObjects({error:p},C)),p}finally{g()}},E.onerror=function(){removeRequestIndicators(L,O),triggerErrorEvent(n,"htmx:afterRequest",C),triggerErrorEvent(n,"htmx:sendError",C),maybeCall(a),g()},E.onabort=function(){removeRequestIndicators(L,O),triggerErrorEvent(n,"htmx:afterRequest",C),triggerErrorEvent(n,"htmx:sendAbort",C),maybeCall(a),g()},E.ontimeout=function(){removeRequestIndicators(L,O),triggerErrorEvent(n,"htmx:afterRequest",C),triggerErrorEvent(n,"htmx:timeout",C),maybeCall(a),g()},!triggerEvent(n,"htmx:beforeRequest",C))return maybeCall(s),g(),l;var L=addRequestIndicatorClasses(n),O=disableElements(n);forEach(["loadstart","loadend","progress","abort"],function(p){forEach([E,E.upload],function(w){w.addEventListener(p,function(T){triggerEvent(n,"htmx:xhr:"+p,{lengthComputable:T.lengthComputable,loaded:T.loaded,total:T.total})})})}),triggerEvent(n,"htmx:beforeSend",C);let ie=I?null:encodeParamsForBody(E,n,D);return E.send(ie),l}function determineHistoryUpdates(e,t){let n=t.xhr,r=null,o=null;if(hasHeader(n,/HX-Push:/i)?(r=n.getResponseHeader("HX-Push"),o="push"):hasHeader(n,/HX-Push-Url:/i)?(r=n.getResponseHeader("HX-Push-Url"),o="push"):hasHeader(n,/HX-Replace-Url:/i)&&(r=n.getResponseHeader("HX-Replace-Url"),o="replace"),r)return r==="false"?{}:{type:o,path:r};let i=t.pathInfo.finalRequestPath,s=t.pathInfo.responsePath,a=t.etc.push||getClosestAttributeValue(e,"hx-push-url"),l=t.etc.replace||getClosestAttributeValue(e,"hx-replace-url"),c=getInternalData(e).boosted,h=null,u=null;return a?(h="push",u=a):l?(h="replace",u=l):c&&(h="push",u=s||i),u?u==="false"?{}:(u==="true"&&(u=s||i),t.pathInfo.anchor&&u.indexOf("#")===-1&&(u=u+"#"+t.pathInfo.anchor),{type:h,path:u}):{}}function codeMatches(e,t){var n=new RegExp(e.code);return n.test(t.toString(10))}function resolveResponseHandling(e){for(var t=0;t<htmx.config.responseHandling.length;t++){var n=htmx.config.responseHandling[t];if(codeMatches(n,e.status))return n}return{swap:!1}}function handleTitle(e){if(e){let t=find("title");t?t.textContent=e:window.document.title=e}}function resolveRetarget(e,t){if(t==="this")return e;let n=asElement(querySelectorExt(e,t));if(n==null)throw triggerErrorEvent(e,"htmx:targetError",{target:t}),new Error(`Invalid re-target ${t}`);return n}function handleAjaxResponse(e,t){let n=t.xhr,r=t.target,o=t.etc,i=t.select;if(!triggerEvent(e,"htmx:beforeOnLoad",t))return;if(hasHeader(n,/HX-Trigger:/i)&&handleTriggerHeader(n,"HX-Trigger",e),hasHeader(n,/HX-Location:/i)){let b=n.getResponseHeader("HX-Location");var s={};b.indexOf("{")===0&&(s=parseJSON(b),b=s.path,delete s.path),s.push=s.push||"true",ajaxHelper("get",b,s);return}let a=hasHeader(n,/HX-Refresh:/i)&&n.getResponseHeader("HX-Refresh")==="true";if(hasHeader(n,/HX-Redirect:/i)){t.keepIndicators=!0,htmx.location.href=n.getResponseHeader("HX-Redirect"),a&&htmx.location.reload();return}if(a){t.keepIndicators=!0,htmx.location.reload();return}let l=determineHistoryUpdates(e,t),c=resolveResponseHandling(n),h=c.swap,u=!!c.error,f=htmx.config.ignoreTitle||c.ignoreTitle,v=c.select;c.target&&(t.target=resolveRetarget(e,c.target));var d=o.swapOverride;d==null&&c.swapOverride&&(d=c.swapOverride),hasHeader(n,/HX-Retarget:/i)&&(t.target=resolveRetarget(e,n.getResponseHeader("HX-Retarget"))),hasHeader(n,/HX-Reswap:/i)&&(d=n.getResponseHeader("HX-Reswap"));var y=n.response,m=mergeObjects({shouldSwap:h,serverResponse:y,isError:u,ignoreTitle:f,selectOverride:v,swapOverride:d},t);if(!(c.event&&!triggerEvent(r,c.event,m))&&triggerEvent(r,"htmx:beforeSwap",m)){if(r=m.target,y=m.serverResponse,u=m.isError,f=m.ignoreTitle,v=m.selectOverride,d=m.swapOverride,t.target=r,t.failed=u,t.successful=!u,m.shouldSwap){n.status===286&&cancelPolling(e),withExtensions(e,function(g){y=g.transformResponse(y,n,e)}),l.type&&saveCurrentPageToHistory();var x=getSwapSpecification(e,d);x.hasOwnProperty("ignoreTitle")||(x.ignoreTitle=f),r.classList.add(htmx.config.swappingClass),i&&(v=i),hasHeader(n,/HX-Reselect:/i)&&(v=n.getResponseHeader("HX-Reselect"));let b=o.selectOOB||getClosestAttributeValue(e,"hx-select-oob"),E=getClosestAttributeValue(e,"hx-select");swap(r,y,x,{select:v==="unset"?null:v||E,selectOOB:b,eventInfo:t,anchor:t.pathInfo.anchor,contextElement:e,afterSwapCallback:function(){if(hasHeader(n,/HX-Trigger-After-Swap:/i)){let g=e;bodyContains(e)||(g=getDocument().body),handleTriggerHeader(n,"HX-Trigger-After-Swap",g)}},afterSettleCallback:function(){if(hasHeader(n,/HX-Trigger-After-Settle:/i)){let g=e;bodyContains(e)||(g=getDocument().body),handleTriggerHeader(n,"HX-Trigger-After-Settle",g)}},beforeSwapCallback:function(){l.type&&(triggerEvent(getDocument().body,"htmx:beforeHistoryUpdate",mergeObjects({history:l},t)),l.type==="push"?(pushUrlIntoHistory(l.path),triggerEvent(getDocument().body,"htmx:pushedIntoHistory",{path:l.path})):(replaceUrlInHistory(l.path),triggerEvent(getDocument().body,"htmx:replacedInHistory",{path:l.path})))}})}u&&triggerErrorEvent(e,"htmx:responseError",mergeObjects({error:"Response Status Error Code "+n.status+" from "+t.pathInfo.requestPath},t))}}let extensions={};function extensionBase(){return{init:function(e){return null},getSelectors:function(){return null},onEvent:function(e,t){return!0},transformResponse:function(e,t,n){return e},isInlineSwap:function(e){return!1},handleSwap:function(e,t,n,r){return!1},encodeParameters:function(e,t,n){return null}}}function defineExtension(e,t){t.init&&t.init(internalAPI),extensions[e]=mergeObjects(extensionBase(),t)}function removeExtension(e){delete extensions[e]}function getExtensions(e,t,n){if(t==null&&(t=[]),e==null)return t;n==null&&(n=[]);let r=getAttributeValue(e,"hx-ext");return r&&forEach(r.split(","),function(o){if(o=o.replace(/ /g,""),o.slice(0,7)=="ignore:"){n.push(o.slice(7));return}if(n.indexOf(o)<0){let i=extensions[o];i&&t.indexOf(i)<0&&t.push(i)}}),getExtensions(asElement(parentElt(e)),t,n)}var isReady=!1;getDocument().addEventListener("DOMContentLoaded",function(){isReady=!0});function ready(e){isReady||getDocument().readyState==="complete"?e():getDocument().addEventListener("DOMContentLoaded",e)}function insertIndicatorStyles(){if(htmx.config.includeIndicatorStyles!==!1){let e=htmx.config.inlineStyleNonce?` nonce="${htmx.config.inlineStyleNonce}"`:"",t=htmx.config.indicatorClass,n=htmx.config.requestClass;getDocument().head.insertAdjacentHTML("beforeend",`<style${e}>.${t}{opacity:0;visibility: hidden} .${n} .${t}, .${n}.${t}{opacity:1;visibility: visible;transition: opacity 200ms ease-in}</style>`)}}function getMetaConfig(){let e=getDocument().querySelector('meta[name="htmx-config"]');return e?parseJSON(e.content):null}function mergeMetaConfig(){let e=getMetaConfig();e&&(htmx.config=mergeObjects(htmx.config,e))}return ready(function(){mergeMetaConfig(),insertIndicatorStyles();let e=getDocument().body;processNode(e);let t=getDocument().querySelectorAll("[hx-trigger='restored'],[data-hx-trigger='restored']");e.addEventListener("htmx:abort",function(r){let o=r.detail.elt||r.target,i=getInternalData(o);i&&i.xhr&&i.xhr.abort()});let n=window.onpopstate?window.onpopstate.bind(window):null;window.onpopstate=function(r){r.state&&r.state.htmx?(restoreHistory(),forEach(t,function(o){triggerEvent(o,"htmx:restored",{document:getDocument(),triggerEvent})})):n&&n(r)},getWindow().setTimeout(function(){triggerEvent(e,"htmx:load",{}),e=null},0)}),htmx})(),F=se;(function(){let e;F.defineExtension("json-enc",{init:function(t){e=t},onEvent:function(t,n){t==="htmx:configRequest"&&(n.detail.headers["Content-Type"]="application/json")},encodeParameters:function(t,n,r){t.overrideMimeType("text/json");let o={};n.forEach(function(s,a){Object.hasOwn(o,a)?(Array.isArray(o[a])||(o[a]=[o[a]]),o[a].push(s)):o[a]=s});let i=e.getExpressionVars(r);return Object.keys(o).forEach(function(s){o[s]=Object.hasOwn(i,s)?i[s]:o[s]}),JSON.stringify(o)}})})();var K=document.createElement("template");K.innerHTML=` 1 + var se=(function(){"use strict";let htmx={onLoad:null,process:null,on:null,off:null,trigger:null,ajax:null,find:null,findAll:null,closest:null,values:function(e,t){return getInputValues(e,t||"post").values},remove:null,addClass:null,removeClass:null,toggleClass:null,takeClass:null,swap:null,defineExtension:null,removeExtension:null,logAll:null,logNone:null,logger:null,config:{historyEnabled:!0,historyCacheSize:10,refreshOnHistoryMiss:!1,defaultSwapStyle:"innerHTML",defaultSwapDelay:0,defaultSettleDelay:20,includeIndicatorStyles:!0,indicatorClass:"htmx-indicator",requestClass:"htmx-request",addedClass:"htmx-added",settlingClass:"htmx-settling",swappingClass:"htmx-swapping",allowEval:!0,allowScriptTags:!0,inlineScriptNonce:"",inlineStyleNonce:"",attributesToSettle:["class","style","width","height"],withCredentials:!1,timeout:0,wsReconnectDelay:"full-jitter",wsBinaryType:"blob",disableSelector:"[hx-disable], [data-hx-disable]",scrollBehavior:"instant",defaultFocusScroll:!1,getCacheBusterParam:!1,globalViewTransitions:!1,methodsThatUseUrlParams:["get","delete"],selfRequestsOnly:!0,ignoreTitle:!1,scrollIntoViewOnBoost:!0,triggerSpecsCache:null,disableInheritance:!1,responseHandling:[{code:"204",swap:!1},{code:"[23]..",swap:!0},{code:"[45]..",swap:!1,error:!0}],allowNestedOobSwaps:!0,historyRestoreAsHxRequest:!0,reportValidityOfForms:!1},parseInterval:null,location,_:null,version:"2.0.8"};htmx.onLoad=onLoadHelper,htmx.process=processNode,htmx.on=addEventListenerImpl,htmx.off=removeEventListenerImpl,htmx.trigger=triggerEvent,htmx.ajax=ajaxHelper,htmx.find=find,htmx.findAll=findAll,htmx.closest=closest,htmx.remove=removeElement,htmx.addClass=addClassToElement,htmx.removeClass=removeClassFromElement,htmx.toggleClass=toggleClassOnElement,htmx.takeClass=takeClassForElement,htmx.swap=swap,htmx.defineExtension=defineExtension,htmx.removeExtension=removeExtension,htmx.logAll=logAll,htmx.logNone=logNone,htmx.parseInterval=parseInterval,htmx._=internalEval;let internalAPI={addTriggerHandler,bodyContains,canAccessLocalStorage,findThisElement,filterValues,swap,hasAttribute,getAttributeValue,getClosestAttributeValue,getClosestMatch,getExpressionVars,getHeaders,getInputValues,getInternalData,getSwapSpecification,getTriggerSpecs,getTarget,makeFragment,mergeObjects,makeSettleInfo,oobSwap,querySelectorExt,settleImmediately,shouldCancel,triggerEvent,triggerErrorEvent,withExtensions},VERBS=["get","post","put","delete","patch"],VERB_SELECTOR=VERBS.map(function(e){return"[hx-"+e+"], [data-hx-"+e+"]"}).join(", ");function parseInterval(e){if(e==null)return;let t=NaN;return e.slice(-2)=="ms"?t=parseFloat(e.slice(0,-2)):e.slice(-1)=="s"?t=parseFloat(e.slice(0,-1))*1e3:e.slice(-1)=="m"?t=parseFloat(e.slice(0,-1))*1e3*60:t=parseFloat(e),isNaN(t)?void 0:t}function getRawAttribute(e,t){return e instanceof Element&&e.getAttribute(t)}function hasAttribute(e,t){return!!e.hasAttribute&&(e.hasAttribute(t)||e.hasAttribute("data-"+t))}function getAttributeValue(e,t){return getRawAttribute(e,t)||getRawAttribute(e,"data-"+t)}function parentElt(e){let t=e.parentElement;return!t&&e.parentNode instanceof ShadowRoot?e.parentNode:t}function getDocument(){return document}function getRootNode(e,t){return e.getRootNode?e.getRootNode({composed:t}):getDocument()}function getClosestMatch(e,t){for(;e&&!t(e);)e=parentElt(e);return e||null}function getAttributeValueWithDisinheritance(e,t,n){let r=getAttributeValue(t,n),o=getAttributeValue(t,"hx-disinherit");var i=getAttributeValue(t,"hx-inherit");if(e!==t){if(htmx.config.disableInheritance)return i&&(i==="*"||i.split(" ").indexOf(n)>=0)?r:null;if(o&&(o==="*"||o.split(" ").indexOf(n)>=0))return"unset"}return r}function getClosestAttributeValue(e,t){let n=null;if(getClosestMatch(e,function(r){return!!(n=getAttributeValueWithDisinheritance(e,asElement(r),t))}),n!=="unset")return n}function matches(e,t){return e instanceof Element&&e.matches(t)}function getStartTag(e){let n=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i.exec(e);return n?n[1].toLowerCase():""}function parseHTML(e){return"parseHTMLUnsafe"in Document?Document.parseHTMLUnsafe(e):new DOMParser().parseFromString(e,"text/html")}function takeChildrenFor(e,t){for(;t.childNodes.length>0;)e.append(t.childNodes[0])}function duplicateScript(e){let t=getDocument().createElement("script");return forEach(e.attributes,function(n){t.setAttribute(n.name,n.value)}),t.textContent=e.textContent,t.async=!1,htmx.config.inlineScriptNonce&&(t.nonce=htmx.config.inlineScriptNonce),t}function isJavaScriptScriptNode(e){return e.matches("script")&&(e.type==="text/javascript"||e.type==="module"||e.type==="")}function normalizeScriptTags(e){Array.from(e.querySelectorAll("script")).forEach(t=>{if(isJavaScriptScriptNode(t)){let n=duplicateScript(t),r=t.parentNode;try{r.insertBefore(n,t)}catch(o){logError(o)}finally{t.remove()}}})}function makeFragment(e){let t=e.replace(/<head(\s[^>]*)?>[\s\S]*?<\/head>/i,""),n=getStartTag(t),r;if(n==="html"){r=new DocumentFragment;let i=parseHTML(e);takeChildrenFor(r,i.body),r.title=i.title}else if(n==="body"){r=new DocumentFragment;let i=parseHTML(t);takeChildrenFor(r,i.body),r.title=i.title}else{let i=parseHTML('<body><template class="internal-htmx-wrapper">'+t+"</template></body>");r=i.querySelector("template").content,r.title=i.title;var o=r.querySelector("title");o&&o.parentNode===r&&(o.remove(),r.title=o.innerText)}return r&&(htmx.config.allowScriptTags?normalizeScriptTags(r):r.querySelectorAll("script").forEach(i=>i.remove())),r}function maybeCall(e){e&&e()}function isType(e,t){return Object.prototype.toString.call(e)==="[object "+t+"]"}function isFunction(e){return typeof e=="function"}function isRawObject(e){return isType(e,"Object")}function getInternalData(e){let t="htmx-internal-data",n=e[t];return n||(n=e[t]={}),n}function toArray(e){let t=[];if(e)for(let n=0;n<e.length;n++)t.push(e[n]);return t}function forEach(e,t){if(e)for(let n=0;n<e.length;n++)t(e[n])}function isScrolledIntoView(e){let t=e.getBoundingClientRect(),n=t.top,r=t.bottom;return n<window.innerHeight&&r>=0}function bodyContains(e){return e.getRootNode({composed:!0})===document}function splitOnWhitespace(e){return e.trim().split(/\s+/)}function mergeObjects(e,t){for(let n in t)t.hasOwnProperty(n)&&(e[n]=t[n]);return e}function parseJSON(e){try{return JSON.parse(e)}catch(t){return logError(t),null}}function canAccessLocalStorage(){let e="htmx:sessionStorageTest";try{return sessionStorage.setItem(e,e),sessionStorage.removeItem(e),!0}catch{return!1}}function normalizePath(e){let t=new URL(e,"http://x");return t&&(e=t.pathname+t.search),e!="/"&&(e=e.replace(/\/+$/,"")),e}function internalEval(str){return maybeEval(getDocument().body,function(){return eval(str)})}function onLoadHelper(e){return htmx.on("htmx:load",function(n){e(n.detail.elt)})}function logAll(){htmx.logger=function(e,t,n){console&&console.log(t,e,n)}}function logNone(){htmx.logger=null}function find(e,t){return typeof e!="string"?e.querySelector(t):find(getDocument(),e)}function findAll(e,t){return typeof e!="string"?e.querySelectorAll(t):findAll(getDocument(),e)}function getWindow(){return window}function removeElement(e,t){e=resolveTarget(e),t?getWindow().setTimeout(function(){removeElement(e),e=null},t):parentElt(e).removeChild(e)}function asElement(e){return e instanceof Element?e:null}function asHtmlElement(e){return e instanceof HTMLElement?e:null}function asString(e){return typeof e=="string"?e:null}function asParentNode(e){return e instanceof Element||e instanceof Document||e instanceof DocumentFragment?e:null}function addClassToElement(e,t,n){e=asElement(resolveTarget(e)),e&&(n?getWindow().setTimeout(function(){addClassToElement(e,t),e=null},n):e.classList&&e.classList.add(t))}function removeClassFromElement(e,t,n){let r=asElement(resolveTarget(e));r&&(n?getWindow().setTimeout(function(){removeClassFromElement(r,t),r=null},n):r.classList&&(r.classList.remove(t),r.classList.length===0&&r.removeAttribute("class")))}function toggleClassOnElement(e,t){e=resolveTarget(e),e.classList.toggle(t)}function takeClassForElement(e,t){e=resolveTarget(e),forEach(e.parentElement.children,function(n){removeClassFromElement(n,t)}),addClassToElement(asElement(e),t)}function closest(e,t){return e=asElement(resolveTarget(e)),e?e.closest(t):null}function startsWith(e,t){return e.substring(0,t.length)===t}function endsWith(e,t){return e.substring(e.length-t.length)===t}function normalizeSelector(e){let t=e.trim();return startsWith(t,"<")&&endsWith(t,"/>")?t.substring(1,t.length-2):t}function querySelectorAllExt(e,t,n){if(t.indexOf("global ")===0)return querySelectorAllExt(e,t.slice(7),!0);e=resolveTarget(e);let r=[];{let s=0,a=0;for(let l=0;l<t.length;l++){let c=t[l];if(c===","&&s===0){r.push(t.substring(a,l)),a=l+1;continue}c==="<"?s++:c==="/"&&l<t.length-1&&t[l+1]===">"&&s--}a<t.length&&r.push(t.substring(a))}let o=[],i=[];for(;r.length>0;){let s=normalizeSelector(r.shift()),a;s.indexOf("closest ")===0?a=closest(asElement(e),normalizeSelector(s.slice(8))):s.indexOf("find ")===0?a=find(asParentNode(e),normalizeSelector(s.slice(5))):s==="next"||s==="nextElementSibling"?a=asElement(e).nextElementSibling:s.indexOf("next ")===0?a=scanForwardQuery(e,normalizeSelector(s.slice(5)),!!n):s==="previous"||s==="previousElementSibling"?a=asElement(e).previousElementSibling:s.indexOf("previous ")===0?a=scanBackwardsQuery(e,normalizeSelector(s.slice(9)),!!n):s==="document"?a=document:s==="window"?a=window:s==="body"?a=document.body:s==="root"?a=getRootNode(e,!!n):s==="host"?a=e.getRootNode().host:i.push(s),a&&o.push(a)}if(i.length>0){let s=i.join(","),a=asParentNode(getRootNode(e,!!n));o.push(...toArray(a.querySelectorAll(s)))}return o}var scanForwardQuery=function(e,t,n){let r=asParentNode(getRootNode(e,n)).querySelectorAll(t);for(let o=0;o<r.length;o++){let i=r[o];if(i.compareDocumentPosition(e)===Node.DOCUMENT_POSITION_PRECEDING)return i}},scanBackwardsQuery=function(e,t,n){let r=asParentNode(getRootNode(e,n)).querySelectorAll(t);for(let o=r.length-1;o>=0;o--){let i=r[o];if(i.compareDocumentPosition(e)===Node.DOCUMENT_POSITION_FOLLOWING)return i}};function querySelectorExt(e,t){return typeof e!="string"?querySelectorAllExt(e,t)[0]:querySelectorAllExt(getDocument().body,e)[0]}function resolveTarget(e,t){return typeof e=="string"?find(asParentNode(t)||document,e):e}function processEventArgs(e,t,n,r){return isFunction(t)?{target:getDocument().body,event:asString(e),listener:t,options:n}:{target:resolveTarget(e),event:asString(t),listener:n,options:r}}function addEventListenerImpl(e,t,n,r){return ready(function(){let i=processEventArgs(e,t,n,r);i.target.addEventListener(i.event,i.listener,i.options)}),isFunction(t)?t:n}function removeEventListenerImpl(e,t,n){return ready(function(){let r=processEventArgs(e,t,n);r.target.removeEventListener(r.event,r.listener)}),isFunction(t)?t:n}let DUMMY_ELT=getDocument().createElement("output");function findAttributeTargets(e,t){let n=getClosestAttributeValue(e,t);if(n){if(n==="this")return[findThisElement(e,t)];{let r=querySelectorAllExt(e,n);if(/(^|,)(\s*)inherit(\s*)($|,)/.test(n)){let i=asElement(getClosestMatch(e,function(s){return s!==e&&hasAttribute(asElement(s),t)}));i&&r.push(...findAttributeTargets(i,t))}return r.length===0?(logError('The selector "'+n+'" on '+t+" returned no matches!"),[DUMMY_ELT]):r}}}function findThisElement(e,t){return asElement(getClosestMatch(e,function(n){return getAttributeValue(asElement(n),t)!=null}))}function getTarget(e){let t=getClosestAttributeValue(e,"hx-target");return t?t==="this"?findThisElement(e,"hx-target"):querySelectorExt(e,t):getInternalData(e).boosted?getDocument().body:e}function shouldSettleAttribute(e){return htmx.config.attributesToSettle.includes(e)}function cloneAttributes(e,t){forEach(Array.from(e.attributes),function(n){!t.hasAttribute(n.name)&&shouldSettleAttribute(n.name)&&e.removeAttribute(n.name)}),forEach(t.attributes,function(n){shouldSettleAttribute(n.name)&&e.setAttribute(n.name,n.value)})}function isInlineSwap(e,t){let n=getExtensions(t);for(let r=0;r<n.length;r++){let o=n[r];try{if(o.isInlineSwap(e))return!0}catch(i){logError(i)}}return e==="outerHTML"}function oobSwap(e,t,n,r){r=r||getDocument();let o="#"+CSS.escape(getRawAttribute(t,"id")),i="outerHTML";e==="true"||(e.indexOf(":")>0?(i=e.substring(0,e.indexOf(":")),o=e.substring(e.indexOf(":")+1)):i=e),t.removeAttribute("hx-swap-oob"),t.removeAttribute("data-hx-swap-oob");let s=querySelectorAllExt(r,o,!1);return s.length?(forEach(s,function(a){let l,c=t.cloneNode(!0);l=getDocument().createDocumentFragment(),l.appendChild(c),isInlineSwap(i,a)||(l=asParentNode(c));let h={shouldSwap:!0,target:a,fragment:l};triggerEvent(a,"htmx:oobBeforeSwap",h)&&(a=h.target,h.shouldSwap&&(handlePreservedElements(l),swapWithStyle(i,a,a,l,n),restorePreservedElements()),forEach(n.elts,function(u){triggerEvent(u,"htmx:oobAfterSwap",h)}))}),t.parentNode.removeChild(t)):(t.parentNode.removeChild(t),triggerErrorEvent(getDocument().body,"htmx:oobErrorNoTarget",{content:t})),e}function restorePreservedElements(){let e=find("#--htmx-preserve-pantry--");if(e){for(let t of[...e.children]){let n=find("#"+t.id);n.parentNode.moveBefore(t,n),n.remove()}e.remove()}}function handlePreservedElements(e){forEach(findAll(e,"[hx-preserve], [data-hx-preserve]"),function(t){let n=getAttributeValue(t,"id"),r=getDocument().getElementById(n);if(r!=null)if(t.moveBefore){let o=find("#--htmx-preserve-pantry--");o==null&&(getDocument().body.insertAdjacentHTML("afterend","<div id='--htmx-preserve-pantry--'></div>"),o=find("#--htmx-preserve-pantry--")),o.moveBefore(r,null)}else t.parentNode.replaceChild(r,t)})}function handleAttributes(e,t,n){forEach(t.querySelectorAll("[id]"),function(r){let o=getRawAttribute(r,"id");if(o&&o.length>0){let i=o.replace("'","\\'"),s=r.tagName.replace(":","\\:"),a=asParentNode(e),l=a&&a.querySelector(s+"[id='"+i+"']");if(l&&l!==a){let c=r.cloneNode();cloneAttributes(r,l),n.tasks.push(function(){cloneAttributes(r,c)})}}})}function makeAjaxLoadTask(e){return function(){removeClassFromElement(e,htmx.config.addedClass),processNode(asElement(e)),processFocus(asParentNode(e)),triggerEvent(e,"htmx:load")}}function processFocus(e){let t="[autofocus]",n=asHtmlElement(matches(e,t)?e:e.querySelector(t));n?.focus()}function insertNodesBefore(e,t,n,r){for(handleAttributes(e,n,r);n.childNodes.length>0;){let o=n.firstChild;addClassToElement(asElement(o),htmx.config.addedClass),e.insertBefore(o,t),o.nodeType!==Node.TEXT_NODE&&o.nodeType!==Node.COMMENT_NODE&&r.tasks.push(makeAjaxLoadTask(o))}}function stringHash(e,t){let n=0;for(;n<e.length;)t=(t<<5)-t+e.charCodeAt(n++)|0;return t}function attributeHash(e){let t=0;for(let n=0;n<e.attributes.length;n++){let r=e.attributes[n];r.value&&(t=stringHash(r.name,t),t=stringHash(r.value,t))}return t}function deInitOnHandlers(e){let t=getInternalData(e);if(t.onHandlers){for(let n=0;n<t.onHandlers.length;n++){let r=t.onHandlers[n];removeEventListenerImpl(e,r.event,r.listener)}delete t.onHandlers}}function deInitNode(e){let t=getInternalData(e);t.timeout&&clearTimeout(t.timeout),t.listenerInfos&&forEach(t.listenerInfos,function(n){n.on&&removeEventListenerImpl(n.on,n.trigger,n.listener)}),deInitOnHandlers(e),forEach(Object.keys(t),function(n){n!=="firstInitCompleted"&&delete t[n]})}function cleanUpElement(e){triggerEvent(e,"htmx:beforeCleanupElement"),deInitNode(e),forEach(e.children,function(t){cleanUpElement(t)})}function swapOuterHTML(e,t,n){if(e.tagName==="BODY")return swapInnerHTML(e,t,n);let r,o=e.previousSibling,i=parentElt(e);if(i){for(insertNodesBefore(i,e,t,n),o==null?r=i.firstChild:r=o.nextSibling,n.elts=n.elts.filter(function(s){return s!==e});r&&r!