...` sink; the
// htmlspecialchars(json_encode(...), ENT_QUOTES) pattern used for data-*
// attributes is already safe and does not need this.
function json_script($value): string {
    return json_encode(
        $value,
        JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_UNESCAPED_UNICODE
    );
}

// require_csrf rotates the token after every successful check (Finding
// H1). A leaked token (via DOM dump / error log / browser cache) is now
// usable for at most one mutation. Forms re-render with csrf_token() so
// they pick up the new value automatically; AJAX callers should read
// the X-CSRF-Token response header and update their in-memory copy.
function require_csrf(): void {
    $sent = $_POST['csrf'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? '';
    if (!\is_string($sent) || !hash_equals($_SESSION['csrf'], $sent)) {
        http_response_code(403);
        exit('CSRF check failed');
    }
    $_SESSION['csrf'] = bin2hex(random_bytes(32));
    header('X-CSRF-Token: ' . $_SESSION['csrf']);
}
<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <title>Sign in — Yggdrasil</title>

  <!-- Inter from Google Fonts. The preconnect pair shaves ~100ms off
       the first paint on a cold visit. -->
  <link rel="preconnect" href="https://fonts.googleapis.com">
  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">

  <!-- Tailwind v3 Play CDN. The inline config below extends the
       palette with brand (forest green), surface/page/ink semantic
       tokens, and Inter as the sans font. (No forms plugin — our
       explicit form styles in admin.css cover everything.) -->
  <script src="https://cdn.tailwindcss.com"></script>
  <script>
    tailwind.config = {
      theme: {
        extend: {
          colors: {
            brand: {
              50:  '#F0FDF4',
              100: '#DCFCE7',
              200: '#BBF7D0',
              300: '#86EFAC',
              400: '#4ADE80',
              500: '#1F8A4C',
              600: '#15803D',
              700: '#166534',
              800: '#064E3B',
              900: '#022C22',
            },
            surface: '#FFFFFF',
            page:    '#F8FAFC',
            ink: {
              DEFAULT: '#0F172A',
              muted:   '#64748B',
              soft:    '#94A3B8',
            },
            line: '#E2E8F0',
          },
          fontFamily: {
            sans: ['Inter', 'ui-sans-serif', 'system-ui', 'sans-serif'],
            mono: ['ui-monospace', 'SF Mono', 'Menlo', 'Consolas', 'monospace'],
          },
          boxShadow: {
            card: '0 1px 2px 0 rgb(15 23 42 / 0.04), 0 1px 3px 0 rgb(15 23 42 / 0.06)',
          },
        },
      },
    };
  </script>

  <!-- Tom Select drives every language picker (migration 0015).
       Keep its base CSS; admin.css overrides its colours below. -->
  <link rel="stylesheet" href="/assets/tomselect.min.css">
  <script defer src="/assets/tomselect.min.js"></script>

  <!-- Lucide icons via CDN. `lucide.createIcons()` runs at the end of
       <body> after the DOM is parsed so `<i data-lucide="…">` placeholders
       swap into SVGs. -->
  <script defer src="https://unpkg.com/lucide@latest/dist/umd/lucide.min.js"></script>

  <!-- Component layer (admin.css) inlined into a Tailwind-processed
       block so its @apply directives compile against the config
       above. -->
  <style type="text/tailwindcss">
/* ===============================================================
 * Yggdrasil Admin UI — component layer.
 *
 * This file is read by layout.php and inlined inside a
 * `<style type="text/tailwindcss">` block so the Tailwind Play CDN
 * processes its `@apply` directives at runtime. It also contains
 * plain CSS for things that don't map to a single utility (Tom
 * Select skin, table-layout details).
 *
 * Design tokens are configured in layout.php's inline
 * `tailwind.config`: brand (forest green), surface, page, ink
 * (text), line (borders), Inter as the sans font.
 * =============================================================== */


/* ===== Base reset ============================================== */
@layer base {
  html { -webkit-text-size-adjust: 100%; }
  body {
    @apply bg-page text-ink font-sans antialiased;
    font-size: 13.5px;
    font-feature-settings: 'cv11', 'ss01';  /* Inter tweaks: clearer 1/I, single-storey a */
  }
  h1 { @apply text-[20px] font-semibold tracking-tight; }
  h2 { @apply text-sm font-semibold tracking-tight; }
  h3 { @apply text-xs font-semibold uppercase tracking-wider text-ink-muted; }
  p  { @apply leading-relaxed; }
  hr { @apply border-line my-4; }
  a  { @apply text-brand-600 transition-colors no-underline; }
  a:hover { @apply text-brand-700; }
  code, kbd, pre, samp { @apply font-mono; }
  code { @apply text-[11.5px] bg-page rounded px-1.5 py-0.5 text-ink; }
  pre { @apply bg-page rounded-md p-3 text-xs overflow-x-auto border border-line leading-relaxed; }
  *:focus-visible { @apply outline-none ring-2 ring-brand-500/40 ring-offset-1 ring-offset-page; }
  /* Tabular numbers for stats / counts / IDs anywhere. */
  .tnum, .stat .value, td code, th + th, .meta-chip .meta-value {
    font-variant-numeric: tabular-nums;
  }
}


