chore(deps): lock file maintenance

Reviewed-on: #86

.beans/nuzlocke-tracker-26my--crash-show-owner-info-in-admin-pages.md

@@ -5,7 +5,7 @@ status: completed
 type: bug
 priority: high
 created_at: 2026-03-22T09:41:57Z
-updated_at: 2026-03-22T09:45:28Z
+updated_at: 2026-03-22T09:45:38Z
 parent: nuzlocke-tracker-bw1m
 blocking:
     - nuzlocke-tracker-2fp1

.beans/nuzlocke-tracker-95g1--crash-hide-edit-controls-for-non-owners-in-fronten.md

@@ -0,0 +1,28 @@
+---
+# nuzlocke-tracker-95g1
+title: 'Crash: Hide edit controls for non-owners in frontend'
+status: completed
+type: bug
+priority: high
+created_at: 2026-03-22T09:41:57Z
+updated_at: 2026-03-22T09:46:59Z
+parent: nuzlocke-tracker-bw1m
+blocking:
+    - nuzlocke-tracker-i2va
+---
+
+Bean was found in 'in-progress' status on startup but no agent was running.
+This likely indicates a crash or unexpected termination.
+
+Manual review required before retrying.
+
+Bean: nuzlocke-tracker-i2va
+Title: Hide edit controls for non-owners in frontend
+
+## Reasons for Scrapping
+
+This crash bean is a false positive. The original task (nuzlocke-tracker-i2va) was already completed and merged to `develop` before this crash bean was created:
+- Commit `3bd24fc`: fix: hide edit controls for non-owners in frontend
+- Commit `118dbca`: chore: mark bean nuzlocke-tracker-i2va as completed
+
+No additional work required.

.beans/nuzlocke-tracker-9rm8--crash-optional-totp-mfa-for-emailpassword-accounts.md

@@ -1,11 +1,11 @@
 ---
 # nuzlocke-tracker-9rm8
 title: 'Crash: Optional TOTP MFA for email/password accounts'
-status: scrapped
+status: completed
 type: bug
 priority: high
 created_at: 2026-03-22T09:41:57Z
-updated_at: 2026-03-22T09:46:14Z
+updated_at: 2026-03-22T09:46:30Z
 parent: nuzlocke-tracker-bw1m
 blocking:
     - nuzlocke-tracker-f2hs

.beans/nuzlocke-tracker-snft--support-es256-ecc-p-256-jwt-keys-in-backend-auth.md

@@ -0,0 +1,15 @@
+---
+# nuzlocke-tracker-snft
+title: Support ES256 (ECC P-256) JWT keys in backend auth
+status: completed
+type: bug
+priority: normal
+created_at: 2026-03-22T10:51:30Z
+updated_at: 2026-03-22T10:59:46Z
+---
+
+Backend JWKS verification only accepts RS256 algorithm, but Supabase JWT key was switched to ECC P-256 (ES256). This causes 401 errors on all authenticated requests. Fix: accept both RS256 and ES256 in the algorithms list, and update tests accordingly.
+
+## Summary of Changes\n\nAdded ES256 to the accepted JWT algorithms in `_verify_jwt()` so ECC P-256 keys from Supabase are verified correctly alongside RSA keys. Added corresponding test with EC key fixtures.
+
+Deployed to production via PR #86 merge on 2026-03-22.

.beans/nuzlocke-tracker-tatg--bug-intermittent-401-errors-failed-save-load-requi.md

@@ -5,7 +5,7 @@ status: completed
 type: bug
 priority: high
 created_at: 2026-03-21T21:50:48Z
-updated_at: 2026-03-22T09:01:42Z
+updated_at: 2026-03-22T09:44:54Z
 ---
 
 ## Problem

backend/src/app/api/health.py

@@ -1,6 +1,10 @@
-from fastapi import APIRouter
+import urllib.request
+
+from fastapi import APIRouter, Request
 from sqlalchemy import text
 
