@nextclaw/server 0.12.11 → 0.12.13-beta.0

package/dist/index.d.ts

@@ -4,6 +4,7 @@ import { Config, ConfigActionExecuteRequest as ConfigActionExecuteRequest$1, Con
 import { NcpHttpAgentStreamProvider } from "@nextclaw/ncp-http-agent-server";
 import { PluginChannelBinding, PluginUiMetadata } from "@nextclaw/openclaw-compat";
 import { NcpAgentClientEndpoint, NcpMessage, NcpSessionApi, NcpSessionStatus, NcpSessionSummary } from "@nextclaw/ncp";
+import { UpdatePreferences, UpdateSnapshot } from "@nextclaw/kernel/update-contract";
 import { IncomingMessage } from "node:http";
 
 //#region src/ui/ncp-attachment.types.d.ts
@@ -401,6 +402,7 @@ type UiRouterOptions = {
   authService?: UiAuthService;
   remoteAccess?: UiRemoteAccessHost;
   runtimeControl?: UiRuntimeControlHost;
+  runtimeUpdate?: UiRuntimeUpdateHost;
   getBootstrapStatus?: () => BootstrapStatusView;
   getPluginChannelBindings?: () => PluginChannelBinding[];
   getPluginUiMetadata?: () => PluginUiMetadata[];
@@ -422,6 +424,14 @@ type UiRuntimeControlHost = {
   restartService: () => Promise<RuntimeControlActionResult> | RuntimeControlActionResult;
   stopService: () => Promise<RuntimeControlActionResult> | RuntimeControlActionResult;
 };
+type UiRuntimeUpdateHost = {
+  getState: () => Promise<UpdateSnapshot> | UpdateSnapshot;
+  checkForUpdates: () => Promise<UpdateSnapshot> | UpdateSnapshot;
+  downloadUpdate: () => Promise<UpdateSnapshot> | UpdateSnapshot;
+  applyDownloadedUpdate: () => Promise<UpdateSnapshot> | UpdateSnapshot;
+  updatePreferences: (preferences: Partial<UpdatePreferences>) => Promise<UpdateSnapshot> | UpdateSnapshot;
+  updateChannel: (channel: UpdateSnapshot["channel"]) => Promise<UpdateSnapshot> | UpdateSnapshot;
+};
 //#endregion
 //#region src/ui/chat-session-type.types.d.ts
 type ChatSessionTypeIconView = {
@@ -935,9 +945,12 @@ type CronScheduleView = {
 type CronPayloadView = {
   kind?: "system_event" | "agent_turn";
   message: string;
+  agentId?: string | null;
+  sessionId?: string | null;
   deliver?: boolean;
   channel?: string | null;
   to?: string | null;
+  accountId?: string | null;
 };
 type CronJobStateView = {
   nextRunAt?: string | null;
@@ -965,6 +978,7 @@ type CronCreateRequest = {
   message: string;
   schedule: CronScheduleView;
   agentId?: string | null;
+  sessionId?: string | null;
   deliver?: boolean;
   channel?: string | null;
   to?: string | null;
@@ -985,6 +999,9 @@ type CronActionResult = {
   executed?: boolean;
 };
 type RuntimeConfigUpdate = {
+  companion?: {
+    enabled?: boolean;
+  };
   agents?: {
     defaults?: {
       contextTokens?: number;
@@ -1073,6 +1090,9 @@ type UiNcpAgent = {
   basePath?: string;
 };
 type ConfigView = {
+  companion?: {
+    enabled?: boolean;
+  };
   agents: {
     defaults: {
       model: string;
@@ -1090,7 +1110,6 @@ type ConfigView = {
       bootstrap?: {
         files?: string[];
         minimalFiles?: string[];
-        heartbeatFiles?: string[];
         perFileChars?: number;
         totalChars?: number;
       };
@@ -1314,6 +1333,7 @@ type UiServerHandle = {
 //#region src/ui/server.d.ts
 type UiServerStartOptions = UiServerOptions & {
   applyLiveConfigReload?: () => Promise<void>;
+  runtimeUpdate?: UiRuntimeUpdateHost;
 };
 declare function startUiServer(options: UiServerStartOptions): UiServerHandle;
 //#endregion