==e;)r instanceof Element&&n.elts.push(r),r=r.nextSibling;cleanUpElement(e),e.remove()}}function swapAfterBegin(e,t,n){return insertNodesBefore(e,e.firstChild,t,n)}function swapBeforeBegin(e,t,n){return insertNodesBefore(parentElt(e),e,t,n)}function swapBeforeEnd(e,t,n){return insertNodesBefore(e,null,t,n)}function swapAfterEnd(e,t,n){return insertNodesBefore(parentElt(e),e.nextSibling,t,n)}function swapDelete(e){cleanUpElement(e);let t=parentElt(e);if(t)return t.removeChild(e)}function swapInnerHTML(e,t,n){let r=e.firstChild;if(insertNodesBefore(e,r,t,n),r){for(;r.nextSibling;)cleanUpElement(r.nextSibling),e.removeChild(r.nextSibling);cleanUpElement(r),e.removeChild(r)}}function swapWithStyle(e,t,n,r,o){switch(e){case"none":return;case"outerHTML":swapOuterHTML(n,r,o);return;case"afterbegin":swapAfterBegin(n,r,o);return;case"beforebegin":swapBeforeBegin(n,r,o);return;case"beforeend":swapBeforeEnd(n,r,o);return;case"afterend":swapAfterEnd(n,r,o);return;case"delete":swapDelete(n);return;default:var i=getExtensions(t);for(let s=0;s<i.length;s++){let a=i[s];try{let l=a.handleSwap(e,n,r,o);if(l){if(Array.isArray(l))for(let c=0;c<l.length;c++){let h=l[c];h.nodeType!==Node.TEXT_NODE&&h.nodeType!==Node.COMMENT_NODE&&o.tasks.push(makeAjaxLoadTask(h))}return}}catch(l){logError(l)}}e==="innerHTML"?swapInnerHTML(n,r,o):swapWithStyle(htmx.config.defaultSwapStyle,t,n,r,o)}}function findAndSwapOobElements(e,t,n){var r=findAll(e,"[hx-swap-oob], [data-hx-swap-oob]");return forEach(r,function(o){if(htmx.config.allowNestedOobSwaps||o.parentElement===null){let i=getAttributeValue(o,"hx-swap-oob");i!=null&&oobSwap(i,o,t,n)}else o.removeAttribute("hx-swap-oob"),o.removeAttribute("data-hx-swap-oob")}),r.length>0}function swap(e,t,n,r){r||(r={});let o=null,i=null,s=function(){maybeCall(r.beforeSwapCallback),e=resolveTarget(e);let c=r.contextElement?getRootNode(r.contextElement,!1):getDocument(),h=document.activeElement,u={};u={elt:h,start:h?h.selectionStart:null,end:h?h.selectionEnd:null};let f=makeSettleInfo(e);if(n.swapStyle==="textContent")e.textContent=t;else{let d=makeFragment(t);if(f.title=r.title||d.title,r.historyRequest&&(d=d.querySelector("[hx-history-elt],[data-hx-history-elt]")||d),r.selectOOB){let y=r.selectOOB.split(",");for(let m=0;m<y.length;m++){let x=y[m].split(":",2),b=x[0].trim();b.indexOf("#")===0&&(b=b.substring(1));let E=x[1]||"true",g=d.querySelector("#"+b);g&&oobSwap(E,g,f,c)}}if(findAndSwapOobElements(d,f,c),forEach(findAll(d,"template"),function(y){y.content&&findAndSwapOobElements(y.content,f,c)&&y.remove()}),r.select){let y=getDocument().createDocumentFragment();forEach(d.querySelectorAll(r.select),function(m){y.appendChild(m)}),d=y}handlePreservedElements(d),swapWithStyle(n.swapStyle,r.contextElement,e,d,f),restorePreservedElements()}if(u.elt&&!bodyContains(u.elt)&&getRawAttribute(u.elt,"id")){let d=document.getElementById(getRawAttribute(u.elt,"id")),y={preventScroll:n.focusScroll!==void 0?!n.focusScroll:!htmx.config.defaultFocusScroll};if(d){if(u.start&&d.setSelectionRange)try{d.setSelectionRange(u.start,u.end)}catch{}d.focus(y)}}e.classList.remove(htmx.config.swappingClass),forEach(f.elts,function(d){d.classList&&d.classList.add(htmx.config.settlingClass),triggerEvent(d,"htmx:afterSwap",r.eventInfo)}),maybeCall(r.afterSwapCallback),n.ignoreTitle||handleTitle(f.title);let v=function(){if(forEach(f.tasks,function(d){d.call()}),forEach(f.elts,function(d){d.classList&&d.classList.remove(htmx.config.settlingClass),triggerEvent(d,"htmx:afterSettle",r.eventInfo)}),r.anchor){let d=asElement(resolveTarget("#"+r.anchor));d&&d.scrollIntoView({block:"start",behavior:"auto"})}updateScrollState(f.elts,n),maybeCall(r.afterSettleCallback),maybeCall(o)};n.settleDelay>0?getWindow().setTimeout(v,n.settleDelay):v()},a=htmx.config.globalViewTransitions;n.hasOwnProperty("transition")&&(a=n.transition);let l=r.contextElement||getDocument();if(a&&triggerEvent(l,"htmx:beforeTransition",r.eventInfo)&&typeof Promise<"u"&&document.startViewTransition){let c=new Promise(function(u,f){o=u,i=f}),h=s;s=function(){document.startViewTransition(function(){return h(),c})}}try{n?.swapDelay&&n.swapDelay>0?getWindow().setTimeout(s,n.swapDelay):s()}catch(c){throw triggerErrorEvent(l,"htmx:swapError",r.eventInfo),maybeCall(i),c}}function handleTriggerHeader(e,t,n){let r=e.getResponseHeader(t);if(r.indexOf("{")===0){let o=parseJSON(r);for(let i in o)if(o.hasOwnProperty(i)){let s=o[i];isRawObject(s)?n=s.target!==void 0?s.target:n:s={value:s},triggerEvent(n,i,s)}}else{let o=r.split(",");for(let i=0;i<o.length;i++)triggerEvent(n,o[i].trim(),[])}}let WHITESPACE=/\s/,WHITESPACE_OR_COMMA=/[\s,]/,SYMBOL_START=/[_$a-zA-Z]/,SYMBOL_CONT=/[_$a-zA-Z0-9]/,STRINGISH_START=['"',"'","/"],NOT_WHITESPACE=/[^\s]/,COMBINED_SELECTOR_START=/[{(]/,COMBINED_SELECTOR_END=/[})]/;function tokenizeString(e){let t=[],n=0;for(;n<e.length;){if(SYMBOL_START.exec(e.charAt(n))){for(var r=n;SYMBOL_CONT.exec(e.charAt(n+1));)n++;t.push(e.substring(r,n+1))}else if(STRINGISH_START.indexOf(e.charAt(n))!==-1){let o=e.charAt(n);var r=n;for(n++;n<e.length&&e.charAt(n)!==o;)e.charAt(n)==="\\"&&n++,n++;t.push(e.substring(r,n+1))}else{let o=e.charAt(n);t.push(o)}n++}return t}function isPossibleRelativeReference(e,t,n){return SYMBOL_START.exec(e.charAt(0))&&e!=="true"&&e!=="false"&&e!=="this"&&e!==n&&t!=="."}function maybeGenerateConditional(e,t,n){if(t[0]==="["){t.shift();let r=1,o=" return (function("+n+"){ return (",i=null;for(;t.length>0;){let s=t[0];if(s==="]"){if(r--,r===0){i===null&&(o=o+"true"),t.shift(),o+=")})";try{let a=maybeEval(e,function(){return Function(o)()},function(){return!0});return a.source=o,a}catch(a){return triggerErrorEvent(getDocument().body,"htmx:syntax:error",{error:a,source:o}),null}}}else s==="["&&r++;isPossibleRelativeReference(s,i,n)?o+="(("+n+"."+s+") ? ("+n+"."+s+") : (window."+s+"))":o=o+s,i=t.shift()}}}function consumeUntil(e,t){let n="";for(;e.length>0&&!t.test(e[0]);)n+=e.shift();return n}function consumeCSSSelector(e){let t;return e.length>0&&COMBINED_SELECTOR_START.test(e[0])?(e.shift(),t=consumeUntil(e,COMBINED_SELECTOR_END).trim(),e.shift()):t=consumeUntil(e,WHITESPACE_OR_COMMA),t}let INPUT_SELECTOR="input, textarea, select";function parseAndCacheTrigger(e,t,n){let r=[],o=tokenizeString(t);do{consumeUntil(o,NOT_WHITESPACE);let a=o.length,l=consumeUntil(o,/[,\[\s]/);if(l!=="")if(l==="every"){let c={trigger:"every"};consumeUntil(o,NOT_WHITESPACE),c.pollInterval=parseInterval(consumeUntil(o,/[,\[\s]/)),consumeUntil(o,NOT_WHITESPACE);var i=maybeGenerateConditional(e,o,"event");i&&(c.eventFilter=i),r.push(c)}else{let c={trigger:l};var i=maybeGenerateConditional(e,o,"event");for(i&&(c.eventFilter=i),consumeUntil(o,NOT_WHITESPACE);o.length>0&&o[0]!==",";){let u=o.shift();if(u==="changed")c.changed=!0;else if(u==="once")c.once=!0;else if(u==="consume")c.consume=!0;else if(u==="delay"&&o[0]===":")o.shift(),c.delay=parseInterval(consumeUntil(o,WHITESPACE_OR_COMMA));else if(u==="from"&&o[0]===":"){if(o.shift(),COMBINED_SELECTOR_START.test(o[0]))var s=consumeCSSSelector(o);else{var s=consumeUntil(o,WHITESPACE_OR_COMMA);if(s==="closest"||s==="find"||s==="next"||s==="previous"){o.shift();let v=consumeCSSSelector(o);v.length>0&&(s+=" "+v)}}c.from=s}else u==="target"&&o[0]===":"?(o.shift(),c.target=consumeCSSSelector(o)):u==="throttle"&&o[0]===":"?(o.shift(),c.throttle=parseInterval(consumeUntil(o,WHITESPACE_OR_COMMA))):u==="queue"&&o[0]===":"?(o.shift(),c.queue=consumeUntil(o,WHITESPACE_OR_COMMA)):u==="root"&&o[0]===":"?(o.shift(),c[u]=consumeCSSSelector(o)):u==="threshold"&&o[0]===":"?(o.shift(),c[u]=consumeUntil(o,WHITESPACE_OR_COMMA)):triggerErrorEvent(e,"htmx:syntax:error",{token:o.shift()});consumeUntil(o,NOT_WHITESPACE)}r.push(c)}o.length===a&&triggerErrorEvent(e,"htmx:syntax:error",{token:o.shift()}),consumeUntil(o,NOT_WHITESPACE)}while(o[0]===","&&o.shift());return n&&(n[t]=r),r}function getTriggerSpecs(e){let t=getAttributeValue(e,"hx-trigger"),n=[];if(t){let r=htmx.config.triggerSpecsCache;n=r&&r[t]||parseAndCacheTrigger(e,t,r)}return n.length>0?n:matches(e,"form")?[{trigger:"submit"}]:matches(e,'input[type="button"], input[type="submit"]')?[{trigger:"click"}]:matches(e,INPUT_SELECTOR)?[{trigger:"change"}]:[{trigger:"click"}]}function cancelPolling(e){getInternalData(e).cancelled=!0}function processPolling(e,t,n){let r=getInternalData(e);r.timeout=getWindow().setTimeout(function(){bodyContains(e)&&r.cancelled!==!0&&(maybeFilterEvent(n,e,makeEvent("hx:poll:trigger",{triggerSpec:n,target:e}))||t(e),processPolling(e,t,n))},n.pollInterval)}function isLocalLink(e){return location.hostname===e.hostname&&getRawAttribute(e,"href")&&getRawAttribute(e,"href").indexOf("#")!==0}function eltIsDisabled(e){return closest(e,htmx.config.disableSelector)}function boostElement(e,t,n){if(e instanceof HTMLAnchorElement&&isLocalLink(e)&&(e.target===""||e.target==="_self")||e.tagName==="FORM"&&String(getRawAttribute(e,"method")).toLowerCase()!=="dialog"){t.boosted=!0;let r,o;if(e.tagName==="A")r="get",o=getRawAttribute(e,"href");else{let i=getRawAttribute(e,"method");r=i?i.toLowerCase():"get",o=getRawAttribute(e,"action"),(o==null||o==="")&&(o=location.href),r==="get"&&o.includes("?")&&(o=o.replace(/\?[^#]+/,""))}n.forEach(function(i){addEventListener(e,function(s,a){let l=asElement(s);if(eltIsDisabled(l)){cleanUpElement(l);return}issueAjaxRequest(r,o,l,a)},t,i,!0)})}}function shouldCancel(e,t){if(e.type==="submit"&&t.tagName==="FORM")return!0;if(e.type==="click"){let n=t.closest('input[type="submit"], button');if(n&&n.form&&n.type==="submit")return!0;let r=t.closest("a"),o=/^#.+/;if(r&&r.href&&!o.test(r.getAttribute("href")))return!0}return!1}function ignoreBoostedAnchorCtrlClick(e,t){return getInternalData(e).boosted&&e instanceof HTMLAnchorElement&&t.type==="click"&&(t.ctrlKey||t.metaKey)}function maybeFilterEvent(e,t,n){let r=e.eventFilter;if(r)try{return r.call(t,n)!==!0}catch(o){let i=r.source;return triggerErrorEvent(getDocument().body,"htmx:eventFilter:error",{error:o,source:i}),!0}return!1}function addEventListener(e,t,n,r,o){let i=getInternalData(e),s;r.from?s=querySelectorAllExt(e,r.from):s=[e],r.changed&&("lastValue"in i||(i.lastValue=new WeakMap),s.forEach(function(a){i.lastValue.has(r)||i.lastValue.set(r,new WeakMap),i.lastValue.get(r).set(a,a.value)})),forEach(s,function(a){let l=function(c){if(!bodyContains(e)){a.removeEventListener(r.trigger,l);return}if(ignoreBoostedAnchorCtrlClick(e,c)||((o||shouldCancel(c,a))&&c.preventDefault(),maybeFilterEvent(r,e,c)))return;let h=getInternalData(c);if(h.triggerSpec=r,h.handledFor==null&&(h.handledFor=[]),h.handledFor.indexOf(e)<0){if(h.handledFor.push(e),r.consume&&c.stopPropagation(),r.target&&c.target&&!matches(asElement(c.target),r.target))return;if(r.once){if(i.triggeredOnce)return;i.triggeredOnce=!0}if(r.changed){let u=c.target,f=u.value,v=i.lastValue.get(r);if(v.has(u)&&v.get(u)===f)return;v.set(u,f)}if(i.delayed&&clearTimeout(i.delayed),i.throttle)return;r.throttle>0?i.throttle||(triggerEvent(e,"htmx:trigger"),t(e,c),i.throttle=getWindow().setTimeout(function(){i.throttle=null},r.throttle)):r.delay>0?i.delayed=getWindow().setTimeout(function(){triggerEvent(e,"htmx:trigger"),t(e,c)},r.delay):(triggerEvent(e,"htmx:trigger"),t(e,c))}};n.listenerInfos==null&&(n.listenerInfos=[]),n.listenerInfos.push({trigger:r.trigger,listener:l,on:a}),a.addEventListener(r.trigger,l)})}let windowIsScrolling=!1,scrollHandler=null;function initScrollHandler(){scrollHandler||(scrollHandler=function(){windowIsScrolling=!0},window.addEventListener("scroll",scrollHandler),window.addEventListener("resize",scrollHandler),setInterval(function(){windowIsScrolling&&(windowIsScrolling=!1,forEach(getDocument().querySelectorAll("[hx-trigger*='revealed'],[data-hx-trigger*='revealed']"),function(e){maybeReveal(e)}))},200))}function maybeReveal(e){!hasAttribute(e,"data-hx-revealed")&&isScrolledIntoView(e)&&(e.setAttribute("data-hx-revealed","true"),getInternalData(e).initHash?triggerEvent(e,"revealed"):e.addEventListener("htmx:afterProcessNode",function(){triggerEvent(e,"revealed")},{once:!0}))}function loadImmediately(e,t,n,r){let o=function(){n.loaded||(n.loaded=!0,triggerEvent(e,"htmx:trigger"),t(e))};r>0?getWindow().setTimeout(o,r):o()}function processVerbs(e,t,n){let r=!1;return forEach(VERBS,function(o){if(hasAttribute(e,"hx-"+o)){let i=getAttributeValue(e,"hx-"+o);r=!0,t.path=i,t.verb=o,n.forEach(function(s){addTriggerHandler(e,s,t,function(a,l){let c=asElement(a);if(eltIsDisabled(c)){cleanUpElement(c);return}issueAjaxRequest(o,i,c,l)})})}}),r}function addTriggerHandler(e,t,n,r){if(t.trigger==="revealed")initScrollHandler(),addEventListener(e,r,n,t),maybeReveal(asElement(e));else if(t.trigger==="intersect"){let o={};t.root&&(o.root=querySelectorExt(e,t.root)),t.threshold&&(o.threshold=parseFloat(t.threshold)),new IntersectionObserver(function(s){for(let a=0;a<s.length;a++)if(s[a].isIntersecting){triggerEvent(e,"intersect");break}},o).observe(asElement(e)),addEventListener(asElement(e),r,n,t)}else!n.firstInitCompleted&&t.trigger==="load"?maybeFilterEvent(t,e,makeEvent("load",{elt:e}))||loadImmediately(asElement(e),r,n,t.delay):t.pollInterval>0?(n.polling=!0,processPolling(asElement(e),r,t)):addEventListener(e,r,n,t)}function shouldProcessHxOn(e){let t=asElement(e);if(!t)return!1;let n=t.attributes;for(let r=0;r<n.length;r++){let o=n[r].name;if(startsWith(o,"hx-on:")||startsWith(o,"data-hx-on:")||startsWith(o,"hx-on-")||startsWith(o,"data-hx-on-"))return!0}return!1}let HX_ON_QUERY=new XPathEvaluator().createExpression('.//*[@*[ starts-with(name(), "hx-on:") or starts-with(name(), "data-hx-on:") or starts-with(name(), "hx-on-") or starts-with(name(), "data-hx-on-") ]]');function processHXOnRoot(e,t){shouldProcessHxOn(e)&&t.push(asElement(e));let n=HX_ON_QUERY.evaluate(e),r=null;for(;r=n.iterateNext();)t.push(asElement(r))}function findHxOnWildcardElements(e){let t=[];if(e instanceof DocumentFragment)for(let n of e.childNodes)processHXOnRoot(n,t);else processHXOnRoot(e,t);return t}function findElementsToProcess(e){if(e.querySelectorAll){let n=", [hx-boost] a, [data-hx-boost] a, a[hx-boost], a[data-hx-boost]",r=[];for(let i in extensions){let s=extensions[i];if(s.getSelectors){var t=s.getSelectors();t&&r.push(t)}}return e.querySelectorAll(VERB_SELECTOR+n+", form, [type='submit'], [hx-ext], [data-hx-ext], [hx-trigger], [data-hx-trigger]"+r.flat().map(i=>", "+i).join(""))}else return[]}function maybeSetLastButtonClicked(e){let t=getTargetButton(e.target),n=getRelatedFormData(e);n&&(n.lastButtonClicked=t)}function maybeUnsetLastButtonClicked(e){let t=getRelatedFormData(e);t&&(t.lastButtonClicked=null)}function getTargetButton(e){return closest(asElement(e),"button, input[type='submit']")}function getRelatedForm(e){return e.form||closest(e,"form")}function getRelatedFormData(e){let t=getTargetButton(e.target);if(!t)return;let n=getRelatedForm(t);if(n)return getInternalData(n)}function initButtonTracking(e){e.addEventListener("click",maybeSetLastButtonClicked),e.addEventListener("focusin",maybeSetLastButtonClicked),e.addEventListener("focusout",maybeUnsetLastButtonClicked)}function addHxOnEventHandler(e,t,n){let r=getInternalData(e);Array.isArray(r.onHandlers)||(r.onHandlers=[]);let o,i=function(s){maybeEval(e,function(){eltIsDisabled(e)||(o||(o=new Function("event",n)),o.call(e,s))})};e.addEventListener(t,i),r.onHandlers.push({event:t,listener:i})}function processHxOnWildcard(e){deInitOnHandlers(e);for(let t=0;t<e.attributes.length;t++){let n=e.attributes[t].name,r=e.attributes[t].value;if(startsWith(n,"hx-on")||startsWith(n,"data-hx-on")){let o=n.indexOf("-on")+3,i=n.slice(o,o+1);if(i==="-"||i===":"){let s=n.slice(o+1);startsWith(s,":")?s="htmx"+s:startsWith(s,"-")?s="htmx:"+s.slice(1):startsWith(s,"htmx-")&&(s="htmx:"+s.slice(5)),addHxOnEventHandler(e,s,r)}}}}function initNode(e){triggerEvent(e,"htmx:beforeProcessNode");let t=getInternalData(e),n=getTriggerSpecs(e);processVerbs(e,t,n)||(getClosestAttributeValue(e,"hx-boost")==="true"?boostElement(e,t,n):hasAttribute(e,"hx-trigger")&&n.forEach(function(o){addTriggerHandler(e,o,t,function(){})})),(e.tagName==="FORM"||getRawAttribute(e,"type")==="submit"&&hasAttribute(e,"form"))&&initButtonTracking(e),t.firstInitCompleted=!0,triggerEvent(e,"htmx:afterProcessNode")}function maybeDeInitAndHash(e){if(!(e instanceof Element))return!1;let t=getInternalData(e),n=attributeHash(e);return t.initHash!==n?(deInitNode(e),t.initHash=n,!0):!1}function processNode(e){if(e=resolveTarget(e),eltIsDisabled(e)){cleanUpElement(e);return}let t=[];maybeDeInitAndHash(e)&&t.push(e),forEach(findElementsToProcess(e),function(n){if(eltIsDisabled(n)){cleanUpElement(n);return}maybeDeInitAndHash(n)&&t.push(n)}),forEach(findHxOnWildcardElements(e),processHxOnWildcard),forEach(t,initNode)}function kebabEventName(e){return e.replace(/([a-z0-9])([A-Z])/g,"$1-$2").toLowerCase()}function makeEvent(e,t){return new CustomEvent(e,{bubbles:!0,cancelable:!0,composed:!0,detail:t})}function triggerErrorEvent(e,t,n){triggerEvent(e,t,mergeObjects({error:t},n))}function ignoreEventForLogging(e){return e==="htmx:afterProcessNode"}function withExtensions(e,t,n){forEach(getExtensions(e,[],n),function(r){try{t(r)}catch(o){logError(o)}})}function logError(e){console.error(e)}function triggerEvent(e,t,n){e=resolveTarget(e),n==null&&(n={}),n.elt=e;let r=makeEvent(t,n);htmx.logger&&!ignoreEventForLogging(t)&&htmx.logger(e,t,n),n.error&&(logError(n.error),triggerEvent(e,"htmx:error",{errorInfo:n}));let o=e.dispatchEvent(r),i=kebabEventName(t);if(o&&i!==t){let s=makeEvent(i,r.detail);o=o&&e.dispatchEvent(s)}return withExtensions(asElement(e),function(s){o=o&&s.onEvent(t,r)!==!1&&!r.defaultPrevented}),o}let currentPathForHistory;function setCurrentPathForHistory(e){currentPathForHistory=e,canAccessLocalStorage()&&sessionStorage.setItem("htmx-current-path-for-history",e)}setCurrentPathForHistory(location.pathname+location.search);function getHistoryElement(){return getDocument().querySelector("[hx-history-elt],[data-hx-history-elt]")||getDocument().body}function saveToHistoryCache(e,t){if(!canAccessLocalStorage())return;let n=cleanInnerHtmlForHistory(t),r=getDocument().title,o=window.scrollY;if(htmx.config.historyCacheSize<=0){sessionStorage.removeItem("htmx-history-cache");return}e=normalizePath(e);let i=parseJSON(sessionStorage.getItem("htmx-history-cache"))||[];for(let a=0;a<i.length;a++)if(i[a].url===e){i.splice(a,1);break}let s={url:e,content:n,title:r,scroll:o};for(triggerEvent(getDocument().body,"htmx:historyItemCreated",{item:s,cache:i}),i.push(s);i.length>htmx.config.historyCacheSize;)i.shift();for(;i.length>0;)try{sessionStorage.setItem("htmx-history-cache",JSON.stringify(i));break}catch(a){triggerErrorEvent(getDocument().body,"htmx:historyCacheError",{cause:a,cache:i}),i.shift()}}function getCachedHistory(e){if(!canAccessLocalStorage())return null;e=normalizePath(e);let t=parseJSON(sessionStorage.getItem("htmx-history-cache"))||[];for(let n=0;n<t.length;n++)if(t[n].url===e)return t[n];return null}function cleanInnerHtmlForHistory(e){let t=htmx.config.requestClass,n=e.cloneNode(!0);return forEach(findAll(n,"."+t),function(r){removeClassFromElement(r,t)}),forEach(findAll(n,"[data-disabled-by-htmx]"),function(r){r.removeAttribute("disabled")}),n.innerHTML}function saveCurrentPageToHistory(){let e=getHistoryElement(),t=currentPathForHistory;canAccessLocalStorage()&&(t=sessionStorage.getItem("htmx-current-path-for-history")),t=t||location.pathname+location.search,getDocument().querySelector('[hx-history="false" i],[data-hx-history="false" i]')||(triggerEvent(getDocument().body,"htmx:beforeHistorySave",{path:t,historyElt:e}),saveToHistoryCache(t,e)),htmx.config.historyEnabled&&history.replaceState({htmx:!0},getDocument().title,location.href)}function pushUrlIntoHistory(e){htmx.config.getCacheBusterParam&&(e=e.replace(/org\.htmx\.cache-buster=[^&]*&?/,""),(endsWith(e,"&")||endsWith(e,"?"))&&(e=e.slice(0,-1))),htmx.config.historyEnabled&&history.pushState({htmx:!0},"",e),setCurrentPathForHistory(e)}function replaceUrlInHistory(e){htmx.config.historyEnabled&&history.replaceState({htmx:!0},"",e),setCurrentPathForHistory(e)}function settleImmediately(e){forEach(e,function(t){t.call(void 0)})}function loadHistoryFromServer(e){let t=new XMLHttpRequest,n={swapStyle:"innerHTML",swapDelay:0,settleDelay:0},r={path:e,xhr:t,historyElt:getHistoryElement(),swapSpec:n};t.open("GET",e,!0),htmx.config.historyRestoreAsHxRequest&&t.setRequestHeader("HX-Request","true"),t.setRequestHeader("HX-History-Restore-Request","true"),t.setRequestHeader("HX-Current-URL",location.href),t.onload=function(){this.status>=200&&this.status<400?(r.response=this.response,triggerEvent(getDocument().body,"htmx:historyCacheMissLoad",r),swap(r.historyElt,r.response,n,{contextElement:r.historyElt,historyRequest:!0}),setCurrentPathForHistory(r.path),triggerEvent(getDocument().body,"htmx:historyRestore",{path:e,cacheMiss:!0,serverResponse:r.response})):triggerErrorEvent(getDocument().body,"htmx:historyCacheMissLoadError",r)},triggerEvent(getDocument().body,"htmx:historyCacheMiss",r)&&t.send()}function restoreHistory(e){saveCurrentPageToHistory(),e=e||location.pathname+location.search;let t=getCachedHistory(e);if(t){let n={swapStyle:"innerHTML",swapDelay:0,settleDelay:0,scroll:t.scroll},r={path:e,item:t,historyElt:getHistoryElement(),swapSpec:n};triggerEvent(getDocument().body,"htmx:historyCacheHit",r)&&(swap(r.historyElt,t.content,n,{contextElement:r.historyElt,title:t.title}),setCurrentPathForHistory(r.path),triggerEvent(getDocument().body,"htmx:historyRestore",r))}else htmx.config.refreshOnHistoryMiss?htmx.location.reload(!0):loadHistoryFromServer(e)}function addRequestIndicatorClasses(e){let t=findAttributeTargets(e,"hx-indicator");return t==null&&(t=[e]),forEach(t,function(n){let r=getInternalData(n);r.requestCount=(r.requestCount||0)+1,n.classList.add.call(n.classList,htmx.config.requestClass)}),t}function disableElements(e){let t=findAttributeTargets(e,"hx-disabled-elt");return t==null&&(t=[]),forEach(t,function(n){let r=getInternalData(n);r.requestCount=(r.requestCount||0)+1,n.setAttribute("disabled",""),n.setAttribute("data-disabled-by-htmx","")}),t}function removeRequestIndicators(e,t){forEach(e.concat(t),function(n){let r=getInternalData(n);r.requestCount=(r.requestCount||1)-1}),forEach(e,function(n){getInternalData(n).requestCount===0&&n.classList.remove.call(n.classList,htmx.config.requestClass)}),forEach(t,function(n){getInternalData(n).requestCount===0&&(n.removeAttribute("disabled"),n.removeAttribute("data-disabled-by-htmx"))})}function haveSeenNode(e,t){for(let n=0;n<e.length;n++)if(e[n].isSameNode(t))return!0;return!1}function shouldInclude(e){let t=e;return t.name===""||t.name==null||t.disabled||closest(t,"fieldset[disabled]")||t.type==="button"||t.type==="submit"||t.tagName==="image"||t.tagName==="reset"||t.tagName==="file"?!1:t.type==="checkbox"||t.type==="radio"?t.checked:!0}function addValueToFormData(e,t,n){e!=null&&t!=null&&(Array.isArray(t)?t.forEach(function(r){n.append(e,r)}):n.append(e,t))}function removeValueFromFormData(e,t,n){if(e!=null&&t!=null){let r=n.getAll(e);Array.isArray(t)?r=r.filter(o=>t.indexOf(o)<0):r=r.filter(o=>o!==t),n.delete(e),forEach(r,o=>n.append(e,o))}}function getValueFromInput(e){return e instanceof HTMLSelectElement&&e.multiple?toArray(e.querySelectorAll("option:checked")).map(function(t){return t.value}):e instanceof HTMLInputElement&&e.files?toArray(e.files):e.value}function processInputValue(e,t,n,r,o){if(!(r==null||haveSeenNode(e,r))){if(e.push(r),shouldInclude(r)){let i=getRawAttribute(r,"name");addValueToFormData(i,getValueFromInput(r),t),o&&validateElement(r,n)}r instanceof HTMLFormElement&&(forEach(r.elements,function(i){e.indexOf(i)>=0?removeValueFromFormData(i.name,getValueFromInput(i),t):e.push(i),o&&validateElement(i,n)}),new FormData(r).forEach(function(i,s){i instanceof File&&i.name===""||addValueToFormData(s,i,t)}))}}function validateElement(e,t){let n=e;n.willValidate&&(triggerEvent(n,"htmx:validation:validate"),n.checkValidity()||(triggerEvent(n,"htmx:validation:failed",{message:n.validationMessage,validity:n.validity})&&!t.length&&htmx.config.reportValidityOfForms&&n.reportValidity(),t.push({elt:n,message:n.validationMessage,validity:n.validity})))}function overrideFormData(e,t){for(let n of t.keys())e.delete(n);return t.forEach(function(n,r){e.append(r,n)}),e}function getInputValues(e,t){let n=[],r=new FormData,o=new FormData,i=[],s=getInternalData(e);s.lastButtonClicked&&!bodyContains(s.lastButtonClicked)&&(s.lastButtonClicked=null);let a=e instanceof HTMLFormElement&&e.noValidate!