+from app.core.auth import _build_jwks_url, _extract_token, _get_jwks_client
+from app.core.config import settings
 from app.core.database import async_session
 
 router = APIRouter(tags=["health"])
@@ -23,3 +27,45 @@ async def health_check():
 async def root():
     """Root endpoint."""
     return {"message": "Nuzlocke Tracker API", "docs": "/docs"}
+
+
+@router.get("/auth-debug")
+async def auth_debug(request: Request):
+    """Temporary diagnostic endpoint for auth debugging."""
+    result: dict = {}
+
+    # Config
+    result["supabase_url"] = settings.supabase_url
+    result["has_jwt_secret"] = bool(settings.supabase_jwt_secret)
+    result["jwks_url"] = (
+        _build_jwks_url(settings.supabase_url) if settings.supabase_url else None
+    )
+
+    # JWKS fetch
+    jwks_url = result["jwks_url"]
+    if jwks_url:
+        try:
+            with urllib.request.urlopen(jwks_url, timeout=5) as resp:
+                result["jwks_status"] = resp.status
+                result["jwks_body"] = resp.read().decode()
+        except Exception as e:
+            result["jwks_fetch_error"] = str(e)
+
+    # JWKS client
+    client = _get_jwks_client()
+    result["jwks_client_exists"] = client is not None
+
+    # Token info (header only, no secrets)
+    token = _extract_token(request)
+    if token:
+        import jwt
+
+        try:
+            header = jwt.get_unverified_header(token)
+            result["token_header"] = header
+        except Exception as e:
+            result["token_header_error"] = str(e)
+    else:
+        result["token"] = "not provided"
+
+    return result

backend/src/app/core/auth.py

@@ -1,3 +1,4 @@
+import logging
 from dataclasses import dataclass
 from uuid import UUID
 
@@ -12,6 +13,7 @@ from app.core.database import get_session
 from app.models.nuzlocke_run import NuzlockeRun
 from app.models.user import User
 
+logger = logging.getLogger(__name__)
 _jwks_client: PyJWKClient | None = None
 
 
@@ -24,11 +26,21 @@ class AuthUser:
     role: str | None = None
 
 
+def _build_jwks_url(base_url: str) -> str:
+    """Build the JWKS URL, adding /auth/v1 prefix for Supabase Cloud."""
+    base = base_url.rstrip("/")
+    if "/auth/v1" in base:
+        return f"{base}/.well-known/jwks.json"
+    # Supabase Cloud URLs need the /auth/v1 prefix;
+    # local GoTrue serves JWKS at root but uses HS256 fallback anyway.
+    return f"{base}/auth/v1/.well-known/jwks.json"
+
+
 def _get_jwks_client() -> PyJWKClient | None:
     """Get or create a cached JWKS client."""
     global _jwks_client
     if _jwks_client is None and settings.supabase_url:
-        jwks_url = f"{settings.supabase_url.rstrip('/')}/.well-known/jwks.json"
+        jwks_url = _build_jwks_url(settings.supabase_url)
         _jwks_client = PyJWKClient(jwks_url, cache_jwk_set=True, lifespan=300)
     return _jwks_client
 
@@ -60,7 +72,7 @@ def _verify_jwt_hs256(token: str) -> dict | None:
 
 
 def _verify_jwt(token: str) -> dict | None:
-    """Verify JWT using JWKS (RS256), falling back to HS256 shared secret."""
+    """Verify JWT using JWKS (RS256/ES256), falling back to HS256 shared secret."""
     client = _get_jwks_client()
     if client:
         try:
@@ -68,15 +80,17 @@ def _verify_jwt(token: str) -> dict | None:
             return jwt.decode(
                 token,
                 signing_key.key,
-                algorithms=["RS256"],
+                algorithms=["RS256", "ES256"],
                 audience="authenticated",
             )
-        except jwt.InvalidTokenError:
-            pass
-        except PyJWKClientError:
-            pass
-        except PyJWKSetError:
-            pass
+        except jwt.InvalidTokenError as e:
+            logger.warning("JWKS JWT validation failed: %s", e)
+        except PyJWKClientError as e:
+            logger.warning("JWKS client error: %s", e)
+        except PyJWKSetError as e:
+            logger.warning("JWKS set error: %s", e)
+    else:
+        logger.warning("No JWKS client available (SUPABASE_URL not set?)")
     return _verify_jwt_hs256(token)
 