@@ -1371,7 +1391,7 @@ declare function patchSession(configPath: string, key: string, patch: SessionPat
   availableSessionTypes?: string[];
 }): SessionHistoryView | null;
 declare function deleteSession(configPath: string, key: string): boolean;
-declare function updateRuntime(configPath: string, patch: RuntimeConfigUpdate): Pick<ConfigView, "agents" | "bindings" | "session">;
+declare function updateRuntime(configPath: string, patch: RuntimeConfigUpdate): Pick<ConfigView, "companion" | "agents" | "bindings" | "session">;
 declare function updateSecrets(configPath: string, patch: SecretsConfigUpdate): SecretsView;
 //#endregion
 //#region src/ui/auth-bridge.d.ts
@@ -1379,4 +1399,4 @@ declare function getUiBridgeSecretPath(): string;
 declare function readUiBridgeSecret(): string | null;
 declare function ensureUiBridgeSecret(): string;
 //#endregion
-export { AgentBindingView, AgentCreateRequest, AgentDeleteResult, AgentProfileView, AgentUpdateRequest, ApiError, ApiResponse, AppMetaView, AuthEnabledUpdateRequest, AuthLoginRequest, AuthPasswordUpdateRequest, AuthSetupRequest, AuthStatusView, BindingPeerView, BochaFreshnessValue, BootstrapPhase, BootstrapRemoteState, BootstrapStageState, BootstrapStatusView, ChannelAuthPollRequest, ChannelAuthPollResult, ChannelAuthStartRequest, ChannelAuthStartResult, ChannelSpecView, type ChatSessionTypeCtaView, type ChatSessionTypeOptionView, type ChatSessionTypesView, ConfigActionExecuteRequest, ConfigActionExecuteResult, ConfigActionManifest, ConfigActionType, ConfigMetaView, ConfigSchemaResponse, ConfigUiHint, ConfigUiHints, ConfigView, CronActionResult, CronCreateRequest, CronCreateResult, CronEnableRequest, CronJobStateView, CronJobView, CronListView, CronPayloadView, CronRunRequest, CronScheduleView, DEFAULT_SESSION_TYPE, MarketplaceApiConfig, MarketplaceInstallKind, MarketplaceInstallSkillParams, MarketplaceInstallSpec, MarketplaceInstalledRecord, MarketplaceInstalledView, MarketplaceInstaller, MarketplaceItemSummary, MarketplaceItemType, MarketplaceItemView, MarketplaceListView, MarketplaceLocalizedTextMap, MarketplaceMcpContentView, MarketplaceMcpDoctorResult, MarketplaceMcpInstallKind, MarketplaceMcpInstallRequest, MarketplaceMcpInstallResult, MarketplaceMcpInstallSpec, MarketplaceMcpManageAction, MarketplaceMcpManageRequest, MarketplaceMcpManageResult, MarketplaceMcpTemplateInput, MarketplacePluginContentView, MarketplacePluginInstallKind, MarketplacePluginInstallRequest, MarketplacePluginInstallResult, MarketplacePluginManageAction, MarketplacePluginManageRequest, MarketplacePluginManageResult, MarketplaceRecommendationView, MarketplaceSkillContentView, MarketplaceSkillInstallKind, MarketplaceSkillInstallRequest, MarketplaceSkillInstallResult, MarketplaceSkillManageAction, MarketplaceSkillManageRequest, MarketplaceSkillManageResult, MarketplaceSort, NcpSessionSkillsView, ProviderAuthImportResult, ProviderAuthPollRequest, ProviderAuthPollResult, ProviderAuthStartRequest, ProviderAuthStartResult, ProviderConfigUpdate, ProviderConfigView, ProviderConnectionTestRequest, ProviderConnectionTestResult, ProviderCreateRequest, ProviderCreateResult, ProviderDeleteResult, ProviderSpecView, RemoteAccessView, RemoteAccountProfileUpdateRequest, RemoteAccountView, RemoteBrowserAuthPollRequest, RemoteBrowserAuthPollResult, RemoteBrowserAuthStartRequest, RemoteBrowserAuthStartResult, RemoteDoctorCheckView, RemoteDoctorView