/* ===== App shell =============================================== */
.app-shell {
  display: grid;
  grid-template-columns: 248px 1fr;
  min-height: 100vh;
}
.sidebar {
  @apply bg-surface border-r border-line sticky top-0 flex flex-col;
  height: 100vh;
  padding: 18px 12px;
  gap: 1px;
}
.sidebar .brand {
  @apply flex items-center mb-4 px-2;
  gap: 10px;
  padding-bottom: 16px;
  border-bottom: 1px solid theme('colors.line');
  color: inherit;
}
.sidebar .brand:hover { color: inherit; }
.sidebar .brand-mark {
  @apply flex items-center justify-center shrink-0;
  width: 34px;
  height: 34px;
}
/* yggdrasil-logo-color.png is a full-colour mark on transparent — show
   it as-is on the light sidebar (no badge backing needed). */
.sidebar .brand-mark .brand-logo {
  width: 100%;
  height: 100%;
  object-fit: contain;
  display: block;
}
.sidebar .brand-text {
  @apply font-semibold tracking-tight text-ink;
  font-size: 15px;
  letter-spacing: -0.01em;
}
.sidebar nav {
  @apply flex-1 flex flex-col overflow-y-auto;
  gap: 1px;
}
.sidebar .nav-section {
  @apply text-[10px] uppercase font-semibold text-ink-soft px-2.5 pt-4 pb-1.5;
  letter-spacing: 0.08em;
}
.sidebar .nav-section:first-child { padding-top: 4px; }
.sidebar .nav-item {
  @apply flex items-center rounded-md text-[13px] font-medium text-ink-muted relative;
  gap: 10px;
  padding: 6px 10px;
  transition: background-color 120ms ease, color 120ms ease;
}
.sidebar .nav-item:hover { @apply bg-page text-ink; }
.sidebar .nav-item.active {
  @apply bg-brand-50 text-brand-700 font-semibold;
}
.sidebar .nav-item.active::before {
  content: '';
  position: absolute;
  left: -12px;
  top: 6px;
  bottom: 6px;
  width: 3px;
  border-radius: 0 3px 3px 0;
  @apply bg-brand-500;
}
.sidebar .nav-item.active:hover { @apply bg-brand-100; }
.sidebar .nav-item svg {
  width: 16px;
  height: 16px;
  flex-shrink: 0;
  stroke-width: 2;
}
.sidebar-foot {
  @apply mt-2 pt-3 flex flex-col;
  gap: 8px;
  border-top: 1px solid theme('colors.line');
}
.sidebar-foot .user-row {
  @apply flex items-center px-1;
  gap: 8px;
}
.sidebar-foot .user-avatar {
  @apply rounded-full bg-brand-100 text-brand-700 font-semibold flex items-center justify-center shrink-0;
  width: 26px;
  height: 26px;
  font-size: 11px;
  letter-spacing: 0.02em;
}
.sidebar-foot .user-email {
  @apply text-[11.5px] text-ink-muted whitespace-nowrap overflow-hidden text-ellipsis flex-1;
}
.sidebar-foot form button {
  width: 100%;
}

.main { @apply flex flex-col min-h-screen min-w-0; }
.page-header {
  @apply flex items-start justify-between bg-surface;
  gap: 24px;
  padding: 24px 32px 18px;
  border-bottom: 1px solid theme('colors.line');
}
.page-header h1 {
  @apply font-semibold text-ink;
  font-size: 20px;
  line-height: 1.25;
  letter-spacing: -0.015em;
}
.page-header .crumb {
  @apply text-[12px] text-ink-muted;
  margin-bottom: 6px;
  display: flex;
  align-items: center;
  gap: 4px;
}
.page-header .crumb a { @apply text-ink-muted; transition: color 120ms; }
.page-header .crumb a:hover { @apply text-ink; }
.page-header .subtitle {
  @apply text-[13px] text-ink-muted;
  margin-top: 6px;
  font-variant-numeric: tabular-nums;
}
.page-header .actions {
  @apply flex items-center shrink-0;
  gap: 8px;
}
.page-content {
  @apply flex-1 flex flex-col;
  padding: 24px 32px 32px;
  gap: 20px;
  max-width: 1440px;
  width: 100%;
}


/* ===== Cards =================================================== */
.card {
  @apply bg-surface rounded-lg overflow-hidden;
  border: 1px solid theme('colors.line');
}
.card-header {
  @apply flex items-baseline justify-between bg-surface;
  padding: 14px 20px;
  gap: 12px;
  border-bottom: 1px solid theme('colors.line');
}
.card-header h2 {
  @apply font-semibold text-ink m-0;
  font-size: 13.5px;
  letter-spacing: -0.005em;
}
.card-header .hint {
  @apply text-[12px] text-ink-muted font-normal;
}
.card-body { padding: 20px; }
.card-body.flush { padding: 0; overflow-x: auto; -webkit-overflow-scrolling: touch; }
.card-body.flush > table { min-width: 100%; }
/* Tighter card-body when stacking forms — fields breathe enough at p-5;
 * this just removes the bottom-padding doubling when a card has only one
 * card-body element followed by a card-body.flush. */
.card > .card-body + .card-body.flush {
  border-top: 1px solid theme('colors.line');
}
details.card > summary.card-header,
.card > details > summary.card-header {
  cursor: pointer;
  list-style: revert;
  padding-left: 20px;
}
details.card[open] > summary.card-header {
  @apply border-b border-line;
}
details.card:not([open]) > summary.card-header {
  border-bottom: none;
}


/* ===== Buttons ================================================= */
.btn, button, input[type="submit"] {
  @apply inline-flex items-center justify-center font-medium rounded-md text-ink no-underline cursor-pointer;
  height: 32px;
  padding: 0 12px;
  font-size: 12.5px;
  gap: 6px;
  background: theme('colors.surface');
  border: 1px solid theme('colors.line');
  transition: background-color 120ms ease, border-color 120ms ease, color 120ms ease, box-shadow 120ms ease;
  white-space: nowrap;
  letter-spacing: -0.005em;
}
.btn:hover, button:hover, input[type="submit"]:hover {
  background: theme('colors.page');
  border-color: #CBD5E1;
}
.btn[disabled], button[disabled], input[type="submit"][disabled] {
  @apply opacity-50 cursor-not-allowed;
}
/* Submit buttons default to primary unless a variant is set. */
button[type="submit"]:not(.btn-ghost):not(.btn-danger):not(.btn-small):not(.delete),
.btn-primary {
  background: theme('colors.brand.500');
  border-color: theme('colors.brand.500');
  color: white;
}
button[type="submit"]:not(.btn-ghost):not(.btn-danger):not(.btn-small):not(.delete):hover,
.btn-primary:hover {
  background: theme('colors.brand.600');
  border-color: theme('colors.brand.600');
  color: white;
}
.btn-ghost,
button[type="submit"].btn-ghost {
  background: transparent;
  border-color: theme('colors.line');
  color: theme('colors.ink.muted');
}
.btn-ghost:hover,
button[type="submit"].btn-ghost:hover {
  background: theme('colors.page');
  color: theme('colors.ink.DEFAULT');
  border-color: #CBD5E1;
}
.btn-danger,
button.delete,
button[type="submit"].btn-danger {
  background: #DC2626;
  border-color: #DC2626;
  color: white;
}
.btn-danger:hover,
button.delete:hover,
button[type="submit"].btn-danger:hover {
  background: #B91C1C;
  border-color: #B91C1C;
  color: white;
}
.btn-sm,
button.btn-sm,
.btn-small,
button.btn-small,
.actions-cell .btn-sm {
  height: 26px;
  padding: 0 8px;
  font-size: 11.5px;
  gap: 4px;
}
.btn svg, button svg { width: 14px; height: 14px; flex-shrink: 0; stroke-width: 2; }
.btn-sm svg, .btn-small svg, .actions-cell .btn-sm svg { width: 12px; height: 12px; }