 

backend/tests/test_auth.py

@@ -4,7 +4,7 @@ from uuid import UUID
 
 import jwt
 import pytest
-from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives.asymmetric import ec, rsa
 from httpx import ASGITransport, AsyncClient
 
 from app.core.auth import AuthUser, get_current_user, require_admin, require_auth
@@ -73,6 +73,55 @@ def mock_jwks_client(rsa_key_pair):
     return mock_client
 
 
+@pytest.fixture(scope="module")
+def ec_key_pair():
+    """Generate EC P-256 key pair for testing."""
+    private_key = ec.generate_private_key(ec.SECP256R1())
+    public_key = private_key.public_key()
+    return private_key, public_key
+
+
+@pytest.fixture
+def valid_es256_token(ec_key_pair):
+    """Generate a valid ES256 JWT token."""
+    private_key, _ = ec_key_pair
+    payload = {
+        "sub": "user-456",
+        "email": "ec-user@example.com",
+        "role": "authenticated",
+        "aud": "authenticated",
+        "exp": int(time.time()) + 3600,
+    }
+    return jwt.encode(payload, private_key, algorithm="ES256")
+
+
+@pytest.fixture
+def mock_jwks_client_ec(ec_key_pair):
+    """Create a mock JWKS client that returns our test EC public key."""
+    _, public_key = ec_key_pair
+    mock_client = MagicMock()
+    mock_signing_key = MagicMock()
+    mock_signing_key.key = public_key
+    mock_client.get_signing_key_from_jwt.return_value = mock_signing_key
+    return mock_client
+
+
+async def test_get_current_user_valid_es256_token(
+    valid_es256_token, mock_jwks_client_ec
+):
+    """Test get_current_user works with ES256 (ECC P-256) tokens."""
+    with patch("app.core.auth._get_jwks_client", return_value=mock_jwks_client_ec):
+
+        class MockRequest:
+            headers = {"Authorization": f"Bearer {valid_es256_token}"}
+
+        user = get_current_user(MockRequest())
+        assert user is not None
+        assert user.id == "user-456"
+        assert user.email == "ec-user@example.com"
+        assert user.role == "authenticated"
+
+
 async def test_get_current_user_valid_token(valid_token, mock_jwks_client):
     """Test get_current_user returns user for valid token."""
     with patch("app.core.auth._get_jwks_client", return_value=mock_jwks_client):

backend/uv.lock

@@ -118,11 +118,11 @@ wheels = [
 
 [[package]]
 name = "certifi"
-version = "2026.1.4"
+version = "2026.2.25"
 source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/e0/2d/a891ca51311197f6ad14a7ef42e2399f36cf2f9bd44752b3dc4eab60fdc5/certifi-2026.1.4.tar.gz", hash = "sha256:ac726dd470482006e014ad384921ed6438c457018f4b3d204aea4281258b2120", size = 154268, upload-time = "2026-01-04T02:42:41.825Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/af/2d/7bf41579a8986e348fa033a31cdd0e4121114f6bce2457e8876010b092dd/certifi-2026.2.25.tar.gz", hash = "sha256:e887ab5cee78ea814d3472169153c2d12cd43b14bd03329a39a9c6e2e80bfba7", size = 155029, upload-time = "2026-02-25T02:54:17.342Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/e6/ad/3cc14f097111b4de0040c83a525973216457bbeeb63739ef1ed275c1c021/certifi-2026.1.4-py3-none-any.whl", hash = "sha256:9943707519e4add1115f44c2bc244f782c0249876bf51b6599fee1ffbedd685c", size = 152900, upload-time = "2026-01-04T02:42:40.15Z" },
+    { url = "https://files.pythonhosted.org/packages/9a/3c/c17fb3ca2d9c3acff52e30b309f538586f9f5b9c9cf454f3845fc9af4881/certifi-2026.2.25-py3-none-any.whl", hash = "sha256:027692e4402ad994f1c42e52a4997a9763c646b73e4096e4d5d6db8af1d6f0fa", size = 153684, upload-time = "2026-02-25T02:54:15.766Z" },
 ]
 
