{"version":3,"sources":["/home/runner/work/flags/flags/packages/flags/dist/chunk-ZFCSUOES.cjs","../package.json","../src/lib/crypto.ts","../src/lib/merge-provider-data.ts","../src/lib/report-value.ts","../src/lib/tracing.ts","../src/lib/verify-access.ts","../src/spec-extension/adapters/reflect.ts","../src/spec-extension/adapters/headers.ts","../src/spec-extension/adapters/request-cookies.ts"],"names":["name","value","verifyAccess"],"mappings":"AAAA;ACCE,IAAA,KAAA,EAAQ,OAAA;AACR,IAAA,QAAA,EAAW,OAAA;ADCb;AACA;AEGA,4BAAkD;AAkBlD,IAAM,WAAA,EAAa,CAAC,GAAA,EAAc,eAAA,EAAA,GAA2C;AAC3E,EAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,GAAG,EAAA,EACpB,GAAA,CAAI,QAAA,CAAS,eAAe,EAAA,EAC5B,IAAA,IAAQ,eAAA;AACd,CAAA;AAWA,MAAA,SAAe,UAAA,CACb,OAAA,EACA,MAAA,EACA,cAAA,EACiB;AACjB,EAAA,MAAM,cAAA,EAAgB,eAAA,CAAU,MAAA,CAAO,MAAM,CAAA;AAE7C,EAAA,GAAA,CAAI,aAAA,CAAc,OAAA,IAAW,EAAA,EAAI;AAC/B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,IACF,CAAA;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,qBAAA,CAAW,OAAkC,CAAA,CACrD,iBAAA,CAAkB,cAAc,CAAA,CAChC,kBAAA,CAAmB,EAAE,GAAA,EAAK,KAAA,EAAO,GAAA,EAAK,UAAU,CAAC,CAAA,CACjD,OAAA,CAAQ,aAAa,CAAA;AAC1B;AAWA,MAAA,SAAe,UAAA,CACb,IAAA,EACA,MAAA,EACA,MAAA,EACwB;AACxB,EAAA,GAAA,CAAI,OAAO,KAAA,IAAS,QAAA,EAAU,MAAA;AAE9B,EAAA,MAAM,cAAA,EAAgB,eAAA,CAAU,MAAA,CAAO,MAAM,CAAA;AAE7C,EAAA,GAAA,CAAI,aAAA,CAAc,OAAA,IAAW,EAAA,EAAI;AAC/B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,IACF,CAAA;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,QAAQ,EAAA,EAAI,MAAM,8BAAA,IAAW,EAAM,aAAa,CAAA;AACxD,IAAA,MAAM,QAAA,EAAU,OAAA;AAChB,IAAA,OAAO,MAAA,CAAO,OAAO,EAAA,EAAI,QAAA,EAAU,KAAA,CAAA;AAAA,EACrC,EAAA,UAAQ;AACN,IAAA,OAAO,KAAA,CAAA;AAAA,EACT;AACF;AAWA,MAAA,SAAsB,gBAAA,CACpB,SAAA,EACA,OAAA,kBAA6B,OAAA,2BAAS,GAAA,6BAAK,cAAA,EAC3C,eAAA,EAAiC,IAAA,EACjC;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,OAAO,UAAA,CAAW,EAAE,CAAA,EAAG,SAAA,EAAW,GAAA,EAAK,YAAY,CAAA,EAAG,MAAA,EAAQ,cAAc,CAAA;AAC9E;AAUA,MAAA,SAAsB,gBAAA,CACpB,aAAA,EACA,OAAA,kBAA6B,OAAA,6BAAS,GAAA,6BAAK,cAAA,EACH;AACxC,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,MAAM,SAAA,EAAW,MAAM,UAAA;AAAA,IAIrB,aAAA;AAAA,IACA,CAAC,IAAA,EAAA,GAAS,UAAA,CAAW,IAAA,CAAK,GAAA,EAAK,WAAW,EAAA,GAAK,MAAA,CAAO,MAAA,CAAO,IAAA,EAAM,GAAG,CAAA;AAAA,IACtE;AAAA,EACF,CAAA;AACA,EAAA,uBAAO,QAAA,6BAAU,GAAA;AACnB;AAWA,MAAA,SAAsB,iBAAA,CACpB,UAAA,EACA,OAAA,kBAA6B,OAAA,6BAAS,GAAA,6BAAK,cAAA,EAC3C,eAAA,EAAiC,IAAA,EACjC;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,OAAO,UAAA,CAAW,EAAE,CAAA,EAAG,UAAA,EAAY,GAAA,EAAK,SAAS,CAAA,EAAG,MAAA,EAAQ,cAAc,CAAA;AAC5E;AAUA,MAAA,SAAsB,iBAAA,CACpB,aAAA,EACA,OAAA,kBAA6B,OAAA,6BAAS,GAAA,6BAAK,cAAA,EACN;AACrC,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,MAAM,SAAA,EAAW,MAAM,UAAA;AAAA,IAIrB,aAAA;AAAA,IACA,CAAC,IAAA,EAAA,GAAS,UAAA,CAAW,IAAA,CAAK,GAAA,EAAK,QAAQ,EAAA,GAAK,MAAA,CAAO,MAAA,CAAO,IAAA,EAAM,GAAG,CAAA;AAAA,IACnE;AAAA,EACF,CAAA;AACA,EAAA,uBAAO,QAAA,+BAAU,GAAA;AACnB;AAWA,MAAA,SAAsB,sBAAA,CACpB,eAAA,EACA,OAAA,kBAA6B,OAAA,+BAAS,GAAA,+BAAK,cAAA,EAC3C,eAAA,EAAiC,IAAA,EACjC;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,OAAO,UAAA;AAAA,IACL,EAAE,CAAA,EAAG,eAAA,EAAiB,GAAA,EAAK,cAAc,CAAA;AAAA,IACzC,MAAA;AAAA,IACA;AAAA,EACF,CAAA;AACF;AAUA,MAAA,SAAsB,sBAAA,CACpB,aAAA,EACA,OAAA,kBAA6B,OAAA,+BAAS,GAAA,+BAAK,cAAA,EACD;AAC1C,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,MAAM,SAAA,EAAW,MAAM,UAAA;AAAA,IAIrB,aAAA;AAAA,IACA,CAAC,IAAA,EAAA,GAAS,IAAA,CAAK,IAAA,IAAQ,cAAA,GAAiB,MAAA,CAAO,MAAA,CAAO,IAAA,EAAM,GAAG,CAAA;AAAA,IAC/D;AAAA,EACF,CAAA;AACA,EAAA,uBAAO,QAAA,+BAAU,GAAA;AACnB;AAUA,MAAA,SAAsB,iBAAA,CACpB,OAAA,kBAA6B,OAAA,+BAAS,GAAA,+BAAK,cAAA,EAC3C,eAAA,EAAiC,IAAA,EACjC;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,OAAO,UAAA,CAAW,EAAE,GAAA,EAAK,QAAQ,CAAA,EAAG,MAAA,EAAQ,cAAc,CAAA;AAC5D;AAUA,MAAA,SAAsB,iBAAA,CACpB,aAAA,EACA,OAAA,kBAA6B,OAAA,+BAAS,GAAA,+BAAK,cAAA,EAC3C;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,6BAA6B,CAAA;AAC1D,EAAA,MAAM,SAAA,EAAW,MAAM,UAAA,CAEpB,aAAA,EAAe,CAAC,IAAA,EAAA,GAAS,UAAA,CAAW,IAAA,CAAK,GAAA,EAAK,OAAO,CAAA,EAAG,MAAM,CAAA;AAEjE,EAAA,OAAO,OAAA,CAAQ,QAAQ,CAAA;AACzB;AF1KA;AACA;AGrFA,MAAA,SAAsB,iBAAA,CACpB,aAAA,EACuB;AACvB,EAAA,MAAM,MAAA,EAAQ,MAAM,OAAA,CAAQ,GAAA;AAAA,IAC1B,aAAA,CAAc,GAAA,CAAI,CAAC,CAAA,EAAA,GAAM,OAAA,CAAQ,OAAA,CAAQ,CAAC,CAAA,CAAE,KAAA,CAAM,CAAA,EAAA,GAAM,IAAI,CAAC;AAAA,EAC/D,CAAA;AAEA,EAAA,OAAO,KAAA,CACJ,MAAA,CAAO,CAAC,IAAA,EAAA,GAA+B,OAAA,CAAQ,IAAI,CAAC,CAAA,CACpD,MAAA;AAAA,IACC,CAAC,GAAA,EAAK,IAAA,EAAA,GAAS;AACb,MAAA,MAAA,CAAO,OAAA,CAAQ,IAAA,CAAK,WAAW,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,GAAA,EAAK,UAAU,CAAA,EAAA,GAAM;AAC9D,QAAA,GAAA,CAAI,CAAC,GAAA,CAAI,WAAA,CAAY,GAAG,CAAA,EAAG,GAAA,CAAI,WAAA,CAAY,GAAG,EAAA,EAAI,CAAC,CAAA;AACnD,QAAA,MAAA,CAAO,MAAA,CAAO,GAAA,CAAI,WAAA,CAAY,GAAG,CAAA,EAAG,UAAU,CAAA;AAAA,MAChD,CAAC,CAAA;AAED,MAAA,GAAA,CAAI,KAAA,CAAM,OAAA,CAAQ,IAAA,CAAK,KAAK,CAAA,EAAG,GAAA,CAAI,KAAA,CAAM,IAAA,CAAK,GAAG,IAAA,CAAK,KAAK,CAAA;AAE3D,MAAA,OAAO,GAAA;AAAA,IACT,CAAA;AAAA,IACA,EAAE,WAAA,EAAa,CAAC,CAAA,EAAG,KAAA,EAAO,CAAC,EAAE;AAAA,EAC/B,CAAA;AACJ;AHgFA;AACA;AIrFO,SAAS,WAAA,CAAY,GAAA,EAAa,KAAA,EAAgB;AACvD,EAAA,MAAM,OAAA,kBAAS,MAAA,CAAO,GAAA,CAAI,yBAAyB,CAAA;AACnD,EAAA,MAAM,IAAA,kBAAM,OAAA,uBAAQ,GAAA,qBAAI,UAAA,EAAY,MAAM,CAAA,+BAAG,GAAA,qBAAI,GAAA;AACjD,EAAA,MAAM,gBAAA,kBAAkB,GAAA,+BAAK,KAAA,+BAAO,aAAA;AACpC,EAAA,GAAA,CAAI,OAAO,gBAAA,IAAoB,UAAA,EAAY,MAAA;AAC3C,EAAA,eAAA,CAAgB,IAAA,CAAK,GAAA,CAAI,KAAA,EAAO,GAAA,EAAK,KAAA,EAAO;AAAA,IAC1C,UAAA,EAAY;AAAA,EACd,CAAC,CAAA;AACH;AAKO,SAAS,mBAAA,CACd,GAAA,EACA,KAAA,EACA,IAAA,EAKA;AACA,EAAA,MAAM,OAAA,kBAAS,MAAA,CAAO,GAAA,CAAI,yBAAyB,CAAA;AACnD,EAAA,MAAM,IAAA,kBAAM,OAAA,uBAAQ,GAAA,qBAAI,UAAA,EAAY,MAAM,CAAA,+BAAG,GAAA,qBAAI,GAAA;AACjD,EAAA,MAAM,gBAAA,kBAAkB,GAAA,+BAAK,KAAA,+BAAO,aAAA;AACpC,EAAA,GAAA,CAAI,OAAO,gBAAA,IAAoB,UAAA,EAAY,MAAA;AAC3C,EAAA,eAAA,CAAgB,IAAA,CAAK,GAAA,CAAI,KAAA,EAAO,GAAA,EAAK,KAAA,EAAO;AAAA,IAC1C,UAAA,EAAY,OAAA;AAAA,IACZ,GAAG;AAAA,EACL,CAAC,CAAA;AACH;AJ2EA;AACA;AKxHA,0CAAkC;AAKlC,IAAM,uBAAA,kBAAyB,MAAA,CAAO,GAAA,CAAI,oBAAoB,CAAA;AAMvD,SAAS,iBAAA,CAAkB,MAAA,EAA8B;AAC9D,EAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,sBAAA,EAAwB,MAAM,CAAA;AACxD;AAEA,SAAS,SAAA,CAAA,EAAgC;AACvC,EAAA,MAAM,cAAA,EAAgB,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,sBAAsB,CAAA;AAGpE,EAAA,uBAAO,aAAA,+BAAe,SAAA,qBAAU,IAAA,EAAS,OAAO,GAAA;AAClD;AAEA,SAAS,SAAA,CAAa,CAAA,EAA6B;AACjD,EAAA,OACE,EAAA,IAAM,KAAA,GACN,OAAO,EAAA,IAAM,SAAA,GACb,OAAA,GAAU,EAAA,GACV,OAAO,CAAA,CAAE,KAAA,IAAS,UAAA;AAEtB;AAEA,IAAM,YAAA,EAAc,IAAI,mCAAA,CAA+C,CAAA;AAEhE,SAAS,gBAAA,CAAiBA,KAAAA,EAAc,KAAA,EAAuB;AACpE,kBAAA,WAAA,uBAAY,QAAA,qBAAS,CAAA,+BAAG,GAAA,qBAAIA,KAAAA,EAAM,KAAK,GAAA;AACzC;AAEO,SAAS,KAAA,CACd,EAAA,EACA,QAAA,EASI;AAAA,EACF,IAAA,EAAM,EAAA,CAAG;AACX,CAAA,EACG;AACH,EAAA,MAAM,OAAA,EAAS,QAAA,CAAA,GAA4B,IAAA,EAA0B;AACnE,IAAA,MAAM,OAAA,EAAS,SAAA,CAAU,CAAA;AACzB,IAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,OAAO,EAAA,CAAG,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAEvC,IAAA,MAAM,YAAA,EACJ,OAAA,CAAQ,GAAA,CAAI,2BAAA,IAA+B,OAAA,GAC3C,OAAA,CAAQ,eAAA,IAAmB,KAAA;AAC7B,IAAA,GAAA,CAAI,CAAC,WAAA,EAAa,OAAO,EAAA,CAAG,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAE5C,IAAA,OAAO,WAAA,CAAY,GAAA;AAAA,sBAAI,IAAI,GAAA,CAAI,CAAA;AAAA,MAAG,CAAA,EAAA,GAChC,MAAA,CAAO,eAAA,CAAgB,OAAA,CAAQ,IAAA,EAAM,CAAC,IAAA,EAAA,GAAS;AAC7C,QAAA,GAAA,CAAI,OAAA,CAAQ,UAAA,EAAY,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,UAAU,CAAA;AAE7D,QAAA,IAAI;AACF,UAAA,MAAM,OAAA,EAAS,EAAA,CAAG,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAElC,UAAA,GAAA,CAAI,SAAA,CAAU,MAAM,CAAA,EAAG;AACrB,YAAA,MAAA,CACG,IAAA,CAAK,CAAC,KAAA,EAAA,GAAU;AACf,cAAA,GAAA,CAAI,OAAA,CAAQ,iBAAA,EAAmB;AAC7B,gBAAA,IAAA,CAAK,aAAA;AAAA,kBACH,OAAA,CAAQ,iBAAA;AAAA,oBACN;AAAA,kBAGF;AAAA,gBACF,CAAA;AAAA,cACF;AAEA,8BAAA,WAAA,uBAAY,QAAA,qBAAS,CAAA,+BAAG,OAAA,qBAAQ,CAACC,MAAAA,EAAO,GAAA,EAAA,GAAQ;AAC9C,gBAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAKA,MAAK,CAAA;AAAA,cAC9B,CAAC,GAAA;AAED,cAAA,IAAA,CAAK,SAAA,CAAU,EAAE,IAAA,EAAM,EAAE,CAAC,CAAA;AAC1B,cAAA,IAAA,CAAK,GAAA,CAAI,CAAA;AAAA,YACX,CAAC,CAAA,CACA,KAAA,CAAM,CAAC,KAAA,EAAA,GAAU;AAChB,cAAA,GAAA,CAAI,OAAA,CAAQ,eAAA,EAAiB;AAC3B,gBAAA,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,eAAA,CAAgB,KAAK,CAAC,CAAA;AAAA,cACnD;AAEA,cAAA,IAAA,CAAK,SAAA,CAAU;AAAA,gBACb,IAAA,EAAM,CAAA;AAAA;AAAA,gBACN,OAAA,EAAS,MAAA,WAAiB,MAAA,EAAQ,KAAA,CAAM,QAAA,EAAU,KAAA;AAAA,cACpD,CAAC,CAAA;AAED,8BAAA,WAAA,uBAAY,QAAA,qBAAS,CAAA,+BAAG,OAAA,qBAAQ,CAAC,KAAA,EAAO,GAAA,EAAA,GAAQ;AAC9C,gBAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,KAAK,CAAA;AAAA,cAC9B,CAAC,GAAA;AAED,cAAA,IAAA,CAAK,GAAA,CAAI,CAAA;AAAA,YACX,CAAC,CAAA;AAAA,UACL,EAAA,KAAO;AACL,YAAA,GAAA,CAAI,OAAA,CAAQ,iBAAA,EAAmB;AAC7B,cAAA,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,iBAAA,CAAkB,MAAM,CAAC,CAAA;AAAA,YACtD;AAEA,4BAAA,WAAA,uBAAY,QAAA,qBAAS,CAAA,+BAAG,OAAA,qBAAQ,CAAC,KAAA,EAAO,GAAA,EAAA,GAAQ;AAC9C,cAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,KAAK,CAAA;AAAA,YAC9B,CAAC,GAAA;AAED,YAAA,IAAA,CAAK,SAAA,CAAU,EAAE,IAAA,EAAM,EAAE,CAAC,CAAA;AAC1B,YAAA,IAAA,CAAK,GAAA,CAAI,CAAA;AAAA,UACX;AAEA,UAAA,OAAO,MAAA;AAAA,QACT,EAAA,MAAA,CAAS,KAAA,EAAY;AACnB,UAAA,GAAA,CAAI,OAAA,CAAQ,eAAA,EAAiB;AAC3B,YAAA,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,eAAA,CAAgB,KAAc,CAAC,CAAA;AAAA,UAC5D;AAEA,UAAA,IAAA,CAAK,SAAA,CAAU;AAAA,YACb,IAAA,EAAM,CAAA;AAAA;AAAA,YACN,OAAA,EAAS,MAAA,WAAiB,MAAA,EAAQ,KAAA,CAAM,QAAA,EAAU,KAAA;AAAA,UACpD,CAAC,CAAA;AAED,0BAAA,WAAA,uBAAY,QAAA,qBAAS,CAAA,+BAAG,OAAA,qBAAQ,CAAC,KAAA,EAAO,GAAA,EAAA,GAAQ;AAC9C,YAAA,IAAA,CAAK,YAAA,CAAa,GAAA,EAAK,KAAK,CAAA;AAAA,UAC9B,CAAC,GAAA;AAED,UAAA,IAAA,CAAK,GAAA,CAAI,CAAA;AAET,UAAA,MAAM,KAAA;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IACH,CAAA;AAAA,EACF,CAAA;AAEA,EAAA,OAAO,MAAA;AACT;ALqEA;AACA;AMlMO,IAAM,aAAA,EAAe,KAAA;AAAA,EAC1B,MAAA,SAAeC,aAAAA,CAIb,UAAA,EACA,OAAA,kBAA6B,OAAA,+BAAS,GAAA,+BAAK,cAAA,EAC3C;AACA,IAAA,GAAA,CAAI,CAAC,UAAA,EAAY,OAAO,KAAA;AACxB,IAAA,GAAA,CAAI,CAAC,MAAA;AACH,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,MACF,CAAA;AAEF,IAAA,MAAM,MAAA,EAAQ,MAAM,iBAAA;AAAA,MAClB,UAAA,CAAW,OAAA,CAAQ,WAAA,EAAa,EAAE,CAAA;AAAA,MAClC;AAAA,IACF,CAAA;AAEA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA;AAAA,EACA;AAAA,IACE,cAAA,EAAgB,KAAA;AAAA,IAChB,IAAA,EAAM;AAAA,EACR;AACF,CAAA;AN4LA;AACA;AO1OO,IAAM,eAAA,EAAN,MAAqB;AAAA,EAC1B,OAAO,GAAA,CACL,MAAA,EACA,IAAA,EACA,QAAA,EACK;AACL,IAAA,MAAM,MAAA,EAAQ,OAAA,CAAQ,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAQ,CAAA;AAChD,IAAA,GAAA,CAAI,OAAO,MAAA,IAAU,UAAA,EAAY;AAC/B,MAAA,OAAO,KAAA,CAAM,IAAA,CAAK,MAAM,CAAA;AAAA,IAC1B;AAEA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA,EAEA,OAAO,GAAA,CACL,MAAA,EACA,IAAA,EACA,KAAA,EACA,QAAA,EACS;AACT,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,QAAQ,CAAA;AAAA,EAClD;AAAA,EAEA,OAAO,GAAA,CAAsB,MAAA,EAAW,IAAA,EAAgC;AACtE,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,MAAA,EAAQ,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,cAAA,CACL,MAAA,EACA,IAAA,EACS;AACT,IAAA,OAAO,OAAA,CAAQ,cAAA,CAAe,MAAA,EAAQ,IAAI,CAAA;AAAA,EAC5C;AACF,CAAA;AP4NA;AACA;AQxPA,IAAM,qBAAA,EAAN,MAAM,sBAAA,QAA6B,MAAM;AAAA,EACvC,WAAA,CAAA,EAAc;AACZ,IAAA,KAAA;AAAA,MACE;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,OAAc,QAAA,CAAA,EAAW;AACvB,IAAA,MAAM,IAAI,qBAAA,CAAqB,CAAA;AAAA,EACjC;AACF,CAAA;AAUO,IAAM,eAAA,EAAN,MAAM,gBAAA,QAAuB,QAAQ;AAAA,EAG1C,WAAA,CAAY,OAAA,EAA8B;AAGxC,IAAA,KAAA,CAAM,CAAA;AAEN,IAAA,IAAA,CAAK,QAAA,EAAU,IAAI,KAAA,CAAM,OAAA,EAAS;AAAA,MAChC,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAA,EAAU;AAI1B,QAAA,GAAA,CAAI,OAAO,KAAA,IAAS,QAAA,EAAU;AAC5B,UAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAQ,CAAA;AAAA,QAClD;AAEA,QAAA,MAAM,WAAA,EAAa,IAAA,CAAK,WAAA,CAAY,CAAA;AAKpC,QAAA,MAAM,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,UACpC,CAAC,CAAA,EAAA,GAAM,CAAA,CAAE,WAAA,CAAY,EAAA,IAAM;AAAA,QAC7B,CAAA;AAGA,QAAA,GAAA,CAAI,OAAO,SAAA,IAAa,WAAA,EAAa,MAAA;AAGrC,QAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,QAAA,EAAU,QAAQ,CAAA;AAAA,MACtD,CAAA;AAAA,MACA,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,QAAA,EAAU;AACjC,QAAA,GAAA,CAAI,OAAO,KAAA,IAAS,QAAA,EAAU;AAC5B,UAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,QAAQ,CAAA;AAAA,QACzD;AAEA,QAAA,MAAM,WAAA,EAAa,IAAA,CAAK,WAAA,CAAY,CAAA;AAKpC,QAAA,MAAM,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,UACpC,CAAC,CAAA,EAAA,GAAM,CAAA,CAAE,WAAA,CAAY,EAAA,IAAM;AAAA,QAC7B,CAAA;AAGA,QAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,mBAAQ,QAAA,UAAY,MAAA,EAAM,KAAA,EAAO,QAAQ,CAAA;AAAA,MACrE,CAAA;AAAA,MACA,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM;AAChB,QAAA,GAAA,CAAI,OAAO,KAAA,IAAS,QAAA,EAAU,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,IAAI,CAAA;AAEpE,QAAA,MAAM,WAAA,EAAa,IAAA,CAAK,WAAA,CAAY,CAAA;AAKpC,QAAA,MAAM,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,UACpC,CAAC,CAAA,EAAA,GAAM,CAAA,CAAE,WAAA,CAAY,EAAA,IAAM;AAAA,QAC7B,CAAA;AAGA,QAAA,GAAA,CAAI,OAAO,SAAA,IAAa,WAAA,EAAa,OAAO,KAAA;AAG5C,QAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC5C,CAAA;AAAA,MACA,cAAA,CAAe,MAAA,EAAQ,IAAA,EAAM;AAC3B,QAAA,GAAA,CAAI,OAAO,KAAA,IAAS,QAAA;AAClB,UAAA,OAAO,cAAA,CAAe,cAAA,CAAe,MAAA,EAAQ,IAAI,CAAA;AAEnD,QAAA,MAAM,WAAA,EAAa,IAAA,CAAK,WAAA,CAAY,CAAA;AAKpC,QAAA,MAAM,SAAA,EAAW,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA;AAAA,UACpC,CAAC,CAAA,EAAA,GAAM,CAAA,CAAE,WAAA,CAAY,EAAA,IAAM;AAAA,QAC7B,CAAA;AAGA,QAAA,GAAA,CAAI,OAAO,SAAA,IAAa,WAAA,EAAa,OAAO,IAAA;AAG5C,QAAA,OAAO,cAAA,CAAe,cAAA,CAAe,MAAA,EAAQ,QAAQ,CAAA;AAAA,MACvD;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAc,IAAA,CAAK,OAAA,EAAmC;AACpD,IAAA,OAAO,IAAI,KAAA,CAAuB,OAAA,EAAS;AAAA,MACzC,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAA,EAAU;AAC1B,QAAA,OAAA,CAAQ,IAAA,EAAM;AAAA,UACZ,KAAK,QAAA;AAAA,UACL,KAAK,QAAA;AAAA,UACL,KAAK,KAAA;AACH,YAAA,OAAO,oBAAA,CAAqB,QAAA;AAAA,UAC9B,OAAA;AACE,YAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAQ,CAAA;AAAA,QACpD;AAAA,MACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASQ,KAAA,CAAM,KAAA,EAAkC;AAC9C,IAAA,GAAA,CAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG,OAAO,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA;AAEhD,IAAA,OAAO,KAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAc,IAAA,CAAK,OAAA,EAAiD;AAClE,IAAA,GAAA,CAAI,QAAA,WAAmB,OAAA,EAAS,OAAO,OAAA;AAEvC,IAAA,OAAO,IAAI,eAAA,CAAe,OAAO,CAAA;AAAA,EACnC;AAAA,EAEO,MAAA,CAAOF,KAAAA,EAAc,KAAA,EAAqB;AAC/C,IAAA,MAAM,SAAA,EAAW,IAAA,CAAK,OAAA,CAAQA,KAAI,CAAA;AAClC,IAAA,GAAA,CAAI,OAAO,SAAA,IAAa,QAAA,EAAU;AAChC,MAAA,IAAA,CAAK,OAAA,CAAQA,KAAI,EAAA,EAAI,CAAC,QAAA,EAAU,KAAK,CAAA;AAAA,IACvC,EAAA,KAAA,GAAA,CAAW,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAClC,MAAA,QAAA,CAAS,IAAA,CAAK,KAAK,CAAA;AAAA,IACrB,EAAA,KAAO;AACL,MAAA,IAAA,CAAK,OAAA,CAAQA,KAAI,EAAA,EAAI,KAAA;AAAA,IACvB;AAAA,EACF;AAAA,EAEO,MAAA,CAAOA,KAAAA,EAAoB;AAChC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQA,KAAI,CAAA;AAAA,EAC1B;AAAA,EAEO,GAAA,CAAIA,KAAAA,EAA6B;AACtC,IAAA,MAAM,MAAA,EAAQ,IAAA,CAAK,OAAA,CAAQA,KAAI,CAAA;AAC/B,IAAA,GAAA,CAAI,OAAO,MAAA,IAAU,WAAA,EAAa,OAAO,IAAA,CAAK,KAAA,CAAM,KAAK,CAAA;AAEzD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEO,GAAA,CAAIA,KAAAA,EAAuB;AAChC,IAAA,OAAO,OAAO,IAAA,CAAK,OAAA,CAAQA,KAAI,EAAA,IAAM,WAAA;AAAA,EACvC;AAAA,EAEO,GAAA,CAAIA,KAAAA,EAAc,KAAA,EAAqB;AAC5C,IAAA,IAAA,CAAK,OAAA,CAAQA,KAAI,EAAA,EAAI,KAAA;AAAA,EACvB;AAAA,EAEO,OAAA,CACL,UAAA,EACA,OAAA,EACM;AACN,IAAA,IAAA,CAAA,MAAW,CAACA,KAAAA,EAAM,KAAK,EAAA,GAAK,IAAA,CAAK,OAAA,CAAQ,CAAA,EAAG;AAC1C,MAAA,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,KAAA,EAAOA,KAAAA,EAAM,IAAI,CAAA;AAAA,IAC5C;AAAA,EACF;AAAA,EAEA,CAAQ,OAAA,CAAA,EAA6C;AACnD,IAAA,IAAA,CAAA,MAAW,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,OAAO,CAAA,EAAG;AAC3C,MAAA,MAAMA,MAAAA,EAAO,GAAA,CAAI,WAAA,CAAY,CAAA;AAG7B,MAAA,MAAM,MAAA,EAAQ,IAAA,CAAK,GAAA,CAAIA,KAAI,CAAA;AAE3B,MAAA,MAAM,CAACA,KAAAA,EAAM,KAAK,CAAA;AAAA,IACpB;AAAA,EACF;AAAA,EAEA,CAAQ,IAAA,CAAA,EAAgC;AACtC,IAAA,IAAA,CAAA,MAAW,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,OAAO,CAAA,EAAG;AAC3C,MAAA,MAAMA,MAAAA,EAAO,GAAA,CAAI,WAAA,CAAY,CAAA;AAC7B,MAAA,MAAMA,KAAAA;AAAA,IACR;AAAA,EACF;AAAA,EAEA,CAAQ,MAAA,CAAA,EAAkC;AACxC,IAAA,IAAA,CAAA,MAAW,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,OAAO,CAAA,EAAG;AAG3C,MAAA,MAAM,MAAA,EAAQ,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAE1B,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF;AAAA,EAEA,CAAQ,MAAA,CAAO,QAAQ,CAAA,CAAA,EAAuC;AAC5D,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,CAAA;AAAA,EACtB;AACF,CAAA;AR6KA;AACA;AS9YO,IAAM,4BAAA,EAAN,MAAM,6BAAA,QAAoC,MAAM;AAAA,EACrD,WAAA,CAAA,EAAc;AACZ,IAAA,KAAA;AAAA,MACE;AAAA,IACF,CAAA;AAAA,EACF;AAAA,EAEA,OAAc,QAAA,CAAA,EAAW;AACvB,IAAA,MAAM,IAAI,4BAAA,CAA4B,CAAA;AAAA,EACxC;AACF,CAAA;AAeO,IAAM,sBAAA,EAAN,MAA4B;AAAA,EACjC,OAAc,IAAA,CAAK,OAAA,EAAiD;AAClE,IAAA,OAAO,IAAI,KAAA,CAAM,OAAA,EAAgB;AAAA,MAC/B,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAA,EAAU;AAC1B,QAAA,OAAA,CAAQ,IAAA,EAAM;AAAA,UACZ,KAAK,OAAA;AAAA,UACL,KAAK,QAAA;AAAA,UACL,KAAK,KAAA;AACH,YAAA,OAAO,2BAAA,CAA4B,QAAA;AAAA,UACrC,OAAA;AACE,YAAA,OAAO,cAAA,CAAe,GAAA,CAAI,MAAA,EAAQ,IAAA,EAAM,QAAQ,CAAA;AAAA,QACpD;AAAA,MACF;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AACF,CAAA;ATiYA;AACA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,+xBAAC","file":"/home/runner/work/flags/flags/packages/flags/dist/chunk-ZFCSUOES.cjs","sourcesContent":[null,"{\n  \"name\": \"flags\",\n  \"version\": \"4.0.5\",\n  \"description\": \"Flags SDK by Vercel - The feature flags toolkit for Next.js and SvelteKit\",\n  \"keywords\": [\n    \"feature flags\",\n    \"Next.js\",\n    \"react\",\n    \"toolbar\",\n    \"overrides\",\n    \"SvelteKit\"\n  ],\n  \"homepage\": \"https://flags-sdk.dev\",\n  \"bugs\": {\n    \"url\": \"https://github.com/vercel/flags/issues\"\n  },\n  \"repository\": {\n    \"type\": \"git\",\n    \"url\": \"git+https://github.com/vercel/flags.git\"\n  },\n  \"license\": \"MIT\",\n  \"sideEffects\": false,\n  \"type\": \"module\",\n  \"exports\": {\n    \".\": {\n      \"import\": \"./dist/index.js\",\n      \"require\": \"./dist/index.cjs\"\n    },\n    \"./next\": {\n      \"import\": \"./dist/next.js\",\n      \"require\": \"./dist/next.cjs\"\n    },\n    \"./analytics\": {\n      \"import\": \"./dist/analytics.js\",\n      \"require\": \"./dist/analytics.cjs\"\n    },\n    \"./react\": {\n      \"import\": \"./dist/react.js\",\n      \"require\": \"./dist/react.cjs\"\n    },\n    \"./sveltekit\": {\n      \"svelte\": \"./dist/sveltekit.js\",\n      \"import\": \"./dist/sveltekit.js\",\n      \"require\": \"./dist/sveltekit.cjs\"\n    }\n  },\n  \"typesVersions\": {\n    \"*\": {\n      \"*\": [\n        \"dist/*.d.ts\",\n        \"dist/*.d.cts\"\n      ],\n      \"next\": [\n        \"dist/next.d.ts\",\n        \"dist/next.d.cts\"\n      ],\n      \"react\": [\n        \"dist/react.d.ts\",\n        \"dist/react.d.cts\"\n      ],\n      \"sveltekit\": [\n        \"dist/sveltekit.d.ts\",\n        \"dist/sveltekit.d.cts\"\n      ]\n    }\n  },\n  \"files\": [\n    \"dist\",\n    \"CHANGELOG.md\"\n  ],\n  \"scripts\": {\n    \"attw\": \"attw --pack .