/* ===== Forms ===================================================
 * Every text-entry control across the admin UI shares the same
 * 32px height, 12.5px font, 1px line border, brand-tinted focus
 * halo. Listed explicitly so we don't pick up `type="hidden"` or
 * `type="submit"` (those are handled separately). */
input[type="text"],
input[type="email"],
input[type="url"],
input[type="password"],
input[type="number"],
input[type="search"],
input[type="tel"],
input[type="date"],
input[type="time"],
input[type="datetime-local"],
input[type="month"],
input[type="week"],
input:not([type]),
select,
textarea {
  @apply bg-surface text-ink rounded-md w-full;
  height: 32px;
  padding: 0 11px;
  font-size: 12.5px;
  font-family: theme('fontFamily.sans');
  border: 1px solid theme('colors.line');
  transition: border-color 120ms ease, box-shadow 120ms ease;
  color: theme('colors.ink.DEFAULT');
  line-height: 30px;     /* h-32 minus 2×1 border so text vertically centers */
  box-sizing: border-box;
}
input::placeholder, textarea::placeholder { color: theme('colors.ink.soft'); }
input[type="text"]:hover,
input[type="email"]:hover,
input[type="url"]:hover,
input[type="password"]:hover,
input[type="number"]:hover,
input[type="search"]:hover,
input[type="tel"]:hover,
input[type="date"]:hover,
input[type="time"]:hover,
input:not([type]):hover,
select:hover,
textarea:hover {
  border-color: #CBD5E1;
}
input[type="text"]:focus,
input[type="email"]:focus,
input[type="url"]:focus,
input[type="password"]:focus,
input[type="number"]:focus,
input[type="search"]:focus,
input[type="tel"]:focus,
input[type="date"]:focus,
input[type="time"]:focus,
input:not([type]):focus,
select:focus,
textarea:focus {
  outline: none;
  border-color: theme('colors.brand.500');
  box-shadow: 0 0 0 3px rgb(31 138 76 / 0.12);
}
/* WebKit's native date / time picker indicators inherit colour from
 * `color-scheme`; force a neutral cursor stroke that matches the
 * select chevron and the rest of the palette. */
input[type="date"]::-webkit-calendar-picker-indicator,
input[type="time"]::-webkit-calendar-picker-indicator,
input[type="datetime-local"]::-webkit-calendar-picker-indicator {
  cursor: pointer;
  opacity: 0.6;
  filter: grayscale(1);
}
input[type="date"]::-webkit-calendar-picker-indicator:hover,
input[type="time"]::-webkit-calendar-picker-indicator:hover {
  opacity: 0.9;
}
/* Trim Firefox's default inner padding on number inputs so they line
 * up with text inputs on the same row. */
input[type="number"] {
  -moz-appearance: textfield;
}
input[type="number"]::-webkit-outer-spin-button,
input[type="number"]::-webkit-inner-spin-button {
  -webkit-appearance: none;
  margin: 0;
}
textarea {
  height: auto;
  padding: 8px 11px;
  min-height: 80px;
  @apply font-mono leading-relaxed;
  font-size: 12px;
}
select {
  padding-right: 32px;
  appearance: none;
  background-repeat: no-repeat;
  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' viewBox='0 0 24 24' fill='none' stroke='%2394A3B8' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3E%3Cpolyline points='6 9 12 15 18 9'%3E%3C/polyline%3E%3C/svg%3E");
  background-position: right 10px center;
  background-size: 12px;
  cursor: pointer;
}
input[type="checkbox"], input[type="radio"] {
  width: 15px;
  height: 15px;
  accent-color: theme('colors.brand.500');
  cursor: pointer;
}

label {
  @apply block font-medium text-ink;
  font-size: 11.5px;
  margin: 0 0 5px 0;
  letter-spacing: 0.003em;
}
label.inline {
  display: inline-flex;
  align-items: center;
  gap: 8px;
  margin-bottom: 0;
}
label .hint, label small {
  display: block;
  margin: 0 0 4px 0;
  font-weight: 400;
  font-size: 11px;
  color: theme('colors.ink.muted');
}
.field-error { @apply text-xs text-red-600 mt-1; }

.form-inline {
  display: flex;
  align-items: flex-end;
  gap: 10px;
  flex-wrap: wrap;
}
.form-inline label { margin-bottom: 0; }
.form-section {
  margin-bottom: 18px;
  padding-bottom: 16px;
  border-bottom: 1px solid theme('colors.line');
}
.form-section > *:not(.form-section-label, summary) + * { margin-top: 12px; }
.form-section:last-child { border-bottom: none; padding-bottom: 0; margin-bottom: 0; }
.form-section-label {
  font-size: 10.5px;
  font-weight: 600;
  text-transform: uppercase;
  letter-spacing: 0.08em;
  color: theme('colors.ink.muted');
  margin-bottom: 10px;
}
details.form-section > summary {
  cursor: pointer;
  list-style: revert;
  font-size: 13px;
  font-weight: 500;
  color: theme('colors.ink.DEFAULT');
}
details.form-section > summary:hover { color: theme('colors.brand.700'); }


