diff --git a/.github/workflows/fedramp-sync.yml b/.github/workflows/fedramp-sync.yml index f5e820c..0169f7f 100644 --- a/.github/workflows/fedramp-sync.yml +++ b/.github/workflows/fedramp-sync.yml @@ -40,7 +40,7 @@ jobs: body: | Syncs grclanker's generated FedRAMP docs snapshot from the official FedRAMP GitHub sources. - - Refreshes the FRMR-backed generated docs content + - Refreshes generated docs from the official FedRAMP Consolidated Rules - Preserves reviewed snapshot delivery for the site - Keeps CLI lookups and docs content aligned to the same upstream source diff --git a/.gitignore b/.gitignore index 92d2c0a..f499e84 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,11 @@ cli/release/ dist/ .astro/ +# Cloudflare +.wrangler/ +.dev.vars* +!.dev.vars.example + # Generated evidence and local workspaces export/ oscal-workspace/ diff --git a/astro.config.mjs b/astro.config.mjs index 4ecf50e..f0991d5 100644 --- a/astro.config.mjs +++ b/astro.config.mjs @@ -3,6 +3,7 @@ import tailwindcss from '@tailwindcss/vite'; export default defineConfig({ site: 'https://www.grclanker.com', + output: 'static', markdown: { shikiConfig: { theme: 'catppuccin-frappe', diff --git a/cli/extensions/grc-tools.ts b/cli/extensions/grc-tools.ts index 658bce0..24a0458 100644 --- a/cli/extensions/grc-tools.ts +++ b/cli/extensions/grc-tools.ts @@ -9,7 +9,7 @@ import { createReadTool, createWriteTool, type ExtensionAPI, -} from "@mariozechner/pi-coding-agent"; +} from "@earendil-works/pi-coding-agent"; import { getGrclankerSettingsPath } from "../config/paths.js"; import { buildComputeBackendSystemPromptNote, diff --git a/cli/extensions/grc-tools/ansible.ts b/cli/extensions/grc-tools/ansible.ts index 9b79bf9..d92eab9 100644 --- a/cli/extensions/grc-tools/ansible.ts +++ b/cli/extensions/grc-tools/ansible.ts @@ -13,7 +13,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -390,7 +390,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/aws.ts b/cli/extensions/grc-tools/aws.ts index 64957cc..780d62c 100644 --- a/cli/extensions/grc-tools/aws.ts +++ b/cli/extensions/grc-tools/aws.ts @@ -60,7 +60,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -292,7 +292,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/azure.ts b/cli/extensions/grc-tools/azure.ts index e7d8c6b..16f854a 100644 --- a/cli/extensions/grc-tools/azure.ts +++ b/cli/extensions/grc-tools/azure.ts @@ -15,7 +15,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -233,7 +233,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/cloudflare.ts b/cli/extensions/grc-tools/cloudflare.ts index 9c1e489..0fdbc2e 100644 --- a/cli/extensions/grc-tools/cloudflare.ts +++ b/cli/extensions/grc-tools/cloudflare.ts @@ -14,7 +14,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -248,7 +248,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/duo.ts b/cli/extensions/grc-tools/duo.ts index 74ac9ec..62deb8f 100644 --- a/cli/extensions/grc-tools/duo.ts +++ b/cli/extensions/grc-tools/duo.ts @@ -16,7 +16,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { basename, dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -2256,7 +2256,7 @@ async function writeText(rootDir: string, relativePathname: string, value: strin async function zipDirectory(sourceDir: string, zipPath: string): Promise { const output = createWriteStream(zipPath); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); await new Promise((resolveZip, rejectZip) => { output.on("close", resolveZip); diff --git a/cli/extensions/grc-tools/fedramp-docs.ts b/cli/extensions/grc-tools/fedramp-docs.ts index 75cc293..cdbac38 100644 --- a/cli/extensions/grc-tools/fedramp-docs.ts +++ b/cli/extensions/grc-tools/fedramp-docs.ts @@ -36,18 +36,18 @@ function sourceBanner( secondary: FedrampRulesSourceStatus, ): string { const blobRef = primary.blobSha ? `\`${primary.blobSha.slice(0, 12)}\`` : "`unknown`"; - const rulesNote = + const supportingNote = secondary.state === "ready" - ? "The official `FedRAMP/rules` repo exists and is ready for later integration." + ? "Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository." : secondary.state === "placeholder" - ? "The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there." - : "The official `FedRAMP/rules` repo could not be inspected during this sync, so grclanker is grounded in `FedRAMP/docs` alone for now."; + ? "The official `FedRAMP/2026-markdown` repository exists, but generated narrative content was not found." + : "The official `FedRAMP/2026-markdown` repository could not be inspected during this sync."; return [ `> Generated from the official [${primary.org}/${primary.repo}](${primary.repoUrl}) GitHub repo.`, `> Source path: [\`${primary.path}\`](${primary.fileHtmlUrl ?? primary.rawUrl}) on \`${primary.branch}\` at blob ${blobRef}.`, - `> FRMR version: \`${primary.version}\` · upstream \`last_updated\`: \`${primary.upstreamLastUpdated}\`.`, - `> ${rulesNote}`, + `> Consolidated Rules version: \`${primary.version}\` · upstream \`last_updated\`: \`${primary.upstreamLastUpdated}\`.`, + `> ${supportingNote}`, ].join("\n"); } @@ -66,9 +66,18 @@ function requirementMarkdown(requirement: FedrampRequirementRecord): string { const lines = [ requirementBadge(requirement), "", - requirement.statement, ]; + if (requirement.classVariants.length > 0) { + lines.push("Varies by certification class:", ""); + for (const variant of requirement.classVariants) { + const force = variant.primaryKeyWord ? ` ${variant.primaryKeyWord}` : ""; + lines.push(`- **Class ${variant.class}${force}:** ${variant.statement}`); + } + } else { + lines.push(requirement.statement); + } + if (requirement.followingInformation.length > 0) { lines.push("", "Checklist items:", markdownList(requirement.followingInformation)); } @@ -115,7 +124,7 @@ function processPage( const lines = [ frontmatter( `${process.name} — FedRAMP Process`, - `Official FRMR-generated summary for the ${process.shortName} FedRAMP process, including applicability and requirements.`, + `Official Consolidated Rules summary for the ${process.shortName} FedRAMP process, including applicability and requirements.`, ), "", sourceBanner(primary, secondary), @@ -128,6 +137,10 @@ function processPage( "", ]; + if (process.status) { + lines.splice(lines.length - 1, 0, `Status: \`${process.status}\``, ""); + } + if (process.sourceUrl) { lines.push(`Official page: [${process.sourceUrl}](${process.sourceUrl})`, ""); } @@ -135,8 +148,8 @@ function processPage( lines.push( "## Effective Status", "", - `- 20x: ${process.effective["20x"]?.is ?? "n/a"}${process.effective["20x"]?.currentStatus ? ` · ${process.effective["20x"]?.currentStatus}` : ""}`, - `- Rev5: ${process.effective.rev5?.is ?? "n/a"}${process.effective.rev5?.currentStatus ? ` · ${process.effective.rev5?.currentStatus}` : ""}`, + `- 20x: ${process.effective["20x"]?.is ?? "n/a"}${process.effective["20x"]?.currentStatus ? ` · ${process.effective["20x"]?.currentStatus}` : ""}${process.effective["20x"]?.startDate ? ` · obtain ${process.effective["20x"]?.startDate}` : ""}${process.effective["20x"]?.graceDate ? ` · grace through ${process.effective["20x"]?.graceDate}` : ""}`, + `- Rev5: ${process.effective.rev5?.is ?? "n/a"}${process.effective.rev5?.currentStatus ? ` · ${process.effective.rev5?.currentStatus}` : ""}${process.effective.rev5?.startDate ? ` · obtain ${process.effective.rev5?.startDate}` : ""}${process.effective.rev5?.graceDate ? ` · grace through ${process.effective.rev5?.graceDate}` : ""}`, `- Shared requirements: ${counts.both}`, "", ); @@ -150,9 +163,11 @@ function processPage( } if (process.labels.length > 0) { - lines.push("## Label Groups", ""); + lines.push("## Rule Subsets", ""); for (const label of process.labels) { - lines.push(`- \`${label.code}\` — ${label.name}: ${label.description}`); + const types = label.types.length > 0 ? ` · types: ${label.types.join(", ")}` : ""; + const classes = label.classes.length > 0 ? ` · classes: ${label.classes.join(", ")}` : ""; + lines.push(`- \`${label.code}\` — ${label.name}: ${label.description}${types}${classes}`); } lines.push(""); } @@ -195,7 +210,7 @@ function ksiDomainPage( const lines = [ frontmatter( `${domain.name} — FedRAMP KSI Domain`, - `Official FRMR-generated summary for the ${domain.shortName} FedRAMP key security indicator domain.`, + `Official Consolidated Rules summary for the ${domain.shortName} FedRAMP key security indicator domain.`, ), "", sourceBanner(primary, secondary), @@ -204,17 +219,26 @@ function ksiDomainPage( "", `Domain code: \`${domain.code}\` · Domain ID: \`${domain.id}\` · Web slug: \`${domain.webName}\``, "", - "## Theme", - "", - fenceMultiline(domain.theme), - "", "## Indicators", "", ]; + if (domain.theme) { + lines.splice(8, 0, "## Theme", "", fenceMultiline(domain.theme), ""); + } + for (const indicator of indicators) { const former = indicator.fka ? ` (formerly \`${indicator.fka}\`)` : ""; - lines.push(`### \`${indicator.id}\`${former} — ${indicator.name}`, "", indicator.statement, ""); + lines.push(`### \`${indicator.id}\`${former} — ${indicator.name}`, ""); + if (indicator.classVariants.length > 0) { + lines.push("Varies by certification class:", ""); + for (const variant of indicator.classVariants) { + lines.push(`- **Class ${variant.class}:** ${variant.statement}`); + } + lines.push(""); + } else { + lines.push(indicator.statement, ""); + } if (indicator.reference && indicator.referenceUrl) { lines.push(`Reference: [${indicator.reference}](${indicator.referenceUrl})`, ""); } else if (indicator.reference) { @@ -264,7 +288,7 @@ export function buildFedrampDocsSnapshot( const overview = [ frontmatter( "FedRAMP Official Sources", - "Official GitHub-grounded FedRAMP 20x and Rev5 reference material generated from FRMR documentation.", + "Official GitHub-grounded FedRAMP 20x and Rev5 reference material generated from the Consolidated Rules.", ), "", sourceBanner(primary, secondary), @@ -276,7 +300,7 @@ export function buildFedrampDocsSnapshot( "## Current Grounding", "", `- Primary source: [${primary.org}/${primary.repo}](${primary.repoUrl}) → [\`${primary.path}\`](${primary.fileHtmlUrl ?? primary.rawUrl}) on \`${primary.branch}\``, - `- FRMR version: \`${primary.version}\``, + `- Consolidated Rules version: \`${primary.version}\``, `- Upstream \`last_updated\`: \`${primary.upstreamLastUpdated}\``, `- Rev5 remains a first-class lane beside 20x in grclanker.`, "", @@ -293,7 +317,7 @@ export function buildFedrampDocsSnapshot( const processesIndex = [ frontmatter( "FedRAMP Processes", - "Browse official FRMR-generated FedRAMP process documents such as ADS, PVA, SCG, VDR, and CCM.", + "Browse official Consolidated Rules process documents such as CDS, IVV, SCG, VDR, and CCM.", ), "", sourceBanner(primary, secondary), @@ -307,7 +331,7 @@ export function buildFedrampDocsSnapshot( const ksiIndex = [ frontmatter( "FedRAMP KSI Domains", - "Browse official FRMR-generated FedRAMP key security indicator domains and indicator summaries.", + "Browse official Consolidated Rules key security indicator domains and indicator summaries.", ), "", sourceBanner(primary, secondary), diff --git a/cli/extensions/grc-tools/fedramp-source.ts b/cli/extensions/grc-tools/fedramp-source.ts index ba48518..2499401 100644 --- a/cli/extensions/grc-tools/fedramp-source.ts +++ b/cli/extensions/grc-tools/fedramp-source.ts @@ -6,26 +6,32 @@ import { ensureGrclankerHome, getGrclankerHome, getGrclankerStateDir } from "../ const DAY_MS = 24 * 60 * 60 * 1000; const SOURCE_STATUS_TTL_MS = 6 * 60 * 60 * 1000; +const FEDRAMP_CACHE_SCHEMA_VERSION = 2; const GITHUB_API = "https://api.github.com"; const GITHUB_ORG = "FedRAMP"; -export const FEDRAMP_DOCS_SOURCE = { +export const FEDRAMP_RULES_SOURCE = { org: GITHUB_ORG, - repo: "docs", + repo: "rules", branch: "main", - path: "FRMR.documentation.json", - repoUrl: "https://github.com/FedRAMP/docs", - rawUrl: "https://raw.githubusercontent.com/FedRAMP/docs/main/FRMR.documentation.json", + path: "fedramp-consolidated-rules.json", + repoUrl: "https://github.com/FedRAMP/rules", + rawUrl: + "https://raw.githubusercontent.com/FedRAMP/rules/main/fedramp-consolidated-rules.json", }; -export const FEDRAMP_RULES_SOURCE = { +export const FEDRAMP_MARKDOWN_SOURCE = { org: GITHUB_ORG, - repo: "rules", + repo: "2026-markdown", branch: "main", - repoUrl: "https://github.com/FedRAMP/rules", + repoUrl: "https://github.com/FedRAMP/2026-markdown", }; +/** @deprecated Use FEDRAMP_RULES_SOURCE. */ +export const FEDRAMP_DOCS_SOURCE = FEDRAMP_RULES_SOURCE; + export type FedrampApplicability = "20x" | "rev5" | "both"; +export type FedrampCertificationClass = "A" | "B" | "C" | "D"; export type FedrampCacheStatus = "live" | "cached" | "stale"; export type FedrampSearchSection = "definition" | "process" | "requirement" | "ksi" | "any"; @@ -48,7 +54,7 @@ export interface FedrampDefinitionRecord { alts: string[]; definition: string; updated: FedrampUpdatedNote[]; - appliesTo: "both"; + appliesTo: FedrampApplicability; } export interface FedrampProcessEffectiveWindow { @@ -58,12 +64,20 @@ export interface FedrampProcessEffectiveWindow { startDate: string | null; endDate: string | null; comments: string[]; + warnings: string[]; + optionalAdoptionDate: string | null; + graceDate: string | null; + graceUntilNextAssessment: boolean | null; } export interface FedrampProcessLabelRecord { code: string; name: string; description: string; + types: string[]; + paths: string[]; + classes: string[]; + affects: string[]; } export interface FedrampAuthorityRecord { @@ -86,9 +100,21 @@ export interface FedrampProcessRecord { expectedOutcomes: string[]; authority: FedrampAuthorityRecord[]; labels: FedrampProcessLabelRecord[]; + status: string | null; + tag: string | null; requirementIds: string[]; } +export interface FedrampClassVariantRecord { + class: FedrampCertificationClass; + statement: string; + primaryKeyWord: string | null; + followingInformation: string[]; + note: string | null; + timeframeType: string | null; + timeframeNum: number | null; +} + export interface FedrampRequirementRecord { id: string; fka: string | null; @@ -111,6 +137,7 @@ export interface FedrampRequirementRecord { timeframeType: string | null; timeframeNum: number | null; updated: FedrampUpdatedNote[]; + classVariants: FedrampClassVariantRecord[]; } export interface FedrampKsiDomainRecord { @@ -120,6 +147,7 @@ export interface FedrampKsiDomainRecord { shortName: string; webName: string; theme: string; + status: string | null; appliesTo: "20x"; indicatorIds: string[]; } @@ -140,6 +168,7 @@ export interface FedrampKsiIndicatorRecord { terms: string[]; updated: FedrampUpdatedNote[]; appliesTo: "20x"; + classVariants: FedrampClassVariantRecord[]; } export interface FedrampCatalog { @@ -165,7 +194,7 @@ export interface FedrampPrimarySourceStatus { upstreamLastUpdated: string; } -export interface FedrampRulesSourceStatus { +export interface FedrampSupportingSourceStatus { org: string; repo: string; branch: string; @@ -176,6 +205,9 @@ export interface FedrampRulesSourceStatus { notes: string[]; } +/** @deprecated Use FedrampSupportingSourceStatus. */ +export type FedrampRulesSourceStatus = FedrampSupportingSourceStatus; + export interface FedrampLoadedCatalog { catalog: FedrampCatalog; provenance: FedrampPrimarySourceStatus; @@ -202,12 +234,14 @@ export interface FedrampSearchMatch { } type SourceCachePayload = { + schemaVersion: number; fetchedAt: string; primary: FedrampPrimarySourceStatus; - secondary: FedrampRulesSourceStatus; + secondary: FedrampSupportingSourceStatus; }; type CatalogCachePayload = { + schemaVersion: number; fetchedAt: string; catalog: FedrampCatalog; provenance: FedrampPrimarySourceStatus; @@ -338,24 +372,24 @@ async function fetchPrimarySourceMetadata(): Promise<{ }> { const [repo, file] = await Promise.all([ fetchJson( - `${GITHUB_API}/repos/${FEDRAMP_DOCS_SOURCE.org}/${FEDRAMP_DOCS_SOURCE.repo}`, + `${GITHUB_API}/repos/${FEDRAMP_RULES_SOURCE.org}/${FEDRAMP_RULES_SOURCE.repo}`, ), fetchJson( - `${GITHUB_API}/repos/${FEDRAMP_DOCS_SOURCE.org}/${FEDRAMP_DOCS_SOURCE.repo}/contents/${FEDRAMP_DOCS_SOURCE.path}?ref=${FEDRAMP_DOCS_SOURCE.branch}`, + `${GITHUB_API}/repos/${FEDRAMP_RULES_SOURCE.org}/${FEDRAMP_RULES_SOURCE.repo}/contents/${FEDRAMP_RULES_SOURCE.path}?ref=${FEDRAMP_RULES_SOURCE.branch}`, ), ]); return { repo, file }; } -async function fetchRulesSourceMetadata(): Promise { +async function fetchSupportingSourceMetadata(): Promise { try { const [repo, contents] = await Promise.all([ fetchJson( - `${GITHUB_API}/repos/${FEDRAMP_RULES_SOURCE.org}/${FEDRAMP_RULES_SOURCE.repo}`, + `${GITHUB_API}/repos/${FEDRAMP_MARKDOWN_SOURCE.org}/${FEDRAMP_MARKDOWN_SOURCE.repo}`, ), fetchJson( - `${GITHUB_API}/repos/${FEDRAMP_RULES_SOURCE.org}/${FEDRAMP_RULES_SOURCE.repo}/contents/?ref=${FEDRAMP_RULES_SOURCE.branch}`, + `${GITHUB_API}/repos/${FEDRAMP_MARKDOWN_SOURCE.org}/${FEDRAMP_MARKDOWN_SOURCE.repo}/contents/?ref=${FEDRAMP_MARKDOWN_SOURCE.branch}`, ), ]); @@ -363,36 +397,35 @@ async function fetchRulesSourceMetadata(): Promise { .map((entry) => asString(entry.name)) .filter((entry): entry is string => Boolean(entry)) .sort((left, right) => left.localeCompare(right)); - const substantiveEntries = rootEntries.filter( - (entry) => entry !== "README.md" && entry !== ".gitignore", - ); + const isReady = + rootEntries.includes("_sources.json") || + rootEntries.some((entry) => entry.endsWith(".md") && entry !== "README.md"); return { - org: FEDRAMP_RULES_SOURCE.org, - repo: FEDRAMP_RULES_SOURCE.repo, - branch: repo.default_branch ?? FEDRAMP_RULES_SOURCE.branch, - repoUrl: repo.html_url ?? FEDRAMP_RULES_SOURCE.repoUrl, + org: FEDRAMP_MARKDOWN_SOURCE.org, + repo: FEDRAMP_MARKDOWN_SOURCE.repo, + branch: repo.default_branch ?? FEDRAMP_MARKDOWN_SOURCE.branch, + repoUrl: repo.html_url ?? FEDRAMP_MARKDOWN_SOURCE.repoUrl, repoUpdatedAt: asString(repo.updated_at), - state: substantiveEntries.length > 0 ? "ready" : "placeholder", + state: isReady ? "ready" : "placeholder", rootEntries, - notes: - substantiveEntries.length > 0 - ? [] - : [ - "The official FedRAMP/rules repo exists, but its root contents are still placeholder-level for grclanker automation.", - ], + notes: isReady + ? [] + : [ + "The official FedRAMP/2026-markdown repo exists, but no generated narrative content was found.", + ], }; } catch (error) { return { - org: FEDRAMP_RULES_SOURCE.org, - repo: FEDRAMP_RULES_SOURCE.repo, - branch: FEDRAMP_RULES_SOURCE.branch, - repoUrl: FEDRAMP_RULES_SOURCE.repoUrl, + org: FEDRAMP_MARKDOWN_SOURCE.org, + repo: FEDRAMP_MARKDOWN_SOURCE.repo, + branch: FEDRAMP_MARKDOWN_SOURCE.branch, + repoUrl: FEDRAMP_MARKDOWN_SOURCE.repoUrl, repoUpdatedAt: null, state: "unavailable", rootEntries: [], notes: [ - `Unable to inspect FedRAMP/rules: ${error instanceof Error ? error.message : String(error)}`, + `Unable to inspect FedRAMP/2026-markdown: ${error instanceof Error ? error.message : String(error)}`, ], }; } @@ -405,23 +438,23 @@ async function fetchPrimarySourceCatalog(): Promise<{ const emptyRepoMetadata: RepoOverviewResponse = {}; const emptyFileMetadata: GitHubContentFileResponse = {}; const [rawCatalog, metadata] = await Promise.all([ - fetchJson>(FEDRAMP_DOCS_SOURCE.rawUrl), + fetchJson>(FEDRAMP_RULES_SOURCE.rawUrl), fetchPrimarySourceMetadata().catch(() => ({ repo: emptyRepoMetadata, file: emptyFileMetadata })), ]); - const catalog = normalizeFedrampFrmr(rawCatalog); + const catalog = normalizeFedrampConsolidatedRules(rawCatalog); const provenance: FedrampPrimarySourceStatus = { - org: FEDRAMP_DOCS_SOURCE.org, - repo: FEDRAMP_DOCS_SOURCE.repo, + org: FEDRAMP_RULES_SOURCE.org, + repo: FEDRAMP_RULES_SOURCE.repo, branch: asString(metadata.repo.default_branch) ?? - FEDRAMP_DOCS_SOURCE.branch, + FEDRAMP_RULES_SOURCE.branch, repoUrl: asString(metadata.repo.html_url) ?? - FEDRAMP_DOCS_SOURCE.repoUrl, - path: FEDRAMP_DOCS_SOURCE.path, - rawUrl: FEDRAMP_DOCS_SOURCE.rawUrl, + FEDRAMP_RULES_SOURCE.repoUrl, + path: FEDRAMP_RULES_SOURCE.path, + rawUrl: FEDRAMP_RULES_SOURCE.rawUrl, blobSha: asString(metadata.file.sha), fileHtmlUrl: asString(metadata.file.html_url), repoUpdatedAt: asString(metadata.repo.updated_at), @@ -432,23 +465,178 @@ async function fetchPrimarySourceCatalog(): Promise<{ return { catalog, provenance }; } +function asRecord(value: unknown): Record { + return value && typeof value === "object" && !Array.isArray(value) + ? (value as Record) + : {}; +} + +function asFiniteNumber(value: unknown): number | null { + return typeof value === "number" && Number.isFinite(value) ? value : null; +} + +function asBoolean(value: unknown): boolean | null { + return typeof value === "boolean" ? value : null; +} + +function uniqueStrings(values: string[]): string[] { + return Array.from(new Set(values)); +} + +function combinedNote(record: Record): string | null { + const notes = [asString(record.note), ...asStringArray(record.notes)].filter( + (value): value is string => Boolean(value), + ); + return notes.length > 0 ? notes.join("\n") : null; +} + +function sourceApplicability(value: string): FedrampApplicability | undefined { + const normalized = value.toLowerCase(); + if (normalized === "all" || normalized === "both") return "both"; + if (normalized === "20x" || normalized === "rev5") return normalized; + return undefined; +} + function effectiveWindow(value: unknown): FedrampProcessEffectiveWindow | undefined { - if (!value || typeof value !== "object") return undefined; - const record = value as Record; + const record = asRecord(value); + if (Object.keys(record).length === 0) return undefined; + const dates = asRecord(record.date); + const grace = asRecord(dates.grace); return { is: asString(record.is), signupUrl: asString(record.signup_url), currentStatus: asString(record.current_status), - startDate: asString(record.start_date), - endDate: asString(record.end_date), + startDate: asString(record.start_date) ?? asString(dates.obtain), + endDate: asString(record.end_date) ?? asString(dates.maintain), comments: asStringArray(record.comments), + warnings: asStringArray(record.warnings), + optionalAdoptionDate: asString(dates.optional_adoption), + graceDate: asString(grace.default), + graceUntilNextAssessment: asBoolean(grace.until_next_assessment), }; } -export function normalizeFedrampFrmr(raw: Record): FedrampCatalog { +function normalizeClassVariants(value: unknown): FedrampClassVariantRecord[] { + const record = asRecord(value); + const variants: FedrampClassVariantRecord[] = []; + for (const key of ["a", "b", "c", "d"] as const) { + const item = asRecord(record[key]); + const statement = asString(item.statement); + if (!statement) continue; + variants.push({ + class: key.toUpperCase() as FedrampCertificationClass, + statement, + primaryKeyWord: asString(item.force), + followingInformation: asStringArray(item.following_information), + note: combinedNote(item), + timeframeType: asString(item.timeframe_type), + timeframeNum: asFiniteNumber(item.timeframe_num), + }); + } + return variants; +} + +function aggregateStatement( + record: Record, + variants: FedrampClassVariantRecord[], +): string { + return ( + asString(record.statement) ?? + variants.map((variant) => `Class ${variant.class}: ${variant.statement}`).join("\n") + ); +} + +function aggregateKeyword( + record: Record, + variants: FedrampClassVariantRecord[], +): string | null { + const direct = asString(record.force) ?? asString(record.primary_key_word); + if (direct) return direct; + const keywords = uniqueStrings( + variants + .map((variant) => variant.primaryKeyWord) + .filter((value): value is string => Boolean(value)), + ); + if (keywords.length === 1) return keywords[0]!; + return keywords.length > 1 ? "VARIES BY CLASS" : null; +} + +function aggregateFollowingInformation( + record: Record, + variants: FedrampClassVariantRecord[], +): string[] { + return uniqueStrings([ + ...asStringArray(record.following_information), + ...asStringArray(record.following_information_bullets), + ...variants.flatMap((variant) => + variant.followingInformation.map((item) => `Class ${variant.class}: ${item}`), + ), + ]); +} + +function commonVariantString( + variants: FedrampClassVariantRecord[], + select: (variant: FedrampClassVariantRecord) => string | null, +): string | null { + const values = uniqueStrings( + variants.map(select).filter((value): value is string => Boolean(value)), + ); + return values.length === 1 ? values[0]! : null; +} + +function commonVariantNumber( + variants: FedrampClassVariantRecord[], + select: (variant: FedrampClassVariantRecord) => number | null, +): number | null { + const values = Array.from( + new Set(variants.map(select).filter((value): value is number => value !== null)), + ); + return values.length === 1 ? values[0]! : null; +} + +function collectProcessLabels( + info: Record, + legacyLabels: unknown, +): FedrampProcessLabelRecord[] { + const labels = new Map(); + + const addLabels = (value: unknown) => { + for (const [code, rawLabel] of Object.entries(asRecord(value))) { + const item = asRecord(rawLabel); + const applicability = asRecord(item.applicability); + const previous = labels.get(code); + labels.set(code, { + code, + name: asString(item.name) ?? previous?.name ?? code, + description: asString(item.description) ?? previous?.description ?? "", + types: uniqueStrings([...(previous?.types ?? []), ...asStringArray(applicability.types)]), + paths: uniqueStrings([...(previous?.paths ?? []), ...asStringArray(applicability.paths)]), + classes: uniqueStrings([ + ...(previous?.classes ?? []), + ...asStringArray(applicability.classes), + ]), + affects: uniqueStrings([ + ...(previous?.affects ?? []), + ...asStringArray(applicability.affects), + ]), + }); + } + }; + + addLabels(legacyLabels); + addLabels(info.subsets); + addLabels(asRecord(info["20x"]).subsets); + addLabels(asRecord(info.rev5).subsets); + + return Array.from(labels.values()).sort((left, right) => left.code.localeCompare(right.code)); +} + +export function normalizeFedrampConsolidatedRules( + raw: Record, +): FedrampCatalog { const infoRecord = (raw.info ?? {}) as Record; const info: FedrampCatalogInfo = { - title: asString(infoRecord.title) ?? "FedRAMP Machine-Readable Documentation", + title: asString(infoRecord.title) ?? "FedRAMP Consolidated Rules", description: asString(infoRecord.description) ?? "Machine-readable FedRAMP requirements, recommendations, definitions, and key security indicators.", @@ -461,20 +649,22 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal string, unknown >; - const definitionBuckets = (definitionData.both ?? {}) as Record; - - for (const [id, entry] of Object.entries(definitionBuckets)) { - if (!entry || typeof entry !== "object") continue; - const item = entry as Record; - definitions.push({ - id, - fka: asString(item.fka), - term: asString(item.term) ?? id, - alts: asStringArray(item.alts), - definition: asString(item.definition) ?? "", - updated: asUpdatedNotes(item.updated), - appliesTo: "both", - }); + for (const [bucketName, rawBucket] of Object.entries(definitionData)) { + const appliesTo = sourceApplicability(bucketName); + if (!appliesTo) continue; + for (const [id, entry] of Object.entries(asRecord(rawBucket))) { + const item = asRecord(entry); + if (Object.keys(item).length === 0) continue; + definitions.push({ + id, + fka: asString(item.fka), + term: asString(item.term) ?? id, + alts: asStringArray(item.alts), + definition: asString(item.definition) ?? "", + updated: asUpdatedNotes(item.updated), + appliesTo, + }); + } } const processes: FedrampProcessRecord[] = []; @@ -486,43 +676,41 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal const record = entry as Record; const infoRecord = (record.info ?? {}) as Record; const frontMatter = (record.front_matter ?? {}) as Record; - const labelsRecord = (record.labels ?? {}) as Record; const dataRecord = (record.data ?? {}) as Record; - const labels = Object.entries(labelsRecord) - .map(([code, label]) => { - if (!label || typeof label !== "object") return null; - const item = label as Record; - return { - code, - name: asString(item.name) ?? code, - description: asString(item.description) ?? "", - }; - }) - .filter((value): value is FedrampProcessLabelRecord => Boolean(value)); + const labels = collectProcessLabels(infoRecord, record.labels); const requirementIds: string[] = []; - const applicabilityKeys = (["both", "20x", "rev5"] as const).filter( - (key) => dataRecord[key] && typeof dataRecord[key] === "object", - ); - const sourceUrl = - asString(infoRecord.web_name) - ? `https://fedramp.gov/docs/20x/${asString(infoRecord.web_name)}` - : null; - - for (const appliesTo of applicabilityKeys) { - const applicabilityBucket = (dataRecord[appliesTo] ?? {}) as Record; + const applicabilityKeys = uniqueStrings( + Object.keys(dataRecord) + .filter((key) => Object.keys(asRecord(dataRecord[key])).length > 0) + .map((key) => sourceApplicability(key)) + .filter((value): value is FedrampApplicability => Boolean(value)), + ) as FedrampApplicability[]; + const webName = asString(infoRecord.web_name) ?? processId.toLowerCase(); + const sourceUrl = `https://www.fedramp.gov/2026/reference/${webName}/`; + + for (const [bucketName, rawBucket] of Object.entries(dataRecord)) { + const appliesTo = sourceApplicability(bucketName); + if (!appliesTo) continue; + const applicabilityBucket = asRecord(rawBucket); for (const [labelCode, rawLabelBucket] of Object.entries(applicabilityBucket)) { - if (!rawLabelBucket || typeof rawLabelBucket !== "object") continue; - const labelBucket = rawLabelBucket as Record; + const labelBucket = asRecord(rawLabelBucket); + if (Object.keys(labelBucket).length === 0) continue; const labelMeta = labels.find((label) => label.code === labelCode) ?? { code: labelCode, name: labelCode, description: "", + types: [], + paths: [], + classes: [], + affects: [], }; for (const [requirementId, rawRequirement] of Object.entries(labelBucket)) { - if (!rawRequirement || typeof rawRequirement !== "object") continue; - const requirement = rawRequirement as Record; + const requirement = asRecord(rawRequirement); + if (Object.keys(requirement).length === 0) continue; + const classVariants = normalizeClassVariants(requirement.varies_by_class); + const directNote = combinedNote(requirement); requirementIds.push(requirementId); requirements.push({ id: requirementId, @@ -530,31 +718,41 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal processId, processName: asString(infoRecord.name) ?? processId, processShortName: asString(infoRecord.short_name) ?? processId, - processWebName: asString(infoRecord.web_name) ?? processId.toLowerCase(), + processWebName: webName, processSourceUrl: sourceUrl, appliesTo, labelCode: labelMeta.code, labelName: labelMeta.name, labelDescription: labelMeta.description, name: asString(requirement.name), - statement: asString(requirement.statement) ?? "", - primaryKeyWord: asString(requirement.primary_key_word), + statement: aggregateStatement(requirement, classVariants), + primaryKeyWord: aggregateKeyword(requirement, classVariants), affects: asStringArray(requirement.affects), terms: asStringArray(requirement.terms), - followingInformation: asStringArray(requirement.following_information), - note: asString(requirement.note), - timeframeType: asString(requirement.timeframe_type), + followingInformation: aggregateFollowingInformation(requirement, classVariants), + note: directNote ?? commonVariantString(classVariants, (variant) => variant.note), + timeframeType: + asString(requirement.timeframe_type) ?? + commonVariantString(classVariants, (variant) => variant.timeframeType), timeframeNum: - typeof requirement.timeframe_num === "number" && - Number.isFinite(requirement.timeframe_num) - ? requirement.timeframe_num - : null, + asFiniteNumber(requirement.timeframe_num) ?? + commonVariantNumber(classVariants, (variant) => variant.timeframeNum), updated: asUpdatedNotes(requirement.updated), + classVariants, }); } } } + const commonEffectiveRecord = asRecord(infoRecord.effective); + const commonEffective = Object.prototype.hasOwnProperty.call(commonEffectiveRecord, "is") + ? effectiveWindow(commonEffectiveRecord) + : undefined; + const legacy20xEffective = effectiveWindow(commonEffectiveRecord["20x"]); + const legacyRev5Effective = effectiveWindow(commonEffectiveRecord.rev5); + const typed20xEffective = effectiveWindow(asRecord(infoRecord["20x"]).effective); + const typedRev5Effective = effectiveWindow(asRecord(infoRecord.rev5).effective); + processes.push({ id: processId, name: asString(infoRecord.name) ?? processId, @@ -563,11 +761,11 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal sourceUrl, applicability: applicabilityKeys, effective: { - both: undefined, - "20x": effectiveWindow(((infoRecord.effective ?? {}) as Record)["20x"]), - rev5: effectiveWindow(((infoRecord.effective ?? {}) as Record).rev5), + both: commonEffective, + "20x": typed20xEffective ?? legacy20xEffective ?? commonEffective, + rev5: typedRev5Effective ?? legacyRev5Effective ?? commonEffective, }, - purpose: asString(frontMatter.purpose), + purpose: asString(infoRecord.purpose) ?? asString(frontMatter.purpose), expectedOutcomes: asStringArray(frontMatter.expected_outcomes), authority: Array.isArray(frontMatter.authority) ? frontMatter.authority @@ -585,6 +783,8 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal .filter((value): value is FedrampAuthorityRecord => Boolean(value)) : [], labels, + status: asString(infoRecord.status), + tag: asString(infoRecord.tag), requirementIds: Array.from(new Set(requirementIds)).sort((left, right) => left.localeCompare(right)), }); } @@ -606,6 +806,7 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal for (const [indicatorId, rawIndicator] of Object.entries(indicatorsRecord)) { if (!rawIndicator || typeof rawIndicator !== "object") continue; const indicator = rawIndicator as Record; + const classVariants = normalizeClassVariants(indicator.varies_by_class); indicatorIds.push(indicatorId); ksiIndicators.push({ id: indicatorId, @@ -616,13 +817,14 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal domainShortName: shortName, domainWebName: webName, name: asString(indicator.name) ?? indicatorId, - statement: asString(indicator.statement) ?? "", + statement: aggregateStatement(indicator, classVariants), reference: asString(indicator.reference), referenceUrl: asString(indicator.reference_url), controls: asStringArray(indicator.controls), terms: asStringArray(indicator.terms), updated: asUpdatedNotes(indicator.updated), appliesTo: "20x", + classVariants, }); } @@ -633,6 +835,7 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal shortName, webName, theme: asString(domain.theme) ?? "", + status: asString(domain.status), appliesTo: "20x", indicatorIds, }); @@ -654,6 +857,9 @@ export function normalizeFedrampFrmr(raw: Record): FedrampCatal }; } +/** @deprecated Use normalizeFedrampConsolidatedRules. */ +export const normalizeFedrampFrmr = normalizeFedrampConsolidatedRules; + export async function loadFedrampCatalog(options?: { refresh?: boolean; homeDir?: string; @@ -674,7 +880,12 @@ export async function loadFedrampCatalog(options?: { await ensureFedrampStateDir(homeDir); const cachePath = catalogCachePath(homeDir); - const cached = await readJsonFile(cachePath); + const cachedPayload = await readJsonFile(cachePath); + const cached = + cachedPayload?.schemaVersion === FEDRAMP_CACHE_SCHEMA_VERSION && + cachedPayload.provenance.rawUrl === FEDRAMP_RULES_SOURCE.rawUrl + ? cachedPayload + : undefined; const cachedAge = cached ? Date.now() - Date.parse(cached.fetchedAt) : Number.POSITIVE_INFINITY; if (!options?.refresh && cached && Number.isFinite(cachedAge) && cachedAge < ttlMs) { @@ -697,6 +908,7 @@ export async function loadFedrampCatalog(options?: { const live = await fetchPrimarySourceCatalog(); const fetchedAt = new Date().toISOString(); const payload: CatalogCachePayload = { + schemaVersion: FEDRAMP_CACHE_SCHEMA_VERSION, fetchedAt, catalog: live.catalog, provenance: live.provenance, @@ -755,7 +967,12 @@ export async function inspectFedrampOfficialSources(options?: { await ensureFedrampStateDir(homeDir); const cachePath = sourcesCachePath(homeDir); - const cached = await readJsonFile(cachePath); + const cachedPayload = await readJsonFile(cachePath); + const cached = + cachedPayload?.schemaVersion === FEDRAMP_CACHE_SCHEMA_VERSION && + cachedPayload.primary.rawUrl === FEDRAMP_RULES_SOURCE.rawUrl + ? cachedPayload + : undefined; const cachedAge = cached ? Date.now() - Date.parse(cached.fetchedAt) : Number.POSITIVE_INFINITY; if (!options?.refresh && cached && Number.isFinite(cachedAge) && cachedAge < SOURCE_STATUS_TTL_MS) { @@ -777,10 +994,11 @@ export async function inspectFedrampOfficialSources(options?: { try { const [catalog, secondary] = await Promise.all([ loadFedrampCatalog({ refresh: options?.refresh, homeDir }), - fetchRulesSourceMetadata(), + fetchSupportingSourceMetadata(), ]); const fetchedAt = new Date().toISOString(); const payload: SourceCachePayload = { + schemaVersion: FEDRAMP_CACHE_SCHEMA_VERSION, fetchedAt, primary: catalog.provenance, secondary, @@ -848,7 +1066,7 @@ function matchesApplicability( ): boolean { if (filter === "any") return true; if (recordApplicability === filter) return true; - return filter === "rev5" && recordApplicability === "both"; + return (filter === "20x" || filter === "rev5") && recordApplicability === "both"; } export function searchFedrampCatalog( @@ -869,6 +1087,7 @@ export function searchFedrampCatalog( if (section === "any" || section === "definition") { for (const definition of catalog.definitions) { + if (!matchesApplicability(definition.appliesTo, appliesTo)) continue; const score = matchScore( [definition.id, definition.fka ?? "", definition.term, ...definition.alts, definition.definition], normalizedQuery, @@ -879,7 +1098,7 @@ export function searchFedrampCatalog( id: definition.id, title: definition.term, summary: truncate(definition.definition), - appliesTo: "both", + appliesTo: definition.appliesTo, score, }); } @@ -1045,9 +1264,27 @@ function resolveUniqueMatch( } export function resolveFedrampProcess(catalog: FedrampCatalog, query: string): FedrampProcessRecord { + const aliases: Record = { + ads: "CDS", + "authorization data sharing": "CDS", + "authorization-data-sharing": "CDS", + fsi: "AFC", + "fedramp security inbox": "AFC", + "fedramp-security-inbox": "AFC", + icp: "IEC", + "incident communications procedures": "IEC", + "incident-communications-procedures": "IEC", + pva: "IVV", + "persistent validation and assessment": "IVV", + "persistent-validation-and-assessment": "IVV", + ucm: "CMU", + "using cryptographic modules": "CMU", + "using-cryptographic-modules": "CMU", + }; + const resolvedQuery = aliases[query.trim().toLowerCase()] ?? query; return resolveUniqueMatch( catalog.processes, - query, + resolvedQuery, (process) => [process.id, process.shortName, process.name, process.webName], "process", ); diff --git a/cli/extensions/grc-tools/fedramp.ts b/cli/extensions/grc-tools/fedramp.ts index 6ab329b..24fd446 100644 --- a/cli/extensions/grc-tools/fedramp.ts +++ b/cli/extensions/grc-tools/fedramp.ts @@ -474,7 +474,7 @@ function formatProvenanceNote(provenance: { upstreamLastUpdated: string; cacheStatus: string; }) { - return `Source: ${provenance.repo}/${provenance.path} @ ${provenance.branch}${provenance.blobSha ? ` (${provenance.blobSha.slice(0, 12)})` : ""} · FRMR ${provenance.version} · upstream ${provenance.upstreamLastUpdated} · ${provenance.cacheStatus}`; + return `Source: ${provenance.repo}/${provenance.path} @ ${provenance.branch}${provenance.blobSha ? ` (${provenance.blobSha.slice(0, 12)})` : ""} · Consolidated Rules ${provenance.version} · upstream ${provenance.upstreamLastUpdated} · ${provenance.cacheStatus}`; } function formatSourceCheckText(status: Awaited>): string { @@ -487,12 +487,12 @@ function formatSourceCheckText(status: Awaited 0 ? secondary.rootEntries.join(", ") : "Unavailable"}`, @@ -568,7 +568,7 @@ function formatProcessText( } if (process.labels.length > 0) { - lines.push("Label groups:"); + lines.push("Rule subsets:"); for (const label of process.labels) { lines.push(`- ${label.code}: ${label.name}`); } @@ -609,7 +609,7 @@ function formatRequirementText( `${requirement.id}${requirement.fka ? ` (formerly ${requirement.fka})` : ""}`, `Process: ${requirement.processName} [${requirement.processShortName}]`, `Applies to: ${requirement.appliesTo}`, - `Label group: ${requirement.labelCode} - ${requirement.labelName}`, + `Rule subset: ${requirement.labelCode} - ${requirement.labelName}`, `Keyword: ${requirement.primaryKeyWord ?? "Unspecified"}`, `Name: ${requirement.name ?? "Unspecified"}`, "", @@ -680,9 +680,13 @@ function requirementPriority( audience: ReadinessArgs["audience"], ): number { let score = 0; - if (requirement.primaryKeyWord === "MUST") score += 300; - else if (requirement.primaryKeyWord === "SHOULD") score += 200; - else if (requirement.primaryKeyWord === "MAY") score += 100; + const keywords = [ + requirement.primaryKeyWord, + ...requirement.classVariants.map((variant) => variant.primaryKeyWord), + ].filter((value): value is string => Boolean(value)); + if (keywords.some((keyword) => keyword === "MUST" || keyword === "MUST NOT")) score += 300; + else if (keywords.some((keyword) => keyword === "SHOULD" || keyword === "SHOULD NOT")) score += 200; + else if (keywords.includes("MAY")) score += 100; if (requirement.appliesTo === "both") score += 40; else if (requirement.appliesTo === "20x") score += 30; @@ -971,9 +975,9 @@ function groundedIds(item: ArtifactPlanItem | undefined): string[] { function buildAdsBundleReadme(plan: AdsPackagePlan): string { const lines = [ - "# Authorization Data Sharing Starter Bundle", + "# Certification Data Sharing Starter Bundle", "", - "This starter bundle was generated by grclanker from the official FedRAMP GitHub-grounded FRMR source layer.", + "This starter bundle was generated by grclanker from the official FedRAMP GitHub-grounded Consolidated Rules source layer.", "", `Audience: ${plan.audience}`, `Applies to: ${plan.appliesTo}`, @@ -1582,7 +1586,7 @@ function buildAdsTrustCenterMarkdown( > Draft public trust-center surface for ${metadata.offeringName}. This markdown file is intended for agents, scripts, and organizations that want the shareable facts without parsing the HTML site. -This trust center exposes only the public layer of the provider's Authorization Data Sharing posture. Controlled-access and private operational materials are intentionally excluded from this file and from the public host. +This trust center exposes only the public layer of the provider's Certification Data Sharing posture. Controlled-access and private operational materials are intentionally excluded from this file and from the public host. ## Approval status @@ -1622,7 +1626,7 @@ ${controlledItems || "- TODO: document controlled-access artifact classes outsid - Source path: ${loaded.provenance.path} - Source branch: ${loaded.provenance.branch} - Source blob SHA: ${loaded.provenance.blobSha ?? "Unavailable"} -- FRMR version: ${loaded.provenance.version} +- Consolidated Rules version: ${loaded.provenance.version} - Upstream last updated: ${loaded.provenance.upstreamLastUpdated} - Cache status during generation: ${loaded.cacheStatus} `; @@ -1718,7 +1722,7 @@ ${controlledItemText || "- TODO: document controlled-access categories elsewhere - Source path: ${loaded.provenance.path} - Source branch: ${loaded.provenance.branch} - Source blob SHA: ${loaded.provenance.blobSha ?? "Unavailable"} -- FRMR version: ${loaded.provenance.version} +- Consolidated Rules version: ${loaded.provenance.version} - Upstream last updated: ${loaded.provenance.upstreamLastUpdated} - Cache status during generation: ${loaded.cacheStatus} `; @@ -1871,7 +1875,7 @@ function buildAdsSiteReadme( `Primary domain: ${metadata.primaryDomain}`, `Support email: ${metadata.supportEmail}`, `Official process: ${plan.process.name} [${plan.process.shortName}]`, - `FRMR version: ${loaded.provenance.version}`, + `Consolidated Rules version: ${loaded.provenance.version}`, "", "Suggested deployment targets:", "- AWS: upload the generated files to S3, front them with CloudFront, and attach your customer-owned ACM certificate.", @@ -2339,9 +2343,9 @@ function buildAdsSiteDocument(
- Authorization Data Sharing // Public Trust Center + Certification Data Sharing // Public Trust Center

${escapeHtml(metadata.siteTitle)}

-

A portable public trust-center scaffold grounded in the official FedRAMP GitHub FRMR source. Replace the TODO fields with your customer-facing service posture, scope, and access narrative.

+

A portable public trust-center scaffold grounded in the official FedRAMP GitHub Consolidated Rules source. Replace the TODO fields with your customer-facing service posture, scope, and access narrative.

Draft · Human approval required @@ -2431,7 +2435,7 @@ function buildAdsOverviewPage(
  • documentation/api/api.yaml

    OpenAPI contract for the public GET surface so orgs and tools can target the published data intentionally.

  • llms.txt

    Agent-friendly discovery index that points organizations and agents to the public files without guesswork.

  • llms-full.txt

    Full text bundle of the public trust-center docs and endpoints for “load it all at once” agent workflows.

  • -
  • _source.json

    Generation provenance tying this scaffold back to the official FRMR source snapshot.

  • +
  • _source.json

    Generation provenance tying this scaffold back to the official Consolidated Rules source snapshot.