==!0||getAttributeValue(e,"hx-validate")==="true";if(s.lastButtonClicked&&(a=a&&s.lastButtonClicked.formNoValidate!==!0),t!=="get"&&processInputValue(n,o,i,getRelatedForm(e),a),processInputValue(n,r,i,e,a),s.lastButtonClicked||e.tagName==="BUTTON"||e.tagName==="INPUT"&&getRawAttribute(e,"type")==="submit"){let c=s.lastButtonClicked||e,h=getRawAttribute(c,"name");addValueToFormData(h,c.value,o)}let l=findAttributeTargets(e,"hx-include");return forEach(l,function(c){processInputValue(n,r,i,asElement(c),a),matches(c,"form")||forEach(asParentNode(c).querySelectorAll(INPUT_SELECTOR),function(h){processInputValue(n,r,i,h,a)})}),overrideFormData(r,o),{errors:i,formData:r,values:formDataProxy(r)}}function appendParam(e,t,n){e!==""&&(e+="&"),String(n)==="[object Object]"&&(n=JSON.stringify(n));let r=encodeURIComponent(n);return e+=encodeURIComponent(t)+"="+r,e}function urlEncode(e){e=formDataFromObject(e);let t="";return e.forEach(function(n,r){t=appendParam(t,r,n)}),t}function getHeaders(e,t,n){let r={"HX-Request":"true","HX-Trigger":getRawAttribute(e,"id"),"HX-Trigger-Name":getRawAttribute(e,"name"),"HX-Target":getAttributeValue(t,"id"),"HX-Current-URL":location.href};return getValuesForElement(e,"hx-headers",!1,r),n!==void 0&&(r["HX-Prompt"]=n),getInternalData(e).boosted&&(r["HX-Boosted"]="true"),r}function filterValues(e,t){let n=getClosestAttributeValue(t,"hx-params");if(n){if(n==="none")return new FormData;if(n==="*")return e;if(n.indexOf("not ")===0)return forEach(n.slice(4).split(","),function(r){r=r.trim(),e.delete(r)}),e;{let r=new FormData;return forEach(n.split(","),function(o){o=o.trim(),e.has(o)&&e.getAll(o).forEach(function(i){r.append(o,i)})}),r}}else return e}function isAnchorLink(e){return!!getRawAttribute(e,"href")&&getRawAttribute(e,"href").indexOf("#")>=0}function getSwapSpecification(e,t){let n=t||getClosestAttributeValue(e,"hx-swap"),r={swapStyle:getInternalData(e).boosted?"innerHTML":htmx.config.defaultSwapStyle,swapDelay:htmx.config.defaultSwapDelay,settleDelay:htmx.config.defaultSettleDelay};if(htmx.config.scrollIntoViewOnBoost&&getInternalData(e).boosted&&!isAnchorLink(e)&&(r.show="top"),n){let s=splitOnWhitespace(n);if(s.length>0)for(let a=0;a<s.length;a++){let l=s[a];if(l.indexOf("swap:")===0)r.swapDelay=parseInterval(l.slice(5));else if(l.indexOf("settle:")===0)r.settleDelay=parseInterval(l.slice(7));else if(l.indexOf("transition:")===0)r.transition=l.slice(11)==="true";else if(l.indexOf("ignoreTitle:")===0)r.ignoreTitle=l.slice(12)==="true";else if(l.indexOf("scroll:")===0){var o=l.slice(7).split(":");let h=o.pop();var i=o.length>0?o.join(":"):null;r.scroll=h,r.scrollTarget=i}else if(l.indexOf("show:")===0){var o=l.slice(5).split(":");let u=o.pop();var i=o.length>0?o.join(":"):null;r.show=u,r.showTarget=i}else if(l.indexOf("focus-scroll:")===0){let c=l.slice(13);r.focusScroll=c=="true"}else a==0?r.swapStyle=l:logError("Unknown modifier in hx-swap: "+l)}}return r}function usesFormData(e){return getClosestAttributeValue(e,"hx-encoding")==="multipart/form-data"||matches(e,"form")&&getRawAttribute(e,"enctype")==="multipart/form-data"}function encodeParamsForBody(e,t,n){let r=null;return withExtensions(t,function(o){r==null&&(r=o.encodeParameters(e,n,t))}),r??(usesFormData(t)?overrideFormData(new FormData,formDataFromObject(n)):urlEncode(n))}function makeSettleInfo(e){return{tasks:[],elts:[e]}}function updateScrollState(e,t){let n=e[0],r=e[e.length-1];if(t.scroll){var o=null;t.scrollTarget&&(o=asElement(querySelectorExt(n,t.scrollTarget))),t.scroll==="top"&&(n||o)&&(o=o||n,o.scrollTop=0),t.scroll==="bottom"&&(r||o)&&(o=o||r,o.scrollTop=o.scrollHeight),typeof t.scroll=="number"&&getWindow().setTimeout(function(){window.scrollTo(0,t.scroll)},0)}if(t.show){var o=null;if(t.showTarget){let s=t.showTarget;t.showTarget==="window"&&(s="body"),o=asElement(querySelectorExt(n,s))}t.show==="top"&&(n||o)&&(o=o||n,o.scrollIntoView({block:"start",behavior:htmx.config.scrollBehavior})),t.show==="bottom"&&(r||o)&&(o=o||r,o.scrollIntoView({block:"end",behavior:htmx.config.scrollBehavior}))}}function getValuesForElement(e,t,n,r,o){if(r==null&&(r={}),e==null)return r;let i=getAttributeValue(e,t);if(i){let s=i.trim(),a=n;if(s==="unset")return null;s.indexOf("javascript:")===0?(s=s.slice(11),a=!0):s.indexOf("js:")===0&&(s=s.slice(3),a=!0),s.indexOf("{")!==0&&(s="{"+s+"}");let l;a?l=maybeEval(e,function(){return o?Function("event","return ("+s+")").call(e,o):Function("return ("+s+")").call(e)},{}):l=parseJSON(s);for(let c in l)l.hasOwnProperty(c)&&r[c]==null&&(r[c]=l[c])}return getValuesForElement(asElement(parentElt(e)),t,n,r,o)}function maybeEval(e,t,n){return htmx.config.allowEval?t():(triggerErrorEvent(e,"htmx:evalDisallowedError"),n)}function getHXVarsForElement(e,t,n){return getValuesForElement(e,"hx-vars",!0,n,t)}function getHXValsForElement(e,t,n){return getValuesForElement(e,"hx-vals",!1,n,t)}function getExpressionVars(e,t){return mergeObjects(getHXVarsForElement(e,t),getHXValsForElement(e,t))}function safelySetHeaderValue(e,t,n){if(n!==null)try{e.setRequestHeader(t,n)}catch{e.setRequestHeader(t,encodeURIComponent(n)),e.setRequestHeader(t+"-URI-AutoEncoded","true")}}function getPathFromResponse(e){if(e.responseURL)try{let t=new URL(e.responseURL);return t.pathname+t.search}catch{triggerErrorEvent(getDocument().body,"htmx:badResponseUrl",{url:e.responseURL})}}function hasHeader(e,t){return t.test(e.getAllResponseHeaders())}function ajaxHelper(e,t,n){if(e=e.toLowerCase(),n){if(n instanceof Element||typeof n=="string")return issueAjaxRequest(e,t,null,null,{targetOverride:resolveTarget(n)||DUMMY_ELT,returnPromise:!0});{let r=resolveTarget(n.target);return(n.target&&!r||n.source&&!r&&!resolveTarget(n.source))&&(r=DUMMY_ELT),issueAjaxRequest(e,t,resolveTarget(n.source),n.event,{handler:n.handler,headers:n.headers,values:n.values,targetOverride:r,swapOverride:n.swap,select:n.select,returnPromise:!0,push:n.push,replace:n.replace,selectOOB:n.selectOOB})}}else return issueAjaxRequest(e,t,null,null,{returnPromise:!0})}function hierarchyForElt(e){let t=[];for(;e;)t.push(e),e=e.parentElement;return t}function verifyPath(e,t,n){let r=new URL(t,location.protocol!=="about:"?location.href:window.origin),i=(location.protocol!=="about:"?location.origin:window.origin)===r.origin;return htmx.config.selfRequestsOnly&&!i?!1:triggerEvent(e,"htmx:validateUrl",mergeObjects({url:r,sameHost:i},n))}function formDataFromObject(e){if(e instanceof FormData)return e;let t=new FormData;for(let n in e)e.hasOwnProperty(n)&&(e[n]&&typeof e[n].forEach=="function"?e[n].forEach(function(r){t.append(n,r)}):typeof e[n]=="object"&&!(e[n]instanceof Blob)?t.append(n,JSON.stringify(e[n])):t.append(n,e[n]));return t}function formDataArrayProxy(e,t,n){return new Proxy(n,{get:function(r,o){return typeof o=="number"?r[o]:o==="length"?r.length:o==="push"?function(i){r.push(i),e.append(t,i)}:typeof r[o]=="function"?function(){r[o].apply(r,arguments),e.delete(t),r.forEach(function(i){e.append(t,i)})}:r[o]&&r[o].length===1?r[o][0]:r[o]},set:function(r,o,i){return r[o]=i,e.delete(t),r.forEach(function(s){e.append(t,s)}),!0}})}function formDataProxy(e){return new Proxy(e,{get:function(t,n){if(typeof n=="symbol"){let o=Reflect.get(t,n);return typeof o=="function"?function(){return o.apply(e,arguments)}:o}if(n==="toJSON")return()=>Object.fromEntries(e);if(n in t&&typeof t[n]=="function")return function(){return e[n].apply(e,arguments)};let r=e.getAll(n);if(r.length!==0)return r.length===1?r[0]:formDataArrayProxy(t,n,r)},set:function(t,n,r){return typeof n!="string"?!1:(t.delete(n),r&&typeof r.forEach=="function"?r.forEach(function(o){t.append(n,o)}):typeof r=="object"&&!(r instanceof Blob)?t.append(n,JSON.stringify(r)):t.append(n,r),!0)},deleteProperty:function(t,n){return typeof n=="string"&&t.delete(n),!0},ownKeys:function(t){return Reflect.ownKeys(Object.fromEntries(t))},getOwnPropertyDescriptor:function(t,n){return Reflect.getOwnPropertyDescriptor(Object.fromEntries(t),n)}})}function issueAjaxRequest(e,t,n,r,o,i){let s=null,a=null;if(o=o??{},o.returnPromise&&typeof Promise<"u")var l=new Promise(function(p,w){s=p,a=w});n==null&&(n=getDocument().body);let c=o.handler||handleAjaxResponse,h=o.select||null;if(!bodyContains(n))return maybeCall(s),l;let u=o.targetOverride||asElement(getTarget(n));if(u==null||u==DUMMY_ELT)return triggerErrorEvent(n,"htmx:targetError",{target:getClosestAttributeValue(n,"hx-target")}),maybeCall(a),l;let f=getInternalData(n),v=f.lastButtonClicked;if(v){let p=getRawAttribute(v,"formaction");p!=null&&(t=p);let w=getRawAttribute(v,"formmethod");if(w!=null)if(VERBS.includes(w.toLowerCase()))e=w;else return maybeCall(s),l}let d=getClosestAttributeValue(n,"hx-confirm");if(i===void 0&&triggerEvent(n,"htmx:confirm",{target:u,elt:n,path:t,verb:e,triggeringEvent:r,etc:o,issueRequest:function(T){return issueAjaxRequest(e,t,n,r,o,!!T)},question:d})===!1)return maybeCall(s),l;let y=n,m=getClosestAttributeValue(n,"hx-sync"),x=null,b=!1;if(m){let p=m.split(":"),w=p[0].trim();if(w==="this"?y=findThisElement(n,"hx-sync"):y=asElement(querySelectorExt(n,w)),m=(p[1]||"drop").trim(),f=getInternalData(y),m==="drop"&&f.xhr&&f.abortable!==!0)return maybeCall(s),l;if(m==="abort"){if(f.xhr)return maybeCall(s),l;b=!0}else m==="replace"?triggerEvent(y,"htmx:abort"):m.indexOf("queue")===0&&(x=(m.split(" ")[1]||"last").trim())}if(f.xhr)if(f.abortable)triggerEvent(y,"htmx:abort");else{if(x==null){if(r){let p=getInternalData(r);p&&p.triggerSpec&&p.triggerSpec.queue&&(x=p.triggerSpec.queue)}x==null&&(x="last")}return f.queuedRequests==null&&(f.queuedRequests=[]),x==="first"&&f.queuedRequests.length===0?f.queuedRequests.push(function(){issueAjaxRequest(e,t,n,r,o)}):x==="all"?f.queuedRequests.push(function(){issueAjaxRequest(e,t,n,r,o)}):x==="last"&&(f.queuedRequests=[],f.queuedRequests.push(function(){issueAjaxRequest(e,t,n,r,o)})),maybeCall(s),l}let E=new XMLHttpRequest;f.xhr=E,f.abortable=b;let g=function(){f.xhr=null,f.abortable=!1,f.queuedRequests!=null&&f.queuedRequests.length>0&&f.queuedRequests.shift()()},W=getClosestAttributeValue(n,"hx-prompt");if(W){var q=prompt(W);if(q===null||!triggerEvent(n,"htmx:prompt",{prompt:q,target:u}))return maybeCall(s),g(),l}if(d&&!i&&!confirm(d))return maybeCall(s),g(),l;let H=getHeaders(n,u,q);e!=="get"&&!usesFormData(n)&&(H["Content-Type"]="application/x-www-form-urlencoded"),o.headers&&(H=mergeObjects(H,o.headers));let X=getInputValues(n,e),R=X.errors,$=X.formData;o.values&&overrideFormData($,formDataFromObject(o.values));let re=formDataFromObject(getExpressionVars(n,r)),P=overrideFormData($,re),D=filterValues(P,n);htmx.config.getCacheBusterParam&&e==="get"&&D.set("org.htmx.cache-buster",getRawAttribute(u,"id")||"true"),(t==null||t==="")&&(t=location.href);let k=getValuesForElement(n,"hx-request"),J=getInternalData(n).boosted,I=htmx.config.methodsThatUseUrlParams.indexOf(e)>=0,S={boosted:J,useUrlParams:I,formData:D,parameters:formDataProxy(D),unfilteredFormData:P,unfilteredParameters:formDataProxy(P),headers:H,elt:n,target:u,verb:e,errors:R,withCredentials:o.credentials||k.credentials||htmx.config.withCredentials,timeout:o.timeout||k.timeout||htmx.config.timeout,path:t,triggeringEvent:r};if(!triggerEvent(n,"htmx:configRequest",S))return maybeCall(s),g(),l;if(t=S.path,e=S.verb,H=S.headers,D=formDataFromObject(S.parameters),R=S.errors,I=S.useUrlParams,R&&R.length>0)return triggerEvent(n,"htmx:validation:halted",S),maybeCall(s),g(),l;let z=t.split("#"),oe=z[0],M=z[1],A=t;if(I&&(A=oe,!D.keys().next().done&&(A.indexOf("?")<0?A+="?":A+="&",A+=urlEncode(D),M&&(A+="#"+M))),!verifyPath(n,A,S))return triggerErrorEvent(n,"htmx:invalidPath",S),maybeCall(a),g(),l;if(E.open(e.toUpperCase(),A,!0),E.overrideMimeType("text/html"),E.withCredentials=S.withCredentials,E.timeout=S.timeout,!k.noHeaders){for(let p in H)if(H.hasOwnProperty(p)){let w=H[p];safelySetHeaderValue(E,p,w)}}let C={xhr:E,target:u,requestConfig:S,etc:o,boosted:J,select:h,pathInfo:{requestPath:t,finalRequestPath:A,responsePath:null,anchor:M}};if(E.onload=function(){try{let p=hierarchyForElt(n);if(C.pathInfo.responsePath=getPathFromResponse(E),c(n,C),C.keepIndicators!==!0&&removeRequestIndicators(L,O),triggerEvent(n,"htmx:afterRequest",C),triggerEvent(n,"htmx:afterOnLoad",C),!bodyContains(n)){let w=null;for(;p.length>0&&w==null;){let T=p.shift();bodyContains(T)&&(w=T)}w&&(triggerEvent(w,"htmx:afterRequest",C),triggerEvent(w,"htmx:afterOnLoad",C))}maybeCall(s)}catch(p){throw triggerErrorEvent(n,"htmx:onLoadError",mergeObjects({error:p},C)),p}finally{g()}},E.onerror=function(){removeRequestIndicators(L,O),triggerErrorEvent(n,"htmx:afterRequest",C),triggerErrorEvent(n,"htmx:sendError",C),maybeCall(a),g()},E.onabort=function(){removeRequestIndicators(L,O),triggerErrorEvent(n,"htmx:afterRequest",C),triggerErrorEvent(n,"htmx:sendAbort",C),maybeCall(a),g()},E.ontimeout=function(){removeRequestIndicators(L,O),triggerErrorEvent(n,"htmx:afterRequest",C),triggerErrorEvent(n,"htmx:timeout",C),maybeCall(a),g()},!triggerEvent(n,"htmx:beforeRequest",C))return maybeCall(s),g(),l;var L=addRequestIndicatorClasses(n),O=disableElements(n);forEach(["loadstart","loadend","progress","abort"],function(p){forEach([E,E.upload],function(w){w.addEventListener(p,function(T){triggerEvent(n,"htmx:xhr:"+p,{lengthComputable:T.lengthComputable,loaded:T.loaded,total:T.total})})})}),triggerEvent(n,"htmx:beforeSend",C);let ie=I?null:encodeParamsForBody(E,n,D);return E.send(ie),l}function determineHistoryUpdates(e,t){let n=t.xhr,r=null,o=null;if(hasHeader(n,/HX-Push:/i)?(r=n.getResponseHeader("HX-Push"),o="push"):hasHeader(n,/HX-Push-Url:/i)?(r=n.getResponseHeader("HX-Push-Url"),o="push"):hasHeader(n,/HX-Replace-Url:/i)&&(r=n.getResponseHeader("HX-Replace-Url"),o="replace"),r)return r==="false"?{}:{type:o,path:r};let i=t.pathInfo.finalRequestPath,s=t.pathInfo.responsePath,a=t.etc.push||getClosestAttributeValue(e,"hx-push-url"),l=t.etc.replace||getClosestAttributeValue(e,"hx-replace-url"),c=getInternalData(e).boosted,h=null,u=null;return a?(h="push",u=a):l?(h="replace",u=l):c&&(h="push",u=s||i),u?u==="false"?{}:(u==="true"&&(u=s||i),t.pathInfo.anchor&&u.indexOf("#")===-1&&(u=u+"#"+t.pathInfo.anchor),{type:h,path:u}):{}}function codeMatches(e,t){var n=new RegExp(e.code);return n.test(t.toString(10))}function resolveResponseHandling(e){for(var t=0;t<htmx.config.responseHandling.length;t++){var n=htmx.config.responseHandling[t];if(codeMatches(n,e.status))return n}return{swap:!1}}function handleTitle(e){if(e){let t=find("title");t?t.textContent=e:window.document.title=e}}function resolveRetarget(e,t){if(t==="this")return e;let n=asElement(querySelectorExt(e,t));if(n==null)throw triggerErrorEvent(e,"htmx:targetError",{target:t}),new Error(`Invalid re-target ${t}`);return n}function handleAjaxResponse(e,t){let n=t.xhr,r=t.target,o=t.etc,i=t.select;if(!triggerEvent(e,"htmx:beforeOnLoad",t))return;if(hasHeader(n,/HX-Trigger:/i)&&handleTriggerHeader(n,"HX-Trigger",e),hasHeader(n,/HX-Location:/i)){let b=n.getResponseHeader("HX-Location");var s={};b.indexOf("{")===0&&(s=parseJSON(b),b=s.path,delete s.path),s.push=s.push||"true",ajaxHelper("get",b,s);return}let a=hasHeader(n,/HX-Refresh:/i)&&n.getResponseHeader("HX-Refresh")==="true";if(hasHeader(n,/HX-Redirect:/i)){t.keepIndicators=!0,htmx.location.href=n.getResponseHeader("HX-Redirect"),a&&htmx.location.reload();return}if(a){t.keepIndicators=!0,htmx.location.reload();return}let l=determineHistoryUpdates(e,t),c=resolveResponseHandling(n),h=c.swap,u=!!c.error,f=htmx.config.ignoreTitle||c.ignoreTitle,v=c.select;c.target&&(t.target=resolveRetarget(e,c.target));var d=o.swapOverride;d==null&&c.swapOverride&&(d=c.swapOverride),hasHeader(n,/HX-Retarget:/i)&&(t.target=resolveRetarget(e,n.getResponseHeader("HX-Retarget"))),hasHeader(n,/HX-Reswap:/i)&&(d=n.getResponseHeader("HX-Reswap"));var y=n.response,m=mergeObjects({shouldSwap:h,serverResponse:y,isError:u,ignoreTitle:f,selectOverride:v,swapOverride:d},t);if(!(c.event&&!triggerEvent(r,c.event,m))&&triggerEvent(r,"htmx:beforeSwap",m)){if(r=m.target,y=m.serverResponse,u=m.isError,f=m.ignoreTitle,v=m.selectOverride,d=m.swapOverride,t.target=r,t.failed=u,t.successful=!u,m.shouldSwap){n.status===286&&cancelPolling(e),withExtensions(e,function(g){y=g.transformResponse(y,n,e)}),l.type&&saveCurrentPageToHistory();var x=getSwapSpecification(e,d);x.hasOwnProperty("ignoreTitle")||(x.ignoreTitle=f),r.classList.add(htmx.config.swappingClass),i&&(v=i),hasHeader(n,/HX-Reselect:/i)&&(v=n.getResponseHeader("HX-Reselect"));let b=o.selectOOB||getClosestAttributeValue(e,"hx-select-oob"),E=getClosestAttributeValue(e,"hx-select");swap(r,y,x,{select:v==="unset"?null:v||E,selectOOB:b,eventInfo:t,anchor:t.pathInfo.anchor,contextElement:e,afterSwapCallback:function(){if(hasHeader(n,/HX-Trigger-After-Swap:/i)){let g=e;bodyContains(e)||(g=getDocument().body),handleTriggerHeader(n,"HX-Trigger-After-Swap",g)}},afterSettleCallback:function(){if(hasHeader(n,/HX-Trigger-After-Settle:/i)){let g=e;bodyContains(e)||(g=getDocument().body),handleTriggerHeader(n,"HX-Trigger-After-Settle",g)}},beforeSwapCallback:function(){l.type&&(triggerEvent(getDocument().body,"htmx:beforeHistoryUpdate",mergeObjects({history:l},t)),l.type==="push"?(pushUrlIntoHistory(l.path),triggerEvent(getDocument().body,"htmx:pushedIntoHistory",{path:l.path})):(replaceUrlInHistory(l.path),triggerEvent(getDocument().body,"htmx:replacedInHistory",{path:l.path})))}})}u&&triggerErrorEvent(e,"htmx:responseError",mergeObjects({error:"Response Status Error Code "+n.status+" from "+t.pathInfo.requestPath},t))}}let extensions={};function extensionBase(){return{init:function(e){return null},getSelectors:function(){return null},onEvent:function(e,t){return!0},transformResponse:function(e,t,n){return e},isInlineSwap:function(e){return!1},handleSwap:function(e,t,n,r){return!1},encodeParameters:function(e,t,n){return null}}}function defineExtension(e,t){t.init&&t.init(internalAPI),extensions[e]=mergeObjects(extensionBase(),t)}function removeExtension(e){delete extensions[e]}function getExtensions(e,t,n){if(t==null&&(t=[]),e==null)return t;n==null&&(n=[]);let r=getAttributeValue(e,"hx-ext");return r&&forEach(r.split(","),function(o){if(o=o.replace(/ /g,""),o.slice(0,7)=="ignore:"){n.push(o.slice(7));return}if(n.indexOf(o)<0){let i=extensions[o];i&&t.indexOf(i)<0&&t.push(i)}}),getExtensions(asElement(parentElt(e)),t,n)}var isReady=!1;getDocument().addEventListener("DOMContentLoaded",function(){isReady=!0});function ready(e){isReady||getDocument().readyState==="complete"?e():getDocument().addEventListener("DOMContentLoaded",e)}function insertIndicatorStyles(){if(htmx.config.includeIndicatorStyles!==!1){let e=htmx.config.inlineStyleNonce?` nonce="${htmx.config.inlineStyleNonce}"`:"",t=htmx.config.indicatorClass,n=htmx.config.requestClass;getDocument().head.insertAdjacentHTML("beforeend",`<style${e}>.${t}{opacity:0;visibility: hidden} .${n} .${t}, .${n}.${t}{opacity:1;visibility: visible;transition: opacity 200ms ease-in}</style>`)}}function getMetaConfig(){let e=getDocument().querySelector('meta[name="htmx-config"]');return e?parseJSON(e.content):null}function mergeMetaConfig(){let e=getMetaConfig();e&&(htmx.config=mergeObjects(htmx.config,e))}return ready(function(){mergeMetaConfig(),insertIndicatorStyles();let e=getDocument().body;processNode(e);let t=getDocument().querySelectorAll("[hx-trigger='restored'],[data-hx-trigger='restored']");e.addEventListener("htmx:abort",function(r){let o=r.detail.elt||r.target,i=getInternalData(o);i&&i.xhr&&i.xhr.abort()});let n=window.onpopstate?window.onpopstate.bind(window):null;window.onpopstate=function(r){r.state&&r.state.htmx?(restoreHistory(),forEach(t,function(o){triggerEvent(o,"htmx:restored",{document:getDocument(),triggerEvent})})):n&&n(r)},getWindow().setTimeout(function(){triggerEvent(e,"htmx:load",{}),e=null},0)}),htmx})(),F=se;(function(){let e;F.defineExtension("json-enc",{init:function(t){e=t},onEvent:function(t,n){t==="htmx:configRequest"&&(n.detail.headers["Content-Type"]="application/json")},encodeParameters:function(t,n,r){t.overrideMimeType("text/json");let o={};n.forEach(function(s,a){Object.hasOwn(o,a)?(Array.isArray(o[a])||(o[a]=[o[a]]),o[a].push(s)):o[a]=s});let i=e.getExpressionVars(r);return Object.keys(o).forEach(function(s){o[s]=Object.hasOwn(i,s)?i[s]:o[s]}),JSON.stringify(o)}})})();var K=document.createElement("template");K.innerHTML=` 2 2 <slot></slot> 3 3 4 4 <ul class="menu" part="menu"></ul> ··· 92 92 <span class="handle" part="handle"></span> 93 93 </button> 94 94 </li> 95 - `;function Y(e){return e.cloneNode(!0)}var M=class extends HTMLElement{static tag="actor-typeahead";static define(t=this.tag){this.tag=t;let n=customElements.getName(this);if(n&&n!==t)return console.warn(`${this.name} already defined as <${n}>!`);let r=customElements.get(t);if(r&&r!==this)return console.warn(`<${t}> already defined as ${r.name}!`);customElements.define(t,this)}static{let t=new URL(import.meta.url).searchParams.get("tag")||this.tag;t!=="none"&&this.define(t)}#n=this.attachShadow({mode:"closed"});#r=[];#e=-1;#o=!1;constructor(){super(),this.#n.append(Y(K).content),this.#t(),this.addEventListener("input",this),this.addEventListener("focusout",this),this.addEventListener("keydown",this),this.#n.addEventListener("pointerdown",this),this.#n.addEventListener("pointerup",this),this.#n.addEventListener("click",this)}get#i(){let t=Number.parseInt(this.getAttribute("rows")??"");return Number.isNaN(t)?5:t}handleEvent(t){switch(t.type){case"input":this.#a(t);break;case"keydown":this.#s(t);break;case"focusout":this.#l(t);break;case"pointerdown":this.#c(t);break;case"pointerup":this.#u(t);break}}#s(t){switch(t.key){case"ArrowDown":t.preventDefault(),this.#e=Math.min(this.#e+1,this.#i-1),this.#t();break;case"PageDown":t.preventDefault(),this.#e=this.#i-1,this.#t();break;case"ArrowUp":t.preventDefault(),this.#e=Math.max(this.#e-1,0),this.#t();break;case"PageUp":t.preventDefault(),this.#e=0,this.#t();break;case"Escape":t.preventDefault(),this.#r=[],this.#e=-1,this.#t();break;case"Enter":t.preventDefault(),this.#n.querySelectorAll("button")[this.#e]?.dispatchEvent(new PointerEvent("pointerup",{bubbles:!0}));break}}async#a(t){let n=t.target?.value;if(!n){this.#r=[],this.#t();return}let r=this.getAttribute("host")??"https://public.api.bsky.app",o=new URL("xrpc/app.bsky.actor.searchActorsTypeahead",r);o.searchParams.set("q",n),o.searchParams.set("limit",`${this.#i}`);let s=await(await fetch(o)).json();this.#r=s.actors,this.#e=-1,this.#t()}async#l(t){this.#o||(this.#r=[],this.#e=-1,this.#t())}#t(){let t=document.createDocumentFragment(),n=-1;for(let r of this.#r){let o=Y(G).content,i=o.querySelector("button");i&&(i.dataset.handle=r.handle,++n===this.#e&&(i.dataset.active="true"));let s=o.querySelector("img");s&&r.avatar&&(s.src=r.avatar);let a=o.querySelector(".handle");a&&(a.textContent=r.handle),t.append(o)}this.#n.querySelector(".menu")?.replaceChildren(...t.children)}#c(t){this.#o=!0}#u(t){this.#o=!1,this.querySelector("input")?.focus();let n=t.target?.closest("button"),r=this.querySelector("input");!r||!n||(r.value=n.dataset.handle||"",this.#r=[],this.