npm - @nextclaw/server - Versions diffs - 0.12.1 → 0.12.3 - Mend

@nextclaw/server 0.12.1 → 0.12.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -372,6 +372,7 @@ type UiRemoteAccessHost = {
   startBrowserAuth: (input: RemoteBrowserAuthStartRequest) => Promise<RemoteBrowserAuthStartResult>;
   pollBrowserAuth: (input: RemoteBrowserAuthPollRequest) => Promise<RemoteBrowserAuthPollResult>;
   logout: () => Promise<RemoteAccessView> | RemoteAccessView;
+  updateProfile: (input: RemoteAccountProfileUpdateRequest) => Promise<RemoteAccessView> | RemoteAccessView;
   updateSettings: (input: RemoteSettingsUpdateRequest) => Promise<RemoteAccessView> | RemoteAccessView;
   runDoctor: () => Promise<RemoteDoctorView>;
   controlService: (action: RemoteServiceAction) => Promise<RemoteServiceActionResult>;
@@ -486,8 +487,9 @@ type ProviderConnectionTestResult = {
   latencyMs: number;
   message: string;
 };
-type SearchProviderName = "bocha" | "brave";
+type SearchProviderName = "bocha" | "tavily" | "brave";
 type BochaFreshnessValue = "noLimit" | "oneDay" | "oneWeek" | "oneMonth" | "oneYear" | string;
+type TavilySearchDepthValue = "basic" | "advanced";
 type SearchProviderConfigView = {
   enabled: boolean;
   apiKeySet: boolean;
@@ -496,6 +498,8 @@ type SearchProviderConfigView = {
   docsUrl?: string;
   summary?: boolean;
   freshness?: BochaFreshnessValue;
+  searchDepth?: TavilySearchDepthValue;
+  includeAnswer?: boolean;
 };
 type SearchConfigView = {
   provider: SearchProviderName;
@@ -505,6 +509,7 @@ type SearchConfigView = {
   };
   providers: {
     bocha: SearchProviderConfigView;
+    tavily: SearchProviderConfigView;
     brave: SearchProviderConfigView;
   };
 };
@@ -522,6 +527,12 @@ type SearchConfigUpdate = {
       summary?: boolean;
       freshness?: BochaFreshnessValue | null;
     };
+    tavily?: {
+      apiKey?: string | null;
+      baseUrl?: string | null;
+      searchDepth?: TavilySearchDepthValue | null;
+      includeAnswer?: boolean;
+    };
     brave?: {
       apiKey?: string | null;
       baseUrl?: string | null;
@@ -605,10 +616,14 @@ type AuthEnabledUpdateRequest = {
 type RemoteAccountView = {
   loggedIn: boolean;
   email?: string;
+  username?: string | null;
   role?: string;
   platformBase?: string | null;
   apiBase?: string | null;
 };
+type RemoteAccountProfileUpdateRequest = {
+  username: string;
+};
 type RemoteRuntimeView = {
   enabled: boolean;
   mode: "service" | "foreground";
@@ -700,6 +715,8 @@ type AgentProfileView = {
   avatarUrl?: string;
   workspace?: string;
   model?: string;
+  runtime?: string;
+  runtimeConfig?: Record<string, unknown>;
   engine?: string;
   engineConfig?: Record<string, unknown>;
   contextTokens?: number;
@@ -712,6 +729,17 @@ type AgentCreateRequest = {
   description?: string;
   avatar?: string;
   home?: string;
+  model?: string;
+  runtime?: string;
+  runtimeConfig?: Record<string, unknown>;
+};
+type AgentUpdateRequest = {
+  displayName?: string;
+  description?: string;
+  avatar?: string;
+  model?: string;
+  runtime?: string;
+  runtimeConfig?: Record<string, unknown>;
 };
 type AgentDeleteResult = {
   deleted: boolean;
@@ -854,6 +882,20 @@ type CronListView = {
   jobs: CronJobView[];
   total: number;
 };
+type CronCreateRequest = {
+  name: string;
+  message: string;
+  schedule: CronScheduleView;
+  agentId?: string | null;
+  deliver?: boolean;
+  channel?: string | null;
+  to?: string | null;
+  accountId?: string | null;
+  deleteAfterRun?: boolean;
+};
+type CronCreateResult = {
+  job: CronJobView;
+};
 type CronEnableRequest = {
   enabled: boolean;
 };
@@ -1192,6 +1234,9 @@ type PluginConfigProjectionOptions = {
   pluginUiMetadata?: PluginUiMetadata[];
 };
 //#endregion
+//#region src/ui/search-config.d.ts
+declare function updateSearch(configPath: string, patch: SearchConfigUpdate): ConfigView["search"];
+//#endregion
 //#region src/ui/config.d.ts
 type ExecuteActionResult = {
   ok: true;
@@ -1211,7 +1256,6 @@ declare function updateModel(configPath: string, patch: {
   model?: string;
   workspace?: string;
 }): ConfigView;
-declare function updateSearch(configPath: string, patch: SearchConfigUpdate): ConfigView["search"];
 declare function updateProvider(configPath: string, providerName: string, patch: ProviderConfigUpdate): ProviderConfigView | null;
 declare function createCustomProvider(configPath: string, patch?: ProviderConfigUpdate): {
   name: string;
@@ -1243,4 +1287,4 @@ declare function getUiBridgeSecretPath(): string;
 declare function readUiBridgeSecret(): string | null;
 declare function ensureUiBridgeSecret(): string;