  • @@ -2850,16 +2854,25 @@ export function inferFedrampArtifactSuggestions( if (/vulnerability|accepted vulnerability|remediation/.test(lower) || processIds.includes("VDR")) { suggestions.push("Vulnerability handling evidence, remediation tracking, and accepted-risk records."); } - if (/cryptographic module|fips|cmvp/.test(lower) || processIds.includes("UCM")) { + if ( + /cryptographic module|fips|cmvp/.test(lower) || + processIds.some((id) => id === "CMU" || id === "UCM") + ) { suggestions.push("Cryptographic module inventory and CMVP or FIPS references for relevant protections."); } - if (/incident/.test(lower) || processIds.includes("ICP") || processIds.includes("FSI")) { + if ( + /incident/.test(lower) || + processIds.some((id) => id === "IEC" || id === "ICP" || id === "AFC" || id === "FSI") + ) { suggestions.push("Incident communications procedure, government contact path, and inbox operations evidence."); } if (/scope|service list|boundary|customer responsibilities/.test(lower) || processIds.includes("MAS")) { suggestions.push("Service inventory, boundary description, and minimum assessment scope record."); } - if (/independent assessment|assessor/.test(lower) || processIds.includes("PVA")) { + if ( + /independent assessment|assessor/.test(lower) || + processIds.some((id) => id === "IVV" || id === "PVA") + ) { suggestions.push("Independent assessment outputs preserved without modification, plus validation linkage to VDR."); } @@ -2875,7 +2888,13 @@ export function inferFedrampWorkstreams( const mapped = { ADS: [ - "authorization data publishing", + "certification data publishing", + "trust-center operations", + "programmatic access", + "access inventory and access logging", + ], + CDS: [ + "certification data publishing", "trust-center operations", "programmatic access", "access inventory and access logging", @@ -2886,7 +2905,9 @@ export function inferFedrampWorkstreams( "continuous monitoring coordination", ], FSI: ["security inbox operations", "government contact routing"], + AFC: ["security inbox operations", "government contact routing"], ICP: ["incident communications", "government notification workflow"], + IEC: ["incident communications", "government notification workflow"], MAS: ["assessment scope definition", "service inventory and boundary management"], PVA: [ "persistent validation automation", @@ -2894,9 +2915,16 @@ export function inferFedrampWorkstreams( "assessment-result intake", "VDR linkage", ], + IVV: [ + "persistent validation automation", + "validation cadence tracking", + "assessment-result intake", + "VDR linkage", + ], SCG: ["secure-by-default configuration", "customer hardening guidance"], SCN: ["change governance", "significant-change notification workflow"], UCM: ["cryptographic module inventory", "approved cryptography usage"], + CMU: ["cryptographic module inventory", "approved cryptography usage"], VDR: ["vulnerability detection", "remediation tracking", "accepted-risk handling"], } as const; @@ -3297,7 +3325,7 @@ export function buildFedrampAdsPackagePlan( const audience = args.audience ?? "trust-center"; const appliesTo = args.applies_to ?? "20x"; const artifactPlan = buildFedrampArtifactPlan(loaded, { - query: "ADS", + query: "CDS", audience, applies_to: appliesTo, }); @@ -3308,7 +3336,7 @@ export function buildFedrampAdsPackagePlan( const grouped = groupArtifactItemsByVisibility(artifactPlan.items); const lines = [ - "Authorization Data Sharing package plan", + "Certification Data Sharing package plan", `Audience: ${audience}`, `Applies to: ${appliesTo}`, `Official page: ${artifactPlan.subject.sourceUrl ?? "Unavailable"}`, @@ -3460,7 +3488,7 @@ export function registerFedrampTools(pi: any): void { name: "fedramp_check_sources", label: "Check official FedRAMP sources", description: - "Inspect the official FedRAMP GitHub sources grclanker uses, including FRMR version, source path, cache status, and the current state of FedRAMP/rules.", + "Inspect the official FedRAMP GitHub sources grclanker uses, including Consolidated Rules version, source path, cache status, and supporting narrative availability.", parameters: Type.Object({ refresh: Type.Optional( Type.Boolean({ @@ -3493,12 +3521,12 @@ export function registerFedrampTools(pi: any): void { pi.registerTool({ name: "fedramp_search_frmr", - label: "Search official FedRAMP FRMR data", + label: "Search official FedRAMP Consolidated Rules data", description: - "Search official FedRAMP machine-readable definitions, process docs, requirements, and KSIs grounded in the FedRAMP/docs GitHub repo.", + "Search official FedRAMP machine-readable definitions, process docs, requirements, and KSIs grounded in the FedRAMP/rules GitHub repo.", parameters: Type.Object({ query: Type.String({ - description: "Search term such as ADS, Authorization Data Sharing, FRR-ADS-01, KSI-AFR-ADS, or Accepted Vulnerability.", + description: "Search term such as CDS, Certification Data Sharing, CDS-CSO-PUB, KSI-CNA-EIS, or Accepted Vulnerability.", }), section: Type.Optional( Type.Union([ @@ -3527,7 +3555,7 @@ export function registerFedrampTools(pi: any): void { prepareArguments: normalizeSearchArgs, async execute(_toolCallId: string, args: SearchArgs) { if (!args.query.trim()) { - return missingQueryResult("fedramp_search_frmr", '{"query":"Authorization Data Sharing"}'); + return missingQueryResult("fedramp_search_frmr", '{"query":"Certification Data Sharing"}'); } try { @@ -3539,7 +3567,7 @@ export function registerFedrampTools(pi: any): void { }); if (matches.length === 0) { - return textResult(`No official FedRAMP FRMR matches found for "${args.query}".`, { + return textResult(`No official FedRAMP Consolidated Rules matches found for "${args.query}".`, { tool: "fedramp_search_frmr", query: args.query, section: args.section ?? "any", @@ -3562,7 +3590,7 @@ export function registerFedrampTools(pi: any): void { }); } catch (error) { return errorResult( - `FedRAMP FRMR search failed: ${error instanceof Error ? error.message : String(error)}`, + `FedRAMP Consolidated Rules search failed: ${error instanceof Error ? error.message : String(error)}`, { tool: "fedramp_search_frmr", query: args.query }, ); } @@ -3573,16 +3601,16 @@ export function registerFedrampTools(pi: any): void { name: "fedramp_get_process", label: "Get official FedRAMP process", description: - "Resolve an official FedRAMP process such as ADS, PVA, SCG, VDR, or CCM from the FRMR documentation.", + "Resolve an official FedRAMP process such as CDS, IVV, SCG, VDR, or CCM from the Consolidated Rules.", parameters: Type.Object({ query: Type.String({ - description: "Process query such as ADS, authorization-data-sharing, or Persistent Validation and Assessment.", + description: "Process query such as CDS, certification-data-sharing, or Independent Verification and Validation.", }), }), prepareArguments: normalizeQueryArgs, async execute(_toolCallId: string, args: QueryArgs) { if (!args.query.trim()) { - return missingQueryResult("fedramp_get_process", '{"query":"ADS"}'); + return missingQueryResult("fedramp_get_process", '{"query":"CDS"}'); } try { @@ -3623,16 +3651,16 @@ export function registerFedrampTools(pi: any): void { name: "fedramp_get_requirement", label: "Get official FedRAMP requirement", description: - "Resolve a single official FedRAMP FRMR requirement or recommendation by current ID, former ID, or unique name.", + "Resolve a single official FedRAMP Consolidated Rules requirement or recommendation by current ID or unique name.", parameters: Type.Object({ query: Type.String({ - description: "Requirement query such as ADS-CSO-PUB or FRR-ADS-01.", + description: "Requirement query such as CDS-CSO-PUB or Public Information.", }), }), prepareArguments: normalizeQueryArgs, async execute(_toolCallId: string, args: QueryArgs) { if (!args.query.trim()) { - return missingQueryResult("fedramp_get_requirement", '{"query":"ADS-CSO-PUB"}'); + return missingQueryResult("fedramp_get_requirement", '{"query":"CDS-CSO-PUB"}'); } try { @@ -3665,13 +3693,13 @@ export function registerFedrampTools(pi: any): void { "Resolve a FedRAMP key security indicator domain or a specific indicator by current ID, former ID, or unique name.", parameters: Type.Object({ query: Type.String({ - description: "KSI query such as AFR, KSI-AFR-ADS, KSI-AFR-03, or Authorization Data Sharing.", + description: "KSI query such as CNA, KSI-CNA-EIS, or Enforcing Intended State.", }), }), prepareArguments: normalizeQueryArgs, async execute(_toolCallId: string, args: QueryArgs) { if (!args.query.trim()) { - return missingQueryResult("fedramp_get_ksi", '{"query":"KSI-AFR-ADS"}'); + return missingQueryResult("fedramp_get_ksi", '{"query":"KSI-CNA-EIS"}'); } try { @@ -3716,7 +3744,7 @@ export function registerFedrampTools(pi: any): void { "Turn an official FedRAMP process or KSI into a practical readiness brief with prioritized checklist items, likely artifacts, and inferred workstreams for providers or trust centers.", parameters: Type.Object({ query: Type.String({ - description: "Process or KSI query such as ADS, PVA, KSI-AFR, or KSI-AFR-ADS.", + description: "Process or KSI query such as CDS, IVV, KSI-CNA, or KSI-CNA-EIS.", }), applies_to: Type.Optional( Type.Union([ @@ -3743,7 +3771,7 @@ export function registerFedrampTools(pi: any): void { prepareArguments: normalizeReadinessArgs, async execute(_toolCallId: string, args: ReadinessArgs) { if (!args.query.trim()) { - return missingQueryResult("fedramp_assess_readiness", '{"query":"ADS"}'); + return missingQueryResult("fedramp_assess_readiness", '{"query":"CDS"}'); } try { @@ -3809,7 +3837,7 @@ export function registerFedrampTools(pi: any): void { "Turn an official FedRAMP process or KSI into a practical artifact plan with public, controlled-access, and private operating surfaces plus a rollout order.", parameters: Type.Object({ query: Type.String({ - description: "Process or KSI query such as ADS, SCG, KSI-AFR, or KSI-AFR-ADS.", + description: "Process or KSI query such as CDS, SCG, KSI-CNA, or KSI-CNA-EIS.", }), applies_to: Type.Optional( Type.Union([ @@ -3830,7 +3858,7 @@ export function registerFedrampTools(pi: any): void { prepareArguments: normalizePlanningArgs, async execute(_toolCallId: string, args: PlanningArgs) { if (!args.query.trim()) { - return missingQueryResult("fedramp_plan_process_artifacts", '{"query":"ADS"}'); + return missingQueryResult("fedramp_plan_process_artifacts", '{"query":"CDS"}'); } try { @@ -3872,7 +3900,7 @@ export function registerFedrampTools(pi: any): void { name: "fedramp_plan_ads_package", label: "Plan ADS trust-center package", description: - "Build an Authorization Data Sharing package plan grounded in official FedRAMP sources, grouped into public, controlled-access, and private operating layers.", + "Build an Certification Data Sharing package plan grounded in official FedRAMP sources, grouped into public, controlled-access, and private operating layers.", parameters: Type.Object({ applies_to: Type.Optional( Type.Union([ @@ -3930,7 +3958,7 @@ export function registerFedrampTools(pi: any): void { name: "fedramp_generate_ads_bundle", label: "Generate ADS starter bundle", description: - "Generate an Authorization Data Sharing starter bundle with trust-center, machine-readable feed, access-instructions, and operating-template files grounded in official FedRAMP sources.", + "Generate an Certification Data Sharing starter bundle with trust-center, machine-readable feed, access-instructions, and operating-template files grounded in official FedRAMP sources.", parameters: Type.Object({ output_dir: Type.Optional( Type.String({ @@ -3961,7 +3989,7 @@ export function registerFedrampTools(pi: any): void { const bundle = await generateFedrampAdsStarterBundle(loaded, outputRoot, args); const relativeFiles = bundle.files.map((filePath) => relative(bundle.outputDir, filePath)); const lines = [ - "Authorization Data Sharing starter bundle generated.", + "Certification Data Sharing starter bundle generated.", `Output dir: ${bundle.outputDir}`, "", "Files:", @@ -4046,7 +4074,7 @@ export function registerFedrampTools(pi: any): void { const site = await generateFedrampAdsSite(loaded, outputRoot, args); const relativeFiles = site.files.map((filePath) => relative(site.outputDir, filePath)); const lines = [ - "Authorization Data Sharing public trust-center site generated.", + "Certification Data Sharing public trust-center site generated.", `Output dir: ${site.outputDir}`, `Primary domain: ${site.metadata.primaryDomain}`, "", diff --git a/cli/extensions/grc-tools/gcp.ts b/cli/extensions/grc-tools/gcp.ts index eea3936..43e0553 100644 --- a/cli/extensions/grc-tools/gcp.ts +++ b/cli/extensions/grc-tools/gcp.ts @@ -15,7 +15,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -250,7 +250,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/github.ts b/cli/extensions/grc-tools/github.ts index 8ed9fb4..ec3fa2b 100644 --- a/cli/extensions/grc-tools/github.ts +++ b/cli/extensions/grc-tools/github.ts @@ -17,7 +17,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { basename, dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -1397,7 +1397,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/gws-ops.ts b/cli/extensions/grc-tools/gws-ops.ts index 8c1f063..436934f 100644 --- a/cli/extensions/grc-tools/gws-ops.ts +++ b/cli/extensions/grc-tools/gws-ops.ts @@ -9,7 +9,7 @@ import { spawn, spawnSync } from "node:child_process"; import { createWriteStream, existsSync, lstatSync, mkdirSync, realpathSync } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -639,7 +639,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/gws.ts b/cli/extensions/grc-tools/gws.ts index aa5288a..e641624 100644 --- a/cli/extensions/grc-tools/gws.ts +++ b/cli/extensions/grc-tools/gws.ts @@ -17,7 +17,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { basename, dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -1133,7 +1133,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/header.ts b/cli/extensions/grc-tools/header.ts index 27b2fe0..3e126b8 100644 --- a/cli/extensions/grc-tools/header.ts +++ b/cli/extensions/grc-tools/header.ts @@ -1,5 +1,5 @@ import { homedir } from "node:os"; -import type { ExtensionAPI, ExtensionContext } from "@mariozechner/pi-coding-agent"; +import type { ExtensionAPI, ExtensionContext } from "@earendil-works/pi-coding-agent"; import { GRCLANKER_ASCII_LOGO } from "../../logo.js"; import { getGrclankerSettingsPath } from "../../config/paths.js"; import { formatSystemResources, resolveComputeBackend } from "../../pi/compute.js"; diff --git a/cli/extensions/grc-tools/oci.ts b/cli/extensions/grc-tools/oci.ts index ba5d058..cca85bf 100644 --- a/cli/extensions/grc-tools/oci.ts +++ b/cli/extensions/grc-tools/oci.ts @@ -16,7 +16,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -257,7 +257,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/okta.ts b/cli/extensions/grc-tools/okta.ts index ff4556e..40a0a3c 100644 --- a/cli/extensions/grc-tools/okta.ts +++ b/cli/extensions/grc-tools/okta.ts @@ -16,7 +16,7 @@ import { import { chmod, readFile, readdir, writeFile } from "node:fs/promises"; import { homedir } from "node:os"; import { basename, dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { parse as parseYaml } from "yaml"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -2642,7 +2642,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/slack.ts b/cli/extensions/grc-tools/slack.ts index 6212ad8..4ac831a 100644 --- a/cli/extensions/grc-tools/slack.ts +++ b/cli/extensions/grc-tools/slack.ts @@ -13,7 +13,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -398,7 +398,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/vanta.ts b/cli/extensions/grc-tools/vanta.ts index 9a75273..3b15ad7 100644 --- a/cli/extensions/grc-tools/vanta.ts +++ b/cli/extensions/grc-tools/vanta.ts @@ -23,7 +23,7 @@ import { basename, dirname, extname, join, relative, resolve } from "node:path"; import { Readable } from "node:stream"; import { pipeline } from "node:stream/promises"; import type { ReadableStream as NodeReadableStream } from "node:stream/web"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -806,7 +806,7 @@ async function createZipArchive(sourceDir: string, zipPath: string, baseDir: str await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(resolvedZipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/webex.ts b/cli/extensions/grc-tools/webex.ts index f3e2eae..73cc8ea 100644 --- a/cli/extensions/grc-tools/webex.ts +++ b/cli/extensions/grc-tools/webex.ts @@ -14,7 +14,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -257,7 +257,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/extensions/grc-tools/zoom.ts b/cli/extensions/grc-tools/zoom.ts index 9e800e4..98c99cc 100644 --- a/cli/extensions/grc-tools/zoom.ts +++ b/cli/extensions/grc-tools/zoom.ts @@ -13,7 +13,7 @@ import { } from "node:fs"; import { chmod, readdir, writeFile } from "node:fs/promises"; import { dirname, join, relative, resolve } from "node:path"; -import archiver from "archiver"; +import { ZipArchive } from "archiver"; import { Type } from "@sinclair/typebox"; import { errorResult, formatTable, textResult } from "./shared.js"; @@ -251,7 +251,7 @@ async function writeSecureTextFile(rootDir: string, relativePathname: string, co async function createZipArchive(sourceDir: string, zipPath: string): Promise { await new Promise((resolvePromise, rejectPromise) => { const output = createWriteStream(zipPath, { mode: 0o600 }); - const archive = archiver("zip", { zlib: { level: 9 } }); + const archive = new ZipArchive({ zlib: { level: 9 } }); output.on("close", () => resolvePromise()); output.on("error", rejectPromise); diff --git a/cli/package-lock.json b/cli/package-lock.json index ba2134b..cafb339 100644 --- a/cli/package-lock.json +++ b/cli/package-lock.json @@ -10,45 +10,46 @@ "hasInstallScript": true, "license": "MIT", "dependencies": { - "@anthropic-ai/sandbox-runtime": "^0.0.49", - "@aws-sdk/client-accessanalyzer": "^3.1030.0", - "@aws-sdk/client-cloudtrail": "^3.1030.0", - "@aws-sdk/client-config-service": "^3.1030.0", - "@aws-sdk/client-guardduty": "^3.1030.0", - "@aws-sdk/client-iam": "^3.1030.0", - "@aws-sdk/client-organizations": "^3.1030.0", - "@aws-sdk/client-securityhub": "^3.1030.0", - "@aws-sdk/client-sso-admin": "^3.1030.0", - "@aws-sdk/client-sts": "^3.1030.0", - "@aws-sdk/credential-providers": "^3.1030.0", - "@clack/prompts": "^1.2.0", - "@mariozechner/pi-ai": "^0.65.2", - "@mariozechner/pi-coding-agent": "^0.65.2", + "@anthropic-ai/sandbox-runtime": "^0.0.61", + "@aws-sdk/client-accessanalyzer": "^3.1075.0", + "@aws-sdk/client-cloudtrail": "^3.1075.0", + "@aws-sdk/client-config-service": "^3.1075.0", + "@aws-sdk/client-guardduty": "^3.1075.0", + "@aws-sdk/client-iam": "^3.1075.0", + "@aws-sdk/client-organizations": "^3.1075.0", + "@aws-sdk/client-securityhub": "^3.1075.0", + "@aws-sdk/client-sso-admin": "^3.1075.0", + "@aws-sdk/client-sts": "^3.1075.0", + "@aws-sdk/credential-providers": "^3.1075.0", + "@clack/prompts": "^1.6.0", + "@earendil-works/pi-ai": "^0.80.2", + "@earendil-works/pi-coding-agent": "^0.80.2", "@sinclair/typebox": "^0.34.48", - "archiver": "^7.0.1", - "yaml": "^2.8.3" + "archiver": "^8.0.0", + "yaml": "^2.9.0" }, "bin": { "grclanker": "bin/grclanker.js" }, "devDependencies": { - "@types/archiver": "^7.0.0", - "tsx": "^4.19.0", - "typescript": "^5.7.0" + "@types/archiver": "^8.0.0", + "tsx": "^4.22.4", + "typescript": "^6.0.3" }, "engines": { "node": ">=20.19.0" } }, "node_modules/@anthropic-ai/sandbox-runtime": { - "version": "0.0.49", - "resolved": "https://registry.npmjs.org/@anthropic-ai/sandbox-runtime/-/sandbox-runtime-0.0.49.tgz", - "integrity": "sha512-t8Ggc0A7UizxMGPk/ANEH8nwnCqzNWIKpkdKgxDVUaKNMQnMzzWR6aErrqIdU03/ZP5RN6/OL/kjFOw/Vox3KQ==", + "version": "0.0.61", + "resolved": "https://registry.npmjs.org/@anthropic-ai/sandbox-runtime/-/sandbox-runtime-0.0.61.tgz", + "integrity": "sha512-5atex1pnNZW/Ba83376+m83FFIbWrqzoCKCxeC4Kx7YF9El/50WBW3zAbDxYONP2k1SvK9XL07s5EZC6JhQ2jA==", "license": "Apache-2.0", "dependencies": { "@pondwader/socks5-server": "^1.0.10", "commander": "^12.1.0", - "shell-quote": "^1.8.3", + "node-forge": "^1.4.0", + "shell-quote": "^1.8.4", "zod": "^3.24.1" }, "bin": { @@ -67,9 +68,10 @@ } }, "node_modules/@anthropic-ai/sdk": { - "version": "0.73.0", - "resolved": "https://registry.npmjs.org/@anthropic-ai/sdk/-/sdk-0.73.0.tgz", - "integrity": "sha512-URURVzhxXGJDGUGFunIOtBlSl7KWvZiAAKY/ttTkZAkXT9bTPqdk2eK0b8qqSxXpikh3QKPnPYpiyX98zf5ebw==", + "version": "0.91.1", + "resolved": "https://registry.npmjs.org/@anthropic-ai/sdk/-/sdk-0.91.1.tgz", + "integrity": "sha512-LAmu761tSN9r66ixvmciswUj/ZC+1Q4iAfpedTfSVLeswRwnY3n2Nb6Tsk+cLPP28aLOPWeMgIuTuCcMC6W/iw==", + "license": "MIT", "dependencies": { "json-schema-to-ts": "^3.1.1" }, @@ -89,6 +91,7 @@ "version": "5.2.0", "resolved": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-5.2.0.tgz", "integrity": "sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==", + "license": "Apache-2.0", "dependencies": { "@aws-crypto/util": "^5.2.0", "@aws-sdk/types": "^3.222.0", @@ -214,49 +217,20 @@ } }, "node_modules/@aws-sdk/client-accessanalyzer": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-accessanalyzer/-/client-accessanalyzer-3.1030.0.tgz", - "integrity": "sha512-k/y0/rX/AC46pnM1K6gh7SuYR/kDkDhzARw6KGS4+daBhz15f15JrzNeJICVoXspoclHg+vep+kXwDdYlZkMDg==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-accessanalyzer/-/client-accessanalyzer-3.1075.0.tgz", + "integrity": "sha512-OetyeKrd5OoBWNekaQQP9P77UXvLIdosOje0V3gLwzjBspBhM3vnW4lK1Ro0Ib58uufxvVyx9ulvEWsCfiD1/w==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -264,56 +238,41 @@ } }, "node_modules/@aws-sdk/client-bedrock-runtime": { - "version": "3.1024.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-bedrock-runtime/-/client-bedrock-runtime-3.1024.0.tgz", - "integrity": "sha512-nIhsn0/eYrL2fTh4kMO7Hpfmhv+AkkXl0KGNpD6+fdmotGvRBWcDv9/PmP/+sT6gvrKTYyzH3vu4efpTPzzP0Q==", + "version": "3.1048.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-bedrock-runtime/-/client-bedrock-runtime-3.1048.0.tgz", + "integrity": "sha512-u+NT61JZEkRFtpL0CAw1N1dwxnaLgwVXQl/zjJxTGgLyS/jTIdg2SdoEoCTHxgDyCnqa1HEi9QOoE9/pYRNpOQ==", + "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.26", - "@aws-sdk/credential-provider-node": "^3.972.29", - "@aws-sdk/eventstream-handler-node": "^3.972.12", - "@aws-sdk/middleware-eventstream": "^3.972.8", - "@aws-sdk/middleware-host-header": "^3.972.8", - "@aws-sdk/middleware-logger": "^3.972.8", - "@aws-sdk/middleware-recursion-detection": "^3.972.9", - "@aws-sdk/middleware-user-agent": "^3.972.28", - "@aws-sdk/middleware-websocket": "^3.972.14", - "@aws-sdk/region-config-resolver": "^3.972.10", - "@aws-sdk/token-providers": "3.1024.0", - "@aws-sdk/types": "^3.973.6", - "@aws-sdk/util-endpoints": "^3.996.5", - "@aws-sdk/util-user-agent-browser": "^3.972.8", - "@aws-sdk/util-user-agent-node": "^3.973.14", - "@smithy/config-resolver": "^4.4.13", - "@smithy/core": "^3.23.13", - "@smithy/eventstream-serde-browser": "^4.2.12", - "@smithy/eventstream-serde-config-resolver": "^4.3.12", - "@smithy/eventstream-serde-node": "^4.2.12", - "@smithy/fetch-http-handler": "^5.3.15", - "@smithy/hash-node": "^4.2.12", - "@smithy/invalid-dependency": "^4.2.12", - "@smithy/middleware-content-length": "^4.2.12", - "@smithy/middleware-endpoint": "^4.4.28", - "@smithy/middleware-retry": "^4.4.46", - "@smithy/middleware-serde": "^4.2.16", - "@smithy/middleware-stack": "^4.2.12", - "@smithy/node-config-provider": "^4.3.12", - "@smithy/node-http-handler": "^4.5.1", - "@smithy/protocol-http": "^5.3.12", - "@smithy/smithy-client": "^4.12.8", - "@smithy/types": "^4.13.1", - "@smithy/url-parser": "^4.2.12", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.44", - "@smithy/util-defaults-mode-node": "^4.2.48", - "@smithy/util-endpoints": "^3.3.3", - "@smithy/util-middleware": "^4.2.12", - "@smithy/util-retry": "^4.2.13", - "@smithy/util-stream": "^4.5.21", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/credential-provider-node": "^3.972.42", + "@aws-sdk/eventstream-handler-node": "^3.972.16", + "@aws-sdk/middleware-eventstream": "^3.972.12", + "@aws-sdk/middleware-websocket": "^3.972.19", + "@aws-sdk/token-providers": "3.1048.0", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/fetch-http-handler": "^5.4.2", + "@smithy/node-http-handler": "^4.7.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@aws-sdk/client-bedrock-runtime/node_modules/@aws-sdk/token-providers": { + "version": "3.1048.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.1048.0.tgz", + "integrity": "sha512-k0y/GcuesuSfWyUM0WamrGyeZmltRYaPbHO82UDA6mZ/doB+FOHKutikPAtSXMn/hDz970cF+iRuuiYO9VEbAA==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/nested-clients": "^3.997.9", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", "tslib": "^2.6.2" }, "engines": { @@ -321,49 +280,20 @@ } }, "node_modules/@aws-sdk/client-cloudtrail": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-cloudtrail/-/client-cloudtrail-3.1030.0.tgz", - "integrity": "sha512-ak60ZP72M6/sSxhyP37qcKshEAz0a4UH5DM8nUugUouMfUl4iebpQsEiK8KRK7KuNJQ8a/4RsadGYtnIvbx7uA==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-cloudtrail/-/client-cloudtrail-3.1075.0.tgz", + "integrity": "sha512-jYC+h/cgG1lQY2M+iKwB++FCTkYBCW99IhkFQ/0uZLplb6AXFKzR3p7RXvO/5YGp5OslkVXPEWmlF+i8ENWQ9Q==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -371,49 +301,20 @@ } }, "node_modules/@aws-sdk/client-cognito-identity": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity/-/client-cognito-identity-3.1030.0.tgz", - "integrity": "sha512-PD9RIT5eJEXsP+Dq8fncTXOFAOI+EP3fRa/z1te2xehAVawixEpAJkjEE03A4msqPWGJ2S0TM2bb6zDbP66w3g==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity/-/client-cognito-identity-3.1075.0.tgz", + "integrity": "sha512-typFcdyFwIPt86QPKsO7xwcsYoEmNcDpoNqn0tqa4+Lss7niNKQzPe/765XNgAHO3I1ixiT1OKv8KD6M+CKw2w==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -421,49 +322,20 @@ } }, "node_modules/@aws-sdk/client-config-service": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-config-service/-/client-config-service-3.1030.0.tgz", - "integrity": "sha512-A++Jqt/px8jILpJLrQYwwUsISKxpECrGmC31jOef3kpP1TM7/pRWmwkaAQGeUiVS/SAu8aG8reoyLy255zo6Lw==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-config-service/-/client-config-service-3.1075.0.tgz", + "integrity": "sha512-Yd7VPZIorkDbG6742YOnqYeTOKyawuVK6DB9crKghYj0Ve1SpYgWNnhX8WCuNKBIQIZ0Hqr1Znr53MtcQ1cvqw==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -471,49 +343,20 @@ } }, "node_modules/@aws-sdk/client-guardduty": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-guardduty/-/client-guardduty-3.1030.0.tgz", - "integrity": "sha512-5+qX8ztc/uCtFOWcrIs4ZnOUee3NugzdDTRmzCQ6pFn9ySWLax9OnbdgGRgNOEeDVeZXnFk0FMAJefdJ6Jtvew==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-guardduty/-/client-guardduty-3.1075.0.tgz", + "integrity": "sha512-aN2scjRFN/7LWZhLO1CNpGfAxDO7Xqb06Wp5S63m3hT0w9bC4rnwCX3XzQmy2i64CdtqnsnujBuJHWavRhB5dg==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -521,50 +364,20 @@ } }, "node_modules/@aws-sdk/client-iam": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-iam/-/client-iam-3.1030.0.tgz", - "integrity": "sha512-5W1GAClD0pKnjdXnVEbJn7XtBYZa8f6vhjtTUb87vnpjr0ftkccG6wjswnZgCmh5ARgrJ94303pHgFytjYc8UA==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-iam/-/client-iam-3.1075.0.tgz", + "integrity": "sha512-nuOWtHyBmVrmCqo9k6Bz3oueo9mdEaIahnrETerH2ZoVAPyDAYH2lFNUd/cj84KgcTxW79phrT2SQuS1eY2k3g==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", - "@smithy/util-waiter": "^4.2.15", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -572,49 +385,20 @@ } }, "node_modules/@aws-sdk/client-organizations": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-organizations/-/client-organizations-3.1030.0.tgz", - "integrity": "sha512-k7st6pFvqdtH3vhpSs66uERK5/+PTElUxOvGlYp6TLKUFd8Fg95bpYyOuwRLwF336WbY6XMTKQjJnVGn7Vdv9Q==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-organizations/-/client-organizations-3.1075.0.tgz", + "integrity": "sha512-mfrlu3pZF4n1uQrKUSIcY4dV6wn7y1gyxBxAXLYGAjii1BoChDGtHbmV5Lwh3SIlVY8LJRC7SLofZN8kdms9yA==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -622,49 +406,20 @@ } }, "node_modules/@aws-sdk/client-securityhub": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-securityhub/-/client-securityhub-3.1030.0.tgz", - "integrity": "sha512-DcSVTSG47N66fBTjsYxuJ/A+RvO0boRCKH4qHyR6nDB1QXcUnhTNb6s5YwocFeEETHH8FGmFlihoOHs5be4hIA==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-securityhub/-/client-securityhub-3.1075.0.tgz", + "integrity": "sha512-h6W5huGs2jEfhN+iMBB3GyM6JCAmiQuTLoJ/Haw/3Qjoo8UBpSfHsTVz3/TqOwYEdiBUX6PlTJnMl1S52maIbQ==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -672,49 +427,20 @@ } }, "node_modules/@aws-sdk/client-sso-admin": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-admin/-/client-sso-admin-3.1030.0.tgz", - "integrity": "sha512-KSYRPYVcQessTBWsgLBsbm0iRPD/WEjFxOBuO36qu5/WrPOEubv8JFAIpG5XxrIkF+YUNwfQyj5U/oCie0sQcg==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-admin/-/client-sso-admin-3.1075.0.tgz", + "integrity": "sha512-HO5XjUnN+C9KbRPhf+2mmgNocAj2rksyhteD3TIcvObjEQqvNsiF1nSGRJE7MV5IuljZXq9ur92qcDyMKfRD3w==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -722,49 +448,21 @@ } }, "node_modules/@aws-sdk/client-sts": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.1030.0.tgz", - "integrity": "sha512-hC29M14N0/Z62VONHWFVbn8RZoYQ+3oRArLRYPCGAqHJ5WwslQgaxQW9FP8Yz2loFkpnR1kPScsmKE2ObdIoXA==", + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.1075.0.tgz", + "integrity": "sha512-R3cIPHb+Y25nbnIJp1VVQCKA+ajZ06vprGFaRG/nu9ypfo5HRsZj+3We1H1nmIyqzgGMdkoMqMS2XujxuCJXaA==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/signature-v4-multi-region": "^3.996.35", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -772,23 +470,18 @@ } }, "node_modules/@aws-sdk/core": { - "version": "3.973.27", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.973.27.tgz", - "integrity": "sha512-CUZ5m8hwMCH6OYI4Li/WgMfIEx10Q2PLI9Y3XOUTPGZJ53aZ0007jCv+X/ywsaERyKPdw5MRZWk877roQksQ4A==", + "version": "3.974.23", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.974.23.tgz", + "integrity": "sha512-MiWR/uWjxjFXGzrE0Ghc5lWxUxzHsUWFhV+OX7M4cR9SrmrnZs6TXavnCWnzzdwJeFri34xQo81rvGNzK3c4BQ==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/xml-builder": "^3.972.17", - "@smithy/core": "^3.23.14", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/property-provider": "^4.2.13", - "@smithy/protocol-http": "^5.3.13", - "@smithy/signature-v4": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-utf8": "^4.2.2", + "@aws-sdk/types": "^3.973.13", + "@aws-sdk/xml-builder": "^3.972.31", + "@aws/lambda-invoke-store": "^0.2.2", + "@smithy/core": "^3.24.6", + "@smithy/signature-v4": "^5.4.6", + "@smithy/types": "^4.14.3", + "bowser": "^2.11.0", "tslib": "^2.6.2" }, "engines": { @@ -796,15 +489,15 @@ } }, "node_modules/@aws-sdk/credential-provider-cognito-identity": { - "version": "3.972.22", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-cognito-identity/-/credential-provider-cognito-identity-3.972.22.tgz", - "integrity": "sha512-ih6ORpme4i2qJqGckOQ9Lt2iiZ+5tm3bnfsT5TwoPyFnuDURXv3OdhYa3Nr/m0iJr38biqKYKdGKb5GR1KB2hw==", + "version": "3.972.48", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-cognito-identity/-/credential-provider-cognito-identity-3.972.48.tgz", + "integrity": "sha512-dTSY4wCPx87Gd1peDcTop1li61f6KLAs3LSlq/omnCxpIOvMDpAQjylJ7ZDaZk6KA88+oZ0k/XuVSou1YuWI/w==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/types": "^4.14.0", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -812,15 +505,15 @@ } }, "node_modules/@aws-sdk/credential-provider-env": { - "version": "3.972.25", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.25.tgz", - "integrity": "sha512-6QfI0wv4jpG5CrdO/AO0JfZ2ux+tKwJPrUwmvxXF50vI5KIypKVGNF6b4vlkYEnKumDTI1NX2zUBi8JoU5QU3A==", + "version": "3.972.49", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.49.tgz", + "integrity": "sha512-liB3yQNHCM9k/gu/w36XHMKPluT7HTlnGUhRbBGSISDQkcr/Sy1zsZabiuvQj8WG5yW573u9RehrBvvnIQ9OEQ==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -828,20 +521,17 @@ } }, "node_modules/@aws-sdk/credential-provider-http": { - "version": "3.972.27", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.972.27.tgz", - "integrity": "sha512-3V3Usj9Gs93h865DqN4M2NWJhC5kXU9BvZskfN3+69omuYlE3TZxOEcVQtBGLOloJB7BVfJKXVLqeNhOzHqSlQ==", + "version": "3.972.51", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.972.51.tgz", + "integrity": "sha512-XET0H2oofciJ5lMRWNIvRjAP7Q3wv2XT+JtJJEdhPWUMwe3TvQ9qcxonpu7vXmNngncvFpi4E2It+Tamas/naA==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/types": "^3.973.7", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/property-provider": "^4.2.13", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/util-stream": "^4.5.22", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -849,24 +539,23 @@ } }, "node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.972.29", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.972.29.tgz", - "integrity": "sha512-SiBuAnXecCbT/OpAf3vqyI/AVE3mTaYr9ShXLybxZiPLBiPCCOIWSGAtYYGQWMRvobBTiqOewaB+wcgMMZI2Aw==", + "version": "3.972.56", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.972.56.tgz", + "integrity": "sha512-IAmc61hbgQiHht9U3x0tnRwz0lzdwOwD/i9voRgdJrKamF+JtmrBOsW9GwB7mfFonNWOWL4qARWYrF8veEMe3w==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-env": "^3.972.25", - "@aws-sdk/credential-provider-http": "^3.972.27", - "@aws-sdk/credential-provider-login": "^3.972.29", - "@aws-sdk/credential-provider-process": "^3.972.25", - "@aws-sdk/credential-provider-sso": "^3.972.29", - "@aws-sdk/credential-provider-web-identity": "^3.972.29", - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/types": "^3.973.7", - "@smithy/credential-provider-imds": "^4.2.13", - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-env": "^3.972.49", + "@aws-sdk/credential-provider-http": "^3.972.51", + "@aws-sdk/credential-provider-login": "^3.972.55", + "@aws-sdk/credential-provider-process": "^3.972.49", + "@aws-sdk/credential-provider-sso": "^3.972.55", + "@aws-sdk/credential-provider-web-identity": "^3.972.55", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/credential-provider-imds": "^4.3.7", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -874,18 +563,16 @@ } }, "node_modules/@aws-sdk/credential-provider-login": { - "version": "3.972.29", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-login/-/credential-provider-login-3.972.29.tgz", - "integrity": "sha512-OGOslTbOlxXexKMqhxCEbBQbUIfuhGxU5UXw3Fm56ypXHvrXH4aTt/xb5Y884LOoteP1QST1lVZzHfcTnWhiPQ==", + "version": "3.972.55", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-login/-/credential-provider-login-3.972.55.tgz", + "integrity": "sha512-hBBkANo3cDn+h2qxxzER4a+J8JCO9o9Z/YYmU7iky6AcaarX5RRdRcHNC6SLdwY0vAXQygn6soUbDqPn3GghaA==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/protocol-http": "^5.3.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -893,22 +580,21 @@ } }, "node_modules/@aws-sdk/credential-provider-node": { - "version": "3.972.30", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.972.30.tgz", - "integrity": "sha512-FMnAnWxc8PG+ZrZ2OBKzY4luCUJhe9CG0B9YwYr4pzrYGLXBS2rl+UoUvjGbAwiptxRL6hyA3lFn03Bv1TLqTw==", + "version": "3.972.58", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.972.58.tgz", + "integrity": "sha512-OyCLVmSI7pZO8hxwNVX6pXhTVlJqRBTp+ijdEfJSUj0RyjHnF602OfAarOzGq6wkGodeFkYBt8MmJ6A6ycRgWw==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/credential-provider-env": "^3.972.25", - "@aws-sdk/credential-provider-http": "^3.972.27", - "@aws-sdk/credential-provider-ini": "^3.972.29", - "@aws-sdk/credential-provider-process": "^3.972.25", - "@aws-sdk/credential-provider-sso": "^3.972.29", - "@aws-sdk/credential-provider-web-identity": "^3.972.29", - "@aws-sdk/types": "^3.973.7", - "@smithy/credential-provider-imds": "^4.2.13", - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/credential-provider-env": "^3.972.49", + "@aws-sdk/credential-provider-http": "^3.972.51", + "@aws-sdk/credential-provider-ini": "^3.972.56", + "@aws-sdk/credential-provider-process": "^3.972.49", + "@aws-sdk/credential-provider-sso": "^3.972.55", + "@aws-sdk/credential-provider-web-identity": "^3.972.55", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/credential-provider-imds": "^4.3.7", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -916,16 +602,15 @@ } }, "node_modules/@aws-sdk/credential-provider-process": { - "version": "3.972.25", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.972.25.tgz", - "integrity": "sha512-HR7ynNRdNhNsdVCOCegy1HsfsRzozCOPtD3RzzT1JouuaHobWyRfJzCBue/3jP7gECHt+kQyZUvwg/cYLWurNQ==", + "version": "3.972.49", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.972.49.tgz", + "integrity": "sha512-C8h36lBuC/RnBSsjlO+dn6xZm3KbAl5vpJaVPAfQnMmz2/OISmKOc8XZcqMQgO2ADwBYNRMM6Kf3vz9G/TulMQ==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { @@ -933,1956 +618,2755 @@ } }, "node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.972.29", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.972.29.tgz", - "integrity": "sha512-HWv4SEq3jZDYPlwryZVef97+U8CxxRos5mK8sgGO1dQaFZpV5giZLzqGE5hkDmh2csYcBO2uf5XHjPTpZcJlig==", + "version": "3.972.55", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.972.55.tgz", + "integrity": "sha512-1FkOz74Ea5QGS9jtIoXp55T/IkSS3spv+nLTT07fRY/+T5xmEOqaYBVIaEmX4zTNvbV6g2lrtlaVKWEoNyJt3w==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/token-providers": "3.1026.0", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/token-providers": "3.1074.0", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/credential-provider-sso/node_modules/@aws-sdk/token-providers": { - "version": "3.1026.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.1026.0.tgz", - "integrity": "sha512-Ieq/HiRrbEtrYP387Nes0XlR7H1pJiJOZKv+QyQzMYpvTiDs0VKy2ZB3E2Zf+aFovWmeE7lRE4lXyF7dYM6GgA==", + "node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.972.55", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.972.55.tgz", + "integrity": "sha512-g2BoECD1q01kTPByi56+VLVvdWDzMkKIcr77qixpqH0okw2t0U5CoPv+6S8v/D1Y2Wa6QKKtn6XAtDzP+Kfpvg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/credential-provider-web-identity": { - "version": "3.972.29", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.972.29.tgz", - "integrity": "sha512-PdMBza1WEKEUPFEmMGCfnU2RYCz9MskU2e8JxjyUOsMKku7j9YaDKvbDi2dzC0ihFoM6ods2SbhfAAro+Gwlew==", + "node_modules/@aws-sdk/credential-providers": { + "version": "3.1075.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-providers/-/credential-providers-3.1075.0.tgz", + "integrity": "sha512-2HoJ1IxwdzEryyUmZvl6dVKfgWBnS6NzSDl5hOqmbHns5Cy+wCQLDFU+HGVi+kTGZgSyMZIa0rH7fQvNf7v9jQ==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/types": "^3.973.7", - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", + "@aws-sdk/client-cognito-identity": "3.1075.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/credential-provider-cognito-identity": "^3.972.48", + "@aws-sdk/credential-provider-env": "^3.972.49", + "@aws-sdk/credential-provider-http": "^3.972.51", + "@aws-sdk/credential-provider-ini": "^3.972.56", + "@aws-sdk/credential-provider-login": "^3.972.55", + "@aws-sdk/credential-provider-node": "^3.972.58", + "@aws-sdk/credential-provider-process": "^3.972.49", + "@aws-sdk/credential-provider-sso": "^3.972.55", + "@aws-sdk/credential-provider-web-identity": "^3.972.55", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/credential-provider-imds": "^4.3.7", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/credential-providers": { - "version": "3.1030.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-providers/-/credential-providers-3.1030.0.tgz", - "integrity": "sha512-hQhRax7MzsG40mc6Es2Muvfai+jfWt1j1odqP4UQtUok6Fu4qbJNRGgQ/EAi7Sb6VAL0EdY5JGGMevHz2oO+AA==", + "node_modules/@aws-sdk/eventstream-handler-node": { + "version": "3.972.22", + "resolved": "https://registry.npmjs.org/@aws-sdk/eventstream-handler-node/-/eventstream-handler-node-3.972.22.tgz", + "integrity": "sha512-tqPJv0dz4+O0hWGm1a6YekcMZyPhDFs/zH73Von7icaVT5n0Jqvm86typ3jRrG+qoUdPhALOnboRLTmnWQTlYQ==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/client-cognito-identity": "3.1030.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/credential-provider-cognito-identity": "^3.972.22", - "@aws-sdk/credential-provider-env": "^3.972.25", - "@aws-sdk/credential-provider-http": "^3.972.27", - "@aws-sdk/credential-provider-ini": "^3.972.29", - "@aws-sdk/credential-provider-login": "^3.972.29", - "@aws-sdk/credential-provider-node": "^3.972.30", - "@aws-sdk/credential-provider-process": "^3.972.25", - "@aws-sdk/credential-provider-sso": "^3.972.29", - "@aws-sdk/credential-provider-web-identity": "^3.972.29", - "@aws-sdk/nested-clients": "^3.996.19", - "@aws-sdk/types": "^3.973.7", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/credential-provider-imds": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/property-provider": "^4.2.13", - "@smithy/types": "^4.14.0", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/eventstream-handler-node": { - "version": "3.972.12", - "resolved": "https://registry.npmjs.org/@aws-sdk/eventstream-handler-node/-/eventstream-handler-node-3.972.12.tgz", - "integrity": "sha512-ruyc/MNR6e+cUrGCth7fLQ12RXBZDy/bV06tgqB9Z5n/0SN/C0m6bsQEV8FF9zPI6VSAOaRd0rNgmpYVnGawrQ==", + "node_modules/@aws-sdk/middleware-eventstream": { + "version": "3.972.18", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-eventstream/-/middleware-eventstream-3.972.18.tgz", + "integrity": "sha512-OHpk8YoZi3yexPq8aFt1vN1IxA2zLKvsIR5GpWYylX/ve6kQmY7wxHNSFy/D3t2apMZ16rs76Co4dJWcDyIk3A==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.6", - "@smithy/eventstream-codec": "^4.2.12", - "@smithy/types": "^4.13.1", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/middleware-eventstream": { - "version": "3.972.8", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-eventstream/-/middleware-eventstream-3.972.8.tgz", - "integrity": "sha512-r+oP+tbCxgqXVC3pu3MUVePgSY0ILMjA+aEwOosS77m3/DRbtvHrHwqvMcw+cjANMeGzJ+i0ar+n77KXpRA8RQ==", + "node_modules/@aws-sdk/middleware-websocket": { + "version": "3.972.31", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-websocket/-/middleware-websocket-3.972.31.tgz", + "integrity": "sha512-ps1rumU1LybSFHaW9dTDgkhCMJLVaedEY78kKSzUDDY+b9974/g6aiaYYA0U9WV0oL4CJCJrVWG+EZ/qr4or7g==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.6", - "@smithy/protocol-http": "^5.3.12", - "@smithy/types": "^4.13.1", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/signature-v4": "^5.4.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { - "node": ">=20.0.0" + "node": ">= 14.0.0" } }, - "node_modules/@aws-sdk/middleware-host-header": { - "version": "3.972.9", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.972.9.tgz", - "integrity": "sha512-je5vRdNw4SkuTnmRbFZLdye4sQ0faLt8kwka5wnnSU30q1mHO4X+idGEJOOE+Tn1ME7Oryn05xxkDvIb3UaLaQ==", + "node_modules/@aws-sdk/nested-clients": { + "version": "3.997.23", + "resolved": "https://registry.npmjs.org/@aws-sdk/nested-clients/-/nested-clients-3.997.23.tgz", + "integrity": "sha512-gO93ZPsI2bxeFZD42f1/qjDw6FAZkNZcKRO94LIiT03fzOmcJ9e/tunxjVjA1Rl69ClmVJzz8H3G9CdKef10PA==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/signature-v4-multi-region": "^3.996.35", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/fetch-http-handler": "^5.4.6", + "@smithy/node-http-handler": "^4.7.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/middleware-logger": { - "version": "3.972.9", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.972.9.tgz", - "integrity": "sha512-HsVgDrruhqI28RkaXALm8grJ7Agc1wF6Et0xh6pom8NdO2VdO/SD9U/tPwUjewwK/pVoka+EShBxyCvgsPCtog==", + "node_modules/@aws-sdk/signature-v4-multi-region": { + "version": "3.996.35", + "resolved": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.996.35.tgz", + "integrity": "sha512-6L/VWs+Wch2stHemCGTmUNqKLMzURxQDK5boNG3Jn3kAOp71meDUuS5sbObpEvFxHDq0uWeSLFDNSYsjNt+Dlg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@smithy/types": "^4.14.0", + "@aws-sdk/types": "^3.973.13", + "@smithy/signature-v4": "^5.4.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/middleware-recursion-detection": { - "version": "3.972.10", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.972.10.tgz", - "integrity": "sha512-RVQQbq5orQ/GHUnXvqEOj2HHPBJm+mM+ySwZKS5UaLBwra5ugRtiH09PLUoOZRl7a1YzaOzXSuGbn9iD5j60WQ==", + "node_modules/@aws-sdk/token-providers": { + "version": "3.1074.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.1074.0.tgz", + "integrity": "sha512-pv80IzgGW4RnXWtft692chZOM9i6PhebVsLCcnaM4dBEPZva2fE6FXAHs76G7Rc7s3yGyX/68G0nZMrUy+Vmpg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@aws/lambda-invoke-store": "^0.2.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", + "@aws-sdk/core": "^3.974.23", + "@aws-sdk/nested-clients": "^3.997.23", + "@aws-sdk/types": "^3.973.13", + "@smithy/core": "^3.24.6", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/middleware-user-agent": { - "version": "3.972.29", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.972.29.tgz", - "integrity": "sha512-f/sIRzuTfEjg6NsbMYvye2VsmnQoNgntntleQyx5uGacUYzszbfIlO3GcI6G6daWUmTm0IDZc11qMHWwF0o0mQ==", + "node_modules/@aws-sdk/types": { + "version": "3.973.13", + "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.973.13.tgz", + "integrity": "sha512-pEHZqRkAlHfnfAU9tK+WpKv/gBNjGJrHMgA3A0iYRGyswBS2t0pfez+lWlwktb3Bqa0ovh7w/QJTFwp3fDxLNg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@smithy/core": "^3.23.14", - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", - "@smithy/util-retry": "^4.3.0", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/middleware-websocket": { - "version": "3.972.14", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-websocket/-/middleware-websocket-3.972.14.tgz", - "integrity": "sha512-qnfDlIHjm6DrTYNvWOUbnZdVKgtoKbO/Qzj+C0Wp5Y7VUrsvBRQtGKxD+hc+mRTS4N0kBJ6iZ3+zxm4N1OSyjg==", - "dependencies": { - "@aws-sdk/types": "^3.973.6", - "@aws-sdk/util-format-url": "^3.972.8", - "@smithy/eventstream-codec": "^4.2.12", - "@smithy/eventstream-serde-browser": "^4.2.12", - "@smithy/fetch-http-handler": "^5.3.15", - "@smithy/protocol-http": "^5.3.12", - "@smithy/signature-v4": "^5.3.12", - "@smithy/types": "^4.13.1", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-hex-encoding": "^4.2.2", - "@smithy/util-utf8": "^4.2.2", + "node_modules/@aws-sdk/util-locate-window": { + "version": "3.965.5", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.965.5.tgz", + "integrity": "sha512-WhlJNNINQB+9qtLtZJcpQdgZw3SCDCpXdUJP7cToGwHbCWCnRckGlc6Bx/OhWwIYFNAn+FIydY8SZ0QmVu3xTQ==", + "dependencies": { "tslib": "^2.6.2" }, "engines": { - "node": ">= 14.0.0" + "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/nested-clients": { - "version": "3.996.19", - "resolved": "https://registry.npmjs.org/@aws-sdk/nested-clients/-/nested-clients-3.996.19.tgz", - "integrity": "sha512-uFkmCDXvmQYLanlYdOFS0+MQWkrj9wPMt/ZCc/0J0fjPim6F5jBVBmEomvGY/j77ILW6GTPwN22Jc174Mhkw6Q==", + "node_modules/@aws-sdk/xml-builder": { + "version": "3.972.31", + "resolved": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.972.31.tgz", + "integrity": "sha512-SzE4Pgyl+hDF+BuyuzxUSpwnuUu9lJuO1YGgteG89/4Qv0+2IQiVQqdbPV32IozLvXWQChPQcdkk/sKvb1QHiQ==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "^3.973.27", - "@aws-sdk/middleware-host-header": "^3.972.9", - "@aws-sdk/middleware-logger": "^3.972.9", - "@aws-sdk/middleware-recursion-detection": "^3.972.10", - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/region-config-resolver": "^3.972.11", - "@aws-sdk/types": "^3.973.7", - "@aws-sdk/util-endpoints": "^3.996.6", - "@aws-sdk/util-user-agent-browser": "^3.972.9", - "@aws-sdk/util-user-agent-node": "^3.973.15", - "@smithy/config-resolver": "^4.4.14", - "@smithy/core": "^3.23.14", - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/hash-node": "^4.2.13", - "@smithy/invalid-dependency": "^4.2.13", - "@smithy/middleware-content-length": "^4.2.13", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-retry": "^4.5.0", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-body-length-node": "^4.2.3", - "@smithy/util-defaults-mode-browser": "^4.3.45", - "@smithy/util-defaults-mode-node": "^4.2.49", - "@smithy/util-endpoints": "^3.3.4", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.0", - "@smithy/util-utf8": "^4.2.2", + "@smithy/types": "^4.14.3", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/region-config-resolver": { - "version": "3.972.11", - "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.972.11.tgz", - "integrity": "sha512-6Q8B1dcx6BBqUTY1Mc/eROKA0FImEEY5VPSd6AGPEUf0ErjExz4snVqa9kNJSoVDV1rKaNf3qrWojgcKW+SdDg==", + "node_modules/@aws/lambda-invoke-store": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/@aws/lambda-invoke-store/-/lambda-invoke-store-0.2.4.tgz", + "integrity": "sha512-iY8yvjE0y651BixKNPgmv1WrQc+GZ142sb0z4gYnChDDY2YqI4P/jsSopBWrKfAt7LOJAkOXt7rC/hms+WclQQ==", "license": "Apache-2.0", + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@babel/runtime": { + "version": "7.29.7", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.29.7.tgz", + "integrity": "sha512-Nq8OhGWiZIZGV6hLHoyAKLLcJihP/xFeBMGJoUrxTX2psI8dCifzLhZISFb+VWS3wFMRDmCGw5R+dOySCqPLhw==", + "license": "MIT", + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@clack/core": { + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/@clack/core/-/core-1.4.2.tgz", + "integrity": "sha512-0Ty/1Gfm+Kb07sXcuESjyKfwEhSy4Ns1AgeEisHb/bDY5fWme0tTeTkU14T1Gmcs17YIjB/teiDe4uaCghbYqQ==", + "license": "MIT", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@smithy/config-resolver": "^4.4.14", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" + "fast-wrap-ansi": "^0.2.0", + "sisteransi": "^1.0.5" }, "engines": { - "node": ">=20.0.0" + "node": ">= 20.12.0" } }, - "node_modules/@aws-sdk/token-providers": { - "version": "3.1024.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.1024.0.tgz", - "integrity": "sha512-eoyTMgd6OzoE1dq50um5Y53NrosEkWsjH0W6pswi7vrv1W9hY/7hR43jDcPevqqj+OQksf/5lc++FTqRlb8Y1Q==", - "dependencies": { - "@aws-sdk/core": "^3.973.26", - "@aws-sdk/nested-clients": "^3.996.18", - "@aws-sdk/types": "^3.973.6", - "@smithy/property-provider": "^4.2.12", - "@smithy/shared-ini-file-loader": "^4.4.7", - "@smithy/types": "^4.13.1", - "tslib": "^2.6.2" + "node_modules/@clack/prompts": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/@clack/prompts/-/prompts-1.6.0.tgz", + "integrity": "sha512-EYlRokl8szrP9Z25qT5aepMdBjzBvHF9ZEhzIiUBc9guz/T31EqRgvD0QSgZcpE93xiwrr+OkB4nz0BZyF6fSA==", + "license": "MIT", + "dependencies": { + "@clack/core": "1.4.2", + "fast-string-width": "^3.0.2", + "fast-wrap-ansi": "^0.2.0", + "sisteransi": "^1.0.5" }, "engines": { - "node": ">=20.0.0" + "node": ">= 20.12.0" } }, - "node_modules/@aws-sdk/types": { - "version": "3.973.7", - "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.973.7.tgz", - "integrity": "sha512-reXRwoJ6CfChoqAsBszUYajAF8Z2LRE+CRcKocvFSMpIiLOtYU3aJ9trmn6VVPAzbbY5LXF+FfmUslbXk1SYFg==", + "node_modules/@earendil-works/pi-ai": { + "version": "0.80.2", + "resolved": "https://registry.npmjs.org/@earendil-works/pi-ai/-/pi-ai-0.80.2.tgz", + "integrity": "sha512-5GNKfdrRJ4uZ5Zd9iudoXggi/BbUcKnD/xfRHtdR+7q4vWqPvfx8auFuaT+ewGBVI8K4wj87eigFQ/iCSuy9RQ==", + "license": "MIT", + "dependencies": { + "@anthropic-ai/sdk": "0.91.1", + "@aws-sdk/client-bedrock-runtime": "3.1048.0", + "@google/genai": "1.52.0", + "@mistralai/mistralai": "2.2.6", + "@opentelemetry/api": "1.9.0", + "@smithy/node-http-handler": "4.7.3", + "http-proxy-agent": "7.0.2", + "https-proxy-agent": "7.0.6", + "openai": "6.26.0", + "partial-json": "0.1.7", + "typebox": "1.1.38" + }, + "bin": { + "pi-ai": "dist/cli.js" + }, + "engines": { + "node": ">=22.19.0" + } + }, + "node_modules/@earendil-works/pi-ai/node_modules/@smithy/node-http-handler": { + "version": "4.7.3", + "resolved": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-4.7.3.tgz", + "integrity": "sha512-/jPhevcTFPMVl6KNjbaI47iOg1zxC7IsnX4PQDGVZKMFceOXtB8IEYaB7a9VvkP/3oC60WzTeKocvSI7vLT0vA==", "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^4.14.0", + "@smithy/core": "^3.24.3", + "@smithy/types": "^4.14.2", "tslib": "^2.6.2" }, "engines": { - "node": ">=20.0.0" + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent": { + "version": "0.80.2", + "resolved": "https://registry.npmjs.org/@earendil-works/pi-coding-agent/-/pi-coding-agent-0.80.2.tgz", + "integrity": "sha512-m9v7OUit0s9LklWfh61ca/XY5INjUzjtYtNZwy3cNvyjOLk3IpBgghP8aAp0iH35rLaiRwuuWiJ8t88ODMWY+A==", + "hasShrinkwrap": true, + "license": "MIT", + "dependencies": { + "@earendil-works/pi-agent-core": "^0.80.2", + "@earendil-works/pi-ai": "^0.80.2", + "@earendil-works/pi-tui": "^0.80.2", + "@silvia-odwyer/photon-node": "0.3.4", + "chalk": "5.6.2", + "cross-spawn": "7.0.6", + "diff": "8.0.4", + "glob": "13.0.6", + "highlight.js": "10.7.3", + "hosted-git-info": "9.0.3", + "ignore": "7.0.5", + "jiti": "2.7.0", + "minimatch": "10.2.5", + "proper-lockfile": "4.1.2", + "semver": "7.8.0", + "typebox": "1.1.38", + "undici": "8.5.0", + "yaml": "2.9.0" + }, + "bin": { + "pi": "dist/cli.js" + }, + "engines": { + "node": ">=22.19.0" + }, + "optionalDependencies": { + "@mariozechner/clipboard": "0.3.9" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@anthropic-ai/sdk": { + "version": "0.91.1", + "resolved": "https://registry.npmjs.org/@anthropic-ai/sdk/-/sdk-0.91.1.tgz", + "integrity": "sha512-LAmu761tSN9r66ixvmciswUj/ZC+1Q4iAfpedTfSVLeswRwnY3n2Nb6Tsk+cLPP28aLOPWeMgIuTuCcMC6W/iw==", + "license": "MIT", + "dependencies": { + "json-schema-to-ts": "^3.1.1" + }, + "bin": { + "anthropic-ai-sdk": "bin/cli" + }, + "peerDependencies": { + "zod": "^3.25.0 || ^4.0.0" + }, + "peerDependenciesMeta": { + "zod": { + "optional": true + } } }, - "node_modules/@aws-sdk/util-endpoints": { - "version": "3.996.6", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.996.6.tgz", - "integrity": "sha512-2nUQ+2ih7CShuKHpGSIYvvAIOHy52dOZguYG36zptBukhw6iFwcvGfG0tes0oZFWQqEWvgZe9HLWaNlvXGdOrg==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-crypto/crc32": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-5.2.0.tgz", + "integrity": "sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-endpoints": "^3.3.4", + "@aws-crypto/util": "^5.2.0", + "@aws-sdk/types": "^3.222.0", "tslib": "^2.6.2" }, "engines": { - "node": ">=20.0.0" + "node": ">=16.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-crypto/sha256-browser": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/@aws-crypto/sha256-browser/-/sha256-browser-5.2.0.tgz", + "integrity": "sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==", + "license": "Apache-2.0", + "dependencies": { + "@aws-crypto/sha256-js": "^5.2.0", + "@aws-crypto/supports-web-crypto": "^5.2.0", + "@aws-crypto/util": "^5.2.0", + "@aws-sdk/types": "^3.222.0", + "@aws-sdk/util-locate-window": "^3.0.0", + "@smithy/util-utf8": "^2.0.0", + "tslib": "^2.6.2" } }, - "node_modules/@aws-sdk/util-format-url": { - "version": "3.972.8", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-format-url/-/util-format-url-3.972.8.tgz", - "integrity": "sha512-J6DS9oocrgxM8xlUTTmQOuwRF6rnAGEujAN9SAzllcrQmwn5iJ58ogxy3SEhD0Q7JZvlA5jvIXBkpQRqEqlE9A==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-crypto/sha256-js": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/@aws-crypto/sha256-js/-/sha256-js-5.2.0.tgz", + "integrity": "sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.6", - "@smithy/querystring-builder": "^4.2.12", - "@smithy/types": "^4.13.1", + "@aws-crypto/util": "^5.2.0", + "@aws-sdk/types": "^3.222.0", "tslib": "^2.6.2" }, "engines": { - "node": ">=20.0.0" + "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/util-locate-window": { - "version": "3.965.5", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.965.5.tgz", - "integrity": "sha512-WhlJNNINQB+9qtLtZJcpQdgZw3SCDCpXdUJP7cToGwHbCWCnRckGlc6Bx/OhWwIYFNAn+FIydY8SZ0QmVu3xTQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-crypto/supports-web-crypto": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/@aws-crypto/supports-web-crypto/-/supports-web-crypto-5.2.0.tgz", + "integrity": "sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==", + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.6.2" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-crypto/util": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/@aws-crypto/util/-/util-5.2.0.tgz", + "integrity": "sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/types": "^3.222.0", + "@smithy/util-utf8": "^2.0.0", + "tslib": "^2.6.2" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/client-bedrock-runtime": { + "version": "3.1048.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-bedrock-runtime/-/client-bedrock-runtime-3.1048.0.tgz", + "integrity": "sha512-u+NT61JZEkRFtpL0CAw1N1dwxnaLgwVXQl/zjJxTGgLyS/jTIdg2SdoEoCTHxgDyCnqa1HEi9QOoE9/pYRNpOQ==", + "license": "Apache-2.0", "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/credential-provider-node": "^3.972.42", + "@aws-sdk/eventstream-handler-node": "^3.972.16", + "@aws-sdk/middleware-eventstream": "^3.972.12", + "@aws-sdk/middleware-websocket": "^3.972.19", + "@aws-sdk/token-providers": "3.1048.0", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/fetch-http-handler": "^5.4.2", + "@smithy/node-http-handler": "^4.7.2", + "@smithy/types": "^4.14.1", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/util-user-agent-browser": { - "version": "3.972.9", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.972.9.tgz", - "integrity": "sha512-sn/LMzTbGjYqCCF24390WxPd6hkpoSptiUn5DzVp4cD71yqw+yGEGm1YCxyEoPXyc8qciM8UzLJcZBFslxo5Uw==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/core": { + "version": "3.974.11", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.974.11.tgz", + "integrity": "sha512-QpnINq5FZH6EOaDEkmHdT7eUunbvD27pDNQypaWjFyYz7Zl1q3UCMQErBZxpmfGfI7MvI2TlK8KTkgNpv8b1ug==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "^3.973.7", - "@smithy/types": "^4.14.0", + "@aws-sdk/types": "^3.973.8", + "@aws-sdk/xml-builder": "^3.972.24", + "@aws/lambda-invoke-store": "^0.2.2", + "@smithy/core": "^3.24.2", + "@smithy/signature-v4": "^5.4.2", + "@smithy/types": "^4.14.1", "bowser": "^2.11.0", "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" } }, - "node_modules/@aws-sdk/util-user-agent-node": { - "version": "3.973.15", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.973.15.tgz", - "integrity": "sha512-fYn3s9PtKdgQkczGZCFMgkNEe8aq1JCVbnRqjqN9RSVW43xn2RV9xdcZ3z01a48Jpkuh/xCmBKJxdLOo4Ozg7w==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-env": { + "version": "3.972.37", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.37.tgz", + "integrity": "sha512-/jpPvEh6f7ntmIzf7dNxoNX6Q8vt8UpesCjbW6mFfk4V1NW6bIy9qxcQ6WbA8As5yQhsZOe+xeNd4xHX8kdY2Q==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/middleware-user-agent": "^3.972.29", - "@aws-sdk/types": "^3.973.7", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/types": "^4.14.0", - "@smithy/util-config-provider": "^4.2.2", + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" - }, - "peerDependencies": { - "aws-crt": ">=1.0.0" - }, - "peerDependenciesMeta": { - "aws-crt": { - "optional": true - } } }, - "node_modules/@aws-sdk/xml-builder": { - "version": "3.972.29", - "resolved": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.972.29.tgz", - "integrity": "sha512-fk0niuGFxfi8yIJuMVM4mhwObkiQSuwZFj3tAPrLVx64Pk3BkrEIpqjzHKY4hKoEBUD6Jg/S74Zj9jy+5F3DnQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-http": { + "version": "3.972.39", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.972.39.tgz", + "integrity": "sha512-pIgTpisWyWg7X1bUbzSjuUYosYTD0Ghz2M0hkSTmb3a6i3qV3uU+NYJPI/E2XSC0HcsZh5rsLPzeXrkb2DS0Cg==", "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^4.14.3", - "fast-xml-parser": "5.7.3", + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/fetch-http-handler": "^5.4.2", + "@smithy/node-http-handler": "^4.7.2", + "@smithy/types": "^4.14.1", "tslib": "^2.6.2" }, "engines": { "node": ">=20.0.0" } }, - "node_modules/@aws/lambda-invoke-store": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/@aws/lambda-invoke-store/-/lambda-invoke-store-0.2.4.tgz", - "integrity": "sha512-iY8yvjE0y651BixKNPgmv1WrQc+GZ142sb0z4gYnChDDY2YqI4P/jsSopBWrKfAt7LOJAkOXt7rC/hms+WclQQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.972.41", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.972.41.tgz", + "integrity": "sha512-u2tyjaxJJzW8UtW4SM1ZcPMDwO6y+kV+llvou+Adts0FAKyzes5jG4izQN+KX3yE8ZROpS5y1LJ//xL2iSf76w==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/credential-provider-env": "^3.972.37", + "@aws-sdk/credential-provider-http": "^3.972.39", + "@aws-sdk/credential-provider-login": "^3.972.41", + "@aws-sdk/credential-provider-process": "^3.972.37", + "@aws-sdk/credential-provider-sso": "^3.972.41", + "@aws-sdk/credential-provider-web-identity": "^3.972.41", + "@aws-sdk/nested-clients": "^3.997.9", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/credential-provider-imds": "^4.3.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, "engines": { - "node": ">=18.0.0" + "node": ">=20.0.0" } }, - "node_modules/@babel/runtime": { - "version": "7.29.2", - "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.29.2.tgz", - "integrity": "sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-login": { + "version": "3.972.41", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-login/-/credential-provider-login-3.972.41.tgz", + "integrity": "sha512-0LBitxXiAiaE5nlFPfpNIww/8FRY/I7WIndWsc9GmNFOM7cE1wNpVNQEGEk9Outg5l8xl+3vybxFyUy4l9q/LQ==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/nested-clients": "^3.997.9", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, "engines": { - "node": ">=6.9.0" + "node": ">=20.0.0" } }, - "node_modules/@borewit/text-codec": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/@borewit/text-codec/-/text-codec-0.2.2.tgz", - "integrity": "sha512-DDaRehssg1aNrH4+2hnj1B7vnUGEjU6OIlyRdkMd0aUdIUvKXrJfXsy8LVtXAy7DRvYVluWbMspsRhz2lcW0mQ==", - "funding": { - "type": "github", - "url": "https://github.com/sponsors/Borewit" + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.972.42", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.972.42.tgz", + "integrity": "sha512-D4oon2zbqqsWOJUM99Gm3/ZyJ0IJvTXVN3PyloGb3kQEyI36fjCZheZj422lAgTWWd6TSHgiImLt3RIaLdv3dQ==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/credential-provider-env": "^3.972.37", + "@aws-sdk/credential-provider-http": "^3.972.39", + "@aws-sdk/credential-provider-ini": "^3.972.41", + "@aws-sdk/credential-provider-process": "^3.972.37", + "@aws-sdk/credential-provider-sso": "^3.972.41", + "@aws-sdk/credential-provider-web-identity": "^3.972.41", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/credential-provider-imds": "^4.3.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" } }, - "node_modules/@clack/core": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@clack/core/-/core-1.2.0.tgz", - "integrity": "sha512-qfxof/3T3t9DPU/Rj3OmcFyZInceqj/NVtO9rwIuJqCUgh32gwPjpFQQp/ben07qKlhpwq7GzfWpST4qdJ5Drg==", - "license": "MIT", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-process": { + "version": "3.972.37", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.972.37.tgz", + "integrity": "sha512-7nVaHBUaWIddASYfVaA9O4D5ZVjewU3sCol9WqZPGfW0nR+0WqE0xHZnD/U2L33PlOB8KNXGKZ6wOES/QijKzg==", + "license": "Apache-2.0", "dependencies": { - "fast-wrap-ansi": "^0.1.3", - "sisteransi": "^1.0.5" + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" } }, - "node_modules/@clack/prompts": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@clack/prompts/-/prompts-1.2.0.tgz", - "integrity": "sha512-4jmztR9fMqPMjz6H/UZXj0zEmE43ha1euENwkckKKel4XpSfokExPo5AiVStdHSAlHekz4d0CA/r45Ok1E4D3w==", - "license": "MIT", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.972.41", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.972.41.tgz", + "integrity": "sha512-IOWAWEHe5LkjSKkkUUX9ciV6Y1scHTsnfEkdt5yyC4Slrc7AGbkLPrpntjqh18ksJAMOaVhoBsO8p2WyTcY2wQ==", + "license": "Apache-2.0", "dependencies": { - "@clack/core": "1.2.0", - "fast-string-width": "^1.1.0", - "fast-wrap-ansi": "^0.1.3", - "sisteransi": "^1.0.5" + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/nested-clients": "^3.997.9", + "@aws-sdk/token-providers": "3.1048.0", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" } }, - "node_modules/@esbuild/aix-ppc64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.7.tgz", - "integrity": "sha512-EKX3Qwmhz1eMdEJokhALr0YiD0lhQNwDqkPYyPhiSwKrh7/4KRjQc04sZ8db+5DVVnZ1LmbNDI1uAMPEUBnQPg==", - "cpu": [ - "ppc64" - ], - "dev": true, - "optional": true, - "os": [ - "aix" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.972.41", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.972.41.tgz", + "integrity": "sha512-mbACk9Yypa8nm4iGZLs0PofOXEcTDOUw6wDnsPXNDNSd2WNXs1tSo+6nc/fh0jLYdfVZThhBL98PHW4aXFsG5A==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/nested-clients": "^3.997.9", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, "engines": { - "node": ">=18" + "node": ">=20.0.0" } }, - "node_modules/@esbuild/android-arm": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.7.tgz", - "integrity": "sha512-jbPXvB4Yj2yBV7HUfE2KHe4GJX51QplCN1pGbYjvsyCZbQmies29EoJbkEc+vYuU5o45AfQn37vZlyXy4YJ8RQ==", - "cpu": [ - "arm" - ], - "dev": true, - "optional": true, - "os": [ - "android" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/eventstream-handler-node": { + "version": "3.972.16", + "resolved": "https://registry.npmjs.org/@aws-sdk/eventstream-handler-node/-/eventstream-handler-node-3.972.16.tgz", + "integrity": "sha512-yedpPgKftqjU5SlPFHfqWpOw6xSCRieWRG1euWOlXn4WJxt2VX92VprCa2PpSOXjVCAeK6dTjW9eJRXVig9yGA==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, "engines": { - "node": ">=18" + "node": ">=20.0.0" } }, - "node_modules/@esbuild/android-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.7.tgz", - "integrity": "sha512-62dPZHpIXzvChfvfLJow3q5dDtiNMkwiRzPylSCfriLvZeq0a1bWChrGx/BbUbPwOrsWKMn8idSllklzBy+dgQ==", - "cpu": [ - "arm64" - ], - "dev": true, - "optional": true, - "os": [ - "android" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/middleware-eventstream": { + "version": "3.972.12", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-eventstream/-/middleware-eventstream-3.972.12.tgz", + "integrity": "sha512-tHTHHCHNrq6XklQvlzHBDJG4Iuhh7NVPRdtmvP+nHFA+5sxPlIDzlAHHgfoYHGvT3NXP1yVP/L5c3opUn6T3Qg==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, "engines": { - "node": ">=18" + "node": ">=20.0.0" } }, - "node_modules/@esbuild/android-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.7.tgz", - "integrity": "sha512-x5VpMODneVDb70PYV2VQOmIUUiBtY3D3mPBG8NxVk5CogneYhkR7MmM3yR/uMdITLrC1ml/NV1rj4bMJuy9MCg==", - "cpu": [ - "x64" - ], - "dev": true, - "optional": true, - "os": [ - "android" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/middleware-websocket": { + "version": "3.972.19", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-websocket/-/middleware-websocket-3.972.19.tgz", + "integrity": "sha512-mkEhOGYozqKQkbFaVrjwr0faiwwZza1v5/jSY6Tucm3bD+uKTazIUH/4Yo6aMnQD2ua2W9cMP6s8mvwTcjtqHw==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/fetch-http-handler": "^5.4.2", + "@smithy/signature-v4": "^5.4.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, "engines": { - "node": ">=18" + "node": ">= 14.0.0" } }, - "node_modules/@esbuild/darwin-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.7.tgz", - "integrity": "sha512-5lckdqeuBPlKUwvoCXIgI2D9/ABmPq3Rdp7IfL70393YgaASt7tbju3Ac+ePVi3KDH6N2RqePfHnXkaDtY9fkw==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/nested-clients": { + "version": "3.997.9", + "resolved": "https://registry.npmjs.org/@aws-sdk/nested-clients/-/nested-clients-3.997.9.tgz", + "integrity": "sha512-jPR3rnmRI4hWYyzfmTGBr7NblMp8QYYeflHXba1H6+7CGrWVqWKQzaXFQ4qbExqPRsXN3T3L3JxFhr6aouXUGQ==", + "license": "Apache-2.0", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/signature-v4-multi-region": "^3.996.27", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/fetch-http-handler": "^5.4.2", + "@smithy/node-http-handler": "^4.7.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/signature-v4-multi-region": { + "version": "3.996.27", + "resolved": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.996.27.tgz", + "integrity": "sha512-0Phbz4t6HI3D3skxvG2uI+VWU034/nSIw1T8d+FPzzQG9EQTrw94o9mOKO2Gv3n3Oc8P7JD7RAUxkoneLWv5Eg==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/signature-v4": "^5.4.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/token-providers": { + "version": "3.1048.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.1048.0.tgz", + "integrity": "sha512-k0y/GcuesuSfWyUM0WamrGyeZmltRYaPbHO82UDA6mZ/doB+FOHKutikPAtSXMn/hDz970cF+iRuuiYO9VEbAA==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/core": "^3.974.11", + "@aws-sdk/nested-clients": "^3.997.9", + "@aws-sdk/types": "^3.973.8", + "@smithy/core": "^3.24.2", + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/types": { + "version": "3.973.8", + "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.973.8.tgz", + "integrity": "sha512-gjlAdtHMbtR9X5iIhVUvbVcy55KnznpC6bkDUWW9z915bi0ckdUr5cjf16Kp6xq0bP5HBD2xzgbL9F9Quv5vUw==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/types": "^4.14.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/util-locate-window": { + "version": "3.965.5", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.965.5.tgz", + "integrity": "sha512-WhlJNNINQB+9qtLtZJcpQdgZw3SCDCpXdUJP7cToGwHbCWCnRckGlc6Bx/OhWwIYFNAn+FIydY8SZ0QmVu3xTQ==", + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws-sdk/xml-builder": { + "version": "3.972.24", + "resolved": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.972.24.tgz", + "integrity": "sha512-V8z5YcDPfsvzrBlj0xR1vhRtocblhYbqdreCJB/voGd4Sr5zjNAeWxexbnqVtskTJe0vFb5KMqbSL++ePl+zRw==", + "license": "Apache-2.0", + "dependencies": { + "@nodable/entities": "2.1.0", + "@smithy/types": "^4.14.1", + "fast-xml-parser": "5.7.3", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=20.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@aws/lambda-invoke-store": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/@aws/lambda-invoke-store/-/lambda-invoke-store-0.2.4.tgz", + "integrity": "sha512-iY8yvjE0y651BixKNPgmv1WrQc+GZ142sb0z4gYnChDDY2YqI4P/jsSopBWrKfAt7LOJAkOXt7rC/hms+WclQQ==", + "license": "Apache-2.0", + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@babel/runtime": { + "version": "7.29.2", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.29.2.tgz", + "integrity": "sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g==", + "license": "MIT", + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@earendil-works/pi-agent-core": { + "version": "0.80.2", + "resolved": "https://registry.npmjs.org/@earendil-works/pi-agent-core/-/pi-agent-core-0.80.2.tgz", + "license": "MIT", + "dependencies": { + "@earendil-works/pi-ai": "^0.80.2", + "ignore": "7.0.5", + "typebox": "1.1.38", + "yaml": "2.9.0" + }, + "engines": { + "node": ">=22.19.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@earendil-works/pi-ai": { + "version": "0.80.2", + "resolved": "https://registry.npmjs.org/@earendil-works/pi-ai/-/pi-ai-0.80.2.tgz", + "license": "MIT", + "dependencies": { + "@anthropic-ai/sdk": "0.91.1", + "@aws-sdk/client-bedrock-runtime": "3.1048.0", + "@google/genai": "1.52.0", + "@mistralai/mistralai": "2.2.6", + "@opentelemetry/api": "1.9.0", + "@smithy/node-http-handler": "4.7.3", + "http-proxy-agent": "7.0.2", + "https-proxy-agent": "7.0.6", + "openai": "6.26.0", + "partial-json": "0.1.7", + "typebox": "1.1.38" + }, + "bin": { + "pi-ai": "dist/cli.js" + }, + "engines": { + "node": ">=22.19.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@earendil-works/pi-tui": { + "version": "0.80.2", + "resolved": "https://registry.npmjs.org/@earendil-works/pi-tui/-/pi-tui-0.80.2.tgz", + "license": "MIT", + "dependencies": { + "get-east-asian-width": "1.6.0", + "marked": "18.0.5" + }, + "engines": { + "node": ">=22.19.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@google/genai": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/@google/genai/-/genai-1.52.0.tgz", + "integrity": "sha512-gwSvbpiN/17O9TbsqSsE/OzZcpv5Fo4RQjdngGgogtuB9RsyJ8ZHhX5KjHj1bp5N9snN2eK8LDGXSaWW2hof8Q==", + "hasInstallScript": true, + "license": "Apache-2.0", + "dependencies": { + "google-auth-library": "^10.3.0", + "p-retry": "^4.6.2", + "protobufjs": "^7.5.4", + "ws": "^8.18.0" + }, + "engines": { + "node": ">=20.0.0" + }, + "peerDependencies": { + "@modelcontextprotocol/sdk": "^1.25.2" + }, + "peerDependenciesMeta": { + "@modelcontextprotocol/sdk": { + "optional": true + } + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard/-/clipboard-0.3.9.tgz", + "integrity": "sha512-ABnA53mdfkGZwOFUdZNv2S0CWGO/EIuPj8Vv9xmBFmSYg/qFc7ihO6q5FcQjvoE67kZpWkEc4AhD6B/os04yuA==", + "license": "MIT", + "optional": true, + "engines": { + "node": ">= 10" + }, + "optionalDependencies": { + "@mariozechner/clipboard-darwin-arm64": "0.3.9", + "@mariozechner/clipboard-darwin-universal": "0.3.9", + "@mariozechner/clipboard-darwin-x64": "0.3.9", + "@mariozechner/clipboard-linux-arm64-gnu": "0.3.9", + "@mariozechner/clipboard-linux-arm64-musl": "0.3.9", + "@mariozechner/clipboard-linux-riscv64-gnu": "0.3.9", + "@mariozechner/clipboard-linux-x64-gnu": "0.3.9", + "@mariozechner/clipboard-linux-x64-musl": "0.3.9", + "@mariozechner/clipboard-win32-arm64-msvc": "0.3.9", + "@mariozechner/clipboard-win32-x64-msvc": "0.3.9" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-darwin-arm64": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-darwin-arm64/-/clipboard-darwin-arm64-0.3.9.tgz", + "integrity": "sha512-BfgV7vCEWZwJwZJw03r6bP5+tf0iI/ANuQYCxi9RNn7FrWB3yzGuMKCrNLRl6V761vXRdL8+OqZ0wd4TqlsNOQ==", "cpu": [ "arm64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ "darwin" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/darwin-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.7.tgz", - "integrity": "sha512-rYnXrKcXuT7Z+WL5K980jVFdvVKhCHhUwid+dDYQpH+qu+TefcomiMAJpIiC2EM3Rjtq0sO3StMV/+3w3MyyqQ==", - "cpu": [ - "x64" - ], - "dev": true, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-darwin-universal": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-darwin-universal/-/clipboard-darwin-universal-0.3.9.tgz", + "integrity": "sha512-BGGR4iA9Z2shAjI65eI5xtyb3LYNlDW9X3gxKxDbqtbnREohsrqznov6zpKoIrsRWpzlYVEdKphS7ksJ0/ndSQ==", + "license": "MIT", "optional": true, "os": [ "darwin" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/freebsd-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.7.tgz", - "integrity": "sha512-B48PqeCsEgOtzME2GbNM2roU29AMTuOIN91dsMO30t+Ydis3z/3Ngoj5hhnsOSSwNzS+6JppqWsuhTp6E82l2w==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-darwin-x64": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-darwin-x64/-/clipboard-darwin-x64-0.3.9.tgz", + "integrity": "sha512-4kURmCbS6nt8uYhtmWpUcJWyPHfmAr5dTpXD1nO3pIfa+TSQ9DbrGOYCKH+aEFW47XhQ4Vp8ZTszie+wfFvDKg==", "cpu": [ - "arm64" + "x64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ - "freebsd" + "darwin" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/freebsd-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.7.tgz", - "integrity": "sha512-jOBDK5XEjA4m5IJK3bpAQF9/Lelu/Z9ZcdhTRLf4cajlB+8VEhFFRjWgfy3M1O4rO2GQ/b2dLwCUGpiF/eATNQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-linux-arm64-gnu": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-arm64-gnu/-/clipboard-linux-arm64-gnu-0.3.9.tgz", + "integrity": "sha512-g59OkUGP2DDfCOIKypHeYgv2M55u/cKvXa5dSxFbEJ34XvIQMdcVmpKCkGUro3ZgefXiGVdwguvTMQGpHWzIXw==", "cpu": [ - "x64" + "arm64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ - "freebsd" + "linux" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-arm": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.7.tgz", - "integrity": "sha512-RkT/YXYBTSULo3+af8Ib0ykH8u2MBh57o7q/DAs3lTJlyVQkgQvlrPTnjIzzRPQyavxtPtfg0EopvDyIt0j1rA==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-linux-arm64-musl": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-arm64-musl/-/clipboard-linux-arm64-musl-0.3.9.tgz", + "integrity": "sha512-AGuJdgKsmJdm4Pych7kv3sqe591ERRaAHW3xjLooiFzn8J+PxUyof++7YZrB5Y5tpnTO+K18Og3taj2NpluCRQ==", "cpu": [ - "arm" + "arm64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ "linux" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.7.tgz", - "integrity": "sha512-RZPHBoxXuNnPQO9rvjh5jdkRmVizktkT7TCDkDmQ0W2SwHInKCAV95GRuvdSvA7w4VMwfCjUiPwDi0ZO6Nfe9A==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-linux-riscv64-gnu": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-riscv64-gnu/-/clipboard-linux-riscv64-gnu-0.3.9.tgz", + "integrity": "sha512-DXBEAiuMpk7dhS1a9NzNxVAFi1vaKoPu7rQNgY8LIDLGrK3lnIp3nT10DUum+PKVJoJppIP+NAA8IZe4DMNDPw==", "cpu": [ - "arm64" + "riscv64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ "linux" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-ia32": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.7.tgz", - "integrity": "sha512-GA48aKNkyQDbd3KtkplYWT102C5sn/EZTY4XROkxONgruHPU72l+gW+FfF8tf2cFjeHaRbWpOYa/uRBz/Xq1Pg==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-linux-x64-gnu": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-x64-gnu/-/clipboard-linux-x64-gnu-0.3.9.tgz", + "integrity": "sha512-WORrMLd6EpElEME7JRKfSaY34nW1P5LbdgK5YNCS1ncG2LqmITsSMEJ8nh2mpvxb3TxqbOOKgY7k9eMJYlW9Mw==", "cpu": [ - "ia32" + "x64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ "linux" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-loong64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.7.tgz", - "integrity": "sha512-a4POruNM2oWsD4WKvBSEKGIiWQF8fZOAsycHOt6JBpZ+JN2n2JH9WAv56SOyu9X5IqAjqSIPTaJkqN8F7XOQ5Q==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-linux-x64-musl": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-x64-musl/-/clipboard-linux-x64-musl-0.3.9.tgz", + "integrity": "sha512-/DHn+1DrfL6oRaPPWXaOKvonFFrni666fxd+zFqiQEfvBH0tsHVWjq9iqBk0oDp0qaPA72lIMy5BptxISBEhZQ==", "cpu": [ - "loong64" + "x64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ "linux" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-mips64el": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.7.tgz", - "integrity": "sha512-KabT5I6StirGfIz0FMgl1I+R1H73Gp0ofL9A3nG3i/cYFJzKHhouBV5VWK1CSgKvVaG4q1RNpCTR2LuTVB3fIw==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-win32-arm64-msvc": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-win32-arm64-msvc/-/clipboard-win32-arm64-msvc-0.3.9.tgz", + "integrity": "sha512-O5FHD3ErkMwMhNzAfu3ggy0ug4z7btZuoQgwwxlzPrwV2bxlD6WDpqBY4NCgICAgZdDKdp+loUEKVAVt8aYnhQ==", "cpu": [ - "mips64el" + "arm64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ - "linux" + "win32" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-ppc64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.7.tgz", - "integrity": "sha512-gRsL4x6wsGHGRqhtI+ifpN/vpOFTQtnbsupUF5R5YTAg+y/lKelYR1hXbnBdzDjGbMYjVJLJTd2OFmMewAgwlQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mariozechner/clipboard-win32-x64-msvc": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-win32-x64-msvc/-/clipboard-win32-x64-msvc-0.3.9.tgz", + "integrity": "sha512-ihQC3EufqEY81vhXBgVBtK4prL+wc62zJsSvxrgz7K1hsdt6OObz6v9p3Rn1OG3GJksTTKMJF0u/guMISHPhSA==", "cpu": [ - "ppc64" + "x64" ], - "dev": true, + "license": "MIT", "optional": true, "os": [ - "linux" + "win32" ], "engines": { - "node": ">=18" + "node": ">= 10" } }, - "node_modules/@esbuild/linux-riscv64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.7.tgz", - "integrity": "sha512-hL25LbxO1QOngGzu2U5xeXtxXcW+/GvMN3ejANqXkxZ/opySAZMrc+9LY/WyjAan41unrR3YrmtTsUpwT66InQ==", - "cpu": [ - "riscv64" + "node_modules/@earendil-works/pi-coding-agent/node_modules/@mistralai/mistralai": { + "version": "2.2.6", + "resolved": "https://registry.npmjs.org/@mistralai/mistralai/-/mistralai-2.2.6.tgz", + "integrity": "sha512-W8pX7zHxjJvMIpw8JMxeJEleapXX0Q9NPszdNzqkM3MIEoIGPObdodujj+WHteXEvGfaP/AMwlNyRfEzSY6dQQ==", + "license": "Apache-2.0", + "dependencies": { + "@opentelemetry/semantic-conventions": "^1.40.0", + "ws": "^8.18.0", + "zod": "^3.25.0 || ^4.0.0", + "zod-to-json-schema": "^3.25.0" + }, + "peerDependencies": { + "@opentelemetry/api": "^1.9.0" + }, + "peerDependenciesMeta": { + "@opentelemetry/api": { + "optional": true + } + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@nodable/entities": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@nodable/entities/-/entities-2.1.0.tgz", + "integrity": "sha512-nyT7T3nbMyBI/lvr6L5TyWbFJAI9FTgVRakNoBqCD+PmID8DzFrrNdLLtHMwMszOtqZa8PAOV24ZqDnQrhQINA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/nodable" + } ], - "dev": true, - "optional": true, - "os": [ - "linux" + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@opentelemetry/api": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", + "license": "Apache-2.0", + "engines": { + "node": ">=8.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@opentelemetry/semantic-conventions": { + "version": "1.41.1", + "resolved": "https://registry.npmjs.org/@opentelemetry/semantic-conventions/-/semantic-conventions-1.41.1.tgz", + "integrity": "sha512-/UhIkaZgPutTFmQ7RnIJGgDXZmtEJ7Dvi86xNTFWcnRxVRNk/aotsqDJYeEvDP+FSMB2SdW+pQzNMcWP0rwuNA==", + "license": "Apache-2.0", + "engines": { + "node": ">=14" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/aspromise": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@protobufjs/aspromise/-/aspromise-1.1.2.tgz", + "integrity": "sha512-j+gKExEuLmKwvz3OgROXtrJ2UG2x8Ch2YZUxahh+s1F2HZ+wAceUNLkvy6zKCPVRkU++ZWQrdxsUeQXmcg4uoQ==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/base64": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@protobufjs/base64/-/base64-1.1.2.tgz", + "integrity": "sha512-AZkcAA5vnN/v4PDqKyMR5lx7hZttPDgClv83E//FMNhR2TMcLUhfRUBHCmSl0oi9zMgDDqRUJkSxO3wm85+XLg==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/codegen": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/@protobufjs/codegen/-/codegen-2.0.5.tgz", + "integrity": "sha512-zgXFLzW3Ap33e6d0Wlj4MGIm6Ce8O89n/apUaGNB/jx+hw+ruWEp7EwGUshdLKVRCxZW12fp9r40E1mQrf/34g==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/eventemitter": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@protobufjs/eventemitter/-/eventemitter-1.1.1.tgz", + "integrity": "sha512-vW1GmwMZNnL+gMRaovlh9yZX74kc+TTU3FObkkurpMaRtBfLP3ldjS9KQWlwZgraRE0+dheEEoAxdzcJQ8eXZg==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/fetch": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@protobufjs/fetch/-/fetch-1.1.1.tgz", + "integrity": "sha512-GpptLrs57adMSuHi3VNj0mAF8dwh36LMaYF6XyJ6JMWlVsc+t42tm1HSEDmOs3A8fC9yyeisgLhsTVQokOZ0zw==", + "license": "BSD-3-Clause", + "dependencies": { + "@protobufjs/aspromise": "^1.1.1" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/float": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@protobufjs/float/-/float-1.0.2.tgz", + "integrity": "sha512-Ddb+kVXlXst9d+R9PfTIxh1EdNkgoRe5tOX6t01f1lYWOvJnSPDBlG241QLzcyPdoNTsblLUdujGSE4RzrTZGQ==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/path": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@protobufjs/path/-/path-1.1.2.tgz", + "integrity": "sha512-6JOcJ5Tm08dOHAbdR3GrvP+yUUfkjG5ePsHYczMFLq3ZmMkAD98cDgcT2iA1lJ9NVwFd4tH/iSSoe44YWkltEA==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/pool": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@protobufjs/pool/-/pool-1.1.0.tgz", + "integrity": "sha512-0kELaGSIDBKvcgS4zkjz1PeddatrjYcmMWOlAuAPwAeccUrPHdUqo/J6LiymHHEiJT5NrF1UVwxY14f+fy4WQw==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@protobufjs/utf8": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@protobufjs/utf8/-/utf8-1.1.1.tgz", + "integrity": "sha512-oOAWABowe8EAbMyWKM0tYDKi8Yaox52D+HWZhAIJqQXbqe0xI/GV7FhLWqlEKreMkfDjshR5FKgi3mnle0h6Eg==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@silvia-odwyer/photon-node": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/@silvia-odwyer/photon-node/-/photon-node-0.3.4.tgz", + "integrity": "sha512-bnly4BKB3KDTFxrUIcgCLbaeVVS8lrAkri1pEzskpmxu9MdfGQTy8b8EgcD83ywD3RPMsIulY8xJH5Awa+t9fA==", + "license": "Apache-2.0" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/core": { + "version": "3.24.3", + "resolved": "https://registry.npmjs.org/@smithy/core/-/core-3.24.3.tgz", + "integrity": "sha512-Ep/7tPamGY8mgESE3LyLKtxJyy6U52WWAqr/3wial47Sj4u3PiIF73AOGI27UyLy9duTkhZbgzodOfLV4TduZg==", + "license": "Apache-2.0", + "dependencies": { + "@aws-crypto/crc32": "5.2.0", + "@smithy/types": "^4.14.2", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/credential-provider-imds": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-4.3.3.tgz", + "integrity": "sha512-I2Bti0DKFo2IJyN28ijCsx51BAumEYR4/1yZ1FXyBygy9MqbnMqCev4JPth/MbpRfBSRAX35hITSnAdJRo1u5w==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/core": "^3.24.3", + "@smithy/types": "^4.14.2", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/fetch-http-handler": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-5.4.3.tgz", + "integrity": "sha512-F+DRf8IJazRJgYog2A/yJK7eYVc0rqTlRzO+5ZxjJd4WkZoKz0IJRncf7G6t1pdVT3kryJcwuTFhN1c5m6N47A==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/core": "^3.24.3", + "@smithy/types": "^4.14.2", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/is-array-buffer": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@smithy/is-array-buffer/-/is-array-buffer-2.2.0.tgz", + "integrity": "sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==", + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/node-http-handler": { + "version": "4.7.3", + "resolved": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-4.7.3.tgz", + "integrity": "sha512-/jPhevcTFPMVl6KNjbaI47iOg1zxC7IsnX4PQDGVZKMFceOXtB8IEYaB7a9VvkP/3oC60WzTeKocvSI7vLT0vA==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/core": "^3.24.3", + "@smithy/types": "^4.14.2", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/signature-v4": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-5.4.3.tgz", + "integrity": "sha512-53+75QuPl6DL+ct6vVEB51FDO5oulXr20TPV46VvJZg76lIlXNWfxi8j+G2V/t0I2qxCBOa3vX/8bmjrpFVo9g==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/core": "^3.24.3", + "@smithy/types": "^4.14.2", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/types": { + "version": "4.14.2", + "resolved": "https://registry.npmjs.org/@smithy/types/-/types-4.14.2.tgz", + "integrity": "sha512-P+otAxbV4CqBybp7EkcJCrig63yE2E7PuNVOmilVMRcx/O+QDzGULTrKsq4DV13gSfak9ObPrWaHl/9bL5YcWw==", + "license": "Apache-2.0", + "dependencies": { + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=18.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/util-buffer-from": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@smithy/util-buffer-from/-/util-buffer-from-2.2.0.tgz", + "integrity": "sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/is-array-buffer": "^2.2.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@smithy/util-utf8": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/@smithy/util-utf8/-/util-utf8-2.3.0.tgz", + "integrity": "sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/util-buffer-from": "^2.2.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/@types/node": { + "version": "22.19.19", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.19.tgz", + "integrity": "sha512-dyh/xO2Fh5bYrfWaaqGrRQQGkNdmYw6AmaAUvYeUMNTWQtvb796ikLdmTchRmOlOiIJ1TDXfWgVx1QkUlQ6Hew==", + "license": "MIT", + "dependencies": { + "undici-types": "~6.21.0" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/agent-base": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", + "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", + "license": "MIT", + "engines": { + "node": ">= 14" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/balanced-match": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz", + "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==", + "license": "MIT", + "engines": { + "node": "18 || 20 || >=22" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } ], + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/bignumber.js": { + "version": "9.3.1", + "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.3.1.tgz", + "integrity": "sha512-Ko0uX15oIUS7wJ3Rb30Fs6SkVbLmPBAKdlm7q9+ak9bbIeFf0MwuBsQV6z7+X768/cHsfg+WlysDWJcmthjsjQ==", + "license": "MIT", + "engines": { + "node": "*" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/bowser": { + "version": "2.14.1", + "resolved": "https://registry.npmjs.org/bowser/-/bowser-2.14.1.tgz", + "integrity": "sha512-tzPjzCxygAKWFOJP011oxFHs57HzIhOEracIgAePE4pqB3LikALKnSzUyU4MGs9/iCEUuHlAJTjTc5M+u7YEGg==", + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/brace-expansion": { + "version": "5.0.6", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz", + "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==", + "license": "MIT", + "dependencies": { + "balanced-match": "^4.0.2" + }, + "engines": { + "node": "18 || 20 || >=22" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==", + "license": "BSD-3-Clause" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/chalk": { + "version": "5.6.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.6.2.tgz", + "integrity": "sha512-7NzBL0rN6fMUW+f7A6Io4h40qQlG+xGmtMxfbnH/K7TAtt8JQWVQK+6g0UXKMeVJoyV5EkkNsErQ8pVD3bLHbA==", + "license": "MIT", + "engines": { + "node": "^12.17.0 || ^14.13 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/cross-spawn": { + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "license": "MIT", + "dependencies": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/data-uri-to-buffer": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz", + "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==", + "license": "MIT", + "engines": { + "node": ">= 12" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/debug": { + "version": "4.4.3", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz", + "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==", + "license": "MIT", + "dependencies": { + "ms": "^2.1.3" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/diff": { + "version": "8.0.4", + "resolved": "https://registry.npmjs.org/diff/-/diff-8.0.4.tgz", + "integrity": "sha512-DPi0FmjiSU5EvQV0++GFDOJ9ASQUVFh5kD+OzOnYdi7n3Wpm9hWWGfB/O2blfHcMVTL5WkQXSnRiK9makhrcnw==", + "license": "BSD-3-Clause", "engines": { - "node": ">=18" + "node": ">=0.3.1" } }, - "node_modules/@esbuild/linux-s390x": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.7.tgz", - "integrity": "sha512-2k8go8Ycu1Kb46vEelhu1vqEP+UeRVj2zY1pSuPdgvbd5ykAw82Lrro28vXUrRmzEsUV0NzCf54yARIK8r0fdw==", - "cpu": [ - "s390x" - ], - "dev": true, - "optional": true, - "os": [ - "linux" + "node_modules/@earendil-works/pi-coding-agent/node_modules/ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "license": "Apache-2.0", + "dependencies": { + "safe-buffer": "^5.0.1" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/fast-xml-builder": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.2.0.tgz", + "integrity": "sha512-00aAWieqff+ZJhsXA4g1g7M8k+7AYoMUUHF+/zFb5U6Uv/P0Vl4QZo84/IcufzYalLuEj9928bXN9PbbFzMF0Q==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } ], - "engines": { - "node": ">=18" + "license": "MIT", + "dependencies": { + "path-expression-matcher": "^1.5.0", + "xml-naming": "^0.1.0" } }, - "node_modules/@esbuild/linux-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.7.tgz", - "integrity": "sha512-hzznmADPt+OmsYzw1EE33ccA+HPdIqiCRq7cQeL1Jlq2gb1+OyWBkMCrYGBJ+sxVzve2ZJEVeePbLM2iEIZSxA==", - "cpu": [ - "x64" + "node_modules/@earendil-works/pi-coding-agent/node_modules/fast-xml-parser": { + "version": "5.7.3", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.7.3.tgz", + "integrity": "sha512-C0AaNuC+mscy6vrAQKAc/rMq+zAPHodfHGZu4sGVehvAQt/JLG1O5zEcYcXSY5zSqr4YVgxsB+pHXTq0i7eDlg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } ], - "dev": true, - "optional": true, - "os": [ - "linux" + "license": "MIT", + "dependencies": { + "@nodable/entities": "^2.1.0", + "fast-xml-builder": "^1.1.7", + "path-expression-matcher": "^1.5.0", + "strnum": "^2.2.3" + }, + "bin": { + "fxparser": "src/cli/cli.js" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/fetch-blob": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz", + "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/jimmywarting" + }, + { + "type": "paypal", + "url": "https://paypal.me/jimmywarting" + } ], + "license": "MIT", + "dependencies": { + "node-domexception": "^1.0.0", + "web-streams-polyfill": "^3.0.3" + }, "engines": { - "node": ">=18" + "node": "^12.20 || >= 14.13" } }, - "node_modules/@esbuild/netbsd-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.7.tgz", - "integrity": "sha512-b6pqtrQdigZBwZxAn1UpazEisvwaIDvdbMbmrly7cDTMFnw/+3lVxxCTGOrkPVnsYIosJJXAsILG9XcQS+Yu6w==", - "cpu": [ - "arm64" - ], - "dev": true, - "optional": true, - "os": [ - "netbsd" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/formdata-polyfill": { + "version": "4.0.10", + "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", + "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", + "license": "MIT", + "dependencies": { + "fetch-blob": "^3.1.2" + }, "engines": { - "node": ">=18" + "node": ">=12.20.0" } }, - "node_modules/@esbuild/netbsd-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.7.tgz", - "integrity": "sha512-OfatkLojr6U+WN5EDYuoQhtM+1xco+/6FSzJJnuWiUw5eVcicbyK3dq5EeV/QHT1uy6GoDhGbFpprUiHUYggrw==", - "cpu": [ - "x64" - ], - "dev": true, - "optional": true, - "os": [ - "netbsd" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/gaxios": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/gaxios/-/gaxios-7.1.4.tgz", + "integrity": "sha512-bTIgTsM2bWn3XklZISBTQX7ZSddGW+IO3bMdGaemHZ3tbqExMENHLx6kKZ/KlejgrMtj8q7wBItt51yegqalrA==", + "license": "Apache-2.0", + "dependencies": { + "extend": "^3.0.2", + "https-proxy-agent": "^7.0.1", + "node-fetch": "^3.3.2" + }, "engines": { "node": ">=18" } }, - "node_modules/@esbuild/openbsd-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.7.tgz", - "integrity": "sha512-AFuojMQTxAz75Fo8idVcqoQWEHIXFRbOc1TrVcFSgCZtQfSdc1RXgB3tjOn/krRHENUB4j00bfGjyl2mJrU37A==", - "cpu": [ - "arm64" - ], - "dev": true, - "optional": true, - "os": [ - "openbsd" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/gcp-metadata": { + "version": "8.1.2", + "resolved": "https://registry.npmjs.org/gcp-metadata/-/gcp-metadata-8.1.2.tgz", + "integrity": "sha512-zV/5HKTfCeKWnxG0Dmrw51hEWFGfcF2xiXqcA3+J90WDuP0SvoiSO5ORvcBsifmx/FoIjgQN3oNOGaQ5PhLFkg==", + "license": "Apache-2.0", + "dependencies": { + "gaxios": "^7.0.0", + "google-logging-utils": "^1.0.0", + "json-bigint": "^1.0.0" + }, "engines": { "node": ">=18" } }, - "node_modules/@esbuild/openbsd-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.7.tgz", - "integrity": "sha512-+A1NJmfM8WNDv5CLVQYJ5PshuRm/4cI6WMZRg1by1GwPIQPCTs1GLEUHwiiQGT5zDdyLiRM/l1G0Pv54gvtKIg==", - "cpu": [ - "x64" - ], - "dev": true, - "optional": true, - "os": [ - "openbsd" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/get-east-asian-width": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/get-east-asian-width/-/get-east-asian-width-1.6.0.tgz", + "integrity": "sha512-QRbvDIbx6YklUe6RxeTeleMR0yv3cYH6PsPZHcnVn7xv7zO1BHN8r0XETu8n6Ye3Q+ahtSarc3WgtNWmehIBfA==", + "license": "MIT", "engines": { "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@esbuild/openharmony-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.7.tgz", - "integrity": "sha512-+KrvYb/C8zA9CU/g0sR6w2RBw7IGc5J2BPnc3dYc5VJxHCSF1yNMxTV5LQ7GuKteQXZtspjFbiuW5/dOj7H4Yw==", - "cpu": [ - "arm64" - ], - "dev": true, - "optional": true, - "os": [ - "openharmony" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/glob": { + "version": "13.0.6", + "resolved": "https://registry.npmjs.org/glob/-/glob-13.0.6.tgz", + "integrity": "sha512-Wjlyrolmm8uDpm/ogGyXZXb1Z+Ca2B8NbJwqBVg0axK9GbBeoS7yGV6vjXnYdGm6X53iehEuxxbyiKp8QmN4Vw==", + "license": "BlueOak-1.0.0", + "dependencies": { + "minimatch": "^10.2.2", + "minipass": "^7.1.3", + "path-scurry": "^2.0.2" + }, "engines": { - "node": ">=18" + "node": "18 || 20 || >=22" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" } }, - "node_modules/@esbuild/sunos-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.7.tgz", - "integrity": "sha512-ikktIhFBzQNt/QDyOL580ti9+5mL/YZeUPKU2ivGtGjdTYoqz6jObj6nOMfhASpS4GU4Q/Clh1QtxWAvcYKamA==", - "cpu": [ - "x64" - ], - "dev": true, - "optional": true, - "os": [ - "sunos" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/google-auth-library": { + "version": "10.6.2", + "resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-10.6.2.tgz", + "integrity": "sha512-e27Z6EThmVNNvtYASwQxose/G57rkRuaRbQyxM2bvYLLX/GqWZ5chWq2EBoUchJbCc57eC9ArzO5wMsEmWftCw==", + "license": "Apache-2.0", + "dependencies": { + "base64-js": "^1.3.0", + "ecdsa-sig-formatter": "^1.0.11", + "gaxios": "^7.1.4", + "gcp-metadata": "8.1.2", + "google-logging-utils": "1.1.3", + "jws": "^4.0.0" + }, "engines": { "node": ">=18" } }, - "node_modules/@esbuild/win32-arm64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.7.tgz", - "integrity": "sha512-7yRhbHvPqSpRUV7Q20VuDwbjW5kIMwTHpptuUzV+AA46kiPze5Z7qgt6CLCK3pWFrHeNfDd1VKgyP4O+ng17CA==", - "cpu": [ - "arm64" - ], - "dev": true, - "optional": true, - "os": [ - "win32" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/google-logging-utils": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/google-logging-utils/-/google-logging-utils-1.1.3.tgz", + "integrity": "sha512-eAmLkjDjAFCVXg7A1unxHsLf961m6y17QFqXqAXGj/gVkKFrEICfStRfwUlGNfeCEjNRa32JEWOUTlYXPyyKvA==", + "license": "Apache-2.0", "engines": { - "node": ">=18" + "node": ">=14" } }, - "node_modules/@esbuild/win32-ia32": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.7.tgz", - "integrity": "sha512-SmwKXe6VHIyZYbBLJrhOoCJRB/Z1tckzmgTLfFYOfpMAx63BJEaL9ExI8x7v0oAO3Zh6D/Oi1gVxEYr5oUCFhw==", - "cpu": [ - "ia32" - ], - "dev": true, - "optional": true, - "os": [ - "win32" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/graceful-fs": { + "version": "4.2.11", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "license": "ISC" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/highlight.js": { + "version": "10.7.3", + "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-10.7.3.tgz", + "integrity": "sha512-tzcUFauisWKNHaRkN4Wjl/ZA07gENAjFl3J/c480dprkGTg5EQstgaNFqBfUqCq54kZRIEcreTsAgF/m2quD7A==", + "license": "BSD-3-Clause", "engines": { - "node": ">=18" + "node": "*" } }, - "node_modules/@esbuild/win32-x64": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.7.tgz", - "integrity": "sha512-56hiAJPhwQ1R4i+21FVF7V8kSD5zZTdHcVuRFMW0hn753vVfQN8xlx4uOPT4xoGH0Z/oVATuR82AiqSTDIpaHg==", - "cpu": [ - "x64" - ], - "dev": true, - "optional": true, - "os": [ - "win32" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/hosted-git-info": { + "version": "9.0.3", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-9.0.3.tgz", + "integrity": "sha512-Hc+ghLoSt6QaYZUv0WBiIvmMDZuZZ7oaDvdH8MbfOO4lOsxdXLEvuC6ePoGs9H1X9oCLyq6+NVN0MKqD+ydxyg==", + "license": "ISC", + "dependencies": { + "lru-cache": "^11.1.0" + }, "engines": { - "node": ">=18" + "node": "^20.17.0 || >=22.9.0" } }, - "node_modules/@google/genai": { - "version": "1.48.0", - "resolved": "https://registry.npmjs.org/@google/genai/-/genai-1.48.0.tgz", - "integrity": "sha512-plonYK4ML2PrxsRD9SeqmFt76eREWkQdPCglOA6aYDzL1AAbE+7PUnT54SvpWGfws13L0AZEqGSpL7+1IPnTxQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/http-proxy-agent": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz", + "integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==", + "license": "MIT", "dependencies": { - "google-auth-library": "^10.3.0", - "p-retry": "^4.6.2", - "protobufjs": "^7.5.4", - "ws": "^8.18.0" + "agent-base": "^7.1.0", + "debug": "^4.3.4" }, "engines": { - "node": ">=20.0.0" - }, - "peerDependencies": { - "@modelcontextprotocol/sdk": "^1.25.2" - }, - "peerDependenciesMeta": { - "@modelcontextprotocol/sdk": { - "optional": true - } + "node": ">= 14" } }, - "node_modules/@isaacs/cliui": { - "version": "8.0.2", - "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", - "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==", - "license": "ISC", + "node_modules/@earendil-works/pi-coding-agent/node_modules/https-proxy-agent": { + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz", + "integrity": "sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==", + "license": "MIT", "dependencies": { - "string-width": "^5.1.2", - "string-width-cjs": "npm:string-width@^4.2.0", - "strip-ansi": "^7.0.1", - "strip-ansi-cjs": "npm:strip-ansi@^6.0.1", - "wrap-ansi": "^8.1.0", - "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0" + "agent-base": "^7.1.2", + "debug": "4" }, "engines": { - "node": ">=12" + "node": ">= 14" } }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.3", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz", - "integrity": "sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/ignore": { + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz", + "integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==", "license": "MIT", "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" + "node": ">= 4" } }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==", - "license": "MIT" + "node_modules/@earendil-works/pi-coding-agent/node_modules/isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", + "license": "ISC" }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/jiti": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.7.0.tgz", + "integrity": "sha512-AC/7JofJvZGrrneWNaEnJeOLUx+JlGt7tNa0wZiRPT4MY1wmfKjt2+6O2p2uz2+skll8OZZmJMNqeke7kKbNgQ==", + "license": "MIT", + "bin": { + "jiti": "lib/jiti-cli.mjs" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/json-bigint": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-bigint/-/json-bigint-1.0.0.tgz", + "integrity": "sha512-SiPv/8VpZuWbvLSMtTDU8hEfrZWg/mH/nV/b4o0CYbSxu1UIQPLdwKOCIyLQX+VIPO5vrLX3i8qtqFyhdPSUSQ==", "license": "MIT", "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "bignumber.js": "^9.0.0" } }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/json-schema-to-ts": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/json-schema-to-ts/-/json-schema-to-ts-3.1.1.tgz", + "integrity": "sha512-+DWg8jCJG2TEnpy7kOm/7/AxaYoaRbjVB4LFZLySZlWn8exGs3A4OLJR966cVvU26N7X9TWxl+Jsw7dzAqKT6g==", "license": "MIT", "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" + "@babel/runtime": "^7.18.3", + "ts-algebra": "^2.0.0" }, "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + "node": ">=16" } }, - "node_modules/@mariozechner/clipboard": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard/-/clipboard-0.3.2.tgz", - "integrity": "sha512-IHQpksNjo7EAtGuHFU+tbWDp5LarH3HU/8WiB9O70ZEoBPHOg0/6afwSLK0QyNMMmx4Bpi/zl6+DcBXe95nWYA==", - "optional": true, + "node_modules/@earendil-works/pi-coding-agent/node_modules/jwa": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-2.0.1.tgz", + "integrity": "sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==", + "license": "MIT", + "dependencies": { + "buffer-equal-constant-time": "^1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/jws": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/jws/-/jws-4.0.1.tgz", + "integrity": "sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==", + "license": "MIT", + "dependencies": { + "jwa": "^2.0.1", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/long": { + "version": "5.3.2", + "resolved": "https://registry.npmjs.org/long/-/long-5.3.2.tgz", + "integrity": "sha512-mNAgZ1GmyNhD7AuqnTG3/VQ26o760+ZYBPKjPvugO8+nLbYfX6TVpJPseBvopbdY+qpZ/lKUnmEc1LeZYS3QAA==", + "license": "Apache-2.0" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/lru-cache": { + "version": "11.4.