#t())}};function Z(){return localStorage.getItem("theme")||"system"}function ae(e){return e==="dark"||e==="light"?e:window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light"}function U(){let e=Z(),n=ae(e)==="dark";document.documentElement.classList.toggle("dark",n),document.documentElement.setAttribute("data-theme",n?"dark":"light"),le(e)}function ee(e){localStorage.setItem("theme",e),U(),ce()}function le(e){let t={system:"sun-moon",light:"sun",dark:"moon"};document.querySelectorAll("[data-theme-icon] use").forEach(n=>{n.setAttribute("href",`/icons.svg#${t[e]||"sun-moon"}`)}),document.querySelectorAll(".theme-option").forEach(n=>{let r=n.dataset.value===e,o=n.querySelector(".theme-check");o&&(o.style.visibility=r?"visible":"hidden")})}function ce(){document.querySelectorAll("[data-theme-toggle]").forEach(e=>{let t=e.closest("details");t&&t.removeAttribute("open")})}window.matchMedia("(prefers-color-scheme: dark)").addEventListener("change",()=>{Z()==="system"&&U()});function ue(){let e=document.querySelector(".nav-search-wrapper"),t=document.getElementById("nav-search-input");!e||!t||(e.classList.toggle("expanded"),e.classList.contains("expanded")&&t.focus())}function B(){let e=document.querySelector(".nav-search-wrapper");e&&e.classList.remove("expanded")}document.addEventListener("DOMContentLoaded",()=>{let e=document.querySelector(".nav-search-wrapper"),t=document.getElementById("nav-search-input");!e||!t||(document.addEventListener("keydown",n=>{n.key==="Escape"&&e.classList.contains("expanded")&&B()}),document.addEventListener("click",n=>{e.classList.contains("expanded")&&!e.contains(n.target)&&B()}))});function te(e,t){!t&&typeof event<"u"&&(t=event.target.closest("button")),navigator.clipboard.writeText(e).then(()=>{if(!t)return;let n=t.innerHTML;t.innerHTML='<svg class="icon size-4" aria-hidden="true"><use href="/icons.svg#check"></use></svg> Copied!',setTimeout(()=>{t.innerHTML=n},2e3)}).catch(n=>{console.error("Failed to copy:",n)})}document.addEventListener("DOMContentLoaded",()=>{document.addEventListener("click",e=>{let t=e.target.closest("button[data-cmd]");if(t){te(t.getAttribute("data-cmd"),t);return}if(e.target.closest("a, button, input, .cmd"))return;let n=e.target.closest("[data-href]");n&&(window.location=n.getAttribute("data-href"))})});function fe(e){let t=Math.floor((new Date-new Date(e))/1e3),n={year:31536e3,month:2592e3,week:604800,day:86400,hour:3600,minute:60,second:1};for(let[r,o]of Object.entries(n)){let i=Math.floor(t/o);if(i>=1)return i===1?`1 ${r} ago`:`${i} ${r}s ago`}return"just now"}function _(){document.querySelectorAll("time[datetime]").forEach(e=>{let t=e.getAttribute("datetime");if(t&&!e.dataset.noUpdate){let n=fe(t);e.textContent!==n&&(e.textContent=n)}})}document.addEventListener("DOMContentLoaded",()=>{_(),U(),document.querySelectorAll("[data-theme-menu]").forEach(e=>{e.querySelectorAll(".theme-option").forEach(t=>{t.addEventListener("click",()=>{ee(t.dataset.value)})})}),document.addEventListener("click",e=>{let t=e.target.closest("details.dropdown");document.querySelectorAll("details.dropdown[open]").forEach(n=>{n!==t&&n.removeAttribute("open")})})});document.addEventListener("htmx:afterSwap",_);setInterval(_,6e4);function de(){let e=document.getElementById("show-offline-toggle"),t=document.querySelector(".manifests-list");!e||!t||(localStorage.setItem("showOfflineManifests",e.checked),e.checked?t.classList.add("show-offline"):t.classList.remove("show-offline"))}document.addEventListener("DOMContentLoaded",()=>{let e=document.getElementById("show-offline-toggle");if(!e)return;let t=localStorage.getItem("showOfflineManifests")==="true";e.checked=t;let n=document.querySelector(".manifests-list");n&&(t?n.classList.add("show-offline"):n.classList.remove("show-offline"))});async function he(e,t,n){try{let r=await fetch("/api/manifests",{method:"DELETE",credentials:"include",headers:{"Content-Type":"application/json"},body:JSON.stringify({repo:e,digest:t,confirm:!1})});if(r.status===409){let o=await r.json();me(e,t,n,o.tags)}else if(r.ok)ne(n);else{let o=await r.text();alert(`Failed to delete manifest: ${o}`)}}catch(r){console.error("Error deleting manifest:",r),alert(`Error deleting manifest: ${r.message}`)}}function me(e,t,n,r){let o=document.getElementById("manifest-delete-modal"),i=document.getElementById("manifest-delete-tags"),s=document.getElementById("confirm-manifest-delete-btn");i.innerHTML="",r.forEach(a=>{let l=document.createElement("li");l.textContent=a,i.appendChild(l)}),s.onclick=()=>ge(e,t,n),o.style.display="flex"}function j(){let e=document.getElementById("manifest-delete-modal");e.style.display="none"}async function ge(e,t,n){let r=document.getElementById("confirm-manifest-delete-btn"),o=r.textContent;try{r.disabled=!0,r.textContent="Deleting...";let i=await fetch("/api/manifests",{method:"DELETE",credentials:"include",headers:{"Content-Type":"application/json"},body:JSON.stringify({repo:e,digest:t,confirm:!0})});if(i.ok)j(),ne(n),location.reload();else{let s=await i.text();alert(`Failed to delete manifest: ${s}`),r.disabled=!1,r.textContent=o}}catch(i){console.error("Error deleting manifest:",i),alert(`Error deleting manifest: ${i.message}`),r.disabled=!1,r.textContent=o}}function ne(e){let t=document.getElementById(`manifest-${e}`);t&&t.remove()}document.addEventListener("DOMContentLoaded",()=>{let e=document.getElementById("manifest-delete-modal");e&&e.addEventListener("click",t=>{t.target===e&&j()})});var V=class{constructor(t){this.input=t,this.typeahead=t.closest("actor-typeahead"),this.dropdown=null,this.currentFocus=-1,this.typeaheadClosed=!1,this.init()}init(){this.createDropdown(),this.input.addEventListener("focus",()=>this.handleFocus()),this.input.addEventListener("input",()=>this.handleInput()),this.input.addEventListener("keydown",t=>this.handleKeydown(t)),document.addEventListener("click",t=>{!this.input.contains(t.target)&&!this.dropdown.contains(t.target)&&this.hideDropdown()})}createDropdown(){this.dropdown=document.createElement("div"),this.dropdown.className="recent-accounts-dropdown",this.dropdown.style.display="none",this.typeahead?this.typeahead.insertAdjacentElement("afterend",this.dropdown):this.input.insertAdjacentElement("afterend",this.dropdown)}handleFocus(){this.input.value.trim().length<1&&this.showRecentAccounts()}handleInput(){this.input.value.trim().length>=1&&this.hideDropdown(),this.typeaheadClosed=!1}showRecentAccounts(){let t=this.getRecentAccounts();if(t.length===0){this.hideDropdown();return}this.dropdown.innerHTML="",this.currentFocus=-1;let n=document.createElement("div");n.className="recent-accounts-header",n.textContent="Recent accounts",this.dropdown.appendChild(n),t.forEach((r,o)=>{let i=document.createElement("div");i.className="recent-accounts-item",i.dataset.index=o,i.dataset.handle=r,i.textContent=r,i.addEventListener("click",()=>this.selectItem(r)),this.dropdown.appendChild(i)}),this.dropdown.style.display="block"}selectItem(t){this.input.value=t,this.hideDropdown(),this.input.focus()}hideDropdown(){this.dropdown.style.display="none",this.currentFocus=-1}handleKeydown(t){if(t.key==="Enter"&&this.input.value.trim().length>=2&&(this.typeaheadClosed=!0),t.key==="Tab"&&this.input.value.trim().length>=2&&!this.typeaheadClosed){t.preventDefault();let o=t.shiftKey?"ArrowUp":"ArrowDown",i=new KeyboardEvent("keydown",{key:o,bubbles:!0,cancelable:!0});this.typeahead.dispatchEvent(i);return}if(this.dropdown.style.display==="none")return;let n=this.dropdown.querySelectorAll(".recent-accounts-item");t.key==="ArrowDown"?(t.preventDefault(),this.currentFocus++,this.currentFocus>=n.length&&(this.currentFocus=0),this.updateFocus(n)):t.key==="ArrowUp"?(t.preventDefault(),this.currentFocus--,this.currentFocus<0&&(this.currentFocus=n.length-1),this.updateFocus(n)):t.key==="Enter"&&this.currentFocus>-1&&n[this.currentFocus]?(t.preventDefault(),this.selectItem(n[this.currentFocus].dataset.handle)):t.key==="Escape"&&this.hideDropdown()}updateFocus(t){t.forEach((n,r)=>{n.classList.toggle("focused",r===this.currentFocus)})}getRecentAccounts(){try{let t=localStorage.getItem("atcr_recent_handles");return t?JSON.parse(t):[]}catch{return[]}}saveRecentAccount(t){if(t)try{let n=this.getRecentAccounts();n=n.filter(r=>r!==t),n.unshift(t),n=n.slice(0,5),localStorage.setItem("atcr_recent_handles",JSON.stringify(n))}catch(n){console.error("Failed to save recent account:",n)}}};document.addEventListener("DOMContentLoaded",()=>{let e=document.getElementById("login-form"),t=document.getElementById("handle");e&&t&&new V(t)});document.addEventListener("DOMContentLoaded",()=>{let e=document.cookie.split("; ").find(n=>n.startsWith("atcr_login_handle="));if(!e)return;let t=decodeURIComponent(e.split("=")[1]);if(t){try{let n="atcr_recent_handles",r=JSON.parse(localStorage.getItem(n)||"[]");r=r.filter(o=>o!==t),r.unshift(t),r=r.slice(0,5),localStorage.setItem(n,JSON.stringify(r))}catch(n){console.error("Failed to save recent account:",n)}document.cookie="atcr_login_handle=; path=/; max-age=0"}});function Q(){let e=document.getElementById("featured-carousel"),t=document.getElementById("carousel-prev"),n=document.getElementById("carousel-next");if(!e)return;let r=Array.from(e.querySelectorAll(".carousel-item"));if(r.length===0)return;let o=null,i=5e3,s=0,a=0,l=0;function c(){let b=r[0];if(!b)return;let E=getComputedStyle(e),g=parseFloat(E.gap)||24;s=b.offsetWidth+g,a=e.offsetWidth,l=e.scrollWidth}requestAnimationFrame(()=>{requestAnimationFrame(()=>{c(),m()})});let h;window.addEventListener("resize",()=>{clearTimeout(h),h=setTimeout(c,150)});function u(){return s||c(),s}function f(){return(!a||!s)&&c(),Math.round(a/s)||1}function v(){return(!l||!a)&&c(),l-a}function d(){let b=u(),E=v(),g=e.scrollLeft;g>=E-10?e.scrollTo({left:0,behavior:"smooth"}):e.scrollTo({left:g+b,behavior:"smooth"})}function y(){let b=u(),E=v(),g=e.scrollLeft;g<=10?e.scrollTo({left:E,behavior:"smooth"}):e.scrollTo({left:g-b,behavior:"smooth"})}t&&t.addEventListener("click",()=>{x(),y(),m()}),n&&n.addEventListener("click",()=>{x(),d(),m()});function m(){o||r.length<=f()||(o=setInterval(d,i))}function x(){o&&(clearInterval(o),o=null)}e.addEventListener("mouseenter",x),e.addEventListener("mouseleave",m)}document.addEventListener("DOMContentLoaded",()=>{"requestIdleCallback"in window?requestIdleCallback(Q,{timeout:2e3}):setTimeout(Q,100)});window.setTheme=ee;window.toggleSearch=ue;window.closeSearch=B;window.copyToClipboard=te;window.toggleOfflineManifests=de;window.deleteManifest=he;window.closeManifestDeleteModal=j;window.htmx=F; 95 + `;function Y(e){return e.cloneNode(!0)}var N=class extends HTMLElement{static tag="actor-typeahead";static define(t=this.tag){this.tag=t;let n=customElements.getName(this);if(n&&n!==t)return console.warn(`${this.name} already defined as <${n}>!`);let r=customElements.get(t);if(r&&r!==this)return console.warn(`<${t}> already defined as ${r.name}!`);customElements.define(t,this)}static{let t=new URL(import.meta.url).searchParams.get("tag")||this.tag;t!=="none"&&this.define(t)}#n=this.attachShadow({mode:"closed"});#r=[];#e=-1;#o=!1;constructor(){super(),this.#n.append(Y(K).content),this.#t(),this.addEventListener("input",this),this.addEventListener("focusout",this),this.addEventListener("keydown",this),this.#n.addEventListener("pointerdown",this),this.#n.addEventListener("pointerup",this),this.#n.addEventListener("click",this)}get#i(){let t=Number.parseInt(this.getAttribute("rows")??"");return Number.isNaN(t)?5:t}handleEvent(t){switch(t.type){case"input":this.#a(t);break;case"keydown":this.#s(t);break;case"focusout":this.#l(t);break;case"pointerdown":this.#c(t);break;case"pointerup":this.#u(t);break}}#s(t){switch(t.key){case"ArrowDown":t.preventDefault(),this.#e=Math.min(this.#e+1,this.#i-1),this.#t();break;case"PageDown":t.preventDefault(),this.#e=this.#i-1,this.#t();break;case"ArrowUp":t.preventDefault(),this.#e=Math.max(this.#e-1,0),this.#t();break;case"PageUp":t.preventDefault(),this.#e=0,this.#t();break;case"Escape":t.preventDefault(),this.#r=[],this.#e=-1,this.#t();break;case"Enter":t.preventDefault(),this.#n.querySelectorAll("button")[this.#e]?.dispatchEvent(new PointerEvent("pointerup",{bubbles:!0}));break}}async#a(t){let n=t.target?.value;if(!n){this.#r=[],this.#t();return}let r=this.getAttribute("host")??"https://public.api.bsky.app",o=new URL("xrpc/app.bsky.actor.searchActorsTypeahead",r);o.searchParams.set("q",n),o.searchParams.set("limit",`${this.#i}`);let s=await(await fetch(o)).json();this.#r=s.actors,this.#e=-1,this.#t()}async#l(t){this.#o||(this.#r=[],this.#e=-1,this.#t())}#t(){let t=document.createDocumentFragment(),n=-1;for(let r of this.#r){let o=Y(G).content,i=o.querySelector("button");i&&(i.dataset.handle=r.handle,++n===this.#e&&(i.dataset.active="true"));let s=o.querySelector("img");s&&r.avatar&&(s.src=r.avatar);let a=o.querySelector(".handle");a&&(a.textContent=r.handle),t.append(o)}this.#n.querySelector(".menu")?.replaceChildren(...t.children)}#c(t){this.#o=!0}#u(t){this.#o=!1,this.querySelector("input")?.focus();let n=t.target?.closest("button"),r=this.querySelector("input");!r||!n||(r.value=n.dataset.handle||"",this.#r=[],this.#t())}};function Z(){return localStorage.getItem("theme")||"system"}function ae(e){return e==="dark"||e==="light"?e:window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light"}function U(){let e=Z(),n=ae(e)==="dark";document.documentElement.classList.toggle("dark",n),document.documentElement.setAttribute("data-theme",n?"dark":"light"),le(e)}function ee(e){localStorage.setItem("theme",e),U(),ce()}function le(e){let t={system:"sun-moon",light:"sun",dark:"moon"};document.querySelectorAll("[data-theme-icon] use").forEach(n=>{n.setAttribute("href",`/icons.svg#${t[e]||"sun-moon"}`)}),document.querySelectorAll(".theme-option").forEach(n=>{let r=n.dataset.value===e,o=n.querySelector(".theme-check");o&&(o.style.visibility=r?"visible":"hidden")})}function ce(){document.querySelectorAll("[data-theme-toggle]").forEach(e=>{let t=e.closest("details");t&&t.removeAttribute("open")})}window.matchMedia("(prefers-color-scheme: dark)").addEventListener("change",()=>{Z()==="system"&&U()});function ue(){let e=document.querySelector(".nav-search-wrapper"),t=document.getElementById("nav-search-input");!e||!t||(e.classList.toggle("expanded"),e.classList.contains("expanded")&&t.focus())}function B(){let e=document.querySelector(".nav-search-wrapper");e&&e.classList.remove("expanded")}document.addEventListener("DOMContentLoaded",()=>{let e=document.querySelector(".nav-search-wrapper"),t=document.getElementById("nav-search-input");!e||!t||(document.addEventListener("keydown",n=>{n.key==="Escape"&&e.classList.contains("expanded")&&B()}),document.addEventListener("click",n=>{e.classList.contains("expanded")&&!e.contains(n.target)&&B()}))});function te(e,t){!t&&typeof event<"u"&&(t=event.target.closest("button")),navigator.clipboard.writeText(e).then(()=>{if(!t)return;let n=t.innerHTML;t.innerHTML='<svg class="icon size-4" aria-hidden="true"><use href="/icons.svg#check"></use></svg> Copied!',setTimeout(()=>{t.innerHTML=n},2e3)}).catch(n=>{console.error("Failed to copy:",n)})}document.addEventListener("DOMContentLoaded",()=>{document.addEventListener("click",e=>{let t=e.target.closest("button[data-cmd]");if(t){te(t.getAttribute("data-cmd"),t);return}if(e.target.closest("a, button, input, .cmd"))return;let n=e.target.closest("[data-href]");n&&(window.location=n.getAttribute("data-href"))})});function fe(e){let t=Math.floor((new Date-new Date(e))/1e3),n={year:31536e3,month:2592e3,week:604800,day:86400,hour:3600,minute:60,second:1};for(let[r,o]of Object.entries(n)){let i=Math.floor(t/o);if(i>=1)return i===1?`1 ${r} ago`:`${i} ${r}s ago`}return"just now"}function _(){document.querySelectorAll("time[datetime]").forEach(e=>{let t=e.getAttribute("datetime");if(t&&!e.dataset.noUpdate){let n=fe(t);e.textContent!==n&&(e.textContent=n)}})}document.addEventListener("DOMContentLoaded",()=>{_(),U(),document.querySelectorAll("[data-theme-menu]").forEach(e=>{e.querySelectorAll(".theme-option").forEach(t=>{t.addEventListener("click",()=>{ee(t.dataset.value)})})}),document.addEventListener("click",e=>{let t=e.target.closest("details.dropdown");document.querySelectorAll("details.dropdown[open]").forEach(n=>{n!==t&&n.removeAttribute("open")})})});document.addEventListener("htmx:afterSwap",_);setInterval(_,6e4);function de(){let e=document.getElementById("show-offline-toggle"),t=document.querySelector(".manifests-list");!e||!t||(localStorage.setItem("showOfflineManifests",e.checked),e.checked?t.classList.add("show-offline"):t.classList.remove("show-offline"))}document.addEventListener("DOMContentLoaded",()=>{let e=document.getElementById("show-offline-toggle");if(!e)return;let t=localStorage.getItem("showOfflineManifests")==="true";e.checked=t;let n=document.querySelector(".manifests-list");n&&(t?n.classList.add("show-offline"):n.classList.remove("show-offline"))});async function he(e,t,n){try{let r=await fetch("/api/manifests",{method:"DELETE",credentials:"include",headers:{"Content-Type":"application/json"},body:JSON.stringify({repo:e,digest:t,confirm:!1})});if(r.status===409){let o=await r.json();me(e,t,n,o.tags)}else if(r.ok)ne(n);else{let o=await r.text();alert(`Failed to delete manifest: ${o}`)}}catch(r){console.error("Error deleting manifest:",r),alert(`Error deleting manifest: ${r.message}`)}}function me(e,t,n,r){let o=document.getElementById("manifest-delete-modal"),i=document.getElementById("manifest-delete-tags"),s=document.getElementById("confirm-manifest-delete-btn");i.innerHTML="",r.forEach(a=>{let l=document.createElement("li");l.textContent=a,i.appendChild(l)}),s.onclick=()=>ge(e,t,n),o.style.display="flex"}function j(){let e=document.getElementById("manifest-delete-modal");e.style.display="none"}async function ge(e,t,n){let r=document.getElementById("confirm-manifest-delete-btn"),o=r.textContent;try{r.disabled=!0,r.textContent="Deleting...";let i=await fetch("/api/manifests",{method:"DELETE",credentials:"include",headers:{"Content-Type":"application/json"},body:JSON.stringify({repo:e,digest:t,confirm:!0})});if(i.ok)j(),ne(n),location.reload();else{let s=await i.text();alert(`Failed to delete manifest: ${s}`),r.disabled=!1,r.textContent=o}}catch(i){console.error("Error deleting manifest:",i),alert(`Error deleting manifest: ${i.message}`),r.disabled=!1,r.textContent=o}}function ne(e){let t=document.getElementById(`manifest-${e}`);t&&t.remove()}document.addEventListener("DOMContentLoaded",()=>{let e=document.getElementById("manifest-delete-modal");e&&e.addEventListener("click",t=>{t.target===e&&j()})});async function pe(e,t){let n=document.getElementById("vuln-detail-modal"),r=document.getElementById("vuln-modal-body");if(!(!n||!r)){r.innerHTML='<div class="flex justify-center py-8"><span class="loading loading-spinner loading-lg"></span></div>',n.showModal();try{let o=await fetch(`/api/vuln-details?digest=${encodeURIComponent(e)}&holdEndpoint=${encodeURIComponent(t)}`);r.innerHTML=await o.text()}catch{r.innerHTML='<p class="text-error">Failed to load vulnerability details</p>'}}}var V=class{constructor(t){this.input=t,this.typeahead=t.closest("actor-typeahead"),this.dropdown=null,this.currentFocus=-1,this.typeaheadClosed=!1,this.init()}init(){this.createDropdown(),this.input.addEventListener("focus",()=>this.handleFocus()),this.input.addEventListener("input",()=>this.handleInput()),this.input.addEventListener("keydown",t=>this.handleKeydown(t)),document.addEventListener("click",t=>{!this.input.contains(t.target)&&!this.dropdown.contains(t.target)&&this.hideDropdown()})}createDropdown(){this.dropdown=document.createElement("div"),this.dropdown.className="recent-accounts-dropdown",this.dropdown.style.display="none",this.typeahead?this.typeahead.insertAdjacentElement("afterend",this.dropdown):this.input.insertAdjacentElement("afterend",this.dropdown)}handleFocus(){this.input.value.trim().length<1&&this.showRecentAccounts()}handleInput(){this.input.value.trim().length>=1&&this.hideDropdown(),this.typeaheadClosed=!1}showRecentAccounts(){let t=this.getRecentAccounts();if(t.length===0){this.hideDropdown();return}this.dropdown.innerHTML="",this.currentFocus=-1;let n=document.createElement("div");n.className="recent-accounts-header",n.textContent="Recent accounts",this.dropdown.appendChild(n),t.forEach((r,o)=>{let i=document.createElement("div");i.className="recent-accounts-item",i.dataset.index=o,i.dataset.handle=r,i.textContent=r,i.addEventListener("click",()=>this.selectItem(r)),this.dropdown.appendChild(i)}),this.dropdown.style.display="block"}selectItem(t){this.input.value=t,this.hideDropdown(),this.input.focus()}hideDropdown(){this.dropdown.style.display="none",this.currentFocus=-1}handleKeydown(t){if(t.key==="Enter"&&this.input.value.trim().length>=2&&(this.typeaheadClosed=!0),t.key==="Tab"&&this.input.value.trim().length>=2&&!this.typeaheadClosed){t.preventDefault();let o=t.shiftKey?"ArrowUp":"ArrowDown",i=new KeyboardEvent("keydown",{key:o,bubbles:!0,cancelable:!0});this.typeahead.dispatchEvent(i);return}if(this.dropdown.style.display==="none")return;let n=this.dropdown.querySelectorAll(".recent-accounts-item");t.key==="ArrowDown"?(t.preventDefault(),this.currentFocus++,this.currentFocus>=n.length&&(this.currentFocus=0),this.updateFocus(n)):t.key==="ArrowUp"?(t.preventDefault(),this.currentFocus--,this.currentFocus<0&&(this.currentFocus=n.length-1),this.updateFocus(n)):t.key==="Enter"&&this.currentFocus>-1&&n[this.currentFocus]?(t.preventDefault(),this.selectItem(n[this.currentFocus].dataset.handle)):t.key==="Escape"&&this.hideDropdown()}updateFocus(t){t.forEach((n,r)=>{n.classList.toggle("focused",r===this.currentFocus)})}getRecentAccounts(){try{let t=localStorage.getItem("atcr_recent_handles");return t?JSON.parse(t):[]}catch{return[]}}saveRecentAccount(t){if(t)try{let n=this.getRecentAccounts();n=n.filter(r=>r!==t),n.unshift(t),n=n.slice(0,5),localStorage.setItem("atcr_recent_handles",JSON.stringify(n))}catch(n){console.error("Failed to save recent account:",n)}}};document.addEventListener("DOMContentLoaded",()=>{let e=document.getElementById("login-form"),t=document.getElementById("handle");e&&t&&new V(t)});document.addEventListener("DOMContentLoaded",()=>{let e=document.cookie.split("; ").find(n=>n.startsWith("atcr_login_handle="));if(!e)return;let t=decodeURIComponent(e.split("=")[1]);if(t){try{let n="atcr_recent_handles",r=JSON.parse(localStorage.getItem(n)||"[]");r=r.filter(o=>o!==t),r.unshift(t),r=r.slice(0,5),localStorage.setItem(n,JSON.stringify(r))}catch(n){console.error("Failed to save recent account:",n)}document.cookie="atcr_login_handle=; path=/; max-age=0"}});function Q(){let e=document.getElementById("featured-carousel"),t=document.getElementById("carousel-prev"),n=document.getElementById("carousel-next");if(!e)return;let r=Array.from(e.querySelectorAll(".carousel-item"));if(r.length===0)return;let o=null,i=5e3,s=0,a=0,l=0;function c(){let b=r[0];if(!b)return;let E=getComputedStyle(e),g=parseFloat(E.gap)||24;s=b.offsetWidth+g,a=e.offsetWidth,l=e.scrollWidth}requestAnimationFrame(()=>{requestAnimationFrame(()=>{c(),m()})});let h;window.addEventListener("resize",()=>{clearTimeout(h),h=setTimeout(c,150)});function u(){return s||c(),s}function f(){return(!a||!s)&&c(),Math.round(a/s)||1}function v(){return(!l||!a)&&c(),l-a}function d(){let b=u(),E=v(),g=e.scrollLeft;g>=E-10?e.scrollTo({left:0,behavior:"smooth"}):e.scrollTo({left:g+b,behavior:"smooth"})}function y(){let b=u(),E=v(),g=e.scrollLeft;g<=10?e.scrollTo({left:E,behavior:"smooth"}):e.scrollTo({left:g-b,behavior:"smooth"})}t&&t.addEventListener("click",()=>{x(),y(),m()}),n&&n.addEventListener("click",()=>{x(),d(),m()});function m(){o||r.length<=f()||(o=setInterval(d,i))}function x(){o&&(clearInterval(o),o=null)}e.addEventListener("mouseenter",x),e.addEventListener("mouseleave",m)}document.addEventListener("DOMContentLoaded",()=>{"requestIdleCallback"in window?requestIdleCallback(Q,{timeout:2e3}):setTimeout(Q,100)});window.setTheme=ee;window.toggleSearch=ue;window.closeSearch=B;window.copyToClipboard=te;window.toggleOfflineManifests=de;window.deleteManifest=he;window.closeManifestDeleteModal=j;window.openVulnDetails=pe;window.htmx=F;