/* ===== Tables ================================================== */
table {
  width: 100%;
  background: theme('colors.surface');
  border-collapse: collapse;
  font-size: 13px;
}
thead th {
  font-size: 10.5px;
  font-weight: 600;
  text-transform: uppercase;
  letter-spacing: 0.075em;
  color: theme('colors.ink.muted');
  text-align: left;
  padding: 10px 16px;
  background: theme('colors.surface');
  border-bottom: 1px solid theme('colors.line');
  position: sticky;
  top: 0;
  z-index: 1;
}
tbody td {
  padding: 12px 16px;
  border-bottom: 1px solid theme('colors.line');
  color: theme('colors.ink.DEFAULT');
  vertical-align: middle;
  line-height: 1.45;
}
tbody tr {
  transition: background-color 80ms ease;
}
tbody tr:last-child td { border-bottom: 0; }
tbody tr:hover { background: theme('colors.page'); }
tbody td code { font-size: 11.5px; background: transparent; padding: 0; }
tbody td small { display: inline; font-size: 11.5px; color: theme('colors.ink.muted'); margin: 0; }
tbody td strong { font-weight: 600; color: theme('colors.ink.DEFAULT'); }

/* Action cells are <td> elements — keep them as table-cells so the
 * table layout algorithm computes their column width correctly. Lay
 * out children inline-block (right-aligned) instead of flex. Using
 * `display: flex` on a <td> takes it out of the table grid and the
 * cell content can drift far past the column boundary. */
td.actions-cell,
.actions-cell {
  white-space: nowrap;
  text-align: right;
  vertical-align: middle;
}
td.actions-cell > form,
td.actions-cell form[style*="display:inline"],
.actions-cell > form,
.actions-cell form[style*="display:inline"] {
  display: inline-block !important;
  margin: 0;
  vertical-align: middle;
}
td.actions-cell > *,
.actions-cell > * {
  vertical-align: middle;
}
td.actions-cell > * + *,
.actions-cell > * + * {
  margin-left: 4px;
}
.actions-cell .btn,
.actions-cell button,
.actions-cell a.btn {
  white-space: nowrap;
}
.actions-cell .actions-divider {
  display: inline-block;
  width: 1px;
  height: 18px;
  background: theme('colors.line');
  margin: 0 4px;
  vertical-align: middle;
}

.cell-stack {
  display: flex;
  flex-direction: column;
  gap: 3px;
}
.cell-stack > * { line-height: 1.4; }
.cell-stack .label {
  font-size: 10px;
  text-transform: uppercase;
  letter-spacing: 0.08em;
  color: theme('colors.ink.soft');
  font-weight: 600;
  margin-right: 6px;
}

/* `<td class="row-id">` — sources / credentials list. Stacks display
 * name (bold), an inline `#id` tag, and a muted URL on the next line. */
td.row-id strong {
  font-weight: 600;
  color: theme('colors.ink.DEFAULT');
  font-size: 13.5px;
}
td.row-id small {
  font-size: 11px;
  color: theme('colors.ink.soft');
  margin-left: 6px;
  font-family: ui-monospace, 'SF Mono', Menlo, monospace;
}
td.row-id .url {
  display: block;
  font-size: 11.5px;
  color: theme('colors.ink.muted');
  font-family: ui-monospace, 'SF Mono', Menlo, monospace;
  margin-top: 4px;
  overflow: hidden;
  text-overflow: ellipsis;
  white-space: nowrap;
  max-width: 520px;
}


/* ===== Status badges =========================================== */
.badge {
  display: inline-flex;
  align-items: center;
  gap: 4px;
  padding: 1px 7px;
  border-radius: 10px;
  font-size: 10.5px;
  font-weight: 600;
  letter-spacing: 0.005em;
  border: 1px solid transparent;
  white-space: nowrap;
  line-height: 1.5;
  font-variant-numeric: tabular-nums;
}
.badge svg { width: 11px; height: 11px; }
.badge-active   { background: theme('colors.brand.50'); color: theme('colors.brand.700'); border-color: theme('colors.brand.200'); }
.badge-success  { background: theme('colors.brand.50'); color: theme('colors.brand.700'); border-color: theme('colors.brand.200'); }
.badge-inactive { background: theme('colors.page'); color: theme('colors.ink.muted'); border-color: theme('colors.line'); }
.badge-neutral  { background: theme('colors.page'); color: theme('colors.ink.muted'); border-color: theme('colors.line'); }
.badge-warning  { background: #FFFBEB; color: #B45309; border-color: #FDE68A; }
.badge-danger   { background: #FEF2F2; color: #B91C1C; border-color: #FECACA; }
.badge-info     { background: #EFF6FF; color: #1D4ED8; border-color: #BFDBFE; }