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.4.0.tgz", + "integrity": "sha512-W+R+kFL4HgVxONq2bhXPi3bGpzGe/yEhVOp233qw9wCRtgncJ15P3bC+e4zZMu4Cq7d+WAJjXGW0uUkifhcatA==", + "license": "BlueOak-1.0.0", "engines": { - "node": ">= 10" + "node": "20 || >=22" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/marked": { + "version": "18.0.5", + "resolved": "https://registry.npmjs.org/marked/-/marked-18.0.5.tgz", + "integrity": "sha512-S6GcvALHg6K4ohtu4E7x0a1AqhAjp6cV8KhLSyN9qVapnzJkusVBxZRcIU9AeYsbe6P1hKDusSbEOzGyyuce6w==", + "license": "MIT", + "bin": { + "marked": "bin/marked.js" }, - "optionalDependencies": { - "@mariozechner/clipboard-darwin-arm64": "0.3.2", - "@mariozechner/clipboard-darwin-universal": "0.3.2", - "@mariozechner/clipboard-darwin-x64": "0.3.2", - "@mariozechner/clipboard-linux-arm64-gnu": "0.3.2", - "@mariozechner/clipboard-linux-arm64-musl": "0.3.2", - "@mariozechner/clipboard-linux-riscv64-gnu": "0.3.2", - "@mariozechner/clipboard-linux-x64-gnu": "0.3.2", - "@mariozechner/clipboard-linux-x64-musl": "0.3.2", - "@mariozechner/clipboard-win32-arm64-msvc": "0.3.2", - "@mariozechner/clipboard-win32-x64-msvc": "0.3.2" - } - }, - "node_modules/@mariozechner/clipboard-darwin-arm64": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-darwin-arm64/-/clipboard-darwin-arm64-0.3.2.tgz", - "integrity": "sha512-uBf6K7Je1ihsgvmWxA8UCGCeI+nbRVRXoarZdLjl6slz94Zs1tNKFZqx7aCI5O1i3e0B6ja82zZ06BWrl0MCVw==", - "cpu": [ - "arm64" - ], - "optional": true, - "os": [ - "darwin" - ], "engines": { - "node": ">= 10" + "node": ">= 20" } }, - "node_modules/@mariozechner/clipboard-darwin-universal": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-darwin-universal/-/clipboard-darwin-universal-0.3.2.tgz", - "integrity": "sha512-mxSheKTW2U9LsBdXy0SdmdCAE5HqNS9QUmpNHLnfJ+SsbFKALjEZc5oRrVMXxGQSirDvYf5bjmRyT0QYYonnlg==", - "optional": true, - "os": [ - "darwin" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/minimatch": { + "version": "10.2.5", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz", + "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==", + "license": "BlueOak-1.0.0", + "dependencies": { + "brace-expansion": "^5.0.5" + }, "engines": { - "node": ">= 10" + "node": "18 || 20 || >=22" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" } }, - "node_modules/@mariozechner/clipboard-darwin-x64": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-darwin-x64/-/clipboard-darwin-x64-0.3.2.tgz", - "integrity": "sha512-U1BcVEoidvwIp95+HJswSW+xr28EQiHR7rZjH6pn8Sja5yO4Yoe3yCN0Zm8Lo72BbSOK/fTSq0je7CJpaPCspg==", - "cpu": [ - "x64" - ], - "optional": true, - "os": [ - "darwin" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/minipass": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.3.tgz", + "integrity": "sha512-tEBHqDnIoM/1rXME1zgka9g6Q2lcoCkxHLuc7ODJ5BxbP5d4c2Z5cGgtXAku59200Cx7diuHTOYfSBD8n6mm8A==", + "license": "BlueOak-1.0.0", "engines": { - "node": ">= 10" + "node": ">=16 || 14 >=14.17" } }, - "node_modules/@mariozechner/clipboard-linux-arm64-gnu": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-arm64-gnu/-/clipboard-linux-arm64-gnu-0.3.2.tgz", - "integrity": "sha512-BsinwG3yWTIjdgNCxsFlip7LkfwPk+ruw/aFCXHUg/fb5XC/Ksp+YMQ7u0LUtiKzIv/7LMXgZInJQH6gxbAaqQ==", - "cpu": [ - "arm64" - ], - "optional": true, - "os": [ - "linux" + "node_modules/@earendil-works/pi-coding-agent/node_modules/ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/node-domexception": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz", + "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==", + "deprecated": "Use your platform's native DOMException instead", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/jimmywarting" + }, + { + "type": "github", + "url": "https://paypal.me/jimmywarting" + } ], + "license": "MIT", "engines": { - "node": ">= 10" + "node": ">=10.5.0" } }, - "node_modules/@mariozechner/clipboard-linux-arm64-musl": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-arm64-musl/-/clipboard-linux-arm64-musl-0.3.2.tgz", - "integrity": "sha512-0/Gi5Xq2V6goXBop19ePoHvXsmJD9SzFlO3S+d6+T2b+BlPcpOu3Oa0wTjl+cZrLAAEzA86aPNBI+VVAFDFPKw==", - "cpu": [ - "arm64" - ], - "optional": true, - "os": [ - "linux" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/node-fetch": { + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.2.tgz", + "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==", + "license": "MIT", + "dependencies": { + "data-uri-to-buffer": "^4.0.0", + "fetch-blob": "^3.1.4", + "formdata-polyfill": "^4.0.10" + }, "engines": { - "node": ">= 10" + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/node-fetch" } }, - "node_modules/@mariozechner/clipboard-linux-riscv64-gnu": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-riscv64-gnu/-/clipboard-linux-riscv64-gnu-0.3.2.tgz", - "integrity": "sha512-2AFFiXB24qf0zOZsxI1GJGb9wQGlOJyN6UwoXqmKS3dpQi/l6ix30IzDDA4c4ZcCcx4D+9HLYXhC1w7Sov8pXA==", - "cpu": [ - "riscv64" - ], - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">= 10" + "node_modules/@earendil-works/pi-coding-agent/node_modules/openai": { + "version": "6.26.0", + "resolved": "https://registry.npmjs.org/openai/-/openai-6.26.0.tgz", + "integrity": "sha512-zd23dbWTjiJ6sSAX6s0HrCZi41JwTA1bQVs0wLQPZ2/5o2gxOJA5wh7yOAUgwYybfhDXyhwlpeQf7Mlgx8EOCA==", + "license": "Apache-2.0", + "bin": { + "openai": "bin/cli" + }, + "peerDependencies": { + "ws": "^8.18.0", + "zod": "^3.25 || ^4.0" + }, + "peerDependenciesMeta": { + "ws": { + "optional": true + }, + "zod": { + "optional": true + } } }, - "node_modules/@mariozechner/clipboard-linux-x64-gnu": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-x64-gnu/-/clipboard-linux-x64-gnu-0.3.2.tgz", - "integrity": "sha512-v6fVnsn7WMGg73Dab8QMwyFce7tzGfgEixKgzLP8f1GJqkJZi5zO4k4FOHzSgUufgLil63gnxvMpjWkgfeQN7A==", - "cpu": [ - "x64" - ], - "optional": true, - "os": [ - "linux" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/p-retry": { + "version": "4.6.2", + "resolved": "https://registry.npmjs.org/p-retry/-/p-retry-4.6.2.tgz", + "integrity": "sha512-312Id396EbJdvRONlngUx0NydfrIQ5lsYu0znKVUzVvArzEIt08V1qhtyESbGVd1FGX7UKtiFp5uwKZdM8wIuQ==", + "license": "MIT", + "dependencies": { + "@types/retry": "0.12.0", + "retry": "^0.13.1" + }, "engines": { - "node": ">= 10" + "node": ">=8" } }, - "node_modules/@mariozechner/clipboard-linux-x64-musl": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-linux-x64-musl/-/clipboard-linux-x64-musl-0.3.2.tgz", - "integrity": "sha512-xVUtnoMQ8v2JVyfJLKKXACA6avdnchdbBkTsZs8BgJQo29qwCp5NIHAUO8gbJ40iaEGToW5RlmVk2M9V0HsHEw==", - "cpu": [ - "x64" - ], - "optional": true, - "os": [ - "linux" + "node_modules/@earendil-works/pi-coding-agent/node_modules/p-retry/node_modules/@types/retry": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/@types/retry/-/retry-0.12.0.tgz", + "integrity": "sha512-wWKOClTTiizcZhXnPY4wikVAwmdYHp8q6DmC+EJUzAMsycb7HB32Kh9RN4+0gExjmPmZSAQjgURXIGATPegAvA==", + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/partial-json": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/partial-json/-/partial-json-0.1.7.tgz", + "integrity": "sha512-Njv/59hHaokb/hRUjce3Hdv12wd60MtM9Z5Olmn+nehe0QDAsRtRbJPvJ0Z91TusF0SuZRIvnM+S4l6EIP8leA==", + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/path-expression-matcher": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/path-expression-matcher/-/path-expression-matcher-1.5.0.tgz", + "integrity": "sha512-cbrerZV+6rvdQrrD+iGMcZFEiiSrbv9Tfdkvnusy6y0x0GKBXREFg/Y65GhIfm0tnLntThhzCnfKwp1WRjeCyQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } ], + "license": "MIT", "engines": { - "node": ">= 10" + "node": ">=14.0.0" } }, - "node_modules/@mariozechner/clipboard-win32-arm64-msvc": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-win32-arm64-msvc/-/clipboard-win32-arm64-msvc-0.3.2.tgz", - "integrity": "sha512-AEgg95TNi8TGgak2wSXZkXKCvAUTjWoU1Pqb0ON7JHrX78p616XUFNTJohtIon3e0w6k0pYPZeCuqRCza/Tqeg==", - "cpu": [ - "arm64" - ], - "optional": true, - "os": [ - "win32" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "license": "MIT", "engines": { - "node": ">= 10" + "node": ">=8" } }, - "node_modules/@mariozechner/clipboard-win32-x64-msvc": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@mariozechner/clipboard-win32-x64-msvc/-/clipboard-win32-x64-msvc-0.3.2.tgz", - "integrity": "sha512-tGRuYpZwDOD7HBrCpyRuhGnHHSCknELvqwKKUG4JSfSB7JIU7LKRh6zx6fMUOQd8uISK35TjFg5UcNih+vJhFA==", - "cpu": [ - "x64" - ], - "optional": true, - "os": [ - "win32" - ], + "node_modules/@earendil-works/pi-coding-agent/node_modules/path-scurry": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.2.tgz", + "integrity": "sha512-3O/iVVsJAPsOnpwWIeD+d6z/7PmqApyQePUtCndjatj/9I5LylHvt5qluFaBT3I5h3r1ejfR056c+FCv+NnNXg==", + "license": "BlueOak-1.0.0", + "dependencies": { + "lru-cache": "^11.0.0", + "minipass": "^7.1.2" + }, "engines": { - "node": ">= 10" + "node": "18 || 20 || >=22" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" } }, - "node_modules/@mariozechner/jiti": { - "version": "2.6.5", - "resolved": "https://registry.npmjs.org/@mariozechner/jiti/-/jiti-2.6.5.tgz", - "integrity": "sha512-faGUlTcXka5l7rv0lP3K3vGW/ejRuOS24RR2aSFWREUQqzjgdsuWNo/IiPqL3kWRGt6Ahl2+qcDAwtdeWeuGUw==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/proper-lockfile": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/proper-lockfile/-/proper-lockfile-4.1.2.tgz", + "integrity": "sha512-TjNPblN4BwAWMXU8s9AEz4JmQxnD1NNL7bNOY/AKUzyamc379FWASUhc/K1pL2noVb+XmZKLL68cjzLsiOAMaA==", + "license": "MIT", "dependencies": { - "std-env": "^3.10.0", - "yoctocolors": "^2.1.2" - }, - "bin": { - "jiti": "lib/jiti-cli.mjs" + "graceful-fs": "^4.2.4", + "retry": "^0.12.0", + "signal-exit": "^3.0.2" } }, - "node_modules/@mariozechner/pi-agent-core": { - "version": "0.65.2", - "resolved": "https://registry.npmjs.org/@mariozechner/pi-agent-core/-/pi-agent-core-0.65.2.tgz", - "integrity": "sha512-GYOrX5aRUpSDMPtKR174Tv72CWH92anqlRuiGn8PV05OowPAahT99JoxvZEP4fcKANBdHsyDfMMwFYpPhvPBUQ==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/proper-lockfile/node_modules/retry": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz", + "integrity": "sha512-9LkiTwjUh6rT555DtE9rTX+BKByPfrMzEAtnlEtdEwr3Nkffwiihqe2bWADg+OQRjt9gl6ICdmB/ZFDCGAtSow==", "license": "MIT", + "engines": { + "node": ">= 4" + } + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/protobufjs": { + "version": "7.6.4", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.6.4.tgz", + "integrity": "sha512-RJJPTTpvFfHcWLkIa2JFWK4XvtSzS0yEWDmunqHXli1h3JlkbcQZXDZdcWxv+JK3Xsl5/UFDPZ0iGm7DAengYw==", + "hasInstallScript": true, + "license": "BSD-3-Clause", "dependencies": { - "@mariozechner/pi-ai": "^0.65.2" + "@protobufjs/aspromise": "^1.1.2", + "@protobufjs/base64": "^1.1.2", + "@protobufjs/codegen": "^2.0.5", + "@protobufjs/eventemitter": "^1.1.1", + "@protobufjs/fetch": "^1.1.1", + "@protobufjs/float": "^1.0.2", + "@protobufjs/path": "^1.1.2", + "@protobufjs/pool": "^1.1.0", + "@protobufjs/utf8": "^1.1.1", + "@types/node": ">=13.7.0", + "long": "^5.3.2" }, "engines": { - "node": ">=20.0.0" + "node": ">=12.0.0" } }, - "node_modules/@mariozechner/pi-ai": { - "version": "0.65.2", - "resolved": "https://registry.npmjs.org/@mariozechner/pi-ai/-/pi-ai-0.65.2.tgz", - "integrity": "sha512-XCbXncmh10Q89tvS0880Ms6pv3DTxFTEtanfVHEPXKQBi0FBYnrkAlOnP5VRU8vCfe18P1AMNsWCndsCBUqY7g==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/retry": { + "version": "0.13.1", + "resolved": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", + "integrity": "sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==", "license": "MIT", - "dependencies": { - "@anthropic-ai/sdk": "^0.73.0", - "@aws-sdk/client-bedrock-runtime": "^3.983.0", - "@google/genai": "^1.40.0", - "@mistralai/mistralai": "1.14.1", - "@sinclair/typebox": "^0.34.41", - "ajv": "^8.17.1", - "ajv-formats": "^3.0.1", - "chalk": "^5.6.2", - "openai": "6.26.0", - "partial-json": "^0.1.7", - "proxy-agent": "^6.5.0", - "undici": "^7.19.1", - "zod-to-json-schema": "^3.24.6" - }, - "bin": { - "pi-ai": "dist/cli.js" - }, "engines": { - "node": ">=20.0.0" + "node": ">= 4" } }, - "node_modules/@mariozechner/pi-coding-agent": { - "version": "0.65.2", - "resolved": "https://registry.npmjs.org/@mariozechner/pi-coding-agent/-/pi-coding-agent-0.65.2.tgz", - "integrity": "sha512-/rpFzPQ+CishxrSwJHSSRZBQHHWy2K3Rbu/iV0HcMq/hl9cSI2ygpwjVTRbPW+NuP1tHxVV3AMxz69VLAs5Ztg==", - "license": "MIT", - "dependencies": { - "@mariozechner/jiti": "^2.6.2", - "@mariozechner/pi-agent-core": "^0.65.2", - "@mariozechner/pi-ai": "^0.65.2", - "@mariozechner/pi-tui": "^0.65.2", - "@silvia-odwyer/photon-node": "^0.3.4", - "ajv": "^8.17.1", - "chalk": "^5.5.0", - "cli-highlight": "^2.1.11", - "diff": "^8.0.2", - "extract-zip": "^2.0.1", - "file-type": "^21.1.1", - "glob": "^13.0.1", - "hosted-git-info": "^9.0.2", - "ignore": "^7.0.5", - "marked": "^15.0.12", - "minimatch": "^10.2.3", - "proper-lockfile": "^4.1.2", - "strip-ansi": "^7.1.0", - "undici": "^7.19.1", - "yaml": "^2.8.2" - }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/safe-buffer": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "license": "MIT" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/semver": { + "version": "7.8.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.8.0.tgz", + "integrity": "sha512-AcM7dV/5ul4EekoQ29Agm5vri8JNqRyj39o0qpX6vDF2GZrtutZl5RwgD1XnZjiTAfncsJhMI48QQH3sN87YNA==", + "license": "ISC", "bin": { - "pi": "dist/cli.js" + "semver": "bin/semver.js" }, "engines": { - "node": ">=20.6.0" - }, - "optionalDependencies": { - "@mariozechner/clipboard": "^0.3.2" + "node": ">=10" } }, - "node_modules/@mariozechner/pi-tui": { - "version": "0.65.2", - "resolved": "https://registry.npmjs.org/@mariozechner/pi-tui/-/pi-tui-0.65.2.tgz", - "integrity": "sha512-LBPbIBASjCF4QLrc/dwmPdBzVMsbkDhzmBIAFgglX5rZBnGRppB7ekSA+1kb5pdxDpDn8IbxJX+bl7ZaeqZqxw==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", "license": "MIT", "dependencies": { - "@types/mime-types": "^2.1.4", - "chalk": "^5.5.0", - "get-east-asian-width": "^1.3.0", - "marked": "^15.0.12", - "mime-types": "^3.0.1" + "shebang-regex": "^3.0.0" }, "engines": { - "node": ">=20.0.0" - }, - "optionalDependencies": { - "koffi": "^2.9.0" + "node": ">=8" } }, - "node_modules/@mistralai/mistralai": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/@mistralai/mistralai/-/mistralai-1.14.1.tgz", - "integrity": "sha512-IiLmmZFCCTReQgPAT33r7KQ1nYo5JPdvGkrkZqA8qQ2qB1GHgs5LoP5K2ICyrjnpw2n8oSxMM/VP+liiKcGNlQ==", - "dependencies": { - "ws": "^8.18.0", - "zod": "^3.25.0 || ^4.0.0", - "zod-to-json-schema": "^3.24.1" + "node_modules/@earendil-works/pi-coding-agent/node_modules/shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "license": "MIT", + "engines": { + "node": ">=8" } }, - "node_modules/@nodable/entities": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@nodable/entities/-/entities-2.1.1.tgz", - "integrity": "sha512-Pig3HxDIoMgjdEH8OCf/dkcTmLFjJRjWuq8jSnklu284/TKOPibSRERmOykiwmyXTtv61mP+44f3GMx0tLAyjg==", + "node_modules/@earendil-works/pi-coding-agent/node_modules/signal-exit": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "license": "ISC" + }, + "node_modules/@earendil-works/pi-coding-agent/node_modules/strnum": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-2.3.0.tgz", + "integrity": "sha512-ums3KNd42PGyx5xaoVTO1mjU1bH3NpY4vsrVlnv9PNGqQj8wd7rJ6nEypLrJ7z5vxK5RP0yMLo6J/Gsm62DI5Q==", "funding": [ { "type": "github", - "url": "https://github.com/sponsors/nodable" + "url": "https://github.com/sponsors/NaturalIntelligence" } ], "license": "MIT" }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "license": "MIT", - "optional": true, - "engines": { - "node": ">=14" - } + "node_modules/@earendil-works/pi-coding-agent/node_modules/ts-algebra": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ts-algebra/-/ts-algebra-2.0.0.tgz", + "integrity": "sha512-FPAhNPFMrkwz76P7cdjdmiShwMynZYN6SgOujD1urY4oNm80Ou9oMdmbR45LotcKOXoy7wSmHkRFE6Mxbrhefw==", + "license": "MIT" }, - "node_modules/@pondwader/socks5-server": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/@pondwader/socks5-server/-/socks5-server-1.0.10.tgz", - "integrity": "sha512-bQY06wzzR8D2+vVCUoBsr5QS2U6UgPUQRmErNwtsuI6vLcyRKkafjkr3KxbtGFf9aBBIV2mcvlsKD1UYaIV+sg==" + "node_modules/@earendil-works/pi-coding-agent/node_modules/tslib": { + "version": "2.8.1", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", + "license": "0BSD" }, - "node_modules/@protobufjs/aspromise": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@protobufjs/aspromise/-/aspromise-1.1.2.tgz", - "integrity": "sha512-j+gKExEuLmKwvz3OgROXtrJ2UG2x8Ch2YZUxahh+s1F2HZ+wAceUNLkvy6zKCPVRkU++ZWQrdxsUeQXmcg4uoQ==", - "license": "BSD-3-Clause" + "node_modules/@earendil-works/pi-coding-agent/node_modules/typebox": { + "version": "1.1.38", + "resolved": "https://registry.npmjs.org/typebox/-/typebox-1.1.38.tgz", + "integrity": "sha512-pZ0aQPmMmXoUvSbeuWf/Hzsc+avNw/Zd6VeE8CFgkVGWyuHPJvqeJJDeJqLve+K70LvjYIoleGcoJHPT17cWoA==", + "license": "MIT" }, - "node_modules/@protobufjs/base64": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@protobufjs/base64/-/base64-1.1.2.tgz", - "integrity": "sha512-AZkcAA5vnN/v4PDqKyMR5lx7hZttPDgClv83E//FMNhR2TMcLUhfRUBHCmSl0oi9zMgDDqRUJkSxO3wm85+XLg==" + "node_modules/@earendil-works/pi-coding-agent/node_modules/undici": { + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-8.5.0.tgz", + "integrity": "sha512-xamtWoB1EshgjpmlXd7GGm2VfdDtw1+rD8uhry8pSNW3If6S8E0m2T2+orSKeZXEn/aPJMviCpDBA65WJt8zhg==", + "license": "MIT", + "engines": { + "node": ">=22.19.0" + } }, - "node_modules/@protobufjs/codegen": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/@protobufjs/codegen/-/codegen-2.0.5.tgz", - "integrity": "sha512-zgXFLzW3Ap33e6d0Wlj4MGIm6Ce8O89n/apUaGNB/jx+hw+ruWEp7EwGUshdLKVRCxZW12fp9r40E1mQrf/34g==", - "license": "BSD-3-Clause" + "node_modules/@earendil-works/pi-coding-agent/node_modules/undici-types": { + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "license": "MIT" }, - "node_modules/@protobufjs/eventemitter": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@protobufjs/eventemitter/-/eventemitter-1.1.1.tgz", - "integrity": "sha512-vW1GmwMZNnL+gMRaovlh9yZX74kc+TTU3FObkkurpMaRtBfLP3ldjS9KQWlwZgraRE0+dheEEoAxdzcJQ8eXZg==", - "license": "BSD-3-Clause" + "node_modules/@earendil-works/pi-coding-agent/node_modules/web-streams-polyfill": { + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.3.3.tgz", + "integrity": "sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==", + "license": "MIT", + "engines": { + "node": ">= 8" + } }, - "node_modules/@protobufjs/fetch": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@protobufjs/fetch/-/fetch-1.1.1.tgz", - "integrity": "sha512-GpptLrs57adMSuHi3VNj0mAF8dwh36LMaYF6XyJ6JMWlVsc+t42tm1HSEDmOs3A8fC9yyeisgLhsTVQokOZ0zw==", - "license": "BSD-3-Clause", + "node_modules/@earendil-works/pi-coding-agent/node_modules/which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "license": "ISC", "dependencies": { - "@protobufjs/aspromise": "^1.1.1" + "isexe": "^2.0.0" + }, + "bin": { + "node-which": "bin/node-which" + }, + "engines": { + "node": ">= 8" } }, - "node_modules/@protobufjs/float": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/@protobufjs/float/-/float-1.0.2.tgz", - "integrity": "sha512-Ddb+kVXlXst9d+R9PfTIxh1EdNkgoRe5tOX6t01f1lYWOvJnSPDBlG241QLzcyPdoNTsblLUdujGSE4RzrTZGQ==" - }, - "node_modules/@protobufjs/inquire": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@protobufjs/inquire/-/inquire-1.1.2.tgz", - "integrity": "sha512-pa0vFRuws4wkvaXKK1uXZMAwAX4/t8ANaJo45iw/oQHNQ9q5xUzwgFmVJGXiga2BeN+zpX7Vf9vmsiIa2J+MUw==", - "license": "BSD-3-Clause" - }, - "node_modules/@protobufjs/path": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@protobufjs/path/-/path-1.1.2.tgz", - "integrity": "sha512-6JOcJ5Tm08dOHAbdR3GrvP+yUUfkjG5ePsHYczMFLq3ZmMkAD98cDgcT2iA1lJ9NVwFd4tH/iSSoe44YWkltEA==" + "node_modules/@earendil-works/pi-coding-agent/node_modules/ws": { + "version": "8.21.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.21.0.tgz", + "integrity": "sha512-Vsp28b7DRcimFQvrqu2Wek3z1iYxDCWqHYB8Qsnk/S4RfaCQzPGPyBNuVjJV3cd6UiKtUtp6sNM77gWvzcCH+g==", + "license": "MIT", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } }, - "node_modules/@protobufjs/pool": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@protobufjs/pool/-/pool-1.1.0.tgz", - "integrity": "sha512-0kELaGSIDBKvcgS4zkjz1PeddatrjYcmMWOlAuAPwAeccUrPHdUqo/J6LiymHHEiJT5NrF1UVwxY14f+fy4WQw==" + "node_modules/@earendil-works/pi-coding-agent/node_modules/xml-naming": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/xml-naming/-/xml-naming-0.1.0.tgz", + "integrity": "sha512-k8KO9hrMyNk6tUWqUfkTEZbezRRpONVOzUTnc97VnCvyj6Tf9lyUR9EDAIeiVLv56jsMcoXEwjW8Kv5yPY52lw==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } + ], + "license": "MIT", + "engines": { + "node": ">=16.0.0" + } }, - "node_modules/@protobufjs/utf8": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@protobufjs/utf8/-/utf8-1.1.1.tgz", - "integrity": "sha512-oOAWABowe8EAbMyWKM0tYDKi8Yaox52D+HWZhAIJqQXbqe0xI/GV7FhLWqlEKreMkfDjshR5FKgi3mnle0h6Eg==", - "license": "BSD-3-Clause" + "node_modules/@earendil-works/pi-coding-agent/node_modules/yaml": { + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.9.0.tgz", + "integrity": "sha512-2AvhNX3mb8zd6Zy7INTtSpl1F15HW6Wnqj0srWlkKLcpYl/gMIMJiyuGq2KeI2YFxUPjdlB+3Lc10seMLtL4cA==", + "license": "ISC", + "bin": { + "yaml": "bin.mjs" + }, + "engines": { + "node": ">= 14.6" + }, + "funding": { + "url": "https://github.com/sponsors/eemeli" + } }, - "node_modules/@silvia-odwyer/photon-node": { - "version": "0.3.4", - "resolved": "https://registry.npmjs.org/@silvia-odwyer/photon-node/-/photon-node-0.3.4.tgz", - "integrity": "sha512-bnly4BKB3KDTFxrUIcgCLbaeVVS8lrAkri1pEzskpmxu9MdfGQTy8b8EgcD83ywD3RPMsIulY8xJH5Awa+t9fA==" + "node_modules/@earendil-works/pi-coding-agent/node_modules/zod": { + "version": "3.25.76", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", + "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/colinhacks" + } }, - "node_modules/@sinclair/typebox": { - "version": "0.34.49", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.49.tgz", - "integrity": "sha512-brySQQs7Jtn0joV8Xh9ZV/hZb9Ozb0pmazDIASBkYKCjXrXU3mpcFahmK/z4YDhGkQvP9mWJbVyahdtU5wQA+A==" + "node_modules/@earendil-works/pi-coding-agent/node_modules/zod-to-json-schema": { + "version": "3.25.2", + "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.2.tgz", + "integrity": "sha512-O/PgfnpT1xKSDeQYSCfRI5Gy3hPf91mKVDuYLUHZJMiDFptvP41MSnWofm8dnCm0256ZNfZIM7DSzuSMAFnjHA==", + "license": "ISC", + "peerDependencies": { + "zod": "^3.25.28 || ^4" + } }, - "node_modules/@smithy/config-resolver": { - "version": "4.4.15", - "resolved": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-4.4.15.tgz", - "integrity": "sha512-BJdMBY5YO9iHh+lPLYdHv6LbX+J8IcPCYMl1IJdBt2KDWNHwONHrPVHk3ttYBqJd9wxv84wlbN0f7GlQzcQtNQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/node-config-provider": "^4.3.13", - "@smithy/types": "^4.14.0", - "@smithy/util-config-provider": "^4.2.2", - "@smithy/util-endpoints": "^3.4.0", - "@smithy/util-middleware": "^4.2.13", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.28.1.tgz", + "integrity": "sha512-Svl7tq8k/08+p6CXPpRjQ1fKX+1odH/BQbb48fV6fj3CWHhsoIOoY87w1oHXm0qEpkIK3ZfVgp0hed3XBXzXMQ==", + "cpu": [ + "ppc64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/core": { - "version": "3.23.14", - "resolved": "https://registry.npmjs.org/@smithy/core/-/core-3.23.14.tgz", - "integrity": "sha512-vJ0IhpZxZAkFYOegMKSrxw7ujhhT2pass/1UEcZ4kfl5srTAqtPU5I7MdYQoreVas3204ykCiNhY1o7Xlz6Yyg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-body-length-browser": "^4.2.2", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-stream": "^4.5.22", - "@smithy/util-utf8": "^4.2.2", - "@smithy/uuid": "^1.1.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/android-arm": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.28.1.tgz", + "integrity": "sha512-0k2F129Xdio1TdJfzJ8sy1Q47vUD2NnwdhiAf7drUN1EBTfPf4hsFCtmMgu/6m8JSzsBrlmVjudMBQqOfG8usQ==", + "cpu": [ + "arm" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/credential-provider-imds": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-4.2.13.tgz", - "integrity": "sha512-wboCPijzf6RJKLOvnjDAiBxGSmSnGXj35o5ZAWKDaHa/cvQ5U3ZJ13D4tMCE8JG4dxVAZFy/P0x/V9CwwdfULQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/node-config-provider": "^4.3.13", - "@smithy/property-provider": "^4.2.13", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/android-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.28.1.tgz", + "integrity": "sha512-34EGEbCIAgosYz6goLcopX6Mo7NyGv9tfwEM2/7Ce2VcVRk568iSvniGWcUXIy7wEDR1wzolcxcriFVrWYcwBg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/eventstream-codec": { - "version": "4.2.12", - "resolved": "https://registry.npmjs.org/@smithy/eventstream-codec/-/eventstream-codec-4.2.12.tgz", - "integrity": "sha512-FE3bZdEl62ojmy8x4FHqxq2+BuOHlcxiH5vaZ6aqHJr3AIZzwF5jfx8dEiU/X0a8RboyNDjmXjlbr8AdEyLgiA==", - "dependencies": { - "@aws-crypto/crc32": "5.2.0", - "@smithy/types": "^4.13.1", - "@smithy/util-hex-encoding": "^4.2.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/android-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.28.1.tgz", + "integrity": "sha512-dbwY7ltSMDWsRatcRpCnES4F+im88OCUgGZjy52shC7GqHRE/cYlxNbB4Z4UpJswpcc4Qxd2oE/ufM0p61IKng==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "android" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/eventstream-serde-browser": { - "version": "4.2.12", - "resolved": "https://registry.npmjs.org/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-4.2.12.tgz", - "integrity": "sha512-XUSuMxlTxV5pp4VpqZf6Sa3vT/Q75FVkLSpSSE3KkWBvAQWeuWt1msTv8fJfgA4/jcJhrbrbMzN1AC/hvPmm5A==", - "dependencies": { - "@smithy/eventstream-serde-universal": "^4.2.12", - "@smithy/types": "^4.13.1", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/darwin-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.28.1.tgz", + "integrity": "sha512-TZbWkQY7kvTAXbXUT7uVACR5cMHsDiSz9z7ZKAX/RTq/WJEk3QyRr0wZpNhBDX+/0CtdqUIJlOiodQcta6tY3Q==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/eventstream-serde-config-resolver": { - "version": "4.3.12", - "resolved": "https://registry.npmjs.org/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-4.3.12.tgz", - "integrity": "sha512-7epsAZ3QvfHkngz6RXQYseyZYHlmWXSTPOfPmXkiS+zA6TBNo1awUaMFL9vxyXlGdoELmCZyZe1nQE+imbmV+Q==", - "dependencies": { - "@smithy/types": "^4.13.1", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/darwin-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.28.1.tgz", + "integrity": "sha512-zfdzgK9ACBNZLI/CyHTOx81SyNbM6YXn7rxSgX97VjyiPl9W1i4Ka4fgKECEoFCKGpvBj5qArWIGgQjOwkgskQ==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/eventstream-serde-node": { - "version": "4.2.12", - "resolved": "https://registry.npmjs.org/@smithy/eventstream-serde-node/-/eventstream-serde-node-4.2.12.tgz", - "integrity": "sha512-D1pFuExo31854eAvg89KMn9Oab/wEeJR6Buy32B49A9Ogdtx5fwZPqBHUlDzaCDpycTFk2+fSQgX689Qsk7UGA==", - "dependencies": { - "@smithy/eventstream-serde-universal": "^4.2.12", - "@smithy/types": "^4.13.1", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/freebsd-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.28.1.tgz", + "integrity": "sha512-wG2EA8ENdEI0qhkSZMjfqrdY+ziCYCPMmtZjjIwOmXFjmyzEHn+UUxk5of+SYsjtfs3VpnlC7QLzSI5hY/rOAw==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/eventstream-serde-universal": { - "version": "4.2.12", - "resolved": "https://registry.npmjs.org/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-4.2.12.tgz", - "integrity": "sha512-+yNuTiyBACxOJUTvbsNsSOfH9G9oKbaJE1lNL3YHpGcuucl6rPZMi3nrpehpVOVR2E07YqFFmtwpImtpzlouHQ==", - "dependencies": { - "@smithy/eventstream-codec": "^4.2.12", - "@smithy/types": "^4.13.1", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/freebsd-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.28.1.tgz", + "integrity": "sha512-i7dZ9vQgnvSCzi/rYCXNgtF/U+eKZNJBzu3eTQbRgHnM7tNSizLOkRFAl3qzVc/Op/u5YkHHa4pf/3DOYHthLQ==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/fetch-http-handler": { - "version": "5.3.16", - "resolved": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-5.3.16.tgz", - "integrity": "sha512-nYDRUIvNd4mFmuXraRWt6w5UsZTNqtj4hXJA/iiOD4tuseIdLP9Lq38teH/SZTcIFCa2f+27o7hYpIsWktJKEQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/protocol-http": "^5.3.13", - "@smithy/querystring-builder": "^4.2.13", - "@smithy/types": "^4.14.0", - "@smithy/util-base64": "^4.3.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-arm": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.28.1.tgz", + "integrity": "sha512-qVXBOHQS+d5Y722GwJzJUtOLlX7km3CraOaGormF1pDtPd2C/l1SHRPgjLunLGe51Sh5YYWKMFDyV4SxgMQYTQ==", + "cpu": [ + "arm" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/hash-node": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-4.2.13.tgz", - "integrity": "sha512-4/oy9h0jjmY80a2gOIo75iLl8TOPhmtx4E2Hz+PfMjvx/vLtGY4TMU/35WRyH2JHPfT5CVB38u4JRow7gnmzJA==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "@smithy/util-buffer-from": "^4.2.2", - "@smithy/util-utf8": "^4.2.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.28.1.tgz", + "integrity": "sha512-yHs+0uc8+nvEAfAfxrWQKK5peSNzBc4PegcMO0EJ2hT71uA7vB8Ihg2e77R2P7SG5uYjPbHlLLmve4LLLRCf0g==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/invalid-dependency": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-4.2.13.tgz", - "integrity": "sha512-jvC0RB/8BLj2SMIkY0Npl425IdnxZJxInpZJbu563zIRnVjpDMXevU3VMCRSabaLB0kf/eFIOusdGstrLJ8IDg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-ia32": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.28.1.tgz", + "integrity": "sha512-d1z4ZuP0ajrfz/FhGT4vv278rX8KnPPJx8i5+AtK7TYbx9Le9F1hyzurZpkEyjkGa9dUGhQow4C1NmeGvqxN2w==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/is-array-buffer": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/is-array-buffer/-/is-array-buffer-4.2.2.tgz", - "integrity": "sha512-n6rQ4N8Jj4YTQO3YFrlgZuwKodf4zUFs7EJIWH86pSCWBaAtAGBFfCM7Wx6D2bBJ2xqFNxGBSrUWswT3M0VJow==", - "dependencies": { - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-loong64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.28.1.tgz", + "integrity": "sha512-M5sRjUVZrkm1OAPR3dlOYzNmN+loZKGVi1VUQGrwuqLcbR6qeAz+famMhjASeH3YVKvZz+zT1jlh/keC3Rj/lg==", + "cpu": [ + "loong64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/middleware-content-length": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-4.2.13.tgz", - "integrity": "sha512-IPMLm/LE4AZwu6qiE8Rr8vJsWhs9AtOdySRXrOM7xnvclp77Tyh7hMs/FRrMf26kgIe67vFJXXOSmVxS7oKeig==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-mips64el": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.28.1.tgz", + "integrity": "sha512-mRObBZeHh2OxcBFPWE/FjylkRgZdYuiTR3vaTozquCGOH14iP9oN4x4Ge81CoIDYQrXmIxpFumJBu5MtZpnQJQ==", + "cpu": [ + "mips64el" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/middleware-endpoint": { - "version": "4.4.29", - "resolved": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-4.4.29.tgz", - "integrity": "sha512-R9Q/58U+qBiSARGWbAbFLczECg/RmysRksX6Q8BaQEpt75I7LI6WGDZnjuC9GXSGKljEbA7N118LhGaMbfrTXw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/core": "^3.23.14", - "@smithy/middleware-serde": "^4.2.17", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", - "@smithy/url-parser": "^4.2.13", - "@smithy/util-middleware": "^4.2.13", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-ppc64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.28.1.tgz", + "integrity": "sha512-slScBsMAb3GFDcdrCgLwZtPYRoH2H/youv10QiZyRjmsP48fznoveWytSgCI/R0ZcUgpc0ZhIUEx6LHts8yrfQ==", + "cpu": [ + "ppc64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/middleware-retry": { - "version": "4.5.1", - "resolved": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-4.5.1.tgz", - "integrity": "sha512-/zY+Gp7Qj2D2hVm3irkCyONER7E9MiX3cUUm/k2ZmhkzZkrPgwVS4aJ5NriZUEN/M0D1hhjrgjUmX04HhRwdWA==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/core": "^3.23.14", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/protocol-http": "^5.3.13", - "@smithy/service-error-classification": "^4.2.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-retry": "^4.3.1", - "@smithy/uuid": "^1.1.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-riscv64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.28.1.tgz", + "integrity": "sha512-kw0owk1o0GFETUJyW0jc0G4Yzs0BHZn0JDZ8JRT088vjJYX777BAs1fDGxAC+q831qOs2DTC96mNsG2opdfyyQ==", + "cpu": [ + "riscv64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/middleware-serde": { - "version": "4.2.17", - "resolved": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-4.2.17.tgz", - "integrity": "sha512-0T2mcaM6v9W1xku86Dk0bEW7aEseG6KenFkPK98XNw0ZhOqOiD1MrMsdnQw9QsL3/Oa85T53iSMlm0SZdSuIEQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/core": "^3.23.14", - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-s390x": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.28.1.tgz", + "integrity": "sha512-/lAIjX8aYFRByhh6L5rYtPEDRqa9de/4V/juOXcta5frjvzXO4/sqEtyytse0g3zZFuWu5cDN0MkLz2qRDD2Ag==", + "cpu": [ + "s390x" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/middleware-stack": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-4.2.13.tgz", - "integrity": "sha512-g72jN/sGDLyTanrCLH9fhg3oysO3f7tQa6eWWsMyn2BiYNCgjF24n4/I9wff/5XidFvjj9ilipAoQrurTUrLvw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/linux-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.28.1.tgz", + "integrity": "sha512-u/anNYF2mmVOEDwLtnQ1wOr3EZ9sTNGLWrsYGYwHWzGA3Si84IOkHXlbWTD1NB+9/1lcnweYKO54uhxZydNzfA==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/node-config-provider": { - "version": "4.3.13", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-4.3.13.tgz", - "integrity": "sha512-iGxQ04DsKXLckbgnX4ipElrOTk+IHgTyu0q0WssZfYhDm9CQWHmu6cOeI5wmWRxpXbBDhIIfXMWz5tPEtcVqbw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/property-provider": "^4.2.13", - "@smithy/shared-ini-file-loader": "^4.4.8", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.28.1.tgz", + "integrity": "sha512-oks0DYbLwWMmaakTsCb+zL4E+aHRVLom9IJZOAthMQEPiQmydXHkziYEsGYRx0uNV/IjEKGAV941JzH02pflqw==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/node-http-handler": { - "version": "4.5.2", - "resolved": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-4.5.2.tgz", - "integrity": "sha512-/oD7u8M0oj2ZTFw7GkuuHWpIxtWdLlnyNkbrWcyVYhd5RJNDuczdkb0wfnQICyNFrVPlr8YHOhamjNy3zidhmA==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/protocol-http": "^5.3.13", - "@smithy/querystring-builder": "^4.2.13", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/netbsd-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.28.1.tgz", + "integrity": "sha512-aeL6lAnN89Hz43Mlh1G8ARasbuoYvSITDEx0tHh5b7jJnHcssqgjy9Yx430GDpmCa6OyrKoS0aNRjKundRizGg==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/property-provider": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-4.2.13.tgz", - "integrity": "sha512-bGzUCthxRmezuxkbu9wD33wWg9KX3hJpCXpQ93vVkPrHn9ZW6KNNdY5xAUWNuRCwQ+VyboFuWirG1lZhhkcyRQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/openbsd-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.28.1.tgz", + "integrity": "sha512-MEFJe5C3R8pwXdZ5Y21oo6m7ePiS0d9pWucn99O/wvyJZChoIQKrQDxKrGeW8F5+T0okTHesAmDeiHDTIq0V/Q==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/protocol-http": { - "version": "5.3.13", - "resolved": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-5.3.13.tgz", - "integrity": "sha512-+HsmuJUF4u8POo6s8/a2Yb/AQ5t/YgLovCuHF9oxbocqv+SZ6gd8lC2duBFiCA/vFHoHQhoq7QjqJqZC6xOxxg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/openbsd-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.28.1.tgz", + "integrity": "sha512-i/ZLIOafE0Z8cI/XANJAixoJL/uRAoS2xOA3rb0xN+KK0K177cMAsQYkzHtBrtMXAKuAc7HGgcWiZ/sRC1Nxgw==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openbsd" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/querystring-builder": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-4.2.13.tgz", - "integrity": "sha512-tG4aOYFCZdPMjbgfhnIQ322H//ojujldp1SrHPHpBSb3NqgUp3dwiUGRJzie87hS1DYwWGqDuPaowoDF+rYCbQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "@smithy/util-uri-escape": "^4.2.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/openharmony-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.28.1.tgz", + "integrity": "sha512-ge+Z7EXFNt2BO1oAMsVpiQ8EwndV9i1xXerAeTIK7AtPs3bKFXQM7nlRxDSIUIMeueR1CNXxqztLzdNeReKBJg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openharmony" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/querystring-parser": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-4.2.13.tgz", - "integrity": "sha512-hqW3Q4P+CDzUyQ87GrboGMeD7XYNMOF+CuTwu936UQRB/zeYn3jys8C3w+wMkDfY7CyyyVwZQ5cNFoG0x1pYmA==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/sunos-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.28.1.tgz", + "integrity": "sha512-BEjgtECkL3vY+SaSQ6nzVfiALUeFxpawyp8Jmf5PtYhf1Ug40N1h/hxlhts+f1FvSvarEigdxS3BlSMI2PJLcQ==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "sunos" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/service-error-classification": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-4.2.13.tgz", - "integrity": "sha512-a0s8XZMfOC/qpqq7RCPvJlk93rWFrElH6O++8WJKz0FqnA4Y7fkNi/0mnGgSH1C4x6MFsuBA8VKu4zxFrMe5Vw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0" - }, + "node_modules/@esbuild/win32-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.28.1.tgz", + "integrity": "sha512-lCv9eK/H6ZJWbE7bh2nw54CZ9M2nupBxJcTsdk/QQnWkdSjKGuxmmH8/GWrlT1eMmZfn4dGcCjRte397WqfQXA==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/shared-ini-file-loader": { - "version": "4.4.8", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-4.4.8.tgz", - "integrity": "sha512-VZCZx2bZasxdqxVgEAhREvDSlkatTPnkdWy1+Kiy8w7kYPBosW0V5IeDwzDUMvWBt56zpK658rx1cOBFOYaPaw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/win32-ia32": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.28.1.tgz", + "integrity": "sha512-zvb/mB2bSCoJOpoCBgYKKpX6YM6mJBlBUVUtVj41DlZJVEB6/0CKlRYxP5wWl1C1ILiCoAU5wZZ4q1P3qeS6Eg==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/signature-v4": { - "version": "5.3.13", - "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-5.3.13.tgz", - "integrity": "sha512-YpYSyM0vMDwKbHD/JA7bVOF6kToVRpa+FM5ateEVRpsTNu564g1muBlkTubXhSKKYXInhpADF46FPyrZcTLpXg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/is-array-buffer": "^4.2.2", - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", - "@smithy/util-hex-encoding": "^4.2.2", - "@smithy/util-middleware": "^4.2.13", - "@smithy/util-uri-escape": "^4.2.2", - "@smithy/util-utf8": "^4.2.2", - "tslib": "^2.6.2" - }, + "node_modules/@esbuild/win32-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.28.1.tgz", + "integrity": "sha512-bm4Mowrv+GXMlpWX++EcXw/iLyd1o3+bJkC2DkWXYVvgZCqD/bSj9ctZeAMC3cIxgjRVR2Dufaiu4YPxr5gW1A==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], "engines": { - "node": ">=18.0.0" + "node": ">=18" } }, - "node_modules/@smithy/smithy-client": { - "version": "4.12.9", - "resolved": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-4.12.9.tgz", - "integrity": "sha512-ovaLEcTU5olSeHcRXcxV6viaKtpkHZumn6Ps0yn7dRf2rRSfy794vpjOtrWDO0d1auDSvAqxO+lyhERSXQ03EQ==", + "node_modules/@google/genai": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/@google/genai/-/genai-1.52.0.tgz", + "integrity": "sha512-gwSvbpiN/17O9TbsqSsE/OzZcpv5Fo4RQjdngGgogtuB9RsyJ8ZHhX5KjHj1bp5N9snN2eK8LDGXSaWW2hof8Q==", + "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^3.23.14", - "@smithy/middleware-endpoint": "^4.4.29", - "@smithy/middleware-stack": "^4.2.13", - "@smithy/protocol-http": "^5.3.13", - "@smithy/types": "^4.14.0", - "@smithy/util-stream": "^4.5.22", - "tslib": "^2.6.2" + "google-auth-library": "^10.3.0", + "p-retry": "^4.6.2", + "protobufjs": "^7.5.4", + "ws": "^8.18.0" }, "engines": { - "node": ">=18.0.0" + "node": ">=20.0.0" + }, + "peerDependencies": { + "@modelcontextprotocol/sdk": "^1.25.2" + }, + "peerDependenciesMeta": { + "@modelcontextprotocol/sdk": { + "optional": true + } } }, - "node_modules/@smithy/types": { - "version": "4.14.3", - "resolved": "https://registry.npmjs.org/@smithy/types/-/types-4.14.3.tgz", - "integrity": "sha512-YupL0ZWmFtJexUN2cHzkvvF/b9pKrtAIfT1o7/oY/Ppu8IYeZ+lDPM5vZdQJaSeA132dJCqojjGC9NhXeF71VQ==", + "node_modules/@mistralai/mistralai": { + "version": "2.2.6", + "resolved": "https://registry.npmjs.org/@mistralai/mistralai/-/mistralai-2.2.6.tgz", + "integrity": "sha512-W8pX7zHxjJvMIpw8JMxeJEleapXX0Q9NPszdNzqkM3MIEoIGPObdodujj+WHteXEvGfaP/AMwlNyRfEzSY6dQQ==", "license": "Apache-2.0", "dependencies": { - "tslib": "^2.6.2" + "@opentelemetry/semantic-conventions": "^1.40.0", + "ws": "^8.18.0", + "zod": "^3.25.0 || ^4.0.0", + "zod-to-json-schema": "^3.25.0" }, - "engines": { - "node": ">=18.0.0" + "peerDependencies": { + "@opentelemetry/api": "^1.9.0" + }, + "peerDependenciesMeta": { + "@opentelemetry/api": { + "optional": true + } } }, - "node_modules/@smithy/url-parser": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-4.2.13.tgz", - "integrity": "sha512-2G03yoboIRZlZze2+PT4GZEjgwQsJjUgn6iTsvxA02bVceHR6vp4Cuk7TUnPFWKF+ffNUk3kj4COwkENS2K3vw==", + "node_modules/@opentelemetry/api": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", + "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", "license": "Apache-2.0", - "dependencies": { - "@smithy/querystring-parser": "^4.2.13", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, "engines": { - "node": ">=18.0.0" + "node": ">=8.0.0" } }, - "node_modules/@smithy/util-base64": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/@smithy/util-base64/-/util-base64-4.3.2.tgz", - "integrity": "sha512-XRH6b0H/5A3SgblmMa5ErXQ2XKhfbQB+Fm/oyLZ2O2kCUrwgg55bU0RekmzAhuwOjA9qdN5VU2BprOvGGUkOOQ==", - "dependencies": { - "@smithy/util-buffer-from": "^4.2.2", - "@smithy/util-utf8": "^4.2.2", - "tslib": "^2.6.2" - }, + "node_modules/@opentelemetry/semantic-conventions": { + "version": "1.41.1", + "resolved": "https://registry.npmjs.org/@opentelemetry/semantic-conventions/-/semantic-conventions-1.41.1.tgz", + "integrity": "sha512-/UhIkaZgPutTFmQ7RnIJGgDXZmtEJ7Dvi86xNTFWcnRxVRNk/aotsqDJYeEvDP+FSMB2SdW+pQzNMcWP0rwuNA==", + "license": "Apache-2.0", "engines": { - "node": ">=18.0.0" + "node": ">=14" } }, - "node_modules/@smithy/util-body-length-browser": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/util-body-length-browser/-/util-body-length-browser-4.2.2.tgz", - "integrity": "sha512-JKCrLNOup3OOgmzeaKQwi4ZCTWlYR5H4Gm1r2uTMVBXoemo1UEghk5vtMi1xSu2ymgKVGW631e2fp9/R610ZjQ==", - "dependencies": { - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@pondwader/socks5-server": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/@pondwader/socks5-server/-/socks5-server-1.0.10.tgz", + "integrity": "sha512-bQY06wzzR8D2+vVCUoBsr5QS2U6UgPUQRmErNwtsuI6vLcyRKkafjkr3KxbtGFf9aBBIV2mcvlsKD1UYaIV+sg==" }, - "node_modules/@smithy/util-body-length-node": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/@smithy/util-body-length-node/-/util-body-length-node-4.2.3.tgz", - "integrity": "sha512-ZkJGvqBzMHVHE7r/hcuCxlTY8pQr1kMtdsVPs7ex4mMU+EAbcXppfo5NmyxMYi2XU49eqaz56j2gsk4dHHPG/g==", - "dependencies": { - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/aspromise": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@protobufjs/aspromise/-/aspromise-1.1.2.tgz", + "integrity": "sha512-j+gKExEuLmKwvz3OgROXtrJ2UG2x8Ch2YZUxahh+s1F2HZ+wAceUNLkvy6zKCPVRkU++ZWQrdxsUeQXmcg4uoQ==", + "license": "BSD-3-Clause" }, - "node_modules/@smithy/util-buffer-from": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/util-buffer-from/-/util-buffer-from-4.2.2.tgz", - "integrity": "sha512-FDXD7cvUoFWwN6vtQfEta540Y/YBe5JneK3SoZg9bThSoOAC/eGeYEua6RkBgKjGa/sz6Y+DuBZj3+YEY21y4Q==", - "dependencies": { - "@smithy/is-array-buffer": "^4.2.2", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/base64": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@protobufjs/base64/-/base64-1.1.2.tgz", + "integrity": "sha512-AZkcAA5vnN/v4PDqKyMR5lx7hZttPDgClv83E//FMNhR2TMcLUhfRUBHCmSl0oi9zMgDDqRUJkSxO3wm85+XLg==", + "license": "BSD-3-Clause" }, - "node_modules/@smithy/util-config-provider": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/util-config-provider/-/util-config-provider-4.2.2.tgz", - "integrity": "sha512-dWU03V3XUprJwaUIFVv4iOnS1FC9HnMHDfUrlNDSh4315v0cWyaIErP8KiqGVbf5z+JupoVpNM7ZB3jFiTejvQ==", - "dependencies": { - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/codegen": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/@protobufjs/codegen/-/codegen-2.0.5.tgz", + "integrity": "sha512-zgXFLzW3Ap33e6d0Wlj4MGIm6Ce8O89n/apUaGNB/jx+hw+ruWEp7EwGUshdLKVRCxZW12fp9r40E1mQrf/34g==", + "license": "BSD-3-Clause" }, - "node_modules/@smithy/util-defaults-mode-browser": { - "version": "4.3.45", - "resolved": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-4.3.45.tgz", - "integrity": "sha512-ag9sWc6/nWZAuK3Wm9KlFJUnRkXLrXn33RFjIAmCTFThqLHY+7wCst10BGq56FxslsDrjhSie46c8OULS+BiIw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/property-provider": "^4.2.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/eventemitter": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@protobufjs/eventemitter/-/eventemitter-1.1.1.tgz", + "integrity": "sha512-vW1GmwMZNnL+gMRaovlh9yZX74kc+TTU3FObkkurpMaRtBfLP3ldjS9KQWlwZgraRE0+dheEEoAxdzcJQ8eXZg==", + "license": "BSD-3-Clause" }, - "node_modules/@smithy/util-defaults-mode-node": { - "version": "4.2.50", - "resolved": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-4.2.50.tgz", - "integrity": "sha512-xpjncL5XozFA3No7WypTsPU1du0fFS8flIyO+Wh2nhCy7bpEapvU7BR55Bg+wrfw+1cRA+8G8UsTjaxgzrMzXg==", - "license": "Apache-2.0", + "node_modules/@protobufjs/fetch": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@protobufjs/fetch/-/fetch-1.1.1.tgz", + "integrity": "sha512-GpptLrs57adMSuHi3VNj0mAF8dwh36LMaYF6XyJ6JMWlVsc+t42tm1HSEDmOs3A8fC9yyeisgLhsTVQokOZ0zw==", + "license": "BSD-3-Clause", "dependencies": { - "@smithy/config-resolver": "^4.4.15", - "@smithy/credential-provider-imds": "^4.2.13", - "@smithy/node-config-provider": "^4.3.13", - "@smithy/property-provider": "^4.2.13", - "@smithy/smithy-client": "^4.12.9", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" + "@protobufjs/aspromise": "^1.1.1" } }, - "node_modules/@smithy/util-endpoints": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-3.4.0.tgz", - "integrity": "sha512-QQHGPKkw6NPcU6TJ1rNEEa201srPtZiX4k61xL163vvs9sTqW/XKz+UEuJ00uvPqoN+5Rs4Ka1UJ7+Mp03IXJw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/node-config-provider": "^4.3.13", - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/float": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@protobufjs/float/-/float-1.0.2.tgz", + "integrity": "sha512-Ddb+kVXlXst9d+R9PfTIxh1EdNkgoRe5tOX6t01f1lYWOvJnSPDBlG241QLzcyPdoNTsblLUdujGSE4RzrTZGQ==", + "license": "BSD-3-Clause" }, - "node_modules/@smithy/util-hex-encoding": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/util-hex-encoding/-/util-hex-encoding-4.2.2.tgz", - "integrity": "sha512-Qcz3W5vuHK4sLQdyT93k/rfrUwdJ8/HZ+nMUOyGdpeGA1Wxt65zYwi3oEl9kOM+RswvYq90fzkNDahPS8K0OIg==", - "dependencies": { - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/path": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@protobufjs/path/-/path-1.1.2.tgz", + "integrity": "sha512-6JOcJ5Tm08dOHAbdR3GrvP+yUUfkjG5ePsHYczMFLq3ZmMkAD98cDgcT2iA1lJ9NVwFd4tH/iSSoe44YWkltEA==", + "license": "BSD-3-Clause" }, - "node_modules/@smithy/util-middleware": { - "version": "4.2.13", - "resolved": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-4.2.13.tgz", - "integrity": "sha512-GTooyrlmRTqvUen4eK7/K1p6kryF7bnDfq6XsAbIsf2mo51B/utaH+XThY6dKgNCWzMAaH/+OLmqaBuLhLWRow==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^4.14.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=18.0.0" - } + "node_modules/@protobufjs/pool": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@protobufjs/pool/-/pool-1.1.0.tgz", + "integrity": "sha512-0kELaGSIDBKvcgS4zkjz1PeddatrjYcmMWOlAuAPwAeccUrPHdUqo/J6LiymHHEiJT5NrF1UVwxY14f+fy4WQw==", + "license": "BSD-3-Clause" + }, + "node_modules/@protobufjs/utf8": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@protobufjs/utf8/-/utf8-1.1.1.tgz", + "integrity": "sha512-oOAWABowe8EAbMyWKM0tYDKi8Yaox52D+HWZhAIJqQXbqe0xI/GV7FhLWqlEKreMkfDjshR5FKgi3mnle0h6Eg==", + "license": "BSD-3-Clause" + }, + "node_modules/@sinclair/typebox": { + "version": "0.34.49", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.49.tgz", + "integrity": "sha512-brySQQs7Jtn0joV8Xh9ZV/hZb9Ozb0pmazDIASBkYKCjXrXU3mpcFahmK/z4YDhGkQvP9mWJbVyahdtU5wQA+A==" }, - "node_modules/@smithy/util-retry": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-4.3.1.tgz", - "integrity": "sha512-FwmicpgWOkP5kZUjN3y+3JIom8NLGqSAJBeoIgK0rIToI817TEBHCrd0A2qGeKQlgDeP+Jzn4i0H/NLAXGy9uQ==", + "node_modules/@smithy/core": { + "version": "3.26.0", + "resolved": "https://registry.npmjs.org/@smithy/core/-/core-3.26.0.tgz", + "integrity": "sha512-mLUktFAn+Pa2agl1J7VgtYNFWCX8/b4GMJSK1hCu4YCvtBfM6F8Os3EP4ry+DFFlXOf3wyvlgXhuUdFoy52D3g==", "license": "Apache-2.0", "dependencies": { - "@smithy/service-error-classification": "^4.2.13", - "@smithy/types": "^4.14.0", + "@aws-crypto/crc32": "5.2.0", + "@smithy/types": "^4.15.0", "tslib": "^2.6.2" }, "engines": { "node": ">=18.0.0" } }, - "node_modules/@smithy/util-stream": { - "version": "4.5.22", - "resolved": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-4.5.22.tgz", - "integrity": "sha512-3H8iq/0BfQjUs2/4fbHZ9aG9yNzcuZs24LPkcX1Q7Z+qpqaGM8+qbGmE8zo9m2nCRgamyvS98cHdcWvR6YUsew==", + "node_modules/@smithy/credential-provider-imds": { + "version": "4.4.2", + "resolved": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-4.4.2.tgz", + "integrity": "sha512-18UMDMyrAbDcpmL1gLUA7ww0fRTcdCrSjSJOi2Sbld+tVjwD/pW+OAwjlScFLR7vvBnhZrIPQ7kVuTf1mnJLug==", "license": "Apache-2.0", "dependencies": { - "@smithy/fetch-http-handler": "^5.3.16", - "@smithy/node-http-handler": "^4.5.2", - "@smithy/types": "^4.14.0", - "@smithy/util-base64": "^4.3.2", - "@smithy/util-buffer-from": "^4.2.2", - "@smithy/util-hex-encoding": "^4.2.2", - "@smithy/util-utf8": "^4.2.2", + "@smithy/core": "^3.26.0", + "@smithy/types": "^4.15.0", "tslib": "^2.6.2" }, "engines": { "node": ">=18.0.0" } }, - "node_modules/@smithy/util-uri-escape": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/util-uri-escape/-/util-uri-escape-4.2.2.tgz", - "integrity": "sha512-2kAStBlvq+lTXHyAZYfJRb/DfS3rsinLiwb+69SstC9Vb0s9vNWkRwpnj918Pfi85mzi42sOqdV72OLxWAISnw==", + "node_modules/@smithy/fetch-http-handler": { + "version": "5.5.2", + "resolved": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-5.5.2.tgz", + "integrity": "sha512-Ei/UK/QMhq0rKaMqGPlOAkE2yS9DZeYmZdk1RAKc3vp3zxgleZHZyBLlZv8yLsxljX4svCRuMTD6u3LLIcU4Bg==", + "license": "Apache-2.0", "dependencies": { + "@smithy/core": "^3.26.0", + "@smithy/types": "^4.15.0", "tslib": "^2.6.2" }, "engines": { "node": ">=18.0.0" } }, - "node_modules/@smithy/util-utf8": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@smithy/util-utf8/-/util-utf8-4.2.2.tgz", - "integrity": "sha512-75MeYpjdWRe8M5E3AW0O4Cx3UadweS+cwdXjwYGBW5h/gxxnbeZ877sLPX/ZJA9GVTlL/qG0dXP29JWFCD1Ayw==", + "node_modules/@smithy/node-http-handler": { + "version": "4.8.2", + "resolved": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-4.8.2.tgz", + "integrity": "sha512-wfl1uwrAqMH9/pi4kqBo5LBcFwrJLxuDLqL7p7qNcJIFcyZDUc6pzhYk4CYv+DP7fIUpQCZumwNnkhPKS52osQ==", + "license": "Apache-2.0", "dependencies": { - "@smithy/util-buffer-from": "^4.2.2", + "@smithy/core": "^3.26.0", + "@smithy/types": "^4.15.0", "tslib": "^2.6.2" }, "engines": { "node": ">=18.0.0" } }, - "node_modules/@smithy/util-waiter": { - "version": "4.2.15", - "resolved": "https://registry.npmjs.org/@smithy/util-waiter/-/util-waiter-4.2.15.tgz", - "integrity": "sha512-oUt9o7n8hBv3BL56sLSneL0XeigZSuem0Hr78JaoK33D9oKieyCvVP8eTSe3j7g2mm/S1DvzxKieG7JEWNJUNg==", + "node_modules/@smithy/signature-v4": { + "version": "5.5.2", + "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-5.5.2.tgz", + "integrity": "sha512-7xHpmPY4rt0IOmeAA8EfjgEH8isT+587TCdy9H6a7d4OMi5CQ0oEHhWllunvPu4j4Cq0vTFwdxXN/kABWPjdyA==", "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^4.14.0", + "@smithy/core": "^3.26.0", + "@smithy/types": "^4.15.0", "tslib": "^2.6.2" }, "engines": { "node": ">=18.0.0" } }, - "node_modules/@smithy/uuid": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@smithy/uuid/-/uuid-1.1.2.tgz", - "integrity": "sha512-O/IEdcCUKkubz60tFbGA7ceITTAJsty+lBjNoorP4Z6XRqaFb/OjQjZODophEcuq68nKm6/0r+6/lLQ+XVpk8g==", + "node_modules/@smithy/types": { + "version": "4.15.0", + "resolved": "https://registry.npmjs.org/@smithy/types/-/types-4.15.0.tgz", + "integrity": "sha512-Z5TAOxygoFvybJV3igo5SloFflSokHx2hu1eFA+DxDTcn+FtKxUSui+rbTRG1pAafMA888Z3MVvCWUuvCrTXjg==", + "license": "Apache-2.0", "dependencies": { "tslib": "^2.6.2" }, @@ -2890,48 +3374,17 @@ "node": ">=18.0.0" } }, - "node_modules/@tokenizer/inflate": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/@tokenizer/inflate/-/inflate-0.4.1.tgz", - "integrity": "sha512-2mAv+8pkG6GIZiF1kNg1jAjh27IDxEPKwdGul3snfztFerfPGI1LjDezZp3i7BElXompqEtPmoPx6c2wgtWsOA==", - "dependencies": { - "debug": "^4.4.3", - "token-types": "^6.1.1" - }, - "engines": { - "node": ">=18" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/Borewit" - } - }, - "node_modules/@tokenizer/token": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/@tokenizer/token/-/token-0.3.0.tgz", - "integrity": "sha512-OvjF+z51L3ov0OyAU0duzsYuvO01PH7x4t6DJx+guahgTnBHkhJdG7soQeTSFLWN3efnHyibZ4Z8l2EuWwJN3A==" - }, - "node_modules/@tootallnate/quickjs-emscripten": { - "version": "0.23.0", - "resolved": "https://registry.npmjs.org/@tootallnate/quickjs-emscripten/-/quickjs-emscripten-0.23.0.tgz", - "integrity": "sha512-C5Mc6rdnsaJDjO3UpGW/CQTHtCKaYlScZTly4JIu97Jxo/odCiH0ITnDXSJPTOrEKk/ycSZ0AOgTmkDtkOsvIA==" - }, "node_modules/@types/archiver": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@types/archiver/-/archiver-7.0.0.tgz", - "integrity": "sha512-/3vwGwx9n+mCQdYZ2IKGGHEFL30I96UgBlk8EtRDDFQ9uxM1l4O5Ci6r00EMAkiDaTqD9DQ6nVrWRICnBPtzzg==", + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/@types/archiver/-/archiver-8.0.0.tgz", + "integrity": "sha512-YpXPbEuv9+eUIPPQWUPahj3cvs9isWRuF+J4z+KbdYVDO3rWorWQFxUVHnwPu2AgKwvgpki5F2VMX0Xx+mX45A==", "dev": true, "license": "MIT", "dependencies": { + "@types/node": "*", "@types/readdir-glob": "*" } }, - "node_modules/@types/mime-types": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/@types/mime-types/-/mime-types-2.1.4.tgz", - "integrity": "sha512-lfU4b34HOri+kAY5UheuFMWPDOI+OPceBSHZKp69gEyTL/mmJ4cnU6Y/rlme3UL3GyOn6Y42hyIEw0/q8sWx5w==", - "license": "MIT" - }, "node_modules/@types/node": { "version": "25.5.2", "resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.2.tgz", @@ -2953,16 +3406,8 @@ "node_modules/@types/retry": { "version": "0.12.0", "resolved": "https://registry.npmjs.org/@types/retry/-/retry-0.12.0.tgz", - "integrity": "sha512-wWKOClTTiizcZhXnPY4wikVAwmdYHp8q6DmC+EJUzAMsycb7HB32Kh9RN4+0gExjmPmZSAQjgURXIGATPegAvA==" - }, - "node_modules/@types/yauzl": { - "version": "2.10.3", - "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.3.tgz", - "integrity": "sha512-oJoftv0LSuaDZE3Le4DbKX+KS9G36NzOeSap90UIK0yMA/NhKJhqlSGtNDORNRaIbQfzjXDrQa0ytJ6mNRGz/Q==", - "optional": true, - "dependencies": { - "@types/node": "*" - } + "integrity": "sha512-wWKOClTTiizcZhXnPY4wikVAwmdYHp8q6DmC+EJUzAMsycb7HB32Kh9RN4+0gExjmPmZSAQjgURXIGATPegAvA==", + "license": "MIT" }, "node_modules/abort-controller": { "version": "3.0.0", @@ -2980,190 +3425,29 @@ "version": "7.1.4", "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz", "integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==", + "license": "MIT", "engines": { "node": ">= 14" } }, - "node_modules/ajv": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.18.0.tgz", - "integrity": "sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==", - "dependencies": { - "fast-deep-equal": "^3.1.3", - "fast-uri": "^3.0.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/ajv-formats": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz", - "integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==", - "dependencies": { - "ajv": "^8.0.0" - }, - "peerDependencies": { - "ajv": "^8.0.0" - }, - "peerDependenciesMeta": { - "ajv": { - "optional": true - } - } - }, - "node_modules/ansi-regex": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz", - "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/any-promise": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz", - "integrity": "sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==" - }, - "node_modules/anynum": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/anynum/-/anynum-1.0.0.tgz", - "integrity": "sha512-xjR9/zBVnUOP6ztMIIgShjsxui80nQUQH+5xJnvrYLs+90bF25/KJqaAi8mk+B4RDtX1Nspi6fmp4YTEts8SfA==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/NaturalIntelligence" - } - ], - "license": "MIT" - }, "node_modules/archiver": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/archiver/-/archiver-7.0.1.tgz", - "integrity": "sha512-ZcbTaIqJOfCc03QwD468Unz/5Ir8ATtvAHsK+FdXbDIbGfihqh9mrvdcYunQzqn4HrvWWaFyaxJhGZagaJJpPQ==", + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/archiver/-/archiver-8.0.0.tgz", + "integrity": "sha512-fV1orZfsnPn9BaSByR/qE67rJCLJEy2Ox5bq7nJh+jquWaNh6Sfec75kJ2T6PtdGUbPQlrVoSVCEOa5SdiTQ1g==", "license": "MIT", "dependencies": { - "archiver-utils": "^5.0.2", "async": "^3.2.4", "buffer-crc32": "^1.0.0", - "readable-stream": "^4.0.0", - "readdir-glob": "^1.1.2", - "tar-stream": "^3.0.0", - "zip-stream": "^6.0.1" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/archiver-utils": { - "version": "5.0.2", - "resolved": "https://registry.npmjs.org/archiver-utils/-/archiver-utils-5.0.2.tgz", - "integrity": "sha512-wuLJMmIBQYCsGZgYLTy5FIB2pF6Lfb6cXMSF8Qywwk3t20zWnAi7zLcQFdKQmIB8wyZpY5ER38x08GbwtR2cLA==", - "license": "MIT", - "dependencies": { - "glob": "^10.0.0", - "graceful-fs": "^4.2.0", - "is-stream": "^2.0.1", + "is-stream": "^4.0.0", "lazystream": "^1.0.0", - "lodash": "^4.17.15", "normalize-path": "^3.0.0", - "readable-stream": "^4.0.0" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/archiver-utils/node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "license": "MIT" - }, - "node_modules/archiver-utils/node_modules/brace-expansion": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz", - "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==", - "license": "MIT", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/archiver-utils/node_modules/glob": { - "version": "10.5.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.5.0.tgz", - "integrity": "sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==", - "deprecated": "Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me", - "license": "ISC", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/archiver-utils/node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==", - "license": "ISC" - }, - "node_modules/archiver-utils/node_modules/minimatch": { - "version": "9.0.9", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz", - "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==", - "license": "ISC", - "dependencies": { - "brace-expansion": "^2.0.2" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/archiver-utils/node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "license": "BlueOak-1.0.0", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" + "readable-stream": "^4.0.0", + "readdir-glob": "^3.0.0", + "tar-stream": "^3.0.0", + "zip-stream": "^7.0.2" }, "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "node": ">=18" } }, "node_modules/archiver/node_modules/buffer-crc32": { @@ -3175,17 +3459,6 @@ "node": ">=8.0.0" } }, - "node_modules/ast-types": { - "version": "0.13.4", - "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.13.4.tgz", - "integrity": "sha512-x1FCFnFifvYDDzTaLII71vG5uvDwgtmDTEVWAxrgeiR8VjMONcCXJx7E+USjDtHlwFmt9MysbqgF9b9Vjr6w+w==", - "dependencies": { - "tslib": "^2.0.1" - }, - "engines": { - "node": ">=4" - } - }, "node_modules/async": { "version": "3.2.6", "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", @@ -3324,19 +3597,11 @@ } ] }, - "node_modules/basic-ftp": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-6.0.1.tgz", - "integrity": "sha512-3ilxa3n4276wGQp/ImRAuz4ALdsj/2Wd3FqoZBZlajDYnByCZ0JMb4+26Rde0wGXIbM0G2HWSfr/Fi8b21KX8g==", - "license": "MIT", - "engines": { - "node": ">=10.0.0" - } - }, "node_modules/bignumber.js": { "version": "9.3.1", "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.3.1.tgz", "integrity": "sha512-Ko0uX15oIUS7wJ3Rb30Fs6SkVbLmPBAKdlm7q9+ak9bbIeFf0MwuBsQV6z7+X768/cHsfg+WlysDWJcmthjsjQ==", + "license": "MIT", "engines": { "node": "*" } @@ -3344,7 +3609,8 @@ "node_modules/bowser": { "version": "2.14.1", "resolved": "https://registry.npmjs.org/bowser/-/bowser-2.14.1.tgz", - "integrity": "sha512-tzPjzCxygAKWFOJP011oxFHs57HzIhOEracIgAePE4pqB3LikALKnSzUyU4MGs9/iCEUuHlAJTjTc5M+u7YEGg==" + "integrity": "sha512-tzPjzCxygAKWFOJP011oxFHs57HzIhOEracIgAePE4pqB3LikALKnSzUyU4MGs9/iCEUuHlAJTjTc5M+u7YEGg==", + "license": "MIT" }, "node_modules/brace-expansion": { "version": "5.0.6", @@ -3382,109 +3648,11 @@ "ieee754": "^1.2.1" } }, - "node_modules/buffer-crc32": { - "version": "0.2.13", - "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", - "integrity": "sha512-VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ==", - "engines": { - "node": "*" - } - }, "node_modules/buffer-equal-constant-time": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", - "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" - }, - "node_modules/chalk": { - "version": "5.6.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.6.2.tgz", - "integrity": "sha512-7NzBL0rN6fMUW+f7A6Io4h40qQlG+xGmtMxfbnH/K7TAtt8JQWVQK+6g0UXKMeVJoyV5EkkNsErQ8pVD3bLHbA==", - "engines": { - "node": "^12.17.0 || ^14.13 || >=16.0.0" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/cli-highlight": { - "version": "2.1.11", - "resolved": "https://registry.npmjs.org/cli-highlight/-/cli-highlight-2.1.11.tgz", - "integrity": "sha512-9KDcoEVwyUXrjcJNvHD0NFc/hiwe/WPVYIleQh2O1N2Zro5gWJZ/K+3DGn8w8P/F6FxOgzyC5bxDyHIgCSPhGg==", - "dependencies": { - "chalk": "^4.0.0", - "highlight.js": "^10.7.1", - "mz": "^2.4.0", - "parse5": "^5.1.1", - "parse5-htmlparser2-tree-adapter": "^6.0.0", - "yargs": "^16.0.0" - }, - "bin": { - "highlight": "bin/highlight" - }, - "engines": { - "node": ">=8.0.0", - "npm": ">=5.0.0" - } - }, - "node_modules/cli-highlight/node_modules/chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dependencies": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/chalk?sponsor=1" - } - }, - "node_modules/cliui": { - "version": "7.0.4", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", - "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==", - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.0", - "wrap-ansi": "^7.0.0" - } - }, - "node_modules/cliui/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/cliui/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==", + "license": "BSD-3-Clause" }, "node_modules/commander": { "version": "12.1.0", @@ -3495,19 +3663,19 @@ } }, "node_modules/compress-commons": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/compress-commons/-/compress-commons-6.0.2.tgz", - "integrity": "sha512-6FqVXeETqWPoGcfzrXb37E50NP0LXT8kAMu5ooZayhWWdgEY4lBEEcbQNXtkuKQsGduxiIcI4gOTsxTmuq/bSg==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/compress-commons/-/compress-commons-7.0.1.tgz", + "integrity": "sha512-g0S8KAD8qf4+V//pr3BfB1aBnARLXNz2Gx+jmHU0LEriUuoQUOPOulVquHKTJ8+EAIIO7fhseNDr9wK5Q9FKBQ==", "license": "MIT", "dependencies": { "crc-32": "^1.2.0", - "crc32-stream": "^6.0.0", - "is-stream": "^2.0.1", + "crc32-stream": "^7.0.1", + "is-stream": "^4.0.0", "normalize-path": "^3.0.0", "readable-stream": "^4.0.0" }, "engines": { - "node": ">= 14" + "node": ">=18" } }, "node_modules/core-util-is": { @@ -3522,43 +3690,30 @@ "integrity": "sha512-ROmzCKrTnOwybPcJApAA6WBWij23HVfGVNKqqrZpuyZOHqK2CwHSvpGuyt/UNNvaIjEd8X5IFGp4Mh+Ie1IHJQ==", "license": "Apache-2.0", "bin": { - "crc32": "bin/crc32.njs" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/crc32-stream": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/crc32-stream/-/crc32-stream-6.0.0.tgz", - "integrity": "sha512-piICUB6ei4IlTv1+653yq5+KoqfBYmj9bw6LqXoOneTMDXk5nM1qt12mFW1caG3LlJXEKW1Bp0WggEmIfQB34g==", - "license": "MIT", - "dependencies": { - "crc-32": "^1.2.0", - "readable-stream": "^4.0.0" + "crc32": "bin/crc32.njs" }, "engines": { - "node": ">= 14" + "node": ">=0.8" } }, - "node_modules/cross-spawn": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", - "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "node_modules/crc32-stream": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/crc32-stream/-/crc32-stream-7.0.1.tgz", + "integrity": "sha512-IBWsY8xznyQrcHn8h4bC8/4ErNke5elzgG8GcqF4RFPw6aHkWWRc7Tgw6upjaTX/CT/yQgqYENkxYsTYN+hW2g==", "license": "MIT", "dependencies": { - "path-key": "^3.1.0", - "shebang-command": "^2.0.0", - "which": "^2.0.1" + "crc-32": "^1.2.0", + "readable-stream": "^4.0.0" }, "engines": { - "node": ">= 8" + "node": ">=18" } }, "node_modules/data-uri-to-buffer": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz", "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==", + "license": "MIT", "engines": { "node": ">= 12" } @@ -3567,6 +3722,7 @@ "version": "4.4.3", "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz", "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==", + "license": "MIT", "dependencies": { "ms": "^2.1.3" }, @@ -3579,60 +3735,22 @@ } } }, - "node_modules/degenerator": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-5.0.1.tgz", - "integrity": "sha512-TllpMR/t0M5sqCXfj85i4XaAzxmS5tVA16dqvdkMwGmzI+dXLXnw3J+3Vdv7VKw+ThlTMboK6i9rnZ6Nntj5CQ==", - "dependencies": { - "ast-types": "^0.13.4", - "escodegen": "^2.1.0", - "esprima": "^4.0.1" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/diff": { - "version": "8.0.4", - "resolved": "https://registry.npmjs.org/diff/-/diff-8.0.4.tgz", - "integrity": "sha512-DPi0FmjiSU5EvQV0++GFDOJ9ASQUVFh5kD+OzOnYdi7n3Wpm9hWWGfB/O2blfHcMVTL5WkQXSnRiK9makhrcnw==", - "engines": { - "node": ">=0.3.1" - } - }, - "node_modules/eastasianwidth": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", - "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==", - "license": "MIT" - }, "node_modules/ecdsa-sig-formatter": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "license": "Apache-2.0", "dependencies": { "safe-buffer": "^5.0.1" } }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" - }, - "node_modules/end-of-stream": { - "version": "1.4.5", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", - "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", - "dependencies": { - "once": "^1.4.0" - } - }, "node_modules/esbuild": { - "version": "0.27.7", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.7.tgz", - "integrity": "sha512-IxpibTjyVnmrIQo5aqNpCgoACA/dTKLTlhMHihVHhdkxKyPO1uBBthumT0rdHmcsk9uMonIWS0m4FljWzILh3w==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.28.1.tgz", + "integrity": "sha512-HrJrvZv5ayxBzPfwphOoNzkzOIIlifzk0KJrGK2c8R4+LKpMtpYLQeUdjnwjWv/LZlkH2laZk+4w78pi99D4Vw==", "dev": true, "hasInstallScript": true, + "license": "MIT", "bin": { "esbuild": "bin/esbuild" }, @@ -3640,88 +3758,32 @@ "node": ">=18" }, "optionalDependencies": { - "@esbuild/aix-ppc64": "0.27.7", - "@esbuild/android-arm": "0.27.7", - "@esbuild/android-arm64": "0.27.7", - "@esbuild/android-x64": "0.27.7", - "@esbuild/darwin-arm64": "0.27.7", - "@esbuild/darwin-x64": "0.27.7", - "@esbuild/freebsd-arm64": "0.27.7", - "@esbuild/freebsd-x64": "0.27.7", - "@esbuild/linux-arm": "0.27.7", - "@esbuild/linux-arm64": "0.27.7", - "@esbuild/linux-ia32": "0.27.7", - "@esbuild/linux-loong64": "0.27.7", - "@esbuild/linux-mips64el": "0.27.7", - "@esbuild/linux-ppc64": "0.27.7", - "@esbuild/linux-riscv64": "0.27.7", - "@esbuild/linux-s390x": "0.27.7", - "@esbuild/linux-x64": "0.27.7", - "@esbuild/netbsd-arm64": "0.27.7", - "@esbuild/netbsd-x64": "0.27.7", - "@esbuild/openbsd-arm64": "0.27.7", - "@esbuild/openbsd-x64": "0.27.7", - "@esbuild/openharmony-arm64": "0.27.7", - "@esbuild/sunos-x64": "0.27.7", - "@esbuild/win32-arm64": "0.27.7", - "@esbuild/win32-ia32": "0.27.7", - "@esbuild/win32-x64": "0.27.7" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "engines": { - "node": ">=6" - } - }, - "node_modules/escodegen": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.1.0.tgz", - "integrity": "sha512-2NlIDTwUWJN0mRPQOdtQBzbUHvdGY2P1VXSyU83Q3xKxM7WHX2Ql8dKq782Q9TgQUNOLEzEYu9bzLNj1q88I5w==", - "dependencies": { - "esprima": "^4.0.1", - "estraverse": "^5.2.0", - "esutils": "^2.0.2" - }, - "bin": { - "escodegen": "bin/escodegen.js", - "esgenerate": "bin/esgenerate.js" - }, - "engines": { - "node": ">=6.0" - }, - "optionalDependencies": { - "source-map": "~0.6.1" - } - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/estraverse": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", - "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", - "engines": { - "node": ">=4.0" - } - }, - "node_modules/esutils": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", - "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "engines": { - "node": ">=0.10.0" + "@esbuild/aix-ppc64": "0.28.1", + "@esbuild/android-arm": "0.28.1", + "@esbuild/android-arm64": "0.28.1", + "@esbuild/android-x64": "0.28.1", + "@esbuild/darwin-arm64": "0.28.1", + "@esbuild/darwin-x64": "0.28.1", + "@esbuild/freebsd-arm64": "0.28.1", + "@esbuild/freebsd-x64": "0.28.1", + "@esbuild/linux-arm": "0.28.1", + "@esbuild/linux-arm64": "0.28.1", + "@esbuild/linux-ia32": "0.28.1", + "@esbuild/linux-loong64": "0.28.1", + "@esbuild/linux-mips64el": "0.28.1", + "@esbuild/linux-ppc64": "0.28.1", + "@esbuild/linux-riscv64": "0.28.1", + "@esbuild/linux-s390x": "0.28.1", + "@esbuild/linux-x64": "0.28.1", + "@esbuild/netbsd-arm64": "0.28.1", + "@esbuild/netbsd-x64": "0.28.1", + "@esbuild/openbsd-arm64": "0.28.1", + "@esbuild/openbsd-x64": "0.28.1", + "@esbuild/openharmony-arm64": "0.28.1", + "@esbuild/sunos-x64": "0.28.1", + "@esbuild/win32-arm64": "0.28.1", + "@esbuild/win32-ia32": "0.28.1", + "@esbuild/win32-x64": "0.28.1" } }, "node_modules/event-target-shim": { @@ -3754,31 +3816,8 @@ "node_modules/extend": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/extract-zip": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz", - "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==", - "dependencies": { - "debug": "^4.1.1", - "get-stream": "^5.1.0", - "yauzl": "^2.10.0" - }, - "bin": { - "extract-zip": "cli.js" - }, - "engines": { - "node": ">= 10.17.0" - }, - "optionalDependencies": { - "@types/yauzl": "^2.9.1" - } - }, - "node_modules/fast-deep-equal": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "license": "MIT" }, "node_modules/fast-fifo": { "version": "1.3.2", @@ -3787,88 +3826,27 @@ "license": "MIT" }, "node_modules/fast-string-truncated-width": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/fast-string-truncated-width/-/fast-string-truncated-width-1.2.1.tgz", - "integrity": "sha512-Q9acT/+Uu3GwGj+5w/zsGuQjh9O1TyywhIwAxHudtWrgF09nHOPrvTLhQevPbttcxjr/SNN7mJmfOw/B1bXgow==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/fast-string-truncated-width/-/fast-string-truncated-width-3.0.3.tgz", + "integrity": "sha512-0jjjIEL6+0jag3l2XWWizO64/aZVtpiGE3t0Zgqxv0DPuxiMjvB3M24fCyhZUO4KomJQPj3LTSUnDP3GpdwC0g==", "license": "MIT" }, "node_modules/fast-string-width": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/fast-string-width/-/fast-string-width-1.1.0.tgz", - "integrity": "sha512-O3fwIVIH5gKB38QNbdg+3760ZmGz0SZMgvwJbA1b2TGXceKE6A2cOlfogh1iw8lr049zPyd7YADHy+B7U4W9bQ==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/fast-string-width/-/fast-string-width-3.0.2.tgz", + "integrity": "sha512-gX8LrtNEI5hq8DVUfRQMbr5lpaS4nMIWV+7XEbXk2b8kiQIizgnlr12B4dA3ZEx3308ze0O4Q1R+cHts8kyUJg==", "license": "MIT", "dependencies": { - "fast-string-truncated-width": "^1.2.0" + "fast-string-truncated-width": "^3.0.2" } }, - "node_modules/fast-uri": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.2.tgz", - "integrity": "sha512-rVjf7ArG3LTk+FS6Yw81V1DLuZl1bRbNrev6Tmd/9RaroeeRRJhAt7jg/6YFxbvAQXUCavSoZhPPj6oOx+5KjQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/fastify" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fastify" - } - ], - "license": "BSD-3-Clause" - }, "node_modules/fast-wrap-ansi": { - "version": "0.1.6", - "resolved": "https://registry.npmjs.org/fast-wrap-ansi/-/fast-wrap-ansi-0.1.6.tgz", - "integrity": "sha512-HlUwET7a5gqjURj70D5jl7aC3Zmy4weA1SHUfM0JFI0Ptq987NH2TwbBFLoERhfwk+E+eaq4EK3jXoT+R3yp3w==", - "license": "MIT", - "dependencies": { - "fast-string-width": "^1.1.0" - } - }, - "node_modules/fast-xml-builder": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.2.0.tgz", - "integrity": "sha512-00aAWieqff+ZJhsXA4g1g7M8k+7AYoMUUHF+/zFb5U6Uv/P0Vl4QZo84/IcufzYalLuEj9928bXN9PbbFzMF0Q==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/NaturalIntelligence" - } - ], - "license": "MIT", - "dependencies": { - "path-expression-matcher": "^1.5.0", - "xml-naming": "^0.1.0" - } - }, - "node_modules/fast-xml-parser": { - "version": "5.7.3", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.7.3.tgz", - "integrity": "sha512-C0AaNuC+mscy6vrAQKAc/rMq+zAPHodfHGZu4sGVehvAQt/JLG1O5zEcYcXSY5zSqr4YVgxsB+pHXTq0i7eDlg==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/NaturalIntelligence" - } - ], + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/fast-wrap-ansi/-/fast-wrap-ansi-0.2.2.tgz", + "integrity": "sha512-7F2Fl+TjRSenLqlU3UjSH0iyqopqoZIu7eZVpEirP2g1GtWa2G/ecEmBdgz31+Mxr+ELclgg6sokpSFIQiZ02Q==", "license": "MIT", "dependencies": { - "@nodable/entities": "^2.1.0", - "fast-xml-builder": "^1.1.7", - "path-expression-matcher": "^1.5.0", - "strnum": "^2.2.3" - }, - "bin": { - "fxparser": "src/cli/cli.js" - } - }, - "node_modules/fd-slicer": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", - "integrity": "sha512-cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g==", - "dependencies": { - "pend": "~1.2.0" + "fast-string-width": "^3.0.2" } }, "node_modules/fetch-blob": { @@ -3885,6 +3863,7 @@ "url": "https://paypal.me/jimmywarting" } ], + "license": "MIT", "dependencies": { "node-domexception": "^1.0.0", "web-streams-polyfill": "^3.0.3" @@ -3893,55 +3872,11 @@ "node": "^12.20 || >= 14.13" } }, - "node_modules/file-type": { - "version": "21.3.4", - "resolved": "https://registry.npmjs.org/file-type/-/file-type-21.3.4.tgz", - "integrity": "sha512-Ievi/yy8DS3ygGvT47PjSfdFoX+2isQueoYP1cntFW1JLYAuS4GD7NUPGg4zv2iZfV52uDyk5w5Z0TdpRS6Q1g==", - "dependencies": { - "@tokenizer/inflate": "^0.4.1", - "strtok3": "^10.3.4", - "token-types": "^6.1.1", - "uint8array-extras": "^1.4.0" - }, - "engines": { - "node": ">=20" - }, - "funding": { - "url": "https://github.com/sindresorhus/file-type?sponsor=1" - } - }, - "node_modules/foreground-child": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.1.tgz", - "integrity": "sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==", - "license": "ISC", - "dependencies": { - "cross-spawn": "^7.0.6", - "signal-exit": "^4.0.1" - }, - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "license": "ISC", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/formdata-polyfill": { "version": "4.0.10", "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", + "license": "MIT", "dependencies": { "fetch-blob": "^3.1.2" }, @@ -3964,9 +3899,10 @@ } }, "node_modules/gaxios": { - "version": "7.1.4", - "resolved": "https://registry.npmjs.org/gaxios/-/gaxios-7.1.4.tgz", - "integrity": "sha512-bTIgTsM2bWn3XklZISBTQX7ZSddGW+IO3bMdGaemHZ3tbqExMENHLx6kKZ/KlejgrMtj8q7wBItt51yegqalrA==", + "version": "7.1.5", + "resolved": "https://registry.npmjs.org/gaxios/-/gaxios-7.1.5.tgz", + "integrity": "sha512-5FZy72Rh8LhtjmvDrKkI+lVhrsQrVKVsItxMoDm5mNQE+xR0WVIIs+jzPSJgBvKVsLi24fZhXJIsNI0bihDzFg==", + "license": "Apache-2.0", "dependencies": { "extend": "^3.0.2", "https-proxy-agent": "^7.0.1", @@ -3980,6 +3916,7 @@ "version": "8.1.2", "resolved": "https://registry.npmjs.org/gcp-metadata/-/gcp-metadata-8.1.2.tgz", "integrity": "sha512-zV/5HKTfCeKWnxG0Dmrw51hEWFGfcF2xiXqcA3+J90WDuP0SvoiSO5ORvcBsifmx/FoIjgQN3oNOGaQ5PhLFkg==", + "license": "Apache-2.0", "dependencies": { "gaxios": "^7.0.0", "google-logging-utils": "^1.0.0", @@ -3989,93 +3926,11 @@ "node": ">=18" } }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-east-asian-width": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/get-east-asian-width/-/get-east-asian-width-1.5.0.tgz", - "integrity": "sha512-CQ+bEO+Tva/qlmw24dCejulK5pMzVnUOFOijVogd3KQs07HnRIgp8TGipvCCRT06xeYEbpbgwaCxglFyiuIcmA==", - "license": "MIT", - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/get-stream": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz", - "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==", - "dependencies": { - "pump": "^3.0.0" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/get-tsconfig": { - "version": "4.13.7", - "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.13.7.tgz", - "integrity": "sha512-7tN6rFgBlMgpBML5j8typ92BKFi2sFQvIdpAqLA2beia5avZDrMs0FLZiM5etShWq5irVyGcGMEA1jcDaK7A/Q==", - "dev": true, - "dependencies": { - "resolve-pkg-maps": "^1.0.0" - }, - "funding": { - "url": "https://github.com/privatenumber/get-tsconfig?sponsor=1" - } - }, - "node_modules/get-uri": { - "version": "6.0.5", - "resolved": "https://registry.npmjs.org/get-uri/-/get-uri-6.0.5.tgz", - "integrity": "sha512-b1O07XYq8eRuVzBNgJLstU6FYc1tS6wnMtF1I1D9lE8LxZSOGZ7LhxN54yPP6mGw5f2CkXY2BQUL9Fx41qvcIg==", - "dependencies": { - "basic-ftp": "^5.0.2", - "data-uri-to-buffer": "^6.0.2", - "debug": "^4.3.4" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/get-uri/node_modules/data-uri-to-buffer": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-6.0.2.tgz", - "integrity": "sha512-7hvf7/GW8e86rW0ptuwS3OcBGDjIi6SZva7hCyWC0yYry2cOPmLIjXAUHI6DK2HsnwJd9ifmt57i8eV2n4YNpw==", - "engines": { - "node": ">= 14" - } - }, - "node_modules/glob": { - "version": "13.0.6", - "resolved": "https://registry.npmjs.org/glob/-/glob-13.0.6.tgz", - "integrity": "sha512-Wjlyrolmm8uDpm/ogGyXZXb1Z+Ca2B8NbJwqBVg0axK9GbBeoS7yGV6vjXnYdGm6X53iehEuxxbyiKp8QmN4Vw==", - "dependencies": { - "minimatch": "^10.2.2", - "minipass": "^7.1.3", - "path-scurry": "^2.0.2" - }, - "engines": { - "node": "18 || 20 || >=22" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/google-auth-library": { - "version": "10.6.2", - "resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-10.6.2.tgz", - "integrity": "sha512-e27Z6EThmVNNvtYASwQxose/G57rkRuaRbQyxM2bvYLLX/GqWZ5chWq2EBoUchJbCc57eC9ArzO5wMsEmWftCw==", + "version": "10.9.0", + "resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-10.9.0.tgz", + "integrity": "sha512-xtvUqvINPhTaBm7nXqlYPcrMHJPm1lCNdSovxnKKhTm+4JsvQ+KGVYJViLoH9Yxu8w+T0Qv5HubzYT9BLrppJg==", + "license": "Apache-2.0", "dependencies": { "base64-js": "^1.3.0", "ecdsa-sig-formatter": "^1.0.11", @@ -4092,46 +3947,16 @@ "version": "1.1.3", "resolved": "https://registry.npmjs.org/google-logging-utils/-/google-logging-utils-1.1.3.tgz", "integrity": "sha512-eAmLkjDjAFCVXg7A1unxHsLf961m6y17QFqXqAXGj/gVkKFrEICfStRfwUlGNfeCEjNRa32JEWOUTlYXPyyKvA==", + "license": "Apache-2.0", "engines": { "node": ">=14" } }, - "node_modules/graceful-fs": { - "version": "4.2.11", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", - "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==" - }, - "node_modules/has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/highlight.js": { - "version": "10.7.3", - "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-10.7.3.tgz", - "integrity": "sha512-tzcUFauisWKNHaRkN4Wjl/ZA07gENAjFl3J/c480dprkGTg5EQstgaNFqBfUqCq54kZRIEcreTsAgF/m2quD7A==", - "engines": { - "node": "*" - } - }, - "node_modules/hosted-git-info": { - "version": "9.0.2", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-9.0.2.tgz", - "integrity": "sha512-M422h7o/BR3rmCQ8UHi7cyyMqKltdP9Uo+J2fXK+RSAY+wTcKOIRyhTuKv4qn+DJf3g+PL890AzId5KZpX+CBg==", - "dependencies": { - "lru-cache": "^11.1.0" - }, - "engines": { - "node": "^20.17.0 || >=22.9.0" - } - }, "node_modules/http-proxy-agent": { "version": "7.0.2", "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz", "integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==", + "license": "MIT", "dependencies": { "agent-base": "^7.1.0", "debug": "^4.3.4" @@ -4144,6 +3969,7 @@ "version": "7.0.6", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz", "integrity": "sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==", + "license": "MIT", "dependencies": { "agent-base": "^7.1.2", "debug": "4" @@ -4167,17 +3993,9 @@ }, { "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/ignore": { - "version": "7.0.5", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz", - "integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==", - "engines": { - "node": ">= 4" - } + "url": "https://feross.org/support" + } + ] }, "node_modules/inherits": { "version": "2.0.4", @@ -4185,30 +4003,13 @@ "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", "license": "ISC" }, - "node_modules/ip-address": { - "version": "10.2.0", - "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.2.0.tgz", - "integrity": "sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA==", - "license": "MIT", - "engines": { - "node": ">= 12" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "engines": { - "node": ">=8" - } - }, "node_modules/is-stream": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", - "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-4.0.1.tgz", + "integrity": "sha512-Dnz92NInDqYckGEUJv689RbRiTSEHCQ7wOVeALbkOz999YpqT46yMRIGtSNl2iCL1waAZSx40+h59NV/EwzV/A==", "license": "MIT", "engines": { - "node": ">=8" + "node": ">=18" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" @@ -4220,31 +4021,11 @@ "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==", "license": "MIT" }, - "node_modules/isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "license": "ISC" - }, - "node_modules/jackspeak": { - "version": "3.4.3", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz", - "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==", - "license": "BlueOak-1.0.0", - "dependencies": { - "@isaacs/cliui": "^8.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, "node_modules/json-bigint": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-bigint/-/json-bigint-1.0.0.tgz", "integrity": "sha512-SiPv/8VpZuWbvLSMtTDU8hEfrZWg/mH/nV/b4o0CYbSxu1UIQPLdwKOCIyLQX+VIPO5vrLX3i8qtqFyhdPSUSQ==", + "license": "MIT", "dependencies": { "bignumber.js": "^9.0.0" } @@ -4253,6 +4034,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/json-schema-to-ts/-/json-schema-to-ts-3.1.1.tgz", "integrity": "sha512-+DWg8jCJG2TEnpy7kOm/7/AxaYoaRbjVB4LFZLySZlWn8exGs3A4OLJR966cVvU26N7X9TWxl+Jsw7dzAqKT6g==", + "license": "MIT", "dependencies": { "@babel/runtime": "^7.18.3", "ts-algebra": "^2.0.0" @@ -4261,15 +4043,11 @@ "node": ">=16" } }, - "node_modules/json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" - }, "node_modules/jwa": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/jwa/-/jwa-2.0.1.tgz", "integrity": "sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==", + "license": "MIT", "dependencies": { "buffer-equal-constant-time": "^1.0.1", "ecdsa-sig-formatter": "1.0.11", @@ -4280,22 +4058,12 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/jws/-/jws-4.0.1.tgz", "integrity": "sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==", + "license": "MIT", "dependencies": { "jwa": "^2.0.1", "safe-buffer": "^5.0.1" } }, - "node_modules/koffi": { - "version": "2.15.6", - "resolved": "https://registry.npmjs.org/koffi/-/koffi-2.15.6.tgz", - "integrity": "sha512-WQBpM5uo74UQ17UpsFN+PUOrQQg4/nYdey4SGVluQun2drYYfePziLLWdSmFb4wSdWlJC1aimXQnjhPCheRKuw==", - "hasInstallScript": true, - "license": "MIT", - "optional": true, - "funding": { - "url": "https://liberapay.com/Koromix" - } - }, "node_modules/lazystream": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/lazystream/-/lazystream-1.0.1.tgz", @@ -4338,61 +4106,11 @@ "safe-buffer": "~5.1.0" } }, - "node_modules/lodash": { - "version": "4.18.1", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz", - "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==", - "license": "MIT" - }, "node_modules/long": { "version": "5.3.2", "resolved": "https://registry.npmjs.org/long/-/long-5.3.2.tgz", - "integrity": "sha512-mNAgZ1GmyNhD7AuqnTG3/VQ26o760+ZYBPKjPvugO8+nLbYfX6TVpJPseBvopbdY+qpZ/lKUnmEc1LeZYS3QAA==" - }, - "node_modules/lru-cache": { - "version": "11.2.7", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.7.tgz", - "integrity": "sha512-aY/R+aEsRelme17KGQa/1ZSIpLpNYYrhcrepKTZgE+W3WM16YMCaPwOHLHsmopZHELU0Ojin1lPVxKR0MihncA==", - "engines": { - "node": "20 || >=22" - } - }, - "node_modules/marked": { - "version": "15.0.12", - "resolved": "https://registry.npmjs.org/marked/-/marked-15.0.12.tgz", - "integrity": "sha512-8dD6FusOQSrpv9Z1rdNMdlSgQOIP880DHqnohobOmYLElGEqAL/JvxvuxZO16r4HtjTlfPRDC1hbvxC9dPN2nA==", - "license": "MIT", - "bin": { - "marked": "bin/marked.js" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/mime-db": { - "version": "1.54.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.54.0.tgz", - "integrity": "sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ==", - "license": "MIT", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-3.0.2.tgz", - "integrity": "sha512-Lbgzdk0h4juoQ9fCKXW4by0UJqj+nOOrI9MJ1sSj4nI8aI2eo1qmvQEie4VD1glsS250n15LsWsYtCugiStS5A==", - "license": "MIT", - "dependencies": { - "mime-db": "^1.54.0" - }, - "engines": { - "node": ">=18" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/express" - } + "integrity": "sha512-mNAgZ1GmyNhD7AuqnTG3/VQ26o760+ZYBPKjPvugO8+nLbYfX6TVpJPseBvopbdY+qpZ/lKUnmEc1LeZYS3QAA==", + "license": "Apache-2.0" }, "node_modules/minimatch": { "version": "10.2.5", @@ -4408,36 +4126,11 @@ "url": "https://github.com/sponsors/isaacs" } }, - "node_modules/minipass": { - "version": "7.1.3", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.3.tgz", - "integrity": "sha512-tEBHqDnIoM/1rXME1zgka9g6Q2lcoCkxHLuc7ODJ5BxbP5d4c2Z5cGgtXAku59200Cx7diuHTOYfSBD8n6mm8A==", - "engines": { - "node": ">=16 || 14 >=14.17" - } - }, "node_modules/ms": { "version": "2.1.3", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", - "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" - }, - "node_modules/mz": { - "version": "2.7.0", - "resolved": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz", - "integrity": "sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==", - "dependencies": { - "any-promise": "^1.0.0", - "object-assign": "^4.0.1", - "thenify-all": "^1.0.0" - } - }, - "node_modules/netmask": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/netmask/-/netmask-2.0.2.tgz", - "integrity": "sha512-dBpDMdxv9Irdq66304OLfEmQ9tbNRFnFTuZiLo+bD+r332bBmMJ8GBLXklIXXgxd3+v9+KUnZaUR5PJMa75Gsg==", - "engines": { - "node": ">= 0.4.0" - } + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "license": "MIT" }, "node_modules/node-domexception": { "version": "1.0.0", @@ -4454,6 +4147,7 @@ "url": "https://paypal.me/jimmywarting" } ], + "license": "MIT", "engines": { "node": ">=10.5.0" } @@ -4462,6 +4156,7 @@ "version": "3.3.2", "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.2.tgz", "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==", + "license": "MIT", "dependencies": { "data-uri-to-buffer": "^4.0.0", "fetch-blob": "^3.1.4", @@ -4475,6 +4170,15 @@ "url": "https://opencollective.com/node-fetch" } }, + "node_modules/node-forge": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.4.0.tgz", + "integrity": "sha512-LarFH0+6VfriEhqMMcLX2F7SwSXeWwnEAJEsYm5QKWchiVYVvJyV9v7UDvUv+w5HO23ZpQTXDv/GxdDdMyOuoQ==", + "license": "(BSD-3-Clause OR GPL-2.0)", + "engines": { + "node": ">= 6.13.0" + } + }, "node_modules/normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", @@ -4484,26 +4188,11 @@ "node": ">=0.10.0" } }, - "node_modules/object-assign": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", - "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", - "dependencies": { - "wrappy": "1" - } - }, "node_modules/openai": { "version": "6.26.0", "resolved": "https://registry.npmjs.org/openai/-/openai-6.26.0.tgz", "integrity": "sha512-zd23dbWTjiJ6sSAX6s0HrCZi41JwTA1bQVs0wLQPZ2/5o2gxOJA5wh7yOAUgwYybfhDXyhwlpeQf7Mlgx8EOCA==", + "license": "Apache-2.0", "bin": { "openai": "bin/cli" }, @@ -4524,6 +4213,7 @@ "version": "4.6.2", "resolved": "https://registry.npmjs.org/p-retry/-/p-retry-4.6.2.tgz", "integrity": "sha512-312Id396EbJdvRONlngUx0NydfrIQ5lsYu0znKVUzVvArzEIt08V1qhtyESbGVd1FGX7UKtiFp5uwKZdM8wIuQ==", + "license": "MIT", "dependencies": { "@types/retry": "0.12.0", "retry": "^0.13.1" @@ -4532,108 +4222,11 @@ "node": ">=8" } }, - "node_modules/pac-proxy-agent": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-7.2.0.tgz", - "integrity": "sha512-TEB8ESquiLMc0lV8vcd5Ql/JAKAoyzHFXaStwjkzpOpC5Yv+pIzLfHvjTSdf3vpa2bMiUQrg9i6276yn8666aA==", - "dependencies": { - "@tootallnate/quickjs-emscripten": "^0.23.0", - "agent-base": "^7.1.2", - "debug": "^4.3.4", - "get-uri": "^6.0.1", - "http-proxy-agent": "^7.0.0", - "https-proxy-agent": "^7.0.6", - "pac-resolver": "^7.0.1", - "socks-proxy-agent": "^8.0.5" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/pac-resolver": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-7.0.1.tgz", - "integrity": "sha512-5NPgf87AT2STgwa2ntRMr45jTKrYBGkVU36yT0ig/n/GMAa3oPqhZfIQ2kMEimReg0+t9kZViDVZ83qfVUlckg==", - "dependencies": { - "degenerator": "^5.0.0", - "netmask": "^2.0.2" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/package-json-from-dist": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz", - "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==", - "license": "BlueOak-1.0.0" - }, - "node_modules/parse5": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.1.tgz", - "integrity": "sha512-ugq4DFI0Ptb+WWjAdOK16+u/nHfiIrcE+sh8kZMaM0WllQKLI9rOUq6c2b7cwPkXdzfQESqvoqK6ug7U/Yyzug==" - }, - "node_modules/parse5-htmlparser2-tree-adapter": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-6.0.1.tgz", - "integrity": "sha512-qPuWvbLgvDGilKc5BoicRovlT4MtYT6JfJyBOMDsKoiT+GiuP5qyrPCnR9HcPECIJJmZh5jRndyNThnhhb/vlA==", - "dependencies": { - "parse5": "^6.0.1" - } - }, - "node_modules/parse5-htmlparser2-tree-adapter/node_modules/parse5": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz", - "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==" - }, "node_modules/partial-json": { "version": "0.1.7", "resolved": "https://registry.npmjs.org/partial-json/-/partial-json-0.1.7.tgz", - "integrity": "sha512-Njv/59hHaokb/hRUjce3Hdv12wd60MtM9Z5Olmn+nehe0QDAsRtRbJPvJ0Z91TusF0SuZRIvnM+S4l6EIP8leA==" - }, - "node_modules/path-expression-matcher": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/path-expression-matcher/-/path-expression-matcher-1.5.0.tgz", - "integrity": "sha512-cbrerZV+6rvdQrrD+iGMcZFEiiSrbv9Tfdkvnusy6y0x0GKBXREFg/Y65GhIfm0tnLntThhzCnfKwp1WRjeCyQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/NaturalIntelligence" - } - ], - "license": "MIT", - "engines": { - "node": ">=14.0.0" - } - }, - "node_modules/path-key": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", - "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/path-scurry": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.2.tgz", - "integrity": "sha512-3O/iVVsJAPsOnpwWIeD+d6z/7PmqApyQePUtCndjatj/9I5LylHvt5qluFaBT3I5h3r1ejfR056c+FCv+NnNXg==", - "dependencies": { - "lru-cache": "^11.0.0", - "minipass": "^7.1.2" - }, - "engines": { - "node": "18 || 20 || >=22" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/pend": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", - "integrity": "sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg==" + "integrity": "sha512-Njv/59hHaokb/hRUjce3Hdv12wd60MtM9Z5Olmn+nehe0QDAsRtRbJPvJ0Z91TusF0SuZRIvnM+S4l6EIP8leA==", + "license": "MIT" }, "node_modules/process": { "version": "0.11.10", @@ -4650,28 +4243,10 @@ "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", "license": "MIT" }, - "node_modules/proper-lockfile": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/proper-lockfile/-/proper-lockfile-4.1.2.tgz", - "integrity": "sha512-TjNPblN4BwAWMXU8s9AEz4JmQxnD1NNL7bNOY/AKUzyamc379FWASUhc/K1pL2noVb+XmZKLL68cjzLsiOAMaA==", - "dependencies": { - "graceful-fs": "^4.2.4", - "retry": "^0.12.0", - "signal-exit": "^3.0.2" - } - }, - "node_modules/proper-lockfile/node_modules/retry": { - "version": "0.12.0", - "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz", - "integrity": "sha512-9LkiTwjUh6rT555DtE9rTX+BKByPfrMzEAtnlEtdEwr3Nkffwiihqe2bWADg+OQRjt9gl6ICdmB/ZFDCGAtSow==", - "engines": { - "node": ">= 4" - } - }, "node_modules/protobufjs": { - "version": "7.6.2", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.6.2.tgz", - "integrity": "sha512-N9EiLovGEQOJSPF26Ij7qUGvahfEnq0eeYZ02aigIedkmz1qZSwjnP9SBITHJuF/6MYbIW4HDN8zdYjsjqJKXQ==", + "version": "7.6.4", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.6.4.tgz", + "integrity": "sha512-RJJPTTpvFfHcWLkIa2JFWK4XvtSzS0yEWDmunqHXli1h3JlkbcQZXDZdcWxv+JK3Xsl5/UFDPZ0iGm7DAengYw==", "hasInstallScript": true, "license": "BSD-3-Clause", "dependencies": { @@ -4681,7 +4256,6 @@ "@protobufjs/eventemitter": "^1.1.1", "@protobufjs/fetch": "^1.1.1", "@protobufjs/float": "^1.0.2", - "@protobufjs/inquire": "^1.1.2", "@protobufjs/path": "^1.1.2", "@protobufjs/pool": "^1.1.0", "@protobufjs/utf8": "^1.1.1", @@ -4692,46 +4266,6 @@ "node": ">=12.0.0" } }, - "node_modules/proxy-agent": { - "version": "6.5.0", - "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-6.5.0.tgz", - "integrity": "sha512-TmatMXdr2KlRiA2CyDu8GqR8EjahTG3aY3nXjdzFyoZbmB8hrBsTyMezhULIXKnC0jpfjlmiZ3+EaCzoInSu/A==", - "dependencies": { - "agent-base": "^7.1.2", - "debug": "^4.3.4", - "http-proxy-agent": "^7.0.1", - "https-proxy-agent": "^7.0.6", - "lru-cache": "^7.14.1", - "pac-proxy-agent": "^7.1.0", - "proxy-from-env": "^1.1.0", - "socks-proxy-agent": "^8.0.5" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/proxy-agent/node_modules/lru-cache": { - "version": "7.18.