, RemoteLoginRequest, RemoteRuntimeView, RemoteServiceAction, RemoteServiceActionResult, RemoteServiceView, RemoteSettingsUpdateRequest, RemoteSettingsView, RuntimeActionCapability, RuntimeActionImpact, RuntimeConfigUpdate, RuntimeControlAction, RuntimeControlActionResult, RuntimeControlEnvironment, RuntimeControlView, RuntimeEntryView, RuntimeLifecycleState, RuntimePendingRestart, RuntimeServiceState, SearchConfigUpdate, SearchConfigView, SearchProviderConfigView, SearchProviderName, SearchProviderSpecView, SecretProviderEnvView, SecretProviderExecView, SecretProviderFileView, SecretProviderView, SecretRefView, SecretSourceView, SecretsConfigUpdate, SecretsView, ServerPathBreadcrumbView, ServerPathBrowseView, ServerPathEntryView, ServerPathReadView, SessionConfigView, SessionEntryView, SessionEventView, SessionHistoryView, SessionMessageView, SessionPatchUpdate, SessionPatchValidationError, SessionSkillEntryView, SessionTypeDescribeParams, SessionsListView, TavilySearchDepthValue, UiNcpAgent, UiNcpAssetPutView, UiNcpAssetView, UiNcpSessionListView, UiNcpSessionMessagesView, UiNcpSessionService, UiNcpStoredAssetRecord, type UiRemoteAccessHost, type UiRuntimeControlHost, UiServerEvent, UiServerHandle, UiServerOptions, buildConfigMeta, buildConfigSchemaView, buildConfigView, createCustomProvider, createUiRouter, deleteCustomProvider, deleteSession, ensureUiBridgeSecret, executeConfigAction, getSessionHistory, getUiBridgeSecretPath, listSessions, loadConfigOrDefault, patchSession, readUiBridgeSecret, startUiServer, testProviderConnection, updateChannel, updateModel, updateProvider, updateRuntime, updateSearch, updateSecrets };
+export { AgentBindingView, AgentCreateRequest, AgentDeleteResult, AgentProfileView, AgentUpdateRequest, ApiError, ApiResponse, AppMetaView, AuthEnabledUpdateRequest, AuthLoginRequest, AuthPasswordUpdateRequest, AuthSetupRequest, AuthStatusView, BindingPeerView, BochaFreshnessValue, BootstrapPhase, BootstrapRemoteState, BootstrapStageState, BootstrapStatusView, ChannelAuthPollRequest, ChannelAuthPollResult, ChannelAuthStartRequest, ChannelAuthStartResult, ChannelSpecView, type ChatSessionTypeCtaView, type ChatSessionTypeOptionView, type ChatSessionTypesView, ConfigActionExecuteRequest, ConfigActionExecuteResult, ConfigActionManifest, ConfigActionType, ConfigMetaView, ConfigSchemaResponse, ConfigUiHint, ConfigUiHints, ConfigView, CronActionResult, CronCreateRequest, CronCreateResult, CronEnableRequest, CronJobStateView, CronJobView, CronListView, CronPayloadView, CronRunRequest, CronScheduleView, DEFAULT_SESSION_TYPE, MarketplaceApiConfig, MarketplaceInstallKind, MarketplaceInstallSkillParams, MarketplaceInstallSpec, MarketplaceInstalledRecord, MarketplaceInstalledView, MarketplaceInstaller, MarketplaceItemSummary, MarketplaceItemType, MarketplaceItemView, MarketplaceListView, MarketplaceLocalizedTextMap, MarketplaceMcpContentView, MarketplaceMcpDoctorResult, MarketplaceMcpInstallKind, MarketplaceMcpInstallRequest, MarketplaceMcpInstallResult, MarketplaceMcpInstallSpec, MarketplaceMcpManageAction, MarketplaceMcpManageRequest, MarketplaceMcpManageResult, MarketplaceMcpTemplateInput, MarketplacePluginContentView, MarketplacePluginInstallKind, MarketplacePluginInstallRequest, MarketplacePluginInstallResult, MarketplacePluginManageAction, MarketplacePluginManageRequest, MarketplacePluginManageResult, MarketplaceRecommendationView, MarketplaceSkillContentView, MarketplaceSkillInstallKind, MarketplaceSkillInstallRequest, MarketplaceSkillInstallResult, MarketplaceSkillManageAction, MarketplaceSkillManageRequest, MarketplaceSkillManageResult, MarketplaceSort, NcpSessionSkillsView, ProviderAuthImportResult, ProviderAuthPollRequest, ProviderAuthPollResult, ProviderAuthStartRequest, ProviderAuthStartResult, ProviderConfigUpdate, ProviderConfigView, ProviderConnectionTestRequest, ProviderConnectionTestResult, ProviderCreateRequest, ProviderCreateResult, ProviderDeleteResult, ProviderSpecView, RemoteAccessView, RemoteAccountProfileUpdateRequest, RemoteAccountView, RemoteBrowserAuthPollRequest, RemoteBrowserAuthPollResult, RemoteBrowserAuthStartRequest, RemoteBrowserAuthStartResult, RemoteDoctorCheckView, RemoteDoctorView, RemoteLoginRequest, RemoteRuntimeView, RemoteServiceAction, RemoteServiceActionResult, RemoteServiceView, RemoteSettingsUpdateRequest, RemoteSettingsView, RuntimeActionCapability, RuntimeActionImpact, RuntimeConfigUpdate, RuntimeControlAction, RuntimeControlActionResult, RuntimeControlEnvironment, RuntimeControlView, RuntimeEntryView, RuntimeLifecycleState, RuntimePendingRestart, RuntimeServiceState, SearchConfigUpdate, SearchConfigView, SearchProviderConfigView, SearchProviderName, SearchProviderSpecView, SecretProviderEnvView, SecretProviderExecView, SecretProviderFileView, SecretProviderView, SecretRefView, SecretSourceView, SecretsConfigUpdate, SecretsView, ServerPathBreadcrumbView, ServerPathBrowseView, ServerPathEntryView, ServerPathReadView, SessionConfigView, SessionEntryView, SessionEventView, SessionHistoryView, SessionMessageView, SessionPatchUpdate, SessionPatchValidationError, SessionSkillEntryView, SessionTypeDescribeParams, SessionsListView, TavilySearchDepthValue, UiNcpAgent, UiNcpAssetPutView, UiNcpAssetView, UiNcpSessionListView, UiNcpSessionMessagesView, UiNcpSessionService, UiNcpStoredAssetRecord, type UiRemoteAccessHost, type UiRuntimeControlHost, type UiRuntimeUpdateHost, UiServerEvent, UiServerHandle, UiServerOptions, buildConfigMeta, buildConfigSchemaView, buildConfigView, createCustomProvider, createUiRouter, deleteCustomProvider, deleteSession, ensureUiBridgeSecret, executeConfigAction, getSessionHistory, getUiBridgeSecretPath, listSessions, loadConfigOrDefault, patchSession, readUiBridgeSecret, startUiServer, testProviderConnection, updateChannel, updateModel, updateProvider, updateRuntime, updateSearch, updateSecrets };

package/dist/index.js

@@ -1332,6 +1332,7 @@ function buildConfigView(config, options) {
 	const providers = {};
 	for (const [name, provider] of Object.entries(config.providers)) providers[name] = toProviderView(config, provider, name, uiHints, findServerBuiltinProviderByName(name));
 	return {
+		companion: sanitizePublicConfigValue(config.companion, "companion", uiHints),
 		agents: sanitizePublicConfigValue(config.agents, "agents", uiHints),
 		providers,
 		search: buildSearchView(config),
@@ -1907,18 +1908,22 @@ function deleteSession(configPath, key) {
 	if (!normalizedKey) return false;
 	return createSessionManager(loadConfigOrDefault(configPath)).delete(normalizedKey);
 }
-function updateRuntime(configPath, patch) {
-	const config = loadConfigOrDefault(configPath);
-	const defaultsPatch = patch.agents?.defaults;
-	if (defaultsPatch && Object.prototype.hasOwnProperty.call(defaultsPatch, "contextTokens")) {