/* ===== Notices / flash messages ================================ */
.notice,
.err {
  display: flex;
  align-items: flex-start;
  gap: 10px;
  border: 1px solid;
  border-radius: 8px;
  padding: 12px 14px;
  font-size: 13px;
  line-height: 1.5;
}
.notice::before,
.err::before {
  /* Inline SVG icon as ::before pseudo. Each variant picks its own icon
   * via the URL below. Sized to match the 13px text baseline. */
  content: '';
  display: block;
  width: 16px;
  height: 16px;
  flex-shrink: 0;
  margin-top: 1px;
  background-repeat: no-repeat;
  background-position: center;
  background-size: 16px;
}
.notice-info {
  background: #EFF6FF;
  border-color: #BFDBFE;
  color: #1E40AF;
}
.notice-info::before {
  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' viewBox='0 0 24 24' fill='none' stroke='%231E40AF' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3E%3Ccircle cx='12' cy='12' r='10'/%3E%3Cpath d='M12 16v-4'/%3E%3Cpath d='M12 8h.01'/%3E%3C/svg%3E");
}
.notice-success {
  background: theme('colors.brand.50');
  border-color: theme('colors.brand.200');
  color: theme('colors.brand.800');
}
.notice-success::before {
  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' viewBox='0 0 24 24' fill='none' stroke='%23064E3B' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3E%3Cpath d='M21.801 10A10 10 0 1 1 17 3.335'/%3E%3Cpath d='m9 11 3 3L22 4'/%3E%3C/svg%3E");
}
.notice-warning {
  background: #FFFBEB;
  border-color: #FDE68A;
  color: #92400E;
}
.notice-warning::before {
  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' viewBox='0 0 24 24' fill='none' stroke='%2392400E' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3E%3Cpath d='M10.29 3.86 1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z'/%3E%3Cline x1='12' x2='12' y1='9' y2='13'/%3E%3Cline x1='12' x2='12.01' y1='17' y2='17'/%3E%3C/svg%3E");
}
.notice-error,
.err {
  background: #FEF2F2;
  border-color: #FECACA;
  color: #991B1B;
}
.notice-error::before,
.err::before {
  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' viewBox='0 0 24 24' fill='none' stroke='%23991B1B' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3E%3Ccircle cx='12' cy='12' r='10'/%3E%3Cline x1='15' y1='9' x2='9' y2='15'/%3E%3Cline x1='9' y1='9' x2='15' y2='15'/%3E%3C/svg%3E");
}
.notice strong,
.err strong { font-weight: 600; color: inherit; }
.notice code,
.err code { background: rgb(15 23 42 / 0.05); color: inherit; }
/* Notice content can grow — flex child sizing so any nested content
 * (icon-prefix is the first ::before, then real markup follows) wraps. */
.notice > *,
.err > * { min-width: 0; }


/* ===== Empty state ============================================= */
.empty {
  text-align: center;
  padding: 56px 24px;
  color: theme('colors.ink.muted');
}
.empty .icon {
  display: inline-flex;
  align-items: center;
  justify-content: center;
  width: 56px;
  height: 56px;
  margin: 0 auto 14px;
  border-radius: 12px;
  background: theme('colors.page');
  color: theme('colors.ink.soft');
  border: 1px solid theme('colors.line');
}
.empty .icon svg {
  width: 24px;
  height: 24px;
  stroke-width: 1.75;
}
.empty p { margin: 0; line-height: 1.6; }
.empty p:first-of-type {
  font-size: 13.5px;
  color: theme('colors.ink.DEFAULT');
  font-weight: 500;
}
.empty p + p { margin-top: 6px; font-size: 12.5px; }
.empty strong { color: theme('colors.ink.DEFAULT'); font-weight: 600; }
.empty .btn { margin-top: 16px; }


/* ===== Stat grid (metrics) ===================================== */
.stat-grid {
  display: grid;
  grid-template-columns: repeat(auto-fit, minmax(180px, 1fr));
  gap: 12px;
}
.stat {
  background: theme('colors.surface');
  border: 1px solid theme('colors.line');
  border-radius: 10px;
  padding: 16px 18px;
  transition: border-color 120ms ease;
}
.stat:hover { border-color: #CBD5E1; }
.stat .label {
  font-size: 10.5px;
  text-transform: uppercase;
  letter-spacing: 0.08em;
  color: theme('colors.ink.muted');
  font-weight: 600;
  margin-bottom: 6px;
}
.stat .value {
  font-size: 24px;
  font-weight: 600;
  color: theme('colors.ink.DEFAULT');
  line-height: 1.1;
  letter-spacing: -0.015em;
  font-variant-numeric: tabular-nums;
}
.stat .sub { font-size: 11.5px; color: theme('colors.ink.muted'); margin-top: 4px; }


/* ===== KV grid (definition list) =============================== */
/* `<dl class="kv">` — preferred form. Grid layout, label left / value right. */
dl.kv {
  display: grid;
  grid-template-columns: 160px 1fr;
  @apply gap-x-3 gap-y-1.5 text-sm;
}
dl.kv dt {
  @apply text-ink-muted font-medium text-xs uppercase tracking-wide;
}
dl.kv dd { @apply m-0 text-ink; }

/* `<table class="kv">` — same idea, but built on table rows (article.php).
 * The table layout handles long values + wraps gracefully on narrow widths. */
table.kv {
  @apply text-sm;
  width: auto;
}
table.kv th {
  @apply text-ink-muted font-medium text-xs uppercase tracking-wide text-left pr-4 py-1 align-top;
  font-weight: 500;
  width: 160px;
  white-space: nowrap;
  background: transparent;
  border-bottom: none;
  position: static;
}
table.kv td {
  @apply text-ink py-1 align-top;
  border-bottom: none;
}
table.kv tr:hover { background: transparent; }


/* ===== Row utility =============================================
 * `.row` is a flex row of equal-width columns. When children are
 * <label>s with varying-length `<small>` help text, the inputs
 * would otherwise sit at different vertical positions inside their
 * label (right after the help). Making each label a flex column
 * with the input pushed to the bottom (`margin-top: auto`) gives
 * every input/select/textarea in the row a single shared baseline. */
.row {
  display: flex;
  gap: 12px;
  flex-wrap: wrap;
  align-items: stretch;
}
.row > * { flex: 1 1 0; min-width: 200px; }
.row > label {
  display: flex;
  flex-direction: column;
}
.row > label > input,
.row > label > select,
.row > label > textarea,
.row > label > .ts-wrapper {
  margin-top: auto;
}
.spacer { flex: 1; }
.muted { @apply text-ink-muted; }
.hint,
.help,
p.help { @apply text-xs text-ink-muted; }
p.help { @apply mt-2; }

/* `<label class="checkbox">` — inline label with checkbox inside (test.php). */
label.checkbox {
  @apply inline-flex items-center gap-2 text-sm font-normal text-ink mb-0;
}
label.checkbox input { @apply m-0; }