\",\n    \"build\": \"tsup\",\n    \"dev\": \"tsup --watch --clean=false\",\n    \"check\": \"biome check\",\n    \"test\": \"vitest --run\",\n    \"test:watch\": \"vitest\",\n    \"type-check\": \"tsc --noEmit\"\n  },\n  \"dependencies\": {\n    \"@edge-runtime/cookies\": \"^5.0.2\",\n    \"jose\": \"^5.10.0\"\n  },\n  \"devDependencies\": {\n    \"@arethetypeswrong/cli\": \"0.18.2\",\n    \"@types/node\": \"20.11.17\",\n    \"@types/react\": \"catalog:\",\n    \"@types/react-dom\": \"catalog:\",\n    \"@vitejs/plugin-react\": \"4.2.1\",\n    \"msw\": \"2.6.4\",\n    \"tsup\": \"8.5.1\",\n    \"typescript\": \"5.6.3\",\n    \"vite\": \"5.4.21\",\n    \"vitest\": \"1.6.1\"\n  },\n  \"peerDependencies\": {\n    \"@opentelemetry/api\": \"^1.7.0\",\n    \"@sveltejs/kit\": \"*\",\n    \"next\": \"*\",\n    \"react\": \"*\",\n    \"react-dom\": \"*\"\n  },\n  \"peerDependenciesMeta\": {\n    \"@opentelemetry/api\": {\n      \"optional\": true\n    },\n    \"@sveltejs/kit\": {\n      \"optional\": true\n    },\n    \"next\": {\n      \"optional\": true\n    },\n    \"react\": {\n      \"optional\": true\n    },\n    \"react-dom\": {\n      \"optional\": true\n    }\n  },\n  \"publishConfig\": {\n    \"access\": \"public\"\n  }\n}\n","/**\n * All JWEs created by crypto functions will typically use the same secret.\n *\n * It is vital that each decrypt function ensures the JWE was created for that\n * specific purpose, as the output of one encrypt function could otherwise be\n * used as the input to another decrypt function.\n */\nimport { base64url, EncryptJWT, jwtDecrypt } from 'jose';\nimport type {\n  FlagDefinitionsType,\n  FlagOverridesType,\n  FlagValuesType,\n} from '../types';\n\ntype ExpirationTime = string | number | Date;\ntype PurposeClaim = 'overrides' | 'values' | 'definitions' | 'proof';\ntype Purpose = string | string[];\n\n/**\n * Checks if a purpose claim matches the expected purpose.\n *\n * @param pur - The purpose claim to check, can be a string or array of strings\n * @param expectedPurpose - The expected purpose to match against\n * @returns True if the purpose matches the expected purpose, false otherwise\n */\nconst hasPurpose = (pur: Purpose, expectedPurpose: PurposeClaim): boolean => {\n  return Array.isArray(pur)\n    ? pur.includes(expectedPurpose)\n    : pur === expectedPurpose;\n};\n\n/**\n * Encrypts data into a JSON Web Encryption (JWE) token.\n *\n * @param payload - The data to encrypt\n * @param secret - The encryption secret (must be a 256-bit key)\n * @param expirationTime - When the encrypted data should expire\n * @returns A promise resolving to the encrypted JWE string\n * @throws Error if the secret is invalid\n */\nasync function encryptJwe<T extends object = Record<string, unknown>>(\n  payload: T,\n  secret: string,\n  expirationTime: ExpirationTime,\n): Promise<string> {\n  const encodedSecret = base64url.decode(secret);\n\n  if (encodedSecret.length !== 32) {\n    throw new Error(\n      'flags: Invalid secret, it must be a 256-bit key (32 bytes)',\n    );\n  }\n\n  return new EncryptJWT(payload as Record<string, unknown>)\n    .setExpirationTime(expirationTime)\n    .setProtectedHeader({ alg: 'dir', enc: 'A256GCM' })\n    .encrypt(encodedSecret);\n}\n\n/**\n * Decrypts a JWE token and verifies its contents.\n *\n * @param text - The encrypted JWE token string\n * @param verify - A function to verify the decrypted payload is valid\n * @param secret - The decryption secret (must be a 256-bit key)\n * @returns A promise resolving to the decrypted data or undefined if invalid\n * @throws Error if the secret is invalid\n */\nasync function decryptJwe<T extends string | object = Record<string, unknown>>(\n  text: string,\n  verify: (payload: T) => boolean,\n  secret: string,\n): Promise<T | undefined> {\n  if (typeof text !== 'string') return;\n\n  const encodedSecret = base64url.decode(secret);\n\n  if (encodedSecret.length !== 32) {\n    throw new Error(\n      'flags: Invalid secret, it must be a 256-bit key (32 bytes)',\n    );\n  }\n\n  try {\n    const { payload } = await jwtDecrypt(text, encodedSecret);\n    const decoded = payload as T;\n    return verify(decoded) ? decoded : undefined;\n  } catch {\n    return undefined;\n  }\n}\n\n/**\n * Encrypts flag overrides data.\n *\n * @param overrides - The flag overrides to encrypt\n * @param secret - The encryption secret (defaults to FLAGS_SECRET env var)\n * @param expirationTime - When the encrypted data should expire (defaults to 1 year)\n * @returns A promise resolving to the encrypted JWE string\n * @throws Error if the secret is missing or invalid\n */\nexport async function encryptOverrides(\n  overrides: FlagOverridesType,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n  expirationTime: ExpirationTime = '1y',\n) {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  return encryptJwe({ o: overrides, pur: 'overrides' }, secret, expirationTime);\n}\n\n/**\n * Decrypts and validates flag overrides data.\n *\n * @param encryptedData - The encrypted JWE token string\n * @param secret - The decryption secret (defaults to FLAGS_SECRET env var)\n * @returns A promise resolving to the decrypted flag overrides or undefined if invalid\n * @throws Error if the secret is missing or invalid\n */\nexport async function decryptOverrides(\n  encryptedData: string,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n): Promise<FlagOverridesType | undefined> {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  const contents = await decryptJwe<{\n    o: FlagOverridesType;\n    pur: Purpose;\n  }>(\n    encryptedData,\n    (data) => hasPurpose(data.pur, 'overrides') && Object.hasOwn(data, 'o'),\n    secret,\n  );\n  return contents?.o;\n}\n\n/**\n * Encrypts flag values data.