+4

pkg/appview/routes/routes.go

··· 122 122 // Manifest health check API endpoint (HTMX polling) 123 123 router.Get("/api/manifest-health", (&uihandlers.ManifestHealthHandler{BaseUIHandler: base}).ServeHTTP) 124 124 125 + // Vulnerability scan result API endpoints (HTMX lazy loading + modal content) 126 + router.Get("/api/scan-result", (&uihandlers.ScanResultHandler{BaseUIHandler: base}).ServeHTTP) 127 + router.Get("/api/vuln-details", (&uihandlers.VulnDetailsHandler{BaseUIHandler: base}).ServeHTTP) 128 + 125 129 router.Get("/u/{handle}", middleware.OptionalAuth(deps.SessionStore, deps.Database)( 126 130 &uihandlers.UserPageHandler{BaseUIHandler: base}, 127 131 ).ServeHTTP)

+19

pkg/appview/src/js/app.js

··· 363 363 } 364 364 }); 365 365 366 + // Vulnerability details modal 367 + async function openVulnDetails(digest, holdEndpoint) { 368 + const modal = document.getElementById('vuln-detail-modal'); 369 + const body = document.getElementById('vuln-modal-body'); 370 + if (!modal || !body) return; 371 + 372 + // Show modal with loading spinner 373 + body.innerHTML = '<div class="flex justify-center py-8"><span class="loading loading-spinner loading-lg"></span></div>'; 374 + modal.showModal(); 375 + 376 + try { 377 + const resp = await fetch(`/api/vuln-details?digest=${encodeURIComponent(digest)}&holdEndpoint=${encodeURIComponent(holdEndpoint)}`); 378 + body.innerHTML = await resp.text(); 379 + } catch { 380 + body.innerHTML = '<p class="text-error">Failed to load vulnerability details</p>'; 381 + } 382 + } 383 + 366 384 // Login page recent accounts helper (works alongside actor-typeahead web component) 367 385 class RecentAccountsHelper { 368 386 constructor(inputElement) { ··· 692 710 window.toggleOfflineManifests = toggleOfflineManifests; 693 711 window.deleteManifest = deleteManifest; 694 712 window.closeManifestDeleteModal = closeManifestDeleteModal; 713 + window.openVulnDetails = openVulnDetails;

+21

pkg/appview/templates/pages/repository.html

··· 208 208 {{ else if not .Reachable }} 209 209 <span class="badge badge-sm badge-warning">{{ icon "alert-triangle" "size-3" }} Offline</span> 210 210 {{ end }} 211 + {{/* Vulnerability scan badge (lazy-loaded from hold) */}} 212 + {{ if and (not .IsManifestList) .Manifest.HoldEndpoint }} 213 + <span hx-get="/api/scan-result?digest={{ .Manifest.Digest | urlquery }}&holdEndpoint={{ .Manifest.HoldEndpoint | urlquery }}" 214 + hx-trigger="load delay:1s" 215 + hx-swap="outerHTML"> 216 + </span> 217 + {{ end }} 211 218 </div> 212 219 <div class="flex items-center gap-2"> 213 220 <code class="font-mono text-xs text-base-content/60 truncate max-w-40" title="{{ .Manifest.Digest }}">{{ .Manifest.Digest }}</code> ··· 281 288 <form method="dialog" class="modal-backdrop"> 282 289 <button onclick="closeManifestDeleteModal()">close</button> 283 290 </form> 291 + </dialog> 292 + 293 +  294 + <dialog id="vuln-detail-modal" class="modal"> 295 + <div class="modal-box max-w-4xl"> 296 + <h3 class="text-lg font-bold">Vulnerability Scan Results</h3> 297 + <div id="vuln-modal-body" class="py-4"> 298 + <span class="loading loading-spinner loading-md"></span> 299 + </div> 300 + <div class="modal-action"> 301 + <form method="dialog"><button class="btn">Close</button></form> 302 + </div> 303 + </div> 304 + <form method="dialog" class="modal-backdrop"><button>close</button></form> 284 305 </dialog> 285 306 286 307 {{ template "footer" . }}

+24

pkg/appview/templates/partials/vuln-badge.html

··· 1 + {{ define "vuln-badge" }} 2 + {{ if .Error }} 3 + {{/* Silently hide on error / no scan record — scan badges are non-critical */}} 4 + {{ else if eq .Total 0 }} 5 + <span class="badge badge-sm badge-success" title="No vulnerabilities found (scanned {{ .ScannedAt }})">{{ icon "shield-check" "size-3" }} Clean</span> 6 + {{ else }} 7 + <button class="flex items-center gap-1 cursor-pointer hover:opacity-80 transition-opacity" 8 + onclick="openVulnDetails('{{ .Digest }}', '{{ .HoldEndpoint }}')" 9 + title="Click for vulnerability details (scanned {{ .ScannedAt }})"> 10 + {{ if gt .Critical 0 }} 11 + <span class="badge badge-sm badge-error">C:{{ .Critical }}</span> 12 + {{ end }} 13 + {{ if gt .High 0 }} 14 + <span class="badge badge-sm badge-warning">H:{{ .High }}</span> 15 + {{ end }} 16 + {{ if gt .Medium 0 }} 17 + <span class="badge badge-sm badge-soft badge-warning">M:{{ .Medium }}</span> 18 + {{ end }} 19 + {{ if gt .Low 0 }} 20 + <span class="badge badge-sm badge-info">L:{{ .Low }}</span> 21 + {{ end }} 22 + </button> 23 + {{ end }} 24 + {{ end }}

+87

pkg/appview/templates/partials/vuln-details.html

··· 1 + {{ define "vuln-details" }} 2 + {{ if .Error }} 3 + {{ if .Summary.Total }} 4 +  5 + <div class="space-y-4"> 6 + <div class="flex flex-wrap gap-2"> 7 + {{ if gt .Summary.Critical 0 }}<span class="badge badge-error">{{ .Summary.Critical }} Critical</span>{{ end }} 8 + {{ if gt .Summary.High 0 }}<span class="badge badge-warning">{{ .Summary.High }} High</span>{{ end }} 9 + {{ if gt .Summary.Medium 0 }}<span class="badge badge-soft badge-warning">{{ .Summary.Medium }} Medium</span>{{ end }} 10 + {{ if gt .Summary.Low 0 }}<span class="badge badge-info">{{ .Summary.Low }} Low</span>{{ end }} 11 + </div> 12 + <p class="text-base-content/60 text-sm">{{ .Error }}</p> 13 + {{ if .ScannedAt }}<p class="text-base-content/40 text-xs">Scanned: {{ .ScannedAt }}</p>{{ end }} 14 + </div> 15 + {{ else }} 16 + <p class="text-base-content/60">{{ .Error }}</p> 17 + {{ end }} 18 + {{ else }} 19 + <div class="space-y-4"> 20 +  21 + <div class="flex flex-wrap items-center gap-2"> 22 + <span class="font-semibold text-sm">{{ .Summary.Total }} vulnerabilities found</span> 23 + {{ if gt .Summary.Critical 0 }}<span class="badge badge-error">{{ .Summary.Critical }} Critical</span>{{ end }} 24 + {{ if gt .Summary.High 0 }}<span class="badge badge-warning">{{ .Summary.High }} High</span>{{ end }} 25 + {{ if gt .Summary.Medium 0 }}<span class="badge badge-soft badge-warning">{{ .Summary.Medium }} Medium</span>{{ end }} 26 + {{ if gt .Summary.Low 0 }}<span class="badge badge-info">{{ .Summary.Low }} Low</span>{{ end }} 27 + </div> 28 + 29 + {{ if .ScannedAt }}<p class="text-base-content/40 text-xs">Scanned: {{ .ScannedAt }}</p>{{ end }} 30 + 31 + {{ if .Matches }} 32 +  33 + <div class="overflow-x-auto max-h-96"> 34 + <table class="table table-sm table-pin-rows"> 35 + <thead> 36 + <tr> 37 + <th>CVE</th> 38 + <th>Severity</th> 39 + <th>Package</th> 40 + <th>Installed</th> 41 + <th>Fixed In</th> 42 + </tr> 43 + </thead> 44 + <tbody> 45 + {{ range .Matches }} 46 + <tr> 47 + <td class="font-mono text-xs"> 48 + {{ if .CVEURL }} 49 + <a href="{{ .CVEURL }}" target="_blank" rel="noopener noreferrer" class="link link-primary">{{ .CVEID }}</a> 50 + {{ else }} 51 + {{ .CVEID }} 52 + {{ end }} 53 + </td> 54 + <td> 55 + {{ if eq .Severity "Critical" }} 56 + <span class="badge badge-sm badge-error">Critical</span> 57 + {{ else if eq .Severity "High" }} 58 + <span class="badge badge-sm badge-warning">High</span> 59 + {{ else if eq .Severity "Medium" }} 60 + <span class="badge badge-sm badge-soft badge-warning">Medium</span> 61 + {{ else if eq .Severity "Low" }} 62 + <span class="badge badge-sm badge-info">Low</span> 63 + {{ else }} 64 + <span class="badge badge-sm badge-ghost">{{ .Severity }}</span> 65 + {{ end }} 66 + </td> 67 + <td> 68 + <span class="font-mono text-xs">{{ .Package }}</span> 69 + {{ if .Type }}<span class="text-base-content/40 text-xs">({{ .Type }})</span>{{ end }} 70 + </td> 71 + <td class="font-mono text-xs">{{ .Version }}</td> 72 + <td class="font-mono text-xs"> 73 + {{ if .FixedIn }} 74 + <span class="text-success">{{ .FixedIn }}</span> 75 + {{ else }} 76 + <span class="text-base-content/40">No fix</span> 77 + {{ end }} 78 + </td> 79 + </tr> 80 + {{ end }} 81 + </tbody> 82 + </table> 83 + </div> 84 + {{ end }} 85 + </div> 86 + {{ end }} 87 + {{ end }}

+37 -1

pkg/atproto/cbor_gen.go

··· 1851 1851 1852 1852 cw := cbg.NewCborWriter(w) 1853 1853 1854 - if _, err := cw.Write([]byte{172}); err != nil { 1854 + if _, err := cw.Write([]byte{173}); err != nil { 1855 1855 return err 1856 1856 } 1857 1857 ··· 2118 2118 if _, err := cw.WriteString(string(t.ScannerVersion)); err != nil { 2119 2119 return err 2120 2120 } 2121 + 2122 + // t.VulnReportBlob (util.LexBlob) (struct) 2123 + if len("vulnReportBlob") > 8192 { 2124 + return xerrors.Errorf("Value in field \"vulnReportBlob\" was too long") 2125 + } 2126 + 2127 + if err := cw.WriteMajorTypeHeader(cbg.MajTextString, uint64(len("vulnReportBlob"))); err != nil { 2128 + return err 2129 + } 2130 + if _, err := cw.WriteString(string("vulnReportBlob")); err != nil { 2131 + return err 2132 + } 2133 + 2134 + if err := t.VulnReportBlob.MarshalCBOR(cw); err != nil { 2135 + return err 2136 + } 2121 2137 return nil 2122 2138 } 2123 2139 ··· 2377 2393 } 2378 2394 2379 2395 t.ScannerVersion = string(sval) 2396 + } 2397 + // t.VulnReportBlob (util.LexBlob) (struct) 2398 + case "vulnReportBlob": 2399 + 2400 + { 2401 + 2402 + b, err := cr.ReadByte() 2403 + if err != nil { 2404 + return err 2405 + } 2406 + if b != cbg.CborNull[0] { 2407 + if err := cr.UnreadByte(); err != nil { 2408 + return err 2409 + } 2410 + t.VulnReportBlob = new(util.LexBlob) 2411 + if err := t.VulnReportBlob.UnmarshalCBOR(cr); err != nil { 2412 + return xerrors.Errorf("unmarshaling t.VulnReportBlob pointer: %w", err) 2413 + } 2414 + } 2415 + 2380 2416 } 2381 2417 2382 2418 default:

+15 -12

pkg/atproto/lexicon.go

··· 801 801 // RKey is deterministic: based on manifest digest (one scan per manifest) 802 802 type ScanRecord struct { 803 803 Type string `json:"$type" cborgen:"$type"` 804 - Manifest string `json:"manifest" cborgen:"manifest"` // AT-URI of the scanned manifest (e.g., "at://did:plc:xyz/io.atcr.manifest/abc123...") 805 - Repository string `json:"repository" cborgen:"repository"` // Repository name (e.g., "myapp") 806 - UserDID string `json:"userDid" cborgen:"userDid"` // DID of the image owner 807 - SbomBlob *lexutil.LexBlob `json:"sbomBlob,omitempty" cborgen:"sbomBlob"` // SBOM blob uploaded to hold's PDS blob storage 808 - Critical int64 `json:"critical" cborgen:"critical"` // Count of critical vulnerabilities 809 - High int64 `json:"high" cborgen:"high"` // Count of high vulnerabilities 810 - Medium int64 `json:"medium" cborgen:"medium"` // Count of medium vulnerabilities 811 - Low int64 `json:"low" cborgen:"low"` // Count of low vulnerabilities 812 - Total int64 `json:"total" cborgen:"total"` // Total vulnerability count 813 - ScannerVersion string `json:"scannerVersion" cborgen:"scannerVersion"` // Scanner version (e.g., "atcr-scanner-v1.0.0") 814 - ScannedAt string `json:"scannedAt" cborgen:"scannedAt"` // RFC3339 timestamp of scan completion 804 + Manifest string `json:"manifest" cborgen:"manifest"` // AT-URI of the scanned manifest (e.g., "at://did:plc:xyz/io.atcr.manifest/abc123...") 805 + Repository string `json:"repository" cborgen:"repository"` // Repository name (e.g., "myapp") 806 + UserDID string `json:"userDid" cborgen:"userDid"` // DID of the image owner 807 + SbomBlob *lexutil.LexBlob `json:"sbomBlob,omitempty" cborgen:"sbomBlob"` // SBOM blob uploaded to hold's PDS blob storage 808 + VulnReportBlob *lexutil.LexBlob `json:"vulnReportBlob,omitempty" cborgen:"vulnReportBlob"` // Grype vulnerability report blob (full CVE details) 809 + Critical int64 `json:"critical" cborgen:"critical"` // Count of critical vulnerabilities 810 + High int64 `json:"high" cborgen:"high"` // Count of high vulnerabilities 811 + Medium int64 `json:"medium" cborgen:"medium"` // Count of medium vulnerabilities 812 + Low int64 `json:"low" cborgen:"low"` // Count of low vulnerabilities 813 + Total int64 `json:"total" cborgen:"total"` // Total vulnerability count 814 + ScannerVersion string `json:"scannerVersion" cborgen:"scannerVersion"` // Scanner version (e.g., "atcr-scanner-v1.0.0") 815 + ScannedAt string `json:"scannedAt" cborgen:"scannedAt"` // RFC3339 timestamp of scan completion 815 816 } 816 817 817 818 // NewScanRecord creates a new scan record 818 819 // manifestDigest: the manifest digest (e.g., "sha256:abc123...") 819 820 // userDID: the DID of the image owner (used to build the manifest AT-URI) 820 821 // sbomBlob: blob reference from uploading SBOM to PDS blob storage (nil if no SBOM) 821 - func NewScanRecord(manifestDigest, repository, userDID string, sbomBlob *lexutil.LexBlob, critical, high, medium, low, total int, scannerVersion string) *ScanRecord { 822 + // vulnReportBlob: blob reference from uploading Grype vulnerability report (nil if no report) 823 + func NewScanRecord(manifestDigest, repository, userDID string, sbomBlob, vulnReportBlob *lexutil.LexBlob, critical, high, medium, low, total int, scannerVersion string) *ScanRecord { 822 824 return &ScanRecord{ 823 825 Type: ScanCollection, 824 826 Manifest: BuildManifestURI(userDID, manifestDigest), 825 827 Repository: repository, 826 828 UserDID: userDID, 827 829 SbomBlob: sbomBlob, 830 + VulnReportBlob: vulnReportBlob, 828 831 Critical: int64(critical), 829 832 High: int64(high), 830 833 Medium: int64(medium),