/* ===== Page header crumb hint ================================== */
.crumb { @apply text-xs text-ink-muted; }


/* ===== URL tags (source_map.php Discovered URLs) =============== */
.url-tag {
  display: inline-flex;
  align-items: center;
  padding: 0 8px;
  height: 22px;
  border-radius: 11px;
  font-size: 10.5px;
  font-weight: 600;
  letter-spacing: 0.005em;
  line-height: 1;
  border: 1px solid transparent;
  white-space: nowrap;
  text-decoration: none !important;
  background: transparent;
  cursor: pointer;
  transition: background-color 120ms ease, color 120ms ease, border-color 120ms ease;
}
.url-tag-article {
  color: theme('colors.brand.700');
  border-color: theme('colors.brand.200');
  background: theme('colors.brand.50');
}
.url-tag-article:hover {
  background: theme('colors.brand.100');
  color: theme('colors.brand.800');
}
.url-tag-promote {
  color: theme('colors.brand.800');
  border-color: theme('colors.brand.500');
  background: theme('colors.brand.50');
}
.url-tag-promote:hover {
  background: theme('colors.brand.200');
  border-color: theme('colors.brand.600');
}
.url-tag-inclues {
  color: theme('colors.ink.soft');
  border-color: theme('colors.line');
  background: theme('colors.page');
  font-weight: 500;
  cursor: default;
}


/* ===== Links table specifics (source_map.php) ==================
 * `table-layout: fixed` is essential here. Without it, the URL
 * column's `max-width: 0` is treated as a hint and the cell's
 * natural (unbreakable, nowrap'd) URL content dictates column
 * width — which pushes every other column out of the visible
 * card. With fixed layout, the explicit widths below are
 * authoritative and the URL column absorbs the remainder. */
.links-table {
  table-layout: fixed;
  width: 100%;
}
.links-table thead th,
.links-table tbody td {
  vertical-align: middle;
  line-height: 1.4;
  white-space: nowrap;
  overflow: hidden;
  text-overflow: ellipsis;
}
/* Column widths set on the header row only — fixed layout reads
 * widths from the first row exclusively. */
.links-table thead th:nth-child(1) { width: auto; }            /* URL — absorbs remainder */
.links-table thead th:nth-child(2) { width: 110px; }           /* Status badge */
.links-table thead th:nth-child(3) { width: 120px; }           /* Page type badge */
.links-table thead th:nth-child(4) { width: 150px; }           /* Discovered at */
.links-table thead th:nth-child(5) { width: 150px; }           /* Published at */
.links-table thead th.actions-col   { width: 92px; }           /* Action pill */

.links-table td.url-cell {
  overflow: hidden;
  text-overflow: ellipsis;
  white-space: nowrap;
  overflow-wrap: normal;
  word-break: keep-all;
  padding-right: 16px;
}
.links-table td.url-cell > a {
  display: inline-block;
  max-width: 100%;
  overflow: hidden;
  text-overflow: ellipsis;
  vertical-align: middle;
  color: theme('colors.ink.DEFAULT');
}
.links-table td.url-cell > a:hover {
  color: theme('colors.brand.700');
  text-decoration: underline;
}
.links-table tbody td small {
  display: inline;
  margin: 0;
  vertical-align: middle;
}
.links-table td.actions-cell {
  padding-right: 16px;
  text-align: right;
}


/* ===== Sources table sub-row meta strip ======================== */
.sources-table tr.src-main-row > td {
  border-bottom: none;
  padding-bottom: 8px;
}
.sources-table tr.src-meta-row > td.src-meta-cell {
  background: theme('colors.page');
  border-top: none;
  border-bottom: 1px solid theme('colors.line');
  padding: 10px 16px 14px;
}
.src-meta-bar {
  display: flex;
  flex-wrap: wrap;
  column-gap: 18px;
  row-gap: 6px;
  font-size: 11.5px;
  align-items: center;
}
.meta-chip {
  display: inline-flex;
  align-items: center;
  gap: 6px;
  color: theme('colors.ink.muted');
  line-height: 1.4;
}
.meta-chip .meta-label {
  font-size: 10px;
  text-transform: uppercase;
  letter-spacing: 0.08em;
  color: theme('colors.ink.soft');
  font-weight: 600;
}
.meta-chip .meta-value {
  font-weight: 600;
  color: theme('colors.ink.DEFAULT');
}
.meta-chip .badge { margin: 0; }


/* ===== Pagination ============================================== */
.pagination, .pager {
  display: flex;
  flex-wrap: wrap;
  align-items: center;
  gap: 4px;
  padding: 12px 16px;
  border-top: 1px solid theme('colors.line');
  background: theme('colors.surface');
}
.pagination .btn-sm,
.pagination span.btn-sm { min-width: 28px; padding: 0 6px; justify-content: center; }
.pagination .muted { padding: 0 4px; }


/* ===== Modal =================================================== */
.modal-backdrop {
  @apply fixed inset-0 bg-black/40 z-40 flex items-center justify-center p-4;
}
.modal-dialog {
  @apply bg-surface rounded-lg shadow-2xl w-full max-h-[90vh] overflow-hidden flex flex-col;
  max-width: 640px;
}
.modal-header {
  @apply px-5 py-3 border-b border-line flex items-center justify-between;
}
.modal-header h3 { @apply text-base font-semibold m-0; }
.modal-body { @apply p-5 overflow-y-auto; }
.modal-footer { @apply px-5 py-3 border-t border-line flex justify-end gap-2 bg-page; }