\n *\n * @param flagValues - The flag values to encrypt\n * @param secret - The encryption secret (defaults to FLAGS_SECRET env var)\n * @param expirationTime - When the encrypted data should expire (defaults to 1 year)\n * @returns A promise resolving to the encrypted JWE string\n * @throws Error if the secret is missing or invalid\n */\nexport async function encryptFlagValues(\n  flagValues: FlagValuesType,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n  expirationTime: ExpirationTime = '1y',\n) {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  return encryptJwe({ v: flagValues, pur: 'values' }, secret, expirationTime);\n}\n\n/**\n * Decrypts and validates flag values data.\n *\n * @param encryptedData - The encrypted JWE token string\n * @param secret - The decryption secret (defaults to FLAGS_SECRET env var)\n * @returns A promise resolving to the decrypted flag values or undefined if invalid\n * @throws Error if the secret is missing or invalid\n */\nexport async function decryptFlagValues(\n  encryptedData: string,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n): Promise<FlagValuesType | undefined> {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  const contents = await decryptJwe<{\n    v: FlagValuesType;\n    pur: Purpose;\n  }>(\n    encryptedData,\n    (data) => hasPurpose(data.pur, 'values') && Object.hasOwn(data, 'v'),\n    secret,\n  );\n  return contents?.v;\n}\n\n/**\n * Encrypts flag definitions data.\n *\n * @param flagDefinitions - The flag definitions to encrypt\n * @param secret - The encryption secret (defaults to FLAGS_SECRET env var)\n * @param expirationTime - When the encrypted data should expire (defaults to 1 year)\n * @returns A promise resolving to the encrypted JWE string\n * @throws Error if the secret is missing or invalid\n */\nexport async function encryptFlagDefinitions(\n  flagDefinitions: FlagDefinitionsType,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n  expirationTime: ExpirationTime = '1y',\n) {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  return encryptJwe(\n    { d: flagDefinitions, pur: 'definitions' },\n    secret,\n    expirationTime,\n  );\n}\n\n/**\n * Decrypts and validates flag definitions data.\n *\n * @param encryptedData - The encrypted JWE token string\n * @param secret - The decryption secret (defaults to FLAGS_SECRET env var)\n * @returns A promise resolving to the decrypted flag definitions or undefined if invalid\n * @throws Error if the secret is missing or invalid\n */\nexport async function decryptFlagDefinitions(\n  encryptedData: string,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n): Promise<FlagDefinitionsType | undefined> {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  const contents = await decryptJwe<{\n    d: FlagDefinitionsType;\n    pur: string;\n  }>(\n    encryptedData,\n    (data) => data.pur === 'definitions' && Object.hasOwn(data, 'd'),\n    secret,\n  );\n  return contents?.d;\n}\n\n/**\n * Creates an access proof token.\n *\n * @param secret - The encryption secret (defaults to FLAGS_SECRET env var)\n * @param expirationTime - When the token should expire (defaults to 1 year)\n * @returns A promise resolving to the encrypted access proof token\n * @throws Error if the secret is missing or invalid\n */\nexport async function createAccessProof(\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n  expirationTime: ExpirationTime = '1y',\n) {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  return encryptJwe({ pur: 'proof' }, secret, expirationTime);\n}\n\n/**\n * Verifies an access proof token is valid.\n *\n * @param encryptedData - The encrypted access proof token\n * @param secret - The decryption secret (defaults to FLAGS_SECRET env var)\n * @returns A promise resolving to a boolean indicating if the token is valid\n * @throws Error if the secret is missing or invalid\n */\nexport async function verifyAccessProof(\n  encryptedData: string,\n  secret: string | undefined = process?.env?.FLAGS_SECRET,\n) {\n  if (!secret) throw new Error('flags: Missing FLAGS_SECRET');\n  const contents = await decryptJwe<{\n    pur: string;\n  }>(encryptedData, (data) => hasPurpose(data.pur, 'proof'), secret);\n\n  return Boolean(contents);\n}\n","import type { ProviderData } from '../types';\n\nexport async function mergeProviderData(\n  itemsPromises: (Promise<ProviderData> | ProviderData)[],\n): Promise<ProviderData> {\n  const items = await Promise.all(\n    itemsPromises.map((p) => Promise.resolve(p).catch(() => null)),\n  );\n\n  return items\n    .filter((item): item is ProviderData => Boolean(item))\n    .reduce<ProviderData>(\n      (acc, item) => {\n        Object.entries(item.definitions).forEach(([key, definition]) => {\n          if (!acc.definitions[key]) acc.definitions[key] = {};\n          Object.assign(acc.definitions[key], definition);\n        });\n\n        if (Array.isArray(item.hints)) acc.hints.push(...item.hints);\n\n        return acc;\n      },\n      { definitions: {}, hints: [] },\n    );\n}\n","import { version } from '../../package.json';\n\n/**\n * This function lets you report the value of a resolved flag, which will make it available when viewing Monitoring, Logs, Analytics and Speed Insights on Vercel.\n * It's important to note that this only has effects when running on Vercel in a preview or production environments, but not during local development.\n *\n * @example Using `reportValue` to report a flag value.\n * ```\n *  import { type NextRequest, NextResponse } from \"next/server\";\n *  import { reportValue } from 'flags';\n *\n *  export async function GET(request: NextRequest) {\n *    reportValue('my-flag', true);\n *    return NextResponse.json({});\n *  }\n * ```\n *\n * @param key the name of the flag\n * @param value the resolved value of the flag\n */\nexport function reportValue(key: string, value: unknown) {\n  const symbol = Symbol.for('@vercel/request-context');\n  const ctx = Reflect.get(globalThis, symbol)?.get();\n  const reportFlagValue = ctx?.flags?.reportValue;\n  if (typeof reportFlagValue !== 'function') return;\n  reportFlagValue.call(ctx.flags, key, value, {\n    sdkVersion: version,\n  });\n}\n\n/**\n * Only used interally for now.