+16 -42

pkg/hold/config.go

··· 12 12 "path/filepath" 13 13 "time" 14 14 15 - "github.com/distribution/distribution/v3/configuration" 16 15 "github.com/spf13/viper" 17 16 18 17 "atcr.io/pkg/config" ··· 64 63 Region string `yaml:"region" comment:"Deployment region, auto-detected from cloud metadata or S3 config."` 65 64 } 66 65 67 - // StorageConfig holds S3 storage credentials and the internal distribution config. 66 + // StorageConfig holds S3 storage credentials. 68 67 type StorageConfig struct { 69 68 // S3-compatible access key. 70 69 AccessKey string `yaml:"access_key" comment:"S3-compatible access key (AWS, Storj, Minio, UpCloud)."` ··· 83 82 84 83 // CDN pull zone URL for presigned download URLs. 85 84 PullZone string `yaml:"pull_zone" comment:"CDN pull zone URL for downloads. When set, presigned GET/HEAD URLs use this host instead of the S3 endpoint. Uploads and API calls still use the S3 endpoint."` 86 - 87 - // Internal distribution storage config, built from the above fields. 88 - distStorage configuration.Storage `yaml:"-"` 89 85 } 90 86 91 - // Type returns the storage driver type name (always "s3"). 92 - func (s StorageConfig) Type() string { 93 - return "s3" 94 - } 95 - 96 - // Parameters returns the distribution driver parameters. 97 - func (s StorageConfig) Parameters() configuration.Parameters { 98 - if s.distStorage != nil { 99 - if params, ok := s.distStorage["s3"]; ok { 100 - return params 101 - } 87 + // S3Params returns a params map suitable for s3.NewS3Service. 88 + func (s StorageConfig) S3Params() map[string]any { 89 + params := map[string]any{ 90 + "accesskey": s.AccessKey, 91 + "secretkey": s.SecretKey, 92 + "region": s.Region, 93 + "bucket": s.Bucket, 102 94 } 103 - return nil 95 + if s.Endpoint != "" { 96 + params["regionendpoint"] = s.Endpoint 97 + params["forcepathstyle"] = true 98 + } 99 + if s.PullZone != "" { 100 + params["pullzone"] = s.PullZone 101 + } 102 + return params 104 103 } 105 104 106 105 // ServerConfig defines server settings ··· 276 275 // Store config path for subsystem config loading (e.g. billing) 277 276 cfg.configPath = yamlPath 278 277 279 - // Build distribution storage config from struct fields 280 - cfg.Storage.distStorage = buildStorageConfigFromFields(cfg.Storage) 281 - 282 278 // Detect region from cloud metadata or S3 config 283 279 if meta, err := DetectCloudMetadata(context.Background()); err == nil && meta != nil { 284 280 cfg.Registration.Region = meta.Region ··· 290 286 291 287 return cfg, nil 292 288 } 293 - 294 - // buildStorageConfigFromFields creates S3 storage configuration from StorageConfig fields. 295 - func buildStorageConfigFromFields(sc StorageConfig) configuration.Storage { 296 - params := make(map[string]any) 297 - 298 - params["accesskey"] = sc.AccessKey 299 - params["secretkey"] = sc.SecretKey 300 - params["region"] = sc.Region 301 - params["bucket"] = sc.Bucket 302 - if sc.Endpoint != "" { 303 - params["regionendpoint"] = sc.Endpoint 304 - params["forcepathstyle"] = true 305 - } 306 - if sc.PullZone != "" { 307 - params["pullzone"] = sc.PullZone 308 - } 309 - 310 - storageCfg := configuration.Storage{} 311 - storageCfg["s3"] = configuration.Parameters(params) 312 - 313 - return storageCfg 314 - }

+4 -18

pkg/hold/config_test.go

··· 187 187 } 188 188 } 189 189 190 - func TestBuildStorageConfigFromFields_S3_Complete(t *testing.T) { 190 + func TestS3Params_Complete(t *testing.T) { 191 191 sc := StorageConfig{ 192 192 AccessKey: "test-access-key", 193 193 SecretKey: "test-secret-key", ··· 196 196 Endpoint: "https://s3.example.com", 197 197 } 198 198 199 - cfg := buildStorageConfigFromFields(sc) 200 - 201 - s3Params, ok := cfg["s3"] 202 - if !ok { 203 - t.Fatal("Expected s3 storage config") 204 - } 205 - 206 - params := map[string]any(s3Params) 199 + params := sc.S3Params() 207 200 208 201 if params["accesskey"] != "test-access-key" { 209 202 t.Errorf("Expected accesskey=test-access-key, got %v", params["accesskey"]) ··· 222 215 } 223 216 } 224 217 225 - func TestBuildStorageConfigFromFields_S3_NoEndpoint(t *testing.T) { 218 + func TestS3Params_NoEndpoint(t *testing.T) { 226 219 sc := StorageConfig{ 227 220 AccessKey: "test-key", 228 221 SecretKey: "test-secret", ··· 231 224 Endpoint: "", // No custom endpoint 232 225 } 233 226 234 - cfg := buildStorageConfigFromFields(sc) 235 - 236 - s3Params, ok := cfg["s3"] 237 - if !ok { 238 - t.Fatal("Expected s3 storage config") 239 - } 240 - 241 - params := map[string]any(s3Params) 227 + params := sc.S3Params() 242 228 243 229 // Should have default region 244 230 if params["region"] != "us-east-1" {

+15 -22

pkg/hold/gc/gc.go

··· 14 14 15 15 "atcr.io/pkg/atproto" 16 16 "atcr.io/pkg/hold/pds" 17 + "atcr.io/pkg/s3" 17 18 "github.com/bluesky-social/indigo/atproto/syntax" 18 - storagedriver "github.com/distribution/distribution/v3/registry/storage/driver" 19 19 ) 20 20 21 21 // maxPreviewItems caps per-category detail slices to prevent memory/HTML bloat ··· 64 64 // GarbageCollector handles cleanup of orphaned blobs from storage 65 65 type GarbageCollector struct { 66 66 pds *pds.HoldPDS 67 - driver storagedriver.StorageDriver 67 + s3 *s3.S3Service 68 68 cfg Config 69 69 logger *slog.Logger 70 70 ··· 117 117 } 118 118 119 119 // NewGarbageCollector creates a new GC instance 120 - func NewGarbageCollector(holdPDS *pds.HoldPDS, driver storagedriver.StorageDriver, cfg Config) *GarbageCollector { 120 + func NewGarbageCollector(holdPDS *pds.HoldPDS, s3svc *s3.S3Service, cfg Config) *GarbageCollector { 121 121 return &GarbageCollector{ 122 122 pds: holdPDS, 123 - driver: driver, 123 + s3: s3svc, 124 124 cfg: cfg, 125 125 logger: slog.Default().With("component", "gc"), 126 126 stopCh: make(chan struct{}), ··· 454 454 totalBlobs := 0 455 455 blobsPath := "/docker/registry/v2/blobs" 456 456 457 - err := gc.driver.Walk(ctx, blobsPath, func(fi storagedriver.FileInfo) error { 458 - if fi.IsDir() { 459 - return nil 460 - } 461 - if !strings.HasSuffix(fi.Path(), "/data") { 457 + err := gc.s3.WalkBlobs(ctx, blobsPath, func(key string, size int64) error { 458 + if !strings.HasSuffix(key, "/data") { 462 459 return nil 463 460 } 464 461 465 - digest := extractDigestFromPath(fi.Path()) 462 + digest := extractDigestFromPath(key) 466 463 if digest == "" { 467 464 return nil 468 465 } ··· 473 470 if len(orphaned) < maxPreviewItems { 474 471 orphaned = append(orphaned, OrphanedBlobDetail{ 475 472 Digest: digest, 476 - Size: fi.Size(), 473 + Size: size, 477 474 }) 478 475 } 479 476 } ··· 677 674 func (gc *GarbageCollector) deleteOrphanedBlobs(ctx context.Context, referenced map[string]bool, result *GCResult) error { 678 675 blobsPath := "/docker/registry/v2/blobs" 679 676 680 - err := gc.driver.Walk(ctx, blobsPath, func(fi storagedriver.FileInfo) error { 681 - if fi.IsDir() { 682 - return nil 683 - } 684 - 677 + err := gc.s3.WalkBlobs(ctx, blobsPath, func(key string, size int64) error { 685 678 // Only process data files 686 - if !strings.HasSuffix(fi.Path(), "/data") { 679 + if !strings.HasSuffix(key, "/data") { 687 680 return nil 688 681 } 689 682 690 683 // Extract digest from path 691 - digest := extractDigestFromPath(fi.Path()) 684 + digest := extractDigestFromPath(key) 692 685 if digest == "" { 693 686 return nil 694 687 } ··· 700 693 701 694 result.OrphanedBlobs++ 702 695 703 - if err := gc.driver.Delete(ctx, fi.Path()); err != nil { 704 - gc.logger.Error("Failed to delete blob", "path", fi.Path(), "error", err) 696 + if err := gc.s3.Delete(ctx, key); err != nil { 697 + gc.logger.Error("Failed to delete blob", "path", key, "error", err) 705 698 return nil // Continue with other blobs 706 699 } 707 700 result.BlobsDeleted++ 708 - result.BytesReclaimed += fi.Size() 701 + result.BytesReclaimed += size 709 702 gc.logger.Debug("Deleted orphaned blob", 710 703 "digest", digest, 711 - "size", fi.Size()) 704 + "size", size) 712 705 713 706 return nil 714 707 })

+3 -4

pkg/hold/oci/multipart.go

··· 256 256 "source", sourcePath, 257 257 "dest", destPath) 258 258 259 - if _, err := h.driver.Stat(ctx, sourcePath); err != nil { 259 + if _, err := h.s3Service.Stat(ctx, sourcePath); err != nil { 260 260 slog.Error("Source blob not found after multipart complete", 261 261 "path", sourcePath, 262 262 "error", err) ··· 264 264 } 265 265 slog.Debug("Source blob verified", "path", sourcePath) 266 266 267 - // Move from temp to final digest location using driver 268 - // Driver handles path management correctly (including S3 prefix) 269 - if err := h.driver.Move(ctx, sourcePath, destPath); err != nil { 267 + // Move from temp to final digest location (S3 copy + delete) 268 + if err := h.s3Service.Move(ctx, sourcePath, destPath); err != nil { 270 269 slog.Error("Failed to move blob", 271 270 "source", sourcePath, 272 271 "dest", destPath,

+2 -5

pkg/hold/oci/xrpc.go

··· 12 12 "atcr.io/pkg/hold/pds" 13 13 "atcr.io/pkg/hold/quota" 14 14 "atcr.io/pkg/s3" 15 - storagedriver "github.com/distribution/distribution/v3/registry/storage/driver" 16 15 "github.com/go-chi/chi/v5" 17 16 "github.com/go-chi/render" 18 17 ) 19 18 20 19 // XRPCHandler handles OCI-specific XRPC endpoints for multipart uploads 21 20 type XRPCHandler struct { 22 - driver storagedriver.StorageDriver 23 21 s3Service s3.S3Service 24 22 MultipartMgr *MultipartManager // Exported for access in route handlers 25 23 pds *pds.HoldPDS ··· 30 28 } 31 29 32 30 // NewXRPCHandler creates a new OCI XRPC handler 33 - func NewXRPCHandler(holdPDS *pds.HoldPDS, s3Service s3.S3Service, driver storagedriver.StorageDriver, enableBlueskyPosts bool, httpClient pds.HTTPClient, quotaMgr *quota.Manager) *XRPCHandler { 31 + func NewXRPCHandler(holdPDS *pds.HoldPDS, s3Service s3.S3Service, enableBlueskyPosts bool, httpClient pds.HTTPClient, quotaMgr *quota.Manager) *XRPCHandler { 34 32 return &XRPCHandler{ 35 - driver: driver, 36 33 MultipartMgr: NewMultipartManager(), 37 34 s3Service: s3Service, 38 35 pds: holdPDS, ··· 366 363 367 364 postURI, err = h.pds.CreateManifestPost( 368 365 ctx, 369 - h.driver, 366 + &h.s3Service, 370 367 req.Repository, 371 368 req.Tag, 372 369 userHandle,

+35 -214

pkg/hold/oci/xrpc_test.go

··· 2 2 3 3 import ( 4 4 "bytes" 5 - "context" 6 5 "encoding/json" 7 6 "fmt" 8 7 "io" ··· 10 9 "net/http/httptest" 11 10 "os" 12 11 "path/filepath" 13 - "sync" 14 12 "testing" 15 - "time" 16 13 17 14 "atcr.io/pkg/atproto" 18 15 "atcr.io/pkg/auth/oauth" 19 16 "atcr.io/pkg/hold/pds" 20 17 "atcr.io/pkg/s3" 21 - storagedriver "github.com/distribution/distribution/v3/registry/storage/driver" 22 - "github.com/distribution/distribution/v3/registry/storage/driver/factory" 23 - _ "github.com/distribution/distribution/v3/registry/storage/driver/s3-aws" 24 18 ) 25 19 26 20 // Shared test resources for OCI package ··· 68 62 }, nil 69 63 } 70 64 71 - // mockStorageDriver implements storagedriver.StorageDriver for testing 72 - type mockStorageDriver struct { 73 - mu sync.RWMutex 74 - blobs map[string][]byte 75 - 76 - // Error injection for testing error handling 77 - StatError error 78 - MoveError error 79 - } 80 - 81 - func newMockStorageDriver() *mockStorageDriver { 82 - return &mockStorageDriver{ 83 - blobs: make(map[string][]byte), 84 - } 85 - } 86 - 87 - func (m *mockStorageDriver) Name() string { return "mock" } 88 - 89 - func (m *mockStorageDriver) GetContent(ctx context.Context, path string) ([]byte, error) { 90 - m.mu.RLock() 91 - defer m.mu.RUnlock() 92 - if data, ok := m.blobs[path]; ok { 93 - return data, nil 94 - } 95 - return nil, storagedriver.PathNotFoundError{Path: path} 96 - } 97 - 98 - func (m *mockStorageDriver) PutContent(ctx context.Context, path string, content []byte) error { 99 - m.mu.Lock() 100 - defer m.mu.Unlock() 101 - m.blobs[path] = content 102 - return nil 103 - } 104 - 105 - func (m *mockStorageDriver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { 106 - data, err := m.GetContent(ctx, path) 107 - if err != nil { 108 - return nil, err 109 - } 110 - return io.NopCloser(bytes.NewReader(data[offset:])), nil 111 - } 112 - 113 - func (m *mockStorageDriver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { 114 - return &mockFileWriter{driver: m, path: path}, nil 115 - } 116 - 117 - func (m *mockStorageDriver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { 118 - m.mu.RLock() 119 - defer m.mu.RUnlock() 120 - 121 - // Check for injected error 122 - if m.StatError != nil { 123 - return nil, m.StatError 124 - } 125 - 126 - if data, ok := m.blobs[path]; ok { 127 - return &mockFileInfo{path: path, size: int64(len(data))}, nil 128 - } 129 - return nil, storagedriver.PathNotFoundError{Path: path} 130 - } 131 - 132 - func (m *mockStorageDriver) List(ctx context.Context, path string) ([]string, error) { 133 - return nil, nil 134 - } 135 - 136 - func (m *mockStorageDriver) Move(ctx context.Context, sourcePath string, destPath string) error { 137 - m.mu.Lock() 138 - defer m.mu.Unlock() 139 - 140 - // Check for injected error 141 - if m.MoveError != nil { 142 - return m.MoveError 143 - } 144 - 145 - if data, ok := m.blobs[sourcePath]; ok { 146 - m.blobs[destPath] = data 147 - delete(m.blobs, sourcePath) 148 - return nil 149 - } 150 - return storagedriver.PathNotFoundError{Path: sourcePath} 151 - } 152 - 153 - func (m *mockStorageDriver) Delete(ctx context.Context, path string) error { 154 - m.mu.Lock() 155 - defer m.mu.Unlock() 156 - delete(m.blobs, path) 157 - return nil 158 - } 159 - 160 - func (m *mockStorageDriver) RedirectURL(r *http.Request, path string) (string, error) { 161 - return "", storagedriver.ErrUnsupportedMethod{} 162 - } 163 - 164 - func (m *mockStorageDriver) Walk(ctx context.Context, path string, f storagedriver.WalkFn, options ...func(*storagedriver.WalkOptions)) error { 165 - return nil 166 - } 167 - 168 - // mockFileWriter implements storagedriver.FileWriter 169 - type mockFileWriter struct { 170 - driver *mockStorageDriver 171 - path string 172 - buf bytes.Buffer 173 - } 174 - 175 - func (w *mockFileWriter) Write(p []byte) (int, error) { 176 - return w.buf.Write(p) 177 - } 178 - 179 - func (w *mockFileWriter) Size() int64 { 180 - return int64(w.buf.Len()) 181 - } 182 - 183 - func (w *mockFileWriter) Close() error { 184 - return nil 185 - } 186 - 187 - func (w *mockFileWriter) Cancel(ctx context.Context) error { 188 - return nil 189 - } 190 - 191 - func (w *mockFileWriter) Commit(ctx context.Context) error { 192 - w.driver.mu.Lock() 193 - defer w.driver.mu.Unlock() 194 - w.driver.blobs[w.path] = w.buf.Bytes() 195 - return nil 196 - } 197 - 198 - // mockFileInfo implements storagedriver.FileInfo 199 - type mockFileInfo struct { 200 - path string 201 - size int64 202 - } 203 - 204 - func (f *mockFileInfo) Path() string { return f.path } 205 - func (f *mockFileInfo) Size() int64 { return f.size } 206 - func (f *mockFileInfo) ModTime() time.Time { return time.Time{} } 207 - func (f *mockFileInfo) IsDir() bool { return false } 208 - 209 65 // setupTestOCIHandlerWithMockS3 creates a test OCI XRPC handler with mock S3 210 66 // This does NOT require real S3 credentials - uses MockS3Client 211 - // Returns the handler, mock S3 client, and mock storage driver for test manipulation 212 - func setupTestOCIHandlerWithMockS3(t *testing.T) (*XRPCHandler, *s3.MockS3Client, *mockStorageDriver) { 67 + // Returns the handler and mock S3 client for test manipulation 68 + func setupTestOCIHandlerWithMockS3(t *testing.T) (*XRPCHandler, *s3.MockS3Client) { 213 69 t.Helper() 214 70 215 71 // Create temp directory for PDS database ··· 226 82 PathPrefix: "test-prefix", 227 83 } 228 84 229 - // Create mock storage driver 230 - mockDriver := newMockStorageDriver() 231 - 232 85 // Create minimal PDS for DID/auth 233 86 dbPath := ":memory:" 234 87 keyPath := filepath.Join(tmpDir, "signing-key") ··· 268 121 mockClient := &mockPDSClient{} 269 122 270 123 // Create OCI handler with mock S3 271 - handler := NewXRPCHandler(holdPDS, s3Service, mockDriver, false, mockClient, nil) 124 + handler := NewXRPCHandler(holdPDS, s3Service, false, mockClient, nil) 272 125 273 - return handler, mockS3Client, mockDriver 126 + return handler, mockS3Client 274 127 } 275 128 276 129 // setupTestOCIHandlerWithS3 creates a test OCI XRPC handler with S3 driver ··· 307 160 } 308 161 s3Params["rootdirectory"] = storageDir 309 162 310 - driver, err := factory.Create(ctx, "s3", s3Params) 311 - if err != nil { 312 - t.Logf("Failed to create S3 storage driver: %v", err) 313 - return nil, false 314 - } 315 - 316 163 // Create S3 service 317 164 s3Service, err := s3.NewS3Service(s3Params) 318 165 if err != nil { ··· 359 206 mockClient := &mockPDSClient{} 360 207 361 208 // Create OCI handler with S3 362 - handler := NewXRPCHandler(holdPDS, *s3Service, driver, false, mockClient, nil) 209 + handler := NewXRPCHandler(holdPDS, *s3Service, false, mockClient, nil) 363 210 364 211 return handler, true 365 212 } ··· 392 239 // Tests for HandleInitiateUpload - Mock S3 (no credentials required) 393 240 394 241 func TestHandleInitiateUpload_MockS3_Success(t *testing.T) { 395 - handler, mockS3Client, _ := setupTestOCIHandlerWithMockS3(t) 242 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 396 243 397 244 req := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{ 398 245 "digest": "sha256:abc123", ··· 421 268 } 422 269 423 270 func TestHandleInitiateUpload_MockS3_MissingDigest(t *testing.T) { 424 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 271 + handler, _ := setupTestOCIHandlerWithMockS3(t) 425 272 426 273 req := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{}) 427 274 addMockAuth(req) ··· 437 284 // Tests for full Mock S3 upload flow (no credentials required) 438 285 439 286 func TestFullMockS3UploadFlow(t *testing.T) { 440 - handler, mockS3Client, _ := setupTestOCIHandlerWithMockS3(t) 287 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 441 288 442 289 // 1. Initiate upload 443 290 initReq := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{ ··· 506 353 } 507 354 508 355 func TestHandleGetPartUploadUrl_MockS3_InvalidSession(t *testing.T) { 509 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 356 + handler, _ := setupTestOCIHandlerWithMockS3(t) 510 357 511 358 req := makeJSONRequest("POST", atproto.HoldGetPartUploadURL, map[string]any{ 512 359 "uploadId": "invalid-upload-id", ··· 523 370 } 524 371 525 372 func TestHandleAbortUpload_MockS3_InvalidSession(t *testing.T) { 526 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 373 + handler, _ := setupTestOCIHandlerWithMockS3(t) 527 374 528 375 req := makeJSONRequest("POST", atproto.HoldAbortUpload, map[string]string{ 529 376 "uploadId": "invalid-upload-id", ··· 764 611 // Tests for HandleCompleteUpload with Mock S3 765 612 766 613 func TestHandleCompleteUpload_MockS3_Success(t *testing.T) { 767 - handler, mockS3Client, mockDriver := setupTestOCIHandlerWithMockS3(t) 614 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 768 615 769 616 // 1. Initiate upload with temp path 770 617 tempDigest := "uploads/temp-test-complete" ··· 796 643 t.Fatalf("Expected status 200 for part URL, got %d: %s", partW.Code, partW.Body.String()) 797 644 } 798 645 799 - // 3. Pre-populate mock storage driver with temp blob (simulates S3 upload completing) 800 - // Path format: /docker/registry/v2/uploads/temp-{id}/data 801 - tempBlobPath := fmt.Sprintf("/docker/registry/v2/%s/data", tempDigest) 802 - mockDriver.PutContent(t.Context(), tempBlobPath, []byte("test blob content")) 803 - 804 - // 4. Complete upload with parts 646 + // 3. Complete upload with parts 647 + // (Mock S3 CompleteMultipartUpload auto-populates object for Stat/Move) 805 648 finalDigest := "sha256:abc123def456" 806 649 completeReq := makeJSONRequest("POST", atproto.HoldCompleteUpload, map[string]any{ 807 650 "uploadId": uploadID, ··· 833 676 t.Errorf("Expected 1 Complete call, got %d", len(mockS3Client.CompleteCalls)) 834 677 } 835 678 836 - // 6. Verify blob was moved to final location 837 - // Final path format: /docker/registry/v2/blobs/sha256/ab/abc123def456/data 838 - finalBlobPath := "/docker/registry/v2/blobs/sha256/ab/abc123def456/data" 839 - _, err := mockDriver.Stat(t.Context(), finalBlobPath) 840 - if err != nil { 841 - t.Errorf("Expected blob at final location %s, got error: %v", finalBlobPath, err) 679 + // 6. Verify blob was moved to final location in mock S3 680 + finalS3Key := "test-prefix/docker/registry/v2/blobs/sha256/ab/abc123def456/data" 681 + if mockS3Client.GetObject(finalS3Key) == nil { 682 + t.Errorf("Expected blob at final S3 key %s", finalS3Key) 842 683 } 843 684 } 844 685 845 686 func TestHandleCompleteUpload_MockS3_InvalidSession(t *testing.T) { 846 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 687 + handler, _ := setupTestOCIHandlerWithMockS3(t) 847 688 848 689 req := makeJSONRequest("POST", atproto.HoldCompleteUpload, map[string]any{ 849 690 "uploadId": "non-existent-upload-id", ··· 863 704 } 864 705 865 706 func TestHandleCompleteUpload_MockS3_MissingParams(t *testing.T) { 866 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 707 + handler, _ := setupTestOCIHandlerWithMockS3(t) 867 708 868 709 tests := []struct { 869 710 name string ··· 891 732 } 892 733 893 734 func TestHandleCompleteUpload_MockS3_ETagNormalization(t *testing.T) { 894 - handler, mockS3Client, mockDriver := setupTestOCIHandlerWithMockS3(t) 735 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 895 736 896 737 // Setup upload session 897 738 tempDigest := "uploads/temp-etag-test" ··· 905 746 var initResp map[string]any 906 747 decodeJSONResponse(t, initW, &initResp) 907 748 uploadID := initResp["uploadId"].(string) 908 - 909 - // Pre-populate mock driver 910 - tempBlobPath := fmt.Sprintf("/docker/registry/v2/%s/data", tempDigest) 911 - mockDriver.PutContent(t.Context(), tempBlobPath, []byte("test")) 912 749 913 750 // Complete with unquoted ETags 914 751 completeReq := makeJSONRequest("POST", atproto.HoldCompleteUpload, map[string]any{ ··· 938 775 } 939 776 940 777 func TestHandleCompleteUpload_MockS3_S3Error(t *testing.T) { 941 - handler, mockS3Client, mockDriver := setupTestOCIHandlerWithMockS3(t) 778 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 942 779 943 780 // Setup upload session 944 781 tempDigest := "uploads/temp-s3-error" ··· 952 789 var initResp map[string]any 953 790 decodeJSONResponse(t, initW, &initResp) 954 791 uploadID := initResp["uploadId"].(string) 955 - 956 - // Pre-populate mock driver 957 - tempBlobPath := fmt.Sprintf("/docker/registry/v2/%s/data", tempDigest) 958 - mockDriver.PutContent(t.Context(), tempBlobPath, []byte("test")) 959 792 960 793 // Inject S3 error 961 794 mockS3Client.CompleteError = fmt.Errorf("simulated S3 CompleteMultipartUpload failure") ··· 983 816 } 984 817 985 818 func TestHandleCompleteUpload_MockS3_StatError(t *testing.T) { 986 - handler, _, mockDriver := setupTestOCIHandlerWithMockS3(t) 819 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 987 820 988 821 // Setup upload session 989 822 tempDigest := "uploads/temp-stat-error" ··· 998 831 decodeJSONResponse(t, initW, &initResp) 999 832 uploadID := initResp["uploadId"].(string) 1000 833 1001 - // Pre-populate mock driver (so S3 complete succeeds) 1002 - tempBlobPath := fmt.Sprintf("/docker/registry/v2/%s/data", tempDigest) 1003 - mockDriver.PutContent(t.Context(), tempBlobPath, []byte("test")) 1004 - 1005 - // Inject Stat error (simulates blob not found after S3 complete) 1006 - mockDriver.StatError = fmt.Errorf("simulated stat failure") 834 + // Inject HeadObject error (simulates blob not found after S3 complete) 835 + mockS3Client.HeadObjectError = fmt.Errorf("simulated stat failure") 1007 836 1008 837 // Complete upload should fail 1009 838 completeReq := makeJSONRequest("POST", atproto.HoldCompleteUpload, map[string]any{ ··· 1023 852 } 1024 853 1025 854 func TestHandleCompleteUpload_MockS3_MoveError(t *testing.T) { 1026 - handler, _, mockDriver := setupTestOCIHandlerWithMockS3(t) 855 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 1027 856 1028 857 // Setup upload session 1029 858 tempDigest := "uploads/temp-move-error" ··· 1038 867 decodeJSONResponse(t, initW, &initResp) 1039 868 uploadID := initResp["uploadId"].(string) 1040 869 1041 - // Pre-populate mock driver 1042 - tempBlobPath := fmt.Sprintf("/docker/registry/v2/%s/data", tempDigest) 1043 - mockDriver.PutContent(t.Context(), tempBlobPath, []byte("test")) 1044 - 1045 - // Inject Move error 1046 - mockDriver.MoveError = fmt.Errorf("simulated move failure") 870 + // Inject CopyObject error (Move = Copy + Delete, so Copy error simulates move failure) 871 + mockS3Client.CopyObjectError = fmt.Errorf("simulated move failure") 1047 872 1048 873 // Complete upload should fail 1049 874 completeReq := makeJSONRequest("POST", atproto.HoldCompleteUpload, map[string]any{ ··· 1068 893 } 1069 894 1070 895 func TestHandleCompleteUpload_MockS3_UnsortedParts(t *testing.T) { 1071 - handler, mockS3Client, mockDriver := setupTestOCIHandlerWithMockS3(t) 896 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 1072 897 1073 898 // Setup upload session 1074 899 tempDigest := "uploads/temp-unsorted" ··· 1083 908 decodeJSONResponse(t, initW, &initResp) 1084 909 uploadID := initResp["uploadId"].(string) 1085 910 1086 - // Pre-populate mock driver 1087 - tempBlobPath := fmt.Sprintf("/docker/registry/v2/%s/data", tempDigest) 1088 - mockDriver.PutContent(t.Context(), tempBlobPath, []byte("test")) 1089 - 1090 911 // Complete with unsorted parts (3, 1, 2) - handler should sort them 1091 912 completeReq := makeJSONRequest("POST", atproto.HoldCompleteUpload, map[string]any{ 1092 913 "uploadId": uploadID, ··· 1117 938 // Tests for HandleInitiateUpload edge cases 1118 939 1119 940 func TestHandleInitiateUpload_MockS3_S3Error(t *testing.T) { 1120 - handler, mockS3Client, _ := setupTestOCIHandlerWithMockS3(t) 941 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 1121 942 1122 943 // Inject S3 error 1123 944 mockS3Client.CreateMultipartError = fmt.Errorf("simulated S3 CreateMultipartUpload failure") ··· 1141 962 } 1142 963 1143 964 func TestHandleInitiateUpload_MockS3_WhitespaceDigest(t *testing.T) { 1144 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 965 + handler, _ := setupTestOCIHandlerWithMockS3(t) 1145 966 1146 967 req := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{ 1147 968 "digest": " ", // Whitespace only ··· 1162 983 // Tests for HandleGetPartUploadURL edge cases 1163 984 1164 985 func TestHandleGetPartUploadUrl_MockS3_MissingParams(t *testing.T) { 1165 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 986 + handler, _ := setupTestOCIHandlerWithMockS3(t) 1166 987 1167 988 tests := []struct { 1168 989 name string ··· 1189 1010 } 1190 1011 1191 1012 func TestHandleGetPartUploadUrl_MockS3_ValidSession(t *testing.T) { 1192 - handler, mockS3Client, _ := setupTestOCIHandlerWithMockS3(t) 1013 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 1193 1014 1194 1015 // First initiate an upload 1195 1016 initReq := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{ ··· 1237 1058 // Tests for HandleAbortUpload edge cases 1238 1059 1239 1060 func TestHandleAbortUpload_MockS3_MissingUploadId(t *testing.T) { 1240 - handler, _, _ := setupTestOCIHandlerWithMockS3(t) 1061 + handler, _ := setupTestOCIHandlerWithMockS3(t) 1241 1062 1242 1063 req := makeJSONRequest("POST", atproto.HoldAbortUpload, map[string]string{}) 1243 1064 addMockAuth(req) ··· 1251 1072 } 1252 1073 1253 1074 func TestHandleAbortUpload_MockS3_S3Error(t *testing.T) { 1254 - handler, mockS3Client, _ := setupTestOCIHandlerWithMockS3(t) 1075 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 1255 1076 1256 1077 // First initiate an upload 1257 1078 initReq := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{ ··· 1288 1109 } 1289 1110 1290 1111 func TestHandleAbortUpload_MockS3_ValidSession(t *testing.T) { 1291 - handler, mockS3Client, _ := setupTestOCIHandlerWithMockS3(t) 1112 + handler, mockS3Client := setupTestOCIHandlerWithMockS3(t) 1292 1113 1293 1114 // First initiate an upload 1294 1115 initReq := makeJSONRequest("POST", atproto.HoldInitiateUpload, map[string]string{