/* ===== Prompt fields (configs.php) ============================= */
/* ===== Prompt-field block (configs.php Rune prompts) ===========
 * Each Rune mode (ANL / DETECT_LANG / REF / CLEAN) is a labelled
 * textarea preceded by a header with the mode name + description on
 * the left and the default/custom state + Reset button on the right.
 * CSS-grid keeps the label and description on their own rows so
 * the description never runs into the bold mode name. */
.prompt-field {
  margin-bottom: 24px;
  padding-bottom: 24px;
  border-bottom: 1px solid theme('colors.line');
}
.prompt-field:last-child {
  margin-bottom: 0;
  padding-bottom: 0;
  border-bottom: 0;
}
.prompt-field-header {
  display: grid;
  grid-template-columns: minmax(0, 1fr) auto auto;
  align-items: center;
  column-gap: 12px;
  row-gap: 6px;
  margin-bottom: 14px;
}
.prompt-field-header > strong {
  grid-row: 1;
  grid-column: 1;
  font-size: 14px;
  font-weight: 600;
  color: theme('colors.ink.DEFAULT');
  letter-spacing: -0.01em;
  line-height: 1.3;
}
.prompt-field-header > small {
  grid-row: 2;
  grid-column: 1 / -1;
  display: block;
  margin: 0;
  font-size: 12px;
  font-weight: 400;
  color: #475569;          /* slate-600 — warmer and more readable than ink-muted */
  line-height: 1.55;
  max-width: 880px;        /* prevent over-wide single-line descriptions */
}
.prompt-field-header > small code {
  font-size: 11px;
  padding: 1px 5px;
  background: theme('colors.brand.50');
  color: theme('colors.brand.800');
  border: 1px solid theme('colors.brand.200');
  border-radius: 3px;
}
.prompt-field-header > .spacer { display: none; }
.prompt-field-header > .rune-prompt-state {
  grid-row: 1;
  grid-column: 2;
  display: inline-flex;
  align-items: center;
}
.prompt-field-header > button {
  grid-row: 1;
  grid-column: 3;
  margin: 0;
}
.prompt-field > textarea {
  font-size: 12px;
  line-height: 1.6;
  padding: 12px 14px;
  background: #FAFBFC;
  border-color: theme('colors.line');
}
.prompt-field > textarea:focus {
  background: theme('colors.surface');
}


/* ===== Tom Select skin (recoloured + sized to match inputs) ====
 * Match the 32px height, 12.5px font, 1px line border, brand-tinted
 * focus halo of native inputs above. Multi-select chips use a
 * compact pill so the wrapper stays at 32px when empty + grows
 * only when chips wrap to a second line. */
.ts-wrapper { width: 100%; }
.ts-wrapper.single .ts-control,
.ts-wrapper.multi .ts-control {
  background: theme('colors.surface');
  border: 1px solid theme('colors.line');
  border-radius: 6px;
  font-size: 12.5px;
  font-family: theme('fontFamily.sans');
  color: theme('colors.ink.DEFAULT');
  min-height: 32px;
  padding: 3px 8px;
  line-height: 1.4;
  transition: border-color 120ms ease, box-shadow 120ms ease;
  box-sizing: border-box;
  display: flex;
  flex-wrap: wrap;
  align-items: center;
  gap: 3px;
}
.ts-wrapper.single .ts-control {
  position: relative;
  padding: 0 32px 0 11px;
  line-height: 30px;
  display: block;
}
.ts-wrapper.single .ts-control::after {
  /* native-select chevron, same SVG as <select> above */
  content: '';
  position: absolute;
  right: 10px;
  top: 50%;
  width: 12px;
  height: 12px;
  margin-top: -6px;
  pointer-events: none;
  background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' viewBox='0 0 24 24' fill='none' stroke='%2394A3B8' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3E%3Cpolyline points='6 9 12 15 18 9'%3E%3C/polyline%3E%3C/svg%3E") no-repeat center / 12px;
}
.ts-wrapper:hover .ts-control { border-color: #CBD5E1; }
.ts-wrapper.focus .ts-control,
.ts-wrapper.focus.single .ts-control {
  border-color: theme('colors.brand.500');
  box-shadow: 0 0 0 3px rgb(31 138 76 / 0.12);
  outline: none;
}
.ts-wrapper.multi .ts-control > div {
  background: theme('colors.brand.500');
  color: white;
  font-size: 11px;
  font-weight: 500;
  padding: 1px 6px;
  border-radius: 4px;
  margin: 0;
  border: none;
  display: inline-flex;
  align-items: center;
  gap: 4px;
  line-height: 1.5;
}
.ts-wrapper.multi .ts-control > div.active { background: theme('colors.brand.700'); }
.ts-wrapper.multi .ts-control > div .remove {
  color: rgba(255, 255, 255, 0.75);
  border: 0;
  padding: 0 0 0 4px;
  margin-left: 4px;
  font-size: 12px;
  line-height: 1;
}
.ts-wrapper.multi .ts-control > div .remove:hover {
  color: #fff;
  background: transparent;
}
.ts-wrapper .ts-control > input {
  font-size: 12.5px;
  font-family: theme('fontFamily.sans');
  color: theme('colors.ink.DEFAULT');
  background: transparent;
  border: 0;
  outline: none;
  flex: 1 1 80px;
  min-width: 60px;
  line-height: 22px;
  padding: 0;
}
.ts-wrapper .ts-control > input::placeholder { color: theme('colors.ink.soft'); }
.ts-dropdown {
  margin-top: 4px;
  border: 1px solid theme('colors.line');
  border-radius: 6px;
  box-shadow: 0 8px 24px -8px rgb(15 23 42 / 0.12), 0 2px 6px -2px rgb(15 23 42 / 0.06);
  background: theme('colors.surface');
  font-size: 12.5px;
  overflow: hidden;
  z-index: 50;
}
.ts-dropdown .option {
  padding: 7px 12px;
  cursor: pointer;
  color: theme('colors.ink.DEFAULT');
  line-height: 1.4;
}
.ts-dropdown .option.active {
  background: theme('colors.brand.50');
  color: theme('colors.brand.800');
}
.ts-dropdown .option.selected { font-weight: 600; }
.ts-dropdown .option.selected.active { background: theme('colors.brand.100'); }
.ts-dropdown .no-results {
  padding: 7px 12px;
  color: theme('colors.ink.muted');
  font-style: italic;
}