 //#endregion
-export { AgentBindingView, AgentCreateRequest, AgentDeleteResult, AgentProfileView, ApiError, ApiResponse, AppMetaView, AuthEnabledUpdateRequest, AuthLoginRequest, AuthPasswordUpdateRequest, AuthSetupRequest, AuthStatusView, BindingPeerView, BochaFreshnessValue, BootstrapPhase, BootstrapRemoteState, BootstrapStageState, BootstrapStatusView, ChannelAuthPollRequest, ChannelAuthPollResult, ChannelAuthStartRequest, ChannelAuthStartResult, ChannelSpecView, type ChatSessionTypeCtaView, type ChatSessionTypeOptionView, type ChatSessionTypesView, ConfigActionExecuteRequest, ConfigActionExecuteResult, ConfigActionManifest, ConfigActionType, ConfigMetaView, ConfigSchemaResponse, ConfigUiHint, ConfigUiHints, ConfigView, CronActionResult, CronEnableRequest, CronJobStateView, CronJobView, CronListView, CronPayloadView, CronRunRequest, CronScheduleView, DEFAULT_SESSION_TYPE, MarketplaceApiConfig, MarketplaceInstallKind, MarketplaceInstallSkillParams, MarketplaceInstallSpec, MarketplaceInstalledRecord, MarketplaceInstalledView, MarketplaceInstaller, MarketplaceItemSummary, MarketplaceItemType, MarketplaceItemView, MarketplaceListView, MarketplaceLocalizedTextMap, MarketplaceMcpContentView, MarketplaceMcpDoctorResult, MarketplaceMcpInstallKind, MarketplaceMcpInstallRequest, MarketplaceMcpInstallResult, MarketplaceMcpInstallSpec, MarketplaceMcpManageAction, MarketplaceMcpManageRequest, MarketplaceMcpManageResult, MarketplaceMcpTemplateInput, MarketplacePluginContentView, MarketplacePluginInstallKind, MarketplacePluginInstallRequest, MarketplacePluginInstallResult, MarketplacePluginManageAction, MarketplacePluginManageRequest, MarketplacePluginManageResult, MarketplaceRecommendationView, MarketplaceSkillContentView, MarketplaceSkillInstallKind, MarketplaceSkillInstallRequest, MarketplaceSkillInstallResult, MarketplaceSkillManageAction, MarketplaceSkillManageRequest, MarketplaceSkillManageResult, MarketplaceSort, NcpSessionSkillsView, ProviderAuthImportResult, ProviderAuthPollRequest, ProviderAuthPollResult, ProviderAuthStartRequest, ProviderAuthStartResult, ProviderConfigUpdate, ProviderConfigView, ProviderConnectionTestRequest, ProviderConnectionTestResult, ProviderCreateRequest, ProviderCreateResult, ProviderDeleteResult, ProviderSpecView, RemoteAccessView, RemoteAccountView, RemoteBrowserAuthPollRequest, RemoteBrowserAuthPollResult, RemoteBrowserAuthStartRequest, RemoteBrowserAuthStartResult, RemoteDoctorCheckView, RemoteDoctorView, RemoteLoginRequest, RemoteRuntimeView, RemoteServiceAction, RemoteServiceActionResult, RemoteServiceView, RemoteSettingsUpdateRequest, RemoteSettingsView, RuntimeConfigUpdate, SearchConfigUpdate, SearchConfigView, SearchProviderConfigView, SearchProviderName, SearchProviderSpecView, SecretProviderEnvView, SecretProviderExecView, SecretProviderFileView, SecretProviderView, SecretRefView, SecretSourceView, SecretsConfigUpdate, SecretsView, ServerPathBreadcrumbView, ServerPathBrowseView, ServerPathEntryView, SessionConfigView, SessionEntryView, SessionEventView, SessionHistoryView, SessionMessageView, SessionPatchUpdate, SessionPatchValidationError, SessionSkillEntryView, SessionTypeDescribeParams, SessionsListView, UiNcpAgent, UiNcpAssetPutView, UiNcpAssetView, UiNcpSessionListView, UiNcpSessionMessagesView, UiNcpSessionService, UiNcpStoredAssetRecord, type UiRemoteAccessHost, UiServerEvent, UiServerHandle, UiServerOptions, buildConfigMeta, buildConfigSchemaView, buildConfigView, createCustomProvider, createUiRouter, deleteCustomProvider, deleteSession, ensureUiBridgeSecret, executeConfigAction, getSessionHistory, getUiBridgeSecretPath, listSessions, loadConfigOrDefault, patchSession, readUiBridgeSecret, startUiServer, testProviderConnection, updateChannel, updateModel, updateProvider, updateRuntime, updateSearch, updateSecrets };
+export { AgentBindingView, AgentCreateRequest, AgentDeleteResult, AgentProfileView, AgentUpdateRequest, ApiError, ApiResponse, AppMetaView, AuthEnabledUpdateRequest, AuthLoginRequest, AuthPasswordUpdateRequest, AuthSetupRequest, AuthStatusView, BindingPeerView, BochaFreshnessValue, BootstrapPhase, BootstrapRemoteState, BootstrapStageState, BootstrapStatusView, ChannelAuthPollRequest, ChannelAuthPollResult, ChannelAuthStartRequest, ChannelAuthStartResult, ChannelSpecView, type ChatSessionTypeCtaView, type ChatSessionTypeOptionView, type