+function applyRuntimeAgentDefaultsPatch(config, defaultsPatch) {
+	if (!defaultsPatch) return;
+	if (Object.prototype.hasOwnProperty.call(defaultsPatch, "contextTokens")) {
 		const nextContextTokens = defaultsPatch.contextTokens;
 		if (typeof nextContextTokens === "number" && Number.isFinite(nextContextTokens)) config.agents.defaults.contextTokens = Math.max(1e3, Math.trunc(nextContextTokens));
 	}
-	if (defaultsPatch && Object.prototype.hasOwnProperty.call(defaultsPatch, "engine")) config.agents.defaults.engine = normalizeOptionalString(defaultsPatch.engine) ?? "native";
-	if (defaultsPatch && Object.prototype.hasOwnProperty.call(defaultsPatch, "engineConfig")) {
+	if (Object.prototype.hasOwnProperty.call(defaultsPatch, "engine")) config.agents.defaults.engine = normalizeOptionalString(defaultsPatch.engine) ?? "native";
+	if (Object.prototype.hasOwnProperty.call(defaultsPatch, "engineConfig")) {
 		const nextEngineConfig = defaultsPatch.engineConfig;
 		if (nextEngineConfig && typeof nextEngineConfig === "object" && !Array.isArray(nextEngineConfig)) config.agents.defaults.engineConfig = { ...nextEngineConfig };
 	}
+}
+function updateRuntime(configPath, patch) {
+	const config = loadConfigOrDefault(configPath);
+	if (patch.companion && Object.prototype.hasOwnProperty.call(patch.companion, "enabled")) config.companion.enabled = Boolean(patch.companion.enabled);
+	applyRuntimeAgentDefaultsPatch(config, patch.agents?.defaults);
 	if (patch.agents && Object.prototype.hasOwnProperty.call(patch.agents, "list")) config.agents.list = (patch.agents.list ?? []).map((entry) => {
 		const normalizedEngine = normalizeOptionalString(entry.engine);
 		const hasEngineConfig = entry.engineConfig && typeof entry.engineConfig === "object" && !Array.isArray(entry.engineConfig);
@@ -1939,6 +1944,7 @@ function updateRuntime(configPath, patch) {
 	saveConfig(next, configPath);
 	const view = buildConfigView(next);
 	return {
+		companion: view.companion,
 		agents: view.agents,
 		bindings: view.bindings ?? [],
 		session: view.session ?? {}
@@ -2707,6 +2713,7 @@ var ConfigRoutesController = class {
 		if (body.data.agents?.defaults && Object.prototype.hasOwnProperty.call(body.data.agents.defaults, "engine")) changedPaths.push("agents.defaults.engine");
 		if (body.data.agents?.defaults && Object.prototype.hasOwnProperty.call(body.data.agents.defaults, "engineConfig")) changedPaths.push("agents.defaults.engineConfig");
 		if (body.data.agents?.runtimes && Object.prototype.hasOwnProperty.call(body.data.agents.runtimes, "entries")) changedPaths.push("agents.runtimes.entries");
+		if (body.data.companion && Object.prototype.hasOwnProperty.call(body.data.companion, "enabled")) changedPaths.push("companion.enabled");
 		changedPaths.push("agents.list", "bindings", "session");
 		await this.publishConfigUpdates(changedPaths);
 		return c.json(ok(result));
@@ -2792,6 +2799,7 @@ function readCronCreateParams(input) {
 		message,
 		schedule,
 		agentId: readNonEmptyString(input.agentId),
+		sessionId: readNonEmptyString(input.sessionId),
 		deliver: input.deliver === true,
 		channel: readNonEmptyString(input.channel),
 		to: readNonEmptyString(input.to),
@@ -3206,6 +3214,7 @@ var NcpSessionRoutesController = class {
 			sessionId,
 			status: session.status ?? "idle",
 			messages,