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz", - "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==", - "engines": { - "node": ">=12" - } - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" - }, - "node_modules/pump": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.4.tgz", - "integrity": "sha512-VS7sjc6KR7e1ukRFhQSY5LM2uBWAUPiOPa/A3mkKmiMwSmRFUITt0xuj+/lesgnCv+dPIEYlkzrcyXgquIHMcA==", - "dependencies": { - "end-of-stream": "^1.1.0", - "once": "^1.3.1" - } - }, "node_modules/readable-stream": { "version": "4.7.0", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.7.0.tgz", @@ -4749,70 +4283,25 @@ } }, "node_modules/readdir-glob": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/readdir-glob/-/readdir-glob-1.1.3.tgz", - "integrity": "sha512-v05I2k7xN8zXvPD9N+z/uhXPaj0sUFCe2rcWZIpBsqxfP7xXFQ0tipAd/wjj1YxWyWtUS5IDJpOG82JKt2EAVA==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/readdir-glob/-/readdir-glob-3.0.0.tgz", + "integrity": "sha512-AhNB2KgKeVJr16nK9LLZbJNWnYoT23ZrumNKFDebHBdkC8KHSqWo871JAUhoWC/RtjEVdqNMFpM6qrwRbaUqpw==", "license": "Apache-2.0", "dependencies": { - "minimatch": "^5.1.0" - } - }, - "node_modules/readdir-glob/node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "license": "MIT" - }, - "node_modules/readdir-glob/node_modules/brace-expansion": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz", - "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==", - "license": "MIT", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/readdir-glob/node_modules/minimatch": { - "version": "5.1.9", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.9.tgz", - "integrity": "sha512-7o1wEA2RyMP7Iu7GNba9vc0RWWGACJOCZBJX2GJWip0ikV+wcOsgVuY9uE8CPiyQhkGFSlhuSkZPavN7u1c2Fw==", - "license": "ISC", - "dependencies": { - "brace-expansion": "^2.0.1" + "minimatch": "^10.2.2" }, "engines": { - "node": ">=10" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/require-from-string": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", - "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/resolve-pkg-maps": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/resolve-pkg-maps/-/resolve-pkg-maps-1.0.0.tgz", - "integrity": "sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==", - "dev": true, + "node": ">=18" + }, "funding": { - "url": "https://github.com/privatenumber/resolve-pkg-maps?sponsor=1" + "url": "https://github.com/sponsors/yqnn" } }, "node_modules/retry": { "version": "0.13.1", "resolved": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", "integrity": "sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==", + "license": "MIT", "engines": { "node": ">= 4" } @@ -4823,39 +4312,18 @@ "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", "funding": [ { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/shebang-command": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", - "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", - "license": "MIT", - "dependencies": { - "shebang-regex": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/shebang-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", - "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", - "license": "MIT", - "engines": { - "node": ">=8" - } + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ] }, "node_modules/shell-quote": { "version": "1.8.4", @@ -4869,66 +4337,12 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" - }, "node_modules/sisteransi": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", "license": "MIT" }, - "node_modules/smart-buffer": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", - "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==", - "engines": { - "node": ">= 6.0.0", - "npm": ">= 3.0.0" - } - }, - "node_modules/socks": { - "version": "2.8.7", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.7.tgz", - "integrity": "sha512-HLpt+uLy/pxB+bum/9DzAgiKS8CX1EvbWxI4zlmgGCExImLdiad2iCwXT5Z4c9c3Eq8rP2318mPW2c+QbtjK8A==", - "dependencies": { - "ip-address": "^10.0.1", - "smart-buffer": "^4.2.0" - }, - "engines": { - "node": ">= 10.0.0", - "npm": ">= 3.0.0" - } - }, - "node_modules/socks-proxy-agent": { - "version": "8.0.5", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz", - "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==", - "dependencies": { - "agent-base": "^7.1.2", - "debug": "^4.3.4", - "socks": "^2.8.3" - }, - "engines": { - "node": ">= 14" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "optional": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/std-env": { - "version": "3.10.0", - "resolved": "https://registry.npmjs.org/std-env/-/std-env-3.10.0.tgz", - "integrity": "sha512-5GS12FdOZNliM5mAOxFRg7Ir0pWz8MdpYm6AY6VPkGpbA7ZzmbzNcBJQ0GPvvyWgcY7QAhCgf9Uy89I03faLkg==" - }, "node_modules/streamx": { "version": "2.25.0", "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.25.0.tgz", @@ -4949,151 +4363,6 @@ "safe-buffer": "~5.2.0" } }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "license": "MIT", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/string-width/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.2.0.tgz", - "integrity": "sha512-yDPMNjp4WyfYBkHnjIRLfca1i6KMyGCtsVgoKe/z1+6vukgaENdgGBZt+ZmKPc4gavvEZ5OgHfHdrazhgNyG7w==", - "dependencies": { - "ansi-regex": "^6.2.2" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/strip-ansi-cjs": { - "name": "strip-ansi", - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/strnum": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/strnum/-/strnum-2.4.0.tgz", - "integrity": "sha512-sHrVyWWdq28RbhjuJdZsA1SnGRJV6NiXbk6AXBxDOsgAcA+lmpUZCYjOdLBxkXMwis6RRe7dlZt4VlIWFVzkmg==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/NaturalIntelligence" - } - ], - "license": "MIT", - "dependencies": { - "anynum": "^1.0.0" - } - }, - "node_modules/strtok3": { - "version": "10.3.5", - "resolved": "https://registry.npmjs.org/strtok3/-/strtok3-10.3.5.tgz", - "integrity": "sha512-ki4hZQfh5rX0QDLLkOCj+h+CVNkqmp/CMf8v8kZpkNVK6jGQooMytqzLZYUVYIZcFZ6yDB70EfD8POcFXiF5oA==", - "dependencies": { - "@tokenizer/token": "^0.3.0" - }, - "engines": { - "node": ">=18" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/Borewit" - } - }, - "node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dependencies": { - "has-flag": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/tar-stream": { "version": "3.1.8", "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.8.tgz", @@ -5124,46 +4393,11 @@ "b4a": "^1.6.4" } }, - "node_modules/thenify": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz", - "integrity": "sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==", - "dependencies": { - "any-promise": "^1.0.0" - } - }, - "node_modules/thenify-all": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz", - "integrity": "sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==", - "dependencies": { - "thenify": ">= 3.1.0 < 4" - }, - "engines": { - "node": ">=0.8" - } - }, - "node_modules/token-types": { - "version": "6.1.2", - "resolved": "https://registry.npmjs.org/token-types/-/token-types-6.1.2.tgz", - "integrity": "sha512-dRXchy+C0IgK8WPC6xvCHFRIWYUbqqdEIKPaKo/AcTUNzwLTK6AH7RjdLWsEZcAN/TBdtfUw3PYEgPr5VPr6ww==", - "dependencies": { - "@borewit/text-codec": "^0.2.1", - "@tokenizer/token": "^0.3.0", - "ieee754": "^1.2.1" - }, - "engines": { - "node": ">=14.16" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/Borewit" - } - }, "node_modules/ts-algebra": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ts-algebra/-/ts-algebra-2.0.0.tgz", - "integrity": "sha512-FPAhNPFMrkwz76P7cdjdmiShwMynZYN6SgOujD1urY4oNm80Ou9oMdmbR45LotcKOXoy7wSmHkRFE6Mxbrhefw==" + "integrity": "sha512-FPAhNPFMrkwz76P7cdjdmiShwMynZYN6SgOujD1urY4oNm80Ou9oMdmbR45LotcKOXoy7wSmHkRFE6Mxbrhefw==", + "license": "MIT" }, "node_modules/tslib": { "version": "2.8.1", @@ -5171,13 +4405,13 @@ "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" }, "node_modules/tsx": { - "version": "4.21.0", - "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.21.0.tgz", - "integrity": "sha512-5C1sg4USs1lfG0GFb2RLXsdpXqBSEhAaA/0kPL01wxzpMqLILNxIxIOKiILz+cdg/pLnOUxFYOR5yhHU666wbw==", + "version": "4.22.4", + "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.22.4.tgz", + "integrity": "sha512-X8EX+XV4QR5xCsrgxaED954zTDfY8KqlDtskKEL0cHhyS/P8b4IFOvGDQpsC9Q1XnLq915wEfwwY/zzskCtmhg==", "dev": true, + "license": "MIT", "dependencies": { - "esbuild": "~0.27.0", - "get-tsconfig": "^4.7.5" + "esbuild": "~0.28.0" }, "bin": { "tsx": "dist/cli.mjs" @@ -5189,11 +4423,18 @@ "fsevents": "~2.3.3" } }, + "node_modules/typebox": { + "version": "1.1.38", + "resolved": "https://registry.npmjs.org/typebox/-/typebox-1.1.38.tgz", + "integrity": "sha512-pZ0aQPmMmXoUvSbeuWf/Hzsc+avNw/Zd6VeE8CFgkVGWyuHPJvqeJJDeJqLve+K70LvjYIoleGcoJHPT17cWoA==", + "license": "MIT" + }, "node_modules/typescript": { - "version": "5.9.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz", - "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz", + "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==", "dev": true, + "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -5202,25 +4443,6 @@ "node": ">=14.17" } }, - "node_modules/uint8array-extras": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/uint8array-extras/-/uint8array-extras-1.5.0.tgz", - "integrity": "sha512-rvKSBiC5zqCCiDZ9kAOszZcDvdAHwwIKJG33Ykj43OKcWsnmcBRL09YTU4nOeHZ8Y2a7l1MgTd08SBe9A8Qj6A==", - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/undici": { - "version": "7.24.7", - "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.7.tgz", - "integrity": "sha512-H/nlJ/h0ggGC+uRL3ovD+G0i4bqhvsDOpbDv7At5eFLlj2b41L8QliGbnl2H7SnDiYhENphh1tQFJZf+MyfLsQ==", - "engines": { - "node": ">=20.18.1" - } - }, "node_modules/undici-types": { "version": "7.18.2", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz", @@ -5236,104 +4458,11 @@ "version": "3.3.3", "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.3.3.tgz", "integrity": "sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==", - "engines": { - "node": ">= 8" - } - }, - "node_modules/which": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", - "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", - "license": "ISC", - "dependencies": { - "isexe": "^2.0.0" - }, - "bin": { - "node-which": "bin/node-which" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs": { - "name": "wrap-ansi", - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "license": "MIT", - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/wrap-ansi/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "engines": { - "node": ">=8" - } - }, - "node_modules/wrap-ansi/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dependencies": { - "ansi-regex": "^5.0.1" - }, "engines": { - "node": ">=8" + "node": ">= 8" } }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" - }, "node_modules/ws": { "version": "8.21.0", "resolved": "https://registry.npmjs.org/ws/-/ws-8.21.0.tgz", @@ -5355,33 +4484,10 @@ } } }, - "node_modules/xml-naming": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/xml-naming/-/xml-naming-0.1.0.tgz", - "integrity": "sha512-k8KO9hrMyNk6tUWqUfkTEZbezRRpONVOzUTnc97VnCvyj6Tf9lyUR9EDAIeiVLv56jsMcoXEwjW8Kv5yPY52lw==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/NaturalIntelligence" - } - ], - "license": "MIT", - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "engines": { - "node": ">=10" - } - }, "node_modules/yaml": { - "version": "2.8.3", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.3.tgz", - "integrity": "sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==", + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.9.0.tgz", + "integrity": "sha512-2AvhNX3mb8zd6Zy7INTtSpl1F15HW6Wnqj0srWlkKLcpYl/gMIMJiyuGq2KeI2YFxUPjdlB+3Lc10seMLtL4cA==", "license": "ISC", "bin": { "yaml": "bin.mjs" @@ -5393,69 +4499,25 @@ "url": "https://github.com/sponsors/eemeli" } }, - "node_modules/yargs": { - "version": "16.2.0", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", - "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==", - "dependencies": { - "cliui": "^7.0.2", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.0", - "y18n": "^5.0.5", - "yargs-parser": "^20.2.2" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/yargs-parser": { - "version": "20.2.9", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz", - "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==", - "engines": { - "node": ">=10" - } - }, - "node_modules/yauzl": { - "version": "2.10.0", - "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz", - "integrity": "sha512-p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g==", - "dependencies": { - "buffer-crc32": "~0.2.3", - "fd-slicer": "~1.1.0" - } - }, - "node_modules/yoctocolors": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/yoctocolors/-/yoctocolors-2.1.2.tgz", - "integrity": "sha512-CzhO+pFNo8ajLM2d2IW/R93ipy99LWjtwblvC1RsoSUMZgyLbYFr221TnSNT7GjGdYui6P459mw9JH/g/zW2ug==", - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/zip-stream": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/zip-stream/-/zip-stream-6.0.1.tgz", - "integrity": "sha512-zK7YHHz4ZXpW89AHXUPbQVGKI7uvkd3hzusTdotCg1UxyaVtg0zFJSTfW/Dq5f7OBBVnq6cZIaC8Ti4hb6dtCA==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/zip-stream/-/zip-stream-7.0.5.tgz", + "integrity": "sha512-dSvYKdvLsAHCDqPOhIwk/q5CvuWtTB3Dgpoe0uVEFjTzIOAmsQpprX25InCvrvJsirEbu1OHyy67n/kAj1Sw/w==", "license": "MIT", "dependencies": { - "archiver-utils": "^5.0.0", - "compress-commons": "^6.0.2", + "compress-commons": "^7.0.0", + "normalize-path": "^3.0.0", "readable-stream": "^4.0.0" }, "engines": { - "node": ">= 14" + "node": ">=18" } }, "node_modules/zod": { - "version": "4.3.6", - "resolved": "https://registry.npmjs.org/zod/-/zod-4.3.6.tgz", - "integrity": "sha512-rftlrkhHZOcjDwkGlnUtZZkvaPHCsDATp4pGpuOOMDaTdDDXF91wuVDJoWoPsKX/3YPQ5fHuF3STjcYyKr+Qhg==", + "version": "4.4.3", + "resolved": "https://registry.npmjs.org/zod/-/zod-4.4.3.tgz", + "integrity": "sha512-ytENFjIJFl2UwYglde2jchW2Hwm4GJFLDiSXWdTrJQBIN9Fcyp7n4DhxJEiWNAJMV1/BqWfW/kkg71UDcHJyTQ==", + "license": "MIT", "funding": { "url": "https://github.com/sponsors/colinhacks" } @@ -5464,6 +4526,7 @@ "version": "3.25.2", "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.2.tgz", "integrity": "sha512-O/PgfnpT1xKSDeQYSCfRI5Gy3hPf91mKVDuYLUHZJMiDFptvP41MSnWofm8dnCm0256ZNfZIM7DSzuSMAFnjHA==", + "license": "ISC", "peerDependencies": { "zod": "^3.25.28 || ^4" } diff --git a/cli/package.json b/cli/package.json index 750282e..721dd2e 100644 --- a/cli/package.json +++ b/cli/package.json @@ -9,7 +9,7 @@ "url": "git+https://github.com/hackIDLE/grclanker.git" }, "engines": { - "node": ">=20.19.0" + "node": ">=22.19.0" }, "bin": { "grclanker": "./bin/grclanker.js" @@ -55,30 +55,32 @@ ] }, "dependencies": { - "@anthropic-ai/sandbox-runtime": "^0.0.49", - "@aws-sdk/client-accessanalyzer": "^3.1030.0", - "@aws-sdk/client-cloudtrail": "^3.1030.0", - "@aws-sdk/client-config-service": "^3.1030.0", - "@aws-sdk/client-guardduty": "^3.1030.0", - "@aws-sdk/client-iam": "^3.1030.0", - "@aws-sdk/client-organizations": "^3.1030.0", - "@aws-sdk/client-securityhub": "^3.1030.0", - "@aws-sdk/client-sso-admin": "^3.1030.0", - "@aws-sdk/client-sts": "^3.1030.0", - "@aws-sdk/credential-providers": "^3.1030.0", - "@clack/prompts": "^1.2.0", - "@mariozechner/pi-ai": "^0.65.2", - "@mariozechner/pi-coding-agent": "^0.65.2", + "@anthropic-ai/sandbox-runtime": "^0.0.61", + "@aws-sdk/client-accessanalyzer": "^3.1075.0", + "@aws-sdk/client-cloudtrail": "^3.1075.0", + "@aws-sdk/client-config-service": "^3.1075.0", + "@aws-sdk/client-guardduty": "^3.1075.0", + "@aws-sdk/client-iam": "^3.1075.0", + "@aws-sdk/client-organizations": "^3.1075.0", + "@aws-sdk/client-securityhub": "^3.1075.0", + "@aws-sdk/client-sso-admin": "^3.1075.0", + "@aws-sdk/client-sts": "^3.1075.0", + "@aws-sdk/credential-providers": "^3.1075.0", + "@clack/prompts": "^1.6.0", + "@earendil-works/pi-ai": "^0.80.2", + "@earendil-works/pi-coding-agent": "^0.80.2", "@sinclair/typebox": "^0.34.48", - "archiver": "^7.0.1", - "yaml": "^2.8.3" + "archiver": "^8.0.0", + "yaml": "^2.9.0" }, "devDependencies": { - "@types/archiver": "^7.0.0", - "tsx": "^4.19.0", - "typescript": "^5.7.0" + "@types/archiver": "^8.0.0", + "tsx": "^4.22.4", + "typescript": "^6.0.3" }, "overrides": { - "basic-ftp": "6.0.1" + "basic-ftp": "6.0.1", + "undici": "7.28.0", + "protobufjs": "7.6.4" } } diff --git a/cli/pi/backend-exec.ts b/cli/pi/backend-exec.ts index 8c75794..86e4540 100644 --- a/cli/pi/backend-exec.ts +++ b/cli/pi/backend-exec.ts @@ -8,7 +8,7 @@ import { type LsOperations, type ReadOperations, type WriteOperations, -} from "@mariozechner/pi-coding-agent"; +} from "@earendil-works/pi-coding-agent"; import { minimatch } from "minimatch"; import { getComputeBackendConfigurationIssues, diff --git a/cli/pi/branding.ts b/cli/pi/branding.ts index 770954c..b7295bb 100644 --- a/cli/pi/branding.ts +++ b/cli/pi/branding.ts @@ -12,7 +12,7 @@ type EmbeddedPiPackageJson = { }; export function assertEmbeddedPiBranding(appRoot: string): void { - const packageRoot = join(appRoot, "node_modules", "@mariozechner", "pi-coding-agent"); + const packageRoot = join(appRoot, "node_modules", "@earendil-works", "pi-coding-agent"); const packageJsonPath = join(packageRoot, "package.json"); if (!existsSync(packageJsonPath)) { diff --git a/cli/pi/launch.ts b/cli/pi/launch.ts index 7012688..13ba70c 100644 --- a/cli/pi/launch.ts +++ b/cli/pi/launch.ts @@ -94,6 +94,6 @@ export async function launchCli( process.env.PI_SKIP_VERSION_CHECK ??= "1"; process.chdir(workingDir); - const { main } = await import("@mariozechner/pi-coding-agent"); + const { main } = await import("@earendil-works/pi-coding-agent"); await main(args); } diff --git a/cli/pi/search-tools.ts b/cli/pi/search-tools.ts index da827cb..195e76d 100644 --- a/cli/pi/search-tools.ts +++ b/cli/pi/search-tools.ts @@ -8,7 +8,7 @@ import { truncateLine, type GrepToolDetails, type GrepToolInput, -} from "@mariozechner/pi-coding-agent"; +} from "@earendil-works/pi-coding-agent"; import type { ResolvedComputeBackendExecution } from "./backend-exec.js"; const DEFAULT_GREP_LIMIT = 100; diff --git a/cli/pi/tool-catalog.ts b/cli/pi/tool-catalog.ts index 71d0bce..d9374d2 100644 --- a/cli/pi/tool-catalog.ts +++ b/cli/pi/tool-catalog.ts @@ -1,4 +1,4 @@ -import type { ExtensionAPI, ToolDefinition } from "@mariozechner/pi-coding-agent"; +import type { ExtensionAPI, ToolDefinition } from "@earendil-works/pi-coding-agent"; import grcTools from "../extensions/grc-tools.js"; export interface RegisteredToolSummary { diff --git a/cli/prompts/audit.md b/cli/prompts/audit.md index 5217fd1..ab573d6 100644 --- a/cli/prompts/audit.md +++ b/cli/prompts/audit.md @@ -18,7 +18,7 @@ Use the available GRC tools first: 3. If FedRAMP or FedRAMP 20x is in scope, start with `fedramp_check_sources`, then use `fedramp_search_frmr`, `fedramp_get_process`, `fedramp_get_requirement`, and `fedramp_get_ksi` to ground your interpretation in the official FedRAMP GitHub sources 4. When you need a practical operator brief instead of raw source data, use `fedramp_assess_readiness` on the relevant process or KSI 5. When you need to turn a FedRAMP process into a concrete publishing and evidence plan, use `fedramp_plan_process_artifacts` -6. If the scope centers on Authorization Data Sharing or trust-center rollout, use `fedramp_plan_ads_package` +6. If the scope centers on Certification Data Sharing or trust-center rollout, use `fedramp_plan_ads_package` 7. If you want a working ADS starter scaffold instead of only a plan, use `fedramp_generate_ads_bundle` 8. If the team needs a public, customer-owned trust-center site they can deploy to AWS, Azure, or GCP, use `fedramp_generate_ads_site` 9. If the scope is an AWS account or organization, start with `aws_check_access`, then use `aws_assess_identity`, `aws_assess_logging_detection`, and `aws_assess_org_guardrails`, or `aws_export_audit_bundle` when the deliverable needs a zipped evidence package diff --git a/cli/scripts/patch-embedded-pi.mjs b/cli/scripts/patch-embedded-pi.mjs index 8e5d8a0..ca36634 100644 --- a/cli/scripts/patch-embedded-pi.mjs +++ b/cli/scripts/patch-embedded-pi.mjs @@ -191,8 +191,8 @@ function patchEmbeddedPi(rootDir) { throw new Error(`No package.json found under ${rootDir}`); } - const packageRoot = join(rootDir, "node_modules", "@mariozechner", "pi-coding-agent"); - const piTuiRoot = join(rootDir, "node_modules", "@mariozechner", "pi-tui"); + const packageRoot = join(rootDir, "node_modules", "@earendil-works", "pi-coding-agent"); + const piTuiRoot = join(rootDir, "node_modules", "@earendil-works", "pi-tui"); const packageJsonPath = join(packageRoot, "package.json"); if (!existsSync(packageJsonPath)) { throw new Error(`Embedded pi package not found under ${packageRoot}`); diff --git a/cli/scripts/sync-fedramp.ts b/cli/scripts/sync-fedramp.ts index 901b6e2..f36135e 100644 --- a/cli/scripts/sync-fedramp.ts +++ b/cli/scripts/sync-fedramp.ts @@ -36,9 +36,9 @@ async function main() { [ `Wrote ${files.length} generated FedRAMP docs file(s) to ${targetDir}.`, `Source: ${sourceStatus.primary.repoUrl}/${sourceStatus.primary.path}`, - `FRMR version: ${sourceStatus.primary.version}`, + `Consolidated Rules version: ${sourceStatus.primary.version}`, `Upstream last_updated: ${sourceStatus.primary.upstreamLastUpdated}`, - `Rules repo state: ${sourceStatus.secondary.state}`, + `Narrative source state: ${sourceStatus.secondary.state}`, ].join("\n") + "\n", ); } diff --git a/cli/tests/fedramp.test.mjs b/cli/tests/fedramp.test.mjs index c731def..6d3eefb 100644 --- a/cli/tests/fedramp.test.mjs +++ b/cli/tests/fedramp.test.mjs @@ -9,7 +9,7 @@ import { inspectFedrampOfficialSources, loadFedrampCatalog, normalizeFedrampApplicability, - normalizeFedrampFrmr, + normalizeFedrampConsolidatedRules, resolveFedrampKsi, resolveFedrampProcess, resolveFedrampRequirement, @@ -35,106 +35,171 @@ function jsonResponse(payload) { }); } -const frmrFixture = { +const consolidatedRulesFixture = { info: { - title: "FedRAMP Machine-Readable Documentation", - description: "Fixture FRMR payload", - version: "0.9.43-beta", - last_updated: "2026-04-08", + title: "FedRAMP Consolidated Rules for 2026", + description: "Fixture consolidated rules payload", + version: "2026.07.02.02", + last_updated: "2026-07-02", }, FRD: { data: { - both: { + all: { "FRD-ACV": { - fka: "FRD-ALL-31", term: "Accepted Vulnerability", alts: ["accepted vulnerability", "accepted vulnerabilities"], definition: "A vulnerability the provider does not intend to remediate within the recommended period.", - updated: [{ date: "2026-02-04", comment: "Renamed during standardization." }], + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], }, }, }, }, FRR: { - ADS: { + CDS: { info: { - name: "Authorization Data Sharing", - short_name: "ADS", - web_name: "authorization-data-sharing", - effective: { - rev5: { - is: "optional", - current_status: "Open Beta", + name: "Certification Data Sharing", + short_name: "CDS", + web_name: "certification-data-sharing", + purpose: "Providers share certification data in human-readable and machine-readable form.", + status: "stable", + tag: "transparency", + subsets: { + CSO: { + name: "General Provider Responsibilities", + description: "Applies to all providers.", + applicability: { + types: ["20x", "Rev5"], + paths: ["Program", "Agency"], + classes: ["B", "C", "D"], + affects: ["Providers"], + }, + }, + }, + "20x": { + subsets: { + TRC: { + name: "Trust Center Responsibilities", + description: "Applies to provider trust centers.", + applicability: { + types: ["20x"], + paths: ["Program"], + classes: ["B", "C"], + affects: ["Providers"], + }, + }, }, - "20x": { + effective: { is: "required", - current_status: "Phase 2 Pilot", + current_status: "Consolidated Rules for 2026", + date: { + obtain: "2026-01-05", + maintain: "2026-01-05", + grace: { default: "2026-07-01", until_next_assessment: false }, + }, }, }, - }, - front_matter: { - purpose: "Providers share authorization data in human-readable and machine-readable form.", - expected_outcomes: [ - "Agencies can programmatically access authorization data.", - "Providers can manage authorization data in a trust center.", - ], - authority: [ - { - reference: "OMB M-24-15", - reference_url: "https://www.fedramp.gov/docs/authority/m-24-15", - description: "Modernizing FedRAMP memo.", + rev5: { + effective: { + is: "optional", + current_status: "Public Preview", + date: { optional_adoption: "2026-06-24" }, }, - ], - }, - labels: { - CSO: { - name: "General Provider Responsibilities", - description: "Applies to all providers.", - }, - TRC: { - name: "FedRAMP-Compatible Trust Centers", - description: "Applies to trust centers.", }, }, data: { - both: { + all: { CSO: { - "ADS-CSO-PUB": { - fka: "FRR-ADS-01", + "CDS-CSO-PUB": { name: "Public Information", statement: "Providers MUST publicly share up-to-date information about the cloud service offering in both human-readable and machine-readable formats.", - primary_key_word: "MUST", + force: "MUST", affects: ["Providers"], terms: ["Cloud Service Offering", "Machine-Readable"], following_information: ["Direct link to the FedRAMP Marketplace", "Service Model"], - updated: [{ date: "2026-02-04", comment: "Added machine-readable emphasis." }], + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], }, }, }, "20x": { TRC: { - "ADS-TRC-API": { + "CDS-TRC-API": { name: "Programmatic Access", statement: - "Trust centers MUST provide documented programmatic access to all authorization data.", - primary_key_word: "MUST", - affects: ["Trust Centers"], - terms: ["Authorization data", "Machine-Readable"], - updated: [{ date: "2026-02-04", comment: "No material changes." }], + "Providers MUST provide documented programmatic access to all certification data.", + force: "MUST", + affects: ["Providers"], + terms: ["Certification data", "Machine-Readable"], + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], }, }, }, rev5: { CSO: { - "ADS-CSO-BETA": { - name: "Rev5 Beta Signup", - statement: "Rev5 providers SHOULD notify FedRAMP before joining the ADS beta.", - primary_key_word: "SHOULD", + "CDS-CSO-BETA": { + name: "Rev5 Preview Adoption", + statement: "Rev5 providers SHOULD notify FedRAMP before adopting preview rules.", + force: "SHOULD", affects: ["Providers"], - terms: ["Authorization data"], + terms: ["Certification data"], timeframe_type: "days", timeframe_num: 7, + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], + }, + }, + }, + }, + }, + CCM: { + info: { + name: "Collaborative Continuous Monitoring", + short_name: "CCM", + web_name: "collaborative-continuous-monitoring", + purpose: "Providers and agencies review ongoing certification evidence.", + status: "stable", + effective: { + is: "required", + current_status: "Consolidated Rules for 2026", + date: { obtain: "2026-01-05", maintain: "2026-01-05" }, + }, + subsets: { + QTR: { + name: "Quarterly Review", + description: "Quarterly review requirements.", + applicability: { + types: ["20x", "Rev5"], + paths: ["Program", "Agency"], + classes: ["A", "B", "C", "D"], + affects: ["Providers"], + }, + }, + }, + }, + data: { + all: { + QTR: { + "CCM-QTR-MTG": { + name: "Quarterly Review Meeting", + varies_by_class: { + a: { + statement: "Class A providers MAY host a quarterly review.", + force: "MAY", + }, + b: { + statement: "Class B providers SHOULD host a quarterly review.", + force: "SHOULD", + }, + c: { + statement: "Class C providers MUST host a quarterly review.", + force: "MUST", + }, + d: { + statement: "Class D providers MUST host a quarterly review.", + force: "MUST", + }, + }, + affects: ["Providers"], + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], }, }, }, @@ -142,60 +207,76 @@ const frmrFixture = { }, }, KSI: { - AFR: { - id: "KSI-AFR", - name: "Authorization by FedRAMP", - short_name: "AFR", - web_name: "authorization-by-fedramp", - theme: - "A secure cloud service provider seeking FedRAMP authorization addresses all FedRAMP 20x requirements and recommendations.", + CNA: { + id: "KSI-CNA", + name: "Cloud Native Architecture", + short_name: "CNA", + web_name: "cloud-native-architecture", + status: "stable", indicators: { - "KSI-AFR-ADS": { - fka: "KSI-AFR-03", - name: "Authorization Data Sharing", + "KSI-CNA-CDS": { + name: "Certification Data Sharing", statement: - "Determine how authorization data will be shared with all necessary parties in alignment with the ADS process.", - reference: "Authorization Data Sharing", - reference_url: "https://fedramp.gov/docs/20x/authorization-data-sharing", + "Determine how certification data will be shared with all necessary parties in alignment with the CDS process.", + reference: "Certification Data Sharing", + reference_url: "https://www.fedramp.gov/2026/reference/certification-data-sharing/", controls: ["ac-3", "au-2", "ra-5"], - terms: ["Authorization data", "All Necessary Parties"], - updated: [{ date: "2026-02-04", comment: "Renamed during standardization." }], + terms: ["Certification data", "All Necessary Parties"], + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], + }, + "KSI-CNA-EIS": { + name: "Enforcing Intended State", + varies_by_class: { + b: { statement: "Optional automated enforcement is available for Class B." }, + c: { statement: "Automated enforcement is required for Class C." }, + }, + controls: ["cm-3"], + updated: [{ date: "2026-06-24", comment: "Official consolidated rules launch." }], }, }, }, }, }; -test("normalizeFedrampFrmr flattens definitions, requirements, and KSI records", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("normalizeFedrampConsolidatedRules flattens 2026 rules and preserves class variants", () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); - assert.equal(catalog.info.version, "0.9.43-beta"); + assert.equal(catalog.info.version, "2026.07.02.02"); assert.equal(catalog.definitions.length, 1); - assert.equal(catalog.processes.length, 1); - assert.equal(catalog.requirements.length, 3); + assert.equal(catalog.processes.length, 2); + assert.equal(catalog.requirements.length, 4); assert.equal(catalog.ksiDomains.length, 1); - assert.equal(catalog.ksiIndicators.length, 1); - assert.equal(catalog.requirements.find((item) => item.id === "ADS-CSO-PUB")?.appliesTo, "both"); - assert.equal(catalog.ksiIndicators[0]?.fka, "KSI-AFR-03"); + assert.equal(catalog.ksiIndicators.length, 2); + assert.equal(catalog.requirements.find((item) => item.id === "CDS-CSO-PUB")?.appliesTo, "both"); + assert.equal(catalog.processes.find((item) => item.id === "CDS")?.labels.length, 2); + const classRule = catalog.requirements.find((item) => item.id === "CCM-QTR-MTG"); + assert.equal(classRule?.primaryKeyWord, "VARIES BY CLASS"); + assert.equal(classRule?.classVariants.length, 4); + assert.match(classRule?.statement ?? "", /Class C providers MUST/); + assert.equal( + catalog.ksiIndicators.find((item) => item.id === "KSI-CNA-EIS")?.classVariants.length, + 2, + ); }); -test("search and resolvers support current IDs, former IDs, and unique names", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("search and resolvers support current IDs, unique names, and legacy process aliases", () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); - const fkaMatch = searchFedrampCatalog(catalog, "FRR-ADS-01", { + const fkaMatch = searchFedrampCatalog(catalog, "CDS-CSO-PUB", { section: "requirement", appliesTo: normalizeFedrampApplicability("any"), limit: 10, }); - assert.equal(fkaMatch[0]?.id, "ADS-CSO-PUB"); + assert.equal(fkaMatch[0]?.id, "CDS-CSO-PUB"); - assert.equal(resolveFedrampProcess(catalog, "authorization-data-sharing").id, "ADS"); - assert.equal(resolveFedrampRequirement(catalog, "FRR-ADS-01").id, "ADS-CSO-PUB"); + assert.equal(resolveFedrampProcess(catalog, "certification-data-sharing").id, "CDS"); + assert.equal(resolveFedrampProcess(catalog, "ADS").id, "CDS"); + assert.equal(resolveFedrampRequirement(catalog, "CDS-CSO-PUB").id, "CDS-CSO-PUB"); - const ksiMatch = resolveFedrampKsi(catalog, "KSI-AFR-03"); + const ksiMatch = resolveFedrampKsi(catalog, "KSI-CNA-EIS"); assert.equal(ksiMatch.kind, "indicator"); if (ksiMatch.kind === "indicator") { - assert.equal(ksiMatch.indicator.id, "KSI-AFR-ADS"); + assert.equal(ksiMatch.indicator.id, "KSI-CNA-EIS"); } }); @@ -208,13 +289,13 @@ test("loadFedrampCatalog writes cache and falls back to stale disk data if refre const url = typeof input === "string" ? input : input.toString(); calls.push(url); - if (url === "https://raw.githubusercontent.com/FedRAMP/docs/main/FRMR.documentation.json") { - return jsonResponse(frmrFixture); + if (url === "https://raw.githubusercontent.com/FedRAMP/rules/main/fedramp-consolidated-rules.json") { + return jsonResponse(consolidatedRulesFixture); } - if (url === "https://api.github.com/repos/FedRAMP/docs") { + if (url === "https://api.github.com/repos/FedRAMP/rules") { return jsonResponse({ - html_url: "https://github.com/FedRAMP/docs", + html_url: "https://github.com/FedRAMP/rules", updated_at: "2026-04-13T17:52:17Z", default_branch: "main", }); @@ -222,12 +303,12 @@ test("loadFedrampCatalog writes cache and falls back to stale disk data if refre if ( url === - "https://api.github.com/repos/FedRAMP/docs/contents/FRMR.documentation.json?ref=main" + "https://api.github.com/repos/FedRAMP/rules/contents/fedramp-consolidated-rules.json?ref=main" ) { return jsonResponse({ sha: "abcdef1234567890abcdef1234567890abcdef12", html_url: - "https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json", + "https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json", }); } @@ -240,7 +321,7 @@ test("loadFedrampCatalog writes cache and falls back to stale disk data if refre const live = await loadFedrampCatalog({ refresh: true, homeDir }); assert.equal(live.cacheStatus, "live"); assert.equal(live.provenance.blobSha, "abcdef1234567890abcdef1234567890abcdef12"); - assert.ok(calls.some((url) => url.includes("FRMR.documentation.json"))); + assert.ok(calls.some((url) => url.includes("fedramp-consolidated-rules.json"))); clearFedrampCachesForTests(); globalThis.fetch = async () => { @@ -250,7 +331,7 @@ test("loadFedrampCatalog writes cache and falls back to stale disk data if refre const stale = await loadFedrampCatalog({ refresh: true, homeDir }); assert.equal(stale.cacheStatus, "stale"); assert.match(stale.notes[0] ?? "", /stale FedRAMP cache/i); - assert.equal(stale.catalog.info.version, "0.9.43-beta"); + assert.equal(stale.catalog.info.version, "2026.07.02.02"); } finally { globalThis.fetch = originalFetch; clearFedrampCachesForTests(); @@ -258,20 +339,20 @@ test("loadFedrampCatalog writes cache and falls back to stale disk data if refre } }); -test("inspectFedrampOfficialSources reports the official rules repo as placeholder when it is not populated", async () => { +test("inspectFedrampOfficialSources reports rules as primary and narrative Markdown as supporting", async () => { const originalFetch = globalThis.fetch; const homeDir = mkdtempSync(join(tmpdir(), "grclanker-fedramp-sources-")); globalThis.fetch = async (input) => { const url = typeof input === "string" ? input : input.toString(); - if (url === "https://raw.githubusercontent.com/FedRAMP/docs/main/FRMR.documentation.json") { - return jsonResponse(frmrFixture); + if (url === "https://raw.githubusercontent.com/FedRAMP/rules/main/fedramp-consolidated-rules.json") { + return jsonResponse(consolidatedRulesFixture); } - if (url === "https://api.github.com/repos/FedRAMP/docs") { + if (url === "https://api.github.com/repos/FedRAMP/rules") { return jsonResponse({ - html_url: "https://github.com/FedRAMP/docs", + html_url: "https://github.com/FedRAMP/rules", updated_at: "2026-04-13T17:52:17Z", default_branch: "main", }); @@ -279,27 +360,28 @@ test("inspectFedrampOfficialSources reports the official rules repo as placehold if ( url === - "https://api.github.com/repos/FedRAMP/docs/contents/FRMR.documentation.json?ref=main" + "https://api.github.com/repos/FedRAMP/rules/contents/fedramp-consolidated-rules.json?ref=main" ) { return jsonResponse({ sha: "abcdef1234567890abcdef1234567890abcdef12", html_url: - "https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json", + "https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json", }); } - if (url === "https://api.github.com/repos/FedRAMP/rules") { + if (url === "https://api.github.com/repos/FedRAMP/2026-markdown") { return jsonResponse({ - html_url: "https://github.com/FedRAMP/rules", - updated_at: "2026-04-12T15:15:27Z", + html_url: "https://github.com/FedRAMP/2026-markdown", + updated_at: "2026-07-02T15:15:27Z", default_branch: "main", }); } - if (url === "https://api.github.com/repos/FedRAMP/rules/contents/?ref=main") { + if (url === "https://api.github.com/repos/FedRAMP/2026-markdown/contents/?ref=main") { return jsonResponse([ - { name: ".gitignore", type: "file" }, { name: "README.md", type: "file" }, + { name: "_sources.json", type: "file" }, + { name: "providers", type: "dir" }, ]); } @@ -310,9 +392,11 @@ test("inspectFedrampOfficialSources reports the official rules repo as placehold try { const status = await inspectFedrampOfficialSources({ refresh: true, homeDir }); - assert.equal(status.primary.version, "0.9.43-beta"); - assert.equal(status.secondary.state, "placeholder"); - assert.ok(status.notes.some((note) => note.includes("FedRAMP/rules"))); + assert.equal(status.primary.version, "2026.07.02.02"); + assert.equal(status.primary.repo, "rules"); + assert.equal(status.secondary.repo, "2026-markdown"); + assert.equal(status.secondary.state, "ready"); + assert.deepEqual(status.notes, []); } finally { globalThis.fetch = originalFetch; clearFedrampCachesForTests(); @@ -321,29 +405,29 @@ test("inspectFedrampOfficialSources reports the official rules repo as placehold }); test("buildFedrampDocsSnapshot is deterministic and includes provenance banners", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const primary = { org: "FedRAMP", - repo: "docs", + repo: "rules", branch: "main", - repoUrl: "https://github.com/FedRAMP/docs", - path: "FRMR.documentation.json", - rawUrl: "https://raw.githubusercontent.com/FedRAMP/docs/main/FRMR.documentation.json", + repoUrl: "https://github.com/FedRAMP/rules", + path: "fedramp-consolidated-rules.json", + rawUrl: "https://raw.githubusercontent.com/FedRAMP/rules/main/fedramp-consolidated-rules.json", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - fileHtmlUrl: "https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json", + fileHtmlUrl: "https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json", repoUpdatedAt: "2026-04-13T17:52:17Z", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }; const secondary = { org: "FedRAMP", - repo: "rules", + repo: "2026-markdown", branch: "main", - repoUrl: "https://github.com/FedRAMP/rules", - repoUpdatedAt: "2026-04-12T15:15:27Z", - state: "placeholder", - rootEntries: [".gitignore", "README.md"], - notes: ["The official FedRAMP/rules repo exists, but it is still placeholder-level."], + repoUrl: "https://github.com/FedRAMP/2026-markdown", + repoUpdatedAt: "2026-07-02T15:15:27Z", + state: "ready", + rootEntries: ["README.md", "_sources.json", "providers"], + notes: [], }; const first = buildFedrampDocsSnapshot(catalog, { primary, secondary }); @@ -351,32 +435,32 @@ test("buildFedrampDocsSnapshot is deterministic and includes provenance banners" assert.deepEqual(first, second); assert.ok(first.some((file) => file.path === "fedramp/index.md")); - assert.ok(first.some((file) => file.path === "fedramp/processes/authorization-data-sharing.md")); - assert.ok(first.some((file) => file.path === "fedramp/ksi/authorization-by-fedramp.md")); + assert.ok(first.some((file) => file.path === "fedramp/processes/certification-data-sharing.md")); + assert.ok(first.some((file) => file.path === "fedramp/ksi/cloud-native-architecture.md")); const overview = first.find((file) => file.path === "fedramp/index.md")?.content ?? ""; assert.match(overview, /official FedRAMP GitHub organization/i); - assert.match(overview, /0.9.43-beta/); - assert.match(overview, /FRMR.documentation\.json/); + assert.match(overview, /2026.07.02.02/); + assert.match(overview, /fedramp-consolidated-rules\.json/); }); test("readiness helper prioritizes official MUST items and infers provider-facing artifacts", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", }; const brief = buildFedrampReadinessBrief(loaded, { - query: "ADS", + query: "CDS", audience: "provider", applies_to: "20x", limit: 3, @@ -384,7 +468,7 @@ test("readiness helper prioritizes official MUST items and infers provider-facin assert.equal(brief.kind, "process"); assert.equal(brief.checklist.length, 2); - assert.equal(brief.checklist[0]?.id, "ADS-CSO-PUB"); + assert.equal(brief.checklist[0]?.id, "CDS-CSO-PUB"); assert.ok( brief.artifactSuggestions.some((item) => item.toLowerCase().includes("machine-readable")), ); @@ -396,63 +480,63 @@ test("readiness helper prioritizes official MUST items and infers provider-facin }); test("readiness helper links KSI indicators back to their process obligations", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", }; const brief = buildFedrampReadinessBrief(loaded, { - query: "KSI-AFR-03", + query: "KSI-CNA-CDS", audience: "provider", applies_to: "20x", limit: 2, }); assert.equal(brief.kind, "ksi-indicator"); - assert.equal(brief.linkedProcesses[0]?.id, "ADS"); - assert.ok(brief.checklist.some((item) => item.id === "ADS-CSO-PUB")); - assert.match(brief.text, /Linked process:\s+Authorization Data Sharing \[ADS\]/); + assert.equal(brief.linkedProcesses[0]?.id, "CDS"); + assert.ok(brief.checklist.some((item) => item.id === "CDS-CSO-PUB")); + assert.match(brief.text, /Linked process:\s+Certification Data Sharing \[CDS\]/); }); test("artifact and workstream inference stays grounded in official requirement language", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const requirements = catalog.requirements; const indicators = catalog.ksiIndicators; - const artifacts = inferFedrampArtifactSuggestions(["ADS"], requirements, indicators); - const workstreams = inferFedrampWorkstreams(["ADS"], requirements, indicators); + const artifacts = inferFedrampArtifactSuggestions(["CDS"], requirements, indicators); + const workstreams = inferFedrampWorkstreams(["CDS"], requirements, indicators); assert.ok(artifacts.some((item) => item.toLowerCase().includes("trust-center"))); - assert.ok(workstreams.some((item) => item.toLowerCase().includes("authorization data publishing"))); + assert.ok(workstreams.some((item) => item.toLowerCase().includes("certification data publishing"))); assert.ok(workstreams.some((item) => item.toLowerCase().includes("trust-center operations"))); }); -test("artifact planner turns ADS into public and controlled package items", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("artifact planner turns CDS into public and controlled package items", () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", }; const plan = buildFedrampArtifactPlan(loaded, { - query: "ADS", + query: "CDS", audience: "trust-center", applies_to: "20x", }); @@ -468,43 +552,43 @@ test("artifact planner turns ADS into public and controlled package items", () = }); test("artifact planner resolves KSI queries back to linked process artifacts", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", }; const plan = buildFedrampArtifactPlan(loaded, { - query: "KSI-AFR-ADS", + query: "KSI-CNA-CDS", audience: "provider", applies_to: "20x", }); assert.equal(plan.kind, "ksi-indicator"); - assert.equal(plan.linkedProcesses[0]?.id, "ADS"); - assert.ok(plan.items.some((item) => item.groundedBy.includes("ADS-CSO-PUB"))); - assert.match(plan.text, /Linked process:\s+Authorization Data Sharing \[ADS\]/); + assert.equal(plan.linkedProcesses[0]?.id, "CDS"); + assert.ok(plan.items.some((item) => item.groundedBy.includes("CDS-CSO-PUB"))); + assert.match(plan.text, /Linked process:\s+Certification Data Sharing \[CDS\]/); }); -test("ADS package planner groups artifacts into package layers", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("CDS package planner groups artifacts into package layers", () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", }; @@ -514,7 +598,7 @@ test("ADS package planner groups artifacts into package layers", () => { applies_to: "20x", }); - assert.equal(plan.process.id, "ADS"); + assert.equal(plan.process.id, "CDS"); assert.ok(plan.publicItems.length >= 2); assert.ok(plan.controlledItems.length >= 1); assert.match(plan.text, /Public trust-center layer:/); @@ -522,17 +606,17 @@ test("ADS package planner groups artifacts into package layers", () => { assert.match(plan.text, /Recommended rollout:/); }); -test("ADS starter bundle builder includes trust-center and feed templates", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("CDS starter bundle builder includes trust-center and feed templates", () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", notes: [], @@ -551,21 +635,21 @@ test("ADS starter bundle builder includes trust-center and feed templates", () = assert.ok(bundle.files.some((file) => file.path === "private/operating-runbook.md")); const readme = bundle.files.find((file) => file.path === "README.md")?.content ?? ""; - assert.match(readme, /Authorization Data Sharing Starter Bundle/); + assert.match(readme, /Certification Data Sharing Starter Bundle/); assert.match(readme, /public\/authorization-data\.json/); }); -test("ADS starter bundle generator writes scaffold files under the requested root", async () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("CDS starter bundle generator writes scaffold files under the requested root", async () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", notes: [], @@ -586,23 +670,23 @@ test("ADS starter bundle generator writes scaffold files under the requested roo const metadata = readFileSync(join(result.outputDir, "_source.json"), "utf8"); assert.match(metadata, /"process":/); - assert.match(metadata, /"ADS"/); + assert.match(metadata, /"CDS"/); } finally { rmSync(outputRoot, { recursive: true, force: true }); } }); -test("ADS site builder includes public pages, JSON artifacts, and cloud deploy notes", () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("CDS site builder includes public pages, JSON artifacts, and cloud deploy notes", () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", notes: [], @@ -675,17 +759,17 @@ test("ADS site builder includes public pages, JSON artifacts, and cloud deploy n assert.match(approval, /Reviewer: TODO/); }); -test("ADS site generator writes a portable static trust-center bundle under the requested root", async () => { - const catalog = normalizeFedrampFrmr(frmrFixture); +test("CDS site generator writes a portable static trust-center bundle under the requested root", async () => { + const catalog = normalizeFedrampConsolidatedRules(consolidatedRulesFixture); const loaded = { catalog, provenance: { - repo: "docs", - path: "FRMR.documentation.json", + repo: "rules", + path: "fedramp-consolidated-rules.json", branch: "main", blobSha: "abcdef1234567890abcdef1234567890abcdef12", - version: "0.9.43-beta", - upstreamLastUpdated: "2026-04-08", + version: "2026.07.02.02", + upstreamLastUpdated: "2026-07-02", }, cacheStatus: "live", notes: [], diff --git a/package-lock.json b/package-lock.json index ddcfb99..9bd77ad 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,16 +9,186 @@ "version": "0.0.1", "dependencies": { "@monaco-editor/loader": "^1.7.0", - "@tailwindcss/vite": "^4.2.2", - "astro": "^6.1.6", - "marked": "^17.0.6" + "@tailwindcss/vite": "^4.3.1", + "astro": "^7.0.3", + "marked": "^18.0.5" + }, + "devDependencies": { + "wrangler": "^4.106.0" } }, - "node_modules/@astrojs/compiler": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/@astrojs/compiler/-/compiler-4.0.0.tgz", - "integrity": "sha512-eouss7G8ygdZqHuke033VMcVw5HTZUu+PXd/h06DGDUg/jt5btPYPqh66ENWw/mU78rBrf/oeC4oqoBwMtDMNA==", - "license": "MIT" + "node_modules/@astrojs/compiler-binding": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding/-/compiler-binding-0.2.3.tgz", + "integrity": "sha512-Xz3iBNse+hXXD25IXxsuXEt2ai8klAWE15CRm/EQBc9+aE3jXaF07DZx+iakk3HC6NHvWlEPzLPyxsLgPzOJsw==", + "license": "MIT", + "engines": { + "node": "^20.19.0 || >=22.12.0" + }, + "optionalDependencies": { + "@astrojs/compiler-binding-darwin-arm64": "0.2.3", + "@astrojs/compiler-binding-darwin-x64": "0.2.3", + "@astrojs/compiler-binding-linux-arm64-gnu": "0.2.3", + "@astrojs/compiler-binding-linux-arm64-musl": "0.2.3", + "@astrojs/compiler-binding-linux-x64-gnu": "0.2.3", + "@astrojs/compiler-binding-linux-x64-musl": "0.2.3", + "@astrojs/compiler-binding-wasm32-wasi": "0.2.3", + "@astrojs/compiler-binding-win32-arm64-msvc": "0.2.3", + "@astrojs/compiler-binding-win32-x64-msvc": "0.2.3" + } + }, + "node_modules/@astrojs/compiler-binding-darwin-arm64": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-darwin-arm64/-/compiler-binding-darwin-arm64-0.2.3.tgz", + "integrity": "sha512-sJIHeL1ONXEBLob8ZaXfmX6iCftUno08G/cMXj2FJnL0xNbHuELcEq1mjxHVFHNgUYu4P7xJNm2mpc0zUEPoKw==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-darwin-x64": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-darwin-x64/-/compiler-binding-darwin-x64-0.2.3.tgz", + "integrity": "sha512-P0NYu6aaIeLCqFfszxxBHL0a5WRaYigNVbDoO654Gi5Q2au5duDb5xZBv5EqUg4qnQVC173FXNvGZu1M7nk+/w==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-linux-arm64-gnu": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-linux-arm64-gnu/-/compiler-binding-linux-arm64-gnu-0.2.3.tgz", + "integrity": "sha512-PqVN5AqhuDqfx3ejaerwrC8codpV9jnyKV+IOel027qsJ1anFUJLdjUlY8VVys0xgd8lmqveX11OkcaQj/otTg==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-linux-arm64-musl": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-linux-arm64-musl/-/compiler-binding-linux-arm64-musl-0.2.3.tgz", + "integrity": "sha512-O3e2CbN4yTsRguWYNnRd0p5YQ0H3fb7KpcR0W4R319q/gq5B1pJ7eqNbiO3b8g2AuiEcRTiUz5jeGT9j69cxOQ==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-linux-x64-gnu": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-linux-x64-gnu/-/compiler-binding-linux-x64-gnu-0.2.3.tgz", + "integrity": "sha512-hbLBjXVp+96psMe7/7uqyrquGiULXANrq6REVxxPK/I5VzebZ7LHmSfykmByUbLyR1u+K6CTBKgvdQsK2L+2Xw==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-linux-x64-musl": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-linux-x64-musl/-/compiler-binding-linux-x64-musl-0.2.3.tgz", + "integrity": "sha512-vIiEvOwrJfHZMaTmqUCrFTIwMYL0+PD3Rvy7kFDQgERyx3zhaw8CPa01MCCqa+/sj344BGrXKZ6ti37SgNLMhw==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-wasm32-wasi": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-wasm32-wasi/-/compiler-binding-wasm32-wasi-0.2.3.tgz", + "integrity": "sha512-p9S2X8z/mUR2SMzAVJRFMCt8YaalKR+pjl2DgpdjzCQc6ww4bo8kiy54tgKqxZeNF5c+/2tCDTQIxVSm9V1FsA==", + "cpu": [ + "wasm32" + ], + "license": "MIT", + "optional": true, + "dependencies": { + "@napi-rs/wasm-runtime": "^1.1.6" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@astrojs/compiler-binding-win32-arm64-msvc": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-win32-arm64-msvc/-/compiler-binding-win32-arm64-msvc-0.2.3.tgz", + "integrity": "sha512-vcCG6JttIb5vbSmcxO2O398hpVj7lQ349iS7cjgYP6ZuLVEnw+9qPAr2MM2kJkU5wEGZqJ2gyi/M7UJoPwH1iQ==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-binding-win32-x64-msvc": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-binding-win32-x64-msvc/-/compiler-binding-win32-x64-msvc-0.2.3.tgz", + "integrity": "sha512-hKssjNvC36e00Inb1GW1JsVyCFSCGnIjKem4S8q0VIW6cpWAUpvYB4qQU2HIDGD6SDX0ork4F5sWkNWkp2hrGQ==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@astrojs/compiler-rs": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@astrojs/compiler-rs/-/compiler-rs-0.2.3.tgz", + "integrity": "sha512-JRAtRcPxS4JeAZEIQFQ6GecBs/Wyp4m6/E8vBNxSgVfo1AtRVLUqRCl5oCGOZ0X/BSBB3Vef/7IlzyiGKi2ORA==", + "license": "MIT", + "dependencies": { + "@astrojs/compiler-binding": "0.2.3" + } }, "node_modules/@astrojs/internal-helpers": { "version": "0.10.0", @@ -41,6 +211,8 @@ "resolved": "https://registry.npmjs.org/@astrojs/markdown-remark/-/markdown-remark-7.2.0.tgz", "integrity": "sha512-+YxmVQu1Bd+MFfSzjq1rOJvD9+nIOJzz5YIIhdIH01RrxRkKbyKoEgyIqP3yv51MhzMDgd79QaPv+kCVPT8vHw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@astrojs/internal-helpers": "0.10.0", "@astrojs/prism": "4.0.2", @@ -61,6 +233,18 @@ "vfile": "^6.0.3" } }, + "node_modules/@astrojs/markdown-satteri": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/@astrojs/markdown-satteri/-/markdown-satteri-0.3.2.tgz", + "integrity": "sha512-feXuUPy41gVfeM7EHT1ciUim8ozGr+YHXab9uUBc1Hk8y60DQosO8ldL+AoPXnCAoGj1OChwHfvXmmJ6XVnY9A==", + "license": "MIT", + "dependencies": { + "@astrojs/internal-helpers": "0.10.0", + "@astrojs/prism": "4.0.2", + "github-slugger": "^2.0.0", + "satteri": "^0.9.1" + } + }, "node_modules/@astrojs/prism": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/@astrojs/prism/-/prism-4.0.2.tgz", @@ -135,6 +319,119 @@ "node": ">=6.9.0" } }, + "node_modules/@bruits/satteri-darwin-arm64": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-darwin-arm64/-/satteri-darwin-arm64-0.9.3.tgz", + "integrity": "sha512-dRUZZrdwh1asfTOyM1nDNmzolhnHtlIFpqYrl1Tdd3YVcaebKmrfJgGL7NAoGPjbEwYmZxaugrxA0uzw83c0dw==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "darwin" + ] + }, + "node_modules/@bruits/satteri-darwin-x64": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-darwin-x64/-/satteri-darwin-x64-0.9.3.tgz", + "integrity": "sha512-wgNCTRp2hPSpNMGFv5A4+6+VXgRJIlBZ7XKb3iwjV8YjRWNIjzE5zV2fUeYynyZYVRkuJ9aYFqQmWhc1e5H+UQ==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "darwin" + ] + }, + "node_modules/@bruits/satteri-linux-arm64-gnu": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-linux-arm64-gnu/-/satteri-linux-arm64-gnu-0.9.3.tgz", + "integrity": "sha512-A/pWy8Jb/PhDYc2/JFuYh06gFJcsfBUBDl81YydGYBrL/Z4nItDfhNDNOibyeSN/lKKDRlycIHEIajjErk00sQ==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@bruits/satteri-linux-arm64-musl": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-linux-arm64-musl/-/satteri-linux-arm64-musl-0.9.3.tgz", + "integrity": "sha512-L6YxmyOSickzo4pE5WmZfNTJnjX0MtgKOsuwQfNZECTx9Ir5vl2B37EIwnxe2AybuPPHl+FqVQtthNDUdH4Vgg==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@bruits/satteri-linux-x64-gnu": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-linux-x64-gnu/-/satteri-linux-x64-gnu-0.9.3.tgz", + "integrity": "sha512-RgH6GPihg9Lzs2yHUsMjqiLxfLyOdmBty8sg9pBY9B4CBnvdOzvg8vklqN+C4qrEEdA9TwpbDpHr1AshLKyRpw==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@bruits/satteri-linux-x64-musl": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-linux-x64-musl/-/satteri-linux-x64-musl-0.9.3.tgz", + "integrity": "sha512-BeWhVORjNTIomePznUKiMbHZTqC0j7sMXZFsISmbX+po5d33KLkqBqKh6K332CHJ8KUmCWx16FfPjwsoysttQg==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@bruits/satteri-wasm32-wasi": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-wasm32-wasi/-/satteri-wasm32-wasi-0.9.3.tgz", + "integrity": "sha512-dFNcOHKWV2cztCPnYTn7kZ9D7kNOt8N239z5ysFkNHLxJrfK7zaKIXQbfXYN32C+JoVFqAcTIOeWH2+VnsCOHg==", + "cpu": [ + "wasm32" + ], + "optional": true, + "dependencies": { + "@emnapi/core": "1.11.1", + "@emnapi/runtime": "1.11.1", + "@napi-rs/wasm-runtime": "^1.1.6" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@bruits/satteri-win32-arm64-msvc": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-win32-arm64-msvc/-/satteri-win32-arm64-msvc-0.9.3.tgz", + "integrity": "sha512-VnwjBHiAra/PNNEza8eSZdQiG4A3PtTJJwUDtOPAc6iTs0BWZwZX8+OPUZE7//yQCBhgvEMcI8vpwsAwCb6qGQ==", + "cpu": [ + "arm64" + ], + "optional": true, + "os": [ + "win32" + ] + }, + "node_modules/@bruits/satteri-win32-x64-msvc": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/@bruits/satteri-win32-x64-msvc/-/satteri-win32-x64-msvc-0.9.3.tgz", + "integrity": "sha512-Dsoe4reWe69MyILmMwU6iISIceTW7YIFqbyym7haf9DhUvqkYfMAyp7GMM21JzV0SpG9A2BwzFVP7iq9mmxrpA==", + "cpu": [ + "x64" + ], + "optional": true, + "os": [ + "win32" + ] + }, "node_modules/@capsizecss/unpack": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@capsizecss/unpack/-/unpack-4.0.0.tgz", @@ -166,116 +463,272 @@ "sisteransi": "^1.0.5" } }, - "node_modules/@emnapi/runtime": { - "version": "1.9.1", - "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.9.1.tgz", - "integrity": "sha512-VYi5+ZVLhpgK4hQ0TAjiQiZ6ol0oe4mBx7mVv7IflsiEp0OWoVsp/+f9Vc1hOhE0TtkORVrI1GvzyreqpgWtkA==", - "license": "MIT", - "optional": true, - "dependencies": { - "tslib": "^2.4.0" + "node_modules/@cloudflare/kv-asset-handler": { + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/@cloudflare/kv-asset-handler/-/kv-asset-handler-0.5.0.tgz", + "integrity": "sha512-jxQYkj8dSIzc0cD6cMMNdOc1UVjqSqu8BZdor5s8cGjW2I8BjODt/kWPVdY+u9zj3ms75Q5qaZgnxUad83+eAg==", + "dev": true, + "license": "MIT OR Apache-2.0", + "engines": { + "node": ">=22.0.0" } }, - "node_modules/@esbuild/aix-ppc64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.4.tgz", - "integrity": "sha512-cQPwL2mp2nSmHHJlCyoXgHGhbEPMrEEU5xhkcy3Hs/O7nGZqEpZ2sUtLaL9MORLtDfRvVl2/3PAuEkYZH0Ty8Q==", - "cpu": [ - "ppc64" - ], - "license": "MIT", - "optional": true, - "os": [ - "aix" - ], - "engines": { - "node": ">=18" + "node_modules/@cloudflare/unenv-preset": { + "version": "2.16.1", + "resolved": "https://registry.npmjs.org/@cloudflare/unenv-preset/-/unenv-preset-2.16.1.tgz", + "integrity": "sha512-ECxObrMfyTl5bhQf/lZCXwo5G6xX9IAUo+nDMKK4SZ8m4Jvvxp52vilxyySSWh2YTZz8+HQ07qGH/2rEom1vDw==", + "dev": true, + "license": "MIT OR Apache-2.0", + "peerDependencies": { + "unenv": "2.0.0-rc.24", + "workerd": ">1.20260305.0 <2.0.0-0" + }, + "peerDependenciesMeta": { + "workerd": { + "optional": true + } } }, - "node_modules/@esbuild/android-arm": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.4.tgz", - "integrity": "sha512-X9bUgvxiC8CHAGKYufLIHGXPJWnr0OCdR0anD2e21vdvgCI8lIfqFbnoeOz7lBjdrAGUhqLZLcQo6MLhTO2DKQ==", + "node_modules/@cloudflare/workerd-darwin-64": { + "version": "1.20260630.1", + "resolved": "https://registry.npmjs.org/@cloudflare/workerd-darwin-64/-/workerd-darwin-64-1.20260630.1.tgz", + "integrity": "sha512-oEVsD2NZtPAMaEvFeH2Y6N63yiFuOnPDKeAM+l8AkRbLAbFk462uWOq6/ZLn8ouY4P4coMkgsOPqcT1mkuzvzg==", "cpu": [ - "arm" + "x64" ], - "license": "MIT", + "dev": true, + "license": "Apache-2.0", "optional": true, "os": [ - "android" + "darwin" ], "engines": { - "node": ">=18" + "node": ">=16" } }, - "node_modules/@esbuild/android-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.4.tgz", - "integrity": "sha512-gdLscB7v75wRfu7QSm/zg6Rx29VLdy9eTr2t44sfTW7CxwAtQghZ4ZnqHk3/ogz7xao0QAgrkradbBzcqFPasw==", + "node_modules/@cloudflare/workerd-darwin-arm64": { + "version": "1.20260630.1", + "resolved": "https://registry.npmjs.org/@cloudflare/workerd-darwin-arm64/-/workerd-darwin-arm64-1.20260630.1.tgz", + "integrity": "sha512-tar1vcQSzM+27Agrlv28BhtN1tIFKw2YHrzldEMyQJOJB/885TU8Z3oO1c/a9YOmsKABhD6I4dGFhsmXyrbK1g==", "cpu": [ "arm64" ], - "license": "MIT", + "dev": true, + "license": "Apache-2.0", "optional": true, "os": [ - "android" + "darwin" ], "engines": { - "node": ">=18" + "node": ">=16" } }, - "node_modules/@esbuild/android-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.4.tgz", - "integrity": "sha512-PzPFnBNVF292sfpfhiyiXCGSn9HZg5BcAz+ivBuSsl6Rk4ga1oEXAamhOXRFyMcjwr2DVtm40G65N3GLeH1Lvw==", + "node_modules/@cloudflare/workerd-linux-64": { + "version": "1.20260630.1", + "resolved": "https://registry.npmjs.org/@cloudflare/workerd-linux-64/-/workerd-linux-64-1.20260630.1.tgz", + "integrity": "sha512-mhjIg91+ikWw5v9tY4BYO7N9vLOZBhn7EnVFvxCdxcpuUUFBKATxUYHUy1kkgYxnmiI6s93PRNbzBz1NpYQ3IQ==", "cpu": [ "x64" ], - "license": "MIT", + "dev": true, + "license": "Apache-2.0", "optional": true, "os": [ - "android" + "linux" ], "engines": { - "node": ">=18" + "node": ">=16" } }, - "node_modules/@esbuild/darwin-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.4.tgz", - "integrity": "sha512-b7xaGIwdJlht8ZFCvMkpDN6uiSmnxxK56N2GDTMYPr2/gzvfdQN8rTfBsvVKmIVY/X7EM+/hJKEIbbHs9oA4tQ==", + "node_modules/@cloudflare/workerd-linux-arm64": { + "version": "1.20260630.1", + "resolved": "https://registry.npmjs.org/@cloudflare/workerd-linux-arm64/-/workerd-linux-arm64-1.20260630.1.tgz", + "integrity": "sha512-7g0iGvMCwGct+vE3FOKXtFWMAIGHzK2Ei9oALp44gXuL4lBcs3PPJISeTp5itquW2JwS1fw4Hnq7zrT7N/dgPw==", "cpu": [ "arm64" ], - "license": "MIT", + "dev": true, + "license": "Apache-2.0", "optional": true, "os": [ - "darwin" + "linux" ], "engines": { - "node": ">=18" + "node": ">=16" } }, - "node_modules/@esbuild/darwin-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.4.tgz", - "integrity": "sha512-sR+OiKLwd15nmCdqpXMnuJ9W2kpy0KigzqScqHI3Hqwr7IXxBp3Yva+yJwoqh7rE8V77tdoheRYataNKL4QrPw==", + "node_modules/@cloudflare/workerd-windows-64": { + "version": "1.20260630.1", + "resolved": "https://registry.npmjs.org/@cloudflare/workerd-windows-64/-/workerd-windows-64-1.20260630.1.tgz", + "integrity": "sha512-J5KF9VF8yRpRBib/cPSuEp6iR9q3/cKgeDVhg1ZtuwpkzwnmCb+rxMF5WFLxAN8bI2x2FMG1v6o4vVFOGZ0fOQ==", "cpu": [ "x64" ], - "license": "MIT", + "dev": true, + "license": "Apache-2.0", "optional": true, "os": [ - "darwin" + "win32" + ], + "engines": { + "node": ">=16" + } + }, + "node_modules/@cspotcode/source-map-support": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", + "integrity": "sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/trace-mapping": "0.3.9" + }, + "engines": { + "node": ">=12" + } + }, + "node_modules/@cspotcode/source-map-support/node_modules/@jridgewell/trace-mapping": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz", + "integrity": "sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/resolve-uri": "^3.0.3", + "@jridgewell/sourcemap-codec": "^1.4.10" + } + }, + "node_modules/@emnapi/core": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.11.1.tgz", + "integrity": "sha512-RSvbQmHzdKzNsLYa/wHrbc3KN4sYLKAdPZxqiM2HATqv/SBk2/ENSHpvXGaLOMcsAyz0poEGqkmmKYG3OWiJEQ==", + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/wasi-threads": "1.2.2", + "tslib": "^2.4.0" + } + }, + "node_modules/@emnapi/runtime": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.11.1.tgz", + "integrity": "sha512-vgj7R3y3Wgx24IQaGPA/R6YFXLHVMOZ0uVEyIQPaWs+rd1AzfEMXlAC22FYwO1XkKR6NPsq7mUandH8oIRdZFw==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@emnapi/wasi-threads": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/@emnapi/wasi-threads/-/wasi-threads-1.2.2.tgz", + "integrity": "sha512-c95qOXkHdydNKhscBTebqEC1CVAZpyqOfVfBzQ1qgzyl3gfeldUjIggDbIZgDKsHLgnsM+igH7TJ/eAasaVuMA==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@esbuild/aix-ppc64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.28.1.tgz", + "integrity": "sha512-Svl7tq8k/08+p6CXPpRjQ1fKX+1odH/BQbb48fV6fj3CWHhsoIOoY87w1oHXm0qEpkIK3ZfVgp0hed3XBXzXMQ==", + "cpu": [ + "ppc64" + ], + "license": "MIT", + "optional": true, + "os": [ + "aix" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.28.1.tgz", + "integrity": "sha512-0k2F129Xdio1TdJfzJ8sy1Q47vUD2NnwdhiAf7drUN1EBTfPf4hsFCtmMgu/6m8JSzsBrlmVjudMBQqOfG8usQ==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.28.1.tgz", + "integrity": "sha512-34EGEbCIAgosYz6goLcopX6Mo7NyGv9tfwEM2/7Ce2VcVRk568iSvniGWcUXIy7wEDR1wzolcxcriFVrWYcwBg==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/android-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.28.1.tgz", + "integrity": "sha512-dbwY7ltSMDWsRatcRpCnES4F+im88OCUgGZjy52shC7GqHRE/cYlxNbB4Z4UpJswpcc4Qxd2oE/ufM0p61IKng==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-arm64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.28.1.tgz", + "integrity": "sha512-TZbWkQY7kvTAXbXUT7uVACR5cMHsDiSz9z7ZKAX/RTq/WJEk3QyRr0wZpNhBDX+/0CtdqUIJlOiodQcta6tY3Q==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">=18" + } + }, + "node_modules/@esbuild/darwin-x64": { + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.28.1.tgz", + "integrity": "sha512-zfdzgK9ACBNZLI/CyHTOx81SyNbM6YXn7rxSgX97VjyiPl9W1i4Ka4fgKECEoFCKGpvBj5qArWIGgQjOwkgskQ==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" ], "engines": { "node": ">=18" } }, "node_modules/@esbuild/freebsd-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.4.tgz", - "integrity": "sha512-jnfpKe+p79tCnm4GVav68A7tUFeKQwQyLgESwEAUzyxk/TJr4QdGog9sqWNcUbr/bZt/O/HXouspuQDd9JxFSw==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.28.1.tgz", + "integrity": "sha512-wG2EA8ENdEI0qhkSZMjfqrdY+ziCYCPMmtZjjIwOmXFjmyzEHn+UUxk5of+SYsjtfs3VpnlC7QLzSI5hY/rOAw==", "cpu": [ "arm64" ], @@ -289,9 +742,9 @@ } }, "node_modules/@esbuild/freebsd-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.4.tgz", - "integrity": "sha512-2kb4ceA/CpfUrIcTUl1wrP/9ad9Atrp5J94Lq69w7UwOMolPIGrfLSvAKJp0RTvkPPyn6CIWrNy13kyLikZRZQ==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.28.1.tgz", + "integrity": "sha512-i7dZ9vQgnvSCzi/rYCXNgtF/U+eKZNJBzu3eTQbRgHnM7tNSizLOkRFAl3qzVc/Op/u5YkHHa4pf/3DOYHthLQ==", "cpu": [ "x64" ], @@ -305,9 +758,9 @@ } }, "node_modules/@esbuild/linux-arm": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.4.tgz", - "integrity": "sha512-aBYgcIxX/wd5n2ys0yESGeYMGF+pv6g0DhZr3G1ZG4jMfruU9Tl1i2Z+Wnj9/KjGz1lTLCcorqE2viePZqj4Eg==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.28.1.tgz", + "integrity": "sha512-qVXBOHQS+d5Y722GwJzJUtOLlX7km3CraOaGormF1pDtPd2C/l1SHRPgjLunLGe51Sh5YYWKMFDyV4SxgMQYTQ==", "cpu": [ "arm" ], @@ -321,9 +774,9 @@ } }, "node_modules/@esbuild/linux-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.4.tgz", - "integrity": "sha512-7nQOttdzVGth1iz57kxg9uCz57dxQLHWxopL6mYuYthohPKEK0vU0C3O21CcBK6KDlkYVcnDXY099HcCDXd9dA==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.28.1.tgz", + "integrity": "sha512-yHs+0uc8+nvEAfAfxrWQKK5peSNzBc4PegcMO0EJ2hT71uA7vB8Ihg2e77R2P7SG5uYjPbHlLLmve4LLLRCf0g==", "cpu": [ "arm64" ], @@ -337,9 +790,9 @@ } }, "node_modules/@esbuild/linux-ia32": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.4.tgz", - "integrity": "sha512-oPtixtAIzgvzYcKBQM/qZ3R+9TEUd1aNJQu0HhGyqtx6oS7qTpvjheIWBbes4+qu1bNlo2V4cbkISr8q6gRBFA==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.28.1.tgz", + "integrity": "sha512-d1z4ZuP0ajrfz/FhGT4vv278rX8KnPPJx8i5+AtK7TYbx9Le9F1hyzurZpkEyjkGa9dUGhQow4C1NmeGvqxN2w==", "cpu": [ "ia32" ], @@ -353,9 +806,9 @@ } }, "node_modules/@esbuild/linux-loong64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.4.tgz", - "integrity": "sha512-8mL/vh8qeCoRcFH2nM8wm5uJP+ZcVYGGayMavi8GmRJjuI3g1v6Z7Ni0JJKAJW+m0EtUuARb6Lmp4hMjzCBWzA==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.28.1.tgz", + "integrity": "sha512-M5sRjUVZrkm1OAPR3dlOYzNmN+loZKGVi1VUQGrwuqLcbR6qeAz+famMhjASeH3YVKvZz+zT1jlh/keC3Rj/lg==", "cpu": [ "loong64" ], @@ -369,9 +822,9 @@ } }, "node_modules/@esbuild/linux-mips64el": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.4.tgz", - "integrity": "sha512-1RdrWFFiiLIW7LQq9Q2NES+HiD4NyT8Itj9AUeCl0IVCA459WnPhREKgwrpaIfTOe+/2rdntisegiPWn/r/aAw==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.28.1.tgz", + "integrity": "sha512-mRObBZeHh2OxcBFPWE/FjylkRgZdYuiTR3vaTozquCGOH14iP9oN4x4Ge81CoIDYQrXmIxpFumJBu5MtZpnQJQ==", "cpu": [ "mips64el" ], @@ -385,9 +838,9 @@ } }, "node_modules/@esbuild/linux-ppc64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.4.tgz", - "integrity": "sha512-tLCwNG47l3sd9lpfyx9LAGEGItCUeRCWeAx6x2Jmbav65nAwoPXfewtAdtbtit/pJFLUWOhpv0FpS6GQAmPrHA==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.28.1.tgz", + "integrity": "sha512-slScBsMAb3GFDcdrCgLwZtPYRoH2H/youv10QiZyRjmsP48fznoveWytSgCI/R0ZcUgpc0ZhIUEx6LHts8yrfQ==", "cpu": [ "ppc64" ], @@ -401,9 +854,9 @@ } }, "node_modules/@esbuild/linux-riscv64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.4.tgz", - "integrity": "sha512-BnASypppbUWyqjd1KIpU4AUBiIhVr6YlHx/cnPgqEkNoVOhHg+YiSVxM1RLfiy4t9cAulbRGTNCKOcqHrEQLIw==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.28.1.tgz", + "integrity": "sha512-kw0owk1o0GFETUJyW0jc0G4Yzs0BHZn0JDZ8JRT088vjJYX777BAs1fDGxAC+q831qOs2DTC96mNsG2opdfyyQ==", "cpu": [ "riscv64" ], @@ -417,9 +870,9 @@ } }, "node_modules/@esbuild/linux-s390x": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.4.tgz", - "integrity": "sha512-+eUqgb/Z7vxVLezG8bVB9SfBie89gMueS+I0xYh2tJdw3vqA/0ImZJ2ROeWwVJN59ihBeZ7Tu92dF/5dy5FttA==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.28.1.tgz", + "integrity": "sha512-/lAIjX8aYFRByhh6L5rYtPEDRqa9de/4V/juOXcta5frjvzXO4/sqEtyytse0g3zZFuWu5cDN0MkLz2qRDD2Ag==", "cpu": [ "s390x" ], @@ -433,9 +886,9 @@ } }, "node_modules/@esbuild/linux-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.4.tgz", - "integrity": "sha512-S5qOXrKV8BQEzJPVxAwnryi2+Iq5pB40gTEIT69BQONqR7JH1EPIcQ/Uiv9mCnn05jff9umq/5nqzxlqTOg9NA==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.28.1.tgz", + "integrity": "sha512-u/anNYF2mmVOEDwLtnQ1wOr3EZ9sTNGLWrsYGYwHWzGA3Si84IOkHXlbWTD1NB+9/1lcnweYKO54uhxZydNzfA==", "cpu": [ "x64" ], @@ -449,9 +902,9 @@ } }, "node_modules/@esbuild/netbsd-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.4.tgz", - "integrity": "sha512-xHT8X4sb0GS8qTqiwzHqpY00C95DPAq7nAwX35Ie/s+LO9830hrMd3oX0ZMKLvy7vsonee73x0lmcdOVXFzd6Q==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.28.1.tgz", + "integrity": "sha512-oks0DYbLwWMmaakTsCb+zL4E+aHRVLom9IJZOAthMQEPiQmydXHkziYEsGYRx0uNV/IjEKGAV941JzH02pflqw==", "cpu": [ "arm64" ], @@ -465,9 +918,9 @@ } }, "node_modules/@esbuild/netbsd-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.4.tgz", - "integrity": "sha512-RugOvOdXfdyi5Tyv40kgQnI0byv66BFgAqjdgtAKqHoZTbTF2QqfQrFwa7cHEORJf6X2ht+l9ABLMP0dnKYsgg==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.28.1.tgz", + "integrity": "sha512-aeL6lAnN89Hz43Mlh1G8ARasbuoYvSITDEx0tHh5b7jJnHcssqgjy9Yx430GDpmCa6OyrKoS0aNRjKundRizGg==", "cpu": [ "x64" ], @@ -481,9 +934,9 @@ } }, "node_modules/@esbuild/openbsd-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.4.tgz", - "integrity": "sha512-2MyL3IAaTX+1/qP0O1SwskwcwCoOI4kV2IBX1xYnDDqthmq5ArrW94qSIKCAuRraMgPOmG0RDTA74mzYNQA9ow==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.28.1.tgz", + "integrity": "sha512-MEFJe5C3R8pwXdZ5Y21oo6m7ePiS0d9pWucn99O/wvyJZChoIQKrQDxKrGeW8F5+T0okTHesAmDeiHDTIq0V/Q==", "cpu": [ "arm64" ], @@ -497,9 +950,9 @@ } }, "node_modules/@esbuild/openbsd-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.4.tgz", - "integrity": "sha512-u8fg/jQ5aQDfsnIV6+KwLOf1CmJnfu1ShpwqdwC0uA7ZPwFws55Ngc12vBdeUdnuWoQYx/SOQLGDcdlfXhYmXQ==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.28.1.tgz", + "integrity": "sha512-i/ZLIOafE0Z8cI/XANJAixoJL/uRAoS2xOA3rb0xN+KK0K177cMAsQYkzHtBrtMXAKuAc7HGgcWiZ/sRC1Nxgw==", "cpu": [ "x64" ], @@ -513,9 +966,9 @@ } }, "node_modules/@esbuild/openharmony-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.4.tgz", - "integrity": "sha512-JkTZrl6VbyO8lDQO3yv26nNr2RM2yZzNrNHEsj9bm6dOwwu9OYN28CjzZkH57bh4w0I2F7IodpQvUAEd1mbWXg==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.28.1.tgz", + "integrity": "sha512-ge+Z7EXFNt2BO1oAMsVpiQ8EwndV9i1xXerAeTIK7AtPs3bKFXQM7nlRxDSIUIMeueR1CNXxqztLzdNeReKBJg==", "cpu": [ "arm64" ], @@ -529,9 +982,9 @@ } }, "node_modules/@esbuild/sunos-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.4.tgz", - "integrity": "sha512-/gOzgaewZJfeJTlsWhvUEmUG4tWEY2Spp5M20INYRg2ZKl9QPO3QEEgPeRtLjEWSW8FilRNacPOg8R1uaYkA6g==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.28.1.tgz", + "integrity": "sha512-BEjgtECkL3vY+SaSQ6nzVfiALUeFxpawyp8Jmf5PtYhf1Ug40N1h/hxlhts+f1FvSvarEigdxS3BlSMI2PJLcQ==", "cpu": [ "x64" ], @@ -545,9 +998,9 @@ } }, "node_modules/@esbuild/win32-arm64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.4.tgz", - "integrity": "sha512-Z9SExBg2y32smoDQdf1HRwHRt6vAHLXcxD2uGgO/v2jK7Y718Ix4ndsbNMU/+1Qiem9OiOdaqitioZwxivhXYg==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.28.1.tgz", + "integrity": "sha512-lCv9eK/H6ZJWbE7bh2nw54CZ9M2nupBxJcTsdk/QQnWkdSjKGuxmmH8/GWrlT1eMmZfn4dGcCjRte397WqfQXA==", "cpu": [ "arm64" ], @@ -561,9 +1014,9 @@ } }, "node_modules/@esbuild/win32-ia32": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.4.tgz", - "integrity": "sha512-DAyGLS0Jz5G5iixEbMHi5KdiApqHBWMGzTtMiJ72ZOLhbu/bzxgAe8Ue8CTS3n3HbIUHQz/L51yMdGMeoxXNJw==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.28.1.tgz", + "integrity": "sha512-zvb/mB2bSCoJOpoCBgYKKpX6YM6mJBlBUVUtVj41DlZJVEB6/0CKlRYxP5wWl1C1ILiCoAU5wZZ4q1P3qeS6Eg==", "cpu": [ "ia32" ], @@ -577,9 +1030,9 @@ } }, "node_modules/@esbuild/win32-x64": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.4.tgz", - "integrity": "sha512-+knoa0BDoeXgkNvvV1vvbZX4+hizelrkwmGJBdT17t8FNPwG2lKemmuMZlmaNQ3ws3DKKCxpb4zRZEIp3UxFCg==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.28.1.tgz", + "integrity": "sha512-bm4Mowrv+GXMlpWX++EcXw/iLyd1o3+bJkC2DkWXYVvgZCqD/bSj9ctZeAMC3cIxgjRVR2Dufaiu4YPxr5gW1A==", "cpu": [ "x64" ], @@ -596,8 +1049,8 @@ "version": "1.1.0", "resolved": "https://registry.npmjs.org/@img/colour/-/colour-1.1.0.tgz", "integrity": "sha512-Td76q7j57o/tLVdgS746cYARfSyxk8iEfRxewL9h4OMzYhbW4TAcppl0mT4eyqXddh6L/jwoM75mo7ixa/pCeQ==", + "devOptional": true, "license": "MIT", - "optional": true, "engines": { "node": ">=18" } @@ -609,6 +1062,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -631,6 +1085,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -653,6 +1108,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -669,6 +1125,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -685,6 +1142,7 @@ "cpu": [ "arm" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -701,6 +1159,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -717,6 +1176,7 @@ "cpu": [ "ppc64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -733,6 +1193,7 @@ "cpu": [ "riscv64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -749,6 +1210,7 @@ "cpu": [ "s390x" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -765,6 +1227,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -781,6 +1244,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -797,6 +1261,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "LGPL-3.0-or-later", "optional": true, "os": [ @@ -813,6 +1278,7 @@ "cpu": [ "arm" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -835,6 +1301,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -857,6 +1324,7 @@ "cpu": [ "ppc64" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -879,6 +1347,7 @@ "cpu": [ "riscv64" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -901,6 +1370,7 @@ "cpu": [ "s390x" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -923,6 +1393,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -945,176 +1416,486 @@ "cpu": [ "arm64" ], - "license": "Apache-2.0", + "dev": true, + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linuxmusl-arm64": "1.2.4" + } + }, + "node_modules/@img/sharp-linuxmusl-x64": { + "version": "0.34.5", + "resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-x64/-/sharp-linuxmusl-x64-0.34.5.tgz", + "integrity": "sha512-Jg8wNT1MUzIvhBFxViqrEhWDGzqymo3sV7z7ZsaWbZNDLXRJZoRGrjulp60YYtV4wfY8VIKcWidjojlLcWrd8Q==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linuxmusl-x64": "1.2.4" + } + }, + "node_modules/@img/sharp-wasm32": { + "version": "0.34.5", + "resolved": "https://registry.npmjs.org/@img/sharp-wasm32/-/sharp-wasm32-0.34.5.tgz", + "integrity": "sha512-OdWTEiVkY2PHwqkbBI8frFxQQFekHaSSkUIJkwzclWZe64O1X4UlUjqqqLaPbUpMOQk6FBu/HtlGXNblIs0huw==", + "cpu": [ + "wasm32" + ], + "dev": true, + "license": "Apache-2.0 AND LGPL-3.0-or-later AND MIT", + "optional": true, + "dependencies": { + "@emnapi/runtime": "^1.7.0" + }, + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-win32-arm64": { + "version": "0.34.5", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-arm64/-/sharp-win32-arm64-0.34.5.tgz", + "integrity": "sha512-WQ3AgWCWYSb2yt+IG8mnC6Jdk9Whs7O0gxphblsLvdhSpSTtmu69ZG1Gkb6NuvxsNACwiPV6cNSZNzt0KPsw7g==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-win32-ia32": { + "version": "0.34.5", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-ia32/-/sharp-win32-ia32-0.34.5.tgz", + "integrity": "sha512-FV9m/7NmeCmSHDD5j4+4pNI8Cp3aW+JvLoXcTUo0IqyjSfAZJ8dIUmijx1qaJsIiU+Hosw6xM5KijAWRJCSgNg==", + "cpu": [ + "ia32" + ], + "dev": true, + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-win32-x64": { + "version": "0.34.5", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.34.5.tgz", + "integrity": "sha512-+29YMsqY2/9eFEiW93eqWnuLcWcufowXewwSNIT6UwZdUUCrM3oFjMWH/Z6/TMmb4hlFenmfAVbpWeup2jryCw==", + "cpu": [ + "x64" + ], + "dev": true, + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@jridgewell/gen-mapping": { + "version": "0.3.13", + "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz", + "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==", + "license": "MIT", + "dependencies": { + "@jridgewell/sourcemap-codec": "^1.5.0", + "@jridgewell/trace-mapping": "^0.3.24" + } + }, + "node_modules/@jridgewell/remapping": { + "version": "2.3.5", + "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz", + "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==", + "license": "MIT", + "dependencies": { + "@jridgewell/gen-mapping": "^0.3.5", + "@jridgewell/trace-mapping": "^0.3.24" + } + }, + "node_modules/@jridgewell/resolve-uri": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", + "license": "MIT", + "engines": { + "node": ">=6.0.0" + } + }, + "node_modules/@jridgewell/sourcemap-codec": { + "version": "1.5.5", + "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz", + "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==", + "license": "MIT" + }, + "node_modules/@jridgewell/trace-mapping": { + "version": "0.3.31", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz", + "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==", + "license": "MIT", + "dependencies": { + "@jridgewell/resolve-uri": "^3.1.0", + "@jridgewell/sourcemap-codec": "^1.4.14" + } + }, + "node_modules/@monaco-editor/loader": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@monaco-editor/loader/-/loader-1.7.0.tgz", + "integrity": "sha512-gIwR1HrJrrx+vfyOhYmCZ0/JcWqG5kbfG7+d3f/C1LXk2EvzAbHSg3MQ5lO2sMlo9izoAZ04shohfKLVT6crVA==", + "dependencies": { + "state-local": "^1.0.6" + } + }, + "node_modules/@napi-rs/wasm-runtime": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/@napi-rs/wasm-runtime/-/wasm-runtime-1.1.6.tgz", + "integrity": "sha512-ZLv/JdUfkvOy9eCnnBaGfiO+XimbjebAeO+MRQqD/B+FR1tnRN0tpKSJHRbE8sFfS6aqsXZ67TQjfwfsxULVbg==", + "license": "MIT", + "optional": true, + "dependencies": { + "@tybys/wasm-util": "^0.10.3" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/Brooooooklyn" + }, + "peerDependencies": { + "@emnapi/core": "^1.7.1", + "@emnapi/runtime": "^1.7.1" + } + }, + "node_modules/@oslojs/encoding": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@oslojs/encoding/-/encoding-1.1.0.tgz", + "integrity": "sha512-70wQhgYmndg4GCPxPPxPGevRKqTIJ2Nh4OkiMWmDAVYsTQ+Ta7Sq+rPevXyXGdzr30/qZBnyOalCszoMxlyldQ==", + "license": "MIT" + }, + "node_modules/@oxc-project/types": { + "version": "0.137.0", + "resolved": "https://registry.npmjs.org/@oxc-project/types/-/types-0.137.0.tgz", + "integrity": "sha512-WT+Gb24i8hmvo85AIv2oEYouEXkRlKAlT9WaCa3TfLgNCN+GhrJOGZuIlMouAh38Qe4QOx26eUOVsq70qXrywA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/Boshen" + } + }, + "node_modules/@poppinss/colors": { + "version": "4.1.6", + "resolved": "https://registry.npmjs.org/@poppinss/colors/-/colors-4.1.6.tgz", + "integrity": "sha512-H9xkIdFswbS8n1d6vmRd8+c10t2Qe+rZITbbDHHkQixH5+2x1FDGmi/0K+WgWiqQFKPSlIYB7jlH6Kpfn6Fleg==", + "dev": true, + "license": "MIT", + "dependencies": { + "kleur": "^4.1.5" + } + }, + "node_modules/@poppinss/dumper": { + "version": "0.6.5", + "resolved": "https://registry.npmjs.org/@poppinss/dumper/-/dumper-0.6.5.tgz", + "integrity": "sha512-NBdYIb90J7LfOI32dOewKI1r7wnkiH6m920puQ3qHUeZkxNkQiFnXVWoE6YtFSv6QOiPPf7ys6i+HWWecDz7sw==", + "dev": true, + "license": "MIT", + "dependencies": { + "@poppinss/colors": "^4.1.5", + "@sindresorhus/is": "^7.0.2", + "supports-color": "^10.0.0" + } + }, + "node_modules/@poppinss/exception": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/@poppinss/exception/-/exception-1.2.3.tgz", + "integrity": "sha512-dCED+QRChTVatE9ibtoaxc+WkdzOSjYTKi/+uacHWIsfodVfpsueo3+DKpgU5Px8qXjgmXkSvhXvSCz3fnP9lw==", + "dev": true, + "license": "MIT" + }, + "node_modules/@rolldown/binding-android-arm64": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-android-arm64/-/binding-android-arm64-1.1.3.tgz", + "integrity": "sha512-DT6Z3PhvioeHMvxo+xHc3KtqggrI7CCTXCmC2h/5zUlp5jVitv7XEy+9q5/7v8IolhlioawpMo8Kg0EEBy7J0g==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-darwin-arm64": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-darwin-arm64/-/binding-darwin-arm64-1.1.3.tgz", + "integrity": "sha512-0NwgwsjM7LrsuVnXMK3koTpagBNOhloc/BNjKqZjv4V5zI5r13qx69uVhRx+o5Z0yy4Hzq+lpy7TAgUG/ocvrw==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-darwin-x64": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-darwin-x64/-/binding-darwin-x64-1.1.3.tgz", + "integrity": "sha512-YtiBp4disu6V560loT6PjMdiRaWmVvDNrUunAalbiFx2ggeJwxdAsgZMcoGP17uyAsTwAj5V1niksxlHnVQ1Sw==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-freebsd-x64": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-freebsd-x64/-/binding-freebsd-x64-1.1.3.tgz", + "integrity": "sha512-yD3EkEdXk2LypPxnf/kSZHirarsI8gcPzc62SukhR9VJTyvV+F9Q/GxWNuCojc7sXyuVC4DxRGhdDK4X8VSsbw==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-linux-arm-gnueabihf": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm-gnueabihf/-/binding-linux-arm-gnueabihf-1.1.3.tgz", + "integrity": "sha512-c+8vieQbsD7HNAHKIA34w0GJ9FedFFuJGD+7E6vz7Q3uqAIugL5p45fhlsj4UaAsHpcmlqugBWMhA0/j7o0sIg==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-linux-arm64-gnu": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm64-gnu/-/binding-linux-arm64-gnu-1.1.3.tgz", + "integrity": "sha512-50jD0uUwLvur7Zz9LHz17kaAdTPjn5wN93hEgjvmYFRZwiR7ZJYovTd5ipyWJDAnXKvZ+wgc+/Ika6dwSF5OcA==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-linux-arm64-musl": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm64-musl/-/binding-linux-arm64-musl-1.1.3.tgz", + "integrity": "sha512-BO9+oPL8K9poZJBfYPsXNtYjPE5uM3qeehT3aFcW4LITOl+iSqhp0abzjR2nWBUNjIZeKXjAEWBZ64WjNoHd6w==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-linux-ppc64-gnu": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-ppc64-gnu/-/binding-linux-ppc64-gnu-1.1.3.tgz", + "integrity": "sha512-f3VpLB1vQ0Eo6ecr/6cekLnvYMFF4YBFoVGkfkvPLq1bAkbAwHYQPZKoAmG6OJyTcxxoC+AvezGx/S1obNC0Mw==", + "cpu": [ + "ppc64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-linux-s390x-gnu": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-s390x-gnu/-/binding-linux-s390x-gnu-1.1.3.tgz", + "integrity": "sha512-AmurZ26Pqx/RI9N1gzEOCklkKXl927yjfXWUUS0O7Puh8ARM/Ob8qfrD3qnWksScdw6cSrW5PSHE9DyLu7+PtA==", + "cpu": [ + "s390x" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^20.19.0 || >=22.12.0" + } + }, + "node_modules/@rolldown/binding-linux-x64-gnu": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-x64-gnu/-/binding-linux-x64-gnu-1.1.3.tgz", + "integrity": "sha512-JJpqs8bRGITDOdbkNKnlojzBabbOHrqjSvDr0IVsZObE1lBcPjxItUEY9eWIDbxaJ3cGrXPWGfGkIxFijg/URg==", + "cpu": [ + "x64" + ], + "license": "MIT", "optional": true, "os": [ "linux" ], "engines": { - "node": "^18.17.0 || ^20.3.0 || >=21.0.0" - }, - "funding": { - "url": "https://opencollective.com/libvips" - }, - "optionalDependencies": { - "@img/sharp-libvips-linuxmusl-arm64": "1.2.4" + "node": "^20.19.0 || >=22.12.0" } }, - "node_modules/@img/sharp-linuxmusl-x64": { - "version": "0.34.5", - "resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-x64/-/sharp-linuxmusl-x64-0.34.5.tgz", - "integrity": "sha512-Jg8wNT1MUzIvhBFxViqrEhWDGzqymo3sV7z7ZsaWbZNDLXRJZoRGrjulp60YYtV4wfY8VIKcWidjojlLcWrd8Q==", + "node_modules/@rolldown/binding-linux-x64-musl": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-x64-musl/-/binding-linux-x64-musl-1.1.3.tgz", + "integrity": "sha512-rSJcdjPxzA/by/6/rYs+v+bXU7UjvnbUWz8MJb6kh6+knqB1dCrtHg0uu7C/4haqJvqdkYHQ5IGn+tCH9GLW/g==", "cpu": [ "x64" ], - "license": "Apache-2.0", + "license": "MIT", "optional": true, "os": [ "linux" ], "engines": { - "node": "^18.17.0 || ^20.3.0 || >=21.0.0" - }, - "funding": { - "url": "https://opencollective.com/libvips" - }, - "optionalDependencies": { - "@img/sharp-libvips-linuxmusl-x64": "1.2.4" + "node": "^20.19.0 || >=22.12.0" } }, - "node_modules/@img/sharp-wasm32": { - "version": "0.34.5", - "resolved": "https://registry.npmjs.org/@img/sharp-wasm32/-/sharp-wasm32-0.34.5.tgz", - "integrity": "sha512-OdWTEiVkY2PHwqkbBI8frFxQQFekHaSSkUIJkwzclWZe64O1X4UlUjqqqLaPbUpMOQk6FBu/HtlGXNblIs0huw==", + "node_modules/@rolldown/binding-openharmony-arm64": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-openharmony-arm64/-/binding-openharmony-arm64-1.1.3.tgz", + "integrity": "sha512-hQ3/PYkDJICgevvyNcVrihVeqq7k1Pp3VZ9lY+dauAYUJKO+auqApvANhvR1An9BhmqYKvW2Mu1F9u4DXSMLxQ==", "cpu": [ - "wasm32" + "arm64" ], - "license": "Apache-2.0 AND LGPL-3.0-or-later AND MIT", + "license": "MIT", "optional": true, - "dependencies": { - "@emnapi/runtime": "^1.7.0" - }, + "os": [ + "openharmony" + ], "engines": { - "node": "^18.17.0 || ^20.3.0 || >=21.0.0" - }, - "funding": { - "url": "https://opencollective.com/libvips" + "node": "^20.19.0 || >=22.12.0" } }, - "node_modules/@img/sharp-win32-arm64": { - "version": "0.34.5", - "resolved": "https://registry.npmjs.org/@img/sharp-win32-arm64/-/sharp-win32-arm64-0.34.5.tgz", - "integrity": "sha512-WQ3AgWCWYSb2yt+IG8mnC6Jdk9Whs7O0gxphblsLvdhSpSTtmu69ZG1Gkb6NuvxsNACwiPV6cNSZNzt0KPsw7g==", + "node_modules/@rolldown/binding-wasm32-wasi": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-wasm32-wasi/-/binding-wasm32-wasi-1.1.3.tgz", + "integrity": "sha512-Elcv/BtML9lXrV6JuKITc/grN2kYV9gjsQpW8Jfw4ioK0TOkjBjye0nnyqQNy9STNaI20lXNaQBRrD5gSgR0Yg==", "cpu": [ - "arm64" + "wasm32" ], - "license": "Apache-2.0 AND LGPL-3.0-or-later", + "license": "MIT", "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + "dependencies": { + "@emnapi/core": "1.11.1", + "@emnapi/runtime": "1.11.1", + "@napi-rs/wasm-runtime": "^1.1.6" }, - "funding": { - "url": "https://opencollective.com/libvips" + "engines": { + "node": "^20.19.0 || >=22.12.0" } }, - "node_modules/@img/sharp-win32-ia32": { - "version": "0.34.5", - "resolved": "https://registry.npmjs.org/@img/sharp-win32-ia32/-/sharp-win32-ia32-0.34.5.tgz", - "integrity": "sha512-FV9m/7NmeCmSHDD5j4+4pNI8Cp3aW+JvLoXcTUo0IqyjSfAZJ8dIUmijx1qaJsIiU+Hosw6xM5KijAWRJCSgNg==", + "node_modules/@rolldown/binding-win32-arm64-msvc": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-win32-arm64-msvc/-/binding-win32-arm64-msvc-1.1.3.tgz", + "integrity": "sha512-2DrEfhluH9yhiaFApmsjsjwrSYbNcY1oFTzYSP1a535jDbV98zCFanA/96TBUd0iDFcxGmw9QRExwGCXz3U+/g==", "cpu": [ - "ia32" + "arm64" ], - "license": "Apache-2.0 AND LGPL-3.0-or-later", + "license": "MIT", "optional": true, "os": [ "win32" ], "engines": { - "node": "^18.17.0 || ^20.3.0 || >=21.0.0" - }, - "funding": { - "url": "https://opencollective.com/libvips" + "node": "^20.19.0 || >=22.12.0" } }, - "node_modules/@img/sharp-win32-x64": { - "version": "0.34.5", - "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.34.5.tgz", - "integrity": "sha512-+29YMsqY2/9eFEiW93eqWnuLcWcufowXewwSNIT6UwZdUUCrM3oFjMWH/Z6/TMmb4hlFenmfAVbpWeup2jryCw==", + "node_modules/@rolldown/binding-win32-x64-msvc": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@rolldown/binding-win32-x64-msvc/-/binding-win32-x64-msvc-1.1.3.tgz", + "integrity": "sha512-OL4OMk7UPXOeVGGd3qo5zJyPIljf4AFgk5QAkPPS+OoLuOOozhuaQGC18MxVTnw/06q93gShAJzlwnSCY9YtqA==", "cpu": [ "x64" ], - "license": "Apache-2.0 AND LGPL-3.0-or-later", + "license": "MIT", "optional": true, "os": [ "win32" ], "engines": { - "node": "^18.17.0 || ^20.3.0 || >=21.0.0" - }, - "funding": { - "url": "https://opencollective.com/libvips" - } - }, - "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.13", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz", - "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==", - "license": "MIT", - "dependencies": { - "@jridgewell/sourcemap-codec": "^1.5.0", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "node_modules/@jridgewell/remapping": { - "version": "2.3.5", - "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz", - "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==", - "license": "MIT", - "dependencies": { - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.24" - } - }, - "node_modules/@jridgewell/resolve-uri": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", - "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", - "license": "MIT", - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.5.5", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz", - "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==", - "license": "MIT" - }, - "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.31", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz", - "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==", - "license": "MIT", - "dependencies": { - "@jridgewell/resolve-uri": "^3.1.0", - "@jridgewell/sourcemap-codec": "^1.4.14" - } - }, - "node_modules/@monaco-editor/loader": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@monaco-editor/loader/-/loader-1.7.0.tgz", - "integrity": "sha512-gIwR1HrJrrx+vfyOhYmCZ0/JcWqG5kbfG7+d3f/C1LXk2EvzAbHSg3MQ5lO2sMlo9izoAZ04shohfKLVT6crVA==", - "dependencies": { - "state-local": "^1.0.6" + "node": "^20.19.0 || >=22.12.0" } }, - "node_modules/@oslojs/encoding": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@oslojs/encoding/-/encoding-1.1.0.tgz", - "integrity": "sha512-70wQhgYmndg4GCPxPPxPGevRKqTIJ2Nh4OkiMWmDAVYsTQ+Ta7Sq+rPevXyXGdzr30/qZBnyOalCszoMxlyldQ==", + "node_modules/@rolldown/pluginutils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@rolldown/pluginutils/-/pluginutils-1.0.1.tgz", + "integrity": "sha512-2j9bGt5Jh8hj+vPtgzPtl72j0yRxHAyumoo6TNfAjsLB04UtpSvPbPcDcBMxz7n+9CYB0c1GxQFxYRg2jimqGw==", "license": "MIT" }, "node_modules/@rollup/pluginutils": { @@ -1150,7 +1931,8 @@ "optional": true, "os": [ "android" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-android-arm64": { "version": "4.60.0", @@ -1163,7 +1945,8 @@ "optional": true, "os": [ "android" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-darwin-arm64": { "version": "4.60.0", @@ -1176,7 +1959,8 @@ "optional": true, "os": [ "darwin" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-darwin-x64": { "version": "4.60.0", @@ -1189,7 +1973,8 @@ "optional": true, "os": [ "darwin" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-freebsd-arm64": { "version": "4.60.0", @@ -1202,7 +1987,8 @@ "optional": true, "os": [ "freebsd" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-freebsd-x64": { "version": "4.60.0", @@ -1215,7 +2001,8 @@ "optional": true, "os": [ "freebsd" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-arm-gnueabihf": { "version": "4.60.0", @@ -1228,7 +2015,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-arm-musleabihf": { "version": "4.60.0", @@ -1241,7 +2029,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-arm64-gnu": { "version": "4.60.0", @@ -1254,7 +2043,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-arm64-musl": { "version": "4.60.0", @@ -1267,7 +2057,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-loong64-gnu": { "version": "4.60.0", @@ -1280,7 +2071,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-loong64-musl": { "version": "4.60.0", @@ -1293,7 +2085,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-ppc64-gnu": { "version": "4.60.0", @@ -1306,7 +2099,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-ppc64-musl": { "version": "4.60.0", @@ -1319,7 +2113,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-riscv64-gnu": { "version": "4.60.0", @@ -1332,7 +2127,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-riscv64-musl": { "version": "4.60.0", @@ -1345,7 +2141,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-s390x-gnu": { "version": "4.60.0", @@ -1358,7 +2155,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-x64-gnu": { "version": "4.60.0", @@ -1371,7 +2169,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-linux-x64-musl": { "version": "4.60.0", @@ -1384,7 +2183,8 @@ "optional": true, "os": [ "linux" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-openbsd-x64": { "version": "4.60.0", @@ -1397,7 +2197,8 @@ "optional": true, "os": [ "openbsd" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-openharmony-arm64": { "version": "4.60.0", @@ -1410,7 +2211,8 @@ "optional": true, "os": [ "openharmony" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-win32-arm64-msvc": { "version": "4.60.0", @@ -1423,7 +2225,8 @@ "optional": true, "os": [ "win32" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-win32-ia32-msvc": { "version": "4.60.0", @@ -1436,7 +2239,8 @@ "optional": true, "os": [ "win32" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-win32-x64-gnu": { "version": "4.60.0", @@ -1449,7 +2253,8 @@ "optional": true, "os": [ "win32" - ] + ], + "peer": true }, "node_modules/@rollup/rollup-win32-x64-msvc": { "version": "4.60.0", @@ -1462,7 +2267,8 @@ "optional": true, "os": [ "win32" - ] + ], + "peer": true }, "node_modules/@shikijs/core": { "version": "4.2.0", @@ -1564,48 +2370,68 @@ "integrity": "sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg==", "license": "MIT" }, + "node_modules/@sindresorhus/is": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-7.2.0.tgz", + "integrity": "sha512-P1Cz1dWaFfR4IR+U13mqqiGsLFf1KbayybWwdd2vfctdV6hDpUkgCY0nKOLLTMSoRd/jJNjtbqzf13K8DCCXQw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sindresorhus/is?sponsor=1" + } + }, + "node_modules/@speed-highlight/core": { + "version": "1.2.17", + "resolved": "https://registry.npmjs.org/@speed-highlight/core/-/core-1.2.17.tgz", + "integrity": "sha512-Z92FwKpCtfaW1V0jTU/fh3QzYEZN8wDwrzRIBoADCJfn4mJCNcJN/XegifX7BDrQ8/h9Xh/JnbyMchL0FqXrkg==", + "dev": true, + "license": "CC0-1.0" + }, "node_modules/@tailwindcss/node": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/node/-/node-4.2.2.tgz", - "integrity": "sha512-pXS+wJ2gZpVXqFaUEjojq7jzMpTGf8rU6ipJz5ovJV6PUGmlJ+jvIwGrzdHdQ80Sg+wmQxUFuoW1UAAwHNEdFA==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/node/-/node-4.3.1.tgz", + "integrity": "sha512-6NDaqRoAMSXD1mr/RXu0HBvNE9a2n5tHPsxu9XHLws8o4Twes5rBM2205SUUiJ9goAtadrN6xTGX0UDEwp/N4A==", "license": "MIT", "dependencies": { "@jridgewell/remapping": "^2.3.5", - "enhanced-resolve": "^5.19.0", - "jiti": "^2.6.1", + "enhanced-resolve": "5.21.6", + "jiti": "^2.7.0", "lightningcss": "1.32.0", "magic-string": "^0.30.21", "source-map-js": "^1.2.1", - "tailwindcss": "4.2.2" + "tailwindcss": "4.3.1" } }, "node_modules/@tailwindcss/oxide": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide/-/oxide-4.2.2.tgz", - "integrity": "sha512-qEUA07+E5kehxYp9BVMpq9E8vnJuBHfJEC0vPC5e7iL/hw7HR61aDKoVoKzrG+QKp56vhNZe4qwkRmMC0zDLvg==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide/-/oxide-4.3.1.tgz", + "integrity": "sha512-yVPyo8RNkabVr3O2EhHEE0Rewu7YKzc1DhIqfL46LKveFrmu9XbDazNOJY7/GRuvw1h6u3utWnR29H/p5JPlgA==", "license": "MIT", "engines": { "node": ">= 20" }, "optionalDependencies": { - "@tailwindcss/oxide-android-arm64": "4.2.2", - "@tailwindcss/oxide-darwin-arm64": "4.2.2", - "@tailwindcss/oxide-darwin-x64": "4.2.2", - "@tailwindcss/oxide-freebsd-x64": "4.2.2", - "@tailwindcss/oxide-linux-arm-gnueabihf": "4.2.2", - "@tailwindcss/oxide-linux-arm64-gnu": "4.2.2", - "@tailwindcss/oxide-linux-arm64-musl": "4.2.2", - "@tailwindcss/oxide-linux-x64-gnu": "4.2.2", - "@tailwindcss/oxide-linux-x64-musl": "4.2.2", - "@tailwindcss/oxide-wasm32-wasi": "4.2.2", - "@tailwindcss/oxide-win32-arm64-msvc": "4.2.2", - "@tailwindcss/oxide-win32-x64-msvc": "4.2.2" + "@tailwindcss/oxide-android-arm64": "4.3.1", + "@tailwindcss/oxide-darwin-arm64": "4.3.1", + "@tailwindcss/oxide-darwin-x64": "4.3.1", + "@tailwindcss/oxide-freebsd-x64": "4.3.1", + "@tailwindcss/oxide-linux-arm-gnueabihf": "4.3.1", + "@tailwindcss/oxide-linux-arm64-gnu": "4.3.1", + "@tailwindcss/oxide-linux-arm64-musl": "4.3.1", + "@tailwindcss/oxide-linux-x64-gnu": "4.3.1", + "@tailwindcss/oxide-linux-x64-musl": "4.3.1", + "@tailwindcss/oxide-wasm32-wasi": "4.3.1", + "@tailwindcss/oxide-win32-arm64-msvc": "4.3.1", + "@tailwindcss/oxide-win32-x64-msvc": "4.3.1" } }, "node_modules/@tailwindcss/oxide-android-arm64": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-android-arm64/-/oxide-android-arm64-4.2.2.tgz", - "integrity": "sha512-dXGR1n+P3B6748jZO/SvHZq7qBOqqzQ+yFrXpoOWWALWndF9MoSKAT3Q0fYgAzYzGhxNYOoysRvYlpixRBBoDg==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-android-arm64/-/oxide-android-arm64-4.3.1.tgz", + "integrity": "sha512-SVlyf61g374l5cHyg8x9kf5xmLcOaxvOTsbsqDnSsDJaKOEFZ7GCvi84VAVGpxojYOs1+3K6M0UjXfqPU8vmOQ==", "cpu": [ "arm64" ], @@ -1619,9 +2445,9 @@ } }, "node_modules/@tailwindcss/oxide-darwin-arm64": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-arm64/-/oxide-darwin-arm64-4.2.2.tgz", - "integrity": "sha512-iq9Qjr6knfMpZHj55/37ouZeykwbDqF21gPFtfnhCCKGDcPI/21FKC9XdMO/XyBM7qKORx6UIhGgg6jLl7BZlg==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-arm64/-/oxide-darwin-arm64-4.3.1.tgz", + "integrity": "sha512-hVnWLwv+e/l7c4WKyVtHVrIPvYdqWHjRB3MDIqARynzFtnQg85kmQEFCbV9Ja0VVx4xXTIiDWY60Y7iz/iNoDA==", "cpu": [ "arm64" ], @@ -1635,9 +2461,9 @@ } }, "node_modules/@tailwindcss/oxide-darwin-x64": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-x64/-/oxide-darwin-x64-4.2.2.tgz", - "integrity": "sha512-BlR+2c3nzc8f2G639LpL89YY4bdcIdUmiOOkv2GQv4/4M0vJlpXEa0JXNHhCHU7VWOKWT/CjqHdTP8aUuDJkuw==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-x64/-/oxide-darwin-x64-4.3.1.tgz", + "integrity": "sha512-Cf7abu0WVgbhU7ANgPUnSAvm7nCvMweusHb8FnaHlLfv/Caq4GYaEZg7ZImzzmjx4lIAfuS8q+eLIS7A7IzxIg==", "cpu": [ "x64" ], @@ -1651,9 +2477,9 @@ } }, "node_modules/@tailwindcss/oxide-freebsd-x64": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-freebsd-x64/-/oxide-freebsd-x64-4.2.2.tgz", - "integrity": "sha512-YUqUgrGMSu2CDO82hzlQ5qSb5xmx3RUrke/QgnoEx7KvmRJHQuZHZmZTLSuuHwFf0DJPybFMXMYf+WJdxHy/nQ==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-freebsd-x64/-/oxide-freebsd-x64-4.3.1.tgz", + "integrity": "sha512-ZZqzX2Y+GXtXXfqSfpJhDm60OoZfvLHLCgm+J7NVqgHHJjG/m9ugZI77RwTsVd4fnBJuCFP6Ae6kTJb71UdS8g==", "cpu": [ "x64" ], @@ -1667,9 +2493,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-arm-gnueabihf": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm-gnueabihf/-/oxide-linux-arm-gnueabihf-4.2.2.tgz", - "integrity": "sha512-FPdhvsW6g06T9BWT0qTwiVZYE2WIFo2dY5aCSpjG/S/u1tby+wXoslXS0kl3/KXnULlLr1E3NPRRw0g7t2kgaQ==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm-gnueabihf/-/oxide-linux-arm-gnueabihf-4.3.1.tgz", + "integrity": "sha512-/Ah/xik0LaMYfv9DZ0S/t4pBlBNYOcqtRwusjgovHkvT8ixueWCLyJjsaF5kQIckjb4IT8Q6K6p/iPmZMixYgg==", "cpu": [ "arm" ], @@ -1683,9 +2509,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-arm64-gnu": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-gnu/-/oxide-linux-arm64-gnu-4.2.2.tgz", - "integrity": "sha512-4og1V+ftEPXGttOO7eCmW7VICmzzJWgMx+QXAJRAhjrSjumCwWqMfkDrNu1LXEQzNAwz28NCUpucgQPrR4S2yw==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-gnu/-/oxide-linux-arm64-gnu-4.3.1.tgz", + "integrity": "sha512-gqdFoVJlw444GvpnheZLHmvTzSxI/cOUUh2KSNejQjTcYkW062SVD+En0rUgD+QV91bz1XGIGtt1HJd48xUGbQ==", "cpu": [ "arm64" ], @@ -1699,9 +2525,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-arm64-musl": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-musl/-/oxide-linux-arm64-musl-4.2.2.tgz", - "integrity": "sha512-oCfG/mS+/+XRlwNjnsNLVwnMWYH7tn/kYPsNPh+JSOMlnt93mYNCKHYzylRhI51X+TbR+ufNhhKKzm6QkqX8ag==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-musl/-/oxide-linux-arm64-musl-4.3.1.tgz", + "integrity": "sha512-Bwv9KwOvE0VKa86xPFif9b9c3Y1NxOV1P0gLti/IYaWEsQYZXDlxfGEtA8mdDZ7SG3wyNXAWYT5SIn3giL57oA==", "cpu": [ "arm64" ], @@ -1715,25 +2541,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-x64-gnu": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-gnu/-/oxide-linux-x64-gnu-4.2.2.tgz", - "integrity": "sha512-rTAGAkDgqbXHNp/xW0iugLVmX62wOp2PoE39BTCGKjv3Iocf6AFbRP/wZT/kuCxC9QBh9Pu8XPkv/zCZB2mcMg==", - "cpu": [ - "x64" - ], - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">= 20" - } - }, - "node_modules/@tailwindcss/oxide-linux-x64-musl": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-musl/-/oxide-linux-x64-musl-4.2.2.tgz", - "integrity": "sha512-XW3t3qwbIwiSyRCggeO2zxe3KWaEbM0/kW9e8+0XpBgyKU4ATYzcVSMKteZJ1iukJ3HgHBjbg9P5YPRCVUxlnQ==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-gnu/-/oxide-linux-x64-gnu-4.3.1.tgz", + "integrity": "sha512-Ymi8O8T15HYQdOUWUtTI6ldN0neHP85FC+Qz32xTcZ7iJXtem/x8ITev0o1e9e5rkqj4lONZfTRLvkmin1+tKg==", "cpu": [ "x64" ], @@ -1746,97 +2556,55 @@ "node": ">= 20" } }, - "node_modules/@tailwindcss/oxide-wasm32-wasi": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-wasm32-wasi/-/oxide-wasm32-wasi-4.2.2.tgz", - "integrity": "sha512-eKSztKsmEsn1O5lJ4ZAfyn41NfG7vzCg496YiGtMDV86jz1q/irhms5O0VrY6ZwTUkFy/EKG3RfWgxSI3VbZ8Q==", - "bundleDependencies": [ - "@napi-rs/wasm-runtime", - "@emnapi/core", - "@emnapi/runtime", - "@tybys/wasm-util", - "@emnapi/wasi-threads", - "tslib" - ], - "cpu": [ - "wasm32" - ], - "license": "MIT", - "optional": true, - "dependencies": { - "@emnapi/core": "^1.8.1", - "@emnapi/runtime": "^1.8.1", - "@emnapi/wasi-threads": "^1.1.0", - "@napi-rs/wasm-runtime": "^1.1.1", - "@tybys/wasm-util": "^0.10.1", - "tslib": "^2.8.1" - }, - "engines": { - "node": ">=14.0.0" - } - }, - "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/core": { - "version": "1.8.1", - "inBundle": true, - "license": "MIT", - "optional": true, - "dependencies": { - "@emnapi/wasi-threads": "1.1.0", - "tslib": "^2.4.0" - } - }, - "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/runtime": { - "version": "1.8.1", - "inBundle": true, - "license": "MIT", - "optional": true, - "dependencies": { - "tslib": "^2.4.0" - } - }, - "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/wasi-threads": { - "version": "1.1.0", - "inBundle": true, - "license": "MIT", - "optional": true, - "dependencies": { - "tslib": "^2.4.0" - } - }, - "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@napi-rs/wasm-runtime": { - "version": "1.1.1", - "inBundle": true, + "node_modules/@tailwindcss/oxide-linux-x64-musl": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-musl/-/oxide-linux-x64-musl-4.3.1.tgz", + "integrity": "sha512-M+P/91qJ6uILLw4k2G93GMDRAXj61SMvFQYt39AqvUqYgExXpLL5aepfns7sj4HiAQeolirQF9E0lzRvdf4zPQ==", + "cpu": [ + "x64" + ], "license": "MIT", "optional": true, - "dependencies": { - "@emnapi/core": "^1.7.1", - "@emnapi/runtime": "^1.7.1", - "@tybys/wasm-util": "^0.10.1" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/Brooooooklyn" + "os": [ + "linux" + ], + "engines": { + "node": ">= 20" } }, - "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@tybys/wasm-util": { - "version": "0.10.1", - "inBundle": true, + "node_modules/@tailwindcss/oxide-wasm32-wasi": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-wasm32-wasi/-/oxide-wasm32-wasi-4.3.1.tgz", + "integrity": "sha512-zsM8uOeqvVGHsAXsJxsT28ttosFahLJKCLOTUBqRAtKnVgGSRitds9T432QiT8b77Yga7JIBkulIRRlJPtYhRA==", + "bundleDependencies": [ + "@napi-rs/wasm-runtime", + "@emnapi/core", + "@emnapi/runtime", + "@tybys/wasm-util", + "@emnapi/wasi-threads", + "tslib" + ], + "cpu": [ + "wasm32" + ], "license": "MIT", "optional": true, "dependencies": { - "tslib": "^2.4.0" + "@emnapi/core": "^1.10.0", + "@emnapi/runtime": "^1.10.0", + "@emnapi/wasi-threads": "^1.2.1", + "@napi-rs/wasm-runtime": "^1.1.4", + "@tybys/wasm-util": "^0.10.2", + "tslib": "^2.8.1" + }, + "engines": { + "node": ">=14.0.0" } }, - "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/tslib": { - "version": "2.8.1", - "inBundle": true, - "license": "0BSD", - "optional": true - }, "node_modules/@tailwindcss/oxide-win32-arm64-msvc": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-arm64-msvc/-/oxide-win32-arm64-msvc-4.2.2.tgz", - "integrity": "sha512-qPmaQM4iKu5mxpsrWZMOZRgZv1tOZpUm+zdhhQP0VhJfyGGO3aUKdbh3gDZc/dPLQwW4eSqWGrrcWNBZWUWaXQ==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-arm64-msvc/-/oxide-win32-arm64-msvc-4.3.1.tgz", + "integrity": "sha512-aiNvSq9BsVk8V513lDKlrCFAgf8qBMPZTpgEhInL+NwQqs97mYmupVMrPrgBBSL8Pv/0zXu9MrMF9rMun1ZeNg==", "cpu": [ "arm64" ], @@ -1850,9 +2618,9 @@ } }, "node_modules/@tailwindcss/oxide-win32-x64-msvc": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-x64-msvc/-/oxide-win32-x64-msvc-4.2.2.tgz", - "integrity": "sha512-1T/37VvI7WyH66b+vqHj/cLwnCxt7Qt3WFu5Q8hk65aOvlwAhs7rAp1VkulBJw/N4tMirXjVnylTR72uI0HGcA==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-x64-msvc/-/oxide-win32-x64-msvc-4.3.1.tgz", + "integrity": "sha512-xDEyu1rg290472FEGaKHnzyDyh5QH+AlWvsU5hMoMtPpzmKlRI0jaYKCgSHDYtaQWZOYbMaduSyCwFwY4n1HmA==", "cpu": [ "x64" ], @@ -1866,24 +2634,36 @@ } }, "node_modules/@tailwindcss/vite": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/@tailwindcss/vite/-/vite-4.2.2.tgz", - "integrity": "sha512-mEiF5HO1QqCLXoNEfXVA1Tzo+cYsrqV7w9Juj2wdUFyW07JRenqMG225MvPwr3ZD9N1bFQj46X7r33iHxLUW0w==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@tailwindcss/vite/-/vite-4.3.1.tgz", + "integrity": "sha512-hItDHuIIlEV61R+faXu66s1K36aTurO/Qw0e45Vskz57gXl9pWOT6eg3zmcEui6CZXddbN7zd41bwmvag4JGwQ==", "license": "MIT", "dependencies": { - "@tailwindcss/node": "4.2.2", - "@tailwindcss/oxide": "4.2.2", - "tailwindcss": "4.2.2" + "@tailwindcss/node": "4.3.1", + "@tailwindcss/oxide": "4.3.1", + "tailwindcss": "4.3.1" }, "peerDependencies": { "vite": "^5.2.0 || ^6 || ^7 || ^8" } }, + "node_modules/@tybys/wasm-util": { + "version": "0.10.3", + "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.10.3.tgz", + "integrity": "sha512-F3fo1MYrRJYL3zER0OUOmkutjr1Vp23m7OsSgp7nq4SP6OqX6C/56XFIPAl5bt3zaBRjmW7SGz3u/6LwFpYcOg==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, "node_modules/@types/debug": { "version": "4.1.13", "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.13.tgz", "integrity": "sha512-KSVgmQmzMwPlmtljOomayoR89W4FynCAi3E8PPs7vmDVPe84hT+vGPKkJfThkmXs0x0jAaa9U8uW8bbfyS2fWw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/ms": "*" } @@ -1894,6 +2674,15 @@ "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==", "license": "MIT" }, + "node_modules/@types/estree-jsx": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/@types/estree-jsx/-/estree-jsx-1.0.5.tgz", + "integrity": "sha512-52CcUVNFyfb1A2ALocQw/Dd1BQFNmSdkuC3BkZ6iqhdMfQz7JWOFRuJFloOzjk+6WijU56m9oKXFAXc7o3Towg==", + "license": "MIT", + "dependencies": { + "@types/estree": "*" + } + }, "node_modules/@types/hast": { "version": "3.0.4", "resolved": "https://registry.npmjs.org/@types/hast/-/hast-3.0.4.tgz", @@ -1916,7 +2705,9 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/@types/ms/-/ms-2.1.0.tgz", "integrity": "sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA==", - "license": "MIT" + "license": "MIT", + "optional": true, + "peer": true }, "node_modules/@types/nlcst": { "version": "2.0.3", @@ -1939,6 +2730,18 @@ "integrity": "sha512-WmoN8qaIAo7WTYWbAZuG8PYEhn5fkz7dZrqTBZ7dtt//lL2Gwms1IcnQ5yHqjDfX8Ft5j4YzDM23f87zBfDe9g==", "license": "ISC" }, + "node_modules/am-i-vibing": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/am-i-vibing/-/am-i-vibing-0.4.0.tgz", + "integrity": "sha512-MxT4XZL7pzLHpuvhDKdMaQHMGGkJDLluKBLsbstn+8wv9sWcFT6h+0ve9qkml95amVTZtZV83gQe2hY+ojgHLg==", + "license": "MIT", + "dependencies": { + "process-ancestry": "^0.1.0" + }, + "bin": { + "am-i-vibing": "dist/cli.mjs" + } + }, "node_modules/anymatch": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", @@ -1984,25 +2787,28 @@ "resolved": "https://registry.npmjs.org/array-iterate/-/array-iterate-2.0.1.tgz", "integrity": "sha512-I1jXZMjAgCMmxT4qxXfPXa6SthSoE8h6gkSI9BGGNv8mP8G/v0blc+qFnZu6K42vTOiuME596QaLO0TP3Lk0xg==", "license": "MIT", + "optional": true, + "peer": true, "funding": { "type": "github", "url": "https://github.com/sponsors/wooorm" } }, "node_modules/astro": { - "version": "6.4.5", - "resolved": "https://registry.npmjs.org/astro/-/astro-6.4.5.tgz", - "integrity": "sha512-0R7WLD1+WD/mTPcZxyKtcF0CztQi9ahFRtGM7oChJhxjNbr4lSBenxi+mk91k5bPTaUEoZ6edg1fDo2qP8bCwg==", + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/astro/-/astro-7.0.3.tgz", + "integrity": "sha512-CK+G+Tl2DMV1EXCwVG45vyurxf2IfRTklMxDhRKn+tst9Yl8rWXpudL62Fa6zin5Bt968FBvuyASj1aJShROZg==", "license": "MIT", "dependencies": { - "@astrojs/compiler": "^4.0.0", + "@astrojs/compiler-rs": "^0.2.2", "@astrojs/internal-helpers": "0.10.0", - "@astrojs/markdown-remark": "7.2.0", + "@astrojs/markdown-satteri": "0.3.2", "@astrojs/telemetry": "3.3.2", "@capsizecss/unpack": "^4.0.0", "@clack/prompts": "^1.1.0", "@oslojs/encoding": "^1.1.0", "@rollup/pluginutils": "^5.3.0", + "am-i-vibing": "^0.4.0", "aria-query": "^5.3.2", "axobject-query": "^4.1.0", "ci-info": "^4.4.0", @@ -2013,7 +2819,7 @@ "diff": "^8.0.3", "dset": "^3.1.4", "es-module-lexer": "^2.0.0", - "esbuild": "^0.27.3", + "esbuild": "^0.28.0", "flattie": "^1.1.1", "fontace": "~0.4.1", "get-tsconfig": "5.0.0-beta.4", @@ -2045,7 +2851,7 @@ "unist-util-visit": "^5.1.0", "unstorage": "^1.17.5", "vfile": "^6.0.3", - "vite": "^7.3.2", + "vite": "^8.0.13", "vitefu": "^1.1.2", "xxhash-wasm": "^1.1.0", "yargs-parser": "^22.0.0", @@ -2065,6 +2871,14 @@ }, "optionalDependencies": { "sharp": "^0.34.0" + }, + "peerDependencies": { + "@astrojs/markdown-remark": "7.2.0" + }, + "peerDependenciesMeta": { + "@astrojs/markdown-remark": { + "optional": true + } } }, "node_modules/axobject-query": { @@ -2086,6 +2900,13 @@ "url": "https://github.com/sponsors/wooorm" } }, + "node_modules/blake3-wasm": { + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/blake3-wasm/-/blake3-wasm-2.1.5.tgz", + "integrity": "sha512-F1+K8EbfOZE49dtoPtmxUQrpXaBIl3ICvasLh+nJta0xkz+9kF/7uet9fLnwKqhDrmj6g+6K3Tw9yQPUg2ka5g==", + "dev": true, + "license": "MIT" + }, "node_modules/boolbase": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz", @@ -2107,6 +2928,8 @@ "resolved": "https://registry.npmjs.org/character-entities/-/character-entities-2.0.2.tgz", "integrity": "sha512-shx7oQ0Awen/BRIdkjkvz54PnEEI/EjwXDSIZp86/KKdbafHh1Df/RYGBhn4hbe2+uKC9FnT5UCEdyPz3ai9hQ==", "license": "MIT", + "optional": true, + "peer": true, "funding": { "type": "github", "url": "https://github.com/sponsors/wooorm" @@ -2291,6 +3114,8 @@ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz", "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "ms": "^2.1.3" }, @@ -2308,6 +3133,8 @@ "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.3.0.tgz", "integrity": "sha512-GtpQYB283KrPp6nRw50q3U9/VfOutZOe103qlN7BPP6Ad27xYnOIWv4lPzo8HCAL+mMZofJ9KEy30fq6MfaK6Q==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "character-entities": "^2.0.0" }, @@ -2451,13 +3278,13 @@ } }, "node_modules/enhanced-resolve": { - "version": "5.20.1", - "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.20.1.tgz", - "integrity": "sha512-Qohcme7V1inbAfvjItgw0EaxVX5q2rdVEZHRBrEQdRZTssLDGsL8Lwrznl8oQ/6kuTJONLaDcGjkNP247XEhcA==", + "version": "5.21.6", + "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.21.6.tgz", + "integrity": "sha512-aNnGCvbJ/RIyWo1IuhNdVjnNF+EjH9wpzpNHt+ci/m9He9LJvUN8wrCcXjp9cWsGNAuvSpVFTx/vraAFQ8qGjQ==", "license": "MIT", "dependencies": { "graceful-fs": "^4.2.4", - "tapable": "^2.3.0" + "tapable": "^2.3.3" }, "engines": { "node": ">=10.13.0" @@ -2475,6 +3302,16 @@ "url": "https://github.com/fb55/entities?sponsor=1" } }, + "node_modules/error-stack-parser-es": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/error-stack-parser-es/-/error-stack-parser-es-1.0.5.tgz", + "integrity": "sha512-5qucVt2XcuGMcEGgWI7i+yZpmpByQ8J1lHhcL7PwqCwu9FPP3VUXzT4ltHe5i2z9dePwEHcDVOAfSnHsOlCXRA==", + "dev": true, + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/antfu" + } + }, "node_modules/es-module-lexer": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-2.0.0.tgz", @@ -2482,9 +3319,9 @@ "license": "MIT" }, "node_modules/esbuild": { - "version": "0.27.4", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.4.tgz", - "integrity": "sha512-Rq4vbHnYkK5fws5NF7MYTU68FPRE1ajX7heQ/8QXXWqNgqqJ/GkmmyxIzUnf2Sr/bakf8l54716CcMGHYhMrrQ==", + "version": "0.28.1", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.28.1.tgz", + "integrity": "sha512-HrJrvZv5ayxBzPfwphOoNzkzOIIlifzk0KJrGK2c8R4+LKpMtpYLQeUdjnwjWv/LZlkH2laZk+4w78pi99D4Vw==", "hasInstallScript": true, "license": "MIT", "bin": { @@ -2494,32 +3331,32 @@ "node": ">=18" }, "optionalDependencies": { - "@esbuild/aix-ppc64": "0.27.4", - "@esbuild/android-arm": "0.27.4", - "@esbuild/android-arm64": "0.27.4", - "@esbuild/android-x64": "0.27.4", - "@esbuild/darwin-arm64": "0.27.4", - "@esbuild/darwin-x64": "0.27.4", - "@esbuild/freebsd-arm64": "0.27.4", - "@esbuild/freebsd-x64": "0.27.4", - "@esbuild/linux-arm": "0.27.4", - "@esbuild/linux-arm64": "0.27.4", - "@esbuild/linux-ia32": "0.27.4", - "@esbuild/linux-loong64": "0.27.4", - "@esbuild/linux-mips64el": "0.27.4", - "@esbuild/linux-ppc64": "0.27.4", - "@esbuild/linux-riscv64": "0.27.4", - "@esbuild/linux-s390x": "0.27.4", - "@esbuild/linux-x64": "0.27.4", - "@esbuild/netbsd-arm64": "0.27.4", - "@esbuild/netbsd-x64": "0.27.4", - "@esbuild/openbsd-arm64": "0.27.4", - "@esbuild/openbsd-x64": "0.27.4", - "@esbuild/openharmony-arm64": "0.27.4", - "@esbuild/sunos-x64": "0.27.4", - "@esbuild/win32-arm64": "0.27.4", - "@esbuild/win32-ia32": "0.27.4", - "@esbuild/win32-x64": "0.27.4" + "@esbuild/aix-ppc64": "0.28.1", + "@esbuild/android-arm": "0.28.1", + "@esbuild/android-arm64": "0.28.1", + "@esbuild/android-x64": "0.28.1", + "@esbuild/darwin-arm64": "0.28.1", + "@esbuild/darwin-x64": "0.28.1", + "@esbuild/freebsd-arm64": "0.28.1", + "@esbuild/freebsd-x64": "0.28.1", + "@esbuild/linux-arm": "0.28.1", + "@esbuild/linux-arm64": "0.28.1", + "@esbuild/linux-ia32": "0.28.1", + "@esbuild/linux-loong64": "0.28.1", + "@esbuild/linux-mips64el": "0.28.1", + "@esbuild/linux-ppc64": "0.28.1", + "@esbuild/linux-riscv64": "0.28.1", + "@esbuild/linux-s390x": "0.28.1", + "@esbuild/linux-x64": "0.28.1", + "@esbuild/netbsd-arm64": "0.28.1", + "@esbuild/netbsd-x64": "0.28.1", + "@esbuild/openbsd-arm64": "0.28.1", + "@esbuild/openbsd-x64": "0.28.1", + "@esbuild/openharmony-arm64": "0.28.1", + "@esbuild/sunos-x64": "0.28.1", + "@esbuild/win32-arm64": "0.28.1", + "@esbuild/win32-ia32": "0.28.1", + "@esbuild/win32-x64": "0.28.1" } }, "node_modules/escape-string-regexp": { @@ -2527,6 +3364,8 @@ "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-5.0.0.tgz", "integrity": "sha512-/veY75JbMK4j1yjvuUxuVsiS/hr/4iHs9FTT6cgTexxdE0Ly/glccBAkloH/DofkjRbZU3bnoj38mOmhkZ0lHw==", "license": "MIT", + "optional": true, + "peer": true, "engines": { "node": ">=12" }, @@ -2700,6 +3539,8 @@ "resolved": "https://registry.npmjs.org/hast-util-is-element/-/hast-util-is-element-3.0.0.tgz", "integrity": "sha512-Val9mnv2IWpLbNPqc/pUem+a7Ipj2aHacCwgNfTiK0vJKl0LF+4Ba4+v1oPHFpf3bLYmreq0/l3Gud9S5OH42g==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/hast": "^3.0.0" }, @@ -2726,6 +3567,8 @@ "resolved": "https://registry.npmjs.org/hast-util-raw/-/hast-util-raw-9.1.0.tgz", "integrity": "sha512-Y8/SBAHkZGoNkpzqqfCldijcuUKh7/su31kEBp67cFY09Wy0mTRgtsLYsiIxMJxlu0f6AA5SUTbDR8K0rxnbUw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/hast": "^3.0.0", "@types/unist": "^3.0.0", @@ -2774,6 +3617,8 @@ "resolved": "https://registry.npmjs.org/hast-util-to-parse5/-/hast-util-to-parse5-8.0.1.tgz", "integrity": "sha512-MlWT6Pjt4CG9lFCjiz4BH7l9wmrMkfkJYCxFwKQic8+RTZgWPuWxwAfjJElsXkex7DJjfSJsQIt931ilUgmwdA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/hast": "^3.0.0", "comma-separated-tokens": "^2.0.0", @@ -2793,6 +3638,8 @@ "resolved": "https://registry.npmjs.org/hast-util-to-text/-/hast-util-to-text-4.0.2.tgz", "integrity": "sha512-KK6y/BN8lbaq654j7JgBydev7wuNMcID54lkRav1P0CaE1e47P72AWWPiGKXTJU271ooYzcvTAn/Zt0REnvc7A==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/hast": "^3.0.0", "@types/unist": "^3.0.0", @@ -2941,9 +3788,9 @@ } }, "node_modules/jiti": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.6.1.tgz", - "integrity": "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ==", + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.7.0.tgz", + "integrity": "sha512-AC/7JofJvZGrrneWNaEnJeOLUx+JlGt7tNa0wZiRPT4MY1wmfKjt2+6O2p2uz2+skll8OZZmJMNqeke7kKbNgQ==", "license": "MIT", "bin": { "jiti": "lib/jiti-cli.mjs" @@ -2977,6 +3824,16 @@ "integrity": "sha512-HUgH65KyejrUFPvHFPbqOY0rsFip3Bo5wb4ngvdi1EpCYWUQDC5V+Y7mZws+DLkr4M//zQJoanu1SP+87Dv1oQ==", "license": "MIT" }, + "node_modules/kleur": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-4.1.5.tgz", + "integrity": "sha512-o+NO+8WrRiQEE4/7nwRJhN1HWpVmJm511pBHUxPLtp0BUISzlBplORYSmTclCnJvQq2tKu/sgl3xVpkc7ZWuQQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6" + } + }, "node_modules/lightningcss": { "version": "1.32.0", "resolved": "https://registry.npmjs.org/lightningcss/-/lightningcss-1.32.0.tgz", @@ -3231,6 +4088,8 @@ "resolved": "https://registry.npmjs.org/longest-streak/-/longest-streak-3.1.0.tgz", "integrity": "sha512-9Ri+o0JYgehTaVBBDoMqIl8GXtbWg711O3srftcHhZ0dqnETqLaoIK0x17fUw9rFSlK/0NlsKe0Ahhyl5pXE2g==", "license": "MIT", + "optional": true, + "peer": true, "funding": { "type": "github", "url": "https://github.com/sponsors/wooorm" @@ -3270,15 +4129,17 @@ "resolved": "https://registry.npmjs.org/markdown-table/-/markdown-table-3.0.4.tgz", "integrity": "sha512-wiYz4+JrLyb/DqW2hkFJxP7Vd7JuTDm77fvbM8VfEQdmSMqcImWeeRbHwZjBjIFki/VaMK2BhFi7oUUZeM5bqw==", "license": "MIT", + "optional": true, + "peer": true, "funding": { "type": "github", "url": "https://github.com/sponsors/wooorm" } }, "node_modules/marked": { - "version": "17.0.6", - "resolved": "https://registry.npmjs.org/marked/-/marked-17.0.6.tgz", - "integrity": "sha512-gB0gkNafnonOw0obSTEGZTT86IuhILt2Wfx0mWH/1Au83kybTayroZ/V6nS25mN7u8ASy+5fMhgB3XPNrOZdmA==", + "version": "18.0.5", + "resolved": "https://registry.npmjs.org/marked/-/marked-18.0.5.tgz", + "integrity": "sha512-S6GcvALHg6K4ohtu4E7x0a1AqhAjp6cV8KhLSyN9qVapnzJkusVBxZRcIU9AeYsbe6P1hKDusSbEOzGyyuce6w==", "license": "MIT", "bin": { "marked": "bin/marked.js" @@ -3292,6 +4153,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-definitions/-/mdast-util-definitions-6.0.0.tgz", "integrity": "sha512-scTllyX6pnYNZH/AIp/0ePz6s4cZtARxImwoPJ7kS42n+MnVsI4XbnG6d4ibehRIldYMWM2LD7ImQblVhUejVQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "@types/unist": "^3.0.0", @@ -3307,6 +4170,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-find-and-replace/-/mdast-util-find-and-replace-3.0.2.tgz", "integrity": "sha512-Tmd1Vg/m3Xz43afeNxDIhWRtFZgM2VLyaf4vSTYwudTyeuTneoL3qtWMA5jeLyz/O1vDJmmV4QuScFCA2tBPwg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "escape-string-regexp": "^5.0.0", @@ -3323,6 +4188,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-from-markdown/-/mdast-util-from-markdown-2.0.3.tgz", "integrity": "sha512-W4mAWTvSlKvf8L6J+VN9yLSqQ9AOAAvHuoDAmPkz4dHf553m5gVj2ejadHJhoJmcmxEnOv6Pa8XJhpxE93kb8Q==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "@types/unist": "^3.0.0", @@ -3347,6 +4214,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-gfm/-/mdast-util-gfm-3.1.0.tgz", "integrity": "sha512-0ulfdQOM3ysHhCJ1p06l0b0VKlhU0wuQs3thxZQagjcjPrlFRqY215uZGHHJan9GEAXd9MbfPjFJz+qMkVR6zQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "mdast-util-from-markdown": "^2.0.0", "mdast-util-gfm-autolink-literal": "^2.0.0", @@ -3366,6 +4235,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-gfm-autolink-literal/-/mdast-util-gfm-autolink-literal-2.0.1.tgz", "integrity": "sha512-5HVP2MKaP6L+G6YaxPNjuL0BPrq9orG3TsrZ9YXbA3vDw/ACI4MEsnoDpn6ZNm7GnZgtAcONJyPhOP8tNJQavQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "ccount": "^2.0.0", @@ -3383,6 +4254,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-gfm-footnote/-/mdast-util-gfm-footnote-2.1.0.tgz", "integrity": "sha512-sqpDWlsHn7Ac9GNZQMeUzPQSMzR6Wv0WKRNvQRg0KqHh02fpTz69Qc1QSseNX29bhz1ROIyNyxExfawVKTm1GQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "devlop": "^1.1.0", @@ -3400,6 +4273,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-gfm-strikethrough/-/mdast-util-gfm-strikethrough-2.0.0.tgz", "integrity": "sha512-mKKb915TF+OC5ptj5bJ7WFRPdYtuHv0yTRxK2tJvi+BDqbkiG7h7u/9SI89nRAYcmap2xHQL9D+QG/6wSrTtXg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "mdast-util-from-markdown": "^2.0.0", @@ -3415,6 +4290,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-gfm-table/-/mdast-util-gfm-table-2.0.0.tgz", "integrity": "sha512-78UEvebzz/rJIxLvE7ZtDd/vIQ0RHv+3Mh5DR96p7cS7HsBhYIICDBCu8csTNWNO6tBWfqXPWekRuj2FNOGOZg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "devlop": "^1.0.0", @@ -3432,6 +4309,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-gfm-task-list-item/-/mdast-util-gfm-task-list-item-2.0.0.tgz", "integrity": "sha512-IrtvNvjxC1o06taBAVJznEnkiHxLFTzgonUdy8hzFVeDun0uTjxxrRGVaNFqkU1wJR3RBPEfsxmU6jDWPofrTQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "devlop": "^1.0.0", @@ -3448,6 +4327,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-phrasing/-/mdast-util-phrasing-4.1.0.tgz", "integrity": "sha512-TqICwyvJJpBwvGAMZjj4J2n0X8QWp21b9l0o7eXyVJ25YNWYbJDVIyD1bZXE6WtV6RmKJVYmQAKWa0zWOABz2w==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "unist-util-is": "^6.0.0" @@ -3483,6 +4364,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-to-markdown/-/mdast-util-to-markdown-2.1.2.tgz", "integrity": "sha512-xj68wMTvGXVOKonmog6LwyJKrYXZPvlwabaryTjLh9LuvovB/KAH+kvi8Gjj+7rJjsFi23nkUxRQv1KqSroMqA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "@types/unist": "^3.0.0", @@ -3504,6 +4387,8 @@ "resolved": "https://registry.npmjs.org/mdast-util-to-string/-/mdast-util-to-string-4.0.0.tgz", "integrity": "sha512-0H44vDimn51F0YwvxSJSm0eCDOJTRlmN0R1yBh4HLj9wiV1Dn0QoXGbvFAWj2hSItVTlCmBF1hqKlIyUBVFLPg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0" }, @@ -3533,6 +4418,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/debug": "^4.0.0", "debug": "^4.0.0", @@ -3568,6 +4455,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "decode-named-character-reference": "^1.0.0", "devlop": "^1.0.0", @@ -3592,6 +4481,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm/-/micromark-extension-gfm-3.0.0.tgz", "integrity": "sha512-vsKArQsicm7t0z2GugkCKtZehqUm31oeGBV/KVSorWSy8ZlNAv7ytjFhvaryUiCUJYqs+NoE6AFhpQvBTM6Q4w==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-extension-gfm-autolink-literal": "^2.0.0", "micromark-extension-gfm-footnote": "^2.0.0", @@ -3612,6 +4503,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm-autolink-literal/-/micromark-extension-gfm-autolink-literal-2.1.0.tgz", "integrity": "sha512-oOg7knzhicgQ3t4QCjCWgTmfNhvQbDDnJeVu9v81r7NltNCVmhPy1fJRX27pISafdjL+SVc4d3l48Gb6pbRypw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-character": "^2.0.0", "micromark-util-sanitize-uri": "^2.0.0", @@ -3628,6 +4521,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm-footnote/-/micromark-extension-gfm-footnote-2.1.0.tgz", "integrity": "sha512-/yPhxI1ntnDNsiHtzLKYnE3vf9JZ6cAisqVDauhp4CEHxlb4uoOTxOCJ+9s51bIB8U1N1FJ1RXOKTIlD5B/gqw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "devlop": "^1.0.0", "micromark-core-commonmark": "^2.0.0", @@ -3648,6 +4543,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm-strikethrough/-/micromark-extension-gfm-strikethrough-2.1.0.tgz", "integrity": "sha512-ADVjpOOkjz1hhkZLlBiYA9cR2Anf8F4HqZUO6e5eDcPQd0Txw5fxLzzxnEkSkfnD0wziSGiv7sYhk/ktvbf1uw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "devlop": "^1.0.0", "micromark-util-chunked": "^2.0.0", @@ -3666,6 +4563,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm-table/-/micromark-extension-gfm-table-2.1.1.tgz", "integrity": "sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "devlop": "^1.0.0", "micromark-factory-space": "^2.0.0", @@ -3683,6 +4582,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm-tagfilter/-/micromark-extension-gfm-tagfilter-2.0.0.tgz", "integrity": "sha512-xHlTOmuCSotIA8TW1mDIM6X2O1SiX5P9IuDtqGonFhEK0qgRI4yeC6vMxEV2dgyr2TiD+2PQ10o+cOhdVAcwfg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-types": "^2.0.0" }, @@ -3696,6 +4597,8 @@ "resolved": "https://registry.npmjs.org/micromark-extension-gfm-task-list-item/-/micromark-extension-gfm-task-list-item-2.1.0.tgz", "integrity": "sha512-qIBZhqxqI6fjLDYFTBIa4eivDMnP+OZqsNwmQ3xNLE4Cxwc+zfQEfbs6tzAo2Hjq+bh6q5F+Z8/cksrLFYWQQw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "devlop": "^1.0.0", "micromark-factory-space": "^2.0.0", @@ -3723,6 +4626,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-character": "^2.0.0", "micromark-util-symbol": "^2.0.0", @@ -3744,6 +4649,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "devlop": "^1.0.0", "micromark-util-character": "^2.0.0", @@ -3766,6 +4673,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-character": "^2.0.0", "micromark-util-types": "^2.0.0" @@ -3786,6 +4695,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-factory-space": "^2.0.0", "micromark-util-character": "^2.0.0", @@ -3808,6 +4719,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-factory-space": "^2.0.0", "micromark-util-character": "^2.0.0", @@ -3850,6 +4763,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-symbol": "^2.0.0" } @@ -3869,6 +4784,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-character": "^2.0.0", "micromark-util-symbol": "^2.0.0", @@ -3890,6 +4807,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-chunked": "^2.0.0", "micromark-util-types": "^2.0.0" @@ -3910,6 +4829,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-symbol": "^2.0.0" } @@ -3929,6 +4850,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "decode-named-character-reference": "^1.0.0", "micromark-util-character": "^2.0.0", @@ -3966,7 +4889,9 @@ "url": "https://opencollective.com/unified" } ], - "license": "MIT" + "license": "MIT", + "optional": true, + "peer": true }, "node_modules/micromark-util-normalize-identifier": { "version": "2.0.1", @@ -3983,6 +4908,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-symbol": "^2.0.0" } @@ -4002,6 +4929,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "micromark-util-types": "^2.0.0" } @@ -4042,6 +4971,8 @@ } ], "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "devlop": "^1.0.0", "micromark-util-chunked": "^2.0.0", @@ -4081,6 +5012,27 @@ ], "license": "MIT" }, + "node_modules/miniflare": { + "version": "4.20260630.0", + "resolved": "https://registry.npmjs.org/miniflare/-/miniflare-4.20260630.0.tgz", + "integrity": "sha512-lyRplDrSJJWVpzSSQPBSQtNmUuxScCZyOOkXFs37uSbdTfWRDDmw6DyFKVS2s1eYtA/i4u2xR/0FyPIsTl/HJw==", + "dev": true, + "license": "MIT", + "dependencies": { + "@cspotcode/source-map-support": "0.8.1", + "sharp": "0.34.5", + "undici": "7.28.0", + "workerd": "1.20260630.1", + "ws": "8.21.0", + "youch": "4.1.0-beta.10" + }, + "bin": { + "miniflare": "bootstrap.js" + }, + "engines": { + "node": ">=22.0.0" + } + }, "node_modules/mrmime": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/mrmime/-/mrmime-2.0.1.tgz", @@ -4094,12 +5046,14 @@ "version": "2.1.3", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", - "license": "MIT" + "license": "MIT", + "optional": true, + "peer": true }, "node_modules/nanoid": { - "version": "3.3.12", - "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz", - "integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==", + "version": "3.3.15", + "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.15.tgz", + "integrity": "sha512-y7Wygv/7mEOvxTuEQDB8StXdMRBWf1kR/tlhAzBRUFkB2jfcLOAxO/SHmOO2zgz1pVgK29/kyupn059/bCHdjA==", "funding": [ { "type": "github", @@ -4267,6 +5221,8 @@ "resolved": "https://registry.npmjs.org/parse-latin/-/parse-latin-7.0.0.tgz", "integrity": "sha512-mhHgobPPua5kZ98EF4HWiH167JWBfl4pvAIXXdbaVohtK7a6YBOy56kvhCqduqyo/f3yrHFWmqmiMg/BkBkYYQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/nlcst": "^2.0.0", "@types/unist": "^3.0.0", @@ -4292,6 +5248,20 @@ "url": "https://github.com/inikulin/parse5?sponsor=1" } }, + "node_modules/path-to-regexp": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.3.0.tgz", + "integrity": "sha512-Yhpw4T9C6hPpgPeA28us07OJeqZ5EzQTkbfwuhsUg0c237RomFoETJgmp2sa3F/41gfLE6G5cqcYwznmeEeOlQ==", + "dev": true, + "license": "MIT" + }, + "node_modules/pathe": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz", + "integrity": "sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==", + "dev": true, + "license": "MIT" + }, "node_modules/piccolore": { "version": "0.1.3", "resolved": "https://registry.npmjs.org/piccolore/-/piccolore-0.1.3.tgz", @@ -4353,6 +5323,15 @@ "node": ">=6" } }, + "node_modules/process-ancestry": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/process-ancestry/-/process-ancestry-0.1.0.tgz", + "integrity": "sha512-tGqJW/UnclpYASFcM6Xh8D8l/BMtaQ9+CSG0vlJSJTcdMM4lDRv4c6H0Pdcsfted+bVczdYSfk2fdukg2gQkZg==", + "license": "MIT", + "engines": { + "node": ">=18.0.0" + } + }, "node_modules/property-information": { "version": "7.1.0", "resolved": "https://registry.npmjs.org/property-information/-/property-information-7.1.0.tgz", @@ -4429,6 +5408,8 @@ "resolved": "https://registry.npmjs.org/rehype-raw/-/rehype-raw-7.0.0.tgz", "integrity": "sha512-/aE8hCfKlQeA8LmyeyQvQF3eBiLRGNlfBJEvWH7ivp9sBqs7TNqBL5X3v157rM4IFETqDnIOO+z5M/biZbo9Ww==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/hast": "^3.0.0", "hast-util-raw": "^9.0.0", @@ -4459,6 +5440,8 @@ "resolved": "https://registry.npmjs.org/remark-gfm/-/remark-gfm-4.0.1.tgz", "integrity": "sha512-1quofZ2RQ9EWdeN34S79+KExV1764+wCUGop5CPL1WGdD0ocPpu91lzPGbwWMECpEpd42kJGQwzRfyov9j4yNg==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "mdast-util-gfm": "^3.0.0", @@ -4477,6 +5460,8 @@ "resolved": "https://registry.npmjs.org/remark-parse/-/remark-parse-11.0.0.tgz", "integrity": "sha512-FCxlKLNGknS5ba/1lmpYijMUzX2esxW5xQqjWxw2eHFfS2MSdaHVINFmhjo+qN1WhZhNimq0dZATN9pH0IDrpA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "mdast-util-from-markdown": "^2.0.0", @@ -4493,6 +5478,8 @@ "resolved": "https://registry.npmjs.org/remark-rehype/-/remark-rehype-11.1.2.tgz", "integrity": "sha512-Dh7l57ianaEoIpzbp0PC9UKAdCSVklD8E5Rpw7ETfbTl3FqcOOgq5q2LVDhgGCkaBv7p24JXikPdvhhmHvKMsw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/hast": "^3.0.0", "@types/mdast": "^4.0.0", @@ -4510,6 +5497,8 @@ "resolved": "https://registry.npmjs.org/remark-smartypants/-/remark-smartypants-3.0.2.tgz", "integrity": "sha512-ILTWeOriIluwEvPjv67v7Blgrcx+LZOkAUVtKI3putuhlZm84FnqDORNXPPm+HY3NdZOMhyDwZ1E+eZB/Df5dA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "retext": "^9.0.0", "retext-smartypants": "^6.0.0", @@ -4525,6 +5514,8 @@ "resolved": "https://registry.npmjs.org/remark-stringify/-/remark-stringify-11.0.0.tgz", "integrity": "sha512-1OSmLd3awB/t8qdoEOMazZkNsfVTeY4fTsgzcQFdXNq8ToTN4ZGwrMnlda4K6smTFKD+GRV6O48i6Z4iKgPPpw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/mdast": "^4.0.0", "mdast-util-to-markdown": "^2.0.0", @@ -4549,6 +5540,8 @@ "resolved": "https://registry.npmjs.org/retext/-/retext-9.0.0.tgz", "integrity": "sha512-sbMDcpHCNjvlheSgMfEcVrZko3cDzdbe1x/e7G66dFp0Ff7Mldvi2uv6JkJQzdRcvLYE8CA8Oe8siQx8ZOgTcA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/nlcst": "^2.0.0", "retext-latin": "^4.0.0", @@ -4565,6 +5558,8 @@ "resolved": "https://registry.npmjs.org/retext-latin/-/retext-latin-4.0.0.tgz", "integrity": "sha512-hv9woG7Fy0M9IlRQloq/N6atV82NxLGveq+3H2WOi79dtIYWN8OaxogDm77f8YnVXJL2VD3bbqowu5E3EMhBYA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/nlcst": "^2.0.0", "parse-latin": "^7.0.0", @@ -4595,6 +5590,8 @@ "resolved": "https://registry.npmjs.org/retext-stringify/-/retext-stringify-4.0.0.tgz", "integrity": "sha512-rtfN/0o8kL1e+78+uxPTqu1Klt0yPzKuQ2BfWwwfgIUSayyzxpM1PJzkKt4V8803uB9qSy32MvI7Xep9khTpiA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/nlcst": "^2.0.0", "nlcst-to-string": "^4.0.0", @@ -4605,11 +5602,46 @@ "url": "https://opencollective.com/unified" } }, + "node_modules/rolldown": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/rolldown/-/rolldown-1.1.3.tgz", + "integrity": "sha512-1F1eEtUBtFvcGm1HQ9TiUIUHPQG7mSAODrhIzjxoUEFuo8OcbrGLiVLkevNgj84TE4lnHvnumwFjhJO5Eu135g==", + "license": "MIT", + "dependencies": { + "@oxc-project/types": "=0.137.0", + "@rolldown/pluginutils": "^1.0.0" + }, + "bin": { + "rolldown": "bin/cli.mjs" + }, + "engines": { + "node": "^20.19.0 || >=22.12.0" + }, + "optionalDependencies": { + "@rolldown/binding-android-arm64": "1.1.3", + "@rolldown/binding-darwin-arm64": "1.1.3", + "@rolldown/binding-darwin-x64": "1.1.3", + "@rolldown/binding-freebsd-x64": "1.1.3", + "@rolldown/binding-linux-arm-gnueabihf": "1.1.3", + "@rolldown/binding-linux-arm64-gnu": "1.1.3", + "@rolldown/binding-linux-arm64-musl": "1.1.3", + "@rolldown/binding-linux-ppc64-gnu": "1.1.3", + "@rolldown/binding-linux-s390x-gnu": "1.1.3", + "@rolldown/binding-linux-x64-gnu": "1.1.3", + "@rolldown/binding-linux-x64-musl": "1.1.3", + "@rolldown/binding-openharmony-arm64": "1.1.3", + "@rolldown/binding-wasm32-wasi": "1.1.3", + "@rolldown/binding-win32-arm64-msvc": "1.1.3", + "@rolldown/binding-win32-x64-msvc": "1.1.3" + } + }, "node_modules/rollup": { "version": "4.60.0", "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.60.0.tgz", "integrity": "sha512-yqjxruMGBQJ2gG4HtjZtAfXArHomazDHoFwFFmZZl0r7Pdo7qCIXKqKHZc8yeoMgzJJ+pO6pEEHa+V7uzWlrAQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/estree": "1.0.8" }, @@ -4649,6 +5681,28 @@ "fsevents": "~2.3.2" } }, + "node_modules/satteri": { + "version": "0.9.3", + "resolved": "https://registry.npmjs.org/satteri/-/satteri-0.9.3.tgz", + "integrity": "sha512-2XfBh89LCnBMFkNOeVKkBLelAZcIA17VLHsgJum1tJ2fXiPZDN/TDXv4ku46rFOQXYd41LJ0kiZh5gPqExcCsg==", + "dependencies": { + "@types/estree-jsx": "^1.0.5", + "@types/hast": "^3.0.4", + "@types/mdast": "^4.0.4", + "@types/unist": "^3.0.3" + }, + "optionalDependencies": { + "@bruits/satteri-darwin-arm64": "0.9.3", + "@bruits/satteri-darwin-x64": "0.9.3", + "@bruits/satteri-linux-arm64-gnu": "0.9.3", + "@bruits/satteri-linux-arm64-musl": "0.9.3", + "@bruits/satteri-linux-x64-gnu": "0.9.3", + "@bruits/satteri-linux-x64-musl": "0.9.3", + "@bruits/satteri-wasm32-wasi": "0.9.3", + "@bruits/satteri-win32-arm64-msvc": "0.9.3", + "@bruits/satteri-win32-x64-msvc": "0.9.3" + } + }, "node_modules/sax": { "version": "1.6.0", "resolved": "https://registry.npmjs.org/sax/-/sax-1.6.0.tgz", @@ -4674,9 +5728,9 @@ "version": "0.34.5", "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.34.5.tgz", "integrity": "sha512-Ou9I5Ft9WNcCbXrU9cMgPBcCK8LiwLqcbywW3t4oDV37n1pzpuNLsYiAV8eODnjbtQlSDwZ2cUEeQz4E54Hltg==", + "devOptional": true, "hasInstallScript": true, "license": "Apache-2.0", - "optional": true, "dependencies": { "@img/colour": "^1.0.0", "detect-libc": "^2.1.2", @@ -4790,6 +5844,19 @@ "url": "https://github.com/sponsors/wooorm" } }, + "node_modules/supports-color": { + "version": "10.2.2", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-10.2.2.tgz", + "integrity": "sha512-SS+jx45GF1QjgEXQx4NJZV9ImqmO2NPz5FNsIHrsDjh2YsHnawpan7SNQ1o8NuhrbHZy9AZhIoCUiCeaW/C80g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/chalk/supports-color?sponsor=1" + } + }, "node_modules/svgo": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/svgo/-/svgo-4.0.1.tgz", @@ -4816,15 +5883,15 @@ } }, "node_modules/tailwindcss": { - "version": "4.2.2", - "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-4.2.2.tgz", - "integrity": "sha512-KWBIxs1Xb6NoLdMVqhbhgwZf2PGBpPEiwOqgI4pFIYbNTfBXiKYyWoTsXgBQ9WFg/OlhnvHaY+AEpW7wSmFo2Q==", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-4.3.1.tgz", + "integrity": "sha512-hk+TB1m+K8CYNrP6rjQaq/Y+4Zylwpa87mLYBKCunwnnQ9p+fHb7kmSfGqyEJoxF/O6CDyABWVFEafNSYKll+Q==", "license": "MIT" }, "node_modules/tapable": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.3.2.tgz", - "integrity": "sha512-1MOpMXuhGzGL5TTCZFItxCc0AARf1EZFQkGqMm7ERKj8+Hgr5oLvJOVFcC+lRmR8hCe2S3jC4T5D7Vg/d7/fhA==", + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.3.3.tgz", + "integrity": "sha512-uxc/zpqFg6x7C8vOE7lh6Lbda8eEL9zmVm/PLeTPBRhh1xCgdWaQ+J1CUieGpIfm2HdtsUpRv+HshiasBMcc6A==", "license": "MIT", "engines": { "node": ">=6" @@ -4919,6 +5986,26 @@ "integrity": "sha512-Ql87qFHB3s/De2ClA9e0gsnS6zXG27SkTiSJwjCc9MebbfapQfuPzumMIUMi38ezPZVNFcHI9sUIepeQfw8J8Q==", "license": "MIT" }, + "node_modules/undici": { + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-7.28.0.tgz", + "integrity": "sha512-cRZYrTDwWznlnRiPjggAGxZXanty6M8RV1ff8Wm4LWXBp7/IG8v5DnOm74DtUBp9OONpK75YlPnIjQqX0dBDtA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=20.18.1" + } + }, + "node_modules/unenv": { + "version": "2.0.0-rc.24", + "resolved": "https://registry.npmjs.org/unenv/-/unenv-2.0.0-rc.24.tgz", + "integrity": "sha512-i7qRCmY42zmCwnYlh9H2SvLEypEFGye5iRmEMKjcGi7zk9UquigRjFtTLz0TYqr0ZGLZhaMHl/foy1bZR+Cwlw==", + "dev": true, + "license": "MIT", + "dependencies": { + "pathe": "^2.0.3" + } + }, "node_modules/unified": { "version": "11.0.5", "resolved": "https://registry.npmjs.org/unified/-/unified-11.0.5.tgz", @@ -4954,6 +6041,8 @@ "resolved": "https://registry.npmjs.org/unist-util-find-after/-/unist-util-find-after-5.0.0.tgz", "integrity": "sha512-amQa0Ep2m6hE2g72AugUItjbuM8X8cGQnFoHk0pGfrFeT9GZhzN5SW8nRsiGKK7Aif4CrACPENkA6P/Lw6fHGQ==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/unist": "^3.0.0", "unist-util-is": "^6.0.0" @@ -4981,6 +6070,8 @@ "resolved": "https://registry.npmjs.org/unist-util-modify-children/-/unist-util-modify-children-4.0.0.tgz", "integrity": "sha512-+tdN5fGNddvsQdIzUF3Xx82CU9sMM+fA0dLgR9vOmT0oPT2jH+P1nd5lSqfCfXAw+93NhcXNY2qqvTUtE4cQkw==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/unist": "^3.0.0", "array-iterate": "^2.0.0" @@ -5008,6 +6099,8 @@ "resolved": "https://registry.npmjs.org/unist-util-remove-position/-/unist-util-remove-position-5.0.0.tgz", "integrity": "sha512-Hp5Kh3wLxv0PHj9m2yZhhLt58KzPtEYKQQ4yxfYFEO7EvHwzyDYnduhHnY1mDxoqr7VUwVuHXk9RXKIiYS1N8Q==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/unist": "^3.0.0", "unist-util-visit": "^5.0.0" @@ -5050,6 +6143,8 @@ "resolved": "https://registry.npmjs.org/unist-util-visit-children/-/unist-util-visit-children-3.0.0.tgz", "integrity": "sha512-RgmdTfSBOg04sdPcpTSD1jzoNBjt9a80/ZCzp5cI9n1qPzLZWF9YdvWGN2zmTumP1HWhXKdUWexjy/Wy/lJ7tA==", "license": "MIT", + "optional": true, + "peer": true, "dependencies": { "@types/unist": "^3.0.0" }, @@ -5239,17 +6334,16 @@ } }, "node_modules/vite": { - "version": "7.3.2", - "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.2.tgz", - "integrity": "sha512-Bby3NOsna2jsjfLVOHKes8sGwgl4TT0E6vvpYgnAYDIF/tie7MRaFthmKuHx1NSXjiTueXH3do80FMQgvEktRg==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/vite/-/vite-8.1.0.tgz", + "integrity": "sha512-BuJcQK/56NQTWDGn4ABea3q4SSBdNPWwNZKTkkUpcMPnLoquSYH8llRtSUIgoL1KSCpHt5eghLShn50mH36y7Q==", "license": "MIT", "dependencies": { - "esbuild": "^0.27.0", - "fdir": "^6.5.0", - "picomatch": "^4.0.3", - "postcss": "^8.5.6", - "rollup": "^4.43.0", - "tinyglobby": "^0.2.15" + "lightningcss": "^1.32.0", + "picomatch": "^4.0.4", + "postcss": "^8.5.15", + "rolldown": "~1.1.2", + "tinyglobby": "^0.2.17" }, "bin": { "vite": "bin/vite.js" @@ -5265,9 +6359,10 @@ }, "peerDependencies": { "@types/node": "^20.19.0 || >=22.12.0", + "@vitejs/devtools": "^0.3.0", + "esbuild": "^0.27.0 || ^0.28.0", "jiti": ">=1.21.0", "less": "^4.0.0", - "lightningcss": "^1.21.0", "sass": "^1.70.0", "sass-embedded": "^1.70.0", "stylus": ">=0.54.8", @@ -5280,13 +6375,16 @@ "@types/node": { "optional": true }, - "jiti": { + "@vitejs/devtools": { "optional": true }, - "less": { + "esbuild": { + "optional": true + }, + "jiti": { "optional": true }, - "lightningcss": { + "less": { "optional": true }, "sass": { @@ -5312,6 +6410,22 @@ } } }, + "node_modules/vite/node_modules/tinyglobby": { + "version": "0.2.17", + "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.17.tgz", + "integrity": "sha512-wXR/dYpcqKmfWpEdZjiKJOwCNFndD0DMnrW/cYjVGttEkBfVgcLFHoNrlj47mjOVic9yyNu65alsgF4NQyTa2g==", + "license": "MIT", + "dependencies": { + "fdir": "^6.5.0", + "picomatch": "^4.0.4" + }, + "engines": { + "node": ">=12.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/SuperchupuDev" + } + }, "node_modules/vitefu": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/vitefu/-/vitefu-1.1.2.tgz", @@ -5350,6 +6464,85 @@ "node": ">=4" } }, + "node_modules/workerd": { + "version": "1.20260630.1", + "resolved": "https://registry.npmjs.org/workerd/-/workerd-1.20260630.1.tgz", + "integrity": "sha512-7M0AA4l14hmPGtzQ5YPHyXosIKI/uz3TdcPHeiFDbgb7/0c8ECVMzIaodSV5bZIVhDHL0OlzqITAdPiwAr+dTg==", + "dev": true, + "hasInstallScript": true, + "license": "Apache-2.0", + "bin": { + "workerd": "bin/workerd" + }, + "engines": { + "node": ">=16" + }, + "optionalDependencies": { + "@cloudflare/workerd-darwin-64": "1.20260630.1", + "@cloudflare/workerd-darwin-arm64": "1.20260630.1", + "@cloudflare/workerd-linux-64": "1.20260630.1", + "@cloudflare/workerd-linux-arm64": "1.20260630.1", + "@cloudflare/workerd-windows-64": "1.20260630.1" + } + }, + "node_modules/wrangler": { + "version": "4.106.0", + "resolved": "https://registry.npmjs.org/wrangler/-/wrangler-4.106.0.tgz", + "integrity": "sha512-b6EVbsvbmAUY4bUQXT3+f8oFP8x+J5rEa5z3Akeh+6vyKiN4x8+PyZ53DPpnqdxhIihhq/a00Yq5chGJ19QXBQ==", + "dev": true, + "license": "MIT OR Apache-2.0", + "dependencies": { + "@cloudflare/kv-asset-handler": "0.5.0", + "@cloudflare/unenv-preset": "2.16.1", + "blake3-wasm": "2.1.5", + "esbuild": "0.28.1", + "miniflare": "4.20260630.0", + "path-to-regexp": "6.3.0", + "unenv": "2.0.0-rc.24", + "workerd": "1.20260630.1" + }, + "bin": { + "cf-wrangler": "bin/cf-wrangler.js", + "wrangler": "bin/wrangler.js", + "wrangler2": "bin/wrangler.js" + }, + "engines": { + "node": ">=22.0.0" + }, + "optionalDependencies": { + "fsevents": "2.3.3" + }, + "peerDependencies": { + "@cloudflare/workers-types": "^4.20260630.1" + }, + "peerDependenciesMeta": { + "@cloudflare/workers-types": { + "optional": true + } + } + }, + "node_modules/ws": { + "version": "8.21.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.21.0.tgz", + "integrity": "sha512-Vsp28b7DRcimFQvrqu2Wek3z1iYxDCWqHYB8Qsnk/S4RfaCQzPGPyBNuVjJV3cd6UiKtUtp6sNM77gWvzcCH+g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + }, "node_modules/xxhash-wasm": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/xxhash-wasm/-/xxhash-wasm-1.1.0.tgz", @@ -5377,6 +6570,31 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/youch": { + "version": "4.1.0-beta.10", + "resolved": "https://registry.npmjs.org/youch/-/youch-4.1.0-beta.10.tgz", + "integrity": "sha512-rLfVLB4FgQneDr0dv1oddCVZmKjcJ6yX6mS4pU82Mq/Dt9a3cLZQ62pDBL4AUO+uVrCvtWz3ZFUL2HFAFJ/BXQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@poppinss/colors": "^4.1.5", + "@poppinss/dumper": "^0.6.4", + "@speed-highlight/core": "^1.2.7", + "cookie": "^1.0.2", + "youch-core": "^0.3.3" + } + }, + "node_modules/youch-core": { + "version": "0.3.3", + "resolved": "https://registry.npmjs.org/youch-core/-/youch-core-0.3.3.tgz", + "integrity": "sha512-ho7XuGjLaJ2hWHoK8yFnsUGy2Y5uDpqSTq1FkHLK4/oqKtyUU1AFbOOxY4IpC9f0fTLjwYbslUz0Po5BpD1wrA==", + "dev": true, + "license": "MIT", + "dependencies": { + "@poppinss/exception": "^1.2.2", + "error-stack-parser-es": "^1.0.5" + } + }, "node_modules/zod": { "version": "4.3.6", "resolved": "https://registry.npmjs.org/zod/-/zod-4.3.6.tgz", diff --git a/package.json b/package.json index ef26fe0..d399f91 100644 --- a/package.json +++ b/package.json @@ -7,16 +7,20 @@ "build": "astro build", "preview": "astro preview", "sync:fedramp": "npm --prefix cli run sync:fedramp", - "sync:tool-catalog": "npm --prefix cli run sync:tool-catalog" + "sync:tool-catalog": "npm --prefix cli run sync:tool-catalog", + "deploy": "npm run build && wrangler deploy" }, "dependencies": { "@monaco-editor/loader": "^1.7.0", - "@tailwindcss/vite": "^4.2.2", - "astro": "^6.1.6", - "marked": "^17.0.6" + "@tailwindcss/vite": "^4.3.1", + "astro": "^7.0.3", + "marked": "^18.0.5" }, "overrides": { "defu": "^6.1.6", - "vite": "7.3.2" + "vite": "8.1.0" + }, + "devDependencies": { + "wrangler": "^4.106.0" } } diff --git a/src/content/docs/docs/fedramp/index.md b/src/content/docs/docs/fedramp/index.md index 0d9ba22..70d1fd0 100644 --- a/src/content/docs/docs/fedramp/index.md +++ b/src/content/docs/docs/fedramp/index.md @@ -1,12 +1,12 @@ --- title: FedRAMP Official Sources -description: Official GitHub-grounded FedRAMP 20x and Rev5 reference material generated from FRMR documentation. +description: Official GitHub-grounded FedRAMP 20x and Rev5 reference material generated from the Consolidated Rules. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # FedRAMP Official Sources @@ -14,32 +14,37 @@ This section is generated from the official FedRAMP GitHub organization. grclank ## Current Grounding -- Primary source: [FedRAMP/docs](https://github.com/FedRAMP/docs) → [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` -- FRMR version: `0.9.43-beta` -- Upstream `last_updated`: `2026-04-08` +- Primary source: [FedRAMP/rules](https://github.com/FedRAMP/rules) → [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` +- Consolidated Rules version: `2026.07.02.02` +- Upstream `last_updated`: `2026-07-02` - Rev5 remains a first-class lane beside 20x in grclanker. ## Process Docs -- [Authorization Data Sharing](/docs/fedramp/processes/authorization-data-sharing/) — `ADS` · applies to `both`, `20x`, `rev5` · requirements: `both 15`, `20x 1`, `rev5 4` -- [Collaborative Continuous Monitoring](/docs/fedramp/processes/collaborative-continuous-monitoring/) — `CCM` · applies to `both` · requirements: `both 24`, `20x 0`, `rev5 0` -- [FedRAMP Security Inbox](/docs/fedramp/processes/fedramp-security-inbox/) — `FSI` · applies to `both` · requirements: `both 16`, `20x 0`, `rev5 0` -- [Incident Communications Procedures](/docs/fedramp/processes/incident-communications-procedures/) — `ICP` · applies to `20x` · requirements: `both 0`, `20x 9`, `rev5 0` -- [Key Security Indicators](/docs/fedramp/processes/key-security-indicators/) — `KSI` · applies to `20x` · requirements: `both 0`, `20x 3`, `rev5 0` +- [Addressing FedRAMP Communication](/docs/fedramp/processes/addressing-fedramp-communication/) — `AFC` · applies to `both` · requirements: `both 16`, `20x 0`, `rev5 0` +- [Agency Use of FedRAMP Certified Cloud Services](/docs/fedramp/processes/agency-use/) — `AGU` · applies to `both` · requirements: `both 20`, `20x 0`, `rev5 0` +- [Collaborative Continuous Monitoring](/docs/fedramp/processes/collaborative-continuous-monitoring/) — `CCM` · applies to `both` · requirements: `both 21`, `20x 0`, `rev5 0` +- [Certification Data Sharing](/docs/fedramp/processes/certification-data-sharing/) — `CDS` · applies to `both`, `rev5` · requirements: `both 20`, `20x 0`, `rev5 1` +- [Cryptographic Module Use](/docs/fedramp/processes/cryptographic-module-use/) — `CMU` · applies to `both` · requirements: `both 3`, `20x 0`, `rev5 0` +- [Certification Package Overview](/docs/fedramp/processes/certification-package-overview/) — `CPO` · applies to `both`, `20x`, `rev5` · requirements: `both 2`, `20x 1`, `rev5 1` +- [FedRAMP Certification](/docs/fedramp/processes/fedramp-certification/) — `FRC` · applies to `both`, `20x`, `rev5` · requirements: `both 21`, `20x 4`, `rev5 4` +- [Incident Evaluation and Communication](/docs/fedramp/processes/incident-evaluation-and-communication/) — `IEC` · applies to `both` · requirements: `both 8`, `20x 0`, `rev5 0` +- [Independent Verification and Validation](/docs/fedramp/processes/independent-verification-and-validation/) — `IVV` · applies to `both`, `20x`, `rev5` · requirements: `both 15`, `20x 1`, `rev5 4` - [Minimum Assessment Scope](/docs/fedramp/processes/minimum-assessment-scope/) — `MAS` · applies to `both` · requirements: `both 5`, `20x 0`, `rev5 0` -- [Persistent Validation and Assessment](/docs/fedramp/processes/persistent-validation-and-assessment/) — `PVA` · applies to `20x` · requirements: `both 0`, `20x 18`, `rev5 0` +- [Marketplace Listing](/docs/fedramp/processes/marketplace-listing/) — `MKT` · applies to `both` · requirements: `both 12`, `20x 0`, `rev5 0` +- [FedRAMP Recognition of Independent Assessment Services](/docs/fedramp/processes/fedramp-recognition/) — `REC` · applies to `both` · requirements: `both 16`, `20x 0`, `rev5 0` - [Secure Configuration Guide](/docs/fedramp/processes/secure-configuration-guide/) — `SCG` · applies to `both` · requirements: `both 9`, `20x 0`, `rev5 0` -- [Significant Change Notifications](/docs/fedramp/processes/significant-change-notifications/) — `SCN` · applies to `both` · requirements: `both 17`, `20x 0`, `rev5 0` -- [Using Cryptographic Modules](/docs/fedramp/processes/using-cryptographic-modules/) — `UCM` · applies to `20x` · requirements: `both 0`, `20x 3`, `rev5 0` -- [Vulnerability Detection and Response](/docs/fedramp/processes/vulnerability-detection-and-response/) — `VDR` · applies to `both` · requirements: `both 39`, `20x 0`, `rev5 0` +- [Significant Change Notification](/docs/fedramp/processes/significant-change-notification/) — `SCN` · applies to `both` · requirements: `both 17`, `20x 0`, `rev5 0` +- [Security Decision Record](/docs/fedramp/processes/security-decision-record/) — `SDR` · applies to `both`, `20x`, `rev5` · requirements: `both 2`, `20x 2`, `rev5 1` +- [Vulnerability Detection and Response](/docs/fedramp/processes/vulnerability-detection-and-response/) — `VDR` · applies to `both`, `20x`, `rev5` · requirements: `both 16`, `20x 1`, `rev5 1` +- [Vulnerability Evaluation and Reporting](/docs/fedramp/processes/vulnerability-evaluation-and-reporting/) — `VER` · applies to `both` · requirements: `both 25`, `20x 0`, `rev5 0` ## KSI Domains -- [Authorization by FedRAMP](/docs/fedramp/ksi/authorization-by-fedramp/) — `AFR` · 10 indicators -- [Cybersecurity Education](/docs/fedramp/ksi/cybersecurity-education/) — `CED` · 4 indicators +- [Cybersecurity Education](/docs/fedramp/ksi/cybersecurity-education/) — `CED` · 1 indicator - [Change Management](/docs/fedramp/ksi/change-management/) — `CMT` · 4 indicators - [Cloud Native Architecture](/docs/fedramp/ksi/cloud-native-architecture/) — `CNA` · 8 indicators -- [Identity and Access Management](/docs/fedramp/ksi/identity-and-access-management/) — `IAM` · 7 indicators +- [Identity and Access Management](/docs/fedramp/ksi/identity-and-access-management/) — `IAM` · 6 indicators - [Incident Response](/docs/fedramp/ksi/incident-response/) — `INR` · 3 indicators - [Monitoring, Logging, and Auditing](/docs/fedramp/ksi/monitoring-logging-and-auditing/) — `MLA` · 5 indicators - [Policy and Inventory](/docs/fedramp/ksi/policy-and-inventory/) — `PIY` · 5 indicators diff --git a/src/content/docs/docs/fedramp/ksi/authorization-by-fedramp.md b/src/content/docs/docs/fedramp/ksi/authorization-by-fedramp.md deleted file mode 100644 index 9e31bfb..0000000 --- a/src/content/docs/docs/fedramp/ksi/authorization-by-fedramp.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: Authorization by FedRAMP — FedRAMP KSI Domain -description: Official FRMR-generated summary for the AFR FedRAMP key security indicator domain. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Authorization by FedRAMP - -Domain code: `AFR` · Domain ID: `KSI-AFR` · Web slug: `authorization-by-fedramp` - -## Theme - -A secure cloud service provider seeking FedRAMP authorization will address all FedRAMP 20x requirements and recommendations, including government-specific requirements for maintaining a secure system and reporting on activities to government customers. - -## Indicators - -### `KSI-AFR-ADS` (formerly `KSI-AFR-03`) — Authorization Data Sharing - -Determine how authorization data will be shared with all necessary parties in alignment with the FedRAMP Authorization Data Sharing (ADS) process and persistently address all related requirements and recommendations. - -Reference: [Authorization Data Sharing](https://fedramp.gov/docs/20x/authorization-data-sharing) - -Mapped Rev5 controls: `ac-3`, `ac-4`, `au-2`, `au-3`, `au-6`, `ca-2`, `ir-4`, `ra-5`, `sc-8` - -Terms: `All Necessary Parties`, `Authorization data`, `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-CCM` (formerly `KSI-AFR-06`) — Collaborative Continuous Monitoring - -Maintain a plan and process for providing Ongoing Authorization Reports and Quarterly Reviews for all necessary parties in alignment with the FedRAMP Collaborative Continuous Monitoring (CCM) process and persistently address all related requirements and recommendations. - -Reference: [Collaborative Continuous Monitoring](https://fedramp.gov/docs/20x/collaborative-continuous-monitoring) - -Terms: `All Necessary Parties`, `Persistently`, `Quarterly Review` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-FSI` (formerly `KSI-AFR-08`) — FedRAMP Security Inbox - -Operate a secure inbox to receive critical communication from FedRAMP and other government entities in alignment with FedRAMP Security Inbox (FSI) requirements and persistently address all related requirements and recommendations. - -Reference: [FedRAMP Security Inbox](https://fedramp.gov/docs/20x/fedramp-security-inbox) - -Terms: `FedRAMP Security Inbox`, `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-ICP` (formerly `KSI-AFR-10`) — Incident Communications Procedures - -Integrate FedRAMP's Incident Communications Procedures (ICP) into incident response procedures and persistently address all related requirements and recommendations. - -Reference: [Incident Communications Procedures](https://fedramp.gov/docs/20x/incident-communications-procedures) - -Terms: `Incident`, `Persistently`, `Vulnerability Response` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-MAS` (formerly `KSI-AFR-01`) — Minimum Assessment Scope - -Apply the FedRAMP Minimum Assessment Scope (MAS) to identify and document the scope of the cloud service offering to be assessed for FedRAMP authorization and persistently address all related requirements and recommendations. - -Reference: [Minimum Assessment Scope](https://fedramp.gov/docs/20x/minimum-assessment-scope) - -Mapped Rev5 controls: `ac-1`, `ac-21`, `at-1`, `au-1`, `ca-1`, `cm-1`, `cp-1`, `cp-2.1`, `cp-2.8`, `cp-4.1`, `ia-1`, `ir-1`, `ma-1`, `mp-1`, `pe-1`, `pl-1`, `pl-2`, `pl-4`, `pl-4.1`, `ps-1`, `ra-1`, `ra-9`, `sa-1`, `sc-1`, `si-1`, `sr-1`, `sr-2`, `sr-3`, `sr-11` - -Terms: `Cloud Service Offering`, `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-PVA` (formerly `KSI-AFR-09`) — Persistent Validation and Assessment - -Persistently validate, assess, and report on the effectiveness and status of security decisions and policies that are implemented within the cloud service offering in alignment with the FedRAMP 20x Persistent Validation and Assessment (PVA) process, and persistently address all related requirements and recommendations. - -Reference: [Persistent Validation and Assessment](https://fedramp.gov/docs/20x/persistent-validation-and-assessment) - -Terms: `Cloud Service Offering`, `Persistent Validation`, `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-SCG` (formerly `KSI-AFR-07`) — Secure Configuration Guide - -Develop secure by default configurations and provide guidance for secure configuration of the cloud service offering to customers in alignment with the FedRAMP Secure Configuration Guide (SCG) process and persistently address all related requirements and recommendations. - -Reference: [Secure Configuration Guide](https://fedramp.gov/docs/20x/secure-configuration-guide) - -Terms: `Cloud Service Offering`, `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-SCN` (formerly `KSI-AFR-05`) — Significant Change Notifications - -Determine how significant changes will be tracked and how all necessary parties will be notified in alignment with the FedRAMP Significant Change Notifications (SCN) process and persistently address all related requirements and recommendations. - -Reference: [Significant Change Notifications](https://fedramp.gov/docs/20x/significant-change-notifications) - -Mapped Rev5 controls: `ca-7.4`, `cm-3.4`, `cm-4`, `cm-7.1`, `au-5`, `ca-5`, `ca-7`, `ra-5`, `ra-5.2`, `sa-22`, `si-2`, `si-2.2`, `si-3`, `si-5`, `si-7.7`, `si-10`, `si-11` - -Terms: `All Necessary Parties`, `Persistently`, `Significant change` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-UCM` (formerly `KSI-AFR-11`) — Using Cryptographic Modules - -Ensure that cryptographic modules used to protect potentially sensitive federal customer data are selected and used in alignment with the FedRAMP 20x Using Cryptographic Modules (UCM) guidance and persistently address all related requirements and recommendations. - -Reference: [Using Cryptographic Modules](https://fedramp.gov/docs/20x/using-cryptographic-modules) - -Terms: `Federal Customer Data`, `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-AFR-VDR` (formerly `KSI-AFR-04`) — Vulnerability Detection and Response - -Document the vulnerability detection and vulnerability response methodology used within the cloud service offering in alignment with the FedRAMP Vulnerability Detection and Response (VDR) process and persistently address all related requirements and recommendations. - -Reference: [Vulnerability Detection and Response](https://fedramp.gov/docs/20x/vulnerability-detection-and-response) - -Mapped Rev5 controls: `ca-2`, `ca-7`, `ca-7.6`, `ir-1`, `ir-4`, `ir-4.1`, `ir-5`, `ir-5.1`, `ir-6`, `ir-6.1`, `ir-6.2`, `pm-3`, `pm-5`, `pm-31`, `ra-2`, `ra-2.1`, `ra-3`, `ra-3.3`, `ra-5`, `ra-5.2`, `ra-5.3`, `ra-5.4`, `ra-5.5`, `ra-5.6`, `ra-5.7`, `ra-5.11`, `ra-9`, `ra-10`, `si-2`, `si-2.1`, `si-2.2`, `si-2.4`, `si-2.5`, `si-3`, `si-3.1`, `si-3.2`, `si-4`, `si-4.2`, `si-4.3`, `si-4.7`, `ca-7.4`, `ra-7` - -Terms: `Cloud Service Offering`, `Persistently`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. diff --git a/src/content/docs/docs/fedramp/ksi/change-management.md b/src/content/docs/docs/fedramp/ksi/change-management.md index 686e30f..9705563 100644 --- a/src/content/docs/docs/fedramp/ksi/change-management.md +++ b/src/content/docs/docs/fedramp/ksi/change-management.md @@ -1,59 +1,55 @@ --- title: Change Management — FedRAMP KSI Domain -description: Official FRMR-generated summary for the CMT FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the CMT FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Change Management Domain code: `CMT` · Domain ID: `KSI-CMT` · Web slug: `change-management` -## Theme - -A secure cloud service provider will ensure that all changes are properly documented and configuration baselines are updated accordingly. - ## Indicators -### `KSI-CMT-LMC` (formerly `KSI-CMT-01`) — Logging Changes +### `KSI-CMT-LMC` — Logging Changes -Log and monitor modifications to the cloud service offering. +Modifications to the cloud service offering are logged and monitored. Mapped Rev5 controls: `au-2`, `cm-3`, `cm-3.2`, `cm-4.2`, `cm-6`, `cm-8.3`, `ma-2` Terms: `Cloud Service Offering` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CMT-RMV` (formerly `KSI-CMT-02`) — Redeploying vs Modifying +### `KSI-CMT-RMV` — Redeploying vs Modifying -Execute changes to machine-based information resources through redeployment of version controlled immutable resources rather than direct modification wherever reasonable. +Changes to machine-based information resources are executed through the redeployment of version controlled resources rather than direct modification wherever reasonable. Mapped Rev5 controls: `cm-2`, `cm-3`, `cm-5`, `cm-6`, `cm-7`, `cm-8.1`, `si-3` -Terms: `Information Resource`, `Machine-Based (information resources)` +Terms: `Information Resource`, `Machine-Based (Information Resources)` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CMT-RVP` (formerly `KSI-CMT-04`) — Reviewing Change Procedures +### `KSI-CMT-RVP` — Reviewing Change Procedures -Persistently review the effectiveness of documented change management procedures. +The effectiveness of documented change management procedures is persistently reviewed. Mapped Rev5 controls: `cm-3`, `cm-3.2`, `cm-3.4`, `cm-5`, `cm-7.1`, `cm-9` Terms: `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CMT-VTD` (formerly `KSI-CMT-03`) — Validating Throughout Deployment +### `KSI-CMT-VTD` — Validating Throughout Deployment -Automate persistent testing and validation of changes throughout deployment. +Persistent testing and validation of changes throughout deployment is automated. Mapped Rev5 controls: `cm-3`, `cm-3.2`, `cm-4.2`, `si-2` -Terms: `Persistent Validation`, `Persistently` +Terms: `Persistently`, `Validation` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/cloud-native-architecture.md b/src/content/docs/docs/fedramp/ksi/cloud-native-architecture.md index e451c90..4ca9b6d 100644 --- a/src/content/docs/docs/fedramp/ksi/cloud-native-architecture.md +++ b/src/content/docs/docs/fedramp/ksi/cloud-native-architecture.md @@ -1,93 +1,94 @@ --- title: Cloud Native Architecture — FedRAMP KSI Domain -description: Official FRMR-generated summary for the CNA FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the CNA FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Cloud Native Architecture Domain code: `CNA` · Domain ID: `KSI-CNA` · Web slug: `cloud-native-architecture` -## Theme - -A secure cloud service offering will use cloud native architecture and design principles to enforce and enhance the confidentiality, integrity and availability of the system. - ## Indicators -### `KSI-CNA-DFP` (formerly `KSI-CNA-04`) — Defining Functionality and Privileges +### `KSI-CNA-DFP` — Defining Functionality and Privileges -Strictly define the functionality and privileges for infrastructure and services. +The functionality and privileges for infrastructure and services are strictly defined. Mapped Rev5 controls: `cm-2`, `si-3` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-EIS` (formerly `KSI-CNA-08`) — Enforcing Intended State +### `KSI-CNA-EIS` — Enforcing Intended State +Varies by certification class: +- **Class B:** **Optional:** Automated services are used to persistently assess the security of all machine-based information resources and automatically enforce their intended operational state. +- **Class C:** Automated services are used to persistently assess the security of all machine-based information resources and automatically enforce their intended operational state. Mapped Rev5 controls: `ca-2.1`, `ca-7.1` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-IBP` (formerly `KSI-CNA-07`) — Implementing Best Practices +### `KSI-CNA-IBP` — Implementing Best Practices -Persistently ensure cloud-native machine-based information resources are implemented based on the host provider's best practices and documented guidance. +The use and configuration of third-party machine-based information resources is persistently compared against the original provider's best practices and guidance. Mapped Rev5 controls: `ac-17.3`, `cm-2`, `pl-10` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently`, `Provider` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-MAT` (formerly `KSI-CNA-02`) — Minimizing Attack Surface +### `KSI-CNA-MAT` — Minimizing Attack Surface -Persistently ensure machine-based information resources have a minimal attack surface and that lateral movement is minimized if compromised. +Machine-based information resources are persistently reviewed to ensure they have a minimal attack surface and that lateral movement is minimized if compromised. Mapped Rev5 controls: `ac-17.3`, `ac-18.1`, `ac-18.3`, `ac-20.1`, `ca-9`, `sc-7.3`, `sc-7.4`, `sc-7.5`, `sc-7.8`, `sc-8`, `sc-10`, `si-10`, `si-11`, `si-16` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-OFA` (formerly `KSI-CNA-06`) — Optimizing for Availability +### `KSI-CNA-OFA` — Optimizing for Availability -Appropriately optimize machine-based information resources for high availability and rapid recovery. +Machine-based information resources are persistently reviewed to ensure they are appropriately optimized for high availability and rapid recovery. -Terms: `Information Resource`, `Machine-Based (information resources)` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-RNT` (formerly `KSI-CNA-01`) — Restricting Network Traffic +### `KSI-CNA-RNT` — Restricting Network Traffic -Persistently ensure all machine-based information resources are configured to limit inbound and outbound network traffic. +Machine-based information resources are persistently reviewed to ensure they are appropriately configured to limit inbound and outbound network traffic. Mapped Rev5 controls: `ac-17.3`, `ca-9`, `cm-7.1`, `sc-7.5`, `si-8` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-RVP` (formerly `KSI-CNA-05`) — Reviewing Protections +### `KSI-CNA-RVP` — Reviewing Protections -Persistently review the effectiveness of protection against denial of service attacks and other unwanted activity. +The effectiveness of protection against denial of service attacks and other unwanted activity for machine-based information resources is persistently reviewed. Mapped Rev5 controls: `sc-5`, `si-8`, `si-8.2` -Terms: `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-CNA-ULN` (formerly `KSI-CNA-03`) — Using Logical Networking +### `KSI-CNA-ULN` — Using Logical Networking -Use logical networking and related capabilities to enforce traffic flow controls. +Logical networking and related capabilities are used and persistently reviewed to enforce traffic flow controls. Mapped Rev5 controls: `ac-12`, `ac-17.3`, `ca-9`, `sc-4`, `sc-7`, `sc-7.7`, `sc-8`, `sc-10` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Terms: `Persistently` + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/cybersecurity-education.md b/src/content/docs/docs/fedramp/ksi/cybersecurity-education.md index 678cb16..5398f78 100644 --- a/src/content/docs/docs/fedramp/ksi/cybersecurity-education.md +++ b/src/content/docs/docs/fedramp/ksi/cybersecurity-education.md @@ -1,57 +1,25 @@ --- title: Cybersecurity Education — FedRAMP KSI Domain -description: Official FRMR-generated summary for the CED FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the CED FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Cybersecurity Education Domain code: `CED` · Domain ID: `KSI-CED` · Web slug: `cybersecurity-education` -## Theme - -A secure cloud service provider will educate their employees on cybersecurity measures, testing them persistently to ensure their knowledge is satisfactory. - ## Indicators -### `KSI-CED-DET` (formerly `KSI-CED-03`) — Reviewing Development and Engineering Training - -Persistently review the effectiveness of role-specific training given to development and engineering staff that covers best practices for delivering secure software. - -Mapped Rev5 controls: `cp-3`, `ir-2`, `ps-6` - -Terms: `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-CED-RGT` (formerly `KSI-CED-01`) — Reviewing General Training - -Persistently review the effectiveness of training given to all employees on policies, procedures, and security-related topics. +### `KSI-CED-RAT` — Reviewing All Training -Mapped Rev5 controls: `at-2`, `at-2.2`, `at-2.3`, `at-3.5`, `at-4`, `ir-2.3` +The effectiveness of relevant cybersecurity education and training is persistently reviewed, including at least general training for all employees, role-specific training for employees in high risk roles, training for development and engineering staff on secure software delivery, and training for staff involved with incident response or disaster recovery. -Terms: `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-CED-RRT` (formerly `KSI-CED-04`) — Reviewing Response and Recovery Training - -Persistently review the effectiveness of role-specific training given to staff involved with incident response or disaster recovery. +Mapped Rev5 controls: `cp-3`, `ir-2`, `ps-6`, `at-2`, `at-2.2`, `at-2.3`, `at-3.5`, `at-4`, `ir-2.3`, `at-3`, `sr-11.1` Terms: `Incident`, `Persistently`, `Vulnerability Response` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-CED-RST` (formerly `KSI-CED-02`) — Reviewing Role-Specific Training - -Persistently review the effectiveness of role-specific training given to employees in high risk roles, including at least roles with privileged access. - -Mapped Rev5 controls: `at-2`, `at-2.3`, `at-3`, `sr-11.1` - -Terms: `Persistently` - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/identity-and-access-management.md b/src/content/docs/docs/fedramp/ksi/identity-and-access-management.md index 6be720b..de12ec3 100644 --- a/src/content/docs/docs/fedramp/ksi/identity-and-access-management.md +++ b/src/content/docs/docs/fedramp/ksi/identity-and-access-management.md @@ -1,79 +1,71 @@ --- title: Identity and Access Management — FedRAMP KSI Domain -description: Official FRMR-generated summary for the IAM FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the IAM FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Identity and Access Management Domain code: `IAM` · Domain ID: `KSI-IAM` · Web slug: `identity-and-access-management` -## Theme - -A secure cloud service offering will protect user data, control access, and apply zero trust principles. - ## Indicators -### `KSI-IAM-AAM` (formerly `KSI-IAM-07`) — Automating Account Management +### `KSI-IAM-AAM` — Automating Account Management -Securely manage the lifecycle and privileges of all accounts, roles, and groups, using automation. +The lifecycle and privileges of all accounts, roles, and groups are securely managed using automation. Mapped Rev5 controls: `ac-2.2`, `ac-2.3`, `ac-2.13`, `ac-6.7`, `ia-4.4`, `ia-12`, `ia-12.2`, `ia-12.3`, `ia-12.5` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-IAM-APM` (formerly `KSI-IAM-02`) — Adopting Passwordless Methods +### `KSI-IAM-APM` — Adopting Passwordless Methods -Use secure passwordless methods for user authentication and authorization when feasible, otherwise enforce strong passwords with MFA for authentication. +Secure passwordless methods are used for user authentication and authorization when feasible, otherwise strong passwords with phishing-resistant MFA is used. -Mapped Rev5 controls: `ac-2`, `ac-3`, `ia-2.1`, `ia-2.2`, `ia-2.8`, `ia-5.1`, `ia-5.2`, `ia-5.6`, `ia-6` +Mapped Rev5 controls: `ac-3`, `ia-5.1`, `ia-5.2`, `ia-5.6`, `ia-6`, `ac-2`, `ia-2`, `ia-2.1`, `ia-2.2`, `ia-2.8`, `ia-5`, `ia-8`, `sc-23` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-IAM-ELP` (formerly `KSI-IAM-05`) — Ensuring Least Privilege +### `KSI-IAM-ELP` — Ensuring Least Privilege -Persistently ensure that identity and access management employs measures to ensure each user or device can only access the resources they need. +Identity and access management measures are used and persistently reviewed to ensure each user or device can only access the resources they need. Mapped Rev5 controls: `ac-2.5`, `ac-2.6`, `ac-3`, `ac-4`, `ac-6`, `ac-12`, `ac-14`, `ac-17`, `ac-17.1`, `ac-17.2`, `ac-17.3`, `ac-20`, `ac-20.1`, `cm-2.7`, `cm-9`, `ia-2`, `ia-3`, `ia-4`, `ia-4.4`, `ia-5.2`, `ia-5.6`, `ia-11`, `ps-2`, `ps-3`, `ps-4`, `ps-5`, `ps-6`, `sc-4`, `sc-20`, `sc-21`, `sc-22`, `sc-23`, `sc-39`, `si-3` Terms: `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-IAM-JIT` (formerly `KSI-IAM-04`) — Authorizing Just-in-Time +### `KSI-IAM-JIT` — Authorizing Just-in-Time -Use a least-privileged, role and attribute-based, and just-in-time security authorization model for all user and non-user accounts and services. +A least-privileged, role and attribute-based, and just-in-time security authorization model is used and persistently reviewed for all user and non-user accounts and services. Mapped Rev5 controls: `ac-2`, `ac-2.1`, `ac-2.2`, `ac-2.3`, `ac-2.4`, `ac-2.6`, `ac-3`, `ac-4`, `ac-5`, `ac-6`, `ac-6.1`, `ac-6.2`, `ac-6.5`, `ac-6.7`, `ac-6.9`, `ac-6.10`, `ac-7`, `ac-20.1`, `ac-17`, `au-9.4`, `cm-5`, `cm-7`, `cm-7.2`, `cm-7.5`, `cm-9`, `ia-4`, `ia-4.4`, `ia-7`, `ps-2`, `ps-3`, `ps-4`, `ps-5`, `ps-6`, `ps-9`, `ra-5.5`, `sc-2`, `sc-23`, `sc-39` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-IAM-MFA` (formerly `KSI-IAM-01`) — Enforcing Phishing-Resistant MFA - -Enforce multi-factor authentication (MFA) using methods that are difficult to intercept or impersonate (phishing-resistant MFA) for all user authentication. - -Mapped Rev5 controls: `ac-2`, `ia-2`, `ia-2.1`, `ia-2.2`, `ia-2.8`, `ia-5`, `ia-8`, `sc-23` +Terms: `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-IAM-SNU` (formerly `KSI-IAM-03`) — Securing Non-User Authentication +### `KSI-IAM-SNU` — Securing Non-User Authentication -Enforce appropriately secure authentication methods for non-user accounts and services. +Appropriately secure authentication methods are used and persistently reviewed for non-user accounts and services. Mapped Rev5 controls: `ac-2`, `ac-2.2`, `ac-4`, `ac-6.5`, `ia-3`, `ia-5.2`, `ra-5.5` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Terms: `Persistently` + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-IAM-SUS` (formerly `KSI-IAM-06`) — Responding to Suspicious Activity +### `KSI-IAM-SUS` — Responding to Suspicious Activity -Automatically disable or otherwise secure accounts with privileged access in response to suspicious activity. +Accounts with privileged access are disabled or otherwise secured in response to suspicious activity. Mapped Rev5 controls: `ac-2`, `ac-2.1`, `ac-2.3`, `ac-2.13`, `ac-7`, `ps-4`, `ps-8` Terms: `Vulnerability Response` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/incident-response.md b/src/content/docs/docs/fedramp/ksi/incident-response.md index 138b060..8379ddd 100644 --- a/src/content/docs/docs/fedramp/ksi/incident-response.md +++ b/src/content/docs/docs/fedramp/ksi/incident-response.md @@ -1,49 +1,45 @@ --- title: Incident Response — FedRAMP KSI Domain -description: Official FRMR-generated summary for the INR FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the INR FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Incident Response Domain code: `INR` · Domain ID: `KSI-INR` · Web slug: `incident-response` -## Theme - -A secure cloud service offering will document, report, and analyze security incidents to ensure regulatory compliance and continuous security improvement. - ## Indicators -### `KSI-INR-AAR` (formerly `KSI-INR-03`) — Generating After Action Reports +### `KSI-INR-AAR` — Generating After Action Reports -Generate incident after action reports and persistently incorporate lessons learned. +Incident after action reports are generated and lessons learned are persistently incorporated. Mapped Rev5 controls: `ir-3`, `ir-4`, `ir-4.1`, `ir-8` Terms: `Incident`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-INR-RIR` (formerly `KSI-INR-01`) — Reviewing Incident Response Procedures +### `KSI-INR-RIR` — Reviewing Incident Response Procedures -Persistently review the effectiveness of documented incident response procedures. +The effectiveness of documented incident response procedures is persistently reviewed. Mapped Rev5 controls: `ir-4`, `ir-4.1`, `ir-6`, `ir-6.1`, `ir-6.3`, `ir-7`, `ir-7.1`, `ir-8`, `ir-8.1`, `si-4.5` Terms: `Incident`, `Persistently`, `Vulnerability Response` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-INR-RPI` (formerly `KSI-INR-02`) — Reviewing Past Incidents +### `KSI-INR-RPI` — Reviewing Past Incidents -Persistently review past incidents for patterns or vulnerabilities. +Past incidents are persistently reviewed for patterns or vulnerabilities that were not previously apparent or identified. Mapped Rev5 controls: `ir-3`, `ir-4`, `ir-4.1`, `ir-5`, `ir-8` Terms: `Incident`, `Persistently`, `Vulnerability` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/monitoring-logging-and-auditing.md b/src/content/docs/docs/fedramp/ksi/monitoring-logging-and-auditing.md index 91ca0c7..41aa236 100644 --- a/src/content/docs/docs/fedramp/ksi/monitoring-logging-and-auditing.md +++ b/src/content/docs/docs/fedramp/ksi/monitoring-logging-and-auditing.md @@ -1,65 +1,68 @@ --- title: Monitoring, Logging, and Auditing — FedRAMP KSI Domain -description: Official FRMR-generated summary for the MLA FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the MLA FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Monitoring, Logging, and Auditing Domain code: `MLA` · Domain ID: `KSI-MLA` · Web slug: `monitoring-logging-and-auditing` -## Theme - -A secure cloud service offering will monitor, log, and audit all important events, activity, and changes. - ## Indicators -### `KSI-MLA-ALA` (formerly `KSI-MLA-08`) — Authorizing Log Access +### `KSI-MLA-ALA` — Authorizing Log Access +Varies by certification class: +- **Class B:** **Optional:** A least-privileged, role and attribute-based, and just-in-time access authorization model is used and persistently reviewed for access to log data based on organizationally defined data sensitivity. +- **Class C:** A least-privileged, role and attribute-based, and just-in-time access authorization model is used and persistently reviewed for access to log data based on organizationally defined data sensitivity. Mapped Rev5 controls: `si-11` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Terms: `Persistently` + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-MLA-EVC` (formerly `KSI-MLA-05`) — Evaluating Configurations +### `KSI-MLA-EVC` — Evaluating Configurations -Persistently evaluate and test the configuration of machine-based information resources, especially infrastructure as code. +The configuration of machine-based information resources, especially infrastructure as code, is persistently evaluated and tested. Mapped Rev5 controls: `ca-7`, `cm-2`, `cm-6`, `si-7.7` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-MLA-LET` (formerly `KSI-MLA-07`) — Logging Event Types +### `KSI-MLA-LET` — Logging Event Types -Maintain a list of information resources and event types that will be logged, monitored, and audited, then do so. +A list of information resources and event types that will be logged, monitored, and audited is maintained and persistently reviewed to ensure these activities occur. Mapped Rev5 controls: `ac-2.4`, `ac-6.9`, `ac-17.1`, `ac-20.1`, `au-2`, `au-7.1`, `au-12`, `si-4.4`, `si-4.5`, `si-7.7` -Terms: `Information Resource` +Terms: `Information Resource`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-MLA-OSM` (formerly `KSI-MLA-01`) — Operating SIEM Capability +### `KSI-MLA-OSM` — Operating SIEM Capability -Operate a Security Information and Event Management (SIEM) or similar system(s) for centralized, tamper-resistent logging of events, activities, and changes. +A Security Information and Event Management (SIEM) or similar system(s) is used and persistently reviewed for centralized, tamper-resistant logging of events, activities, and changes. Mapped Rev5 controls: `ac-17.1`, `ac-20.1`, `au-2`, `au-3`, `au-3.1`, `au-4`, `au-5`, `au-6.1`, `au-6.3`, `au-7`, `au-7.1`, `au-8`, `au-9`, `au-11`, `ir-4.1`, `si-4.2`, `si-4.4`, `si-7.7` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Terms: `Persistently` + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-MLA-RVL` (formerly `KSI-MLA-02`) — Reviewing Logs +### `KSI-MLA-RVL` — Reviewing Logs -Persistently review and audit logs. +Logs are persistently reviewed and audited. Mapped Rev5 controls: `ac-2.4`, `ac-6.9`, `au-2`, `au-6`, `au-6.1`, `si-4`, `si-4.4` Terms: `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/policy-and-inventory.md b/src/content/docs/docs/fedramp/ksi/policy-and-inventory.md index e2afaa0..833114d 100644 --- a/src/content/docs/docs/fedramp/ksi/policy-and-inventory.md +++ b/src/content/docs/docs/fedramp/ksi/policy-and-inventory.md @@ -1,67 +1,63 @@ --- title: Policy and Inventory — FedRAMP KSI Domain -description: Official FRMR-generated summary for the PIY FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the PIY FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Policy and Inventory Domain code: `PIY` · Domain ID: `KSI-PIY` · Web slug: `policy-and-inventory` -## Theme - -A secure cloud service offering will have intentional, organized, universal guidance for how every information resource, including personnel, is secured. - ## Indicators -### `KSI-PIY-GIV` (formerly `KSI-PIY-01`) — Generating Inventories +### `KSI-PIY-GIV` — Generating Inventories -Use authoritative sources to automatically generate real-time inventories of all information resources when needed. +Authoritative sources are used to automatically generate real-time inventories of all information resources when needed. Mapped Rev5 controls: `cm-2.2`, `cm-7.5`, `cm-8`, `cm-8.1`, `cm-12`, `cm-12.1`, `cp-2.8` Terms: `Information Resource` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-PIY-RES` (formerly `KSI-PIY-08`) — Reviewing Executive Support +### `KSI-PIY-RES` — Reviewing Executive Support -Persistently review executive support for achieving the organization's security objectives. +Executive support for achieving the provider's security goals is persistently reviewed and demonstrated. -Terms: `Persistently` +Terms: `Persistently`, `Provider` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-PIY-RIS` (formerly `KSI-PIY-06`) — Reviewing Investments in Security +### `KSI-PIY-RIS` — Reviewing Investments in Security -Persistently review the effectiveness of the organization's investments in achieving security objectives. +The effectiveness of the provider's investments in achieving security goals is persistently reviewed. Mapped Rev5 controls: `ac-5`, `ca-2`, `cp-2.1`, `cp-4.1`, `ir-3.2`, `pm-3`, `sa-2`, `sa-3`, `sr-2.1` -Terms: `Persistently` +Terms: `Persistently`, `Provider` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-PIY-RSD` (formerly `KSI-PIY-04`) — Reviewing Security in the SDLC +### `KSI-PIY-RSD` — Reviewing Security in the SDLC -Persistently review the effectiveness of building security and privacy considerations into the Software Development Lifecycle and aligning with CISA Secure By Design principles. +The effectiveness of building security and privacy considerations into the Software Development Lifecycle and aligning with CISA Secure By Design principles is persistently reviewed. Mapped Rev5 controls: `ac-5`, `au-3.3`, `cm-3.4`, `pl-8`, `pm-7`, `sa-3`, `sa-8`, `sc-4`, `sc-18`, `si-10`, `si-11`, `si-16` Terms: `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-PIY-RVD` (formerly `KSI-PIY-03`) — Reviewing Vulnerability Disclosures +### `KSI-PIY-RVD` — Reviewing Vulnerability Disclosures -Persistently review the effectiveness of the provider's vulnerability disclosure program. +The effectiveness of the provider's vulnerability disclosure program is persistently reviewed. Mapped Rev5 controls: `ra-5.11` -Terms: `Persistently`, `Vulnerability` +Terms: `Persistently`, `Provider`, `Vulnerability` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/recovery-planning.md b/src/content/docs/docs/fedramp/ksi/recovery-planning.md index b299fb2..ac70d00 100644 --- a/src/content/docs/docs/fedramp/ksi/recovery-planning.md +++ b/src/content/docs/docs/fedramp/ksi/recovery-planning.md @@ -1,59 +1,55 @@ --- title: Recovery Planning — FedRAMP KSI Domain -description: Official FRMR-generated summary for the RPL FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the RPL FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Recovery Planning Domain code: `RPL` · Domain ID: `KSI-RPL` · Web slug: `recovery-planning` -## Theme - -A secure cloud service offering will define, maintain, and test incident response plan(s) and recovery capabilities to ensure minimal service disruption and data loss during incidents and contingencies. - ## Indicators -### `KSI-RPL-ABO` (formerly `KSI-RPL-03`) — Aligning Backups with Objectives +### `KSI-RPL-ABO` — Aligning Backups with Objectives -Persistently review the alignment of machine-based information resource backups with defined recovery objectives. +The alignment of machine-based information resource backups with defined recovery objectives is persistently reviewed. Mapped Rev5 controls: `cm-2.3`, `cp-6`, `cp-9`, `cp-10`, `cp-10.2`, `si-12` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-RPL-ARP` (formerly `KSI-RPL-02`) — Aligning Recovery Plan +### `KSI-RPL-ARP` — Aligning Recovery Plan -Persistently review the alignment of recovery plans with defined recovery objectives. +The alignment of recovery plans with defined recovery objectives is persistently reviewed. Mapped Rev5 controls: `cp-2`, `cp-2.1`, `cp-2.3`, `cp-4.1`, `cp-6`, `cp-6.1`, `cp-6.3`, `cp-7`, `cp-7.1`, `cp-7.2`, `cp-7.3`, `cp-8`, `cp-8.1`, `cp-8.2`, `cp-10`, `cp-10.2` Terms: `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-RPL-RRO` (formerly `KSI-RPL-01`) — Reviewing Recovery Objectives +### `KSI-RPL-RRO` — Reviewing Recovery Objectives -Persistently review desired Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). +The desired Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) are defined and persistently reviewed for alignment with the provider's business needs and capabilities. Mapped Rev5 controls: `cp-2.3`, `cp-10` -Terms: `Persistently` +Terms: `Persistently`, `Provider` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-RPL-TRC` (formerly `KSI-RPL-04`) — Testing Recovery Capabilities +### `KSI-RPL-TRC` — Testing Recovery Capabilities -Persistently test the capability to recover from incidents and contingencies, including alignment with defined recovery objectives. +The capability to recover from incidents and contingencies aligned with defined recovery objectives is persistently tested. Mapped Rev5 controls: `cp-2.1`, `cp-2.3`, `cp-4`, `cp-4.1`, `cp-6`, `cp-6.1`, `cp-9.1`, `cp-10`, `ir-3`, `ir-3.2` Terms: `Incident`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/service-configuration.md b/src/content/docs/docs/fedramp/ksi/service-configuration.md index 3b077b6..319c692 100644 --- a/src/content/docs/docs/fedramp/ksi/service-configuration.md +++ b/src/content/docs/docs/fedramp/ksi/service-configuration.md @@ -1,97 +1,102 @@ --- title: Service Configuration — FedRAMP KSI Domain -description: Official FRMR-generated summary for the SVC FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the SVC FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Service Configuration Domain code: `SVC` · Domain ID: `KSI-SVC` · Web slug: `service-configuration` -## Theme - -A secure cloud service offering will follow FedRAMP encryption policies, continuously verify information resource integrity, and restrict access to third-party information resources. - ## Indicators -### `KSI-SVC-ACM` (formerly `KSI-SVC-04`) — Automating Configuration Management +### `KSI-SVC-ACM` — Automating Configuration Management -Manage configuration of machine-based information resources using automation. +The configuration of machine-based information resources is managed using automation and persistently reviewed for drift. Mapped Rev5 controls: `ac-2.4`, `cm-2`, `cm-2.2`, `cm-2.3`, `cm-6`, `cm-7.1`, `pl-9`, `pl-10`, `sa-5`, `si-5`, `sr-10` -Terms: `Information Resource`, `Machine-Based (information resources)` +Terms: `Drift`, `Information Resource`, `Machine-Based (Information Resources)`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-ASM` (formerly `KSI-SVC-06`) — Automating Secret Management +### `KSI-SVC-ASM` — Automating Secret Management -Automate management, protection, and regular rotation of digital keys, certificates, and other secrets. +Management, protection, and regular rotation of digital keys, certificates, and other secrets is automated and persistently reviewed. Mapped Rev5 controls: `ac-17.2`, `ia-5.2`, `ia-5.6`, `sc-12`, `sc-17` -Terms: `Regularly` +Terms: `Persistently`, `Regularly` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-EIS` (formerly `KSI-SVC-01`) — Evaluating and Improving Security +### `KSI-SVC-EIS` — Evaluating and Improving Security -Implement improvements based on persistent evaluation of information resources for opportunities to improve security. +Information resources are persistently evaluated for opportunities to improve security and those improvements are persistently made. Mapped Rev5 controls: `cm-7.1`, `cm-12.1`, `ma-2`, `pl-8`, `sc-7`, `sc-39`, `si-2.2`, `si-4`, `sr-10` Terms: `Information Resource`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-PRR` (formerly `KSI-SVC-08`) — Preventing Residual Risk +### `KSI-SVC-PRR` — Preventing Residual Risk +Varies by certification class: +- **Class B:** **Optional:** Plans, procedures, and the state of information resources are persistently reviewed after making changes to limit and remove unwanted residual elements that would likely negatively affect the confidentiality, integrity, or availability of federal customer data. +- **Class C:** Plans, procedures, and the state of information resources are persistently reviewed after making changes to limit and remove unwanted residual elements that would likely negatively affect the confidentiality, integrity, or availability of federal customer data. Mapped Rev5 controls: `sc-4` Terms: `Federal Customer Data`, `Information Resource`, `Likely`, `Persistently` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-RUD` (formerly `KSI-SVC-10`) — Removing Unwanted Data +### `KSI-SVC-RUD` — Removing Unwanted Data +Varies by certification class: +- **Class B:** **Optional:** Unwanted federal customer data is removed promptly when requested by an agency in alignment with customer agreements, including from backups if appropriate; this typically applies when a customer spills information or when a customer seeks to remove information from a service due to a change in usage. +- **Class C:** Unwanted federal customer data is removed promptly when requested by an agency in alignment with customer agreements, including from backups if appropriate; this typically applies when a customer spills information or when a customer seeks to remove information from a service due to a change in usage. Mapped Rev5 controls: `si-12.3`, `si-18.4` Terms: `Agency`, `Federal Customer Data`, `Promptly` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-SNT` (formerly `KSI-SVC-02`) — Securing Network Traffic +### `KSI-SVC-SIN` — Securing Information -Encrypt or otherwise secure network traffic. +Information is encrypted or otherwise secured from unwanted access or modification. -Mapped Rev5 controls: `ac-1`, `ac-17.2`, `cp-9.8`, `sc-8`, `sc-8.1`, `sc-13`, `sc-20`, `sc-21`, `sc-22`, `sc-23` +Mapped Rev5 controls: `ac-1`, `ac-17.2`, `cp-9.8`, `sc-8`, `sc-8.1`, `sc-13`, `sc-20`, `sc-21`, `sc-22`, `sc-23`, `sc-28`, `sc-28.1` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-VCM` (formerly `KSI-SVC-09`) — Validating Communications +### `KSI-SVC-VCM` — Validating Communications +Varies by certification class: +- **Class B:** **Optional:** The authenticity and integrity of communications between machine-based information resources is persistently validated using automation. +- **Class C:** The authenticity and integrity of communications between machine-based information resources is persistently validated using automation. Mapped Rev5 controls: `sc-23`, `si-7.1` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistent Validation`, `Persistently` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently`, `Validation` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SVC-VRI` (formerly `KSI-SVC-05`) — Validating Resource Integrity +### `KSI-SVC-VRI` — Validating Resource Integrity Use cryptographic methods to validate the integrity of machine-based information resources. Mapped Rev5 controls: `cm-2.2`, `cm-8.3`, `sc-13`, `sc-23`, `si-7`, `si-7.1`, `sr-10` -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistent Validation` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Validation` -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksi/supply-chain-risk.md b/src/content/docs/docs/fedramp/ksi/supply-chain-risk.md index 122fe92..2401657 100644 --- a/src/content/docs/docs/fedramp/ksi/supply-chain-risk.md +++ b/src/content/docs/docs/fedramp/ksi/supply-chain-risk.md @@ -1,24 +1,20 @@ --- title: Supply Chain Risk — FedRAMP KSI Domain -description: Official FRMR-generated summary for the SCR FedRAMP key security indicator domain. +description: Official Consolidated Rules summary for the SCR FedRAMP key security indicator domain. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Supply Chain Risk Domain code: `SCR` · Domain ID: `KSI-SCR` · Web slug: `supply-chain-risk` -## Theme - -A secure cloud service offering will understand, monitor, and manage supply chain risks from third-party information resources. - ## Indicators -### `KSI-SCR-MIT` (formerly `KSI-TPR-03`) — Mitigating Supply Chain Risk +### `KSI-SCR-MIT` — Mitigating Supply Chain Risk Persistently identify, review, and mitigate potential supply chain risks. @@ -26,14 +22,14 @@ Mapped Rev5 controls: `ac-20`, `ra-3.1`, `sa-9`, `sa-10`, `sa-11`, `sa-15.3`, `s Terms: `Persistently` -Recent update: 2026-02-04 — Renamed theme to Supply Chain Risk; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `KSI-SCR-MON` (formerly `KSI-TPR-04`) — Monitoring Supply Chain Risk +### `KSI-SCR-MON` — Monitoring Supply Chain Risk -Automatically monitor third party software information resources for upstream vulnerabilities using mechanisms that may include contractual notification requirements or active monitoring services. +Third party software information resources are automatically monitored for upstream vulnerabilities using mechanisms that may include contractual notification requirements or active monitoring services. Mapped Rev5 controls: `ac-20`, `ca-3`, `ir-6.3`, `ps-7`, `ra-5`, `sa-9`, `si-5`, `sr-5`, `sr-6`, `sr-8` Terms: `Information Resource`, `Vulnerability` -Recent update: 2026-02-09 — Renamed from incorrect KSI-RSC-MON to KSI-SCR-MON; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/ksis.md b/src/content/docs/docs/fedramp/ksis.md index 8edbb99..937754a 100644 --- a/src/content/docs/docs/fedramp/ksis.md +++ b/src/content/docs/docs/fedramp/ksis.md @@ -1,20 +1,19 @@ --- title: FedRAMP KSI Domains -description: Browse official FRMR-generated FedRAMP key security indicator domains and indicator summaries. +description: Browse official Consolidated Rules key security indicator domains and indicator summaries. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # FedRAMP KSI Domains -- [Authorization by FedRAMP](/docs/fedramp/ksi/authorization-by-fedramp/) — `AFR` · 10 indicators -- [Cybersecurity Education](/docs/fedramp/ksi/cybersecurity-education/) — `CED` · 4 indicators +- [Cybersecurity Education](/docs/fedramp/ksi/cybersecurity-education/) — `CED` · 1 indicator - [Change Management](/docs/fedramp/ksi/change-management/) — `CMT` · 4 indicators - [Cloud Native Architecture](/docs/fedramp/ksi/cloud-native-architecture/) — `CNA` · 8 indicators -- [Identity and Access Management](/docs/fedramp/ksi/identity-and-access-management/) — `IAM` · 7 indicators +- [Identity and Access Management](/docs/fedramp/ksi/identity-and-access-management/) — `IAM` · 6 indicators - [Incident Response](/docs/fedramp/ksi/incident-response/) — `INR` · 3 indicators - [Monitoring, Logging, and Auditing](/docs/fedramp/ksi/monitoring-logging-and-auditing/) — `MLA` · 5 indicators - [Policy and Inventory](/docs/fedramp/ksi/policy-and-inventory/) — `PIY` · 5 indicators diff --git a/src/content/docs/docs/fedramp/processes.md b/src/content/docs/docs/fedramp/processes.md index 577867e..2c8cb4a 100644 --- a/src/content/docs/docs/fedramp/processes.md +++ b/src/content/docs/docs/fedramp/processes.md @@ -1,23 +1,29 @@ --- title: FedRAMP Processes -description: Browse official FRMR-generated FedRAMP process documents such as ADS, PVA, SCG, VDR, and CCM. +description: Browse official Consolidated Rules process documents such as CDS, IVV, SCG, VDR, and CCM. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # FedRAMP Processes -- [Authorization Data Sharing](/docs/fedramp/processes/authorization-data-sharing/) — `ADS` · applies to `both`, `20x`, `rev5` · requirements: `both 15`, `20x 1`, `rev5 4` -- [Collaborative Continuous Monitoring](/docs/fedramp/processes/collaborative-continuous-monitoring/) — `CCM` · applies to `both` · requirements: `both 24`, `20x 0`, `rev5 0` -- [FedRAMP Security Inbox](/docs/fedramp/processes/fedramp-security-inbox/) — `FSI` · applies to `both` · requirements: `both 16`, `20x 0`, `rev5 0` -- [Incident Communications Procedures](/docs/fedramp/processes/incident-communications-procedures/) — `ICP` · applies to `20x` · requirements: `both 0`, `20x 9`, `rev5 0` -- [Key Security Indicators](/docs/fedramp/processes/key-security-indicators/) — `KSI` · applies to `20x` · requirements: `both 0`, `20x 3`, `rev5 0` +- [Addressing FedRAMP Communication](/docs/fedramp/processes/addressing-fedramp-communication/) — `AFC` · applies to `both` · requirements: `both 16`, `20x 0`, `rev5 0` +- [Agency Use of FedRAMP Certified Cloud Services](/docs/fedramp/processes/agency-use/) — `AGU` · applies to `both` · requirements: `both 20`, `20x 0`, `rev5 0` +- [Collaborative Continuous Monitoring](/docs/fedramp/processes/collaborative-continuous-monitoring/) — `CCM` · applies to `both` · requirements: `both 21`, `20x 0`, `rev5 0` +- [Certification Data Sharing](/docs/fedramp/processes/certification-data-sharing/) — `CDS` · applies to `both`, `rev5` · requirements: `both 20`, `20x 0`, `rev5 1` +- [Cryptographic Module Use](/docs/fedramp/processes/cryptographic-module-use/) — `CMU` · applies to `both` · requirements: `both 3`, `20x 0`, `rev5 0` +- [Certification Package Overview](/docs/fedramp/processes/certification-package-overview/) — `CPO` · applies to `both`, `20x`, `rev5` · requirements: `both 2`, `20x 1`, `rev5 1` +- [FedRAMP Certification](/docs/fedramp/processes/fedramp-certification/) — `FRC` · applies to `both`, `20x`, `rev5` · requirements: `both 21`, `20x 4`, `rev5 4` +- [Incident Evaluation and Communication](/docs/fedramp/processes/incident-evaluation-and-communication/) — `IEC` · applies to `both` · requirements: `both 8`, `20x 0`, `rev5 0` +- [Independent Verification and Validation](/docs/fedramp/processes/independent-verification-and-validation/) — `IVV` · applies to `both`, `20x`, `rev5` · requirements: `both 15`, `20x 1`, `rev5 4` - [Minimum Assessment Scope](/docs/fedramp/processes/minimum-assessment-scope/) — `MAS` · applies to `both` · requirements: `both 5`, `20x 0`, `rev5 0` -- [Persistent Validation and Assessment](/docs/fedramp/processes/persistent-validation-and-assessment/) — `PVA` · applies to `20x` · requirements: `both 0`, `20x 18`, `rev5 0` +- [Marketplace Listing](/docs/fedramp/processes/marketplace-listing/) — `MKT` · applies to `both` · requirements: `both 12`, `20x 0`, `rev5 0` +- [FedRAMP Recognition of Independent Assessment Services](/docs/fedramp/processes/fedramp-recognition/) — `REC` · applies to `both` · requirements: `both 16`, `20x 0`, `rev5 0` - [Secure Configuration Guide](/docs/fedramp/processes/secure-configuration-guide/) — `SCG` · applies to `both` · requirements: `both 9`, `20x 0`, `rev5 0` -- [Significant Change Notifications](/docs/fedramp/processes/significant-change-notifications/) — `SCN` · applies to `both` · requirements: `both 17`, `20x 0`, `rev5 0` -- [Using Cryptographic Modules](/docs/fedramp/processes/using-cryptographic-modules/) — `UCM` · applies to `20x` · requirements: `both 0`, `20x 3`, `rev5 0` -- [Vulnerability Detection and Response](/docs/fedramp/processes/vulnerability-detection-and-response/) — `VDR` · applies to `both` · requirements: `both 39`, `20x 0`, `rev5 0` +- [Significant Change Notification](/docs/fedramp/processes/significant-change-notification/) — `SCN` · applies to `both` · requirements: `both 17`, `20x 0`, `rev5 0` +- [Security Decision Record](/docs/fedramp/processes/security-decision-record/) — `SDR` · applies to `both`, `20x`, `rev5` · requirements: `both 2`, `20x 2`, `rev5 1` +- [Vulnerability Detection and Response](/docs/fedramp/processes/vulnerability-detection-and-response/) — `VDR` · applies to `both`, `20x`, `rev5` · requirements: `both 16`, `20x 1`, `rev5 1` +- [Vulnerability Evaluation and Reporting](/docs/fedramp/processes/vulnerability-evaluation-and-reporting/) — `VER` · applies to `both` · requirements: `both 25`, `20x 0`, `rev5 0` diff --git a/src/content/docs/docs/fedramp/processes/addressing-fedramp-communication.md b/src/content/docs/docs/fedramp/processes/addressing-fedramp-communication.md new file mode 100644 index 0000000..c5e8012 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/addressing-fedramp-communication.md @@ -0,0 +1,225 @@ +--- +title: Addressing FedRAMP Communication — FedRAMP Process +description: Official Consolidated Rules summary for the AFC FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Addressing FedRAMP Communication + +Short name: `AFC` · Process ID: `AFC` · Web slug: `addressing-fedramp-communication` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/addressing-fedramp-communication/](https://www.fedramp.gov/2026/reference/addressing-fedramp-communication/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-01-05 · grace through 2026-07-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2026-01-05 · grace through 2026-07-01 +- Shared requirements: 16 + +## Purpose + +The Addressing FedRAMP Communication rules (formerly FedRAMP Security Inbox) ensure FedRAMP can reliably contact the security and compliance staff responsible for every FedRAMP-authorized cloud service offering. These rules also set expectations for urgent communications, response time testing, and routing important messages separately from general support or customer service channels. + +## Rule Subsets + +- `CSO` — General Provider Responsibilities: These rules apply to providers with any type of FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D +- `FRP` — FedRAMP Responsibilities: These rules apply to FedRAMP when communicating with cloud service providers. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `AFC-CSO-ACK` SHOULD — Acknowledge Receipt + +Providers SHOULD promptly and automatically acknowledge the receipt of messages received from FedRAMP in their FedRAMP Security Inbox. + +Terms: `FedRAMP Security Inbox`, `Promptly`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-CRA` MUST — Complete Required Actions + +Providers MUST complete the required actions in Emergency or Emergency Test designated messages sent by FedRAMP within the timeframe included in the message. + +Terms: `Certification Class`, `Provider` + +Affects: Providers + +Note: Timeframes may vary by FedRAMP Certification class. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-EMR` MUST — Emergency Message Routing + +Providers MUST route Emergency designated messages sent by FedRAMP to a senior security official for their awareness. + +Terms: `Provider` + +Affects: Providers + +Note: Senior security officials are determined by the provider. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-IMA` SHOULD — Important Message Actions + +Providers SHOULD complete the required actions in Important designated messages sent by FedRAMP within the timeframe specified in the message. + +Terms: `Certification Class`, `Provider` + +Affects: Providers + +Note: Timeframes may vary by FedRAMP Certification class. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-INB` MUST — Maintain a FedRAMP Security Inbox + +Providers MUST establish and maintain an email address to receive messages from FedRAMP; this inbox is a FedRAMP Security Inbox (FSI). + +Terms: `FedRAMP Security Inbox`, `Provider` + +Affects: Providers + +Note: Unless otherwise notified, FedRAMP will use the listed Security Email on the Marketplace for these notifications. +If a provider establishes a new inbox in reaction to this guidance that is different from the Security Email then they must follow the AFC-CSO-NOC (Notification of Changes) rules to notify FedRAMP. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-NOC` MUST — Notification of Changes + +Providers MUST immediately notify FedRAMP of any changes to the email address for their FedRAMP Security Inbox. + +Terms: `FedRAMP Security Inbox`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-RCV` MUST — Receive Email Without Disruption + +Providers MUST receive and react to email messages from FedRAMP without disruption and without requiring additional actions from FedRAMP. + +Terms: `Provider` + +Affects: Providers + +Note: This requirement is intended to prevent cloud service providers from requiring FedRAMP to complete a CAPTCHA, log into a customer portal, or otherwise take service-specific actions that might prevent the security team from receiving the message. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-CSO-TFG` MUST — Trust @fedramp.gov and @gsa.gov + +Providers MUST treat any email originating from an @fedramp.gov or @gsa.gov email address as if it was sent from FedRAMP by default; if such a message is confirmed to originate from someone other than FedRAMP then the FedRAMP Security Inbox rules no longer apply. + +Terms: `FedRAMP Security Inbox`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-CDS` MUST — Criticality Designators + +FedRAMP MUST convey the criticality of the message in the subject line, IF the message requires an elevated reaction, using one of the following designators: + +Checklist items: +- **Emergency:** There is a potential incident or crisis such that FedRAMP requires an extremely urgent reaction; emergency messages will contain aggressive timeframes for reaction and failure to meet these timeframes will result in corrective action. +- **Emergency Test:** FedRAMP requires an extremely urgent reaction to confirm the functionality and effectiveness of the FedRAMP Security Inbox; emergency test messages will contain aggressive timeframes for reaction and failure to meet these timeframes will result in corrective action. +- **Important:** There is an important issue that FedRAMP requires the cloud service provider to address; important messages will contain reasonable timeframes for reaction and failure to meet these timeframes may result in corrective action. + +Terms: `FedRAMP Security Inbox`, `Incident`, `Provider` + +Affects: FedRAMP + +Note: Messages sent by FedRAMP without one of these designators are considered general communications and do not require an elevated reaction; these may be resolved in the normal course of business by the cloud service provider. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-COR` MUST — Explain Corrective Actions + +FedRAMP MUST clearly specify the corrective actions that will result from failure to complete the required actions in the body of messages that require an elevated reaction; such actions may vary from negative ratings in the FedRAMP Marketplace to suspension of FedRAMP Certification depending on the severity of the event. + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-ERT` MUST — Elevated Reaction Timeframes + +FedRAMP MUST clearly specify the expected timeframe for completing required actions in the body of messages that require an elevated reaction; timeframes for actions will vary depending on the situation but the default timeframes to provide an estimated resolution time for Emergency and Emergency Test designated messages will be as follows: + +Checklist items: +- **Class D:** within 12 hours +- **Class C:** by 3:00 p.m. Eastern Time on the 2nd business day +- **Class B:** by 3:00 p.m. Eastern Time on the 3rd business day +- **Class A:** by 3:00 p.m. Eastern Time on the 5th business day + +Terms: `Debilitating Customer Effect`, `FedRAMP Certified`, `Provider` + +Affects: FedRAMP + +Note: FedRAMP Class D Certified cloud service providers are expected to address Emergency messages (including tests) from FedRAMP with a reaction time appropriate to operating a service where failure to react rapidly might have a severe or debilitating customer effect on the U.S. Government; some Emergency messages may require faster reaction and all such messages should be addressed as quickly as possible. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-PNT` MUST — Public Notice of Emergency Tests + +FedRAMP MUST post a public notice at least 10 business days in advance of sending an Emergency Test message; such notices MUST include explanation of the likely expected actions and timeframes for the Emergency Test message. + +Terms: `Likely` + +Affects: FedRAMP + +Structured timeframe: `10` bizdays + +Note: Public notice may include blog posts, social media posts, announcements during Community Updates, or e-blasts. +As this process matures, additional confirmed options may become available. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-RPM` MAY — Reaction Metrics + +FedRAMP MAY track and publicly share the time required by cloud service providers to take the actions specified in messages that require an elevated reaction. + +Terms: `Provider` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-RQA` MUST — Required Actions + +FedRAMP MUST clearly specify the required actions in the body of messages that require an elevated reaction. + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-UFS` MUST — Use FedRAMP_Security Email in Emergencies + +FedRAMP MUST send Emergency and Emergency Test designated messages from fedramp_security@gsa.gov OR fedramp_security@fedramp.gov. + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AFC-FRP-VRE` MUST — Verified Emails + +FedRAMP MUST send messages to cloud service providers using an official @fedramp.gov or @gsa.gov email address with properly configured Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) email authentication. + +Terms: `Provider` + +Affects: FedRAMP + +Note: Anyone at GSA can send email from @fedramp.gov or @gsa.gov - FedRAMP team members will typically have "FedRAMP" or "F20B" in their name but this is not universal or enforceable. The nature of government enterprise IT services makes it difficult for FedRAMP to isolate FedRAMP-specific team members with enforceable identifiers. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/agency-use.md b/src/content/docs/docs/fedramp/processes/agency-use.md new file mode 100644 index 0000000..b6bcbe7 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/agency-use.md @@ -0,0 +1,261 @@ +--- +title: Agency Use of FedRAMP Certified Cloud Services — FedRAMP Process +description: Official Consolidated Rules summary for the AGU FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Agency Use of FedRAMP Certified Cloud Services + +Short name: `AGU` · Process ID: `AGU` · Web slug: `agency-use` + +Applies to: `both` +Status: `placeholder` + + +Official page: [https://www.fedramp.gov/2026/reference/agency-use/](https://www.fedramp.gov/2026/reference/agency-use/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2026-07-04 +- Rev5: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2026-07-04 +- Shared requirements: 20 + +## Purpose + +The Agency Use rules summarize the many demands made on agencies by the FedRAMP Authorization Act and OMB Memorandum M-24-15 in a simple, clear, easy-to-follow set of FedRAMP-style rules. These rules align agency policies, authorization letters, machine-readable tools, secure configuration review, continuous monitoring, and communication with FedRAMP so certifications can be reused consistently across government. + +## Rule Subsets + +- `AGC` — General Agency Responsibilities: These rules apply to agencies based on the FedRAMP Authorization Act, OMB M-24-15, and related FedRAMP policies. · types: 20x, Rev5 · classes: A, B, C, D +- `SPN` — Agency Sponsored Certifications: These rules apply when an agency sponsors a FedRAMP Rev5 Certification after completing an agency authorization. · types: Rev5 · classes: B, C, D +- `USE` — Use of FedRAMP Certifications: These rules apply when agencies use FedRAMP Certifications to make agency authorization decisions. · types: 20x, Rev5 · classes: A, B, C, D + +## Requirements and Recommendations + +## BOTH + +### `AGU-AGC-AIP` MUST — Agency Internal Policies + +Agencies MUST maintain agency-wide policy that aligns with the requirements in OMB Memorandum M-24-15. + +Terms: `Agency` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-GRC` MUST — Governance, Risk, and Compliance Tools + +Agencies MUST ensure that internal governance, risk, compliance, and inventory tools can produce and ingest machine-readable artifacts using formats identified by FedRAMP, including at least: + +Checklist items: +- Open Security Controls Assessment Language (OSCAL) +- JSON + +Terms: `Agency`, `Artifacts`, `Machine-Readable` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-LIA` SHOULD — Agency Liaison Program + +Agencies SHOULD assign at least 1 federal employee to be an active participant in the FedRAMP Agency Liaison program. + +Terms: `Agency` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-NAA` MUST — Notify FedRAMP After Authorization + +Agencies MUST notify FedRAMP upon authorizing the use of a cloud service within the scope of FedRAMP, supplying at least the following information: + +Checklist items: +- A copy of the agency's Authorization to Operate letter for the information system leveraging the cloud service, following agency policy and templates. +- All other supplemental information requested in the Submit an ATO Letter form by FedRAMP. + +Terms: `Agency` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-NAI` MUST — Notify Additional Information Requests + +Agencies MUST notify FedRAMP after requesting any additional information or materials from a FedRAMP Certified cloud service offering beyond those required by FedRAMP. + +Terms: `Agency`, `Cloud Service Offering`, `FedRAMP Certified` + +Affects: Agencies + +Note: Agencies are expected to notify FedRAMP under OMB Memorandum M-24-15 section IV (a). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-NAR` MUST NOT — No Additional Security Requirements + +Agencies MUST NOT require additional information or materials from FedRAMP Certified cloud service offerings beyond those required by FedRAMP UNLESS the head of the agency or an authorized delegate determines there is a demonstrable need and notifies FedRAMP; this does not apply to seeking clarification or asking general questions about FedRAMP Certification Data. + +Terms: `Agency`, `Certification Data`, `Cloud Service Offering`, `FedRAMP Certified` + +Affects: Agencies + +Note: This is related to the Presumption of Adequacy for a FedRAMP Certification and notification is mandated by OMB Memorandum M-24-15 section IV (a). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-SIN` SHOULD — Shared FedRAMP Inbox + +Agencies SHOULD establish and maintain a dedicated shared FedRAMP agency inbox to serve as the official point of contact for communications between FedRAMP and the agency. + +Terms: `Agency` + +Affects: Agencies + +Note: A shared FedRAMP agency inbox may follow an agency-specific format such as agency-fedramp@agency.gov. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-TPP` MUST NOT — No Certification Type or Path Preferences + +Agencies MUST NOT require cloud service offerings to obtain or maintain a specific FedRAMP Certification Type or FedRAMP Certification Path, UNLESS the head of the agency or an authorized delegate determines there is a demonstrable need and notifies FedRAMP. + +Terms: `Agency`, `Certification Path`, `Certification Type`, `Cloud Service Offering`, `FedRAMP Certified` + +Affects: Agencies + +Note: This is related to the Presumption of Adequacy for a FedRAMP Certification and notification is mandated by OMB Memorandum M-24-15 section IV (a). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-AGC-WKG` SHOULD — FedRAMP Working Groups + +Agencies SHOULD participate in FedRAMP working groups, communities of practice, and stakeholder engagements to supply feedback and align practices across government. + +Terms: `Agency` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-SPN-MRC` MUST — Most Recent Consolidated Rules + +Agencies MUST follow the most recent FedRAMP Consolidated Rules when initiating agency-sponsored FedRAMP Certification. + +Terms: `Agency` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-ABU` MUST — Authorization Before Use + +Agencies MUST complete the Authorization to Operate process for federal information systems that use FedRAMP Certified cloud service offerings. + +Terms: `Agency`, `Cloud Service Offering`, `FedRAMP Certified` + +Affects: Agencies + +Note: FedRAMP provides technical assistance to help agencies navigate this process. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-AFR` MUST — Accept FedRAMP Rules + +Agencies MUST allow FedRAMP Certified cloud service offerings to follow FedRAMP rules. + +Terms: `Agency`, `Cloud Service Offering`, `FedRAMP Certified` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-CLA` SHOULD NOT — Using FedRAMP Class A Certifications + +Agencies SHOULD NOT authorize the use of a FedRAMP Class A Certified cloud service offering for more than 12 months UNLESS the cloud service offering is actively seeking a FedRAMP Class B, C, or D Certification. + +Terms: `Agency`, `Cloud Service Offering`, `FedRAMP Certified` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-DSO` SHOULD — Designate Senior Official + +Agencies SHOULD designate a federal senior information security official to review Ongoing Certification Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems. + +Terms: `Agency`, `Cloud Service Offering`, `Ongoing Certification`, `Quarterly Review` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-NFC` MUST — Notify FedRAMP of Monitoring Concerns + +Agencies MUST notify FedRAMP if information presented in an Ongoing Certification Report, Quarterly Review, or other FedRAMP Certification Data causes significant concerns for the authorizing official that would likely result in rescission of their Authorization to Operate. + +Terms: `Agency`, `Certification Data`, `FedRAMP Certification Report`, `Likely`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Quarterly Review` + +Affects: Agencies + +Note: Agencies are expected to notify FedRAMP under OMB Memorandum M-24-15 section IV (a). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-NPC` SHOULD — Notify Provider of Concerns + +Agencies SHOULD formally notify the cloud service provider if information presented in an Ongoing Certification Report, Quarterly Review, or other FedRAMP Certification Data causes significant concerns for the authorizing official that would likely result in rescission of their Authorization to Operate. + +Terms: `Agency`, `Certification Data`, `FedRAMP Certification Report`, `Likely`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider`, `Quarterly Review` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-RCF` MUST — Resolve Certification Package Conflicts + +Agencies MUST collaborate with FedRAMP when discrepancies or conflicts arise between agency-specific security determinations and the FedRAMP Certification Package. + +Terms: `Agency`, `Certification Package` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-RIR` SHOULD — Review All Information Resources + +Agencies SHOULD consider third-party information resources used by the cloud service offering during initial and ongoing authorization activities. + +Terms: `Agency`, `Cloud Service Offering`, `Information Resource`, `Third-Party Information Resource` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-ROR` SHOULD — Review Ongoing Certification Reports + +Agencies SHOULD review each Ongoing Certification Report to understand how changes to the cloud service offering may impact the risk tolerance documented in the agency Authorization to Operate for the federal information system that includes the cloud service offering in its boundary. + +Terms: `Agency`, `Cloud Service Offering`, `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)` + +Affects: Agencies + +Note: This agency review supports agency responsibilities under 44 USC § 35, OMB Circular A-130, FIPS-200, and OMB Memorandum M-24-15. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `AGU-USE-RSG` MUST — Review Secure Configuration Guides + +Agencies MUST review the Secure Configuration Guides supplied by Providers and configure relevant security settings. + +Terms: `Agency`, `Provider` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/authorization-data-sharing.md b/src/content/docs/docs/fedramp/processes/authorization-data-sharing.md deleted file mode 100644 index a18085d..0000000 --- a/src/content/docs/docs/fedramp/processes/authorization-data-sharing.md +++ /dev/null @@ -1,254 +0,0 @@ ---- -title: Authorization Data Sharing — FedRAMP Process -description: Official FRMR-generated summary for the ADS FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Authorization Data Sharing - -Short name: `ADS` · Process ID: `ADS` · Web slug: `authorization-data-sharing` - -Applies to: `both`, `20x`, `rev5` - -Official page: [https://fedramp.gov/docs/20x/authorization-data-sharing](https://fedramp.gov/docs/20x/authorization-data-sharing) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: optional · Open Beta -- Shared requirements: 15 - -## Requirements and Recommendations - -## BOTH - -### `ADS-CSO-CBF` (formerly `FRR-ADS-02`) MUST — Consistency Between Formats - -Providers MUST use automation to ensure information remains consistent between human-readable and machine-readable formats when authorization data is provided in both formats. - -Terms: `Authorization data`, `Machine-Readable` - -Affects: Providers - -Recent update: 2026-02-04 — Simplified statement; removed italics and changed the ID as part of new standardization in v0.9.0-beta. - -### `ADS-CSO-HAD` (formerly `FRR-ADS-09`) MUST — Historical Authorization Data - -Providers MUST make historical versions of authorization data available for three years to all necessary parties UNLESS otherwise specified by applicable FedRAMP requirements; deltas between versions MAY be consolidated quarterly. - -Terms: `All Necessary Parties`, `Authorization data` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-CSO-PUB` (formerly `FRR-ADS-01`) MUST — Public Information - -Providers MUST publicly share up-to-date information about the cloud service offering in both human-readable and machine-readable formats, including at least: - -Checklist items: -- Direct link to the FedRAMP Marketplace for the offering -- Service Model -- Deployment Model -- Business Category -- UEI Number -- Contact Information -- Overall Service Description -- Detailed list of specific services and their security objectives (see ADS-CSO-SVC) -- Summary of customer responsibilities and secure configuration guidance (if applicable, see the FedRAMP Secure Configuration Guide process) -- Process for accessing information in the trust center (if applicable) -- Availability status and recent disruptions for the trust center (if applicable) -- Customer support information for the trust center (if applicable) -- Next Ongoing Authorization Report date (see CCM-OAR-NRD) - -Terms: `Cloud Service Offering`, `Machine-Readable`, `Ongoing Authorization Report (OAR)`, `Trust Center` - -Affects: Providers - -Note: Generally, this information should be available on a public webpage. - -Recent update: 2026-02-04 — Added requirements from other processes; removed italics and changed the ID as part of new standardization in v0.9.0-beta. - -### `ADS-CSO-RIS` (formerly `FRR-ADS-05`) MUST — Responsible Information Sharing - -Providers MUST provide sufficient information in authorization data to support authorization decisions but SHOULD NOT include sensitive information that would likely enable a threat actor to gain unauthorized access, cause harm, disrupt operations, or otherwise have a negative adverse impact on the cloud service offering. - -Terms: `Authorization data`, `Cloud Service Offering`, `Likely` - -Affects: Providers - -Note: This is not a license to exclude accurate risk information, but specifics that would likely lead to compromise should be abstracted. A breach of confidentiality with authorization data should be anticipated by a secure cloud service provider. - -Recent update: 2026-02-04 — Added technical assistance; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-CSO-SVC` (formerly `FRR-ADS-03`) MUST — Service List - -Providers MUST publicly share a detailed list of specific services and their security objectives that are included in the cloud service offering using clear feature or service names that align with standard public marketing materials; this list MUST be complete enough for a potential customer to determine which services are and are not included in the FedRAMP Minimum Assessment Scope without requesting access to underlying authorization data. - -Terms: `Authorization data`, `Cloud Service Offering` - -Affects: Providers - -Recent update: 2026-02-04 — Changed impact levels to security objectives; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-AAI` (formerly `FRR-ADS-TC-05`) MUST — Agency Access Inventory - -Trust centers MUST maintain an inventory and history of federal agency users or systems with access to authorization data and MUST make this information available to FedRAMP without interruption. - -Terms: `Agency`, `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-ACL` (formerly `FRR-ADS-TC-06`) MUST — Access Logging - -Trust centers MUST log access to authorization data and store summaries of access for at least six months; such information, as it pertains to specific parties, SHOULD be made available upon request by those parties. - -Terms: `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-HMR` (formerly `FRR-ADS-TC-02`) SHOULD — Human and Machine-Readable - -Trust centers SHOULD make authorization data available to view and download in both human-readable and machine-readable formats. - -Terms: `Authorization data`, `Machine-Readable`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-PAC` (formerly `FRR-ADS-TC-03`) MUST — Programmatic Access - -Trust centers MUST provide documented programmatic access to all authorization data, including programmatic access to human-readable materials. - -Terms: `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-RSP` (formerly `FRR-ADS-TC-07`) SHOULD — Responsive Performance - -Trust centers SHOULD deliver responsive performance during normal operating conditions and minimize service disruptions. - -Terms: `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-SSM` (formerly `FRR-ADS-TC-04`) SHOULD — Self-Service Access Management - -Trust centers SHOULD include features that encourage all necessary parties to provision and manage access to authorization data for their users and services directly. - -Terms: `All Necessary Parties`, `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-TRC-USH` (formerly `FRR-ADS-04`) MUST — Uninterrupted Sharing - -Trust centers MUST share authorization data with all necessary parties without interruption. - -Terms: `All Necessary Parties`, `Authorization data`, `Trust Center` - -Affects: Providers - -Note: "Without interruption" means that parties should not have to request manual approval each time they need to access authorization data or go through a complicated process. The preferred way of ensuring access without interruption is to use on-demand just-in-time access provisioning. - -Recent update: 2026-02-04 — Removed unnecessary specification of necessary parties; changed from provider to trust center responsibility; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-UTC-AAD` (formerly `ADS-CSO-AAD`) MUST — Agency Access Denial - -Providers MUST notify FedRAMP by email to info@fedramp.gov within 5 business days of denying an agency access request for authorization data. - -Terms: `Agency`, `Authorization data` - -Affects: Providers - -Structured timeframe: `5` bizdays - -Recent update: 2026-02-04 — Split from FRR-ADS-AC-02; removed italics and changed the ID as part of new standardization in v0.9.0-beta. - -### `ADS-UTC-AGA` SHOULD — Agency Access - -Providers SHOULD share the authorization package with agencies upon request. - -Terms: `Agency`, `Authorization Package` - -Affects: Providers - -Recent update: 2026-02-04 — Split into ADS-CSO-AGA and ADS-CSO-AAD; removed italics and changed the ID as part of new standardization in v0.9.0-beta. - -### `ADS-UTC-PGD` MUST — Public Guidance - -Providers MUST publicly provide plain-language policies and guidance for all necessary parties that explains how they can obtain and manage access to authorization data stored in the trust center. - -Terms: `All Necessary Parties`, `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -## 20X - -### `ADS-CSX-UTC` (formerly `FRR-ADS-07`) MUST — Use Trust Centers - -Providers MUST use a FedRAMP-compatible trust center to store and share authorization data with all necessary parties. - -Terms: `All Necessary Parties`, `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Modified to must for 20x, clarified wider application; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -## REV5 - -### `ADS-CSL-LRE` (formerly `FRR-ADS-EX-01`) MAY — Legacy Repository Exception - -Providers of FedRAMP Rev5 Authorized cloud service offerings at FedRAMP High using a legacy self-managed repository for authorization data MAY ignore the Authorization Data Sharing process until future notice. - -Terms: `Authorization data`, `Cloud Service Offering` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-CSL-TCM` (formerly `FRR-ADS-08`) MUST — Trust Center Migration - -Providers MUST notify all necessary parties when migrating to a trust center and MUST provide information in their existing USDA Connect Community Portal secure folders explaining how to use the trust center to obtain authorization data. - -Terms: `All Necessary Parties`, `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-CSL-UCP` (formerly `FRR-ADS-06`) MUST — USDA Connect - -Providers MUST share authorization data via the USDA Connect Community Portal UNLESS they use a FedRAMP-compatible trust center. - -Terms: `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ADS-CSL-UTC` (formerly `ADS-CSX-UTC`) SHOULD — Use Trust Centers - -Providers SHOULD use a FedRAMP-compatible trust center to store and share authorization data with all necessary parties. - -Terms: `All Necessary Parties`, `Authorization data`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Modified to should, clarified wider application; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. diff --git a/src/content/docs/docs/fedramp/processes/certification-data-sharing.md b/src/content/docs/docs/fedramp/processes/certification-data-sharing.md new file mode 100644 index 0000000..678b0f0 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/certification-data-sharing.md @@ -0,0 +1,313 @@ +--- +title: Certification Data Sharing — FedRAMP Process +description: Official Consolidated Rules summary for the CDS FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Certification Data Sharing + +Short name: `CDS` · Process ID: `CDS` · Web slug: `certification-data-sharing` + +Applies to: `both`, `rev5` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/certification-data-sharing/](https://www.fedramp.gov/2026/reference/certification-data-sharing/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2028-02-01 +- Shared requirements: 20 + +## Purpose + +The Certification Data Sharing rules allow providers to store and share FedRAMP Certification Data through the platform they choose as long as it follows FedRAMP rules for access, accuracy, and transparency. This helps customers and the public review consistent, current security and compliance information while recognizing that the information usually remains the provider's intellectual property and is not federal information. + +## Rule Subsets + +- `CSF` — Rev5-Specific Provider Responsibilities: These rules apply to providers for FedRAMP Rev5 Certifications. · types: Rev5 · classes: B, C, D +- `CSO` — General Provider Responsibilities: These rules apply to providers for FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `TRC` — FedRAMP-Compatible Trust Centers: These rules apply to trust centers that are FedRAMP-compatible. · types: 20x, Rev5 · classes: B, C, D +- `UTC` — Using a Trust Center: These rules apply to providers that are using a FedRAMP-compatible trust center instead of USDA Connect; they DO NOT apply to providers using USDA Connect. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `CDS-CSO-AVR` VARIES BY CLASS — Availability Reporting + +Varies by certification class: + +- **Class A SHOULD:** Providers with Class A Certifications SHOULD maintain a web service, available to all necessary parties, that indicates current and historical availability of core services within the cloud service offering over at least the past 30 days, including availability incidents, in both human-readable and machine-readable formats; this service SHOULD be available even if the primary cloud service offering is unavailable. +- **Class B MUST:** Providers with Class B Certifications MUST maintain a web service, available to all necessary parties, that indicates current and historical availability of core services within the cloud service offering over at least the past 30 days, including availability incidents, in both human-readable and machine-readable formats; this service MUST be available even if the primary cloud service offering is unavailable. +- **Class C MUST:** Providers with Class C Certifications MUST maintain a web service, available to all necessary parties, that indicates current and historical availability of core services within the cloud service offering over at least the past 30 days, including availability incidents, in both human-readable and machine-readable formats; this service MUST be available even if the primary cloud service offering is unavailable. +- **Class D MUST:** Providers with Class D Certifications MUST maintain a web service, available to all necessary parties, that indicates current and historical availability of core services within the cloud service offering over at least the past 30 days, including availability incidents, in both human-readable and machine-readable formats; this service MUST be available even if the primary cloud service offering is unavailable. + +Terms: `All Necessary Parties`, `Cloud Service Offering`, `Incident`, `Machine-Readable`, `Provider` + +Affects: Providers + +Note: This service may be separate from the trust center. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-CBF` MUST — Consistency Between Formats + +Providers MUST use automation to ensure information remains consistent between human-readable and machine-readable formats when FedRAMP Certification Data is provided in both formats. + +Terms: `Certification Data`, `Machine-Readable`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-FID` MUST — Always Include FedRAMP ID + +Providers MUST always include the FedRAMP ID of the related cloud service offering in all FedRAMP Certification Data once assigned, including all reports, notifications, and other communication that results from FedRAMP rules. + +Terms: `Certification Data`, `Cloud Service Offering`, `Provider` + +Affects: Providers + +Note: The FedRAMP ID is supplied by FedRAMP after a cloud service offering is registered to be listed on the FedRAMP Marketplace - providers will need to use a placeholder until the FedRAMP ID is assigned. +Many providers have multiple cloud service offerings or use internal names that don't align to public materials; using the FedRAMP ID ensures we can easily align the communication with a specific cloud service offering. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-FRC` MUST — FedRAMP Certification Reports + +Providers MUST include FedRAMP Certification Reports with their FedRAMP Certification Data without inappropriate modifications, and make such reports available within 2 weeks of receiving the materials from FedRAMP. + +Terms: `Agency`, `Certification Data`, `Certification Path`, `Cloud Service Offering`, `Provider` + +Affects: Providers + +Structured timeframe: `2` weeks + +Note: FedRAMP provides Certification Reports for all cloud service offerings following the Program Certification path as part of the initial and ongoing FedRAMP Certification process, and may provide Certification Reports for cloud service offerings following the Agency Certification path. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-HAD` MUST — Historical FedRAMP Certification Data + +Providers MUST supply snapshots of FedRAMP Certification Data aligned to Ongoing Certification Reports to all necessary parties; these snapshots MUST be available for the duration of FedRAMP Certification. + +Terms: `All Necessary Parties`, `Certification Data`, `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider` + +Affects: Providers + +Note: Historical snapshots do not need to be reconstructed for periods before the provider's first Ongoing Certification Report, but should be maintained for all subsequent Ongoing Certification Reports. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-IRP` MUST — Include Relevant Policies + +Providers MUST supply all relevant policies and procedures in the FedRAMP Certification Data, including a human-readable and machine-readable reference that explains at least the following about each included policy and procedure: + +Checklist items: +- Name of policy or procedure +- Name of file, document, web page, etc. +- Brief summary of policy or procedure +- Word count of document +- Current version +- Date of last update +- Related FedRAMP Practices (if applicable) + +Terms: `Certification Data`, `FedRAMP Practices`, `Machine-Readable`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-PSM` VARIES BY CLASS — Per-Service Certification Materials + +Varies by certification class: + +- **Class A MAY:** Providers with Class A Certifications MAY supply per-service FedRAMP Certification materials. +- **Class B MAY:** Providers with Class B Certifications MAY supply per-service FedRAMP Certification materials. +- **Class C MAY:** Providers with Class C Certifications MAY supply per-service FedRAMP Certification materials. +- **Class D MUST:** Providers with Class D Certifications MUST supply per-service FedRAMP Certification materials. + +Terms: `Agency`, `Provider` + +Affects: Providers + +Note: Providers determine what they consider to be separate services, based on maximizing the customer experience for agencies who may only adopt some services and not others. +Providers are encouraged to provide a single comprehensive set of materials for all shared aspects of the service offering and only provide separate materials for unique aspects of each service to minimize the burden on providers and agencies. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-PUB` MUST — Public Information + +Providers MUST publicly share up-to-date information about the cloud service offering in both human-readable and JSON formats, including at least the following information that is available and applicable: + +Checklist items: +- FedRAMP ID +- Service Model +- Deployment Model +- Business Category +- UEI Number +- Sales Contact Information +- Security Contact Information +- Product Website Link +- Link to Product Logo +- Overall Service Description +- Detailed list of specific services and their security categories (see CDS-CSO-SVC (Public Service List) (Service List)) +- Link to Secure Configuration Guidance +- Overview of documentation supplied by the provider for the cloud service offering +- Link to Trust Center landing page that includes instructions on accessing information in the trust center +- Next Ongoing Certification Report date (see CCM-OCR-NRD (Next Report Date)) +- Current FedRAMP Recognized independent assessment service + +Terms: `Cloud Service Offering`, `FedRAMP Certification Report`, `FedRAMP Recognized`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider`, `Security Category`, `Trust Center` + +Affects: Providers + +Note: Generally, this information should be available on a public webpage or publicly shared in a FedRAMP-compatible trust center. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-RIS` MUST — Responsible Information Sharing + +Providers MUST provide sufficient information in FedRAMP Certification Data to support agency authorization decisions but SHOULD NOT include sensitive information that would likely enable a threat actor to gain unauthorized access, cause harm, disrupt operations, or otherwise have a negative adverse impact on the cloud service offering. + +Terms: `Agency`, `Certification Data`, `Cloud Service Offering`, `Likely`, `Provider` + +Affects: Providers + +Note: This is not a license to exclude accurate risk information, but specifics that would likely lead to compromise should be abstracted. A breach of confidentiality with FedRAMP Certification Data should be anticipated by a secure cloud service provider. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-RPS` MAY — Responsible Public Package Sharing + +Providers MAY responsibly share some or all of the information in a FedRAMP Certification Package publicly or with other parties if the provider determines doing so will NOT likely have an adverse effect on the cloud service offering. + +Terms: `Certification Package`, `Cloud Service Offering`, `Likely`, `Provider`, `Responsibly` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-SVC` MUST — Public Service List + +Providers MUST publicly share a detailed list of specific services and their security categories that are included in the cloud service offering using clear feature or service names that align with standard public marketing materials; this list MUST be complete enough for a potential customer to determine which services are and are not included in the FedRAMP Minimum Assessment Scope without requesting access to underlying FedRAMP Certification Data. + +Terms: `Certification Data`, `Cloud Service Offering`, `Provider`, `Security Category` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-CSO-UTC` MUST — Use Trust Centers + +Providers MUST use a FedRAMP-compatible trust center to store and share FedRAMP Certification Data with all necessary parties. + +Terms: `All Necessary Parties`, `Certification Data`, `Provider`, `Trust Center` + +Affects: Providers + +Note: Rules for FedRAMP-Compatible Trust Centers are explained in the Certification Data Sharing Rules under the FedRAMP-Compatible Trust Centers section (id: CDS-TRC). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-TRC-AAI` MUST — Agency Access Inventory + +Trust centers MUST maintain an inventory and history of federal agency users or systems with access to FedRAMP Certification Data and MUST make this information available to FedRAMP upon request. + +Terms: `Agency`, `Certification Data`, `Trust Center` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-TRC-ACL` MUST — Access Logging + +Trust centers MUST log access to FedRAMP Certification Data and store summaries of access for at least six months; such information, as it pertains to specific parties, SHOULD be made available upon request by those parties. + +Terms: `Certification Data`, `Trust Center` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-TRC-HMR` SHOULD — Human and Machine-Readable Certification Data + +Trust centers SHOULD make FedRAMP Certification Data available to view and download in both human-readable and machine-readable formats. + +Terms: `Certification Data`, `Machine-Readable`, `Trust Center` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-TRC-PAC` MUST — Programmatic Access + +Trust centers MUST provide documented programmatic access to all FedRAMP Certification Data, including programmatic access to human-readable materials. + +Terms: `Certification Data`, `Trust Center` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-TRC-SSM` SHOULD — Self-Service Access Management + +Trust centers SHOULD include features that encourage all necessary parties to provision and manage access to FedRAMP Certification Data for their users and services directly. + +Terms: `All Necessary Parties`, `Certification Data`, `Trust Center` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-TRC-USH` MUST — Uninterrupted Sharing + +Trust centers MUST share FedRAMP Certification Data with all necessary parties without interruption. + +Terms: `All Necessary Parties`, `Certification Data`, `Trust Center` + +Affects: Providers + +Note: "Without interruption" means that parties should not have to request manual approval each time they need to access FedRAMP Certification Data or go through a complicated process. The preferred way of ensuring access without interruption is to use on-demand just-in-time access provisioning. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-UTC-AAD` MUST — Agency Access Denial + +Providers MUST notify FedRAMP within 5 business days of denying an agency access request for FedRAMP Certification Data. + +Terms: `Agency`, `Certification Data`, `Provider` + +Affects: Providers + +Structured timeframe: `5` bizdays + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CDS-UTC-AGA` SHOULD — Agency Access + +Providers SHOULD supply access to the FedRAMP Certification Package with agencies upon request. + +Terms: `Agency`, `Certification Package`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## REV5 + +### `CDS-CSF-TCM` MUST — Trust Center Migration + +Providers MUST notify all necessary parties when migrating to a trust center and MUST provide information in their existing USDA Connect Community Portal secure folders explaining how to use the trust center to obtain FedRAMP Certification Data. + +Terms: `All Necessary Parties`, `Certification Data`, `Provider`, `Trust Center` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/certification-package-overview.md b/src/content/docs/docs/fedramp/processes/certification-package-overview.md new file mode 100644 index 0000000..5a02693 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/certification-package-overview.md @@ -0,0 +1,119 @@ +--- +title: Certification Package Overview — FedRAMP Process +description: Official Consolidated Rules summary for the CPO FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Certification Package Overview + +Short name: `CPO` · Process ID: `CPO` · Web slug: `certification-package-overview` + +Applies to: `both`, `20x`, `rev5` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/certification-package-overview/](https://www.fedramp.gov/2026/reference/certification-package-overview/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-01-01 +- Shared requirements: 2 + +## Purpose + +The Certification Package Overview rules outline the expectations for a simple overview of the cloud service offering that must be included within a FedRAMP Certification Package. This overview replaces the historically required base System Security Plan for FedRAMP Rev5 and is intended to provide a clear, concise, and consistent summary of the offering and the information included in the package to help customers understand the offering at a high level. + +## Rule Subsets + +- `CSF` — Rev5-Specific Provider Responsibilities: These rules apply to providers for FedRAMP Rev5 Certifications. · types: Rev5 · classes: A, B, C, D +- `CSO` — General Provider Responsibilities: These rules apply to providers for FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `CSX` — 20x-Specific Provider Responsibilities: These rules apply to providers for FedRAMP 20x Certifications. · types: 20x · classes: A, B, C, D + +## Requirements and Recommendations + +## BOTH + +### `CPO-CSO-MTD` MUST — Certification Package Overview Metadata + +Providers MUST also include the following basic metadata in their Certification Package Overview: + +Checklist items: +- Name, title, and contact information of official that is responsible and accountable for the FedRAMP Certification Package +- Version +- Date and time of last update +- Source of update + +Terms: `Certification Package`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CPO-CSO-OVR` MUST — Overview of the Cloud Service Offering + +Providers MUST supply a Certification Package Overview within their FedRAMP Certification Package, in both human-readable and JSON formats, that includes at least all of the information required by the following rules: + +Checklist items: +- Certification Package Overview: CPO-CSO-MTD (Certification Package Overview Metadata) +- Certification Data Sharing: CDS-CSO-PUB (Public Information) +- Certification Data Sharing: CDS-CSO-SVC (Public Service List) +- Certification Data Sharing: CDS-CSO-IRP (Include Relevant Policies) +- Minimum Assessment Scope: MAS-CSO-IIR (Identify Information Resources) +- Minimum Assessment Scope: MAS-CSO-FLO (Information Flows and Security Categories) +- Minimum Assessment Scope: MAS-CSO-TPR (Third-Party Information Resources) +- Using Cryptographic Modules: CMU-CSO-CMD (Cryptographic Module Documentation) +- Independent Verification and Validation: IVV-CSO-ICP (Inclusion in Certification Package) + +Terms: `Certification Class`, `Certification Data`, `Certification Package`, `Information Resource`, `Initial Incident Report (IIR)`, `Provider`, `Security Category`, `Third-Party Information Resource`, `Validation`, `Verification` + +Affects: Providers + +Note: For FedRAMP Rev5, the Certification Package Overview replaces the historically required System Security Plan (not including appendices). +This list of rules may not apply to all FedRAMP Certification Classes or Types - if a rule does not apply then the information is not required. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## 20X + +### `CPO-CSX-CPM` VARIES BY CLASS — Certification Package Maintenance for 20x + +Varies by certification class: + +- **Class A SHOULD:** Providers with 20x Class A Certifications SHOULD persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every 3 months. +- **Class B MUST:** Providers with 20x Class B Certifications MUST persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every month. +- **Class C MUST:** Providers with 20x Class C Certifications MUST persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every 2 weeks. +- **Class D MUST:** Providers with 20x Class D Certifications MUST persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every week. + +Terms: `Certification Package`, `Persistently`, `Provider` + +Affects: Providers + +Note: Providers are expected to maintain their FedRAMP Certification Package using automation as changes occur to ensure they are never out of date. +This rule does not require or expect persistent human review of all materials in this cadence. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## REV5 + +### `CPO-CSF-CPM` VARIES BY CLASS — Certification Package Maintenance for Rev5 + +Varies by certification class: + +- **Class A SHOULD:** Providers with Rev5 Class A Certifications SHOULD persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every year. +- **Class B MUST:** Providers with Rev5 Class B Certifications MUST persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every year. +- **Class C MUST:** Providers with Rev5 Class C Certifications MUST persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every year. +- **Class D MUST:** Providers with Rev5 Class D Certifications MUST persistently maintain their FedRAMP Certification Package to ensure it is up to date and complete at least once every six months. + +Terms: `Certification Package`, `Persistently`, `Provider`, `Significant Change`, `Transformative Change` + +Affects: Providers + +Note: This maximum timeframe for Rev5 is the absolutely poorest worst case for horrible customer experience and is based on legacy FedRAMP Rev5 allowing providers to leave their packages unmaintained for up to a year. Rev5 providers should maintain their packages far more frequently than this requirement to ensure potential customers have access to up-to-date information, updating it at least after every transformative significant change. +FedRAMP 20x Certifications expect providers to maintain their FedRAMP Certification Packages as changes occur to ensure they are never out of date. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/collaborative-continuous-monitoring.md b/src/content/docs/docs/fedramp/processes/collaborative-continuous-monitoring.md index 5cd228c..9f932de 100644 --- a/src/content/docs/docs/fedramp/processes/collaborative-continuous-monitoring.md +++ b/src/content/docs/docs/fedramp/processes/collaborative-continuous-monitoring.md @@ -1,290 +1,280 @@ --- title: Collaborative Continuous Monitoring — FedRAMP Process -description: Official FRMR-generated summary for the CCM FedRAMP process, including applicability and requirements. +description: Official Consolidated Rules summary for the CCM FedRAMP process, including applicability and requirements. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Collaborative Continuous Monitoring Short name: `CCM` · Process ID: `CCM` · Web slug: `collaborative-continuous-monitoring` Applies to: `both` +Status: `stable` -Official page: [https://fedramp.gov/docs/20x/collaborative-continuous-monitoring](https://fedramp.gov/docs/20x/collaborative-continuous-monitoring) -## Effective Status +Official page: [https://www.fedramp.gov/2026/reference/collaborative-continuous-monitoring/](https://www.fedramp.gov/2026/reference/collaborative-continuous-monitoring/) -- 20x: required · Phase 2 Pilot -- Rev5: optional · Open Beta -- Shared requirements: 24 +## Effective Status -## Requirements and Recommendations +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-10-01 +- Shared requirements: 21 -## BOTH +## Purpose -### `CCM-AGM-CSC` (formerly `FRR-CCM-AG-02`) SHOULD — Consider Security Category +The Collaborative Continuous Monitoring rules help agencies use shared, current authorization information from providers as part of each agency's own Information Security Continuous Monitoring strategy. These rules reduce unnecessary manual burden by encouraging automated monitoring and review while allowing each agency to make its own risk-based decisions about ongoing authorization. -Agencies SHOULD consider the Security Category noted in their Authorization to Operate of the federal information system that includes the cloud service offering in its boundary and assign appropriate information security resources for reviewing Ongoing Authorization Reports, attending Quarterly Reviews, and other ongoing authorization data. +## Rule Subsets -Terms: `Agency`, `Authorization data`, `Cloud Service Offering`, `Quarterly Review` +- `AGM` — Agency Guidance: These rules for agencies apply to all agencies using a FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D +- `OCR` — Ongoing Certification Reports: These rules for Ongoing Certification Reports apply to providers with any type of FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D +- `QTR` — Quarterly Reviews: These rules for Quarterly Reviews apply to providers with any type of FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D -Affects: Agencies +## Requirements and Recommendations -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +## BOTH -### `CCM-AGM-NAR` (formerly `FRR-CCM-AG-06`) MUST NOT — No Additional Requirements +### `CCM-AGM-CSC` SHOULD — Consider Security Category -Agencies MUST NOT place additional security requirements on cloud service providers beyond those required by FedRAMP UNLESS the head of the agency or an authorized delegate makes a determination that there is a demonstrable need for such; this does not apply to seeking clarification or asking general questions about authorization data. +Agencies SHOULD consider the Security Category noted in their Authorization to Operate of the federal information system that includes the cloud service offering in its boundary and assign appropriate information security resources for reviewing Ongoing Certification Reports, attending Quarterly Reviews, and other ongoing FedRAMP Certification Data. -Terms: `Agency`, `Authorization data` +Terms: `Agency`, `Certification Data`, `Cloud Service Offering`, `Ongoing Certification`, `Quarterly Review`, `Security Category` Affects: Agencies -Note: This is a statutory requirement in 44 USC § 3613 (e) related to the Presumption of Adequacy for a FedRAMP authorization. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +### `CCM-AGM-NAR` MUST NOT — No Additional Requirements -### `CCM-AGM-NFA` (formerly `FRR-CCM-AG-07`) MUST — Notify FedRAMP After Requests +Agencies MUST NOT place additional security requirements on cloud service providers beyond those required by FedRAMP UNLESS the head of the agency or an authorized delegate makes a determination that there is a demonstrable need for such; this does not apply to seeking clarification or asking general questions about FedRAMP Certification Data. -Agencies MUST notify FedRAMP after requesting any additional information or materials from a cloud service provider beyond those FedRAMP requires by sending an email to info@fedramp.gov. - -Terms: `Agency` +Terms: `Agency`, `Certification Data`, `FedRAMP Certified`, `Provider` Affects: Agencies -Note: Agencies are required to notify FedRAMP by OMB Memorandum M-24-15 section IV (a). +Note: This is a statutory requirement in 44 USC § 3613 (e) related to the Presumption of Adequacy for a FedRAMP Certification. -Recent update: 2026-02-04 — Clarified notification requirements; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-AGM-NFR` (formerly `FRR-CCM-AG-05`) MUST — Notify FedRAMP of Concerns +### `CCM-AGM-NFA` MUST — Notify FedRAMP After Requests -Agencies MUST notify FedRAMP by sending an email to info@fedramp.gov if the information presented in an Ongoing Authorization Report, Quarterly Review, or other ongoing authorization data causes significant concerns that may lead the agency to stop operation of the cloud service offering. +Agencies MUST notify FedRAMP after requesting any additional information or materials from a cloud service provider beyond those FedRAMP requires by sending an email to info@fedramp.gov. -Terms: `Agency`, `Authorization data`, `Cloud Service Offering`, `Ongoing Authorization Report (OAR)`, `Quarterly Review` +Terms: `Agency`, `Provider` Affects: Agencies Note: Agencies are required to notify FedRAMP by OMB Memorandum M-24-15 section IV (a). -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-AGM-NPC` (formerly `FRR-CCM-AG-04`) SHOULD — Notify Provider of Concerns +### `CCM-AGM-ROR` MUST — Review Ongoing Reports -Agencies SHOULD formally notify the provider if the information presented in an Ongoing Authorization Report, Quarterly Review, or other ongoing authorization data causes significant concerns that may lead the agency to remove the cloud service offering from operation. +Agencies MUST review each Ongoing Certification Report to understand how changes to the cloud service offering may impact the previously agreed-upon risk tolerance documented in the agency's Authorization to Operate of a federal information system that includes the cloud service offering in its boundary. -Terms: `Agency`, `Authorization data`, `Cloud Service Offering`, `Ongoing Authorization Report (OAR)`, `Quarterly Review` - -Affects: Agencies - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `CCM-AGM-ROR` (formerly `FRR-CCM-AG-01`) MUST — Review Ongoing Reports - -Agencies MUST review each Ongoing Authorization Report to understand how changes to the cloud service offering may impact the previously agreed-upon risk tolerance documented in the agency's Authorization to Operate of a federal information system that includes the cloud service offering in its boundary. - -Terms: `Agency`, `Cloud Service Offering`, `Ongoing Authorization Report (OAR)` +Terms: `Agency`, `Cloud Service Offering`, `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)` Affects: Agencies Note: This is required by 44 USC § 35, OMB A-130, FIPS-200, and M-24-15. -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `CCM-AGM-SSR` (formerly `FRR-CCM-AG-03`) — Senior Security Reviewer - +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. +### `CCM-OCR-AFS` MUST — Anonymized Feedback Summary -Terms: `Agency`, `Cloud Service Offering`, `Quarterly Review` +Providers MUST supply an anonymized and desensitized summary of the feedback, questions, and answers about each Ongoing Certification Report as an addendum to the Ongoing Certification Report OR in the next Ongoing Certification Report. -Affects: Agencies - -Recent update: 2026-03-17 — Changed mention of Security Category to security objective and added Low and Moderate. - -### `CCM-OAR-AFS` (formerly `FRR-CCM-05`) MUST — Anonymized Feedback Summary - -Providers MUST maintain an anonymized and desensitized summary of the feedback, questions, and answers about each Ongoing Authorization Report as an addendum to the Ongoing Authorization Report. - -Terms: `Agency`, `Ongoing Authorization Report (OAR)` +Terms: `Agency`, `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider` Affects: Providers -Note: This is intended to encourage sharing of information and decrease the burden on the cloud service provider - providing this summary will reduce duplicate questions from agencies and ensure FedRAMP has access to this information. It is generally in the provider’s interest to update this addendum frequently throughout the quarter. +Note: This is intended to encourage sharing of information and decrease the burden on the cloud service provider - providing this summary will reduce duplicate questions from agencies and ensure FedRAMP has access to this information. It is generally in the provider's interest to update this addendum frequently throughout the quarter. -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-OAR-AVL` (formerly `FRR-CCM-01`) MUST — Report Availability +### `CCM-OCR-AVL` MUST — Report Availability -Providers MUST make an Ongoing Authorization Report available to all necessary parties every 3 months, covering the entire period since the previous summary, in a consistent format that is human readable; this report MUST include high-level summaries of at least the following information: +Providers MUST supply an Ongoing Certification Report to all necessary parties every 3 months, covering the entire period since the previous summary, in a consistent format that is human readable; this report MUST include high-level summaries of at least the following information: Checklist items: -- Changes to authorization data -- Planned changes to authorization data during at least the next 3 months +- Changes to FedRAMP Certification Data +- Planned changes to FedRAMP Certification Data during at least the next 3 months - Accepted vulnerabilities - Transformative changes - Updated recommendations or best practices for security, configuration, usage, or similar aspects of the cloud service offering +- A list of all agencies that are directly using the product +- FedRAMP Reportable Incidents or an attestation that no such incidents occurred +- Lessons learned and changes planned or made as a result of FedRAMP Reportable Incidents (if such occurred) -Terms: `Accepted Vulnerability`, `All Necessary Parties`, `Authorization data`, `Cloud Service Offering`, `Ongoing Authorization Report (OAR)`, `Transformative`, `Vulnerability` +Terms: `Accepted Vulnerability`, `Agency`, `All Necessary Parties`, `Certification Data`, `Cloud Service Offering`, `FedRAMP Certification Report`, `FedRAMP Reportable Incident`, `Incident`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider`, `Transformative Change`, `Vulnerability` Affects: Providers -Recent update: 2026-02-04 — Re-ordered phrasing; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-OAR-FBM` (formerly `FRR-CCM-04`) MUST — Feedback Mechanism +### `CCM-OCR-FBM` MUST — Feedback Mechanism -Providers MUST establish and share an asynchronous mechanism for all necessary parties to provide feedback or ask questions about each Ongoing Authorization Report. +Providers MUST supply an asynchronous mechanism for all necessary parties to provide feedback or ask questions about each Ongoing Certification Report. -Terms: `All Necessary Parties`, `Ongoing Authorization Report (OAR)` +Terms: `All Necessary Parties`, `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider` Affects: Providers Note: This could be email by default but providers are encouraged to consider something more interactive as appropriate. -Recent update: 2026-02-04 — Added note; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-OAR-LSI` (formerly `FRR-CCM-06`) MUST NOT — Limit Sensitive Information +### `CCM-OCR-LSI` MUST NOT — Limit Sensitive Information -Providers MUST NOT irresponsibly disclose sensitive information in an Ongoing Authorization Report that would likely have an adverse effect on the cloud service offering. +Providers MUST NOT irresponsibly disclose sensitive information in an Ongoing Certification Report that would likely have an adverse effect on the cloud service offering. -Terms: `Cloud Service Offering`, `Likely`, `Ongoing Authorization Report (OAR)` +Terms: `Cloud Service Offering`, `FedRAMP Certification Report`, `Likely`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-OAR-NRD` (formerly `FRR-CCM-03`) MUST — Next Report Date +### `CCM-OCR-NRD` MUST — Next Report Date -Providers MUST publicly include the target date for their next Ongoing Authorization Report with other public authorization data. +Providers MUST supply the target date for their next Ongoing Certification Report with other public FedRAMP Certification Data. -Terms: `Authorization data`, `Ongoing Authorization Report (OAR)` +Terms: `Certification Data`, `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider` Affects: Providers -Recent update: 2026-02-04 — Clarified; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-OAR-RPS` (formerly `FRR-CCM-07`) MAY — Responsible Public Sharing +### `CCM-OCR-RPS` MAY — Responsible Public Certification Report Sharing -Providers MAY responsibly share some or all of the information an Ongoing Authorization Report publicly or with other parties if the provider determines doing so will NOT likely have an adverse effect on the cloud service offering. +Providers MAY responsibly supply some or all of the information an Ongoing Certification Report to the public or other parties if the provider determines doing so will NOT likely have an adverse effect on the cloud service offering. -Terms: `Cloud Service Offering`, `Likely`, `Ongoing Authorization Report (OAR)` +Terms: `Cloud Service Offering`, `FedRAMP Certification Report`, `Likely`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider`, `Responsibly` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-OAR-SOR` (formerly `FRR-CCM-02`) SHOULD — Spread Out Reports +### `CCM-OCR-SOR` SHOULD — Spread Out Reports -Providers SHOULD establish a regular 3 month cycle for Ongoing Authorization Reports that is spread out from the beginning, middle, or end of each quarter. +Providers SHOULD establish a regular 3 month cycle for Ongoing Certification Reports that is spread out from the beginning, middle, or end of each quarter. -Terms: `Agency`, `Regularly` +Terms: `Agency`, `Ongoing Certification`, `Provider`, `Regularly` Affects: Providers -Note: This recommendation is intended to discourage hundreds of cloud service providers from releasing their Ongoing Authorization Reports during the first or last week of each quarter because that is the easiest way for a single provider to track this deliverable; the result would overwhelm agencies with many cloud services. Widely used cloud service providers are encouraged to work with their customers to identify ideal timeframes for this cycle. +Note: This recommendation is intended to discourage hundreds of cloud service providers from releasing their Ongoing Certification Reports during the first or last week of each quarter because that is the easiest way for a single provider to track this deliverable; the result would overwhelm agencies with many cloud services. Widely used cloud service providers are encouraged to work with their customers to identify ideal timeframes for this cycle. -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-ACT` (formerly `FRR-CCM-QR-07`) SHOULD — Additional Content +### `CCM-QTR-ACT` SHOULD — Additional Content -Providers SHOULD include additional information in Quarterly Reviews that the provider determines is of interest, use, or otherwise relevant to agencies. +Providers SHOULD supply additional information in Quarterly Reviews that the provider determines is of interest, use, or otherwise relevant to agencies. -Terms: `Agency`, `Quarterly Review` +Terms: `Agency`, `Provider`, `Quarterly Review` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-MTG` — Quarterly Review Meeting +### `CCM-QTR-MTG` VARIES BY CLASS — Quarterly Review Meeting +Varies by certification class: +- **Class A MAY:** Providers with Class A Certifications MAY host a synchronous Quarterly Review every 3 months, open to all necessary parties, to review aspects of the most recent Ongoing Certification Reports that the provider determines are of the most relevance to agencies. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD host a synchronous Quarterly Review every 3 months, open to all necessary parties, to review aspects of the most recent Ongoing Certification Reports that the provider determines are of the most relevance to agencies. +- **Class C MUST:** Providers with Class C Certifications MUST host a synchronous Quarterly Review every 3 months, open to all necessary parties, to review aspects of the most recent Ongoing Certification Reports that the provider determines are of the most relevance to agencies. +- **Class D MUST:** Providers with Class D Certifications MUST host a synchronous Quarterly Review every 3 months, open to all necessary parties, to review aspects of the most recent Ongoing Certification Reports that the provider determines are of the most relevance to agencies. -Terms: `Agency`, `All Necessary Parties`, `Quarterly Review` +Terms: `Agency`, `All Necessary Parties`, `Ongoing Certification`, `Provider`, `Quarterly Review` Affects: Providers -Recent update: 2026-02-04 — Combined requirements and recommendations that varied by impact level into a single set with minor wording modification as appropriate. +Structured timeframe: `3` months + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-NID` (formerly `FRR-CCM-QR-04`) MUST NOT — No Irresponsible Disclosure +### `CCM-QTR-NID` MUST NOT — No Irresponsible Disclosure Providers MUST NOT irresponsibly disclose sensitive information in a Quarterly Review that would likely have an adverse effect on the cloud service offering. -Terms: `Cloud Service Offering`, `Likely`, `Quarterly Review` +Terms: `Cloud Service Offering`, `Likely`, `Provider`, `Quarterly Review` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-NRD` (formerly `FRR-CCM-QR-06`) MUST — Next Review Date +### `CCM-QTR-NRD` MUST — Next Review Date -Providers MUST publicly include the target date for their next Quarterly Review with other public authorization data. +Providers MUST publicly supply the target date for their next Quarterly Review with other public FedRAMP Certification Data. -Terms: `Authorization data`, `Quarterly Review` +Terms: `Certification Data`, `Provider`, `Quarterly Review` Affects: Providers -Recent update: 2026-02-04 — Clarified; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-REG` (formerly `FRR-CCM-QR-05`) MUST — Meeting Registration Info +### `CCM-QTR-REG` MUST — Meeting Registration Info -Providers MUST include either a registration link or a downloadable calendar file with meeting information for Quarterly Reviews in the authorization data available to all necessary parties required by ADS-CSL-UCP and ADS-CSO-FCT. +Providers MUST supply either a registration link or a downloadable calendar file with meeting information for Quarterly Reviews to all necessary parties. -Terms: `All Necessary Parties`, `Authorization data`, `Quarterly Review` +Terms: `All Necessary Parties`, `Provider`, `Quarterly Review` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-RTP` (formerly `FRR-CCM-QR-08`) SHOULD NOT — Restrict Third Parties +### `CCM-QTR-RTP` SHOULD NOT — Restrict Third Parties Providers SHOULD NOT invite third parties to attend Quarterly Reviews intended for agencies unless they have specific relevance. -Terms: `Agency`, `Likely`, `Quarterly Review` +Terms: `Agency`, `Assessor`, `Likely`, `Provider`, `Quarterly Review` Affects: Providers Note: This is because agencies are less likely to actively participate in meetings with third parties; the cloud service provider's independent assessor should be considered relevant by default. -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-RTR` (formerly `FRR-CCM-QR-09`) SHOULD — Record/Transcribe Reviews +### `CCM-QTR-RTR` SHOULD — Record/Transcribe Reviews -Providers SHOULD record or transcribe Quarterly Reviews and make such available to all necessary parties with other authorization data. +Providers SHOULD record or transcribe Quarterly Reviews and supply them to all necessary parties. -Terms: `All Necessary Parties`, `Authorization data`, `Quarterly Review` +Terms: `All Necessary Parties`, `Provider`, `Quarterly Review` Affects: Providers -Recent update: 2026-02-04 — Simplified; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-SAR` (formerly `FRR-CCM-QR-03`) SHOULD — Schedule Around Reports +### `CCM-QTR-SAR` SHOULD — Schedule Around Reports -Providers SHOULD regularly schedule Quarterly Reviews to occur at least 3 business days after releasing an Ongoing Authorization Report AND within 10 business days of such release. +Providers SHOULD regularly schedule Quarterly Reviews to occur at least 3 business days after releasing an Ongoing Certification Report AND within 10 business days of such release. -Terms: `Ongoing Authorization Report (OAR)`, `Quarterly Review`, `Regularly` +Terms: `FedRAMP Certification Report`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider`, `Quarterly Review`, `Regularly` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-SCR` (formerly `FRR-CCM-QR-11`) MAY — Share Content Responsibly +### `CCM-QTR-SCR` MAY — Share Content Responsibly -Providers MAY responsibly share content prepared for a Quarterly Review with the public or other parties if the provider determines doing so will NOT likely have an adverse effect on the cloud service offering. +Providers MAY responsibly supply content prepared for a Quarterly Review to the public or other parties if the provider determines doing so will NOT likely have an adverse effect on the cloud service offering. -Terms: `Cloud Service Offering`, `Likely`, `Quarterly Review` +Terms: `Cloud Service Offering`, `Likely`, `Provider`, `Quarterly Review`, `Responsibly` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `CCM-QTR-SRR` (formerly `FRR-CCM-QR-10`) MAY — Share Recordings Responsibly +### `CCM-QTR-SRR` MAY — Share Recordings Responsibly -Providers MAY responsibly share recordings or transcriptions of Quarterly Reviews with the public or other parties ONLY if the provider removes all agency information (comments, questions, names, etc.) AND determines sharing will NOT likely have an adverse effect on the cloud service offering. +Providers MAY responsibly supply recordings or transcriptions of Quarterly Reviews to the public or other parties ONLY if the provider removes all agency information (comments, questions, names, etc.) AND determines doing so will NOT likely have an adverse effect on the cloud service offering. -Terms: `Agency`, `Cloud Service Offering`, `Likely`, `Quarterly Review` +Terms: `Agency`, `Cloud Service Offering`, `Likely`, `Provider`, `Quarterly Review`, `Responsibly` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/cryptographic-module-use.md b/src/content/docs/docs/fedramp/processes/cryptographic-module-use.md new file mode 100644 index 0000000..fb7d4ca --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/cryptographic-module-use.md @@ -0,0 +1,72 @@ +--- +title: Cryptographic Module Use — FedRAMP Process +description: Official Consolidated Rules summary for the CMU FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Cryptographic Module Use + +Short name: `CMU` · Process ID: `CMU` · Web slug: `cryptographic-module-use` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/cryptographic-module-use/](https://www.fedramp.gov/2026/reference/cryptographic-module-use/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-06-01 +- Shared requirements: 3 + +## Purpose + +The Cryptographic Module Use rules clarify how providers should select and use cryptographic modules. These rules allow risk-based decisions for some services while still encouraging validated cryptographic modules whenever they are technically feasible and reasonable. + +## Rule Subsets + +- `CSO` — Cloud Service Provider Responsibilities: These rules apply to providers for FedRAMP Certifications. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `CMU-CSO-CAT` SHOULD — Configuration of Agency Tenants + +Providers SHOULD configure agency tenants by default to use cryptographic services that use cryptographic modules or update streams of cryptographic modules with active validations under the NIST Cryptographic Module Validation Program when such modules are available. + +Terms: `Agency`, `Provider`, `Validation` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CMU-CSO-CMD` MUST — Cryptographic Module Documentation + +Providers MUST document the cryptographic modules used in each service (or groups of services that use the same modules) where cryptographic services are used to protect federal customer data, including whether these modules are validated under the NIST Cryptographic Module Validation Program or are update streams of such modules. + +Terms: `Federal Customer Data`, `Provider`, `Validation` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `CMU-CSO-UVM` VARIES BY CLASS — Using Validated Cryptographic Modules + +Varies by certification class: + +- **Class A MAY:** Providers with Class A Certifications MAY use cryptographic modules or update streams of cryptographic modules with active validations under the NIST Cryptographic Module Validation Program when using cryptographic services to protect federal customer data. +- **Class B MAY:** Providers with Class B Certifications MAY use cryptographic modules or update streams of cryptographic modules with active validations under the NIST Cryptographic Module Validation Program when using cryptographic services to protect federal customer data. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD use cryptographic modules or update streams of cryptographic modules with active validations under the NIST Cryptographic Module Validation Program when using cryptographic services to protect federal customer data. +- **Class D MUST:** Providers with Class D Certifications MUST use cryptographic modules or update streams of cryptographic modules with active validations under the NIST Cryptographic Module Validation Program when using cryptographic services to protect federal customer data. + +Terms: `Federal Customer Data`, `Provider`, `Validation` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/fedramp-certification.md b/src/content/docs/docs/fedramp/processes/fedramp-certification.md new file mode 100644 index 0000000..fe7ad09 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/fedramp-certification.md @@ -0,0 +1,461 @@ +--- +title: FedRAMP Certification — FedRAMP Process +description: Official Consolidated Rules summary for the FRC FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# FedRAMP Certification + +Short name: `FRC` · Process ID: `FRC` · Web slug: `fedramp-certification` + +Applies to: `both`, `20x`, `rev5` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/fedramp-certification/](https://www.fedramp.gov/2026/reference/fedramp-certification/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-01-01 +- Shared requirements: 21 + +## Purpose + +This ruleset explains how cloud service offerings obtain and maintain FedRAMP Certification across certification classes and paths. + +## Rule Subsets + +- `APP` — Applying for FedRAMP Certification: These rules apply to cloud service providers who have met all other relevant rules and are ready to apply for any FedRAMP Certification. · types: 20x, Rev5 · classes: A, B, C, D +- `APS` — Applying for FedRAMP Certification with an Agency Sponsor: These rules apply to cloud service providers with an Agency Sponsor who have met all other relevant rules and are ready to apply for any FedRAMP Certification. · types: Rev5 · classes: B, C, D +- `CCL` — Changing Certification Class: These rules apply to cloud service providers when changing their FedRAMP Certification Class. · types: Rev5 · classes: A, B, C, D +- `CLA` — FedRAMP Class A Certification Rules: These are specific rules that apply to providers seeking FedRAMP Class A Certifications. · types: 20x, Rev5 · classes: A +- `CSF` — Rev5-Specific Provider Responsibilities: These rules apply to providers for FedRAMP Rev5 Certifications. · types: Rev5 · classes: B, C, D +- `CSO` — General Provider Responsibilities: These rules apply to cloud service providers obtaining and maintaining any FedRAMP Certification. · types: 20x, Rev5 · classes: A, B, C, D +- `CSX` — 20x-Specific Provider Responsibilities: These rules apply to providers for FedRAMP 20x Certifications. · types: 20x · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `FRC-APP-AFC` MUST — Applying for FedRAMP Certification + +Providers MUST complete the FedRAMP Certification Application Form in full to request an initial assessment by FedRAMP. + +Terms: `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-APP-FCP` MUST — Fresh FedRAMP Certification Package + +Providers MUST supply a fresh initial FedRAMP Certification Package that shows the current status of the cloud service offering as verified and validated by the provider within the previous 7 days. + +Terms: `Certification Package`, `Cloud Service Offering`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-APP-FIA` VARIES BY CLASS — Fresh Independent Assessment + +Varies by certification class: + +- **Class A MAY:** Providers seeking Class A Certification MAY supply a fresh initial FedRAMP independent assessment that was completed by a FedRAMP Recognized independent assessment service within the previous 3 months. +- **Class B MUST:** Providers seeking Class B Certification MUST supply a fresh initial FedRAMP independent assessment that was completed by a FedRAMP Recognized independent assessment service within the previous 3 months. +- **Class C MUST:** Providers seeking Class C Certification MUST supply a fresh initial FedRAMP independent assessment that was completed by a FedRAMP Recognized independent assessment service within the previous 3 months. +- **Class D MUST:** Providers seeking Class D Certification MUST supply a fresh initial FedRAMP independent assessment that was completed by a FedRAMP Recognized independent assessment service within the previous 3 months. + +Terms: `FedRAMP Independent Assessment`, `FedRAMP Recognized`, `Provider` + +Affects: Providers + +Structured timeframe: `3` months + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-APP-MLF` MUST — Marketplace Listing First + +Providers MUST be listed in the FedRAMP Marketplace before applying for FedRAMP Certification, including: + +Checklist items: +- FedRAMP Marketplace: MKT-CSO-MLR (Marketplace Listing Requirements), +- FedRAMP Marketplace: MKT-CSO-PML (Provider Marketplace Listing Requests) +- FedRAMP Marketplace: MKT-IIP-AGU (Agency Use Cases) +- FedRAMP Marketplace: MKT-IIP-DCP (Demonstrating Continuous Progress) + +Terms: `Agency`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-APP-NTP` MUST NOT — No Third-Party Applicants + +Providers MUST NOT use a third party to apply for a FedRAMP Certification on their behalf; this includes independent assessment services. + +Terms: `Provider` + +Affects: Providers + +Note: FedRAMP previously allowed independent assessment services to submit applications on behalf of providers, but this caused confusion about who was responsible for the application and the information in it. Providers should apply directly to ensure clear accountability. +Providers may use third parties to help them prepare their application and assessment materials for submission. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-APP-USA` MAY — Updating Stale Assessments + +Providers MAY freshen a stale initial independent verification and validation assessment by having a FedRAMP Recognized independent assessment service review any changes between the original assessment and the current status of the cloud service offering in place of a full re-assessment, UNLESS the stale assessment is more than 9 months old. + +Terms: `Cloud Service Offering`, `FedRAMP Recognized`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-APS-ATO` MUST — Agency Authorization to Operate + +Providers seeking a FedRAMP Rev5 Agency Certification MUST have completed the Authorization to Operate (ATO) process with their agency sponsor for the cloud service offering, concluding with a formal signed ATO letter that the agency has sent over official government channels to FedRAMP. + +Terms: `Agency`, `Cloud Service Offering`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CCL-DCC` MUST — Downgrading Certification Class + +Providers MUST apply for a new FedRAMP Certification to downgrade their Certification Class. + +Terms: `All Necessary Parties`, `Certification Class`, `Provider` + +Affects: Providers + +Note: Downgrade paths include moving from D to C, B, or A; C to B or A; or B to A. +FRC-CCL-DNP (Downgrade Notification Period) applies - please DO NOT downgrade Certification Class with providing advance notification to all necessary parties! + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CCL-DNP` SHOULD — Downgrade Notification Period + +Providers SHOULD notify all necessary parties at least 120 days in advance of an intended downgrade or cancellation of FedRAMP Certification. + +Terms: `Agency`, `All Necessary Parties`, `Provider` + +Affects: Providers + +Note: Downgrading or canceling FedRAMP Certification will have severe negative consequences for the provider and their agency customers and should only be done after careful consideration and planning... but if it must be done, notify all necessary parties as soon as possible. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CCL-UCC` MUST — Upgrading Certification Class + +Providers MUST apply for a new FedRAMP Certification to upgrade their Certification Class; all applicable requirements MUST be met in advance. + +Terms: `Certification Class`, `Provider` + +Affects: Providers + +Note: Upgrade paths include moving from A to B, C, or D; B to C or D; and C to D. +The preferred path is to incrementally update the implementation and assurance commitments within the current Certification Class until the provider has met all requirements for the target Certification Class, then apply for the new Certification Class. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CLA-ASF` MUST — Approved Alternative Security Frameworks + +Providers seeking a FedRAMP Class A Certification MUST have completed a certification or equivalent process, including an independent assessment if applicable, from one of the following alternative security frameworks within the past 12 months: + +Checklist items: +- FedRAMP Rev5 (including FedRAMP Ready) at any historical Impact Level +- SOC 2 Type II +- GovRAMP at any Impact Level + +Terms: `Provider`, `Security Category` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CLA-EAM` MUST — External Assessment Materials + +Providers seeking a FedRAMP Class A Certification MUST supply the following materials from their alternative security framework assessment to all necessary parties: + +Checklist items: +- SOC 2 Type II: Complete report, bridge or gap letter (if applicable), verified audit engagement documentation, estimated schedule for upcoming report, supplemental compliance evidence (if applicable) +- FedRAMP Ready: Readiness Assessment Report, Security Assessment Plan, and any other materials required by FedRAMP. +- GovRAMP: Readiness Assessment Report, Security Assessment Plan, and any other materials required by GovRAMP. + +Terms: `All Necessary Parties`, `Provider`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CLA-IVV` MAY — Optional Independent Verification and Validation + +Providers seeking a FedRAMP Class A Certification MAY have the FedRAMP Certification Package independently verified and validated by a FedRAMP Recognized assessor before submission to FedRAMP. + +Terms: `Assessor`, `Certification Package`, `FedRAMP Recognized`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CLA-MFR` MUST — Mandatory FedRAMP Rules for Class A + +Providers seeking a Class A FedRAMP Certification MUST address all rules in this FedRAMP Class A Certification subset (FRC-CLA) AND the following additional FedRAMP Class A rules; the appropriate artifacts or information mapping for all rules MUST be supplied in the FedRAMP Certification Package. + +Checklist items: +- FedRAMP Certification: FRC-CSO-PKG (FedRAMP Certification Package) +- FedRAMP Certification: FRC-CSO-JSN (FedRAMP JSON Schemas) +- FedRAMP Certification: FRC-CSO-POP (Pick One Program Certification Type) +- Minimum Assessment Scope: MAS-CSO-IIR (Identify Information Resources) +- Certification Data Sharing: CDS-CSO-PUB (Public Information) +- Certification Data Sharing: CDS-CSO-UTC (Use Trust Centers) +- Certification Data Sharing: CDS-UTC-AAD (Agency Access Denial) +- Addressing FedRAMP Communication: AFC-CSO-INB (Maintain a FedRAMP Security Inbox) +- Addressing FedRAMP Communication: AFC-CSO-RCV (Receive Email Without Disruption) +- Addressing FedRAMP Communication: AFC-CSO-CRA (Complete Required Actions) +- Incident Evaluation and Communication: IEC-CSO-EFR (Evaluate FedRAMP Reportability) +- Incident Evaluation and Communication: IEC-CSO-FIR (Final Incident Report) +- Vulnerability Detection and Response: VDR-CSO-DET (Vulnerability Detection) +- Collaborative Continuous Monitoring: CCM-OCR-AVL (Report Availability) +- Collaborative Continuous Monitoring: CCM-OCR-NRD (Next Report Date) +- Independent Verification and Validation: IVV-CSX-AIA (Annual Independent Assessments for 20x) +- Key Security Indicators: KSI-CMT-LMC (Logging Changes) +- Key Security Indicators: KSI-CNA-RNT (Restricting Network Traffic) +- Key Security Indicators: KSI-CED-RAT (Reviewing All Training) +- Key Security Indicators: KSI-IAM-AAM (Automating Account Management) +- Key Security Indicators: KSI-IAM-APM (Adopting Passwordless Methods) +- Key Security Indicators: KSI-INR-RIR (Reviewing Incident Response Procedures) +- Key Security Indicators: KSI-SVC-SIN (Securing Information) + +Terms: `Agency`, `Artifacts`, `Certification Data`, `Certification Package`, `Certification Type`, `FedRAMP Security Inbox`, `Final Incident Report (FIR)`, `Incident`, `Information Resource`, `Initial Incident Report (IIR)`, `Ongoing Certification Report (OCR)`, `Provider`, `Trust Center`, `Validation`, `Verification`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Note: Some of these specific FedRAMP rules may not have similar counterparts in external frameworks and providers will need to implement new processes to follow these rules. +In general, for each of these FedRAMP requirements, providers should include a sufficiently detailed summary that reviewers will not need to dig into the related security framework materials to understand the related decisions - just saying "see SOC 2 report" is not particularly helpful. +Information about how the provider addresses the included Key Security Indicators are required for both Rev5 and 20x Class A Certifications. + +Recent update: 2026-07-01 — Removed reference to Independent Verification and Validation: IVV-CSF-AIA (Annual Independent Assessments for Rev5); Removed CDS-CSO-AVR (Availability Reporting) since this rule is defined as SHOULD and included in FRC-CLA-RFR (Recommended FedRAMP Rules for Class A) + +### `FRC-CLA-OFR` MAY — Address Optional FedRAMP Rules for Class A + +Providers seeking a Class A FedRAMP Certification MAY address the following additional optional FedRAMP Class A rules (if applicable): + +Checklist items: +- Collaborative Continuous Monitoring: CCM-QTR-MTG (Quarterly Review Meeting) +- Certification Data Sharing: CDS-CSO-PSM (Per-Service Certification Materials) +- Cryptographic Module Use: CMU-CSO-UVM (Using Validated Cryptographic Modules) +- FedRAMP Certification: FRC-APP-FIA (Fresh Independent Assessment) +- Independent Verification and Validation: IVV-CSO-FIA (FedRAMP Independent Assessments) +- Security Decision Record: SDR-CSX-KMT (Key Security Indicator Metrics) +- Vulnerability Evaluation and Reporting: VER-TFR-IRI (Internet-Reachable Incidents) +- Vulnerability Evaluation and Reporting: VER-TFR-MRH (Historical Activity) +- Vulnerability Evaluation and Reporting: VER-TFR-NRI (Non-Internet-Reachable Incidents) + +Terms: `Certification Data`, `FedRAMP Independent Assessment`, `Incident`, `Provider`, `Quarterly Review`, `Security Decision Record (SDR)`, `Validation`, `Verification`, `Vulnerability` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CLA-RFR` SHOULD — Recommended FedRAMP Rules for Class A + +Providers seeking a Class A FedRAMP Certification SHOULD address the following additional recommended FedRAMP Class A rules (if applicable): + +Checklist items: +- Certification Data Sharing: CDS-CSO-AVR (Availability Reporting) +- Certification Package Overview: CPO-CSF-CPM (Certification Package Maintenance for Rev5) +- Certification Package Overview: CPO-CSX-CPM (Certification Package Maintenance for 20x) +- Incident Evaluation and Communication: IEC-CSO-IIR (Initial Incident Report) +- Incident Evaluation and Communication: IEC-CSO-OIR (Ongoing Incident Reports) +- Vulnerability Detection and Response: VDR-TFR-MVX (Persistent Machine Verification and Validation for 20x) +- Vulnerability Detection and Response: VDR-TFR-PCD (Persistently Complete Detection) +- Vulnerability Detection and Response: VDR-TFR-PDD (Persistent Drift Detection) +- Vulnerability Detection and Response: VDR-TFR-PSD (Persistent Sample Detection) +- Vulnerability Detection and Response: VDR-TFR-PVR (Mitigation and Remediation Expectations) +- Vulnerability Evaluation and Reporting: VER-TFR-EVU (Evaluate Vulnerabilities Quickly) + +Terms: `Certification Data`, `Certification Package`, `Drift`, `Incident`, `Initial Incident Report (IIR)`, `Ongoing Incident Report (OIR)`, `Persistently`, `Provider`, `Validation`, `Verification`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSO-FCP` MUST — FedRAMP Certification Profile + +Providers MUST identify a target FedRAMP Certification Profile and apply all relevant FedRAMP Practices to the cloud service offering. + +Terms: `Certification Profile`, `Cloud Service Offering`, `FedRAMP Practices`, `Handle`, `Information Resource`, `Provider`, `Security Category`, `Third-Party Information Resource` + +Affects: Providers + +Note: Information resources (including third-party information resources) MAY vary by security category as appropriate to the type of information handled by or impacted by the information resource. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSO-JSN` MUST — FedRAMP JSON Schemas + +Providers MUST supply machine-readable information in JSON documents that are valid against the corresponding JSON schema when a rule contains a FedRAMP JSON schema, UNLESS otherwise specified in the rule. + +Terms: `Machine-Readable`, `Provider` + +Affects: Providers + +Note: FedRAMP JSON schemas are designed to be lightweight and flexible to establish a minimum set of structured information while allowing providers to improve on the format and structure of the information as needed to meet their needs and the needs of their customers. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSO-MRA` MUST — Maintain Responsibility and Accountability + +Providers MUST maintain responsibility and accountability for the accuracy and completeness of all information in the FedRAMP Certification Package, especially when they engage a third party (such as an independent assessor, advisory service, or external tools) to supply information on their behalf. + +Terms: `Assessor`, `Certification Package`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSO-PKG` MUST — FedRAMP Certification Package + +Providers seeking a Certification MUST supply a complete FedRAMP Certification Package to FedRAMP for initial certification; the FedRAMP Certification Package MUST include at least the following information: + +Checklist items: +- A Certification Package Overview +- A Security Decision Record +- A real or example Ongoing Certification Report following CCM-OCR-AVL (Report Availability) + +Terms: `Certification Package`, `FedRAMP Certification Report`, `Initial Certification`, `Ongoing Certification`, `Ongoing Certification Report (OCR)`, `Provider`, `Security Decision Record (SDR)` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSO-POP` MUST NOT — Pick One Program Certification Type + +Providers MUST NOT seek both FedRAMP Rev5 Program Certification and FedRAMP 20x Program Certification for the same cloud service offering; pick one type. + +Terms: `Agency`, `Cloud Service Offering`, `Provider` + +Affects: Providers + +Note: This rule does not prevent a provider from seeking and maintaining a FedRAMP Rev5 Agency Certification and a FedRAMP 20x Program Certification for the same cloud service offering, however, doing so is strongly discouraged due to the increased complexity and risk of confusion for all parties. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## 20X + +### `FRC-CSX-MAS` SHOULD — Application within MAS + +Providers SHOULD apply ALL Key Security Indicators to ALL aspects of their cloud service offering that are within the FedRAMP Minimum Assessment Scope. + +Terms: `Cloud Service Offering`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSX-MOT` VARIES BY CLASS — Metrics Over Time for Key Security Indicators + +Varies by certification class: + +- **Class A MAY:** Providers seeking 20x Class A Certification MAY supply historical metrics for Key Security Indicators. +- **Class B SHOULD:** Providers seeking 20x Class B Certification SHOULD supply historical metrics for Key Security Indicators. +- **Class C MUST:** Providers seeking 20x Class C Certification MUST supply historical metrics including status from persistent validation over at least the past 6 months for all Key Security Indicators. +- **Class D MUST:** Providers seeking 20x Class D Certification MUST provide historical metrics including status from persistent validation over at least the past 18 months for all Key Security Indicators. + +Terms: `Initial Certification`, `Persistently`, `Provider`, `Validation` + +Affects: Providers + +Note: For initial FedRAMP Certification, providers will need to have mechanisms in place and agree to meet this requirement in the event the cloud service has not been operating with related metrics available for the required period prior to applying for initial certification. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSX-VVK` VARIES BY CLASS — Automated Verification and Validation of Key Security Indicators + +Varies by certification class: + +- **Class A MAY:** Providers seeking 20x Class A Certification MAY implement automated methods to persistently verify and validate the accuracy and completeness of Key Security Indicators. +- **Class B SHOULD:** Providers seeking 20x Class B Certification SHOULD implement automated methods to persistently verify and validate the accuracy and completeness of Key Security Indicators with at least 1 automated method for each Key Security Indicator. +- **Class C MUST:** Providers seeking 20x Class C Certification MUST implement automated methods to persistently verify and validate the accuracy and completeness of Key Security Indicators with at least 2 automated methods for each Key Security Indicator. +- **Class D MUST:** Providers seeking 20x Class D Certification MUST implement automated methods to persistently verify and validate the accuracy and completeness of Key Security Indicators with at least 4 automated methods for each Key Security Indicator. + +Terms: `Persistently`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSX-VVR` VARIES BY CLASS — Automated Verification and Validation of FedRAMP Rules + +Varies by certification class: + +- **Class A MAY:** Providers seeking 20x Class A Certification MAY implement automated methods to persistently verify and validate the accuracy and completeness of the Security Decision Record for FedRAMP rules when applicable. +- **Class B SHOULD:** Providers seeking 20x Class B Certification SHOULD implement automated methods to persistently verify and validate the accuracy and completeness of the Security Decision Record for FedRAMP rules when applicable. +- **Class C SHOULD:** Providers seeking 20x Class C Certification SHOULD implement automated methods to persistently verify and validate the accuracy and completeness of the Security Decision Record for FedRAMP rules when applicable. +- **Class D SHOULD:** Providers seeking 20x Class D Certification SHOULD implement automated methods to persistently verify and validate the accuracy and completeness of the Security Decision Record for FedRAMP rules when applicable. + +Terms: `Persistently`, `Provider`, `Security Decision Record (SDR)`, `Validation`, `Verification` + +Affects: Providers + +Note: Different rules will be easy to automate for different providers, depending on the implementation, so FedRAMP generally leaves this implementation up to providers based on what makes the most sense for their own business and approach. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## REV5 + +### `FRC-CSF-ACP` MUST — Assign Control Parameters + +Providers MUST assign all organization-defined control parameters, following FedRAMP Rev5 Controls Guidance, and ensure that all control parameter assignments are documented in the Security Decision Record (SDR). + +Terms: `Provider`, `Security Decision Record (SDR)` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSF-BSL` MUST — FedRAMP Rev5 Baselines + +Varies by certification class: + +- **Class B MUST:** Providers seeking FedRAMP Rev5 Class B Certification MUST include at least the following NIST SP 800-53 Rev. 5 controls in their Security Decision Record: +- **Class C MUST:** Providers seeking FedRAMP Rev5 Class C Certification MUST include at least the following NIST SP 800-53 Rev. 5 controls in their Security Decision Record: +- **Class D MUST:** Providers seeking FedRAMP Rev5 Class D Certification MUST include at least the following NIST SP 800-53 Rev. 5 controls in their Security Decision Record: + +Terms: `Provider`, `Security Decision Record (SDR)` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSF-FFG` MUST — Follow FedRAMP Rev5 Controls Guidance + +Providers MUST follow FedRAMP Rev5 Controls Guidance for the implementation and documentation of all applicable controls. + +Terms: `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `FRC-CSF-RDY` MUST — FedRAMP Ready Conversion + +Providers with FedRAMP Rev5 Ready status MUST convert to a FedRAMP Certification by whichever of the follow dates is later: the expiration of their annual assessment or November 17, 2026 (the legacy FedRAMP Ready status will be entirely removed on December 31, 2027). + +Terms: `Provider` + +Affects: Providers + +Note: The simplest conversion in most cases would be to a FedRAMP 20x Class A Certification. +Cloud services that do not wish to convert or do not meet conversion criteria will be renamed Legacy FedRAMP Ready and otherwise retired from FedRAMP Ready. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/fedramp-recognition.md b/src/content/docs/docs/fedramp/processes/fedramp-recognition.md new file mode 100644 index 0000000..2979455 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/fedramp-recognition.md @@ -0,0 +1,225 @@ +--- +title: FedRAMP Recognition of Independent Assessment Services — FedRAMP Process +description: Official Consolidated Rules summary for the REC FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# FedRAMP Recognition of Independent Assessment Services + +Short name: `REC` · Process ID: `REC` · Web slug: `fedramp-recognition` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/fedramp-recognition/](https://www.fedramp.gov/2026/reference/fedramp-recognition/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2026-07-04 +- Rev5: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2026-07-04 +- Shared requirements: 16 + +## Purpose + +The FedRAMP Recognition of independent assessment services rules explain the requirements for assessors to obtain and maintain FedRAMP Recognition in order to support the FedRAMP Certification process. + +## Rule Subsets + +- `FRP` — FedRAMP Responsibilities: These rules apply to FedRAMP when evaluating independent assessment services for initial or ongoing FedRAMP Recognition. +- `IAS` — General Independent Assessor Responsibilities: These rules apply to independent assessment services seeking to obtain or maintain FedRAMP Recognition. + +## Requirements and Recommendations + +## BOTH + +### `REC-FRP-DRD` MUST NOT — Double Revocation Disqualification + +FedRAMP MUST NOT restore FedRAMP Recognition for an assessor after FedRAMP has revoked that assessor's FedRAMP Recognition 2 times. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-FRP-FOC` MUST — Foreign Ownership Collection + +FedRAMP MUST maintain a process to collect foreign ownership, control, or influence declarations from FedRAMP Recognized assessors and updates to those declarations. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-FRP-RAO` MUST NOT — Recognized Assessors Only + +FedRAMP MUST NOT accept verification, validation, or other attestations from independent assessors who are not FedRAMP Recognized. + +Terms: `Assessor`, `FedRAMP Recognized`, `Validation`, `Verification` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-ACC` MUST — A2LA Accreditation + +Assessors MUST obtain and maintain accreditation through the American Association for Laboratory Accreditation (A2LA) Cybersecurity Inspection Body Program to qualify for FedRAMP Recognition. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Note: FedRAMP will remove FedRAMP Recognition immediately after the American Association for Laboratory Accreditation notifies FedRAMP that an assessor's accreditation has lapsed. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-ADA` MUST — Actually Do Assessments + +Assessors MUST complete at least 2 initial or ongoing assessments for Class B, C, or D FedRAMP Certifications every 2 years to maintain FedRAMP Recognition. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Structured timeframe: `2` years + +Note: For a newly FedRAMP Recognized Assessor, this rule applies beginning on the initial date of FedRAMP Recognition if that date is later than 2026-06-01. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-AFI` MUST — Annual Foreign Interest Reports + +Assessors MUST report information relating to any foreign interest, foreign influence, or foreign control of the independent assessment service to FedRAMP annually. + +Terms: `Assessor` + +Affects: Assessors + +Structured timeframe: `1` years + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-ANR` MUST — Annual Surveillance Assessment + +Assessors MUST achieve a favorable annual surveillance assessment by the American Association for Laboratory Accreditation (A2LA) to maintain FedRAMP Recognition. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Structured timeframe: `1` years + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-CAP` MUST — Corrective Action Plan + +Assessors MUST supply a corrective action plan when FedRAMP requires one for performance standards deficiencies or organizational risks. + +Terms: `Assessor` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-CFI` MUST — Changes in Foreign Interest + +Assessors MUST report updated information relating to any foreign interest, foreign influence, or foreign control of the independent assessment service within 48 hours of any change in foreign ownership or control. + +Terms: `Assessor` + +Affects: Assessors + +Structured timeframe: `48` hours + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-INV` MUST — Invalid Deliverables + +Assessors MUST treat deliverables prepared, performed, or submitted by personnel who do not meet required role qualifications as invalid for FedRAMP purposes. + +Terms: `Assessor` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-PSC` MUST — Policy and Standards Compliance + +Assessors MUST maintain compliance with the latest American Association for Laboratory Accreditation (A2LA) R311 - Specific Requirements - Federal Risk and Authorization Management Program to maintain FedRAMP Recognition. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-PST` MUST — Performance Standards + +Assessors MUST meet FedRAMP performance standards for assessor deliverables to support independent, risk-based reviews by FedRAMP and federal agencies, including at least: + +Checklist items: +- Complete Assessment Packages: Supplies complete and thoroughly prepared documents on the first submission. +- Deliverable Quality: Ensures documentation content is clear, complete, concise, and consistent. +- Deliverable Format: Follows applicable FedRAMP rules. +- Timeliness and Responsiveness: Delivers documents on time according to the schedule agreed to by the federal government, provider, and assessor. +- Testing Accuracy and Completeness: Ensures accurate and complete testing of a cloud service offering in accordance with ISO 17020 and FedRAMP security rules. +- Assessment Integrity: Submits independent assessments of provider security implementations that are not influenced by provider demands. +- Chain of Custody: Preserves the integrity and chain of custody of assessor-authored documents and provider-supplied evidence used in FedRAMP assessments. + +Terms: `Agency`, `Assessor`, `Cloud Service Offering`, `Provider` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-RAR` MUST — Re-entry after Revocation + +Assessors MUST satisfy all American Association for Laboratory Accreditation (A2LA) re-entry conditions before regaining FedRAMP Recognition after revocation. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Note: A revocation may require extended time in revoked status while the assessor demonstrates acceptable performance in the A2LA Cybersecurity Inspection Body Program before seeking FedRAMP Recognition again. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-RAS` MUST — Full A2LA Reassessment + +Assessors MUST achieve a favorable full reassessment by the American Association for Laboratory Accreditation (A2LA) at least once every 2 years to maintain FedRAMP Recognition. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Structured timeframe: `2` years + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-RQU` MUST — Roles and Qualifications + +Assessors MUST staff FedRAMP assessments with all roles required by the American Association for Laboratory Accreditation (A2LA) R311, including personnel who meet the qualifications for each role, unless FedRAMP publishes a specific exception for a limited pilot or other explicitly scoped process. + +Terms: `Assessor` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `REC-IAS-SEP` MUST NOT — Advisory Separation + +Assessors MUST NOT perform a FedRAMP independent assessment of the same cloud service offering within 2 years after supplying advisory or consulting services for that offering, unless FedRAMP publishes a specific exception for a limited pilot or other explicitly scoped process. + +Terms: `Assessor`, `Cloud Service Offering`, `FedRAMP Independent Assessment` + +Affects: Assessors + +Structured timeframe: `2` years + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/fedramp-security-inbox.md b/src/content/docs/docs/fedramp/processes/fedramp-security-inbox.md deleted file mode 100644 index e95f990..0000000 --- a/src/content/docs/docs/fedramp/processes/fedramp-security-inbox.md +++ /dev/null @@ -1,199 +0,0 @@ ---- -title: FedRAMP Security Inbox — FedRAMP Process -description: Official FRMR-generated summary for the FSI FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# FedRAMP Security Inbox - -Short name: `FSI` · Process ID: `FSI` · Web slug: `fedramp-security-inbox` - -Applies to: `both` - -Official page: [https://fedramp.gov/docs/20x/fedramp-security-inbox](https://fedramp.gov/docs/20x/fedramp-security-inbox) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: required · Wide Release -- Shared requirements: 16 - -## Requirements and Recommendations - -## BOTH - -### `FSI-CSO-ACK` (formerly `FRR-FSI-13`) SHOULD — Acknowledge Receipt - -Providers SHOULD promptly and automatically acknowledge the receipt of messages received from FedRAMP in their FedRAMP Security Inbox. - -Terms: `FedRAMP Security Inbox`, `Promptly` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-CRA` (formerly `FRR-FSI-14`) MUST — Complete Required Actions - -Providers MUST complete the required actions in Emergency or Emergency Test designated messages sent by FedRAMP within the timeframe included in the message. - -Terms: `Cloud Service Offering` - -Affects: Providers - -Note: Timeframes may vary by impact level of the cloud service offering. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-EMR` (formerly `FRR-FSI-15`) MUST — Emergency Message Routing - -Providers MUST route Emergency designated messages sent by FedRAMP to a senior security official for their awareness. - -Affects: Providers - -Note: Senior security officials are determined by the provider. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-IMA` (formerly `FRR-FSI-16`) SHOULD — Important Message Actions - -Providers SHOULD complete the required actions in Important designated messages sent by FedRAMP within the timeframe specified in the message. - -Terms: `Cloud Service Offering` - -Affects: Providers - -Note: Timeframes may vary by impact level of the cloud service offering. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-INB` (formerly `FRR-FSI-09`) MUST — Maintain a FedRAMP Security Inbox - -Providers MUST establish and maintain an email address to receive messages from FedRAMP; this inbox is a FedRAMP Security Inbox (FSI). - -Terms: `FedRAMP Security Inbox` - -Affects: Providers - -Recent update: 2026-02-04 — Changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-NOC` (formerly `FRR-FSI-12`) MUST — Notification of Changes - -Providers MUST immediately notify FedRAMP of any changes in addressing for their FedRAMP Security Inbox by emailing info@fedramp.gov with the name and FedRAMP ID of the cloud service offering and the updated email address. - -Terms: `Cloud Service Offering`, `FedRAMP Security Inbox` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-RCV` (formerly `FRR-FSI-11`) MUST — Receive Email Without Disruption - -Providers MUST receive and react to email messages from FedRAMP without disruption and without requiring additional actions from FedRAMP. - -Affects: Providers - -Note: This requirement is intended to prevent cloud service providers from requiring FedRAMP to complete a CAPTCHA, log into a customer portal, or otherwise take service-specific actions that might prevent the security team from receiving the message. - -Recent update: 2026-02-04 — Changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-CSO-TFG` (formerly `FRR-FSI-10`) MUST — Trust @fedramp.gov and @gsa.gov - -Providers MUST treat any email originating from an @fedramp.gov or @gsa.gov email address as if it was sent from FedRAMP by default; if such a message is confirmed to originate from someone other than FedRAMP then FedRAMP Security Inbox requirements no longer apply. - -Terms: `FedRAMP Security Inbox` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-CDS` (formerly `FRR-FSI-02`) MUST — Criticality Designators - -FedRAMP MUST convey the criticality of the message in the subject line, IF the message requires an elevated reaction, using one of the following designators: - -Checklist items: -- **Emergency:** There is a potential incident or crisis such that FedRAMP requires an extremely urgent reaction; emergency messages will contain aggressive timeframes for reaction and failure to meet these timeframes will result in corrective action. -- **Emergency Test:** FedRAMP requires an extremely urgent reaction to confirm the functionality and effectiveness of the FedRAMP Security Inbox; emergency test messages will contain aggressive timeframes for reaction and failure to meet these timeframes will result in corrective action. -- **Important:** There is an important issue that FedRAMP requires the cloud service provider to address; important messages will contain reasonable timeframes for reaction and failure to meet these timeframes may result in corrective action. - -Terms: `FedRAMP Security Inbox`, `Incident` - -Affects: FedRAMP - -Note: Messages sent by FedRAMP without one of these designators are considered general communications and do not require an elevated reaction; these may be resolved in the normal course of business by the cloud service provider. - -Recent update: 2026-02-04 — Reframed for clarity; changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-COR` (formerly `FRR-FSI-07`) MUST — Explain Corrective Actions - -FedRAMP MUST clearly specify the corrective actions that will result from failure to complete the required actions in the body of messages that require an elevated reaction; such actions may vary from negative ratings in the FedRAMP Marketplace to suspension of FedRAMP authorization depending on the severity of the event. - -Affects: FedRAMP - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-ERT` (formerly `FRR-FSI-06`) MUST — Elevated Reaction Timeframes - -FedRAMP MUST clearly specify the expected timeframe for completing required actions in the body of messages that require an elevated reaction; timeframes for actions will vary depending on the situation but the default timeframes to provide an estimated resolution time for Emergency and Emergency Test designated messages will be as follows: - -Checklist items: -- **High Impact:** within 12 hours -- **Moderate Impact:** by 3:00 p.m. Eastern Time on the 2nd business day -- **Low Impact:** by 3:00 p.m. Eastern Time on the 3rd business day - -Terms: `Catastrophic Adverse Effect` - -Affects: FedRAMP - -Note: High impact cloud service providers are expected to address Emergency messages (including tests) from FedRAMP with a reaction time appropriate to operating a service where failure to react rapidly might have a severe or catastrophic adverse effect on the U.S. Government; some Emergency messages may require faster reaction and all such messages should be addressed as quickly as possible. - -Recent update: 2026-02-04 — Changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-PNT` (formerly `FRR-FSI-04`) MUST — Public Notice of Emergency Tests - -FedRAMP MUST post a public notice at least 10 business days in advance of sending an Emergency Test message; such notices MUST include explanation of the likely expected actions and timeframes for the Emergency Test message. - -Terms: `Likely` - -Affects: FedRAMP - -Structured timeframe: `10` bizdays - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-RPM` (formerly `FRR-FSI-08`) MAY — Reaction Metrics - -FedRAMP MAY track and publicly share the time required by cloud service providers to take the actions specified in messages that require an elevated reaction. - -Affects: FedRAMP - -Recent update: 2026-02-04 — Changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-RQA` (formerly `FRR-FSI-05`) MUST — Required Actions - -FedRAMP MUST clearly specify the required actions in the body of messages that require an elevated reaction. - -Affects: FedRAMP - -Recent update: 2026-02-04 — Changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-UFS` (formerly `FRR-FSI-03`) MUST — Use FedRAMP_Security Email in Emergencies - -FedRAMP MUST send Emergency and Emergency Test designated messages from fedramp_security@gsa.gov OR fedramp_security@fedramp.gov. - -Affects: FedRAMP - -Recent update: 2026-02-04 — Changed response to reaction for clarity; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `FSI-FRP-VRE` (formerly `FRR-FSI-01`) MUST — Verified Emails - -FedRAMP MUST send messages to cloud service providers using an official @fedramp.gov or @gsa.gov email address with properly configured Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) email authentication. - -Affects: FedRAMP - -Note: Anyone at GSA can send email from @fedramp.gov or @gsa.gov - FedRAMP team members will typically have "FedRAMP" or "Q20B" in their name but this is not universal or enforceable. The nature of government enterprise IT services makes it difficult for FedRAMP to isolate FedRAMP-specific team members with enforceable identifiers. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. diff --git a/src/content/docs/docs/fedramp/processes/incident-communications-procedures.md b/src/content/docs/docs/fedramp/processes/incident-communications-procedures.md deleted file mode 100644 index 3512758..0000000 --- a/src/content/docs/docs/fedramp/processes/incident-communications-procedures.md +++ /dev/null @@ -1,130 +0,0 @@ ---- -title: Incident Communications Procedures — FedRAMP Process -description: Official FRMR-generated summary for the ICP FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Incident Communications Procedures - -Short name: `ICP` · Process ID: `ICP` · Web slug: `incident-communications-procedures` - -Applies to: `20x` - -Official page: [https://fedramp.gov/docs/20x/incident-communications-procedures](https://fedramp.gov/docs/20x/incident-communications-procedures) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: no -- Shared requirements: 0 - -## Requirements and Recommendations - -## 20X - -### `ICP-CSX-AUR` (formerly `FRR-ICP-08`) SHOULD — Automated Reporting - -Providers SHOULD use automated mechanisms for reporting incidents and providing updates to all necessary parties (including CISA). - -Terms: `All Necessary Parties`, `Incident` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-FIR` (formerly `FRR-ICP-07`) MUST — Final Incident Report - -Providers MUST provide a final report once the incident is resolved and recovery is complete that describes at least: - -Checklist items: -- What occurred -- Root cause -- Response -- Lessons learned -- Changes needed - -Terms: `Incident`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-HRM` (formerly `FRR-ICP-09`) SHOULD — Human and Machine-Readable - -Providers SHOULD make incident report information available in consistent human-readable and machine-readable formats. - -Terms: `Incident`, `Machine-Readable` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-ICU` (formerly `FRR-ICP-04`) MUST — Incident Updates - -Providers MUST update all necessary parties, including at least FedRAMP, CISA (if applicable), and all agency customers, at least once per calendar day until the incident is resolved and recovery is complete. - -Terms: `Agency`, `All Necessary Parties`, `Incident` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-IRA` (formerly `FRR-ICP-02`) MUST — Incident Reporting to Agencies - -Providers MUST responsibly report incidents to all agency customers within 1 hour of identification using the incident communications points of contact provided by each agency customer. - -Terms: `Agency`, `Incident` - -Affects: Providers - -Structured timeframe: `1` hours - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-IRC` (formerly `FRR-ICP-03`) MUST — Incident Reporting to CISA - -Providers MUST responsibly report incidents to CISA within 1 hour of identification if the incident is confirmed or suspected to be the result of an attack vector listed at https://www.cisa.gov/federal-incident-notification-guidelines#attack-vectors-taxonomy, following the CISA Federal Incident Notification Guidelines at https://www.cisa.gov/federal-incident-notification-guidelines, by using the CISA Incident Reporting System at https://myservices.cisa.gov/irf. - -Terms: `Incident` - -Affects: Providers - -Structured timeframe: `1` hours - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-IRF` (formerly `FRR-ICP-01`) MUST — Incident Reporting to FedRAMP - -Providers MUST responsibly report incidents to FedRAMP within 1 hour of identification by sending an email to fedramp_security@fedramp.gov or fedramp_security@gsa.gov. - -Terms: `Incident` - -Affects: Providers - -Structured timeframe: `1` hours - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-RPT` (formerly `FRR-ICP-05`) MUST — Incident Report Availability - -Providers MUST make incident report information available in their secure FedRAMP repository (such as USDA Connect) or trust center. - -Terms: `Incident`, `Trust Center` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `ICP-CSX-RSD` (formerly `FRR-ICP-06`) MUST NOT — Responsible Disclosure - -Providers MUST NOT irresponsibly disclose specific sensitive information about incidents that would likely increase the impact of the incident, but MUST disclose sufficient information for informed risk-based decision-making to all necessary parties. - -Terms: `All Necessary Parties`, `Incident`, `Likely` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. diff --git a/src/content/docs/docs/fedramp/processes/incident-evaluation-and-communication.md b/src/content/docs/docs/fedramp/processes/incident-evaluation-and-communication.md new file mode 100644 index 0000000..b60d5ff --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/incident-evaluation-and-communication.md @@ -0,0 +1,198 @@ +--- +title: Incident Evaluation and Communication — FedRAMP Process +description: Official Consolidated Rules summary for the IEC FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Incident Evaluation and Communication + +Short name: `IEC` · Process ID: `IEC` · Web slug: `incident-evaluation-and-communication` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/incident-evaluation-and-communication/](https://www.fedramp.gov/2026/reference/incident-evaluation-and-communication/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-06-01 +- Shared requirements: 8 + +## Purpose + +The Incident Evaluation and Communication rules explain how providers must communicate incident information to FedRAMP and government customers when they are affected by an incident or likely to be affected by an incident. + +## Rule Subsets + +- `CSO` — General Provider Responsibilities: These rules apply to providers with FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `FRP` — FedRAMP Responsibilities: These rules apply to FedRAMP. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `IEC-CSO-AIR` SHOULD — Automated Incident Reporting + +Providers SHOULD use automation to minimize human intervention in the process of reporting FedRAMP Reportable Incidents to all affected parties. + +Terms: `All Affected Parties`, `FedRAMP Reportable Incident`, `Incident`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IEC-CSO-DPR` MUST — Default PAIN Rating + +Providers MUST treat FedRAMP Reportable Incidents as if they have a Potential Agency Impact N-rating (PAIN) of 5 UNLESS they promptly estimate the PAIN rating following the rule in IEC-CSO-EFI (Estimate Federal Impact). + +Terms: `Agency`, `FedRAMP Reportable Incident`, `Incident`, `Potential Agency Impact`, `Promptly`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IEC-CSO-EFI` SHOULD — Estimate Federal Impact + +Providers SHOULD promptly estimate the likely adverse impact of an incident on agency customers to assign a Potential Agency Impact N-rating; this step is called Incident Rating. + +Checklist items: +- **N1** for a likely minimal customer effect on 1 or more agencies. +- **N2** for a likely narrow customer effect on 1 or more agencies. +- **N3** for a likely disruptive customer effect on 1 agency. +- **N4** for a likely debilitating customer effect on 1 agency or a likely disruptive customer effect on more than 1 agency. +- **N5** for a likely debilitating customer effect on more than 1 agency. + +Terms: `Agency`, `Debilitating Customer Effect`, `Disruptive Customer Effect`, `Incident`, `Likely`, `Minimal Customer Effect`, `Narrow Customer Effect`, `Potential Agency Impact`, `Promptly`, `Provider` + +Affects: Providers + +Note: All incidents must be assigned a default PAIN-5 as required by IEC-CSO-DPR (Default PAIN Rating) if this step is not completed. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IEC-CSO-EFR` MUST — Evaluate FedRAMP Reportability + +Providers MUST promptly evaluate incidents to determine if they affect confidentiality or integrity of federal customer data or are likely to affect confidentiality or integrity of federal customer data; such incidents are FedRAMP Reportable Incidents and must be reported following the FedRAMP Incident Evaluation and Communication rules. + +Terms: `FedRAMP Reportable Incident`, `Federal Customer Data`, `Incident`, `Likely`, `Promptly`, `Provider` + +Affects: Providers + +Recent update: 2026-07-02 — Update terminology from "Response" to "Communication" in FedRAMP Incident Evaluation rules. + +### `IEC-CSO-FIR` MUST — Final Incident Report + +Varies by certification class: + +- **Class A MUST:** Providers with Class A Certifications MUST responsibly notify all affected parties by providing a Final Incident Report once the incident has been resolved and recovery is complete, including final updates to all previously reported information. +- **Class B MUST:** Providers with Class B Certifications MUST responsibly notify all affected parties by providing a Final Incident Report once the incident has been resolved and recovery is complete, including final updates to all previously reported information. +- **Class C MUST:** Providers with Class C Certifications MUST responsibly notify all affected parties by providing a Final Incident Report once the incident has been resolved and recovery is complete, including final updates to all previously reported information. +- **Class D MUST:** Providers with Class D Certifications MUST responsibly notify all affected parties by providing a Final Incident Report once the incident has been resolved and recovery is complete, including final updates to all previously reported information. + +Terms: `All Affected Parties`, `Final Incident Report (FIR)`, `Incident`, `Provider`, `Responsibly` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IEC-CSO-IIR` VARIES BY CLASS — Initial Incident Report + +Varies by certification class: + +- **Class A SHOULD:** Providers with Class A Certifications SHOULD responsibly notify all affected parties after identifying FedRAMP Reportable Incidents by providing an Initial Incident Report with as much of the following information that is available at the time of reporting and/or the current relevant status for each item: +- **Class B MUST:** Providers with Class B Certifications MUST responsibly notify all affected parties after identifying FedRAMP Reportable Incidents by providing an Initial Incident Report with as much of the following information that is available at the time of reporting and/or the current relevant status for each item: +- **Class C MUST:** Providers with Class C Certifications MUST responsibly notify all affected parties after identifying FedRAMP Reportable Incidents by providing an Initial Incident Report with as much of the following information that is available at the time of reporting and/or the current relevant status for each item: +- **Class D MUST:** Providers with Class D Certifications MUST responsibly notify all affected parties after identifying FedRAMP Reportable Incidents by providing an Initial Incident Report with as much of the following information that is available at the time of reporting and/or the current relevant status for each item: + +Checklist items: +- Class A: Contact information for the federal incident response coordinator +- Class A: Provider's internally assigned tracking identifier +- Class A: Description of the incident +- Class A: Timeline of the incident, including start time, time and source of detection, time of completed FedRAMP Reportable Incident evaluation, and other major incident milestones determined by the provider +- Class A: Historically and currently estimated Potential Agency Impact N-rating (PAIN) of the incident, including an explanation of the evaluation following the requirements in IEC-CSO-EFI (Estimate Federal Impact) (if applicable) +- Class A: Functional impact to federal agency customers (include impact to confidentiality and/or integrity and the impacted federal customer data types) +- Class A: Estimated recovery plan, milestones, and timelines +- Class A: List of likely affected customer agencies +- Class B: Contact information for the federal incident response coordinator. +- Class B: Provider's internally assigned tracking identifier +- Class B: Description of the incident +- Class B: Timeline of the incident, including start time, time and source of detection, time of completed FedRAMP Reportable Incident evaluation, and other major incident milestones determined by the provider +- Class B: Historically and currently estimated Potential Agency Impact N-rating (PAIN) of the incident, including an explanation of the evaluation following the requirements in IEC-CSO-EFI (Estimate Federal Impact) (if applicable) +- Class B: Functional impact to federal agency customers (include impact to confidentiality and/or integrity and the impacted federal customer data types) +- Class B: Estimated recovery plan, milestones, and timelines +- Class B: List of likely affected customer agencies +- Class C: Contact information for the federal incident response coordinator. +- Class C: Provider's internally assigned tracking identifier +- Class C: Description of the incident +- Class C: Timeline of the incident, including start time, time and source of detection, time of completed FedRAMP Reportable Incident evaluation, and other major incident milestones determined by the provider +- Class C: Historically and currently estimated Potential Agency Impact N-rating (PAIN) of the incident, including an explanation of the evaluation following the requirements in IEC-CSO-EFI (Estimate Federal Impact) (if applicable) +- Class C: Functional impact to federal agency customers (include impact to confidentiality and/or integrity and the impacted federal customer data types) +- Class C: Estimated recovery plan, milestones, and timelines +- Class C: List of likely affected customer agencies +- Class D: Contact information for the federal incident response coordinator. +- Class D: Provider's internally assigned tracking identifier +- Class D: Description of the incident +- Class D: Timeline of the incident, including start time, time and source of detection, time of completed FedRAMP Reportable Incident evaluation, and other major incident milestones determined by the provider +- Class D: Historically and currently estimated Potential Agency Impact N-rating (PAIN) of the incident, including an explanation of the evaluation following the requirements in IEC-CSO-EFI (Estimate Federal Impact) (if applicable) +- Class D: Functional impact to federal agency customers (include impact to confidentiality and/or integrity and the impacted federal customer data types) +- Class D: Estimated recovery plan, milestones, and timelines +- Class D: List of likely affected customer agencies + +Terms: `All Affected Parties`, `FedRAMP Reportable Incident`, `Incident`, `Initial Incident Report (IIR)`, `Provider`, `Responsibly` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IEC-CSO-OIR` VARIES BY CLASS — Ongoing Incident Reports + +Varies by certification class: + +- **Class A SHOULD:** Providers with Class A Certifications SHOULD responsibly notify all affected parties of ongoing activity as new information becomes available during incident response for FedRAMP Reportable Incidents, including updates (or lack of updates) to all previously reported information and as much of the the following additional information that is available and/or the current relevant status for each item: +- **Class B MUST:** Providers with Class B Certifications MUST responsibly notify all affected parties of ongoing activity as new information becomes available during incident response for FedRAMP Reportable Incidents, including updates (or lack of updates) to all previously reported information and as much of the the following additional information that is available and/or the current relevant status for each item: +- **Class C MUST:** Providers with Class C Certifications MUST responsibly notify all affected parties of ongoing activity as new information becomes available during incident response for FedRAMP Reportable Incidents, including updates (or lack of updates) to all previously reported information and as much of the the following additional information that is available and/or the current relevant status for each item: +- **Class D MUST:** Providers with Class D Certifications MUST responsibly notify all affected parties of ongoing activity as new information becomes available during incident response for FedRAMP Reportable Incidents, including updates (or lack of updates) to all previously reported information and as much of the the following additional information that is available and/or the current relevant status for each item: + +Checklist items: +- Class A: Observed incident activity +- Class A: Indicators of compromise +- Class A: Related Common Vulnerabilities and Exposures (CVE) identifier (if applicable) +- Class A: Root cause +- Class A: Response and recovery activities +- Class B: Observed incident activity +- Class B: Indicators of compromise +- Class B: Related Common Vulnerabilities and Exposures (CVE) identifier, if applicable +- Class B: Root cause +- Class B: Response and recovery activities +- Class C: Observed incident activity +- Class C: Indicators of compromise +- Class C: Related Common Vulnerabilities and Exposures (CVE) identifier, if applicable +- Class C: Root cause +- Class C: Response and recovery activities +- Class D: Observed incident activity +- Class D: Indicators of compromise +- Class D: Related Common Vulnerabilities and Exposures (CVE) identifier, if applicable +- Class D: Root cause +- Class D: Response and recovery activities + +Terms: `All Affected Parties`, `FedRAMP Reportable Incident`, `Incident`, `Provider`, `Responsibly`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IEC-FRP-ORV` MUST — Ongoing Review + +FedRAMP MUST periodically review FedRAMP Incident Evaluation and Communication implementation with providers based on lack of reporting or other information. + +Terms: `Incident`, `Provider` + +Affects: FedRAMP + +Recent update: 2026-07-02 — Update terminology from "Response" to "Communication" in FedRAMP Incident Evaluation rules. diff --git a/src/content/docs/docs/fedramp/processes/independent-verification-and-validation.md b/src/content/docs/docs/fedramp/processes/independent-verification-and-validation.md new file mode 100644 index 0000000..8e792b0 --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/independent-verification-and-validation.md @@ -0,0 +1,290 @@ +--- +title: Independent Verification and Validation — FedRAMP Process +description: Official Consolidated Rules summary for the IVV FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Independent Verification and Validation + +Short name: `IVV` · Process ID: `IVV` · Web slug: `independent-verification-and-validation` + +Applies to: `both`, `20x`, `rev5` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/independent-verification-and-validation/](https://www.fedramp.gov/2026/reference/independent-verification-and-validation/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-01-01 +- Shared requirements: 15 + +## Purpose + +This ruleset explains the expectations for independent verification and validation assessments. + +## Rule Subsets + +- `CSF` — Rev5-Specific Provider Responsibilities: These rules apply to providers for FedRAMP Rev5 Certifications. · types: Rev5 · classes: B, C, D +- `CSO` — General Provider Responsibilities: These rules apply to cloud service providers obtaining and maintaining any FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D +- `CSX` — 20x-Specific Provider Responsibilities: These rules apply to providers for FedRAMP 20x Certifications. · types: 20x · classes: B, C, D +- `IAS` — General Independent Assessor Responsibilities: These rules apply to independent assessment services supporting all FedRAMP Certification types. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `IVV-CSO-DUS` MUST — Document Use of Representative Samples + +Providers MUST document and explain the use of representative samples during verification and validation when using representative samples as allowed by IVV-CSO-USR (Use Representative Samples). + +Terms: `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-FIA` VARIES BY CLASS — FedRAMP Independent Assessments + +Varies by certification class: + +- **Class A MAY:** Providers with Class A Certifications MAY persistently complete an independent verification and validation assessment of all applicable FedRAMP rules with a FedRAMP Recognized independent assessment service OR FedRAMP at least once per year; this is a FedRAMP independent assessment. +- **Class B MUST:** Providers with Class B Certifications MUST persistently complete an independent verification and validation assessment of all applicable FedRAMP rules with a FedRAMP Recognized independent assessment service OR FedRAMP at least once per year; this is a FedRAMP independent assessment. +- **Class C MUST:** Providers with Class C Certifications MUST persistently complete an independent verification and validation assessment of all applicable FedRAMP rules with a FedRAMP Recognized independent assessment service OR FedRAMP at least once per year; this is a FedRAMP independent assessment. +- **Class D MUST:** Providers with Class D Certifications MUST persistently complete an independent verification and validation assessment of all applicable FedRAMP rules with a FedRAMP Recognized independent assessment service OR FedRAMP at least once per year; this is a FedRAMP independent assessment. + +Terms: `Certification Class`, `FedRAMP Independent Assessment`, `FedRAMP Recognized`, `Persistently`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Structured timeframe: `1` years + +Note: The first such completed assessment is typically called an "initial assessment" while following assessments are called "annual assessments." +The specific requirements for independent verification and validation assessments are documented by the FedRAMP Certification Class and Type. +The option for assessment by FedRAMP directly is limited to cloud services that are explicitly prioritized by FedRAMP, in consultation with the FedRAMP Board and the federal Chief Information Officers Council; this is _extremely_ rare. +FedRAMP Recognized independent assessment services are listed on the FedRAMP Marketplace. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-ICP` MUST — Inclusion in Certification Package + +Providers MUST supply the results of FedRAMP independent assessments in their FedRAMP Certification Package without inappropriate modification. + +Terms: `Certification Package`, `FedRAMP Independent Assessment`, `Provider`, `Verification` + +Affects: Providers + +Note: Inappropriate modification in this context means changing the underlying intent/etc. of the content provided by the independent assessment service - the content itself may be modified for presentation, formatting, etc. as needed. +This rule is related to IVV-IAS-VIP (Verify Inclusion in Certification Package). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-RAA` MAY — Receiving Assessor Advice + +Providers MAY ask for and accept advice from their assessor during assessment regarding techniques and procedures that will improve their security posture or the effectiveness, clarity, and accuracy of their verification, validation and reporting procedures, UNLESS doing so is likely to compromise the objectivity and integrity of the assessment. + +Terms: `Assessor`, `Likely`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-SEE` MUST — Supply Evidence of Effectiveness + +Providers MUST supply evidence to all necessary assessors of the effectiveness of the measures that have been implemented to meet FedRAMP Practices; this evidence is the result of validation. + +Terms: `All Necessary Assessors`, `Assessor`, `FedRAMP Practices`, `Provider`, `Validation` + +Affects: Providers + +Note: For example, after verifying that firewalls are configured to block traffic following IVV-CSO-SEI (Supply Evidence of Implementation), the provider would validate that traffic is actually being blocked and supply evidence of that validation to assessors (such as by allowing them to see metrics on the traffic that is blocked vs not). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-SEI` MUST — Supply Evidence of Implementation + +Providers MUST supply evidence to all necessary assessors of the implementation of the measures that have been documented to meet FedRAMP Practices; this evidence is the result of verification. + +Terms: `All Necessary Assessors`, `Assessor`, `FedRAMP Practices`, `Provider`, `Verification` + +Affects: Providers + +Note: For example, if the documentation says that firewall rules are used to block traffic then the cloud service provider would verify that firewall rules are in place to block traffic and supply that evidence to assessors (preferably by allowing them to see how firewall configurations are deployed from a source of truth). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-STE` SHOULD — Supply Technical Explanations + +Providers SHOULD supply all necessary assessors with technical explanations, demonstrations, and other relevant supporting information about the technical capabilities they employ to address FedRAMP rules; this SHOULD be supplied as necessary to ensure the assessor can effectively complete verification and validation. + +Terms: `All Necessary Assessors`, `Assessor`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSO-USR` MAY — Use Representative Samples + +Providers MAY use representative samples as appropriate during verification and validation. + +Terms: `Persistently`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Note: Many modern cloud services using effective automation do not need to use representative sampling and are capable of persistently verifying and validating the majority of their security measures automatically. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-EPX` SHOULD — Engage Provider Experts + +Assessors SHOULD engage provider experts in discussion to understand the decisions made by the provider and inform expert qualitative assessment, and SHOULD perform independent research to test such information as part of the expert qualitative assessment process. + +Terms: `Assessor`, `Provider` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-OSA` MUST — Overall Summary of Assessment + +Assessors MUST supply the provider with an overall summary of the verification and validation assessment results, including any resulting failures or areas of dispute; this summary will be included by the provider in the FedRAMP Certification Package Overview for the cloud service offering. + +Terms: `Assessor`, `Certification Package`, `Cloud Service Offering`, `Provider`, `Validation`, `Verification` + +Affects: Assessors + +Note: FedRAMP does not supply a template for this summary and encourages independent assessment services to optimize for the best customer experience in the creation of these materials. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-SHA` MAY — Sharing Advice + +Assessors MAY share advice with providers they are assessing about techniques and procedures that will improve the provider's security posture or the effectiveness, clarity, and accuracy of their verification, validation and reporting procedures, UNLESS doing so is likely to compromise the objectivity and integrity of the assessment. + +Terms: `Assessor`, `Likely`, `Provider`, `Validation`, `Verification` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-SUM` MUST — Assessment Summary + +Assessors MUST supply the provider with a high-level summary of their assessment process and findings for each FedRAMP Practice; this summary will be included by the provider in the FedRAMP Security Decision Record for the cloud service offering. + +Terms: `Assessor`, `Cloud Service Offering`, `FedRAMP Practices`, `Provider`, `Security Decision Record (SDR)` + +Affects: Assessors + +Note: FedRAMP does not require a separate Security Assessment Plan or Security Assessment Report for FedRAMP 20x or FedRAMP Rev5 Certifications; this information is expected to be included in the Security Decision Record by the cloud service provider. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-VEF` MUST — Validate Effectiveness + +Assessors MUST validate the effectiveness of the implemented measures to ensure they have the intended outcome for meeting FedRAMP Practices. + +Terms: `Assessor`, `FedRAMP Practices`, `Validation` + +Affects: Assessors + +Note: This requires reviewing the actual measures themselves at a technical level, such as reviewing underlying code as appropriate; don't simply review documentation or screenshots. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-VIM` MUST — Verify Implementation + +Assessors MUST verify that the measures implemented by the cloud service offering matches the measures they documented to meet FedRAMP Practices. + +Terms: `Assessor`, `Cloud Service Offering`, `FedRAMP Practices`, `Verification` + +Affects: Assessors + +Note: This requires reviewing the actual measures themselves at a technical level, such as reviewing underlying code as appropriate; don't simply review documentation or screenshots. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-IAS-VIP` MUST — Verify Inclusion in Certification Package + +Assessors MUST verify that information supplied during a FedRAMP independent assessment is included in the FedRAMP Certification Package by the provider without inappropriate modification. + +Terms: `Assessor`, `Certification Package`, `FedRAMP Independent Assessment`, `Provider`, `Verification` + +Affects: Assessors + +Note: This rule is related to IVV-CSO-ICP (Inclusion in Certification Package). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## 20X + +### `IVV-CSX-AIA` MUST — Annual Independent Assessments for 20x + +Varies by certification class: + +- **Class A MUST:** Providers with 20x Class A Certifications MUST meet the expectations of their underlying alternative security framework as part of their persistent independent verification and validation assessment. +- **Class B MUST:** Providers with 20x Class B Certifications MUST include all Key Security Indicators in a FedRAMP independent assessment at least once per year. +- **Class C MUST:** Providers with 20x Class C Certifications MUST include all Key Security Indicators in a FedRAMP independent assessment at least once per year. +- **Class D MUST:** Providers with 20x Class D Certifications MUST include all Key Security Indicators in a FedRAMP independent assessment at least once per year. + +Terms: `FedRAMP Independent Assessment`, `Persistently`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Structured timeframe: `1` years + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## REV5 + +### `IVV-CSF-ACF` MUST — Assessment of Rev5 Controls with Findings + +Providers MUST have Rev5 Controls with negative findings from the previous FedRAMP independent assessment included in the next FedRAMP independent assessment. + +Terms: `FedRAMP Independent Assessment`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSF-AIA` MUST — Annual Independent Assessments for Rev5 + +Varies by certification class: + +- **Class B MUST:** Providers with Rev5 Class B Certifications MUST include the following Rev5 Controls in a FedRAMP independent assessment at least once per year: +- **Class C MUST:** Providers with Rev5 Class C Certifications MUST include the following Rev5 Controls in a FedRAMP independent assessment at least once per year: +- **Class D MUST:** Providers with Rev5 Class D Certifications MUST include the following Rev5 Controls in a FedRAMP independent assessment at least once per year: + +Terms: `FedRAMP Independent Assessment`, `Provider` + +Affects: Providers + +Structured timeframe: `1` years + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSF-MCA` MUST — Mandatory Control Assessment + +Providers MUST have all applicable Rev5 Controls included in FedRAMP independent assessments every 3 years but are not required to have all Rev5 Controls included in the same FedRAMP independent assessment. + +Terms: `FedRAMP Independent Assessment`, `Provider` + +Affects: Providers + +Note: Traditionally this has been done by reviewing a rotating selection of Rev5 Controls at each annual assessment, however this requirement is a ceiling and not a floor. See IVV-CSF-PCA (Preferred Control Assessment) for FedRAMP's recommended approach to Rev5 control assessments. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `IVV-CSF-PCA` SHOULD — Preferred Control Assessment + +Providers SHOULD include all applicable Rev5 Controls in each FedRAMP independent assessment. + +Terms: `FedRAMP Independent Assessment`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/key-security-indicators.md b/src/content/docs/docs/fedramp/processes/key-security-indicators.md deleted file mode 100644 index e1905ce..0000000 --- a/src/content/docs/docs/fedramp/processes/key-security-indicators.md +++ /dev/null @@ -1,77 +0,0 @@ ---- -title: Key Security Indicators — FedRAMP Process -description: Official FRMR-generated summary for the KSI FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Key Security Indicators - -Short name: `KSI` · Process ID: `KSI` · Web slug: `key-security-indicators` - -Applies to: `20x` - -Official page: [https://fedramp.gov/docs/20x/key-security-indicators](https://fedramp.gov/docs/20x/key-security-indicators) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: no -- Shared requirements: 0 - -## Requirements and Recommendations - -## 20X - -### `KSI-CSX-MAS` (formerly `FRR-KSI-01`) SHOULD — Application within MAS - -Providers SHOULD apply ALL Key Security Indicators to ALL aspects of their cloud service offering that are within the FedRAMP Minimum Assessment Scope. - -Terms: `Cloud Service Offering` - -Affects: Providers - -Recent update: 2026-02-04 — Removed unnecessary cloud service at the beginning; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `KSI-CSX-ORD` MAY — AFR Order of Criticality - -Providers MAY use the following order of criticality for approaching Authorization by FedRAMP Key Security Indicators for an initial authorization package: - -Checklist items: -- Minimum Assessment Scope (MAS) -- Authorization Data Sharing (ADS) -- Using Cryptographic Modules (UCM) -- Vulnerability Detection and Response (VDR) -- Significant Change Notifications (SCN) -- Persistent Validation and Assessment (PVA) -- Secure Configuration Guide (RSC) -- Collaborative Continuous Monitoring (CCM) -- FedRAMP Security Inbox (FSI) -- Incident Communications Procedures (ICP) - -Terms: `Authorization Package`, `Authorization data`, `FedRAMP Security Inbox`, `Incident`, `Persistent Validation`, `Persistently`, `Significant change`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — This recommendation is new in v-0.9.0 to clarify expectations. - -### `KSI-CSX-SUM` (formerly `FRR-KSI-02`) MUST — Implementation Summaries - -Providers MUST maintain simple high-level summaries of at least the following for each Key Security Indicator: - -Checklist items: -- Goals for how it will be implemented and validated, including clear pass/fail criteria and traceability -- The consolidated _information resources_ that will be validated (this should include consolidated summaries such as "all employees with privileged access that are members of the Admin group") -- The machine-based processes for _validation_ and the _persistent_ cycle on which they will be performed (or an explanation of why this doesn't apply) -- The non-machine-based processes for _validation_ and the _persistent_ cycle on which they will be performed (or an explanation of why this doesn't apply) -- Current implementation status -- Any clarifications or responses to the assessment summary - -Terms: `Machine-Based (information resources)`, `Persistent Validation` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. diff --git a/src/content/docs/docs/fedramp/processes/marketplace-listing.md b/src/content/docs/docs/fedramp/processes/marketplace-listing.md new file mode 100644 index 0000000..717029b --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/marketplace-listing.md @@ -0,0 +1,187 @@ +--- +title: Marketplace Listing — FedRAMP Process +description: Official Consolidated Rules summary for the MKT FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Marketplace Listing + +Short name: `MKT` · Process ID: `MKT` · Web slug: `marketplace-listing` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/marketplace-listing/](https://www.fedramp.gov/2026/reference/marketplace-listing/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2026-07-04 +- Rev5: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2026-07-04 +- Shared requirements: 12 + +## Purpose + +The Marketplace Listing rules define how FedRAMP decides which cloud service offerings, assessors, and advisors may be listed in the FedRAMP Marketplace. These rules help agencies and other customers rely on the Marketplace as a consistent source of eligible services and supporting organizations, while requiring listed organizations to supply accurate, accessible, and machine-readable information. + +## Rule Subsets + +- `CAS` — General Advisor Responsibilities: These rules apply to consulting and advisory services seeking a listing in the FedRAMP Marketplace. +- `CSO` — General Provider Responsibilities: These rules apply to providers seeking a listing in the FedRAMP Marketplace. · types: 20x, Rev5 · classes: A, B, C, D +- `FRP` — FedRAMP Responsibilities: These rules apply to FedRAMP activities related to the FedRAMP Marketplace. · types: 20x, Rev5 · classes: A, B, C, D +- `IAS` — General Assessor Responsibilities: These rules apply to independent assessment services seeking a listing in the FedRAMP Marketplace. +- `IIP` — Provider Responsibilities for Initial Implementation Phase Listings: FedRAMP allows cloud service providers that are actively preparing to obtain a FedRAMP Certification to apply for listing in the FedRAMP Marketplace. All cloud service providers must obtain a Initial Implementation Phase Marketplace Listing before they can apply for FedRAMP Certification. These rules apply to providers seeking a Initial Implementation Phase listing in the FedRAMP Marketplace. · types: 20x, Rev5 + +## Requirements and Recommendations + +## BOTH + +### `MKT-CAS-LRQ` MUST — Listing Requests for Advisors + +Advisors MUST complete the Advisor Listing Request Form to request listing in the FedRAMP Marketplace. + +Terms: `Advisor` + +Affects: Advisors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-CAS-RFR` MUST — Advisor Responses to FedRAMP + +Advisors MUST reply to all requests from @fedramp.gov or @gsa.gov email addresses sent to the contact information provided in their advisor listing within 5 business days. + +Terms: `Advisor` + +Affects: Advisors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-CAS-WEB` MUST — Website Requirements for Advisors + +Advisors MUST have an appropriate web site that publicly supplies at least the following information in consistent machine-readable and human-readable formats: + +Checklist items: +- General description of the consulting or advisory service +- Contact information +- Types of consulting or advisory services offered +- Optional: Positive attestations from customers or customer references + +Terms: `Advisor`, `Machine-Readable` + +Affects: Advisors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-CSO-MLR` MUST — Marketplace Listing Requirements + +Providers MUST address at least these FedRAMP rules to apply for a new FedRAMP Marketplace listing OR to request updates to an existing listing: + +Checklist items: +- Certification Data Sharing: CDS-CSO-PUB (Public Information) + +Terms: `Certification Data`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-CSO-PML` MUST — Provider Marketplace Listing Requests + +Providers MUST notify FedRAMP using the FedRAMP Marketplace Providing Listing Request Form to request a listing in the FedRAMP Marketplace. + +Terms: `Provider` + +Affects: Providers + +Note: FedRAMP does not accept applications for a FedRAMP Marketplace Listing via email! + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-FRP-SOF` MUST NOT — Scope of FedRAMP + +FedRAMP MUST NOT list cloud service offerings in the Marketplace or perform any FedRAMP Certification activities unless it determines the cloud service offering is within the scope of FedRAMP. + +Terms: `Cloud Service Offering` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-IAS-LRQ` MUST — Listing Requests for Assessors + +Assessors MUST complete the Assessor Listing Request Form to request listing in the FedRAMP Marketplace. + +Terms: `Assessor` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-IAS-OFR` MUST — Only FedRAMP Recognized Assessors + +Assessors MUST obtain and maintain FedRAMP Recognition to be listed in the FedRAMP Marketplace. + +Terms: `Assessor`, `FedRAMP Recognized` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-IAS-WEB` MUST — Website Requirements for Assessors + +Assessors MUST have an appropriate web site that publicly supplies at least the following information in human-readable and JSON formats: + +Checklist items: +- General description of the independent assessment service +- Contact information +- Types of independent services offered +- Optional: Positive attestations from customers or customer references + +Terms: `Assessor` + +Affects: Assessors + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-IIP-AGU` MUST — Agency Use Cases + +Providers MUST demonstrate that a cloud service offering is intended for one of the following use cases: + +Checklist items: +- Direct Use: The product will be used directly by agency customers for integration into a federal information system that falls within the scope of 44 USC § 3506 and will receive an agency Authorization to Operate. +- Indirect Use: The product will be included as a third-party information resource in other cloud service offerings that are directly used by agency customers. + +Terms: `Agency`, `Cloud Service Offering`, `Information Resource`, `Provider`, `Third-Party Information Resource` + +Affects: Providers + +Note: FedRAMP will not list products or services that are outside the explicit statutory scope of FedRAMP; See MKT-FRP-SOF (Scope of FedRAMP). +Services used by private companies to meet other compliance requirements (such as CMMC) that do not also meet one of the above use cases are outside the scope of FedRAMP. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-IIP-DCP` MUST — Demonstrating Continuous Progress + +Providers MUST demonstrate continuous progress towards a FedRAMP Certification, documented in their Trust Center or website and updated at least quarterly; progress is measured by the provider against documented goals and milestones. + +Terms: `Provider`, `Trust Center` + +Affects: Providers + +Note: This is an opportunity for a business to showcase its goals and progress, and should be seen as a marketing and customer experience challenge instead of a compliance challenge. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `MKT-IIP-DLA` MUST — Deadline for Assessment + +Providers MUST demonstrate that an assessment for a FedRAMP Certification Class B, C, or D has been scheduled within 2 years of initial listing in the Initial Implementation Phase. + +Terms: `Certification Class`, `Provider` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/minimum-assessment-scope.md b/src/content/docs/docs/fedramp/processes/minimum-assessment-scope.md index 3ce556b..d8fb42c 100644 --- a/src/content/docs/docs/fedramp/processes/minimum-assessment-scope.md +++ b/src/content/docs/docs/fedramp/processes/minimum-assessment-scope.md @@ -1,78 +1,92 @@ --- title: Minimum Assessment Scope — FedRAMP Process -description: Official FRMR-generated summary for the MAS FedRAMP process, including applicability and requirements. +description: Official Consolidated Rules summary for the MAS FedRAMP process, including applicability and requirements. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Minimum Assessment Scope Short name: `MAS` · Process ID: `MAS` · Web slug: `minimum-assessment-scope` Applies to: `both` +Status: `stable` -Official page: [https://fedramp.gov/docs/20x/minimum-assessment-scope](https://fedramp.gov/docs/20x/minimum-assessment-scope) + +Official page: [https://www.fedramp.gov/2026/reference/minimum-assessment-scope/](https://www.fedramp.gov/2026/reference/minimum-assessment-scope/) ## Effective Status -- 20x: required · Phase 2 Pilot -- Rev5: optional · Wide Release +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-01-01 - Shared requirements: 5 +## Purpose + +The Minimum Assessment Scope rules help providers define assessment boundaries narrowly enough to avoid unnecessary review of components that do not affect the offering's security. These rules still ensure the assessment includes the resources and connections needed to understand the offering's confidentiality, integrity, and availability. + +## Rule Subsets + +- `CSO` — General Provider Responsibilities: These rules apply to providers for any type of FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D + ## Requirements and Recommendations ## BOTH -### `MAS-CSO-FLO` (formerly `FRR-MAS-05`) MUST — Information Flows and Security Objectives +### `MAS-CSO-FLO` MUST — Information Flows and Security Categories -Providers MUST clearly identify, document, and explain information flows and security objectives for ALL information resources or sets of information resources in the cloud service offering. +Providers MUST clearly identify, document, and explain information flows and security categories for ALL information resources or sets of information resources in the cloud service offering. -Terms: `Cloud Service Offering`, `Handle`, `Information Resource`, `Third-party Information Resource` +Terms: `Cloud Service Offering`, `Handle`, `Information Resource`, `Provider`, `Security Category`, `Third-Party Information Resource` Affects: Providers -Note: Information resources (including third-party information resources) MAY vary by security objectives as appropriate to the level of information handled or impacted by the information resource. +Note: Information resources (including third-party information resources) MAY vary by security category as appropriate to the type of information handled by or impacted by the information resource. -Recent update: 2026-02-04 — Updated wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `MAS-CSO-IIR` (formerly `FRR-MAS-01`) MUST — Identify Information Resources +### `MAS-CSO-IIR` MUST — Identify Information Resources -Providers MUST identify a set of information resources to assess for FedRAMP authorization that includes all information resources that are likely to handle federal customer data or likely to impact the confidentiality, integrity, or availability of federal customer data handled by the cloud service offering; this set of information resources is the cloud service offering. +Providers MUST identify a set of information resources to assess for FedRAMP Certification that includes all information resources that are likely to handle federal customer data or likely to impact the confidentiality, integrity, or availability of federal customer data handled by the cloud service offering; this set of information resources is the cloud service offering. -Terms: `Cloud Service Offering`, `Federal Customer Data`, `Handle`, `Information Resource`, `Likely` +Terms: `Agency`, `Certification Package`, `Cloud Service Offering`, `Federal Customer Data`, `Handle`, `Information Resource`, `Likely`, `Provider` Affects: Providers -Recent update: 2026-02-04 — Added notes from former AY sections; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Note: Certain categories of cloud computing products and services are specified as entirely outside the scope of FedRAMP by the Director of the Office of Management and Budget. All such products and services are therefore not included in the cloud service offering for FedRAMP. For more, see https://fedramp.gov/scope. +Software produced by cloud service providers that is delivered separately for installation on agency systems and not operated in a shared responsibility model (typically including agents, application clients, mobile applications, etc. that are not fully managed by the cloud service provider) is not a cloud computing product or service and is entirely outside the scope of FedRAMP under the FedRAMP Certification Act. All such software is therefore not included in the cloud service offering for FedRAMP. For more, see https://fedramp.gov/scope. +All aspects of the cloud service offering are determined and maintained by the cloud service provider in accordance with related FedRAMP Certification rules and documented by the cloud service provider in their FedRAMP Certification Package. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `MAS-CSO-MDI` (formerly `FRR-MAS-04`) MUST — Metadata Inclusion +### `MAS-CSO-MDI` MUST — Metadata Inclusion -Providers MUST include metadata (including metadata about federal customer data) in the Minimum Assessment Scope ONLY IF MAS-CSO-IIR APPLIES. +Providers MUST include metadata (including metadata about federal customer data) in the Minimum Assessment Scope ONLY IF MAS-CSO-IIR (Identify Information Resources) APPLIES. -Terms: `Federal Customer Data` +Terms: `Federal Customer Data`, `Information Resource`, `Initial Incident Report (IIR)`, `Provider` Affects: Providers -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `MAS-CSO-SUP` (formerly `FRR-MAS-EX-01`) MAY — Supplemental Information +### `MAS-CSO-SUP` MAY — Supplemental Information -Providers MAY include additional materials about other information resources that are not part of the cloud service offering in a FedRAMP assessment and authorization package supplement; these resources will not be FedRAMP authorized and MUST be clearly marked and separated from the cloud service offering. +Providers MAY include additional materials about other information resources that are not part of the cloud service offering in a FedRAMP Certification Package supplement; these resources will not be FedRAMP Certified and MUST be clearly marked and separated from the cloud service offering. -Terms: `Agency`, `Authorization Package`, `Cloud Service Offering`, `Information Resource` +Terms: `Agency`, `Certification Package`, `Cloud Service Offering`, `FedRAMP Certified`, `Information Resource`, `Provider` Affects: Providers Note: This is intended to allow inclusion of things like security materials for apps, supplemental marketing collateral, and other information that is not part of the cloud service offering but may be useful to agencies. -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. ### `MAS-CSO-TPR` MUST — Third-Party Information Resources -Providers MUST address the potential impact to federal customer data from third-party information resources used by the cloud service offering, ONLY IF MAS-CSO-IIR APPLIES, by documenting the following information about each applicable third-party information resource: +Providers MUST address the potential impact to federal customer data from third-party information resources used by the cloud service offering, ONLY IF MAS-CSO-IIR (Identify Information Resources) APPLIES, by documenting the following information about each applicable third-party information resource: Checklist items: - General usage and configuration @@ -80,8 +94,8 @@ Checklist items: - Mitigation measures in place to reduce the potential impact to federal customer data - Compensating controls in place to reduce the potential impact to federal customer data -Terms: `Cloud Service Offering`, `Federal Customer Data`, `Information Resource`, `Third-party Information Resource` +Terms: `Cloud Service Offering`, `Federal Customer Data`, `Information Resource`, `Initial Incident Report (IIR)`, `Provider`, `Third-Party Information Resource` Affects: Providers -Recent update: 2026-02-04 — Rephrased w/ following information, updated application to all third-party resources and merged with former FRR-MAS-02; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/persistent-validation-and-assessment.md b/src/content/docs/docs/fedramp/processes/persistent-validation-and-assessment.md deleted file mode 100644 index 1dbff18..0000000 --- a/src/content/docs/docs/fedramp/processes/persistent-validation-and-assessment.md +++ /dev/null @@ -1,206 +0,0 @@ ---- -title: Persistent Validation and Assessment — FedRAMP Process -description: Official FRMR-generated summary for the PVA FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Persistent Validation and Assessment - -Short name: `PVA` · Process ID: `PVA` · Web slug: `persistent-validation-and-assessment` - -Applies to: `20x` - -Official page: [https://fedramp.gov/docs/20x/persistent-validation-and-assessment](https://fedramp.gov/docs/20x/persistent-validation-and-assessment) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: no -- Shared requirements: 0 - -## Requirements and Recommendations - -## 20X - -### `PVA-CSX-FAV` (formerly `FRR-PVA-02`) MUST — Issues As Vulnerabilities - -Providers MUST treat issues detected during persistent validation and failures of the persistent validation process as vulnerabilities, then follow the requirements and recommendations in the FedRAMP Vulnerability Detection and Response process for such findings. - -Terms: `Persistent Validation`, `Persistently`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-CSX-IVV` (formerly `FRR-PVA-05`) MUST — Independent Verification and Validation - -Providers MUST have the implementation of their goals and validation processes assessed by a FedRAMP-recognized independent assessor OR by FedRAMP directly AND MUST include the results of this assessment in their authorization data without modification. - -Terms: `Authorization data`, `Persistent Validation` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-CSX-NMV` MUST — Non-Machine Validation - -Providers MUST complete the validation processes for Key Security Indicators of non-machine-based information resources at least once every 3 months. - -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistent Validation` - -Affects: Providers - -### `PVA-CSX-PMV` — Persistent Machine Validation - - - -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistent Validation` - -Affects: Providers - -### `PVA-CSX-PTE` (formerly `FRR-PVA-07`) SHOULD — Provide Technical Evidence - -Providers SHOULD provide technical explanations, demonstrations, and other relevant supporting information to all necessary assessors for the technical capabilities they employ to meet Key Security Indicators and to provide validation. - -Terms: `All Necessary Assessors`, `Persistent Validation` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-CSX-RAD` (formerly `FRR-PVA-08`) MAY — Receiving Advice - -Providers MAY ask for and accept advice from their assessor during assessment regarding techniques and procedures that will improve their security posture or the effectiveness, clarity, and accuracy of their validation and reporting procedures for Key Security Indicators, UNLESS doing so might compromise the objectivity and integrity of the assessment (see also PVA-TPX-SHA). - -Terms: `Persistent Validation` - -Affects: Providers - -Note: The related A2LA requirements are waived for FedRAMP 20x Phase Two assessments. - -Recent update: 2026-02-09 — Fixed incorrect reference to old FRR by changing PVA-TPX-AMA to PVA-TPX-SHA; no material changes. - -### `PVA-CSX-RPV` (formerly `FRR-PVA-03`) MUST — Report Persistent Validation - -Providers MUST include persistent validation activity in the reports on vulnerability detection and response activity required by the FedRAMP Vulnerability Detection and Response process. - -Terms: `Persistent Validation`, `Persistently`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-CSX-VAL` (formerly `FRR-PVA-01`) MUST — Persistent Validation - -Providers MUST persistently perform validation of their Key Security Indicators; this process is called persistent validation and is part of vulnerability detection. - -Terms: `Persistent Validation`, `Persistently`, `Vulnerability`, `Vulnerability Detection` - -Affects: Providers - -Recent update: 2026-02-04 — Clarified; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-MME` (formerly `FRR-PVA-13`) MUST — Mixed Methods Evaluation - -Assessors MUST perform evaluation using a combination of quantitative and expert qualitative assessment as appropriate AND document which is applied to which aspect of the assessment. - -Affects: Assessors - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-NOR` (formerly `FRR-PVA-18`) MUST NOT — No Overall Recommendation - -Assessors MUST NOT deliver an overall recommendation on whether or not the cloud service offering meets the requirements for FedRAMP authorization. - -Terms: `Cloud Service Offering` - -Affects: Assessors - -Note: FedRAMP will make the final authorization decision based on the assessor's findings and other relevant information. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-OUC` (formerly `FRR-PVA-12`) MUST — Outcome Consistency - -Assessors MUST verify and validate whether or not the underlying processes are consistently creating the desired security outcome documented by the provider. - -Terms: `Persistent Validation` - -Affects: Assessors - -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-PAD` (formerly `FRR-PVA-16`) MUST — Procedure Adherence - -Assessors MUST assess whether or not procedures are consistently followed, including the processes in place to ensure this occurs, without relying solely on the existence of a procedure document for assessing if appropriate processes and procedures are in place. - -Affects: Assessors - -Note: This includes evaluating tests or plans for activities that may occur in the future but have not yet occurred. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-PDK` (formerly `FRR-PVA-11`) MUST — Processes Derived from Key Security Indicators - -Assessors MUST verify and validate the implementation of processes derived from Key Security Indicators to determine whether or not the provider has accurately documented their process and goals. - -Terms: `Persistent Validation` - -Affects: Assessors - -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-PEX` (formerly `FRR-PVA-14`) SHOULD — Provider Experts - -Assessors SHOULD engage provider experts in discussion to understand the decisions made by the provider and inform expert qualitative assessment, and SHOULD perform independent research to test such information as part of the expert qualitative assessment process. - -Affects: Assessors - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-SHA` (formerly `FRR-PVA-09`) MAY — Sharing Advice - -Assessors MAY share advice with providers they are assessing about techniques and procedures that will improve their security posture or the effectiveness, clarity, and accuracy of their validation and reporting procedures for Key Security Indicators, UNLESS doing so might compromise the objectivity and integrity of the assessment (see also PVA-CSX-RAD). - -Terms: `Persistent Validation` - -Affects: Assessors - -Recent update: 2026-02-09 — Fixed incorrect reference to old FRR by changing PVA-CSX-RIA to PVA-CSX-RAD; no material changes. - -### `PVA-TPX-STE` (formerly `FRR-PVA-15`) MUST NOT — Static Evidence - -Assessors MUST NOT rely on screenshots, configuration dumps, or other static output as evidence EXCEPT when evaluating the accuracy and reliability of a process that generates such artifacts. - -Affects: Assessors - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-SUM` (formerly `FRR-PVA-17`) MUST — Assessment Summary - -Assessors MUST deliver a high-level summary of their assessment process and findings for each Key Security Indicator; this summary will be included in the authorization data for the cloud service offering. - -Terms: `Authorization data`, `Cloud Service Offering` - -Affects: Assessors - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `PVA-TPX-UNP` (formerly `FRR-PVA-10`) MUST — Underlying Processes - -Assessors MUST verify and validate the underlying processes (both machine-based and non-machine-based) that providers use to validate Key Security Indicators; this should include at least: - -Checklist items: -- The effectiveness, completeness, and integrity of the automated processes that perform validation of the cloud service offering's security posture. -- The effectiveness, completeness, and integrity of the human processes that perform validation of the cloud service offering's security posture -- The coverage of these processes within the cloud service offering, including if all of the consolidated information resources listed are being validated. - -Terms: `Cloud Service Offering`, `Information Resource`, `Machine-Based (information resources)`, `Persistent Validation` - -Affects: Assessors - -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. diff --git a/src/content/docs/docs/fedramp/processes/secure-configuration-guide.md b/src/content/docs/docs/fedramp/processes/secure-configuration-guide.md index 3485d4e..f997e18 100644 --- a/src/content/docs/docs/fedramp/processes/secure-configuration-guide.md +++ b/src/content/docs/docs/fedramp/processes/secure-configuration-guide.md @@ -1,50 +1,63 @@ --- title: Secure Configuration Guide — FedRAMP Process -description: Official FRMR-generated summary for the SCG FedRAMP process, including applicability and requirements. +description: Official Consolidated Rules summary for the SCG FedRAMP process, including applicability and requirements. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Secure Configuration Guide Short name: `SCG` · Process ID: `SCG` · Web slug: `secure-configuration-guide` Applies to: `both` +Status: `stable` -Official page: [https://fedramp.gov/docs/20x/secure-configuration-guide](https://fedramp.gov/docs/20x/secure-configuration-guide) + +Official page: [https://www.fedramp.gov/2026/reference/secure-configuration-guide/](https://www.fedramp.gov/2026/reference/secure-configuration-guide/) ## Effective Status -- 20x: required · Phase 2 Pilot -- Rev5: required · Wide Release +- 20x: required · Consolidated Rules for 2026 · obtain 2026-03-01 · grace through 2026-07-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2026-03-01 · grace through 2026-07-01 - Shared requirements: 9 +## Purpose + +The Secure Configuration Guide rules help agencies and other customers understand how to configure a cloud service offering securely. These rules require providers to clearly explain the security impact of common settings so customers can make informed configuration choices. + +## Rule Subsets + +- `CSO` — General Provider Responsibilities: These rules apply to providers with FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `ENH` — Enhanced Capabilities: These recommendations apply to providers with FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D + ## Requirements and Recommendations ## BOTH ### `SCG-CSO-AUP` MUST — Use Instructions -Providers MUST include instructions in the FedRAMP authorization package that explain how to obtain and use the Secure Configuration Guide. +Providers MUST include instructions in the FedRAMP Certification Package that explain how to obtain and use the Secure Configuration Guide. -Terms: `Authorization Package` +Terms: `Certification Package`, `Provider` Affects: Providers Note: These instructions may appear in a variety of ways; it is up to the provider to do so in the most appropriate and effective ways for their specific customer needs. -Recent update: 2026-02-04 — This requirement is new in v-0.9.0 to clarify expectations. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `SCG-CSO-PUB` (formerly `FRR-RSC-09`) SHOULD — Public Guidance +### `SCG-CSO-PUB` SHOULD — Public Secure Configuration Guidance Providers SHOULD make the Secure Configuration Guide available publicly. +Terms: `Provider` + Affects: Providers -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. ### `SCG-CSO-RSC` MUST — Recommended Secure Configuration @@ -55,66 +68,71 @@ Checklist items: - Required: Explanations of security-related settings that can be operated only by top-level administrative accounts and their security implications. - Recommended: Explanations of security-related settings that can be operated only by privileged accounts and their security implications. -Terms: `Cloud Service Offering`, `Privileged account`, `Top-level administrative account` +Terms: `Cloud Service Offering`, `Privileged Account`, `Provider`, `Top-Level Administrative Account` Affects: Providers -Recent update: 2026-02-04 — Combined all required and recommended SCG information; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Note: These rules refer to this guidance as a Secure Configuration Guide but cloud service providers may make this guidance available in various appropriate forms that provide the best customer experience. +This guidance should explain how top-level administrative accounts and privileged accounts are named and referred to in the cloud service offering. -### `SCG-CSO-SDF` (formerly `FRR-RSC-04`) SHOULD — Secure Defaults +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCG-CSO-SDF` SHOULD — Secure Defaults Providers SHOULD set all settings to their recommended secure defaults for top-level administrative accounts and privileged accounts when initially provisioned. -Terms: `Privileged account`, `Top-level administrative account` +Terms: `Privileged Account`, `Provider`, `Top-Level Administrative Account` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `SCG-ENH-API` (formerly `FRR-RSC-07`) SHOULD — API Capability +### `SCG-ENH-API` SHOULD — API Capability Providers SHOULD offer the capability to view and adjust security settings via an API or similar capability. +Terms: `Provider` + Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `SCG-ENH-CMP` (formerly `FRR-RSC-05`) SHOULD — Comparison Capability +### `SCG-ENH-CMP` SHOULD — Comparison Capability Providers SHOULD offer the capability to compare all current settings for top-level administrative accounts and privileged accounts to the recommended secure defaults. -Terms: `Privileged account`, `Top-level administrative account` +Terms: `Privileged Account`, `Provider`, `Top-Level Administrative Account` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `SCG-ENH-EXP` (formerly `FRR-RSC-06`) SHOULD — Export Capability +### `SCG-ENH-EXP` SHOULD — Export Capability Providers SHOULD offer the capability to export all security settings in a machine-readable format. -Terms: `Machine-Readable` +Terms: `Machine-Readable`, `Provider` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `SCG-ENH-MRG` (formerly `FRR-RSC-08`) SHOULD — Machine-Readable Guidance +### `SCG-ENH-MRG` SHOULD — Machine-Readable Guidance Providers SHOULD also provide the Secure Configuration Guide in a machine-readable format that can be used by customers or third-party tools to compare against current settings. -Terms: `Machine-Readable` +Terms: `Machine-Readable`, `Provider` Affects: Providers -Recent update: 2026-02-04 — Removed unnecessary recommended; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `SCG-ENH-VRH` (formerly `FRR-RSC-10`) SHOULD — Versioning and Release History +### `SCG-ENH-VRH` SHOULD — Versioning and Release History Providers SHOULD provide versioning and a release history for recommended secure default settings for top-level administrative accounts and privileged accounts as they are adjusted over time. -Terms: `Privileged account`, `Top-level administrative account` +Terms: `Privileged Account`, `Provider`, `Top-Level Administrative Account` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/security-decision-record.md b/src/content/docs/docs/fedramp/processes/security-decision-record.md new file mode 100644 index 0000000..6ec884f --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/security-decision-record.md @@ -0,0 +1,137 @@ +--- +title: Security Decision Record — FedRAMP Process +description: Official Consolidated Rules summary for the SDR FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Security Decision Record + +Short name: `SDR` · Process ID: `SDR` · Web slug: `security-decision-record` + +Applies to: `both`, `20x`, `rev5` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/security-decision-record/](https://www.fedramp.gov/2026/reference/security-decision-record/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-08-01 +- Shared requirements: 2 + +## Purpose + +The Security Decision Record replaced a traditional System Security Plan with a persistently maintained, verified, and validated record of the security decisions made by the cloud service provider over the lifecycle of their cloud service offering. + +## Rule Subsets + +- `CSF` — Rev5-Specific Provider Responsibilities: These rules apply to providers for FedRAMP Rev5 Certifications. · types: Rev5 · classes: B, C, D +- `CSO` — General Provider Responsibilities: These rules apply to providers for FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `CSX` — 20x-Specific Provider Responsibilities: These rules apply to providers for FedRAMP 20x Certifications. · types: 20x · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `SDR-CSO-FRR` MUST — FedRAMP Rules + +Providers MUST supply a Security Decision Record, in both human-readable and JSON formats, that includes at least all of the following information for each applicable FedRAMP rule: + +Checklist items: +- Explanation of how the rule is followed, or an explanation of the reason and resulting risk to customers for not following the rule. +- Verification that the implementation is appropriate for the rule, or that the reason for not implementing is accepted by a senior official. +- Validation that the implementation is in place and working as intended, or that the reason for not implementing is accepted by a senior official. +- Independent verification. +- Independent validation. +- Any responses or clarifications to the comments in the independent verification or validation. +- Rule-specific artifacts (if applicable). + +Terms: `Artifacts`, `Provider`, `Security Decision Record (SDR)`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SDR-CSO-MTD` MUST — Security Decision Record Metadata + +Providers MUST also include the following basic metadata in their Security Decision Record: + +Checklist items: +- Version +- Date and time of last update +- Source of update + +Terms: `Provider`, `Security Decision Record (SDR)` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## 20X + +### `SDR-CSX-KMT` VARIES BY CLASS — Key Security Indicator Metrics + +Varies by certification class: + +- **Class A MAY:** Providers with 20x Class A Certifications MAY also include historical metrics in their Security Decision Record. +- **Class B MUST:** Providers with 20x Class B Certifications MUST also include historical metrics in their Security Decision Record, supplying at least the following information for each applicable Key Security Indicator: +- **Class C MUST:** Providers with 20x Class C Certifications MUST also include historical metrics in their Security Decision Record, supplying at least the following information for each applicable Key Security Indicator: +- **Class D MUST:** Providers with 20x Class D Certifications MUST significantly supersede the minimum requirements for lower Classes, with specifics to be set during the 20x Phase 4 Pilot. + +Checklist items: +- Class B: Summary of each metric over the past 30 days +- Class B: Summary of metric up to the past year (where available) +- Class C: Summary of each metric over the past 30 days +- Class C: Summary of metric up to the past year (where available) +- Class C: All daily metric data up to the past year (where available) + +Terms: `Provider`, `Security Decision Record (SDR)` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SDR-CSX-KSI` MUST — Key Security Indicators + +Providers MUST also include short and simple high-level summaries of at least the following for each applicable Key Security Indicator: + +Checklist items: +- Explanation of measures (and their objectives) that demonstrate the Key Security Indicator, or an explanation of the reason and resulting risk to customers for not having measures available for that Key Security Indicator. +- Explanation of the cycle for any measures that are implemented persistently (if applicable). +- Verification that the measures demonstrate the Key Security Indicator, or that the reason for not having them is accepted. +- Verification that the automation in place is accurate and sufficient to demonstrate appropriate measures for the Key Security Indicator, or that automation is not necessary for each measure. +- Validation that the measures are accurately produced and are in place and working as intended, or that the reason for not having them is valid. + +Terms: `Persistently`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +## REV5 + +### `SDR-CSF-CTF` MUST — Rev5 Controls + +Providers MUST also include short and simple high-level summaries of at least the following for each applicable Rev5 Control: + +Checklist items: +- Any organization-defined parameter values. +- Implementation status, one of Implemented, Partially Implemented, Planned, Alternative Implementation, or Not Applicable. +- The mechanisms or activities that address the control, including inheritance from another cloud service offering if applicable. +- The verification that is in place to ensure the implementation is appropriate for the control. +- The validation that is in place to ensure the implementation is working as intended. +- Independent verification. +- Independent validation. +- Any responses or clarifications to the comments in the independent verification or validation. +- Control-specific artifacts (if applicable). + +Terms: `Artifacts`, `Cloud Service Offering`, `Provider`, `Validation`, `Verification` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/significant-change-notification.md b/src/content/docs/docs/fedramp/processes/significant-change-notification.md new file mode 100644 index 0000000..a56d5cd --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/significant-change-notification.md @@ -0,0 +1,274 @@ +--- +title: Significant Change Notification — FedRAMP Process +description: Official Consolidated Rules summary for the SCN FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Significant Change Notification + +Short name: `SCN` · Process ID: `SCN` · Web slug: `significant-change-notification` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/significant-change-notification/](https://www.fedramp.gov/2026/reference/significant-change-notification/) + +## Effective Status + +- 20x: required · Consolidated Rules for 2026 · obtain 2026-07-04 · grace through 2027-01-01 +- Rev5: required · Consolidated Rules for 2026 · obtain 2027-01-01 · grace through 2027-06-01 +- Shared requirements: 17 + +## Purpose + +The Significant Change Notification rules supply a simple framework allowing providers to make significant changes to their own products while keeping agency customers in the loop. These rules organize significant changes into clear categories so agencies can understand the expected risk and make authorization decisions accordingly. + +## Rule Subsets + +- `ADP` — Adaptive Changes: These rules apply to all adaptive significant changes. · types: 20x, Rev5 · classes: B, C, D +- `CSO` — General Provider Responsibilities: These rules apply to providers with FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `FRP` — FedRAMP Responsibilities: These rules apply to FedRAMP. · types: 20x, Rev5 · classes: B, C, D +- `RTR` — Routine Recurring Changes: These rules apply to all routine recurring significant changes. · types: 20x, Rev5 · classes: B, C, D +- `TRF` — Transformative Changes: These rules apply to all transformative significant changes. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `SCN-ADP-NTF` MUST — Notification Requirements + +Providers MUST notify all necessary parties within 10 business days after finishing adaptive changes, also including the following information: + +Checklist items: +- Summary of any new risks identified and/or vulnerabilities resulting from the change (if applicable) + +Terms: `Adaptive Change`, `All Necessary Parties`, `Provider`, `Regularly`, `Significant Change`, `Vulnerability` + +Affects: Providers + +Structured timeframe: `10` bizdays + +Note: Activities that match the adaptive significant change type are a frequent and normal part of iteratively improving a service by deploying new functionality or modifying existing functionality in a way that is typically transparent to customers and does not introduce significant new security risks. +In general, most changes that do not happen regularly will be adaptive changes. This change type deliberately covers a wide range of activities in a way that requires assessment and consideration. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-ARI` MAY — Additional Relevant Information + +Providers MAY include additional relevant information in Significant Change Notifications. + +Terms: `Provider`, `Significant Change` + +Affects: Providers + +Note: This allows providers to convey whatever additional information they think is relevant without worrying about negative consequences from not following an exact template. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-EMG` MAY — Emergency Changes + +Providers MAY execute significant changes (including transformative changes) during an emergency or incident without following the Significant Change Notification rules in advance. In such emergencies, providers MUST follow all relevant procedures, notify all necessary parties, retroactively provide all Significant Change Notification materials, and complete appropriate assessment after the incident. + +Terms: `All Necessary Parties`, `Certification Package`, `Incident`, `Provider`, `Significant Change`, `Transformative Change` + +Affects: Providers + +Note: Procedures for emergency changes should be documented in the FedRAMP Certification Package. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-EVA` MUST — Evaluate Changes + +Providers MUST evaluate all potential significant changes to determine the type of significant change and follow the appropriate Significant Change Notification rules. + +Checklist items: +- Is it a significant change? --> Continue evaluation and follow the Significant Change Notification rules. +- If it is, is it an FedRAMP Certification class change? --> This requires a new assessment and cannot be done under the Significant Change Notification rules. +- If it is not, is it a routine recurring change? --> Follow the Routine Recurring Change rules (SCN-RTR Routine Recurring Changes). +- If it is not, is it a transformative change? --> Follow the Transformative Change rules (SCN-TRF Transformative Changes). +- If it is not, then it is an adaptive change --> Follow the Adaptive Change rules (SCN-ADP Adaptive Changes). + +Terms: `Adaptive Change`, `Certification Class`, `Certification Class Change`, `Provider`, `Routine Recurring Change`, `Significant Change`, `Transformative Change` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-HIS` MUST — Historical Notifications + +Providers MUST keep 12 months of historical Significant Change Notifications available with their FedRAMP Certification Data. + +Terms: `Certification Data`, `Provider`, `Significant Change` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-HRM` MUST — Human and Machine-Readable Notifications + +Providers MUST make ALL Significant Change Notifications and related audit records available in human-readable and JSON formats. + +Terms: `Provider`, `Significant Change` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-INF` MUST — Required Information + +Providers MUST include at least the following information in Significant Change Notifications: + +Checklist items: +- Service Offering FedRAMP ID +- Assessor Name (if applicable) +- Related Vulnerability (if applicable) +- Significant Change type and explanation of categorization +- Short description of change +- Reason for change +- Summary of customer impact, including changes to services and customer configuration responsibilities +- Plan and timeline for the change, including for the verification, assessment, and/or validation of impacted Key Security Indicators or Rev5 Controls +- Copy of the business or security impact analysis +- Name and title of approver + +Terms: `Assessor`, `Provider`, `Significant Change`, `Validation`, `Verification`, `Vulnerability` + +Affects: Providers + +Note: Structure of the information may vary depending on how the provider tracks this internally. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-MAR` MUST — Maintain Audit Records + +Providers MUST maintain auditable records of the significant change evaluation activities required by SCN-CSO-EVA (Evaluate Changes) and make them available to FedRAMP as requested. + +Terms: `Certification Package`, `Provider`, `Significant Change` + +Affects: Providers + +Note: These audit records must be available to FedRAMP on request; these records do not need to be included in the FedRAMP Certification Package by default and do not need to be emailed to FedRAMP continuously. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-CSO-NOM` MAY — Notification Mechanisms + +Providers MAY notify necessary parties in a variety of ways as long as the mechanism for notification is clearly documented in the FedRAMP Certification Package and easily accessible. + +Terms: `Agency`, `Certification Package`, `Provider` + +Affects: Providers + +Note: The sharing mechanism should be designed based on the needs of the provider and their customers and may vary between providers. +The default sharing mechanism for most providers during the SCN beta was to send an email to agency customers and upload a copy of the notification to the provider's secure sharing location. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-FRP-CAP` MAY — Corrective Action Plan Conditions + +FedRAMP MAY require providers to delay significant changes beyond the standard Significant Change Notification period and/or submit significant changes for approval in advance as a condition of a formal FedRAMP Corrective Action Plan or other agreement. + +Terms: `Provider`, `Significant Change` + +Affects: FedRAMP + +Note: The circumstances and conditions of such a Corrective Action Plan will vary and be documented in the Correcive Action Plan. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-RTR-NNR` SHOULD NOT — No Notification Requirements + +Providers SHOULD NOT make formal Significant Change Notifications for routine recurring changes; this type of change is exempted from notification requirements. + +Terms: `Incident`, `Provider`, `Regularly`, `Routine Recurring Change`, `Significant Change`, `Vulnerability` + +Affects: Providers + +Note: Activities that match the routine recurring significant change type are performed regularly and routinely by cloud service providers to address flaws or vulnerabilities, address incidents, and generally perform the typical maintenance and service delivery changes expected during day-to-day operations. +These changes leverage mature processes and capabilities to identify, mitigate, and remediate risks as part of the change. They are often entirely automated and may occur without human intervention, even though they have an impact on security of the service. +If the activity does not occur regularly and routinely then it cannot be a significant change of this type (e.g., replacing all physical firewalls to remediate a vulnerability is obviously not regular or routine). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-TRF-NAF` MUST — Notification After Finishing + +Providers MUST notify all necessary parties within 5 business days after finishing transformative changes, including updates to all previously sent information. + +Terms: `All Necessary Parties`, `Provider`, `Transformative Change` + +Affects: Providers + +Structured timeframe: `5` bizdays + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-TRF-NAV` MUST — Notification After Verification + +Providers MUST notify all necessary parties within 5 business days after completing the verification, assessment, and/or validation of transformative changes, also including the following information: + +Checklist items: +- Updates to all previously sent information +- Summary of any new risks identified and/or vulnerabilities resulting from the change (if applicable) +- Copy of the security assessment report (if applicable) + +Terms: `All Necessary Parties`, `Provider`, `Transformative Change`, `Validation`, `Verification`, `Vulnerability` + +Affects: Providers + +Structured timeframe: `5` bizdays + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-TRF-NFP` MUST — Notification of Final Plans + +Providers MUST notify all necessary parties of final plans for transformative changes at least 10 business days before starting transformative changes, including updates to all previously sent information. + +Terms: `All Necessary Parties`, `Provider`, `Transformative Change` + +Affects: Providers + +Structured timeframe: `10` bizdays + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-TRF-NIP` MUST — Notification of Initial Plans + +Providers MUST notify all necessary parties of initial plans for transformative changes at least 30 business days before starting transformative changes, including a summary of any likely security impacts or changes in risk. + +Terms: `All Necessary Parties`, `Likely`, `Provider`, `Transformative Change` + +Affects: Providers + +Structured timeframe: `30` bizdays + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-TRF-TPR` SHOULD — Third-Party Review + +Providers SHOULD engage a third-party assessor to review the scope and impact of the planned change before starting transformative changes if human validation is necessary; such reviews SHOULD be limited to security decisions that require human validation. + +Terms: `Assessor`, `Cloud Service Offering`, `Provider`, `Significant Change`, `Transformative Change`, `Validation` + +Affects: Providers + +Note: Activities that match the transformative significant change type are rare for a cloud service offering, adjusted for the size, scale, and complexity of the service. Small cloud service offerings may go years without transformative changes, while hyperscale providers may release multiple transformative changes per year. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `SCN-TRF-UPD` MUST — Update Documentation + +Providers MUST publish updated service documentation and other materials to reflect transformative changes within 30 business days after finishing transformative changes. + +Terms: `Certification Package`, `Provider`, `Transformative Change` + +Affects: Providers + +Structured timeframe: `30` bizdays + +Note: This requirement is focused on service documentation like user guides, information listed in the marketplace, and other such materials; it does not require updating the system security plan or FedRAMP Certification Package. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/significant-change-notifications.md b/src/content/docs/docs/fedramp/processes/significant-change-notifications.md deleted file mode 100644 index 79ef8ee..0000000 --- a/src/content/docs/docs/fedramp/processes/significant-change-notifications.md +++ /dev/null @@ -1,250 +0,0 @@ ---- -title: Significant Change Notifications — FedRAMP Process -description: Official FRMR-generated summary for the SCN FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Significant Change Notifications - -Short name: `SCN` · Process ID: `SCN` · Web slug: `significant-change-notifications` - -Applies to: `both` - -Official page: [https://fedramp.gov/docs/20x/significant-change-notifications](https://fedramp.gov/docs/20x/significant-change-notifications) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: optional · Wide Release -- Shared requirements: 17 - -## Requirements and Recommendations - -## BOTH - -### `SCN-ADP-NTF` (formerly `FRR-SCN-AD-01`) MUST — Notification Requirements - -Providers MUST notify all necessary parties within 10 business days after finishing adaptive changes, also including the following information: - -Checklist items: -- Summary of any new risks identified and/or POA&Ms resulting from the change (if applicable) - -Terms: `Adaptive`, `All Necessary Parties` - -Affects: Providers - -Structured timeframe: `10` bizdays - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `SCN-CSO-ARI` (formerly `FRR-SCN-10`) MAY — Additional Relevant Information - -Providers MAY include additional relevant information in Significant Change Notifications. - -Terms: `Significant change` - -Affects: Providers - -Note: This allows providers to convey whatever additional information they think is relevant without worrying about negative consequences from not following an exact template. - -Recent update: 2026-02-20 — Added note. - -### `SCN-CSO-EMG` (formerly `FRR-SCN-EX-02`) MAY — Emergency Changes - -Providers MAY execute significant changes (including transformative changes) during an emergency or incident without meeting Significant Change Notification requirements in advance. In such emergencies, providers MUST follow all relevant procedures, notify all necessary parties, retroactively provide all Significant Change Notification materials, and complete appropriate assessment after the incident. - -Terms: `All Necessary Parties`, `Incident`, `Significant change`, `Transformative` - -Affects: Providers - -Note: Procedures for emergency changes should be documented in the authorization package. - -Recent update: 2026-02-20 — Clarified wording and added note. - -### `SCN-CSO-EVA` MUST — Evaluate Changes - -Providers MUST evaluate all potential significant changes to determine the type of significant change and apply the appropriate Significant Change Notification requirements and recommendations. - -Checklist items: -- Is it a significant change? --> Continue evaluation and follow the Significant Change Notification process. -- If it is, is it an impact categorization change? --> This requires a new assessment and cannot be done under the Significant Change Notification process. -- If it is not, is it a routine recurring change? --> Follow the Routine Recurring Change process (SCN-RTR Routine Recurring Changes). -- If it is not, is it a transformative change? --> Follow the Transformative Change process (SCN-TRF Transformative Changes). -- If it is not, then it is an adaptive change --> Follow the Adaptive Change process (SCN-ADP Adaptive Changes). - -Terms: `Adaptive`, `Impact Categorization`, `Routine Recurring`, `Significant change`, `Transformative` - -Affects: Providers - -Recent update: 2026-04-08 — Clarified links to SCN sections within the document; no material changes. - -### `SCN-CSO-HIS` (formerly `FRR-SCN-05`) MUST — Historical Notifications - -Providers MUST keep 12 months of historical Significant Change Notifications available with their authorization data. - -Terms: `All Necessary Parties`, `Significant change` - -Affects: Providers - -Recent update: 2026-02-20 — Updated requirement to specify 12 months of retention to showcase historical performance. - -### `SCN-CSO-HRM` (formerly `FRR-SCN-08`) MUST — Human and Machine-Readable - -Providers MUST make ALL Significant Change Notifications and related audit records available in human-readable and machine-readable formats. - -Terms: `Machine-Readable`, `Significant change` - -Affects: Providers - -Note: During the SCN beta, many cloud service providers met this requirement by using carefully structured and organized csv files to meet human-readable and machine-readable requirements simultaneously. - -Recent update: 2026-02-20 — Clarified wording and added note. - -### `SCN-CSO-INF` (formerly `FRR-SCN-09`) MUST — Required Information - -Providers MUST include at least the following information in Significant Change Notifications: - -Checklist items: -- Service Offering FedRAMP ID -- Assessor Name (if applicable) -- Related POA&M (if applicable) -- Significant Change type and explanation of categorization -- Short description of change -- Reason for change -- Summary of customer impact, including changes to services and customer configuration responsibilities -- Plan and timeline for the change, including for the verification, assessment, and/or validation of impacted Key Security Indicators or controls -- Copy of the business or security impact analysis -- Name and title of approver - -Terms: `Persistent Validation`, `Significant change` - -Affects: Providers - -Note: Structure of the information may vary depending on how the provider tracks this internally. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `SCN-CSO-MAR` (formerly `FRR-SCN-04`) MUST — Maintain Audit Records - -Providers MUST maintain auditable records of the significant change evaluation activities required by SCN-CSO-EVA (Evaluate Changes) and make them available to FedRAMP. - -Terms: `All Necessary Parties`, `Significant change` - -Affects: Providers - -Note: These audit records must be available to FedRAMP on request; these records do not need to be included in the authorization package by default. - -Recent update: 2026-02-20 — Clarified that this applies to SCN-CSO-EVA evaluation activities. - -### `SCN-CSO-NOM` (formerly `FRR-SCN-07`) MAY — Notification Mechanisms - -Providers MAY notify necessary parties in a variety of ways as long as the mechanism for notification is clearly documented in the authorization package and easily accessible. - -Affects: Providers - -Recent update: 2026-02-20 — Clarified wording and added notes. - -### `SCN-FRP-CAP` (formerly `FRR-SCN-EX-01`) MAY — Corrective Action Plan Conditions - -FedRAMP MAY require providers to delay significant changes beyond the standard Significant Change Notification period and/or submit significant changes for approval in advance as a condition of a formal FedRAMP Corrective Action Plan or other agreement. - -Terms: `Significant change` - -Affects: FedRAMP - -Note: The circumstances and conditions of such a Corrective Action Plan will vary and be documented in the Correcive Action Plan. - -Recent update: 2026-02-04 — Moved to FRP; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `SCN-RTR-NNR` (formerly `FRR-SCN-RR-01`) SHOULD NOT — No Notification Requirements - -Providers SHOULD NOT make formal Significant Change Notifications for routine recurring changes; this type of change is exempted from the notification requirements of this process. - -Terms: `Routine Recurring`, `Significant change` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `SCN-TRF-NAF` (formerly `FRR-SCN-TR-04`) MUST — Notification After Finishing - -Providers MUST notify all necessary parties within 5 business days after finishing transformative changes, including updates to all previously sent information. - -Terms: `All Necessary Parties`, `Transformative` - -Affects: Providers - -Structured timeframe: `5` bizdays - -Recent update: 2026-02-26 — Moved update from following information to direct statement. - -### `SCN-TRF-NAV` (formerly `FRR-SCN-TR-05`) MUST — Notification After Verification - -Providers MUST notify all necessary parties within 5 business days after completing the verification, assessment, and/or validation of transformative changes, also including the following information: - -Checklist items: -- Updates to all previously sent information -- Summary of any new risks identified and/or POA&Ms resulting from the change (if applicable) -- Copy of the security assessment report (if applicable) - -Terms: `All Necessary Parties`, `Persistent Validation`, `Transformative` - -Affects: Providers - -Structured timeframe: `5` bizdays - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `SCN-TRF-NFP` (formerly `FRR-SCN-TR-03`) MUST — Notification of Final Plans - -Providers MUST notify all necessary parties of final plans for transformative changes at least 10 business days before starting transformative changes, including updates to all previously sent information. - -Terms: `All Necessary Parties`, `Transformative` - -Affects: Providers - -Structured timeframe: `10` bizdays - -Recent update: 2026-02-26 — Clarified that any updates should be included in each new notification. - -### `SCN-TRF-NIP` (formerly `FRR-SCN-TR-02`) MUST — Notification of Initial Plans - -Providers MUST notify all necessary parties of initial plans for transformative changes at least 30 business days before starting transformative changes, including a summary of any likely security impacts or changes in risk. - -Terms: `All Necessary Parties`, `Transformative`, `Likely` - -Affects: Providers - -Structured timeframe: `30` bizdays - -Recent update: 2026-02-26 — Add an explicit requirement to include a summary of any likely changes to risks that will result from the change. - -### `SCN-TRF-TPR` (formerly `FRR-SCN-TR-01`) SHOULD — Third-Party Review - -Providers SHOULD engage a third-party assessor to review the scope and impact of the planned change before starting transformative changes if human validation is necessary; such reviews SHOULD be limited to security decisions that require human validation. - -Terms: `Cloud Service Offering`, `Persistent Validation`, `Significant change`, `Transformative` - -Affects: Providers - -Note: Activities that match the transformative significant change type are rare for a cloud service offering, adjusted for the size, scale, and complexity of the service. Small cloud service offerings may go years without transformative changes, while hyperscale providers may release multiple transformative changes per year. - -Recent update: 2026-02-04 — Clarified wording; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `SCN-TRF-UPD` (formerly `FRR-SCN-TR-06`) MUST — Update Documentation - -Providers MUST publish updated service documentation and other materials to reflect transformative changes within 30 business days after finishing transformative changes. - -Terms: `Transformative` - -Affects: Providers - -Structured timeframe: `30` bizdays - -Note: This requirement is focused on service documentation like user guides, information listed in the marketplace, and other such materials; it does not require updating the system security plan or authorization package. - -Recent update: 2026-02-20 — Added note. diff --git a/src/content/docs/docs/fedramp/processes/using-cryptographic-modules.md b/src/content/docs/docs/fedramp/processes/using-cryptographic-modules.md deleted file mode 100644 index 420c677..0000000 --- a/src/content/docs/docs/fedramp/processes/using-cryptographic-modules.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: Using Cryptographic Modules — FedRAMP Process -description: Official FRMR-generated summary for the UCM FedRAMP process, including applicability and requirements. ---- - -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. - -# Using Cryptographic Modules - -Short name: `UCM` · Process ID: `UCM` · Web slug: `using-cryptographic-modules` - -Applies to: `20x` - -Official page: [https://fedramp.gov/docs/20x/using-cryptographic-modules](https://fedramp.gov/docs/20x/using-cryptographic-modules) - -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: no -- Shared requirements: 0 - -## Requirements and Recommendations - -## 20X - -### `UCM-CSX-CAT` (formerly `FRR-UCM-02`) SHOULD — Configuration of Agency Tenants - -Providers SHOULD configure agency tenants by default to use cryptographic services that use cryptographic modules or update streams of cryptographic modules with active validations under the NIST Cryptographic Module Validation Program when such modules are available. - -Terms: `Agency`, `Persistent Validation` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `UCM-CSX-CMD` (formerly `FRR-UCM-01`) MUST — Cryptographic Module Documentation - -Providers MUST document the cryptographic modules used in each service (or groups of services that use the same modules) where cryptographic services are used to protect federal customer data, including whether these modules are validated under the NIST Cryptographic Module Validation Program or are update streams of such modules. - -Terms: `Federal Customer Data`, `Persistent Validation` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `UCM-CSX-UVM` — Using Validated Cryptographic Modules - - - -Terms: `Federal Customer Data`, `Persistent Validation` - -Affects: Providers diff --git a/src/content/docs/docs/fedramp/processes/vulnerability-detection-and-response.md b/src/content/docs/docs/fedramp/processes/vulnerability-detection-and-response.md index 3779412..d10f5eb 100644 --- a/src/content/docs/docs/fedramp/processes/vulnerability-detection-and-response.md +++ b/src/content/docs/docs/fedramp/processes/vulnerability-detection-and-response.md @@ -1,448 +1,259 @@ --- title: Vulnerability Detection and Response — FedRAMP Process -description: Official FRMR-generated summary for the VDR FedRAMP process, including applicability and requirements. +description: Official Consolidated Rules summary for the VDR FedRAMP process, including applicability and requirements. --- -> Generated from the official [FedRAMP/docs](https://github.com/FedRAMP/docs) GitHub repo. -> Source path: [`FRMR.documentation.json`](https://github.com/FedRAMP/docs/blob/main/FRMR.documentation.json) on `main` at blob `5c6bfee74029`. -> FRMR version: `0.9.43-beta` · upstream `last_updated`: `2026-04-08`. -> The official `FedRAMP/rules` repo exists, but grclanker still treats `FedRAMP/docs` as the active source until structured rules land there. +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. # Vulnerability Detection and Response Short name: `VDR` · Process ID: `VDR` · Web slug: `vulnerability-detection-and-response` -Applies to: `both` +Applies to: `both`, `20x`, `rev5` +Status: `stable` -Official page: [https://fedramp.gov/docs/20x/vulnerability-detection-and-response](https://fedramp.gov/docs/20x/vulnerability-detection-and-response) -## Effective Status - -- 20x: required · Phase 2 Pilot -- Rev5: optional · Open Beta -- Shared requirements: 39 - -## Requirements and Recommendations - -## BOTH - -### `VDR-AGM-DRE` (formerly `FRR-VDR-AG-03`) SHOULD NOT — Do Not Request Extra Info - -Agencies SHOULD NOT request additional information from cloud service providers that is not required by this FedRAMP process UNLESS the head of the agency or an authorized delegate makes a determination that there is a demonstrable need for such. - -Terms: `Agency` - -Affects: Agencies - -Note: This is related to the Presumption of Adequacy directed by 44 USC § 3613 (e). - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-AGM-MAP` (formerly `FRR-VDR-AG-02`) SHOULD — Maintain Agency POA&M - -Agencies SHOULD use vulnerability information reported by the Provider to maintain Plans of Action & Milestones for agency security programs when relevant according to agency security policies (such as if the agency takes action to mitigate the risk of exploitation or authorized the continued use of a cloud service with accepted vulnerabilities that put agency information systems at risk). - -Terms: `Accepted Vulnerability`, `Agency`, `Vulnerability` - -Affects: Agencies - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Official page: [https://www.fedramp.gov/2026/reference/vulnerability-detection-and-response/](https://www.fedramp.gov/2026/reference/vulnerability-detection-and-response/) -### `VDR-AGM-NFR` (formerly `FRR-VDR-AG-04`) MUST — Notify FedRAMP - -Agencies MUST notify FedRAMP after requesting any additional vulnerability information or materials from a cloud service provider beyond those FedRAMP requires by sending a notification to [info@fedramp.gov](mailto:info@fedramp.gov). - -Terms: `Agency`, `Vulnerability` - -Affects: Agencies - -Note: This is an OMB policy; agencies are required to notify FedRAMP in OMB Memorandum M-24-15 section IV (a). +## Effective Status -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +- 20x: required · Mandated by CISA BOD 26-04 · obtain 2026-12-07 · grace through 2027-03-07 +- Rev5: required · Mandated by CISA BOD 26-04 · obtain 2026-12-07 · grace through 2027-03-07 +- Shared requirements: 16 -### `VDR-AGM-RVR` (formerly `FRR-VDR-AG-01`) SHOULD — Review Vulnerability Reports +## Purpose -Agencies SHOULD review the information provided in vulnerability reports at appropriate and reasonable intervals commensurate with the expectations and risk posture indicated by their Authorization to Operate, and SHOULD use automated processing and filtering of machine readable information from cloud service providers. +The Vulnerability Detection and Response rules require providers to continuously identify, analyze, prioritize, mitigate, and remediate vulnerabilities and related exposures through automated systems. These rules give providers flexibility in implementation while ensuring agencies receive the information needed to support ongoing authorization decisions. -Terms: `Accepted Vulnerability`, `Agency`, `Potential Adverse Impact (of vulnerability exploitation)`, `Vulnerability` +## Rule Subsets -Affects: Agencies +- `CSO` — General Provider Responsibilities: These rules apply to all providers with FedRAMP Certifications of any type. · types: 20x, Rev5 · classes: B, C, D +- `TFR` — Timeframes: These rules apply to timeframes for vulnerability detection and response. · types: 20x, Rev5 · classes: B, C, D -Note: FedRAMP recommends that agencies only review overdue and accepted vulnerabilities with a potential adverse impact of N3 or higher unless the cloud service provider recommends mitigations or the service is included in a higher risk federal information system. Furthermore, accepted vulnerabilities generally only need to be reviewed when they are added or during an updated risk assessment due to changes in the agency’s use or authorization. +## Requirements and Recommendations -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +## BOTH -### `VDR-BST-ADT` (formerly `FRR-VDR-AY-03`) SHOULD — Automate Detection +### `VDR-CSO-ADT` SHOULD — Automate Detection Providers SHOULD use automated services to improve and streamline vulnerability detection and response. -Terms: `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` +Terms: `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-BST-AKE` (formerly `FRR-VDR-AY-06`) SHOULD NOT — Avoid KEVs +### `VDR-CSO-AKE` SHOULD NOT — Avoid KEVs Providers SHOULD NOT deploy or otherwise activate new machine-based information resources with Known Exploited Vulnerabilities. -Terms: `Information Resource`, `Known Exploited Vulnerability (KEV)`, `Machine-Based (information resources)`, `Vulnerability` +Terms: `Information Resource`, `Known Exploited Vulnerability (KEV)`, `Machine-Based (Information Resources)`, `Provider`, `Vulnerability` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-BST-DAC` (formerly `FRR-VDR-AY-04`) SHOULD — Detect After Changes +### `VDR-CSO-DAC` SHOULD — Detect After Changes Providers SHOULD automatically perform vulnerability detection on representative samples of new or significantly changed information resources. -Terms: `Information Resource`, `Vulnerability`, `Vulnerability Detection` +Terms: `Information Resource`, `Provider`, `Vulnerability`, `Vulnerability Detection` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-BST-DFR` (formerly `FRR-VDR-AY-02`) SHOULD — Design For Resilience +### `VDR-CSO-DET` MUST — Vulnerability Detection -Providers SHOULD make design and architecture decisions for their cloud service offering that mitigate the risk of vulnerabilities by default AND decrease the risk and complexity of vulnerability detection and response. +Providers MUST systematically, persistently, and promptly discover and identify vulnerabilities within their cloud service offering using appropriate techniques such as assessment, scanning, threat intelligence, vulnerability disclosure mechanisms, bug bounties, penetration testing, incident response, automated control testing, supply chain monitoring, and other relevant capabilities; this process is called vulnerability detection. Vulnerability detection includes persistently verifying and validating that information resources and processes are operating as intended and documented for FedRAMP Practices. -Terms: `Cloud Service Offering`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` +Terms: `Cloud Service Offering`, `FedRAMP Practices`, `Incident`, `Information Resource`, `Persistently`, `Promptly`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Note: FedRAMP's vulnerability detection (and response) rules are intended to set modern expectations for maintaining the security of a cloud service. Historical FedRAMP guidance on vulnerability scanning or continuous monitoring generally focused only on CVE-type vulnerabilities while leaving other types of vulnerabilities and exposures unaddressed. +Providers are encouraged to leverage their existing holistic security review, architecture review, and similar processes to meet these requirements. FedRAMP strongly discourages providers from implementing separate vulnerability detection and response processes for FedRAMP reporting that are operated by independent compliance branches unless these processes are consuming data directly from the areas of the cloud service that actively maintain it. -### `VDR-BST-MSP` (formerly `FRR-VDR-AY-05`) SHOULD NOT — Maintain Security +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Providers SHOULD NOT weaken the security of information resources to facilitate vulnerability scanning, detection, or assessment activities. - -Terms: `Information Resource`, `Vulnerability`, `Vulnerability Detection` - -Affects: Providers +### `VDR-CSO-DFR` SHOULD — Design For Resilience -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-BST-SIR` (formerly `FRR-VDR-04`) MAY — Sampling - -Providers MAY sample effectively identical information resources, especially machine-based information resources, when performing vulnerability detection UNLESS doing so would decrease the efficiency or effectiveness of vulnerability detection. +Providers SHOULD make design and architecture decisions for their cloud service offering that mitigate the risk of vulnerabilities by default AND decrease the risk and complexity of vulnerability detection and response. -Terms: `Information Resource`, `Machine-Based (information resources)`, `Vulnerability`, `Vulnerability Detection` +Terms: `Cloud Service Offering`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-CSO-DET` (formerly `FRR-VDR-01`) MUST — Vulnerability Detection +### `VDR-CSO-FAV` MUST — Failures Are Vulnerabilities -Providers MUST systematically, persistently, and promptly discover and identify vulnerabilities within their cloud service offering using appropriate techniques such as assessment, scanning, threat intelligence, vulnerability disclosure mechanisms, bug bounties, supply chain monitoring, and other relevant capabilities; this process is called vulnerability detection. +Providers MUST treat problems or failures with their vulnerability detection and response processes as vulnerabilities. -Terms: `Cloud Service Offering`, `Persistently`, `Promptly`, `Vulnerability`, `Vulnerability Detection` +Terms: `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-CSO-DOC` (formerly `FRR-VDR-11`) MUST — Documentation for Recommendations +### `VDR-CSO-MSP` SHOULD NOT — Maintain Security -Providers MUST document the reason and resulting implications for their customers when choosing not to meet FedRAMP recommendations in this process; this documentation MUST be included in the authorization data for the cloud service offering. +Providers SHOULD NOT weaken the security of information resources to facilitate vulnerability scanning, detection, or assessment activities. -Terms: `Authorization data`, `Cloud Service Offering` +Terms: `Information Resource`, `Provider`, `Vulnerability`, `Vulnerability Detection` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-CSO-RES` (formerly `FRR-VDR-02`) MUST — Vulnerability Response +### `VDR-CSO-RES` MUST — Vulnerability Response Providers MUST systematically, persistently, and promptly track, evaluate, monitor, mitigate, remediate, assess exploitation of, report, and otherwise manage all detected vulnerabilities within their cloud service offering; this process is called vulnerability response. -Terms: `Cloud Service Offering`, `Persistently`, `Promptly`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Note: If it is not possible to fully mitigate or remediate detected vulnerabilities, providers SHOULD instead partially mitigate vulnerabilities promptly, progressively, and persistently. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-EVA-EFA` (formerly `FRR-VDR-10`) SHOULD — Evaluation Factors - -Providers SHOULD consider at least the following factors when considering the context of the cloud service offering to evaluate detected vulnerabilities: - -Checklist items: -- **Criticality**: How important are the systems or information that might be impacted by the vulnerability? -- **Reachability**: How might a threat actor reach the vulnerability and how likely is that? -- **Exploitability**: How easy is it for a threat actor to exploit the vulnerability and how likely is that? -- **Detectability**: How easy is it for a threat actor to become aware of the vulnerability and how likely is that? -- **Prevalence**: How much of the cloud service offering is affected by the vulnerability? -- **Privilege**: How much privileged authority or access is granted or can be gained from exploiting the vulnerability? -- **Proximate Vulnerabilities**: How does this vulnerability interact with previously detected vulnerabilities, especially partially or fully mitigated vulnerabilities? -- **Known Threats**: How might already known threats leverage the vulnerability and how likely is that? - -Terms: `Cloud Service Offering`, `Fully Mitigated Vulnerability`, `Likely`, `Vulnerability`, `Vulnerability Detection` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-EVA-EFP` (formerly `FRR-VDR-06`) SHOULD — Evaluate False Positives - -Providers SHOULD evaluate detected vulnerabilities, considering the context of the cloud service offering, to determine if they are false positive vulnerabilities. - -Terms: `Cloud Service Offering`, `False Positive Vulnerability`, `Vulnerability`, `Vulnerability Detection` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-EVA-EIR` (formerly `FRR-VDR-08`) MUST — Evaluate Internet-Reachability - -Providers MUST evaluate detected vulnerabilities, considering the context of the cloud service offering, to determine if they are internet-reachable vulnerabilities. - -Terms: `Cloud Service Offering`, `Internet-Reachable Vulnerability (IRV)`, `Vulnerability`, `Vulnerability Detection` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-EVA-ELX` (formerly `FRR-VDR-07`) MUST — Evaluate Exploitability - -Providers MUST evaluate detected vulnerabilities, considering the context of the cloud service offering, to determine if they are likely exploitable vulnerabilities. - -Terms: `Cloud Service Offering`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Vulnerability`, `Vulnerability Detection` - -Affects: Providers - -Recent update: 2026-02-04 — Updated note from technical assistance; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-EVA-EPA` (formerly `FRR-VDR-09`) MUST — Estimate Potential Adverse Impact - -Providers MUST evaluate detected vulnerabilities, considering the context of the cloud service offering, to estimate the potential adverse impact of exploitation on government customers AND assign one of the following potential adverse impact ratings: - -Terms: `Agency`, `Catastrophic Adverse Effect`, `Cloud Service Offering`, `Limited Adverse Effect`, `Negligible Adverse Effect`, `Potential Adverse Impact (of vulnerability exploitation)`, `Serious Adverse Effect`, `Vulnerability`, `Vulnerability Detection` +Terms: `Cloud Service Offering`, `Fully Mitigated Vulnerability`, `Partially Mitigated Vulnerability`, `Persistently`, `Promptly`, `Provider`, `Remediated Vulnerability`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-EVA-GRV` (formerly `FRR-VDR-05`) SHOULD — Group Vulnerabilities - -Providers SHOULD evaluate detected vulnerabilities, considering the context of the cloud service offering, to identify logical groupings of affected information resources that may improve the efficiency and effectiveness of vulnerability response by consolidating further activity; requirements and recommendations in this process are then applied to these consolidated groupings of vulnerabilities instead of each individual detected instance. - -Terms: `Cloud Service Offering`, `Information Resource`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-FRP-ADV` (formerly `FRR-VDR-EX-02`) MAY — Sensitive Details - -FedRAMP MAY required providers to share additional information or details about vulnerabilities, including sensitive information that would likely lead to exploitation, as part of review, response or investigation by necessary parties. - -Terms: `Likely`, `Vulnerability`, `Vulnerability Response` - -Affects: FedRAMP - -Recent update: 2026-02-04 — Changed to FedRAMP responsibility; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-FRP-ARP` (formerly `FRR-VDR-EX-01`) MAY — Additional Requirements - -FedRAMP MAY require providers to share additional vulnerability information, alternative reports, or to report at an alternative frequency as a condition of a FedRAMP Corrective Action Plan or other agreements with federal agencies. - -Terms: `Agency`, `Vulnerability` - -Affects: FedRAMP - -Recent update: 2026-02-04 — Changed to FedRAMP responsibility; removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Note: If it is not possible to fully mitigate vulnerabilities or remediate vulnerabilities, providers SHOULD instead partially mitigate vulnerabilities promptly, progressively, and persistently. +FedRAMP does not use the terms "mitigation" and "remediation" interchangeably. Mitigation is the process of reducing the risk and impact of a vulnerability through partial mitigation and even full mitigation; remediation is the process of entirely eliminating the vulnerability. A fully mitigated vulnerability will still exist (with negligible risk) until it has been remediated. This separation is based on the plain language definitions of these words. +Please refer to FedRAMP Definitions for strict interpretation in the FedRAMP context. -### `VDR-RPT-AVI` (formerly `FRR-VDR-RP-06`) MUST — Accepted Vulnerability Info +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Providers MUST include the following information on accepted vulnerabilities when reporting on vulnerability detection and response activity: - -Checklist items: -- Provider's internally assigned tracking identifier -- Time and source of the detection -- Time of completed evaluation -- Is it an internet-reachable vulnerability or not? -- Is it a likely exploitable vulnerability or not? -- Currently estimated potential adverse impact of exploitation -- Explanation of why this is an accepted vulnerability -- Any supplementary information the provider determines will responsibly help federal agencies assess or mitigate the risk to their federal customer data within the cloud service offering resulting from the accepted vulnerability - -Terms: `Accepted Vulnerability`, `Agency`, `Cloud Service Offering`, `Federal Customer Data`, `Internet-Reachable Vulnerability (IRV)`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Potential Adverse Impact (of vulnerability exploitation)`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-RPT-HLO` (formerly `FRR-VDR-RP-02`) SHOULD — High-Level Overviews - -Providers SHOULD include high-level overviews of ALL vulnerability detection and response activities conducted during this period for the cloud service offering; this includes vulnerability disclosure programs, bug bounty programs, penetration testing, assessments, etc. - -Terms: `Cloud Service Offering`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` - -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-RPT-NID` (formerly `FRR-VDR-RP-03`) MUST NOT — Responsible Disclosure - -Providers MUST NOT irresponsibly disclose specific sensitive information about vulnerabilities that would likely lead to exploitation, but MUST disclose sufficient information for informed risk-based decision-making to all necessary parties. - -Terms: `All Necessary Parties`, `Likely`, `Vulnerability` - -Affects: Providers +### `VDR-CSO-SIR` MAY — Sampling -Note: This requirement will be superseded in the event of formal action related to an investigation or corrective action plan. - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-RPT-PER` (formerly `FRR-VDR-RP-01`) MUST — Persistent Reporting - -Providers MUST report vulnerability detection and response activity to all necessary parties persistently, summarizing ALL activity since the previous report; these reports are authorization data and are subject to the FedRAMP Authorization Data Sharing (ADS) process. +Providers MAY sample effectively identical information resources, especially machine-based information resources, when performing vulnerability detection UNLESS doing so would decrease the efficiency or effectiveness of vulnerability detection. -Terms: `All Necessary Parties`, `Authorization data`, `Persistently`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Provider`, `Vulnerability`, `Vulnerability Detection` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-RPT-RPD` (formerly `FRR-VDR-RP-04`) MAY — Responsible Public Disclosure +### `VDR-TFR-KEV` SHOULD — Remediate KEVs -Providers MAY responsibly disclose vulnerabilities publicly or with other parties if the provider determines doing so will NOT likely lead to exploitation. +Providers SHOULD remediate Known Exploited Vulnerabilities according to the due dates in the CISA Known Exploited Vulnerabilities Catalog (even if the vulnerability has been fully mitigated) as required by CISA Binding Operational Directive (BOD) 26-04 or any successor guidance from CISA. -Terms: `Likely`, `Vulnerability` +Terms: `Known Exploited Vulnerability (KEV)`, `Provider`, `Vulnerability` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-RPT-VDT` (formerly `FRR-VDR-RP-05`) MUST — Vulnerability Details +### `VDR-TFR-NMV` MUST — Non-Machine Verification and Validation -Providers MUST include the following information (if applicable) on detected vulnerabilities when reporting on vulnerability detection and response activity, UNLESS it is an accepted vulnerability: +Providers MUST verify and validate the status of non-machine-based information resources at least once every 3 months. -Checklist items: -- Provider's internally assigned tracking identifier -- Time and source of the detection -- Time of completed evaluation -- Is it an internet-reachable vulnerability or not? -- Is it a likely exploitable vulnerability or not? -- Historically and currently estimated potential adverse impact of exploitation -- Time and level of each completed and evaluated reduction in potential adverse impact -- Estimated time and target level of next reduction in potential adverse impact -- Is it currently or is it likely to become an overdue vulnerability or not? If so, explain. -- Any supplementary information the provider responsibly determines will help federal agencies assess or mitigate the risk to their federal customer data within the cloud service offering resulting from the vulnerability -- Final disposition of the vulnerability - -Terms: `Accepted Vulnerability`, `Agency`, `Cloud Service Offering`, `Federal Customer Data`, `Internet-Reachable Vulnerability (IRV)`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Overdue Vulnerability`, `Potential Adverse Impact (of vulnerability exploitation)`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Provider`, `Validation`, `Verification` Affects: Providers -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. - -### `VDR-TFR-EVU` — Evaluate Vulnerabilities Quickly - - +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Terms: `Vulnerability`, `Vulnerability Detection` +### `VDR-TFR-PCD` SHOULD — Persistently Complete Detection -Affects: Providers - -### `VDR-TFR-IRI` — Internet-Reachable Incidents +Varies by certification class: +- **Class A SHOULD:** Providers with Class A Certifications SHOULD persistently perform vulnerability detection on all information resources that are NOT likely to drift, at least once every 6 months. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD persistently perform vulnerability detection on all information resources that are NOT likely to drift, at least once every 6 months. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD persistently perform vulnerability detection on all information resources that are NOT likely to drift, at least once every month. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD persistently perform vulnerability detection on all information resources that are NOT likely to drift, at least once every month. - -Terms: `Incident`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Potential Adverse Impact (of vulnerability exploitation)`, `Vulnerability` +Terms: `Drift`, `Information Resource`, `Likely`, `Persistently`, `Provider`, `Vulnerability`, `Vulnerability Detection` Affects: Providers -### `VDR-TFR-KEV` (formerly `FRR-VDR-TF-02`) SHOULD — Remediate KEVs - -Providers SHOULD remediate Known Exploited Vulnerabilities according to the due dates in the CISA Known Exploited Vulnerabilities Catalog (even if the vulnerability has been fully mitigated) as required by CISA Binding Operational Directive (BOD) 22-01 or any successor guidance from CISA. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Terms: `Known Exploited Vulnerability (KEV)`, `Vulnerability` +### `VDR-TFR-PDD` SHOULD — Persistent Drift Detection -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Varies by certification class: -### `VDR-TFR-MAV` (formerly `FRR-VDR-TF-03`) MUST — Mark Accepted Vulnerabilities +- **Class A SHOULD:** Providers with Class A Certifications SHOULD persistently perform vulnerability detection on all information resources that are likely to drift, at least once every 3 months. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD persistently perform vulnerability detection on all information resources that are likely to drift, at least once every month. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD persistently perform vulnerability detection on all information resources that are likely to drift, at least once every 14 days. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD persistently perform vulnerability detection on all information resources that are likely to drift, at least once every 7 days. -Providers MUST categorize any vulnerability that is not or will not be fully mitigated or remediated within 192 days of evaluation as an accepted vulnerability. - -Terms: `Accepted Vulnerability`, `Vulnerability` +Terms: `Drift`, `Information Resource`, `Likely`, `Persistently`, `Provider`, `Vulnerability`, `Vulnerability Detection` Affects: Providers -Structured timeframe: `192` days +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +### `VDR-TFR-PSD` SHOULD — Persistent Sample Detection -### `VDR-TFR-MHR` (formerly `FRR-VDR-TF-01`) MUST — Monthly Activity Report +Varies by certification class: -Providers MUST report vulnerability detection and response activity to all necessary parties in a consistent format that is human readable at least monthly. +- **Class A SHOULD:** Providers with Class A Certifications SHOULD persistently perform vulnerability detection on representative samples of similar machine-based information resources, at least once every 14 days. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD persistently perform vulnerability detection on representative samples of similar machine-based information resources, at least once every 7 days. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD persistently perform vulnerability detection on representative samples of similar machine-based information resources, at least once every 3 days. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD persistently perform vulnerability detection on representative samples of similar machine-based information resources, at least once per day. -Terms: `All Necessary Parties`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Persistently`, `Provider`, `Vulnerability`, `Vulnerability Detection` Affects: Providers -Structured timeframe: `1` month - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -### `VDR-TFR-MRH` — Historical Activity +### `VDR-TFR-PVR` SHOULD — Mitigation and Remediation Expectations +Varies by certification class: +- **Class A SHOULD:** Providers with Class A Certifications SHOULD partially mitigate vulnerabilities, fully mitigate vulnerabilities, or remediate vulnerabilities to a lower potential agency impact within the timeframes from evaluation shown below, factoring for the current Potential Agency Impact N-rating as defined in VER-EVA-EPA (Estimate Potential Agency Impact), internet reachability, and likely exploitability. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD partially mitigate vulnerabilities, fully mitigate vulnerabilities, or remediate vulnerabilities to a lower potential agency impact within the timeframes from evaluation shown below, factoring for the current Potential Agency Impact N-rating as defined in VER-EVA-EPA (Estimate Potential Agency Impact), internet reachability, and likely exploitability: +- **Class C SHOULD:** Providers with Class C Certifications SHOULD partially mitigate vulnerabilities, fully mitigate vulnerabilities, or remediate vulnerabilities to a lower Potential Agency Impact N-rating within the timeframes from evaluation shown below, factoring for the current Potential Agency Impact N-rating as defined in VER-EVA-EPA (Estimate Potential Agency Impact), internet reachability, and likely exploitability: +- **Class D SHOULD:** Providers with Class D Certifications SHOULD partially mitigate vulnerabilities, fully mitigate vulnerabilities, or remediate vulnerabilities to a lower Potential Agency Impact N-rating within the maximum timeframes from evaluation shown below, factoring for the current Potential Agency Impact N-rating as defined in VER-EVA-EPA (Estimate Potential Agency Impact), internet reachability, and likely exploitability: -Terms: `All Necessary Parties`, `Machine-Readable`, `Persistently`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` +Terms: `Agency`, `Fully Mitigated Vulnerability`, `Likely`, `Partially Mitigated Vulnerability`, `Potential Agency Impact`, `Provider`, `Remediated Vulnerability`, `Vulnerability` Affects: Providers -### `VDR-TFR-NRI` — Non-Internet-Reachable Incidents +Recent update: 2026-07-01 — Added relevent terms and related controls. No change to the requirement. +### `VDR-TFR-RMN` SHOULD — Remaining Vulnerabilities +Providers SHOULD mitigate or remediate remaining vulnerabilities during routine operations as determined necessary by the provider. -Terms: `Incident`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Potential Adverse Impact (of vulnerability exploitation)`, `Vulnerability` +Terms: `Provider`, `Vulnerability` Affects: Providers -### `VDR-TFR-PCD` (formerly `FRR-VDR-TF-LO-04`) — Persistent Complete Detection - - +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. -Terms: `Drift`, `Information Resource`, `Likely`, `Persistently`, `Vulnerability`, `Vulnerability Detection` +## 20X -Affects: Providers - -Recent update: 2026-02-04 — Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes. +### `VDR-TFR-MVX` VARIES BY CLASS — Persistent Machine Verification and Validation for 20x -### `VDR-TFR-PDD` — Persistent Drift Detection +Varies by certification class: +- **Class A SHOULD:** Providers of FedRAMP 20x Class A offerings SHOULD verify and validate the status of machine-based information resources at least once every month. +- **Class B MUST:** Providers of FedRAMP 20x Class B offerings MUST verify and validate the status of machine-based information resources at least once every 7 days. +- **Class C MUST:** Providers of FedRAMP 20x Class C offerings MUST verify and validate the status of machine-based information resources at least once every 3 days. - -Terms: `Drift`, `Information Resource`, `Likely`, `Persistently`, `Vulnerability`, `Vulnerability Detection` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Provider`, `Validation`, `Verification` Affects: Providers -### `VDR-TFR-PSD` — Persistent Sample Detection - +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. +## REV5 -Terms: `Information Resource`, `Machine-Based (information resources)`, `Persistently`, `Vulnerability`, `Vulnerability Detection` +### `VDR-TFR-MVF` VARIES BY CLASS — Persistent Machine Verification and Validation for Rev5 -Affects: Providers - -### `VDR-TFR-PVR` — Mitigation and Remediation Expectations +Varies by certification class: +- **Class B SHOULD:** Providers of FedRAMP Rev5 Class B offerings SHOULD verify and validate the status of machine-based information resources at least once every month. +- **Class C MUST:** Providers of FedRAMP Rev5 Class C offerings MUST verify and validate the status of machine-based information resources at least once every month. +- **Class D MUST:** Providers of FedRAMP Rev5 Class D offerings MUST verify and validate the status of machine-based information resources at least once every month. - -Terms: `Likely`, `Potential Adverse Impact (of vulnerability exploitation)`, `Vulnerability` +Terms: `Information Resource`, `Machine-Based (Information Resources)`, `Provider`, `Validation`, `Verification` Affects: Providers -### `VDR-TFR-RMN` SHOULD — Remaining Vulnerabilities - -Providers SHOULD mitigate or remediate remaining vulnerabilities during routine operations as determined necessary by the provider. - -Terms: `Vulnerability` +Structured timeframe: `1` months -Affects: Providers +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/fedramp/processes/vulnerability-evaluation-and-reporting.md b/src/content/docs/docs/fedramp/processes/vulnerability-evaluation-and-reporting.md new file mode 100644 index 0000000..609b33f --- /dev/null +++ b/src/content/docs/docs/fedramp/processes/vulnerability-evaluation-and-reporting.md @@ -0,0 +1,371 @@ +--- +title: Vulnerability Evaluation and Reporting — FedRAMP Process +description: Official Consolidated Rules summary for the VER FedRAMP process, including applicability and requirements. +--- + +> Generated from the official [FedRAMP/rules](https://github.com/FedRAMP/rules) GitHub repo. +> Source path: [`fedramp-consolidated-rules.json`](https://github.com/FedRAMP/rules/blob/main/fedramp-consolidated-rules.json) on `main` at blob `7d628b63fdd9`. +> Consolidated Rules version: `2026.07.02.02` · upstream `last_updated`: `2026-07-02`. +> Supporting narrative documentation is available from the official `FedRAMP/2026-markdown` repository. + +# Vulnerability Evaluation and Reporting + +Short name: `VER` · Process ID: `VER` · Web slug: `vulnerability-evaluation-and-reporting` + +Applies to: `both` +Status: `stable` + + +Official page: [https://www.fedramp.gov/2026/reference/vulnerability-evaluation-and-reporting/](https://www.fedramp.gov/2026/reference/vulnerability-evaluation-and-reporting/) + +## Effective Status + +- 20x: required · Mandated by CISA BOD 26-04 · obtain 2026-12-07 · grace through 2027-03-07 +- Rev5: required · Mandated by CISA BOD 26-04 · obtain 2026-12-07 · grace through 2027-03-07 +- Shared requirements: 25 + +## Purpose + +The Vulnerability Evaluation and Reporting rules require cloud service providers to determine when vulnerabilities are likely to impact federal customers and report the status of such vulnerabilities to all necessary parties. + +## Rule Subsets + +- `AGM` — Agency Guidance: These rules for agencies apply to all agencies using a FedRAMP Certification. · types: 20x, Rev5 · classes: B, C, D +- `EVA` — Evaluation: These rules apply to the evaluation of vulnerabilities. · types: 20x, Rev5 · classes: B, C, D +- `FRP` — FedRAMP Responsibilities: These rules apply to FedRAMP when setting expectations for specific cloud service providers. · types: 20x, Rev5 · classes: B, C, D +- `RPT` — Reporting: These rules apply to reporting related to vulnerability detection and response. · types: 20x, Rev5 · classes: B, C, D +- `TFR` — Timeframes: These rules apply to timeframes for vulnerability detection and response. · types: 20x, Rev5 · classes: B, C, D + +## Requirements and Recommendations + +## BOTH + +### `VER-AGM-DRE` SHOULD NOT — Do Not Request Extra Info + +Agencies SHOULD NOT request additional information from cloud service providers that is not required by the FedRAMP Vulnerability Detection and Response rules UNLESS the head of the agency or an authorized delegate makes a determination that there is a demonstrable need for such. + +Terms: `Agency`, `FedRAMP Certified`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Agencies + +Note: This is related to the Presumption of Adequacy directed by 44 USC § 3613 (e). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-AGM-MAP` SHOULD — Maintain Agency Plans of Action and Milestones + +Agencies SHOULD use vulnerability information reported by the Provider to maintain Plans of Action and Milestones for agency security programs when relevant according to agency security policies (such as if the agency takes action to mitigate the risk of exploitation or authorized the continued use of a cloud service with accepted vulnerabilities that put agency information systems at risk). + +Terms: `Accepted Vulnerability`, `Agency`, `FedRAMP Certified`, `Provider`, `Vulnerability` + +Affects: Agencies + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-AGM-NFR` MUST — Notify FedRAMP + +Agencies MUST notify FedRAMP after requesting any additional vulnerability information or materials from a cloud service provider beyond those FedRAMP requires by sending a notification to [info@fedramp.gov](mailto:info@fedramp.gov). + +Terms: `Agency`, `Provider`, `Vulnerability` + +Affects: Agencies + +Note: This is an OMB policy; agencies are required to notify FedRAMP in OMB Memorandum M-24-15 section IV (a). + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-AGM-RVR` SHOULD — Review Vulnerability Reports + +Agencies SHOULD review the information provided in vulnerability reports at appropriate and reasonable intervals commensurate with the expectations and risk posture indicated by their Authorization to Operate, and SHOULD use automated processing and filtering of machine readable information from cloud service providers. + +Terms: `Accepted Vulnerability`, `Agency`, `Potential Agency Impact`, `Provider`, `Vulnerability` + +Affects: Agencies + +Note: FedRAMP recommends that agencies only review overdue and accepted vulnerabilities Potential Agency Impact N-rating > 2 unless the cloud service provider recommends mitigations or the service is included in a higher risk federal information system. Furthermore, accepted vulnerabilities generally only need to be reviewed when they are added or during an updated risk assessment due to changes in the agency's use or authorization. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-AIA` MUST — Assume It's Automatable + +Providers MUST assume the exploitation of vulnerabilities can be automated UNLESS they have evidence proving otherwise. + +Terms: `Provider`, `Vulnerability` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-EFA` SHOULD — Evaluation Factors + +Providers SHOULD consider at least the following factors when considering the context of the cloud service offering to evaluate detected vulnerabilities: + +Checklist items: +- **Criticality**: How important are the systems or information that might be impacted by the vulnerability? +- **Reachability**: How might a threat actor reach the vulnerability and how likely is that? +- **Exploitability**: How easy is it for a threat actor to exploit the vulnerability and how likely is that? +- **Detectability**: How easy is it for a threat actor to become aware of the vulnerability and how likely is that? +- **Prevalence**: How much of the cloud service offering is affected by the vulnerability? +- **Privilege**: How much privileged authority or access is granted or can be gained from exploiting the vulnerability? +- **Proximate Vulnerabilities**: How does this vulnerability interact with previously detected vulnerabilities, especially partially or fully mitigated vulnerabilities? +- **Known Threats**: How might already known threats leverage the vulnerability and how likely is that? + +Terms: `Cloud Service Offering`, `Fully Mitigated Vulnerability`, `Likely`, `Provider`, `Vulnerability`, `Vulnerability Detection` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-EFP` SHOULD — Evaluate False Positives + +Providers SHOULD evaluate detected vulnerabilities, considering the context of the cloud service offering, to determine if they are false positive vulnerabilities. + +Terms: `Cloud Service Offering`, `False Positive Vulnerability`, `Provider`, `Vulnerability`, `Vulnerability Detection` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-EIR` MUST — Evaluate Internet-Reachability + +Providers MUST evaluate detected vulnerabilities, considering the context of the cloud service offering, to determine if they are internet-reachable vulnerabilities. + +Terms: `Cloud Service Offering`, `FedRAMP Certified`, `Internet-Reachable Vulnerability (IRV)`, `Provider`, `Vulnerability`, `Vulnerability Detection` + +Affects: Providers + +Note: FedRAMP focuses on internet-reachable (rather than internet-accessible) to ensure that any service that might receive a payload from the internet is prioritized if that service has a vulnerability that can be triggered by processing the data in the payload. +The simplest way to prevent exploitation of internet-reachable vulnerabilities is to intercept, inspect, filter, sanitize, reject, or otherwise deflect triggering payloads before they are processed by the vulnerable resource; once this prevention is in place the vulnerability should no longer be considered an internet-reachable vulnerability. +A classic example of an internet-reachable vulnerability on systems that are not typically internet-accessible is [SQL injection](https://en.wikipedia.org/wiki/SQL_injection), where an application stack behind a load balancer and firewall with no ability to route traffic to or from the internet can receive a payload indirectly from the internet that triggers the manipulation or compromise of data in a database that can only be accessed by an authorized connection from the application server on a private network. +Another simple example is the infamous Log4Shell (https://en.wikipedia.org/wiki/Log4Shell) vulnerability from 2021, where exploitation was possible via vulnerable internet-reachable resources deep in the application stack that were often not internet-accessible themselves. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-ELX` MUST — Evaluate Exploitability + +Providers MUST evaluate detected vulnerabilities, considering the context of the cloud service offering, to determine if they are likely exploitable vulnerabilities. + +Terms: `Cloud Service Offering`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Provider`, `Regularly`, `Vulnerability`, `Vulnerability Detection` + +Affects: Providers + +Note: The simple reality is that most traditional vulnerabilities discovered by scanners or during assessment are not likely to be exploitable; exploitation typically requires an unrealistic set of circumstances that will not occur during normal operation. The likelihood of exploitation will vary depending on so many factors that FedRAMP will not recommend a specific framework for approaching this beyond these rules. +The proof, ultimately, is in the pudding - providers who regularly evaluate vulnerabilities as not likely exploitable without careful consideration are more likely to suffer from an adverse impact where the root cause was an exploited vulnerability that was improperly evaluated. If done recklessly or deliberately, such actions will have a negative impact on a provider's FedRAMP Certification. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-EPA` MUST — Estimate Potential Agency Impact + +Providers MUST evaluate detected vulnerabilities, considering the context of the cloud service offering, to estimate the potential agency impact of exploitation on government customers AND assign one of the following Potential Agency Impact N-ratings (PAIN): + +Checklist items: +- **N1**: Exploitation could be expected to have minimal customer effects on one or more agencies that use the cloud service offering. +- **N2**: Exploitation could be expected to have narrow customer effects on one or more agencies that use the cloud service offering. +- **N3**: Exploitation could be expected to have a disruptive customer effect on one agency that uses the cloud service offering. +- **N4**: Exploitation could be expected to have a debilitating customer effect on one agency that uses the cloud service offering OR a disruptive customer effect on more than one federal agency that uses the cloud service offering. +- **N5**: Exploitation could be expected to have a debilitating customer effect on more than one agency that uses the cloud service offering. + +Terms: `Agency`, `Cloud Service Offering`, `Debilitating Customer Effect`, `Disruptive Customer Effect`, `Minimal Customer Effect`, `Narrow Customer Effect`, `Potential Agency Impact`, `Provider`, `Vulnerability`, `Vulnerability Detection` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-EVA-GRV` SHOULD — Group Vulnerabilities + +Providers SHOULD evaluate detected vulnerabilities, considering the context of the cloud service offering, to identify logical groupings of affected information resources that may improve the efficiency and effectiveness of vulnerability response by consolidating further activity; FedRAMP Vulnerability Detection and Response rules are then applied to these consolidated groupings of vulnerabilities instead of each individual detected instance. + +Terms: `Cloud Service Offering`, `Information Resource`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-FRP-ADV` MAY — Sensitive Details + +FedRAMP MAY require providers to share additional information or details about vulnerabilities, including sensitive information that would likely lead to exploitation, as part of review, response or investigation by necessary parties. + +Terms: `Likely`, `Provider`, `Vulnerability`, `Vulnerability Response` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-FRP-ARP` MAY — Additional Requirements + +FedRAMP MAY require providers to share additional vulnerability information, alternative reports, or to report at an alternative frequency as a condition of a FedRAMP Corrective Action Plan or other agreements with federal agencies. + +Terms: `Agency`, `Provider`, `Vulnerability` + +Affects: FedRAMP + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-RPT-AVI` MUST — Accepted Vulnerability Info + +Providers MUST include the following information on accepted vulnerabilities when reporting on vulnerability detection and response activity: + +Checklist items: +- Provider's internally assigned tracking identifier +- Time and source of the detection +- Time of completed evaluation +- Is it an internet-reachable vulnerability or not? +- Is it a likely exploitable vulnerability or not? +- Currently estimated Potential Agency Impact N-rating +- Explanation of why this is an accepted vulnerability +- Any supplementary information the provider determines will responsibly help federal agencies assess or mitigate the risk to their federal customer data within the cloud service offering resulting from the accepted vulnerability + +Terms: `Accepted Vulnerability`, `Agency`, `Cloud Service Offering`, `Federal Customer Data`, `Internet-Reachable Vulnerability (IRV)`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Potential Agency Impact`, `Provider`, `Responsibly`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-RPT-HLO` SHOULD — High-Level Overviews + +Providers SHOULD include high-level overviews of ALL vulnerability detection and response activities conducted during this period for the cloud service offering; this includes vulnerability disclosure programs, bug bounty programs, penetration testing, assessments, etc. + +Terms: `Cloud Service Offering`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-RPT-NID` MUST NOT — Responsible Disclosure + +Providers MUST NOT irresponsibly disclose specific sensitive information about vulnerabilities that would likely lead to exploitation, but MUST disclose sufficient information for informed risk-based decision-making to all necessary parties. + +Terms: `All Necessary Parties`, `Likely`, `Provider`, `Vulnerability` + +Affects: Providers + +Note: This requirement will be superseded in the event of formal action related to an investigation or corrective action plan. + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-RPT-PER` MUST — Persistent Reporting + +Providers MUST report vulnerability detection and response activity (including persistent verification and validation) to all necessary parties persistently, summarizing ALL activity since the previous report; these reports are FedRAMP Certification Data and are subject to FedRAMP Certification Data Sharing rules. + +Terms: `All Necessary Parties`, `Certification Data`, `Persistently`, `Provider`, `Validation`, `Verification`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-RPT-RPD` MAY — Responsible Public Disclosure + +Providers MAY responsibly disclose vulnerabilities publicly or with other parties if the provider determines doing so will NOT likely lead to exploitation. + +Terms: `Likely`, `Provider`, `Responsibly`, `Vulnerability` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-RPT-VDT` MUST — Vulnerability Details + +Providers MUST include the following information (if applicable) on detected vulnerabilities when reporting on vulnerability detection and response activity, UNLESS it is an accepted vulnerability: + +Checklist items: +- Provider's internally assigned tracking identifier +- Time and source of the detection +- Time of completed evaluation +- Is it an internet-reachable vulnerability or not? +- Is it a likely exploitable vulnerability or not? +- Historically and currently estimated Potential Agency Impact N-rating of exploitation +- Time and Potential Agency Impact N-rating of each completed and evaluated reduction in Potential Agency Impact N-rating +- Estimated time and target Potential Agency Impact N-rating of next reduction in Potential Agency Impact N-rating +- Is it currently or is it likely to become an overdue vulnerability or not? If so, explain. +- Any supplementary information the provider responsibly determines will help federal agencies assess or mitigate the risk to their federal customer data within the cloud service offering resulting from the vulnerability +- Final disposition of the vulnerability + +Terms: `Accepted Vulnerability`, `Agency`, `Cloud Service Offering`, `Federal Customer Data`, `Internet-Reachable Vulnerability (IRV)`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Overdue Vulnerability`, `Potential Agency Impact`, `Provider`, `Responsibly`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-TFR-EVU` SHOULD — Evaluate Vulnerabilities Quickly + +Varies by certification class: + +- **Class A SHOULD:** Providers with Class A Certifications SHOULD evaluate ALL vulnerabilities as required by VER-EVA (Evaluation) within 14 days of detection. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD evaluate ALL vulnerabilities as required by VER-EVA (Evaluation) within 7 days of detection. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD evaluate ALL vulnerabilities as required by VER-EVA (Evaluation) within 5 days of detection. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD evaluate ALL vulnerabilities as required by VER-EVA (Evaluation) within 2 days of detection. + +Terms: `Provider`, `Vulnerability`, `Vulnerability Detection` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-TFR-IRI` VARIES BY CLASS — Internet-Reachable Incidents + +Varies by certification class: + +- **Class A MAY:** Providers with Class A Certifications MAY treat internet-reachable likely exploitable vulnerabilities where Potential Agency Impact N-rating > 3 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N3 or below. +- **Class B MAY:** Providers with Class B Certifications MAY treat internet-reachable likely exploitable vulnerabilities where Potential Agency Impact N-rating > 3 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N3 or below. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD treat internet-reachable likely exploitable vulnerabilities where Potential Agency Impact N-rating > 3 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N3 or below. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD treat internet-reachable likely exploitable vulnerabilities where Potential Agency Impact N-rating > 3 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N3 or below. + +Terms: `Agency`, `FedRAMP Reportable Incident`, `Incident`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Partially Mitigated Vulnerability`, `Potential Agency Impact`, `Provider`, `Vulnerability` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-TFR-MAV` MUST — Mark Accepted Vulnerabilities + +Providers MUST categorize any vulnerability that is not or will not be fully mitigated or remediated within 192 days of evaluation as an accepted vulnerability. + +Terms: `Accepted Vulnerability`, `Provider`, `Vulnerability` + +Affects: Providers + +Structured timeframe: `192` days + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-TFR-MHR` MUST — Monthly Activity Report + +Providers MUST report vulnerability detection and response activity to all necessary parties in a consistent format that is human readable at least monthly. + +Terms: `All Necessary Parties`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Structured timeframe: `1` months + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-TFR-MRH` VARIES BY CLASS — Historical Activity + +Varies by certification class: + +- **Class A MAY:** Providers with Class A Certifications MAY make all recent historical vulnerability detection and response activity available in JSON format for automated retrieval by all necessary parties (e.g. using an API service or similar); this information MAY be updated persistently, at least once every month. +- **Class B SHOULD:** Providers with Class B Certifications SHOULD make all recent historical vulnerability detection and response activity available in JSON format for automated retrieval by all necessary parties (e.g. using an API service or similar); this information SHOULD be updated persistently, at least once every month. +- **Class C SHOULD:** Providers with Class C Certifications SHOULD make all recent historical vulnerability detection and response activity available in JSON format for automated retrieval by all necessary parties (e.g. using an API service or similar); this information SHOULD be updated persistently, at least once every 14 days. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD make all recent historical vulnerability detection and response activity available in JSON format for automated retrieval by all necessary parties (e.g. using an API service or similar); this information SHOULD be updated persistently, at least once every 7 days. + +Terms: `All Necessary Parties`, `Persistently`, `Provider`, `Vulnerability`, `Vulnerability Detection`, `Vulnerability Response` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. + +### `VER-TFR-NRI` VARIES BY CLASS — Non-Internet-Reachable Incidents + +Varies by certification class: + +- **Class A MAY:** Providers with Class A Certifications MAY treat likely exploitable vulnerabilities that are NOT internet-reachable where Potential Agency Impact N-rating = 5 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N4 or below. +- **Class B MAY:** Providers with Class B Certifications MAY treat likely exploitable vulnerabilities that are NOT internet-reachable where Potential Agency Impact N-rating = 5 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N4 or below. +- **Class C MAY:** Providers with Class C Certifications MAY treat likely exploitable vulnerabilities that are NOT internet-reachable where Potential Agency Impact N-rating = 5 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N4 or below. +- **Class D SHOULD:** Providers with Class D Certifications SHOULD treat likely exploitable vulnerabilities that are NOT internet-reachable where Potential Agency Impact N-rating = 5 as a FedRAMP Reportable Incident until they are partially mitigated vulnerabilities at N4 or below. + +Terms: `Agency`, `FedRAMP Reportable Incident`, `Incident`, `Likely`, `Likely Exploitable Vulnerability (LEV)`, `Partially Mitigated Vulnerability`, `Potential Agency Impact`, `Provider`, `Vulnerability` + +Affects: Providers + +Recent update: 2026-06-24 — Official launch of the FedRAMP Consolidated Rules for 2026. diff --git a/src/content/docs/docs/index.md b/src/content/docs/docs/index.md index 1448340..8a957e0 100644 --- a/src/content/docs/docs/index.md +++ b/src/content/docs/docs/index.md @@ -36,7 +36,7 @@ If you want the path that best matches the current product direction: - `/audit` for framework mapping and control classification. - `/assess` for posture readouts, risk order, and confidence notes. - `/validate` for narrow FIPS validation questions. -- Official FedRAMP FRMR-backed lookups and generated docs under [`/docs/fedramp/`](/docs/fedramp/). +- Official FedRAMP Consolidated Rules lookups and generated docs under [`/docs/fedramp/`](/docs/fedramp/). - `fedramp_assess_readiness` when you want an operator-facing brief for a FedRAMP process or KSI instead of raw lookup data. - `fedramp_plan_process_artifacts` and `fedramp_plan_ads_package` when you need a concrete trust-center and evidence rollout plan instead of another lookup. - `fedramp_generate_ads_bundle` when you want grclanker to scaffold an ADS starter package you can actually start filling in. diff --git a/src/content/docs/docs/tools/catalog.md b/src/content/docs/docs/tools/catalog.md index 9fc7170..901709e 100644 --- a/src/content/docs/docs/tools/catalog.md +++ b/src/content/docs/docs/tools/catalog.md @@ -95,7 +95,7 @@ Current bundled surface: | `fedramp_get_requirement` | Get official FedRAMP requirement | | `fedramp_plan_ads_package` | Plan ADS trust-center package | | `fedramp_plan_process_artifacts` | Plan FedRAMP process artifacts | -| `fedramp_search_frmr` | Search official FedRAMP FRMR data | +| `fedramp_search_frmr` | Search official FedRAMP Consolidated Rules data | ## GCP diff --git a/wrangler.jsonc b/wrangler.jsonc new file mode 100644 index 0000000..08ad661 --- /dev/null +++ b/wrangler.jsonc @@ -0,0 +1,9 @@ +{ + "$schema": "node_modules/wrangler/config-schema.json", + "name": "grclanker", + "compatibility_date": "2026-07-01", + "assets": { + "directory": "./dist", + "not_found_handling": "404-page" + } +}