ChatSessionTypesView, ConfigActionExecuteRequest, ConfigActionExecuteResult, ConfigActionManifest, ConfigActionType, ConfigMetaView, ConfigSchemaResponse, ConfigUiHint, ConfigUiHints, ConfigView, CronActionResult, CronCreateRequest, CronCreateResult, CronEnableRequest, CronJobStateView, CronJobView, CronListView, CronPayloadView, CronRunRequest, CronScheduleView, DEFAULT_SESSION_TYPE, MarketplaceApiConfig, MarketplaceInstallKind, MarketplaceInstallSkillParams, MarketplaceInstallSpec, MarketplaceInstalledRecord, MarketplaceInstalledView, MarketplaceInstaller, MarketplaceItemSummary, MarketplaceItemType, MarketplaceItemView, MarketplaceListView, MarketplaceLocalizedTextMap, MarketplaceMcpContentView, MarketplaceMcpDoctorResult, MarketplaceMcpInstallKind, MarketplaceMcpInstallRequest, MarketplaceMcpInstallResult, MarketplaceMcpInstallSpec, MarketplaceMcpManageAction, MarketplaceMcpManageRequest, MarketplaceMcpManageResult, MarketplaceMcpTemplateInput, MarketplacePluginContentView, MarketplacePluginInstallKind, MarketplacePluginInstallRequest, MarketplacePluginInstallResult, MarketplacePluginManageAction, MarketplacePluginManageRequest, MarketplacePluginManageResult, MarketplaceRecommendationView, MarketplaceSkillContentView, MarketplaceSkillInstallKind, MarketplaceSkillInstallRequest, MarketplaceSkillInstallResult, MarketplaceSkillManageAction, MarketplaceSkillManageRequest, MarketplaceSkillManageResult, MarketplaceSort, NcpSessionSkillsView, ProviderAuthImportResult, ProviderAuthPollRequest, ProviderAuthPollResult, ProviderAuthStartRequest, ProviderAuthStartResult, ProviderConfigUpdate, ProviderConfigView, ProviderConnectionTestRequest, ProviderConnectionTestResult, ProviderCreateRequest, ProviderCreateResult, ProviderDeleteResult, ProviderSpecView, RemoteAccessView, RemoteAccountProfileUpdateRequest, RemoteAccountView, RemoteBrowserAuthPollRequest, RemoteBrowserAuthPollResult, RemoteBrowserAuthStartRequest, RemoteBrowserAuthStartResult, RemoteDoctorCheckView, RemoteDoctorView, RemoteLoginRequest, RemoteRuntimeView, RemoteServiceAction, RemoteServiceActionResult, RemoteServiceView, RemoteSettingsUpdateRequest, RemoteSettingsView, RuntimeConfigUpdate, SearchConfigUpdate, SearchConfigView, SearchProviderConfigView, SearchProviderName, SearchProviderSpecView, SecretProviderEnvView, SecretProviderExecView, SecretProviderFileView, SecretProviderView, SecretRefView, SecretSourceView, SecretsConfigUpdate, SecretsView, ServerPathBreadcrumbView, ServerPathBrowseView, ServerPathEntryView, SessionConfigView, SessionEntryView, SessionEventView, SessionHistoryView, SessionMessageView, SessionPatchUpdate, SessionPatchValidationError, SessionSkillEntryView, SessionTypeDescribeParams, SessionsListView, TavilySearchDepthValue, UiNcpAgent, UiNcpAssetPutView, UiNcpAssetView, UiNcpSessionListView, UiNcpSessionMessagesView, UiNcpSessionService, UiNcpStoredAssetRecord, type UiRemoteAccessHost, UiServerEvent, UiServerHandle, UiServerOptions, buildConfigMeta, buildConfigSchemaView, buildConfigView, createCustomProvider, createUiRouter, deleteCustomProvider, deleteSession, ensureUiBridgeSecret, executeConfigAction, getSessionHistory, getUiBridgeSecretPath, listSessions, loadConfigOrDefault, patchSession, readUiBridgeSecret, startUiServer, testProviderConnection, updateChannel, updateModel, updateProvider, updateRuntime, updateSearch, updateSecrets };

package/dist/index.js CHANGED Viewed

@@ -6,7 +6,7 @@ import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
 import { readFile, readdir, realpath, stat } from "node:fs/promises";
 import { dirname, isAbsolute, join, parse, resolve } from "node:path";
 import * as NextclawCore from "@nextclaw/core";
-import { ConfigSchema, DEFAULT_WORKSPACE_PATH, LiteLLMProvider, SessionManager, buildConfigSchema, createAgentProfile, expandHome, findEffectiveAgentProfile, getDataDir, getPackageVersion, getProviderName, getWorkspacePathFromConfig, hasSecretRef, isSensitiveConfigPath, loadConfig, normalizeThinkingLevels, parseThinkingLevel, probeFeishu, readAgentAvatarContent, removeAgentProfile, resolveEffectiveAgentProfiles, saveConfig } from "@nextclaw/core";
+import { ConfigSchema, DEFAULT_WORKSPACE_PATH, LiteLLMProvider, SessionManager, buildConfigSchema, createAgentProfile, expandHome, findEffectiveAgentProfile, getDataDir, getPackageVersion, getProviderName, getWorkspacePathFromConfig, hasSecretRef, isSensitiveConfigPath, loadConfig, normalizeThinkingLevels, parseThinkingLevel, probeFeishu, readAgentAvatarContent, removeAgentProfile, resolveEffectiveAgentProfiles, saveConfig, updateAgentProfile } from "@nextclaw/core";
 import { createHash, randomBytes, randomUUID, scryptSync, timingSafeEqual } from "node:crypto";
 import { mountNcpHttpAgentRoutes } from "@nextclaw/ncp-http-agent-server";
 import { discoverPluginStatusReport, enablePluginInConfig, mergePluginConfigView, toPluginConfigView } from "@nextclaw/openclaw-compat";