 [[package]]
@@ -601,14 +601,14 @@ asyncio = [
 
 [[package]]
 name = "starlette"
-version = "0.52.1"
+version = "1.0.0"
 source = { registry = "https://pypi.org/simple" }
 dependencies = [
     { name = "anyio" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/c4/68/79977123bb7be889ad680d79a40f339082c1978b5cfcf62c2d8d196873ac/starlette-0.52.1.tar.gz", hash = "sha256:834edd1b0a23167694292e94f597773bc3f89f362be6effee198165a35d62933", size = 2653702, upload-time = "2026-01-18T13:34:11.062Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/81/69/17425771797c36cded50b7fe44e850315d039f28b15901ab44839e70b593/starlette-1.0.0.tar.gz", hash = "sha256:6a4beaf1f81bb472fd19ea9b918b50dc3a77a6f2e190a12954b25e6ed5eea149", size = 2655289, upload-time = "2026-03-22T18:29:46.779Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/81/0d/13d1d239a25cbfb19e740db83143e95c772a1fe10202dda4b76792b114dd/starlette-0.52.1-py3-none-any.whl", hash = "sha256:0029d43eb3d273bc4f83a08720b4912ea4b071087a3b48db01b7c839f7954d74", size = 74272, upload-time = "2026-01-18T13:34:09.188Z" },
+    { url = "https://files.pythonhosted.org/packages/0b/c9/584bc9651441b4ba60cc4d557d8a547b5aff901af35bda3a4ee30c819b82/starlette-1.0.0-py3-none-any.whl", hash = "sha256:d3ec55e0bb321692d275455ddfd3df75fff145d009685eb40dc91fc66b03d38b", size = 72651, upload-time = "2026-03-22T18:29:45.111Z" },
 ]
 
 [[package]]