/* ===== Login page ============================================== */
body.login-page {
  @apply bg-page flex items-center justify-center;
  min-height: 100vh;
}
.login-card {
  @apply bg-surface border border-line rounded-lg shadow-card p-8;
  width: 400px;
  max-width: 92vw;
}
.login-card .brand-row {
  @apply flex items-center gap-3 mb-2;
}
.login-card .logo {
  @apply w-10 h-10 flex items-center justify-center shrink-0;
}
.login-card .logo .brand-logo { width: 100%; height: 100%; object-fit: contain; display: block; }
.login-card h1 { @apply text-lg font-semibold m-0; }
.login-card .lede { @apply text-sm text-ink-muted mb-6 mt-1; }
.login-card form { @apply flex flex-col gap-3.5; }
.login-card form button {
  @apply w-full mt-2 bg-brand-500 text-white border-brand-500;
}
.login-card form button:hover {
  @apply bg-brand-600 border-brand-600;
}


/* ===== Misc page-specific bits ================================= */
/* Articles browser: ID column compact. */
.articles-table td:first-child { @apply text-ink-muted font-mono text-xs; }
/* Article title link (articles.php list rows). */
.article-title-link {
  @apply text-ink font-medium no-underline;
}
.article-title-link:hover { @apply text-brand-700 underline; }

/* Audit log: collapsible JSON details. */
details.audit-detail > summary { @apply cursor-pointer text-xs text-brand-600; }
details.audit-detail[open] > summary { @apply text-ink; }
details.audit-detail pre { @apply mt-2 text-[11px] max-h-80; }

/* ---- Translation/assignment pages (migration 0010/0011 surfaces) ----
 * These tables carry a free-text Title plus an inline assign form. Under
 * the default auto table-layout the form's intrinsic width starves the
 * Title column (it wrapped one word per line). `table-layout: fixed`
 * + a <colgroup> makes column widths authoritative and lets long text
 * wrap normally; the .card-body.flush wrapper already scrolls-x on
 * narrow screens so nothing is crushed. */
.ygg-fixed-table { table-layout: fixed; width: 100%; }
.ygg-fixed-table th,
.ygg-fixed-table td { overflow-wrap: anywhere; word-break: break-word; }
.ygg-fixed-table td { vertical-align: top; }
.ygg-fixed-table td.nowrap,
.ygg-fixed-table th.nowrap { white-space: nowrap; overflow-wrap: normal; word-break: normal; }
/* Title cell: a couple of tidy lines, not a one-word-per-line tower. */
.ygg-title-cell { line-height: 1.4; }
.ygg-title-cell a, .ygg-title-cell strong { font-weight: 600; }

/* Compact inline assign/reassign form — vertical stack that fits the
 * fixed Assign column instead of forcing it ~450px wide. */
.ygg-assign-form { display: flex; flex-direction: column; gap: 6px; align-items: stretch; }
.ygg-assign-form select,
.ygg-assign-form input[type="datetime-local"] {
  width: 100%; box-sizing: border-box; font-size: 12px; padding: 5px 7px; margin: 0;
}
.ygg-assign-form .row { display: flex; gap: 6px; }
.ygg-assign-form .row input[type="datetime-local"] { flex: 1 1 auto; min-width: 0; }
.ygg-assign-form .btn-sm { white-space: nowrap; flex: 0 0 auto; }
.ygg-assign-hint { font-size: 11px; margin-top: 6px; line-height: 1.35; }

/* KPI / small numeric tables read better right-aligned + tabular. */
.ygg-num { text-align: right; font-variant-numeric: tabular-nums; }

/* Article body iframe (article.php). */
iframe.article-body {
  @apply w-full border border-line rounded-md bg-surface;
  min-height: 520px;
}

/* Relatedness bar (article.php analyses card — visual score). */
.rel-bar {
  @apply inline-block w-24 h-2 rounded-full bg-page border border-line overflow-hidden align-middle;
}
.rel-bar-fill {
  @apply block h-full bg-brand-500;
}

/* Rune prompt state (configs.php — "default" / "customised" pill). */
.rune-prompt-state {
  @apply text-xs text-ink-muted font-medium;
}
.rune-prompt-state .badge { @apply ml-1; }

/* Generic prose container (analysis output, etc.). */
.prose {
  @apply text-sm text-ink leading-relaxed;
}
.prose p { @apply my-2; }
.prose h2 { @apply text-base font-semibold mt-4 mb-2; }
.prose ul, .prose ol { @apply pl-5 my-2; }
.prose li { @apply my-0.5; }


/* ===== Print =================================================== */
@media print {
  .sidebar, .page-header .actions, .pagination, .pager { display: none !important; }
  .app-shell { display: block; }
  .page-content { padding: 0; }
}
  </style>
</head>
<body class="login-page">
    <div class="login-card">
  <div class="brand-row">
    <div class="logo"><img class="brand-logo" src="/assets/yggdrasil-logo-color.png" alt="Yggdrasil"></div>
    <h1>Yggdrasil Admin</h1>
  </div>
  <p class="lede">Sign in to manage customers, sources, and the AI pipeline.</p>
    <form method="post">
    <input type="hidden" name="csrf" value="3603d9ea6ea238d1a308b32f3a874bb4451d3af6f1e7270123413835b6c5511e">
    <label>
      Email
      <input name="email" type="email" required autofocus autocomplete="username">
    </label>
    <label>
      Password
      <input name="password" type="password" required autocomplete="current-password">
    </label>
    <label>
      Two-factor code
      <span class="hint">Leave blank if not enrolled.</span>
      <input name="totp" inputmode="numeric" pattern="[0-9]*" maxlength="6" autocomplete="one-time-code">
    </label>
    <button type="submit">Sign in</button>
  </form>
</div>
<script>
  document.addEventListener('DOMContentLoaded', function () {
    if (window.lucide && typeof window.lucide.createIcons === 'function') {
      window.lucide.createIcons();
    }
  });
</script>
</body>
</html>