@@ -291,7 +291,10 @@ function createAgent(configPath, input, options = {}) {
 		displayName: input.displayName,
 		description: input.description,
 		avatar: input.avatar,
-		home: input.home
+		home: input.home,
+		model: input.model,
+		runtime: input.runtime,
+		runtimeConfig: input.runtimeConfig
 	}, {
 		configPath,
 		initializeHomeDirectory: options.initializeAgentHomeDirectory
@@ -305,6 +308,18 @@ function deleteAgent(configPath, agentId) {
 		agentId: agentId.trim().toLowerCase()
 	};
 }
+function updateAgent(configPath, agentId, input) {
+	const updated = updateAgentProfile({
+		id: agentId,
+		displayName: input.displayName,
+		description: input.description,
+		avatar: input.avatar,
+		model: input.model,
+		runtime: input.runtime,
+		runtimeConfig: input.runtimeConfig
+	}, { configPath });
+	return toAgentProfileView(loadConfig(configPath), updated.id);
+}
 function readAgentAvatar(configPath, agentId) {
 	return readAgentAvatarContent({
 		config: loadConfig(configPath),
@@ -323,6 +338,8 @@ function toAgentProfileView(config, agentId) {
 		avatarUrl: buildAgentAvatarUrl(profile.id, profile.avatar),
 		workspace: profile.workspace,
 		model: profile.model,
+		runtime: profile.runtime,
+		runtimeConfig: profile.runtimeConfig,
 		engine: profile.engine,
 		engineConfig: profile.engineConfig,
 		contextTokens: profile.contextTokens,
@@ -410,6 +427,20 @@ var AgentsRoutesController = class {
 			return c.json(err("AGENT_CREATE_FAILED", error instanceof Error ? error.message : String(error)), 400);
 		}
 	};
+	updateAgent = async (c) => {
+		const agentId = c.req.param("agentId");
+		const body = await readJson(c.req.raw);
+		if (!body.ok) return c.json(err("INVALID_BODY", "invalid json body"), 400);
+		try {
+			const agent = updateAgent(this.options.configPath, agentId, body.data);
+			await this.publishAgentUpdates(["agents.list"]);
+			return c.json(ok(agent));
+		} catch (error) {
+			const message = error instanceof Error ? error.message : String(error);
+			const status = message.includes("not found") ? 404 : 400;
+			return c.json(err("AGENT_UPDATE_FAILED", message), status);
+		}
+	};
 	deleteAgent = async (c) => {
 		const agentId = c.req.param("agentId");
 		try {
@@ -766,6 +797,230 @@ function findServerBuiltinProviderByName(name) {
 	return SERVER_BUILTIN_PROVIDER_OVERRIDE_MAP.get(name) ?? findBuiltinProviderByName(name);
 }
 //#endregion
+//#region src/ui/search-config.ts
+const MASK_MIN_LENGTH$1 = 8;
+const BOCHA_OPEN_URL = "https://open.bocha.cn";
+const TAVILY_DOCS_URL = "https://docs.tavily.com/documentation/api-reference/endpoint/search";
+const SEARCH_PROVIDER_NAMES = [
+	"bocha",
+	"tavily",
+	"brave"
+];
+function normalizeOptionalString$1(value) {
+	if (typeof value !== "string") return null;
+	const trimmed = value.trim();
+	return trimmed.length > 0 ? trimmed : null;
+}
+function maskApiKey$1(value) {
+	if (!value) return { apiKeySet: false };
+	if (value.length < MASK_MIN_LENGTH$1) return {
+		apiKeySet: true,
+		apiKeyMasked: "****"
+	};
+	return {
+		apiKeySet: true,
+		apiKeyMasked: `${value.slice(0, 2)}****${value.slice(-4)}`
+	};
+}
+function clearSecretRef$1(refs, path) {
+	if (!refs[path]) return refs;
+	const nextRefs = { ...refs };
+	delete nextRefs[path];
+	return nextRefs;
+}
+function isSearchProviderName(value) {
+	return typeof value === "string" && SEARCH_PROVIDER_NAMES.some((providerName) => providerName === value);
+}
+const SEARCH_PROVIDER_META = [
+	{
+		name: "bocha",
+		displayName: "Bocha Search",
+		description: "China-friendly web search with AI-ready summaries.",
+		docsUrl: BOCHA_OPEN_URL,
+		isDefault: true,
+		supportsSummary: true
+	},
+	{
+		name: "tavily",
+		displayName: "Tavily Search",
+		description: "Research-focused web search with optional synthesized answers.",
+		docsUrl: TAVILY_DOCS_URL,
+		supportsSummary: true
+	},
+	{
+		name: "brave",
+		displayName: "Brave Search",
+		description: "Brave web search API kept as an optional provider.",
+		supportsSummary: false
+	}
+];
+function toSearchProviderView(config, providerName, provider) {
+	const apiKeyRefSet = hasSecretRef(config, `search.providers.${providerName}.apiKey`);
+	const masked = maskApiKey$1(provider.apiKey);
+	const view = {
+		enabled: config.search.enabledProviders.includes(providerName),
+		apiKeySet: masked.apiKeySet || apiKeyRefSet,
+		apiKeyMasked: masked.apiKeyMasked ?? (apiKeyRefSet ? "****" : void 0),
+		baseUrl: provider.baseUrl
+	};
+	if ("docsUrl" in provider) view.docsUrl = provider.docsUrl;
+	if ("summary" in provider) view.summary = provider.summary;