\n */\nexport function internalReportValue(\n  key: string,\n  value: unknown,\n  data: {\n    originProjectId?: string;\n    originProvider?: 'vercel';\n    reason?: 'override';\n  },\n) {\n  const symbol = Symbol.for('@vercel/request-context');\n  const ctx = Reflect.get(globalThis, symbol)?.get();\n  const reportFlagValue = ctx?.flags?.reportValue;\n  if (typeof reportFlagValue !== 'function') return;\n  reportFlagValue.call(ctx.flags, key, value, {\n    sdkVersion: version,\n    ...data,\n  });\n}\n","import type {\n  Attributes,\n  AttributeValue,\n  Tracer,\n  TracerProvider,\n} from '@opentelemetry/api';\nimport { AsyncLocalStorage } from 'async_hooks';\nimport { name as pkgName, version } from '../../package.json';\n\n// Use a symbol to avoid having global variable that is scoped to this file,\n// as it can lead to issues with cjs and mjs being used at the same time.\nconst vercelFlagsTraceSymbol = Symbol.for('flags:global-trace');\n\n/**\n * Allows setting the `@opentelemetry/api` tracer provider to generate traces\n * for `flags` operations.\n */\nexport function setTracerProvider(tracer: TracerProvider): void {\n  Reflect.set(globalThis, vercelFlagsTraceSymbol, tracer);\n}\n\nfunction getTracer(): Tracer | undefined {\n  const maybeTraceApi = Reflect.get(globalThis, vercelFlagsTraceSymbol) as\n    | undefined\n    | TracerProvider;\n  return maybeTraceApi?.getTracer(pkgName, version);\n}\n\nfunction isPromise<T>(p: unknown): p is Promise<T> {\n  return (\n    p !== null &&\n    typeof p === 'object' &&\n    'then' in p &&\n    typeof p.then === 'function'\n  );\n}\n\nconst spanContext = new AsyncLocalStorage<Map<string, AttributeValue>>();\n\nexport function setSpanAttribute(name: string, value: AttributeValue) {\n  spanContext.getStore()?.set(name, value);\n}\n\nexport function trace<F extends (...args: any) => any>(\n  fn: F,\n  options: {\n    name: string;\n    /** Defaults to `true`. If set to `false`, it'll trace regardless of `VERCEL_FLAGS_TRACE_VERBOSE`. */\n    isVerboseTrace?: boolean;\n    attributes?: Attributes;\n    attributesSuccess?: (\n      result: ReturnType<F> extends PromiseLike<infer U> ? U : ReturnType<F>,\n    ) => Attributes;\n    attributesError?: (error: Error) => Attributes;\n  } = {\n    name: fn.name,\n  },\n): F {\n  const traced = function (this: unknown, ...args: unknown[]): unknown {\n    const tracer = getTracer();\n    if (!tracer) return fn.apply(this, args);\n\n    const shouldTrace =\n      process.env.VERCEL_FLAGS_TRACE_VERBOSE === 'true' ||\n      options.isVerboseTrace === false;\n    if (!shouldTrace) return fn.apply(this, args);\n\n    return spanContext.run(new Map(), () =>\n      tracer.startActiveSpan(options.name, (span) => {\n        if (options.attributes) span.setAttributes(options.attributes);\n\n        try {\n          const result = fn.apply(this, args);\n\n          if (isPromise(result)) {\n            result\n              .then((value) => {\n                if (options.attributesSuccess) {\n                  span.setAttributes(\n                    options.attributesSuccess(\n                      value as ReturnType<F> extends PromiseLike<infer U>\n                        ? U\n                        : ReturnType<F>,\n                    ),\n                  );\n                }\n\n                spanContext.getStore()?.forEach((value, key) => {\n                  span.setAttribute(key, value);\n                });\n\n                span.setStatus({ code: 1 }); // 1 = Ok\n                span.end();\n              })\n              .catch((error) => {\n                if (options.attributesError) {\n                  span.setAttributes(options.attributesError(error));\n                }\n\n                span.setStatus({\n                  code: 2, // 2 = Error\n                  message: error instanceof Error ? error.message : undefined,\n                });\n\n                spanContext.getStore()?.forEach((value, key) => {\n                  span.setAttribute(key, value);\n                });\n\n                span.end();\n              });\n          } else {\n            if (options.attributesSuccess) {\n              span.setAttributes(options.attributesSuccess(result));\n            }\n\n            spanContext.getStore()?.forEach((value, key) => {\n              span.setAttribute(key, value);\n            });\n\n            span.setStatus({ code: 1 }); // 1 = Ok\n            span.end();\n          }\n\n          return result as unknown;\n        } catch (error: any) {\n          if (options.attributesError) {\n            span.setAttributes(options.attributesError(error as Error));\n          }\n\n          span.setStatus({\n            code: 2, // 2 = Error\n            message: error instanceof Error ? error.message : undefined,\n          });\n\n          spanContext.getStore()?.forEach((value, key) => {\n            span.setAttribute(key, value);\n          });\n\n          span.end();\n\n          throw error;\n        }\n      }),\n    );\n  };\n\n  return traced as unknown as F;\n}\n","import { verifyAccessProof } from './crypto';\nimport { trace } from './tracing';\n\n/**\n * This function lets you verify whether a request to your application's .well-known/vercel/flags endpoint was made by the toolbar.\n * You can use verifyAccess to keep this endpoint private, to avoid public access of your feature flag definitions through that endpoint.\n *\n * @example Using verifyAccess in .well-known/vercel/flags to verify access and respond with unencrypted data.