+			...session.contextWindow ? { contextWindow: session.contextWindow } : {},
 			total: messages.length
 		};
 		return c.json(ok(payload));
@@ -4529,6 +4538,64 @@ var RuntimeControlRoutesController = class {
 	};
 };
 //#endregion
+//#region src/ui/ui-routes/runtime-update.controller.ts
+var RuntimeUpdateRoutesController = class {
+	constructor(host) {
+		this.host = host;
+	}
+	getState = async (c) => {
+		try {
+			return c.json(ok(await this.host.getState()));
+		} catch (error) {
+			return c.json(err("RUNTIME_UPDATE_STATE_FAILED", formatUserFacingError(error)), 500);
+		}
+	};
+	checkForUpdates = async (c) => {
+		try {
+			return c.json(ok(await this.host.checkForUpdates()));
+		} catch (error) {
+			return c.json(err("RUNTIME_UPDATE_CHECK_FAILED", formatUserFacingError(error)), 400);
+		}
+	};
+	downloadUpdate = async (c) => {
+		try {
+			return c.json(ok(await this.host.downloadUpdate()));
+		} catch (error) {
+			return c.json(err("RUNTIME_UPDATE_DOWNLOAD_FAILED", formatUserFacingError(error)), 400);
+		}
+	};
+	applyDownloadedUpdate = async (c) => {
+		try {
+			return c.json(ok(await this.host.applyDownloadedUpdate()));
+		} catch (error) {
+			return c.json(err("RUNTIME_UPDATE_APPLY_FAILED", formatUserFacingError(error)), 400);
+		}
+	};
+	updatePreferences = async (c) => {
+		const body = await readJson(c.req.raw);
+		if (!body.ok) return c.json(err("INVALID_BODY", "invalid json body"), 400);
+		try {
+			return c.json(ok(await this.host.updatePreferences({
+				...typeof body.data.automaticChecks === "boolean" ? { automaticChecks: body.data.automaticChecks } : {},
+				...typeof body.data.autoDownload === "boolean" ? { autoDownload: body.data.autoDownload } : {}
+			})));
+		} catch (error) {
+			return c.json(err("RUNTIME_UPDATE_PREFERENCES_FAILED", formatUserFacingError(error)), 400);
+		}
+	};
+	updateChannel = async (c) => {
+		const body = await readJson(c.req.raw);
+		if (!body.ok) return c.json(err("INVALID_BODY", "invalid json body"), 400);
+		const channel = body.data.channel;
+		if (channel !== "stable" && channel !== "beta") return c.json(err("INVALID_BODY", "channel must be stable or beta"), 400);
+		try {
+			return c.json(ok(await this.host.updateChannel(channel)));
+		} catch (error) {
+			return c.json(err("RUNTIME_UPDATE_CHANNEL_FAILED", formatUserFacingError(error)), 400);
+		}
+	};
+};
+//#endregion
 //#region src/ui/server-path/server-path-browse.utils.ts
 var ServerPathBrowseError = class extends Error {
 	constructor(code, message) {
@@ -4865,7 +4932,17 @@ function registerRuntimeControlRoutes(app, runtimeControlController) {
 	app.post("/api/runtime/control/restart-service", runtimeControlController.restartService);
 	app.post("/api/runtime/control/stop-service", runtimeControlController.stopService);
 }
+function registerRuntimeUpdateRoutes(app, runtimeUpdateController) {
+	if (!runtimeUpdateController) return;
+	app.get("/api/runtime/update", runtimeUpdateController.getState);
+	app.post("/api/runtime/update/check", runtimeUpdateController.checkForUpdates);
+	app.post("/api/runtime/update/download", runtimeUpdateController.downloadUpdate);
+	app.post("/api/runtime/update/apply", runtimeUpdateController.applyDownloadedUpdate);
+	app.put("/api/runtime/update/preferences", runtimeUpdateController.updatePreferences);
+	app.put("/api/runtime/update/channel", runtimeUpdateController.updateChannel);
+}