+	if ("freshness" in provider) view.freshness = provider.freshness;
+	if ("searchDepth" in provider) view.searchDepth = provider.searchDepth;
+	if ("includeAnswer" in provider) view.includeAnswer = Boolean(provider.includeAnswer);
+	return view;
+}
+function buildSearchView(config) {
+	return {
+		provider: config.search.provider,
+		enabledProviders: [...config.search.enabledProviders],
+		defaults: { maxResults: config.search.defaults.maxResults },
+		providers: {
+			bocha: toSearchProviderView(config, "bocha", config.search.providers.bocha),
+			tavily: toSearchProviderView(config, "tavily", config.search.providers.tavily),
+			brave: toSearchProviderView(config, "brave", config.search.providers.brave)
+		}
+	};
+}
+function replaceSearchConfig(config, search, refs = config.secrets.refs) {
+	return {
+		...config,
+		search,
+		secrets: refs === config.secrets.refs ? config.secrets : {
+			...config.secrets,
+			refs
+		}
+	};
+}
+function applyActiveSearchProviderPatch(config, provider) {
+	if (!isSearchProviderName(provider)) return config;
+	return replaceSearchConfig(config, {
+		...config.search,
+		provider
+	});
+}
+function applyEnabledSearchProvidersPatch(config, enabledProviders) {
+	if (!Array.isArray(enabledProviders)) return config;
+	const nextEnabledProviders = Array.from(new Set(enabledProviders.filter((value) => isSearchProviderName(value))));
+	return replaceSearchConfig(config, {
+		...config.search,
+		enabledProviders: nextEnabledProviders
+	});
+}
+function applySearchDefaultsPatch(config, defaults) {
+	if (!defaults || !Object.prototype.hasOwnProperty.call(defaults, "maxResults")) return config;
+	const nextMaxResults = defaults.maxResults;
+	if (typeof nextMaxResults === "number" && Number.isFinite(nextMaxResults)) return replaceSearchConfig(config, {
+		...config.search,
+		defaults: {
+			...config.search.defaults,
+			maxResults: Math.max(1, Math.min(50, Math.trunc(nextMaxResults)))
+		}
+	});
+	return config;
+}
+function applyBochaSearchPatch(config, patch) {
+	if (!patch) return config;
+	let nextRefs = config.secrets.refs;
+	let nextProvider = config.search.providers.bocha;
+	if (Object.prototype.hasOwnProperty.call(patch, "apiKey")) {
+		nextProvider = {
+			...nextProvider,
+			apiKey: patch.apiKey ?? ""
+		};
+		nextRefs = clearSecretRef$1(nextRefs, "search.providers.bocha.apiKey");
+	}
+	if (Object.prototype.hasOwnProperty.call(patch, "baseUrl")) nextProvider = {
+		...nextProvider,
+		baseUrl: normalizeOptionalString$1(patch.baseUrl) ?? "https://api.bocha.cn/v1/web-search"
+	};
+	if (Object.prototype.hasOwnProperty.call(patch, "docsUrl")) nextProvider = {
+		...nextProvider,
+		docsUrl: normalizeOptionalString$1(patch.docsUrl) ?? BOCHA_OPEN_URL
+	};
+	if (Object.prototype.hasOwnProperty.call(patch, "summary")) nextProvider = {
+		...nextProvider,
+		summary: Boolean(patch.summary)
+	};
+	if (Object.prototype.hasOwnProperty.call(patch, "freshness")) {
+		const freshness = normalizeOptionalString$1(patch.freshness);
+		nextProvider = {
+			...nextProvider,
+			freshness: freshness === "noLimit" || freshness === "oneDay" || freshness === "oneWeek" || freshness === "oneMonth" || freshness === "oneYear" ? freshness : "noLimit"
+		};
+	}
+	return replaceSearchConfig(config, {
+		...config.search,
+		providers: {
+			...config.search.providers,
+			bocha: nextProvider
+		}
+	}, nextRefs);
+}
+function applyTavilySearchPatch(config, patch) {
+	if (!patch) return config;
+	let nextRefs = config.secrets.refs;
+	let nextProvider = config.search.providers.tavily;
+	if (Object.prototype.hasOwnProperty.call(patch, "apiKey")) {
+		nextProvider = {
+			...nextProvider,
+			apiKey: patch.apiKey ?? ""
+		};
+		nextRefs = clearSecretRef$1(nextRefs, "search.providers.tavily.apiKey");
+	}
+	if (Object.prototype.hasOwnProperty.call(patch, "baseUrl")) nextProvider = {
+		...nextProvider,
+		baseUrl: normalizeOptionalString$1(patch.baseUrl) ?? "https://api.tavily.com/search"
+	};
+	if (Object.prototype.hasOwnProperty.call(patch, "searchDepth")) {
+		const searchDepth = normalizeOptionalString$1(patch.searchDepth);
+		nextProvider = {
+			...nextProvider,
+			searchDepth: searchDepth === "advanced" ? "advanced" : "basic"
+		};
+	}
+	if (Object.prototype.hasOwnProperty.call(patch, "includeAnswer")) nextProvider = {
+		...nextProvider,
+		includeAnswer: Boolean(patch.includeAnswer)
+	};
+	return replaceSearchConfig(config, {
+		...config.search,
+		providers: {
+			...config.search.providers,
+			tavily: nextProvider
+		}
+	}, nextRefs);
+}
+function applyBraveSearchPatch(config, patch) {
+	if (!patch) return config;
+	let nextRefs = config.secrets.refs;