\n * ```\n *  import { type NextRequest, NextResponse } from \"next/server\";\n *  import { verifyAccess } from \"flags\";\n *\n *  export async function GET(request: NextRequest) {\n *    const access = await verifyAccess(request.headers.get(\"Authorization\"));\n *    if (!access) return NextResponse.json(null, { status: 401 });\n *\n *    return NextResponse.json({ definitions: {} })\n *  }\n * ```\n * @param authHeader the Authorization header to check\n * @param secret the FLAGS_SECRET\n * @returns True when the authorization header was valid\n */\nexport const verifyAccess = trace(\n  async function verifyAccess(\n    // App Router returns null when a header is not defined\n    // Pages Router returns undefined when a header is not defined\n    // We support both so the API is slim in both cases\n    authHeader: string | null | undefined,\n    secret: string | undefined = process?.env?.FLAGS_SECRET,\n  ) {\n    if (!authHeader) return false;\n    if (!secret)\n      throw new Error(\n        'flags: verifyAccess was called without a secret. Please set FLAGS_SECRET environment variable.',\n      );\n\n    const valid = await verifyAccessProof(\n      authHeader.replace(/^Bearer /i, ''),\n      secret,\n    );\n\n    return valid;\n  },\n  {\n    isVerboseTrace: false,\n    name: 'verifyAccess',\n  },\n);\n","// copied from Next.js, and reduced\n// https://github.com/vercel/next.js/tree/canary/packages/next/src/server/web/spec-extension\n// biome-ignore lint/complexity/noStaticOnlyClass: Copied over from Next.js\nexport class ReflectAdapter {\n  static get<T extends object>(\n    target: T,\n    prop: string | symbol,\n    receiver: unknown,\n  ): any {\n    const value = Reflect.get(target, prop, receiver);\n    if (typeof value === 'function') {\n      return value.bind(target);\n    }\n\n    return value;\n  }\n\n  static set<T extends object>(\n    target: T,\n    prop: string | symbol,\n    value: any,\n    receiver: any,\n  ): boolean {\n    return Reflect.set(target, prop, value, receiver);\n  }\n\n  static has<T extends object>(target: T, prop: string | symbol): boolean {\n    return Reflect.has(target, prop);\n  }\n\n  static deleteProperty<T extends object>(\n    target: T,\n    prop: string | symbol,\n  ): boolean {\n    return Reflect.deleteProperty(target, prop);\n  }\n}\n","// copied from Next.js, and reduced\n// https://github.com/vercel/next.js/tree/canary/packages/next/src/server/web/spec-extension\nimport type { IncomingHttpHeaders } from 'http';\n\nimport { ReflectAdapter } from './reflect';\n\n/**\n * @internal\n */\nclass ReadonlyHeadersError extends Error {\n  constructor() {\n    super(\n      'Headers cannot be modified. Read more: https://nextjs.org/docs/app/api-reference/functions/headers',\n    );\n  }\n\n  public static callable() {\n    throw new ReadonlyHeadersError();\n  }\n}\n\nexport type ReadonlyHeaders = Headers & {\n  /** @deprecated Method unavailable on `ReadonlyHeaders`. Read more: https://nextjs.org/docs/app/api-reference/functions/headers */\n  append(...args: any[]): void;\n  /** @deprecated Method unavailable on `ReadonlyHeaders`. Read more: https://nextjs.org/docs/app/api-reference/functions/headers */\n  set(...args: any[]): void;\n  /** @deprecated Method unavailable on `ReadonlyHeaders`. Read more: https://nextjs.org/docs/app/api-reference/functions/headers */\n  delete(...args: any[]): void;\n};\nexport class HeadersAdapter extends Headers {\n  private readonly headers: IncomingHttpHeaders;\n\n  constructor(headers: IncomingHttpHeaders) {\n    // We've already overridden the methods that would be called, so we're just\n    // calling the super constructor to ensure that the instanceof check works.\n    super();\n\n    this.headers = new Proxy(headers, {\n      get(target, prop, receiver) {\n        // Because this is just an object, we expect that all \"get\" operations\n        // are for properties. If it's a \"get\" for a symbol, we'll just return\n        // the symbol.\n        if (typeof prop === 'symbol') {\n          return ReflectAdapter.get(target, prop, receiver);\n        }\n\n        const lowercased = prop.toLowerCase();\n\n        // Let's find the original casing of the key. This assumes that there is\n        // no mixed case keys (e.g. \"Content-Type\" and \"content-type\") in the\n        // headers object.\n        const original = Object.keys(headers).find(\n          (o) => o.toLowerCase() === lowercased,\n        );\n\n        // If the original casing doesn't exist, return undefined.\n        if (typeof original === 'undefined') return;\n\n        // If the original casing exists, return the value.\n        return ReflectAdapter.get(target, original, receiver);\n      },\n      set(target, prop, value, receiver) {\n        if (typeof prop === 'symbol') {\n          return ReflectAdapter.set(target, prop, value, receiver);\n        }\n\n        const lowercased = prop.toLowerCase();\n\n        // Let's find the original casing of the key. This assumes that there is\n        // no mixed case keys (e.g. \"Content-Type\" and \"content-type\") in the\n        // headers object.\n        const original = Object.keys(headers).find(\n          (o) => o.toLowerCase() === lowercased,\n        );\n\n        // If the original casing doesn't exist, use the prop as the key.\n        return ReflectAdapter.set(target, original ?? prop, value, receiver);\n      },\n      has(target, prop) {\n        if (typeof prop === 'symbol') return ReflectAdapter.has(target, prop);\n\n        const lowercased = prop.toLowerCase();\n\n        // Let's find the original casing of the key. This assumes that there is\n        // no mixed case keys (e.g. \"Content-Type\" and \"content-type\") in the\n        // headers object.\n        const original = Object.keys(headers).find(\n          (o) => o.toLowerCase() === lowercased,\n        );\n\n        // If the original casing doesn't exist, return false.\n        if (typeof original === 'undefined') return false;\n\n        // If the original casing exists, return true.\n        return ReflectAdapter.has(target, original);\n      },\n      deleteProperty(target, prop) {\n        if (typeof prop === 'symbol')\n          return ReflectAdapter.deleteProperty(target, prop);\n\n        const lowercased = prop.toLowerCase();\n\n        // Let's find the original casing of the key. This assumes that there is\n        // no mixed case keys (e.g. \"Content-Type\" and \"content-type\") in the\n        // headers object.\n        const original = Object.keys(headers).find(\n          (o) => o.toLowerCase() === lowercased,\n        );\n\n        // If the original casing doesn't exist, return true.\n        if (typeof original === 'undefined') return true;\n\n        // If the original casing exists, delete the property.