+3 -3

pkg/hold/pds/manifest_post.go

··· 10 10 "time" 11 11 12 12 "atcr.io/pkg/atproto" 13 + "atcr.io/pkg/s3" 13 14 bsky "github.com/bluesky-social/indigo/api/bsky" 14 - "github.com/distribution/distribution/v3/registry/storage/driver" 15 15 ) 16 16 17 17 // CreateManifestPost creates a Bluesky post announcing a manifest upload ··· 19 19 // artifactType is "container-image", "helm-chart", or "unknown" 20 20 func (p *HoldPDS) CreateManifestPost( 21 21 ctx context.Context, 22 - storageDriver driver.StorageDriver, 22 + s3svc *s3.S3Service, 23 23 repository, tag, userHandle, userDID, digest string, 24 24 totalSize int64, 25 25 platforms []string, ··· 50 50 slog.Warn("Failed to fetch OG image, posting without embed", "error", err) 51 51 } else { 52 52 // Upload OG image as blob 53 - thumbBlob, err := uploadBlobToStorage(ctx, storageDriver, p.did, ogImageData, "image/png") 53 + thumbBlob, err := uploadBlobToStorage(ctx, s3svc, p.did, ogImageData, "image/png") 54 54 if err != nil { 55 55 slog.Warn("Failed to upload OG image blob", "error", err) 56 56 } else {

+9 -29

pkg/hold/pds/profile.go

··· 1 1 package pds 2 2 3 3 import ( 4 - "bytes" 5 4 "context" 6 5 "crypto/sha256" 7 6 "fmt" ··· 11 10 "time" 12 11 13 12 "atcr.io/pkg/atproto" 13 + "atcr.io/pkg/s3" 14 14 bsky "github.com/bluesky-social/indigo/api/bsky" 15 15 lexutil "github.com/bluesky-social/indigo/lex/util" 16 - "github.com/distribution/distribution/v3/registry/storage/driver" 17 16 "github.com/ipfs/go-cid" 18 17 "github.com/multiformats/go-multihash" 19 18 ) ··· 68 67 return data, contentType, nil 69 68 } 70 69 71 - // uploadBlobToStorage uploads a blob to the hold's storage and returns a blob reference 72 - // This stores the blob at the ATProto path for the hold's DID 73 - func uploadBlobToStorage(ctx context.Context, storageDriver driver.StorageDriver, did string, data []byte, mimeType string) (*lexutil.LexBlob, error) { 70 + // uploadBlobToStorage uploads a blob to the hold's S3 storage and returns a blob reference. 71 + // This stores the blob at the ATProto path for the hold's DID. 72 + func uploadBlobToStorage(ctx context.Context, s3svc *s3.S3Service, did string, data []byte, mimeType string) (*lexutil.LexBlob, error) { 74 73 if len(data) == 0 { 75 74 return nil, fmt.Errorf("empty blob data") 76 75 } ··· 90 89 // ATProto uses CIDv1 with raw codec for blobs 91 90 blobCID := cid.NewCidV1(0x55, mh) 92 91 93 - // Store blob via distribution driver at ATProto path 92 + // Store blob via S3 at ATProto path 94 93 path := atprotoBlobPath(did, blobCID.String()) 95 94 96 - // Write blob to storage using distribution driver 97 - writer, err := storageDriver.Writer(ctx, path, false) 98 - if err != nil { 99 - return nil, fmt.Errorf("failed to create writer: %w", err) 100 - } 101 - 102 - // Write data 103 - n, err := io.Copy(writer, bytes.NewReader(data)) 104 - if err != nil { 105 - writer.Cancel(ctx) 106 - return nil, fmt.Errorf("failed to write blob: %w", err) 107 - } 108 - 109 - // Commit the write 110 - if err := writer.Commit(ctx); err != nil { 111 - return nil, fmt.Errorf("failed to commit blob: %w", err) 112 - } 113 - 114 - if n != size { 115 - return nil, fmt.Errorf("size mismatch: wrote %d bytes, expected %d", n, size) 95 + if err := s3svc.PutBytes(ctx, path, data, mimeType); err != nil { 96 + return nil, fmt.Errorf("failed to put blob: %w", err) 116 97 } 117 98 118 99 // Create blob reference in the format expected by bsky.ActorProfile 119 - // LexLink is a type alias for cid.Cid 120 100 lexLink := lexutil.LexLink(blobCID) 121 101 blob := &lexutil.LexBlob{ 122 102 Ref: lexLink, ··· 129 109 130 110 // CreateProfileRecord creates the app.bsky.actor.profile record for the hold 131 111 // This will FAIL if the profile record already exists. 132 - func (p *HoldPDS) CreateProfileRecord(ctx context.Context, storageDriver driver.StorageDriver, displayName, description, avatarURL string) (cid.Cid, error) { 112 + func (p *HoldPDS) CreateProfileRecord(ctx context.Context, s3svc *s3.S3Service, displayName, description, avatarURL string) (cid.Cid, error) { 133 113 // Create profile struct 134 114 profile := &bsky.ActorProfile{ 135 115 DisplayName: &displayName, ··· 147 127 slog.Debug("Uploading avatar blob", 148 128 "size", len(imageData), 149 129 "mimeType", mimeType) 150 - avatarBlob, err := uploadBlobToStorage(ctx, storageDriver, p.did, imageData, mimeType) 130 + avatarBlob, err := uploadBlobToStorage(ctx, s3svc, p.did, imageData, mimeType) 151 131 if err != nil { 152 132 return cid.Undef, fmt.Errorf("failed to upload avatar blob: %w", err) 153 133 }

+21 -8

pkg/hold/pds/scan_broadcaster.go

··· 13 13 "time" 14 14 15 15 "atcr.io/pkg/atproto" 16 + "atcr.io/pkg/s3" 16 17 lexutil "github.com/bluesky-social/indigo/lex/util" 17 - storagedriver "github.com/distribution/distribution/v3/registry/storage/driver" 18 18 "github.com/gorilla/websocket" 19 19 ) 20 20 ··· 28 28 db *sql.DB 29 29 holdDID string 30 30 holdEndpoint string 31 - driver storagedriver.StorageDriver 31 + s3 *s3.S3Service 32 32 pds *HoldPDS 33 33 ackTimeout time.Duration 34 34 secret string // Shared secret for scanner authentication ··· 80 80 81 81 // NewScanBroadcaster creates a new scan job broadcaster 82 82 // dbPath should point to a SQLite database file (e.g., "/path/to/pds/db.sqlite3") 83 - func NewScanBroadcaster(holdDID, holdEndpoint, secret, dbPath string, driver storagedriver.StorageDriver, holdPDS *HoldPDS) (*ScanBroadcaster, error) { 83 + func NewScanBroadcaster(holdDID, holdEndpoint, secret, dbPath string, s3svc *s3.S3Service, holdPDS *HoldPDS) (*ScanBroadcaster, error) { 84 84 dsn := dbPath 85 85 if dbPath != ":memory:" && !strings.HasPrefix(dbPath, "file:") { 86 86 dsn = "file:" + dbPath ··· 99 99 db: db, 100 100 holdDID: holdDID, 101 101 holdEndpoint: holdEndpoint, 102 - driver: driver, 102 + s3: s3svc, 103 103 pds: holdPDS, 104 104 ackTimeout: 5 * time.Minute, 105 105 secret: secret, ··· 119 119 120 120 // NewScanBroadcasterWithDB creates a scan job broadcaster using an existing *sql.DB connection. 121 121 // The caller is responsible for the DB lifecycle. 122 - func NewScanBroadcasterWithDB(holdDID, holdEndpoint, secret string, db *sql.DB, driver storagedriver.StorageDriver, holdPDS *HoldPDS) (*ScanBroadcaster, error) { 122 + func NewScanBroadcasterWithDB(holdDID, holdEndpoint, secret string, db *sql.DB, s3svc *s3.S3Service, holdPDS *HoldPDS) (*ScanBroadcaster, error) { 123 123 sb := &ScanBroadcaster{ 124 124 subscribers: make([]*ScanSubscriber, 0), 125 125 db: db, 126 126 holdDID: holdDID, 127 127 holdEndpoint: holdEndpoint, 128 - driver: driver, 128 + s3: s3svc, 129 129 pds: holdPDS, 130 130 ackTimeout: 5 * time.Minute, 131 131 secret: secret, ··· 424 424 // Upload SBOM as a blob to the hold's PDS blob storage (like manifest blobs) 425 425 var sbomBlob *lexutil.LexBlob 426 426 if msg.SBOM != "" { 427 - blob, err := uploadBlobToStorage(ctx, sb.driver, sb.holdDID, []byte(msg.SBOM), "application/spdx+json") 427 + blob, err := uploadBlobToStorage(ctx, sb.s3, sb.holdDID, []byte(msg.SBOM), "application/spdx+json") 428 428 if err != nil { 429 429 slog.Error("Failed to upload SBOM blob to PDS storage", 430 430 "seq", msg.Seq, ··· 434 434 } 435 435 } 436 436 437 + // Upload vulnerability report as a blob (full Grype JSON with CVE details) 438 + var vulnReportBlob *lexutil.LexBlob 439 + if msg.VulnReport != "" { 440 + blob, err := uploadBlobToStorage(ctx, sb.s3, sb.holdDID, []byte(msg.VulnReport), "application/vnd.atcr.vulnerabilities+json") 441 + if err != nil { 442 + slog.Error("Failed to upload VulnReport blob to PDS storage", 443 + "seq", msg.Seq, 444 + "error", err) 445 + } else { 446 + vulnReportBlob = blob 447 + } 448 + } 449 + 437 450 // Store scan result as a record in the hold's embedded PDS 438 451 if msg.Summary != nil { 439 452 scanRecord := atproto.NewScanRecord( 440 453 manifestDigest, repository, userDID, 441 - sbomBlob, 454 + sbomBlob, vulnReportBlob, 442 455 msg.Summary.Critical, msg.Summary.High, msg.Summary.Medium, msg.Summary.Low, msg.Summary.Total, 443 456 "atcr-scanner-v1.0.0", 444 457 )

+5 -5

pkg/hold/pds/server.go

··· 13 13 "atcr.io/pkg/atproto" 14 14 "atcr.io/pkg/auth/oauth" 15 15 holddb "atcr.io/pkg/hold/db" 16 + "atcr.io/pkg/s3" 16 17 "github.com/bluesky-social/indigo/atproto/atcrypto" 17 18 lexutil "github.com/bluesky-social/indigo/lex/util" 18 19 "github.com/bluesky-social/indigo/models" 19 20 "github.com/bluesky-social/indigo/repo" 20 - "github.com/distribution/distribution/v3/registry/storage/driver" 21 21 "github.com/ipfs/go-cid" 22 22 ) 23 23 ··· 231 231 } 232 232 233 233 // Bootstrap initializes the hold with the captain record, owner as first crew member, and profile 234 - func (p *HoldPDS) Bootstrap(ctx context.Context, storageDriver driver.StorageDriver, ownerDID string, public bool, allowAllCrew bool, avatarURL, region string) error { 234 + func (p *HoldPDS) Bootstrap(ctx context.Context, s3svc *s3.S3Service, ownerDID string, public bool, allowAllCrew bool, avatarURL, region string) error { 235 235 if ownerDID == "" { 236 236 return nil 237 237 } ··· 317 317 318 318 // Create Bluesky profile record (idempotent - check if exists first) 319 319 // This runs even if captain exists (for existing holds being upgraded) 320 - // Skip if no storage driver (e.g., in tests) 321 - if storageDriver != nil { 320 + // Skip if no S3 service (e.g., in tests) 321 + if s3svc != nil { 322 322 _, _, err = p.GetProfileRecord(ctx) 323 323 if err != nil { 324 324 // Bluesky profile doesn't exist, create it 325 325 displayName := "Cargo Hold" 326 326 description := "ahoy from the cargo hold" 327 327 328 - _, err = p.CreateProfileRecord(ctx, storageDriver, displayName, description, avatarURL) 328 + _, err = p.CreateProfileRecord(ctx, s3svc, displayName, description, avatarURL) 329 329 if err != nil { 330 330 return fmt.Errorf("failed to create bluesky profile record: %w", err) 331 331 }

+2 -2

pkg/hold/pds/status_test.go

··· 55 55 } 56 56 57 57 // Create handler for XRPC endpoints 58 - handler := NewXRPCHandler(holdPDS, s3.S3Service{}, nil, nil, &mockPDSClient{}, nil) 58 + handler := NewXRPCHandler(holdPDS, s3.S3Service{}, nil, &mockPDSClient{}, nil) 59 59 60 60 // Helper function to list posts via XRPC 61 61 listPosts := func() ([]map[string]any, error) { ··· 283 283 } 284 284 285 285 // Create shared handler 286 - sharedHandler = NewXRPCHandler(sharedPDS, s3.S3Service{}, nil, nil, &mockPDSClient{}, nil) 286 + sharedHandler = NewXRPCHandler(sharedPDS, s3.S3Service{}, nil, &mockPDSClient{}, nil) 287 287 288 288 // Run tests 289 289 code := m.Run()

+10 -34

pkg/hold/pds/xrpc.go

··· 12 12 "github.com/bluesky-social/indigo/api/bsky" 13 13 lexutil "github.com/bluesky-social/indigo/lex/util" 14 14 "github.com/bluesky-social/indigo/repo" 15 - "github.com/distribution/distribution/v3/registry/storage/driver" 16 15 "github.com/go-chi/chi/v5" 17 16 "github.com/go-chi/render" 18 17 "github.com/gorilla/websocket" ··· 46 45 type XRPCHandler struct { 47 46 pds *HoldPDS 48 47 s3Service s3.S3Service 49 - storageDriver driver.StorageDriver 50 48 broadcaster *EventBroadcaster 51 49 scanBroadcaster *ScanBroadcaster // Scan job dispatcher for connected scanners 52 50 httpClient HTTPClient // For testing - allows injecting mock HTTP client ··· 68 66 } 69 67 70 68 // NewXRPCHandler creates a new XRPC handler 71 - func NewXRPCHandler(pds *HoldPDS, s3Service s3.S3Service, storageDriver driver.StorageDriver, broadcaster *EventBroadcaster, httpClient HTTPClient, quotaMgr *quota.Manager) *XRPCHandler { 69 + func NewXRPCHandler(pds *HoldPDS, s3Service s3.S3Service, broadcaster *EventBroadcaster, httpClient HTTPClient, quotaMgr *quota.Manager) *XRPCHandler { 72 70 return &XRPCHandler{ 73 - pds: pds, 74 - s3Service: s3Service, 75 - storageDriver: storageDriver, 76 - broadcaster: broadcaster, 77 - httpClient: httpClient, 78 - quotaMgr: quotaMgr, 71 + pds: pds, 72 + s3Service: s3Service, 73 + broadcaster: broadcaster, 74 + httpClient: httpClient, 75 + quotaMgr: quotaMgr, 79 76 } 80 77 } 81 78 ··· 1052 1049 // ATProto uses CIDv1 with raw codec for blobs 1053 1050 blobCID := cid.NewCidV1(0x55, mh) 1054 1051 1055 - // Store blob via distribution driver at ATProto path 1052 + // Store blob via S3 at ATProto path 1056 1053 path := atprotoBlobPath(did, blobCID.String()) 1057 1054 1058 - // Write blob to storage using distribution driver 1059 - writer, err := h.storageDriver.Writer(r.Context(), path, false) 1060 - if err != nil { 1061 - http.Error(w, fmt.Sprintf("failed to create writer: %v", err), http.StatusInternalServerError) 1062 - return 1063 - } 1064 - 1065 - // Write data 1066 - n, err := io.Copy(writer, bytes.NewReader(blobData)) 1067 - if err != nil { 1068 - writer.Cancel(r.Context()) 1069 - http.Error(w, fmt.Sprintf("failed to write blob: %v", err), http.StatusInternalServerError) 1070 - return 1071 - } 1072 - 1073 - // Commit the write 1074 - if err := writer.Commit(r.Context()); err != nil { 1075 - http.Error(w, fmt.Sprintf("failed to commit blob: %v", err), http.StatusInternalServerError) 1076 - return 1077 - } 1078 - 1079 - if n != size { 1080 - http.Error(w, fmt.Sprintf("size mismatch: wrote %d bytes, expected %d", n, size), http.StatusInternalServerError) 1055 + if err := h.s3Service.PutBytes(r.Context(), path, blobData, "application/octet-stream"); err != nil { 1056 + http.Error(w, fmt.Sprintf("failed to put blob: %v", err), http.StatusInternalServerError) 1081 1057 return 1082 1058 } 1083 1059 ··· 1259 1235 safeDID := strings.ReplaceAll(did, ":", "-") 1260 1236 blobsPath := fmt.Sprintf("/repos/%s/blobs", safeDID) 1261 1237 1262 - entries, err := h.storageDriver.List(r.Context(), blobsPath) 1238 + entries, err := h.s3Service.ListPrefix(r.Context(), blobsPath) 1263 1239 if err != nil { 1264 1240 // Path doesn't exist = no blobs, return empty list 1265 1241 render.JSON(w, r, map[string]any{"cids": []string{}})

+24 -62

pkg/hold/pds/xrpc_test.go

··· 18 18 "atcr.io/pkg/s3" 19 19 indigoAtproto "github.com/bluesky-social/indigo/api/atproto" 20 20 "github.com/bluesky-social/indigo/events" 21 - "github.com/distribution/distribution/v3/registry/storage/driver/factory" 22 - _ "github.com/distribution/distribution/v3/registry/storage/driver/filesystem" 23 21 "github.com/go-chi/chi/v5" 24 22 "github.com/gorilla/websocket" 25 23 "github.com/ipfs/go-cid" ··· 76 74 mockS3 := s3.S3Service{} 77 75 78 76 // Create XRPC handler with mock HTTP client 79 - handler := NewXRPCHandler(pds, mockS3, nil, nil, mockClient, nil) 77 + handler := NewXRPCHandler(pds, mockS3, nil, mockClient, nil) 80 78 81 79 return handler, ctx 82 80 } ··· 143 141 mockS3 := s3.S3Service{} 144 142 145 143 // Create XRPC handler with mock HTTP client 146 - handler := NewXRPCHandler(pds, mockS3, nil, nil, mockClient, nil) 144 + handler := NewXRPCHandler(pds, mockS3, nil, mockClient, nil) 147 145 148 146 return handler, ctx 149 147 } ··· 753 751 pds, ctx := setupTestPDS(t) // Don't bootstrap - no records created yet 754 752 mockClient := &mockPDSClient{} 755 753 mockS3 := s3.S3Service{} 756 - handler := NewXRPCHandler(pds, mockS3, nil, nil, mockClient, nil) 754 + handler := NewXRPCHandler(pds, mockS3, nil, mockClient, nil) 757 755 758 756 // Initialize repo manually (setupTestPDS doesn't call Bootstrap, so no crew members) 759 757 err := pds.repomgr.InitNewActor(ctx, pds.uid, "", pds.did, "", "", "") ··· 1231 1229 pds, ctx := setupTestPDS(t) // Don't bootstrap 1232 1230 mockClient := &mockPDSClient{} 1233 1231 mockS3 := s3.S3Service{} 1234 - handler := NewXRPCHandler(pds, mockS3, nil, nil, mockClient, nil) 1232 + handler := NewXRPCHandler(pds, mockS3, nil, mockClient, nil) 1235 1233 1236 1234 // setupTestPDS creates the PDS/database but doesn't initialize the repo 1237 1235 // Check if implementation returns repos before initialization ··· 1317 1315 pds, ctx := setupTestPDS(t) // Don't bootstrap 1318 1316 mockClient := &mockPDSClient{} 1319 1317 mockS3 := s3.S3Service{} 1320 - handler := NewXRPCHandler(pds, mockS3, nil, nil, mockClient, nil) 1318 + handler := NewXRPCHandler(pds, mockS3, nil, mockClient, nil) 1321 1319 holdDID := "did:web:hold.example.com" 1322 1320 1323 1321 // Initialize repo but don't add any records ··· 1960 1958 // Mock S3 Service for testing blob endpoints 1961 1959 1962 1960 // mockS3Service is a simple mock that tracks calls and returns test URLs 1963 - type mockS3Service struct { 1964 - // Track calls 1965 - downloadCalls []string // Track digests requested for download 1966 - } 1967 - 1968 - func newMockS3Service() *mockS3Service { 1969 - return &mockS3Service{ 1970 - downloadCalls: []string{}, 1971 - } 1972 - } 1973 - 1974 - // toS3Service converts the mock to an s3.S3Service 1975 - // Returns empty s3.S3Service since we're not testing S3 presigned URLs in these tests 1976 - func (m *mockS3Service) toS3Service() s3.S3Service { 1977 - return s3.S3Service{ 1978 - Client: nil, // Not testing presigned URLs 1979 - Bucket: "", 1980 - PathPrefix: "", 1981 - } 1982 - } 1983 - 1984 1961 // setupTestXRPCHandlerWithMockS3 creates handler with MockS3Client for testing presigned URLs 1985 1962 func setupTestXRPCHandlerWithMockS3(t *testing.T) (*XRPCHandler, *s3.MockS3Client, context.Context) { 1986 1963 t.Helper() ··· 2027 2004 Client: mockS3Client, 2028 2005 Bucket: "test-bucket", 2029 2006 PathPrefix: "test-prefix", 2030 - } 2031 - 2032 - // Create filesystem storage driver for tests 2033 - storageDir := filepath.Join(tmpDir, "storage") 2034 - params := map[string]any{ 2035 - "rootdirectory": storageDir, 2036 - } 2037 - driver, err := factory.Create(ctx, "filesystem", params) 2038 - if err != nil { 2039 - t.Fatalf("Failed to create storage driver: %v", err) 2040 2007 } 2041 2008 2042 2009 // Create mock PDS client for DPoP validation 2043 2010 mockClient := &mockPDSClient{} 2044 2011 2045 - // Create XRPC handler with mock S3 client and real filesystem driver 2046 - handler := NewXRPCHandler(pds, s3Service, driver, nil, mockClient, nil) 2012 + // Create XRPC handler with mock S3 client 2013 + handler := NewXRPCHandler(pds, s3Service, nil, mockClient, nil) 2047 2014 2048 2015 return handler, mockS3Client, ctx 2049 2016 } 2050 2017 2051 - // setupTestXRPCHandlerWithBlobs creates handler with mock s3 service and real filesystem driver 2052 - func setupTestXRPCHandlerWithBlobs(t *testing.T) (*XRPCHandler, *mockS3Service, context.Context) { 2018 + // setupTestXRPCHandlerWithBlobs creates handler with MockS3Client for upload/list testing 2019 + func setupTestXRPCHandlerWithBlobs(t *testing.T) (*XRPCHandler, *s3.MockS3Client, context.Context) { 2053 2020 t.Helper() 2054 2021 2055 2022 ctx := context.Background() ··· 2088 2055 t.Fatalf("Failed to bootstrap PDS: %v", err) 2089 2056 } 2090 2057 2091 - // Create mock s3 service that returns test URLs 2092 - mockS3Svc := newMockS3Service() 2093 - 2094 - // Create filesystem storage driver for tests 2095 - storageDir := filepath.Join(tmpDir, "storage") 2096 - params := map[string]any{ 2097 - "rootdirectory": storageDir, 2098 - } 2099 - driver, err := factory.Create(ctx, "filesystem", params) 2100 - if err != nil { 2101 - t.Fatalf("Failed to create storage driver: %v", err) 2058 + // Create MockS3Client for blob upload/list 2059 + mockS3Client := s3.NewMockS3Client("https://mock-s3.example.com") 2060 + s3Service := s3.S3Service{ 2061 + Client: mockS3Client, 2062 + Bucket: "test-bucket", 2063 + PathPrefix: "", 2102 2064 } 2103 2065 2104 2066 // Create mock PDS client for DPoP validation 2105 2067 mockClient := &mockPDSClient{} 2106 2068 2107 - // Create XRPC handler with mock s3 service and real filesystem driver 2108 - handler := NewXRPCHandler(pds, mockS3Svc.toS3Service(), driver, nil, mockClient, nil) 2069 + // Create XRPC handler 2070 + handler := NewXRPCHandler(pds, s3Service, nil, mockClient, nil) 2109 2071 2110 - return handler, mockS3Svc, ctx 2072 + return handler, mockS3Client, ctx 2111 2073 } 2112 2074 2113 2075 // Tests for HandleUploadBlob ··· 2391 2353 t.Error("Expected Location header in 307 redirect") 2392 2354 } 2393 2355 2394 - // Should be XRPC proxy URL since we don't have S3 client 2395 - if !strings.Contains(location, "/xrpc/com.atproto.sync.getBlob") { 2396 - t.Errorf("Expected XRPC proxy URL, got: %s", location) 2356 + // Should be a presigned URL from the mock S3 client 2357 + if !strings.Contains(location, "mock-s3.example.com") { 2358 + t.Errorf("Expected presigned S3 URL, got: %s", location) 2397 2359 } 2398 2360 } 2399 2361 ··· 2457 2419 t.Error("Expected Location header in 307 redirect") 2458 2420 } 2459 2421 2460 - // Should be XRPC proxy URL since we don't have S3 client 2461 - if !strings.Contains(location, "/xrpc/com.atproto.sync.getBlob") { 2462 - t.Errorf("Expected XRPC proxy URL, got: %s", location) 2422 + // Should be a presigned URL from the mock S3 client 2423 + if !strings.Contains(location, "mock-s3.example.com") { 2424 + t.Errorf("Expected presigned S3 URL, got: %s", location) 2463 2425 } 2464 2426 } 2465 2427