+	let nextProvider = config.search.providers.brave;
+	if (Object.prototype.hasOwnProperty.call(patch, "apiKey")) {
+		nextProvider = {
+			...nextProvider,
+			apiKey: patch.apiKey ?? ""
+		};
+		nextRefs = clearSecretRef$1(nextRefs, "search.providers.brave.apiKey");
+	}
+	if (Object.prototype.hasOwnProperty.call(patch, "baseUrl")) nextProvider = {
+		...nextProvider,
+		baseUrl: normalizeOptionalString$1(patch.baseUrl) ?? "https://api.search.brave.com/res/v1/web/search"
+	};
+	return replaceSearchConfig(config, {
+		...config.search,
+		providers: {
+			...config.search.providers,
+			brave: nextProvider
+		}
+	}, nextRefs);
+}
+function updateSearch(configPath, patch) {
+	const nextConfig = applyBraveSearchPatch(applyTavilySearchPatch(applyBochaSearchPatch(applySearchDefaultsPatch(applyEnabledSearchProvidersPatch(applyActiveSearchProviderPatch(loadConfig(configPath), patch.provider), patch.enabledProviders), patch.defaults), patch.providers?.bocha), patch.providers?.tavily), patch.providers?.brave);
+	const next = ConfigSchema.parse(nextConfig);
+	saveConfig(next, configPath);
+	return buildSearchView(next);
+}
+//#endregion
 //#region src/ui/session-preference-patch.ts
 function applySessionPreferencePatch(params) {
 	const nextMetadata = params.metadata;
@@ -876,20 +1131,6 @@ function ensureProviderConfig(config, providerName) {
 function clearSecretRefsByPrefix(config, pathPrefix) {
 	for (const key of Object.keys(config.secrets.refs)) if (key === pathPrefix || key.startsWith(`${pathPrefix}.`)) delete config.secrets.refs[key];
 }
-const BOCHA_OPEN_URL = "https://open.bocha.cn";
-const SEARCH_PROVIDER_META = [{
-	name: "bocha",
-	displayName: "Bocha Search",
-	description: "China-friendly web search with AI-ready summaries.",
-	docsUrl: BOCHA_OPEN_URL,
-	isDefault: true,
-	supportsSummary: true
-}, {
-	name: "brave",
-	displayName: "Brave Search",
-	description: "Brave web search API kept as an optional provider.",
-	supportsSummary: false
-}];
 function matchesExtraSensitivePath(path) {
 	if (path === "session" || path.startsWith("session.")) return false;
 	return EXTRA_SENSITIVE_PATH_PATTERNS.some((pattern) => pattern.test(path));
@@ -1106,31 +1347,6 @@ function buildConfigView(config, options) {
 		}
 	};
 }
-function toSearchProviderView(config, providerName, provider) {
-	const apiKeyRefSet = hasSecretRef(config, `search.providers.${providerName}.apiKey`);
-	const masked = maskApiKey(provider.apiKey);
-	const base = {
-		enabled: config.search.enabledProviders.includes(providerName),
-		apiKeySet: masked.apiKeySet || apiKeyRefSet,
-		apiKeyMasked: masked.apiKeyMasked ?? (apiKeyRefSet ? "****" : void 0),
-		baseUrl: provider.baseUrl
-	};
-	if ("docsUrl" in provider) base.docsUrl = provider.docsUrl;
-	if ("summary" in provider) base.summary = provider.summary;
-	if ("freshness" in provider) base.freshness = provider.freshness;
-	return base;
-}
-function buildSearchView(config) {
-	return {
-		provider: config.search.provider,
-		enabledProviders: [...config.search.enabledProviders],
-		defaults: { maxResults: config.search.defaults.maxResults },
-		providers: {
-			bocha: toSearchProviderView(config, "bocha", config.search.providers.bocha),
-			brave: toSearchProviderView(config, "brave", config.search.providers.brave)
-		}
-	};
-}
 function clearSecretRef(config, path) {
 	if (config.secrets.refs[path]) delete config.secrets.refs[path];
 }
@@ -1266,41 +1482,6 @@ function updateModel(configPath, patch) {
 	saveConfig(next, configPath);
 	return buildConfigView(next);
 }
-function updateSearch(configPath, patch) {
-	const config = loadConfigOrDefault(configPath);
-	if (patch.provider === "bocha" || patch.provider === "brave") config.search.provider = patch.provider;
-	if (Array.isArray(patch.enabledProviders)) config.search.enabledProviders = Array.from(new Set(patch.enabledProviders.filter((value) => value === "bocha" || value === "brave")));
-	if (patch.defaults && Object.prototype.hasOwnProperty.call(patch.defaults, "maxResults")) {
-		const nextMaxResults = patch.defaults.maxResults;
-		if (typeof nextMaxResults === "number" && Number.isFinite(nextMaxResults)) config.search.defaults.maxResults = Math.max(1, Math.min(50, Math.trunc(nextMaxResults)));
-	}
-	const bochaPatch = patch.providers?.bocha;
-	if (bochaPatch) {
-		if (Object.prototype.hasOwnProperty.call(bochaPatch, "apiKey")) {
-			config.search.providers.bocha.apiKey = bochaPatch.apiKey ?? "";
-			clearSecretRef(config, "search.providers.bocha.apiKey");
-		}
-		if (Object.prototype.hasOwnProperty.call(bochaPatch, "baseUrl")) config.search.providers.bocha.baseUrl = normalizeOptionalString(bochaPatch.baseUrl) ?? "https://api.bocha.cn/v1/web-search";