\n        return ReflectAdapter.deleteProperty(target, original);\n      },\n    });\n  }\n\n  /**\n   * Seals a Headers instance to prevent modification by throwing an error when\n   * any mutating method is called.\n   */\n  public static seal(headers: Headers): ReadonlyHeaders {\n    return new Proxy<ReadonlyHeaders>(headers, {\n      get(target, prop, receiver) {\n        switch (prop) {\n          case 'append':\n          case 'delete':\n          case 'set':\n            return ReadonlyHeadersError.callable;\n          default:\n            return ReflectAdapter.get(target, prop, receiver);\n        }\n      },\n    });\n  }\n\n  /**\n   * Merges a header value into a string. This stores multiple values as an\n   * array, so we need to merge them into a string.\n   *\n   * @param value a header value\n   * @returns a merged header value (a string)\n   */\n  private merge(value: string | string[]): string {\n    if (Array.isArray(value)) return value.join(', ');\n\n    return value;\n  }\n\n  /**\n   * Creates a Headers instance from a plain object or a Headers instance.\n   *\n   * @param headers a plain object or a Headers instance\n   * @returns a headers instance\n   */\n  public static from(headers: IncomingHttpHeaders | Headers): Headers {\n    if (headers instanceof Headers) return headers;\n\n    return new HeadersAdapter(headers);\n  }\n\n  public append(name: string, value: string): void {\n    const existing = this.headers[name];\n    if (typeof existing === 'string') {\n      this.headers[name] = [existing, value];\n    } else if (Array.isArray(existing)) {\n      existing.push(value);\n    } else {\n      this.headers[name] = value;\n    }\n  }\n\n  public delete(name: string): void {\n    delete this.headers[name];\n  }\n\n  public get(name: string): string | null {\n    const value = this.headers[name];\n    if (typeof value !== 'undefined') return this.merge(value);\n\n    return null;\n  }\n\n  public has(name: string): boolean {\n    return typeof this.headers[name] !== 'undefined';\n  }\n\n  public set(name: string, value: string): void {\n    this.headers[name] = value;\n  }\n\n  public forEach(\n    callbackfn: (value: string, name: string, parent: Headers) => void,\n    thisArg?: any,\n  ): void {\n    for (const [name, value] of this.entries()) {\n      callbackfn.call(thisArg, value, name, this);\n    }\n  }\n\n  public *entries(): HeadersIterator<[string, string]> {\n    for (const key of Object.keys(this.headers)) {\n      const name = key.toLowerCase();\n      // We assert here that this is a string because we got it from the\n      // Object.keys() call above.\n      const value = this.get(name) as string;\n\n      yield [name, value] as [string, string];\n    }\n  }\n\n  public *keys(): HeadersIterator<string> {\n    for (const key of Object.keys(this.headers)) {\n      const name = key.toLowerCase();\n      yield name;\n    }\n  }\n\n  public *values(): HeadersIterator<string> {\n    for (const key of Object.keys(this.headers)) {\n      // We assert here that this is a string because we got it from the\n      // Object.keys() call above.\n      const value = this.get(key) as string;\n\n      yield value;\n    }\n  }\n\n  public [Symbol.iterator](): HeadersIterator<[string, string]> {\n    return this.entries();\n  }\n}\n","// copied from Next.js, and reduced\n// https://github.com/vercel/next.js/tree/canary/packages/next/src/server/web/spec-extension\nimport { type RequestCookies, ResponseCookies } from '../cookies';\nimport { ReflectAdapter } from './reflect';\n\n/**\n * @internal\n */\nexport class ReadonlyRequestCookiesError extends Error {\n  constructor() {\n    super(\n      'Cookies can only be modified in a Server Action or Route Handler. Read more: https://nextjs.org/docs/app/api-reference/functions/cookies#options',\n    );\n  }\n\n  public static callable() {\n    throw new ReadonlyRequestCookiesError();\n  }\n}\n\n// We use this to type some APIs but we don't construct instances directly\nexport type { ResponseCookies };\n\n// The `cookies()` API is a mix of request and response cookies. For `.get()` methods,\n// we want to return the request cookie if it exists. For mutative methods like `.set()`,\n// we want to return the response cookie.\nexport type ReadonlyRequestCookies = Omit<\n  RequestCookies,\n  'set' | 'clear' | 'delete'\n> &\n  Pick<ResponseCookies, 'set' | 'delete'>;\n\n// biome-ignore lint/complexity/noStaticOnlyClass: copied from Next.js\nexport class RequestCookiesAdapter {\n  public static seal(cookies: RequestCookies): ReadonlyRequestCookies {\n    return new Proxy(cookies as any, {\n      get(target, prop, receiver) {\n        switch (prop) {\n          case 'clear':\n          case 'delete':\n          case 'set':\n            return ReadonlyRequestCookiesError.callable;\n          default:\n            return ReflectAdapter.get(target, prop, receiver);\n        }\n      },\n    });\n  }\n}\n\nconst SYMBOL_MODIFY_COOKIE_VALUES = Symbol.for('next.mutated.cookies');\n\nexport function getModifiedCookieValues(\n  cookies: ResponseCookies,\n): ResponseCookie[] {\n  const modified: ResponseCookie[] | undefined = (cookies as unknown as any)[\n    SYMBOL_MODIFY_COOKIE_VALUES\n  ];\n  if (!modified || !Array.isArray(modified) || modified.length === 0) {\n    return [];\n  }\n\n  return modified;\n}\n\nexport function appendMutableCookies(\n  headers: Headers,\n  mutableCookies: ResponseCookies,\n): boolean {\n  const modifiedCookieValues = getModifiedCookieValues(mutableCookies);\n  if (modifiedCookieValues.length === 0) {\n    return false;\n  }\n\n  // Return a new response that extends the response with\n  // the modified cookies as fallbacks. `res` cookies\n  // will still take precedence.\n  const resCookies = new ResponseCookies(headers);\n  const returnedCookies = resCookies.getAll();\n\n  // Set the modified cookies as fallbacks.\n  for (const cookie of modifiedCookieValues) {\n    resCookies.set(cookie);\n  }\n\n  // Set the original cookies as the final values.\n  for (const cookie of returnedCookies) {\n    resCookies.set(cookie);\n  }\n\n  return true;\n}\n\ntype ResponseCookie = NonNullable<\n  ReturnType<InstanceType<typeof ResponseCookies>['get']>\n>;\n"]}