+11 -24

pkg/hold/server.go

··· 21 21 "atcr.io/pkg/logging" 22 22 "atcr.io/pkg/s3" 23 23 24 - "github.com/distribution/distribution/v3/registry/storage/driver/factory" 25 - _ "github.com/distribution/distribution/v3/registry/storage/driver/s3-aws" 26 - 27 24 "github.com/go-chi/chi/v5" 28 25 "github.com/go-chi/chi/v5/middleware" 29 26 ) ··· 72 69 73 70 // Initialize embedded PDS if database path is configured 74 71 var xrpcHandler *pds.XRPCHandler 72 + var s3Service *s3.S3Service 75 73 if cfg.Database.Path != "" { 76 74 holdDID := pds.GenerateDIDFromURL(cfg.Server.PublicURL) 77 75 slog.Info("Initializing embedded PDS", "did", holdDID) ··· 109 107 s.broadcaster = pds.NewEventBroadcaster(holdDID, 100, ":memory:") 110 108 } 111 109 112 - // Create storage driver from config (needed for bootstrap profile avatar) 113 - driver, err := factory.Create(ctx, cfg.Storage.Type(), cfg.Storage.Parameters()) 110 + // Create S3 service (used for bootstrap, handlers, GC, etc.) 111 + s3Service, err = s3.NewS3Service(cfg.Storage.S3Params()) 114 112 if err != nil { 115 - return nil, fmt.Errorf("failed to create storage driver: %w", err) 113 + return nil, fmt.Errorf("failed to create S3 service: %w", err) 116 114 } 117 115 118 116 // Bootstrap PDS with captain record, hold owner as first crew member, and profile 119 - if err := s.PDS.Bootstrap(ctx, driver, cfg.Registration.OwnerDID, cfg.Server.Public, cfg.Registration.AllowAllCrew, cfg.Registration.ProfileAvatarURL, cfg.Registration.Region); err != nil { 117 + if err := s.PDS.Bootstrap(ctx, s3Service, cfg.Registration.OwnerDID, cfg.Server.Public, cfg.Registration.AllowAllCrew, cfg.Registration.ProfileAvatarURL, cfg.Registration.Region); err != nil { 120 118 return nil, fmt.Errorf("failed to bootstrap PDS: %w", err) 121 119 } 122 120 ··· 163 161 slog.Info("Quota enforcement disabled (no quota tiers configured)") 164 162 } 165 163 166 - // Create blob store adapter and XRPC handlers 164 + // Create XRPC handlers 167 165 var ociHandler *oci.XRPCHandler 168 166 if s.PDS != nil { 169 - ctx := context.Background() 170 - driver, err := factory.Create(ctx, cfg.Storage.Type(), cfg.Storage.Parameters()) 171 - if err != nil { 172 - return nil, fmt.Errorf("failed to create storage driver: %w", err) 173 - } 174 - 175 - s3Service, err := s3.NewS3Service(cfg.Storage.Parameters()) 176 - if err != nil { 177 - return nil, fmt.Errorf("failed to create S3 service: %w", err) 178 - } 179 - 180 - xrpcHandler = pds.NewXRPCHandler(s.PDS, *s3Service, driver, s.broadcaster, nil, s.QuotaManager) 181 - ociHandler = oci.NewXRPCHandler(s.PDS, *s3Service, driver, cfg.Registration.EnableBlueskyPosts, nil, s.QuotaManager) 167 + xrpcHandler = pds.NewXRPCHandler(s.PDS, *s3Service, s.broadcaster, nil, s.QuotaManager) 168 + ociHandler = oci.NewXRPCHandler(s.PDS, *s3Service, cfg.Registration.EnableBlueskyPosts, nil, s.QuotaManager) 182 169 183 170 // Initialize scan broadcaster if scanner secret is configured 184 171 if cfg.Scanner.Secret != "" { 185 172 holdDID := pds.GenerateDIDFromURL(cfg.Server.PublicURL) 186 173 var sb *pds.ScanBroadcaster 187 174 if s.holdDB != nil { 188 - sb, err = pds.NewScanBroadcasterWithDB(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, s.holdDB.DB, driver, s.PDS) 175 + sb, err = pds.NewScanBroadcasterWithDB(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, s.holdDB.DB, s3Service, s.PDS) 189 176 } else { 190 177 scanDBPath := cfg.Database.Path + "/db.sqlite3" 191 - sb, err = pds.NewScanBroadcaster(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, scanDBPath, driver, s.PDS) 178 + sb, err = pds.NewScanBroadcaster(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, scanDBPath, s3Service, s.PDS) 192 179 } 193 180 if err != nil { 194 181 return nil, fmt.Errorf("failed to initialize scan broadcaster: %w", err) ··· 200 187 } 201 188 202 189 // Initialize garbage collector 203 - s.garbageCollector = gc.NewGarbageCollector(s.PDS, driver, cfg.GC) 190 + s.garbageCollector = gc.NewGarbageCollector(s.PDS, s3Service, cfg.GC) 204 191 slog.Info("Garbage collector initialized", 205 192 "enabled", cfg.GC.Enabled) 206 193 }

+178

pkg/s3/mock.go

··· 1 1 package s3 2 2 3 3 import ( 4 + "bytes" 4 5 "context" 5 6 "fmt" 7 + "io" 8 + "strings" 6 9 "sync" 7 10 "time" 8 11 9 12 "github.com/aws/aws-sdk-go-v2/aws" 10 13 awss3 "github.com/aws/aws-sdk-go-v2/service/s3" 14 + s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" 11 15 "github.com/google/uuid" 12 16 ) 13 17 ··· 22 26 // If empty, a UUID is generated. 23 27 UploadID string 24 28 29 + // Objects stores in-memory blobs for PutObject/HeadObject/DeleteObject/CopyObject/ListObjectsV2. 30 + Objects map[string][]byte 31 + 25 32 // Track calls for verification in tests 26 33 mu sync.Mutex 27 34 CreateMultipartCalls []CreateMultipartCall ··· 36 43 CreateMultipartError error 37 44 CompleteError error 38 45 AbortError error 46 + HeadObjectError error 47 + CopyObjectError error 39 48 } 40 49 41 50 // CreateMultipartCall records a CreateMultipartUpload call ··· 89 98 func NewMockS3Client(testServerURL string) *MockS3Client { 90 99 return &MockS3Client{ 91 100 TestServerURL: testServerURL, 101 + Objects: make(map[string][]byte), 92 102 CreateMultipartCalls: []CreateMultipartCall{}, 93 103 CompleteCalls: []CompleteCall{}, 94 104 AbortCalls: []AbortCall{}, ··· 144 154 return nil, m.CompleteError 145 155 } 146 156 157 + // Store a placeholder object at the key so Stat/HeadObject works after complete 158 + key := aws.ToString(input.Key) 159 + if m.Objects != nil { 160 + if _, exists := m.Objects[key]; !exists { 161 + m.Objects[key] = []byte("completed-multipart") 162 + } 163 + } 164 + 147 165 // Return a mock ETag 148 166 etag := "\"mock-etag-" + uuid.New().String() + "\"" 149 167 return &awss3.CompleteMultipartUploadOutput{ ··· 169 187 return &awss3.AbortMultipartUploadOutput{}, nil 170 188 } 171 189 190 + // HeadObject implements S3Client 191 + func (m *MockS3Client) HeadObject(ctx context.Context, input *awss3.HeadObjectInput, opts ...func(*awss3.Options)) (*awss3.HeadObjectOutput, error) { 192 + m.mu.Lock() 193 + defer m.mu.Unlock() 194 + 195 + if m.HeadObjectError != nil { 196 + return nil, m.HeadObjectError 197 + } 198 + 199 + key := aws.ToString(input.Key) 200 + data, ok := m.Objects[key] 201 + if !ok { 202 + return nil, fmt.Errorf("NoSuchKey: object %s not found", key) 203 + } 204 + 205 + size := int64(len(data)) 206 + return &awss3.HeadObjectOutput{ 207 + ContentLength: &size, 208 + }, nil 209 + } 210 + 211 + // PutObject implements S3Client 212 + func (m *MockS3Client) PutObject(ctx context.Context, input *awss3.PutObjectInput, opts ...func(*awss3.Options)) (*awss3.PutObjectOutput, error) { 213 + m.mu.Lock() 214 + defer m.mu.Unlock() 215 + 216 + key := aws.ToString(input.Key) 217 + m.PutObjectCalls = append(m.PutObjectCalls, PutObjectCall{ 218 + Bucket: aws.ToString(input.Bucket), 219 + Key: key, 220 + }) 221 + 222 + if input.Body != nil { 223 + data, err := io.ReadAll(input.Body) 224 + if err != nil { 225 + return nil, err 226 + } 227 + m.Objects[key] = data 228 + } else { 229 + m.Objects[key] = []byte{} 230 + } 231 + 232 + return &awss3.PutObjectOutput{}, nil 233 + } 234 + 235 + // CopyObject implements S3Client 236 + func (m *MockS3Client) CopyObject(ctx context.Context, input *awss3.CopyObjectInput, opts ...func(*awss3.Options)) (*awss3.CopyObjectOutput, error) { 237 + m.mu.Lock() 238 + defer m.mu.Unlock() 239 + 240 + if m.CopyObjectError != nil { 241 + return nil, m.CopyObjectError 242 + } 243 + 244 + // CopySource is "bucket/key" 245 + copySource := aws.ToString(input.CopySource) 246 + // Strip bucket prefix to get key 247 + parts := strings.SplitN(copySource, "/", 2) 248 + srcKey := copySource 249 + if len(parts) == 2 { 250 + srcKey = parts[1] 251 + } 252 + 253 + data, ok := m.Objects[srcKey] 254 + if !ok { 255 + return nil, fmt.Errorf("NoSuchKey: source object %s not found", srcKey) 256 + } 257 + 258 + dstKey := aws.ToString(input.Key) 259 + m.Objects[dstKey] = append([]byte{}, data...) 260 + 261 + return &awss3.CopyObjectOutput{}, nil 262 + } 263 + 264 + // DeleteObject implements S3Client 265 + func (m *MockS3Client) DeleteObject(ctx context.Context, input *awss3.DeleteObjectInput, opts ...func(*awss3.Options)) (*awss3.DeleteObjectOutput, error) { 266 + m.mu.Lock() 267 + defer m.mu.Unlock() 268 + 269 + key := aws.ToString(input.Key) 270 + delete(m.Objects, key) 271 + 272 + return &awss3.DeleteObjectOutput{}, nil 273 + } 274 + 275 + // ListObjectsV2 implements S3Client 276 + func (m *MockS3Client) ListObjectsV2(ctx context.Context, input *awss3.ListObjectsV2Input, opts ...func(*awss3.Options)) (*awss3.ListObjectsV2Output, error) { 277 + m.mu.Lock() 278 + defer m.mu.Unlock() 279 + 280 + prefix := aws.ToString(input.Prefix) 281 + delimiter := aws.ToString(input.Delimiter) 282 + 283 + var contents []s3types.Object 284 + commonPrefixes := map[string]bool{} 285 + 286 + for key, data := range m.Objects { 287 + if !strings.HasPrefix(key, prefix) { 288 + continue 289 + } 290 + 291 + if delimiter != "" { 292 + // Check if there's a delimiter after the prefix 293 + rest := strings.TrimPrefix(key, prefix) 294 + idx := strings.Index(rest, delimiter) 295 + if idx >= 0 { 296 + // Has delimiter — this is a common prefix, not a content object 297 + cp := prefix + rest[:idx+len(delimiter)] 298 + commonPrefixes[cp] = true 299 + continue 300 + } 301 + } 302 + 303 + size := int64(len(data)) 304 + k := key 305 + contents = append(contents, s3types.Object{ 306 + Key: &k, 307 + Size: &size, 308 + }) 309 + } 310 + 311 + var cps []s3types.CommonPrefix 312 + for cp := range commonPrefixes { 313 + p := cp 314 + cps = append(cps, s3types.CommonPrefix{Prefix: &p}) 315 + } 316 + 317 + falseVal := false 318 + return &awss3.ListObjectsV2Output{ 319 + Contents: contents, 320 + CommonPrefixes: cps, 321 + IsTruncated: &falseVal, 322 + }, nil 323 + } 324 + 172 325 // PresignUploadPart implements S3Client 173 326 // Returns a mock presigned URL for test server 174 327 func (m *MockS3Client) PresignUploadPart(ctx context.Context, input *awss3.UploadPartInput, expires time.Duration) (string, error) { ··· 229 382 Key: aws.ToString(input.Key), 230 383 }) 231 384 385 + // Also store the body if provided (for PresignPutObject used in tests that also check objects) 386 + if input.Body != nil { 387 + key := aws.ToString(input.Key) 388 + data, _ := io.ReadAll(input.Body) 389 + m.Objects[key] = data 390 + } 391 + 232 392 url := fmt.Sprintf("%s/put/%s", m.TestServerURL, aws.ToString(input.Key)) 233 393 return url, nil 234 394 } 395 + 396 + // SetObject is a test helper to pre-populate an object in the mock store. 397 + func (m *MockS3Client) SetObject(key string, data []byte) { 398 + m.mu.Lock() 399 + defer m.mu.Unlock() 400 + m.Objects[key] = append([]byte{}, data...) 401 + } 402 + 403 + // GetObject is a test helper to read an object from the mock store (nil if not found). 404 + func (m *MockS3Client) GetObject(key string) []byte { 405 + m.mu.Lock() 406 + defer m.mu.Unlock() 407 + data, ok := m.Objects[key] 408 + if !ok { 409 + return nil 410 + } 411 + return bytes.Clone(data) 412 + }

+222 -11

pkg/s3/types.go

··· 3 3 package s3 4 4 5 5 import ( 6 + "bytes" 6 7 "context" 7 8 "fmt" 8 9 "log/slog" 10 + "net/url" 9 11 "strings" 10 12 "time" 11 13 ··· 23 25 CreateMultipartUpload(ctx context.Context, input *awss3.CreateMultipartUploadInput, opts ...func(*awss3.Options)) (*awss3.CreateMultipartUploadOutput, error) 24 26 CompleteMultipartUpload(ctx context.Context, input *awss3.CompleteMultipartUploadInput, opts ...func(*awss3.Options)) (*awss3.CompleteMultipartUploadOutput, error) 25 27 AbortMultipartUpload(ctx context.Context, input *awss3.AbortMultipartUploadInput, opts ...func(*awss3.Options)) (*awss3.AbortMultipartUploadOutput, error) 28 + 29 + // Direct object operations 30 + HeadObject(ctx context.Context, input *awss3.HeadObjectInput, opts ...func(*awss3.Options)) (*awss3.HeadObjectOutput, error) 31 + PutObject(ctx context.Context, input *awss3.PutObjectInput, opts ...func(*awss3.Options)) (*awss3.PutObjectOutput, error) 32 + CopyObject(ctx context.Context, input *awss3.CopyObjectInput, opts ...func(*awss3.Options)) (*awss3.CopyObjectOutput, error) 33 + DeleteObject(ctx context.Context, input *awss3.DeleteObjectInput, opts ...func(*awss3.Options)) (*awss3.DeleteObjectOutput, error) 34 + ListObjectsV2(ctx context.Context, input *awss3.ListObjectsV2Input, opts ...func(*awss3.Options)) (*awss3.ListObjectsV2Output, error) 26 35 27 36 // Presigned URL operations - return URL string directly 28 37 PresignGetObject(ctx context.Context, input *awss3.GetObjectInput, expires time.Duration) (string, error) ··· 61 70 return r.client.AbortMultipartUpload(ctx, input, opts...) 62 71 } 63 72 73 + // HeadObject implements S3Client 74 + func (r *RealS3Client) HeadObject(ctx context.Context, input *awss3.HeadObjectInput, opts ...func(*awss3.Options)) (*awss3.HeadObjectOutput, error) { 75 + return r.client.HeadObject(ctx, input, opts...) 76 + } 77 + 78 + // PutObject implements S3Client 79 + func (r *RealS3Client) PutObject(ctx context.Context, input *awss3.PutObjectInput, opts ...func(*awss3.Options)) (*awss3.PutObjectOutput, error) { 80 + return r.client.PutObject(ctx, input, opts...) 81 + } 82 + 83 + // CopyObject implements S3Client 84 + func (r *RealS3Client) CopyObject(ctx context.Context, input *awss3.CopyObjectInput, opts ...func(*awss3.Options)) (*awss3.CopyObjectOutput, error) { 85 + return r.client.CopyObject(ctx, input, opts...) 86 + } 87 + 88 + // DeleteObject implements S3Client 89 + func (r *RealS3Client) DeleteObject(ctx context.Context, input *awss3.DeleteObjectInput, opts ...func(*awss3.Options)) (*awss3.DeleteObjectOutput, error) { 90 + return r.client.DeleteObject(ctx, input, opts...) 91 + } 92 + 93 + // ListObjectsV2 implements S3Client 94 + func (r *RealS3Client) ListObjectsV2(ctx context.Context, input *awss3.ListObjectsV2Input, opts ...func(*awss3.Options)) (*awss3.ListObjectsV2Output, error) { 95 + return r.client.ListObjectsV2(ctx, input, opts...) 96 + } 97 + 64 98 // PresignGetObject implements S3Client 65 99 func (r *RealS3Client) PresignGetObject(ctx context.Context, input *awss3.GetObjectInput, expires time.Duration) (string, error) { 66 100 result, err := r.presign.PresignGetObject(ctx, input, func(opts *awss3.PresignOptions) { 67 101 opts.Expires = expires 68 - if r.pullZone != "" { 69 - opts.ClientOptions = append(opts.ClientOptions, func(o *awss3.Options) { 70 - o.BaseEndpoint = aws.String(r.pullZone) 71 - }) 72 - } 73 102 }) 74 103 if err != nil { 75 104 return "", err 76 105 } 77 - return result.URL, nil 106 + return r.applyPullZone(result.URL), nil 78 107 } 79 108 80 109 // PresignHeadObject implements S3Client 110 + // Note: pull zone is intentionally NOT applied to HEAD requests. CDNs like 111 + // Bunny may convert HEAD to GET when proxying, which breaks the SigV4 112 + // signature. HEAD responses have no body, so CDN caching provides no benefit. 81 113 func (r *RealS3Client) PresignHeadObject(ctx context.Context, input *awss3.HeadObjectInput, expires time.Duration) (string, error) { 82 114 result, err := r.presign.PresignHeadObject(ctx, input, func(opts *awss3.PresignOptions) { 83 115 opts.Expires = expires 84 - if r.pullZone != "" { 85 - opts.ClientOptions = append(opts.ClientOptions, func(o *awss3.Options) { 86 - o.BaseEndpoint = aws.String(r.pullZone) 87 - }) 88 - } 89 116 }) 90 117 if err != nil { 91 118 return "", err ··· 191 218 Bucket: bucket, 192 219 PathPrefix: s3PathPrefix, 193 220 }, nil 221 + } 222 + 223 + // s3Key converts a blob path (with leading /) to an S3 key with prefix. 224 + func (s *S3Service) s3Key(blobPath string) string { 225 + key := strings.TrimPrefix(blobPath, "/") 226 + if s.PathPrefix != "" { 227 + key = s.PathPrefix + "/" + key 228 + } 229 + return key 230 + } 231 + 232 + // Stat returns the size of an object at blobPath, or an error if it doesn't exist. 233 + func (s *S3Service) Stat(ctx context.Context, blobPath string) (int64, error) { 234 + key := s.s3Key(blobPath) 235 + out, err := s.Client.HeadObject(ctx, &awss3.HeadObjectInput{ 236 + Bucket: &s.Bucket, 237 + Key: &key, 238 + }) 239 + if err != nil { 240 + return 0, err 241 + } 242 + if out.ContentLength != nil { 243 + return *out.ContentLength, nil 244 + } 245 + return 0, nil 246 + } 247 + 248 + // PutBytes uploads data to blobPath with the given content type. 249 + func (s *S3Service) PutBytes(ctx context.Context, blobPath string, data []byte, contentType string) error { 250 + key := s.s3Key(blobPath) 251 + _, err := s.Client.PutObject(ctx, &awss3.PutObjectInput{ 252 + Bucket: &s.Bucket, 253 + Key: &key, 254 + Body: bytes.NewReader(data), 255 + ContentType: &contentType, 256 + }) 257 + return err 258 + } 259 + 260 + // Move copies srcPath to dstPath then deletes srcPath. 261 + func (s *S3Service) Move(ctx context.Context, srcPath, dstPath string) error { 262 + srcKey := s.s3Key(srcPath) 263 + dstKey := s.s3Key(dstPath) 264 + copySource := s.Bucket + "/" + srcKey 265 + 266 + _, err := s.Client.CopyObject(ctx, &awss3.CopyObjectInput{ 267 + Bucket: &s.Bucket, 268 + Key: &dstKey, 269 + CopySource: &copySource, 270 + }) 271 + if err != nil { 272 + return fmt.Errorf("copy %s -> %s: %w", srcPath, dstPath, err) 273 + } 274 + 275 + _, err = s.Client.DeleteObject(ctx, &awss3.DeleteObjectInput{ 276 + Bucket: &s.Bucket, 277 + Key: &srcKey, 278 + }) 279 + if err != nil { 280 + return fmt.Errorf("delete source %s after copy: %w", srcPath, err) 281 + } 282 + 283 + return nil 284 + } 285 + 286 + // Delete removes the object at blobPath. 287 + func (s *S3Service) Delete(ctx context.Context, blobPath string) error { 288 + key := s.s3Key(blobPath) 289 + _, err := s.Client.DeleteObject(ctx, &awss3.DeleteObjectInput{ 290 + Bucket: &s.Bucket, 291 + Key: &key, 292 + }) 293 + return err 294 + } 295 + 296 + // WalkBlobs paginates ListObjectsV2 under prefix and calls fn for each object. 297 + // Keys passed to fn have the PathPrefix stripped (same format as BlobPath output). 298 + func (s *S3Service) WalkBlobs(ctx context.Context, prefix string, fn func(key string, size int64) error) error { 299 + s3Prefix := s.s3Key(prefix) 300 + if !strings.HasSuffix(s3Prefix, "/") { 301 + s3Prefix += "/" 302 + } 303 + 304 + var continuationToken *string 305 + for { 306 + out, err := s.Client.ListObjectsV2(ctx, &awss3.ListObjectsV2Input{ 307 + Bucket: &s.Bucket, 308 + Prefix: &s3Prefix, 309 + ContinuationToken: continuationToken, 310 + }) 311 + if err != nil { 312 + return fmt.Errorf("list objects under %s: %w", prefix, err) 313 + } 314 + 315 + for _, obj := range out.Contents { 316 + if obj.Key == nil { 317 + continue 318 + } 319 + // Strip PathPrefix to get the logical path 320 + key := *obj.Key 321 + if s.PathPrefix != "" { 322 + key = strings.TrimPrefix(key, s.PathPrefix+"/") 323 + } 324 + // Restore leading / for consistency with BlobPath 325 + key = "/" + key 326 + 327 + var size int64 328 + if obj.Size != nil { 329 + size = *obj.Size 330 + } 331 + if err := fn(key, size); err != nil { 332 + return err 333 + } 334 + } 335 + 336 + if out.IsTruncated == nil || !*out.IsTruncated { 337 + break 338 + } 339 + continuationToken = out.NextContinuationToken 340 + } 341 + return nil 342 + } 343 + 344 + // ListPrefix returns immediate children (common prefixes) under blobPath using Delimiter="/". 345 + func (s *S3Service) ListPrefix(ctx context.Context, blobPath string) ([]string, error) { 346 + s3Prefix := s.s3Key(blobPath) 347 + if !strings.HasSuffix(s3Prefix, "/") { 348 + s3Prefix += "/" 349 + } 350 + delimiter := "/" 351 + 352 + var results []string 353 + var continuationToken *string 354 + for { 355 + out, err := s.Client.ListObjectsV2(ctx, &awss3.ListObjectsV2Input{ 356 + Bucket: &s.Bucket, 357 + Prefix: &s3Prefix, 358 + Delimiter: &delimiter, 359 + ContinuationToken: continuationToken, 360 + }) 361 + if err != nil { 362 + return nil, fmt.Errorf("list prefix %s: %w", blobPath, err) 363 + } 364 + 365 + for _, cp := range out.CommonPrefixes { 366 + if cp.Prefix == nil { 367 + continue 368 + } 369 + // Strip the PathPrefix and reconstruct logical path 370 + p := *cp.Prefix 371 + if s.PathPrefix != "" { 372 + p = strings.TrimPrefix(p, s.PathPrefix+"/") 373 + } 374 + p = "/" + strings.TrimSuffix(p, "/") 375 + results = append(results, p) 376 + } 377 + 378 + if out.IsTruncated == nil || !*out.IsTruncated { 379 + break 380 + } 381 + continuationToken = out.NextContinuationToken 382 + } 383 + 384 + return results, nil 385 + } 386 + 387 + // applyPullZone replaces the host in a presigned URL with the pull zone host. 388 + // The signature is computed against the real S3 endpoint so that the origin 389 + // can validate it; the CDN just proxies the request transparently. 390 + func (r *RealS3Client) applyPullZone(presignedURL string) string { 391 + if r.pullZone == "" { 392 + return presignedURL 393 + } 394 + parsed, err := url.Parse(presignedURL) 395 + if err != nil { 396 + return presignedURL 397 + } 398 + pz, err := url.Parse(r.pullZone) 399 + if err != nil { 400 + return presignedURL 401 + } 402 + parsed.Scheme = pz.Scheme 403 + parsed.Host = pz.Host 404 + return parsed.String() 194 405 } 195 406 196 407 // BlobPath converts a digest (e.g., "sha256:abc123...") or temp path to a storage path