-		if (Object.prototype.hasOwnProperty.call(bochaPatch, "docsUrl")) config.search.providers.bocha.docsUrl = normalizeOptionalString(bochaPatch.docsUrl) ?? BOCHA_OPEN_URL;
-		if (Object.prototype.hasOwnProperty.call(bochaPatch, "summary")) config.search.providers.bocha.summary = Boolean(bochaPatch.summary);
-		if (Object.prototype.hasOwnProperty.call(bochaPatch, "freshness")) {
-			const freshness = normalizeOptionalString(bochaPatch.freshness);
-			if (freshness === "noLimit" || freshness === "oneDay" || freshness === "oneWeek" || freshness === "oneMonth" || freshness === "oneYear") config.search.providers.bocha.freshness = freshness;
-			else config.search.providers.bocha.freshness = "noLimit";
-		}
-	}
-	const bravePatch = patch.providers?.brave;
-	if (bravePatch) {
-		if (Object.prototype.hasOwnProperty.call(bravePatch, "apiKey")) {
-			config.search.providers.brave.apiKey = bravePatch.apiKey ?? "";
-			clearSecretRef(config, "search.providers.brave.apiKey");
-		}
-		if (Object.prototype.hasOwnProperty.call(bravePatch, "baseUrl")) config.search.providers.brave.baseUrl = normalizeOptionalString(bravePatch.baseUrl) ?? "https://api.search.brave.com/res/v1/web/search";
-	}
-	const next = ConfigSchema.parse(config);
-	saveConfig(next, configPath);
-	return buildSearchView(next);
-}
 function updateProvider(configPath, providerName, patch) {
 	const config = loadConfigOrDefault(configPath);
 	const provider = ensureProviderConfig(config, providerName);
@@ -1495,13 +1676,14 @@ function createSessionManager(config) {
 }
 const DEFAULT_SESSION_TYPE = "native";
 const SESSION_TYPE_METADATA_KEY = "session_type";
+const RUNTIME_METADATA_KEY = "runtime";
 function normalizeSessionType(value) {
 	if (typeof value !== "string") return null;
 	const normalized = value.trim().toLowerCase();
 	return normalized.length > 0 ? normalized : null;
 }
 function readSessionType(session) {
-	return normalizeSessionType(session.metadata[SESSION_TYPE_METADATA_KEY]) ?? "native";
+	return normalizeSessionType(session.metadata[RUNTIME_METADATA_KEY]) ?? normalizeSessionType(session.metadata[SESSION_TYPE_METADATA_KEY]) ?? "native";
 }
 function countUserMessages(session) {
 	return session.messages.reduce((total, message) => {
@@ -1642,6 +1824,7 @@ function patchSession(configPath, key, patch, options) {
 		availableSessionTypes.add(DEFAULT_SESSION_TYPE);
 		if (!availableSessionTypes.has(normalizedSessionType)) throw new SessionPatchValidationError("SESSION_TYPE_UNAVAILABLE", `sessionType is unavailable: ${normalizedSessionType}`);
 		session.metadata[SESSION_TYPE_METADATA_KEY] = normalizedSessionType;
+		session.metadata[RUNTIME_METADATA_KEY] = normalizedSessionType;
 	}
 	session.updatedAt = /* @__PURE__ */ new Date();
 	sessionManager.save(session);
@@ -2449,6 +2632,56 @@ function buildCronJobView(job) {
 function findCronJob(service, id) {
 	return service.listJobs(true).find((job) => job.id === id) ?? null;
 }
+function normalizeCronSchedule(schedule) {
+	if (!schedule) return null;
+	if (schedule.kind === "every") {
+		if (typeof schedule.everyMs !== "number" || !Number.isFinite(schedule.everyMs) || schedule.everyMs <= 0) return null;
+		return {
+			kind: "every",
+			everyMs: schedule.everyMs
+		};
+	}
+	if (schedule.kind === "at") {
+		if (typeof schedule.atMs !== "number" || !Number.isFinite(schedule.atMs)) return null;
+		return {
+			kind: "at",
+			atMs: schedule.atMs
+		};
+	}
+	if (schedule.kind === "cron") {
+		const expr = readNonEmptyString(schedule.expr);
+		if (!expr) return null;
+		const tz = readNonEmptyString(schedule.tz);
+		return tz ? {
+			kind: "cron",
+			expr,
+			tz
+		} : {
+			kind: "cron",
+			expr
+		};
+	}
+	return null;
+}
+function readCronCreateParams(input) {
+	const name = readNonEmptyString(input.name);
+	if (!name) return { error: "name must be a non-empty string" };
+	const message = readNonEmptyString(input.message);
+	if (!message) return { error: "message must be a non-empty string" };
+	const schedule = normalizeCronSchedule(input.schedule);
+	if (!schedule) return { error: "schedule must be a valid at/every/cron definition" };
+	return { params: {
+		name,
+		message,
+		schedule,
+		agentId: readNonEmptyString(input.agentId),
+		deliver: input.deliver === true,
+		channel: readNonEmptyString(input.channel),
+		to: readNonEmptyString(input.to),
+		accountId: readNonEmptyString(input.accountId),
+		deleteAfterRun: input.deleteAfterRun === true
+	} };
+}
 var CronRoutesController = class {
 	constructor(options) {
 		this.options = options;