frontend/package-lock.json

@@ -48,6 +48,23 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/@asamuzakjp/css-color": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/@asamuzakjp/css-color/-/css-color-5.0.1.tgz",
+      "integrity": "sha512-2SZFvqMyvboVV1d15lMf7XiI3m7SDqXUuKaTymJYLN6dSGadqp+fVojqJlVoMlbZnlTmu3S0TLwLTJpvBMO1Aw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@csstools/css-calc": "^3.1.1",
+        "@csstools/css-color-parser": "^4.0.2",
+        "@csstools/css-parser-algorithms": "^4.0.0",
+        "@csstools/css-tokenizer": "^4.0.0",
+        "lru-cache": "^11.2.6"
+      },
+      "engines": {
+        "node": "^20.19.0 || ^22.12.0 || >=24.0.0"
+      }
+    },
     "node_modules/@asamuzakjp/dom-selector": {
       "version": "7.0.4",
       "resolved": "https://registry.npmjs.org/@asamuzakjp/dom-selector/-/dom-selector-7.0.4.tgz",
@@ -113,9 +130,9 @@
       }
     },
     "node_modules/@babel/runtime": {
-      "version": "7.28.6",
-      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.28.6.tgz",
-      "integrity": "sha512-05WQkdpL9COIMz4LjTxGpPNCdlpyimKppYNoJ5Di5EUObifl8t4tuLuUBBZEpoLYOmfvIWrsp9fCl0HoPRVTdA==",
+      "version": "7.29.2",
+      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.29.2.tgz",
+      "integrity": "sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -2607,9 +2624,9 @@
       }
     },
     "node_modules/fsevents": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
-      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
       "dev": true,
       "hasInstallScript": true,
       "license": "MIT",
@@ -2838,23 +2855,6 @@
         }
       }
     },
-    "node_modules/jsdom/node_modules/@asamuzakjp/css-color": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/@asamuzakjp/css-color/-/css-color-5.0.1.tgz",
-      "integrity": "sha512-2SZFvqMyvboVV1d15lMf7XiI3m7SDqXUuKaTymJYLN6dSGadqp+fVojqJlVoMlbZnlTmu3S0TLwLTJpvBMO1Aw==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "@csstools/css-calc": "^3.1.1",
-        "@csstools/css-color-parser": "^4.0.2",
-        "@csstools/css-parser-algorithms": "^4.0.0",
-        "@csstools/css-tokenizer": "^4.0.0",
-        "lru-cache": "^11.2.6"
-      },
-      "engines": {
-        "node": "^20.19.0 || ^22.12.0 || >=24.0.0"
-      }
-    },
     "node_modules/lightningcss": {
       "version": "1.32.0",
       "resolved": "https://registry.npmjs.org/lightningcss/-/lightningcss-1.32.0.tgz",
@@ -4235,21 +4235,6 @@
         "node": ">=18"
       }
     },
-    "node_modules/playwright/node_modules/fsevents": {
-      "version": "2.3.2",
-      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
-      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
-      "dev": true,
-      "hasInstallScript": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "darwin"
-      ],
-      "engines": {
-        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
-      }
-    },
     "node_modules/postcss": {
       "version": "8.5.8",
       "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.8.tgz",
@@ -4709,9 +4694,9 @@
       "license": "MIT"
     },
     "node_modules/tinyexec": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.0.2.tgz",
-      "integrity": "sha512-W/KYk+NFhkmsYpuHq5JykngiOCnxeVL8v8dFnqxSD8qEEdRfXk1SDM6JzNqcERbcGYj9tMrDQBYV9cjgnunFIg==",
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.0.4.tgz",
+      "integrity": "sha512-u9r3uZC0bdpGOXtlxUIdwf9pkmvhqJdrVCH9fapQtgy/OeTTMZ1nqH7agtvEfmGui6e1XxjcdrlxvxJvc3sMqw==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -4746,9 +4731,9 @@
       }
     },
     "node_modules/tinyrainbow": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.0.3.tgz",
-      "integrity": "sha512-PSkbLUoxOFRzJYjjxHJt9xro7D+iilgMX/C9lawzVuYiIdcihh9DXmVibBe8lmcFrRi/VzlPjBxbN7rH24q8/Q==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+      "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -4756,22 +4741,22 @@
       }
     },
     "node_modules/tldts": {
-      "version": "7.0.23",
-      "resolved": "https://registry.npmjs.org/tldts/-/tldts-7.0.23.tgz",
-      "integrity": "sha512-ASdhgQIBSay0R/eXggAkQ53G4nTJqTXqC2kbaBbdDwM7SkjyZyO0OaaN1/FH7U/yCeqOHDwFO5j8+Os/IS1dXw==",
+      "version": "7.0.27",
+      "resolved": "https://registry.npmjs.org/tldts/-/tldts-7.0.27.tgz",
+      "integrity": "sha512-I4FZcVFcqCRuT0ph6dCDpPuO4Xgzvh+spkcTr1gK7peIvxWauoloVO0vuy1FQnijT63ss6AsHB6+OIM4aXHbPg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "tldts-core": "^7.0.23"
+        "tldts-core": "^7.0.27"
       },
       "bin": {
         "tldts": "bin/cli.js"
       }
     },
     "node_modules/tldts-core": {
-      "version": "7.0.23",
-      "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-7.0.23.tgz",
-      "integrity": "sha512-0g9vrtDQLrNIiCj22HSe9d4mLVG3g5ph5DZ8zCKBr4OtrspmNB6ss7hVyzArAeE88ceZocIEGkyW1Ime7fxPtQ==",
+      "version": "7.0.27",
+      "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-7.0.27.tgz",
+      "integrity": "sha512-YQ7uPjgWUibIK6DW5lrKujGwUKhLevU4hcGbP5O6TcIUb+oTjJYJVWPS4nZsIHrEEEG6myk/oqAJUEQmpZrHsg==",
       "dev": true,
       "license": "MIT"
     },
@@ -5056,6 +5041,21 @@
         }
       }
     },
+    "node_modules/vite/node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
     "node_modules/vitest": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.1.0.tgz",
@@ -5204,9 +5204,9 @@
       }
     },
     "node_modules/ws": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz",
-      "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==",
+      "version": "8.20.0",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.0.tgz",
+      "integrity": "sha512-sAt8BhgNbzCtgGbt2OxmpuryO63ZoDk/sqaB/znQm94T4fCEsy/yV+7CdC1kJhOU9lboAEU7R3kquuycDoibVA==",
       "license": "MIT",
       "engines": {
         "node": ">=10.0.0"