@@ -2463,6 +2696,15 @@ var CronRoutesController = class {
 			total: jobs.length
 		}));
 	};
+	createJob = async (c) => {
+		if (!this.options.cronService) return c.json(err("NOT_AVAILABLE", "cron service unavailable"), 503);
+		const body = await readJson(c.req.raw);
+		if (!body.ok) return c.json(err("INVALID_BODY", "invalid json body"), 400);
+		const normalized = readCronCreateParams(body.data);
+		if ("error" in normalized) return c.json(err("INVALID_BODY", normalized.error), 400);
+		const data = { job: buildCronJobView(this.options.cronService.addJob(normalized.params)) };
+		return c.json(ok(data), 201);
+	};
 	deleteJob = (c) => {
 		if (!this.options.cronService) return c.json(err("NOT_AVAILABLE", "cron service unavailable"), 503);
 		const id = decodeURIComponent(c.req.param("id"));
@@ -2554,7 +2796,6 @@ var NcpAssetRoutesController = class {
 		if (!record || !contentPath) return c.json(err("NOT_FOUND", `asset not found: ${uri}`), 404);
 		const body = await readFile(contentPath);
 		return new Response(body, { headers: {
-			"content-length": String(body.byteLength),
 			"content-type": record.mimeType || "application/octet-stream",
 			"content-disposition": `inline; filename*=UTF-8''${encodeContentDispositionFileName(record.fileName)}`
 		} });
@@ -2738,9 +2979,11 @@ function applySessionTypePatch(metadata, patch) {
 	const sessionType = typeof patch.sessionType === "string" ? patch.sessionType.trim() : "";
 	if (sessionType) {
 		metadata.session_type = sessionType;
+		metadata.runtime = sessionType;
 		delete metadata.sessionType;
 		return;
 	}
+	delete metadata.runtime;
 	delete metadata.session_type;
 	delete metadata.sessionType;
 }
@@ -4048,6 +4291,17 @@ var RemoteRoutesController = class {
 			return c.json(err("REMOTE_LOGOUT_FAILED", formatUserFacingError(error)), 500);
 		}
 	};
+	updateProfile = async (c) => {
+		const body = await readJson(c.req.raw);
+		if (!body.ok) return c.json(err("INVALID_BODY", "invalid json body"), 400);
+		const username = readNonEmptyString(body.data.username);
+		if (!username) return c.json(err("INVALID_BODY", "username is required"), 400);
+		try {
+			return c.json(ok(await this.host.updateProfile({ username })));
+		} catch (error) {
+			return c.json(err("REMOTE_PROFILE_UPDATE_FAILED", formatUserFacingError(error)), 400);
+		}
+	};
 	updateSettings = async (c) => {
 		const body = await readJson(c.req.raw);
 		if (!body.ok) return c.json(err("INVALID_BODY", "invalid json body"), 400);
@@ -4190,6 +4444,7 @@ function registerAuthRoutes(app, authController) {
 function registerAgentRoutes(app, agentsController) {
 	app.get("/api/agents", agentsController.listAgents);
 	app.post("/api/agents", agentsController.createAgent);
+	app.put("/api/agents/:agentId", agentsController.updateAgent);
 	app.delete("/api/agents/:agentId", agentsController.deleteAgent);
 	app.get("/api/agents/:agentId/avatar", agentsController.getAgentAvatar);
 }
@@ -4237,6 +4492,7 @@ function registerNcpRuntimeRoutes(app, options, ncpAssetController) {
 }
 function registerCronRoutes(app, cronController) {
 	app.get("/api/cron", cronController.listJobs);
+	app.post("/api/cron", cronController.createJob);
 	app.delete("/api/cron/:id", cronController.deleteJob);
 	app.put("/api/cron/:id/enable", cronController.enableJob);
 	app.post("/api/cron/:id/run", cronController.runJob);
@@ -4249,6 +4505,7 @@ function registerRemoteRoutes(app, remoteController) {
 	app.post("/api/remote/auth/start", remoteController.startBrowserAuth);
 	app.post("/api/remote/auth/poll", remoteController.pollBrowserAuth);
 	app.post("/api/remote/logout", remoteController.logout);
+	app.put("/api/remote/account/profile", remoteController.updateProfile);
 	app.put("/api/remote/settings", remoteController.updateSettings);
 	app.post("/api/remote/service/:action", remoteController.controlService);
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nextclaw/server",
-  "version": "0.12.1",
+  "version": "0.12.3",
   "private": false,
   "description": "Nextclaw UI/API server.",
   "type": "module",
@@ -18,12 +18,12 @@
     "@hono/node-server": "^1.13.3",
     "hono": "^4.6.2",
     "ws": "^8.18.0",
-    "@nextclaw/mcp": "0.1.66",
-    "@nextclaw/core": "0.12.1",
-    "@nextclaw/openclaw-compat": "1.0.1",
-    "@nextclaw/runtime": "0.2.33",
+    "@nextclaw/core": "0.12.3",
+    "@nextclaw/mcp": "0.1.68",
+    "@nextclaw/ncp-http-agent-server": "0.3.12",
+    "@nextclaw/openclaw-compat": "1.0.3",
     "@nextclaw/ncp": "0.5.0",
-    "@nextclaw/ncp-http-agent-server": "0.3.12"
+    "@nextclaw/runtime": "0.2.35"
   },
   "devDependencies": {
     "@types/node": "^20.17.6",