 function createUiRouteControllers(options, authService, marketplaceBaseUrl) {
+	const { remoteAccess, runtimeControl, runtimeUpdate } = options;
 	return {
 		app: new AppRoutesController(options),
 		agents: new AgentsRoutesController(options),
@@ -4875,8 +4952,9 @@ function createUiRouteControllers(options, authService, marketplaceBaseUrl) {
 		ncpSession: new NcpSessionRoutesController(options),
 		ncpAsset: new NcpAssetRoutesController(options),
 		serverPath: new ServerPathRoutesController(),
-		remote: options.remoteAccess ? new RemoteRoutesController(options.remoteAccess) : null,
-		runtimeControl: options.runtimeControl ? new RuntimeControlRoutesController(options.runtimeControl) : null,
+		remote: remoteAccess ? new RemoteRoutesController(remoteAccess) : null,
+		runtimeControl: runtimeControl ? new RuntimeControlRoutesController(runtimeControl) : null,
+		runtimeUpdate: runtimeUpdate ? new RuntimeUpdateRoutesController(runtimeUpdate) : null,
 		pluginMarketplace: new PluginMarketplaceController(options, marketplaceBaseUrl),
 		skillMarketplace: new SkillMarketplaceController(options, marketplaceBaseUrl),
 		mcpMarketplace: new McpMarketplaceController(options, marketplaceBaseUrl)
@@ -4913,6 +4991,7 @@ function createUiRouter(options) {
 	registerCronRoutes(app, controllers.cron);
 	registerRemoteRoutes(app, controllers.remote);
 	registerRuntimeControlRoutes(app, controllers.runtimeControl);
+	registerRuntimeUpdateRoutes(app, controllers.runtimeUpdate);
 	mountMarketplaceRoutes(app, {
 		plugin: controllers.pluginMarketplace,
 		skill: controllers.skillMarketplace,
@@ -4955,11 +5034,66 @@ function applyCorsHeaders(params) {
 	appendVaryHeader(params.headers, "Origin");
 	appendVaryHeader(params.headers, "Access-Control-Request-Headers");
 }
+function createUiEventPublisher(clients) {
+	return (event) => {
+		const payload = JSON.stringify(event);
+		for (const client of clients) if (client.readyState === WebSocket.OPEN) client.send(payload);
+	};
+}
+function mountUiStaticAssets(app, staticDir) {
+	if (!existsSync(join(staticDir, "index.html"))) return;
+	const indexHtml = readFileSync(join(staticDir, "index.html"), "utf-8");
+	app.use("/*", serveStatic({
+		root: staticDir,
+		join,
+		getContent: async (path) => {
+			try {
+				return await readFile(path);
+			} catch {
+				return null;
+			}
+		},
+		isDir: async (path) => {
+			try {
+				return (await stat(path)).isDirectory();
+			} catch {
+				return false;
+			}
+		}
+	}));
+	app.get("*", (c) => {
+		const path = c.req.path;
+		if (path.startsWith("/api") || path.startsWith("/ws") || path.startsWith("/_remote")) return c.notFound();
+		return c.html(indexHtml);
+	});
+}
+function attachUiSocketServer(httpServer, authService, clients) {
+	const wss = new WebSocketServer({ noServer: true });
+	httpServer.on("upgrade", (request, socket, head) => {
+		const host = request.headers.host ?? "127.0.0.1";
+		const url = request.url ?? "/";
+		if (new URL(url, `http://${host}`).pathname !== "/ws") return;
+		if (!authService.isSocketAuthenticated(request)) {
+			socket.write("HTTP/1.1 401 Unauthorized\r\nConnection: close\r\n\r\n");
+			socket.destroy();
+			return;
+		}
+		wss.handleUpgrade(request, socket, head, (ws) => {
+			wss.emit("connection", ws, request);
+		});
+	});
+	wss.on("connection", (socket) => {
+		clients.add(socket);
+		socket.on("close", () => clients.delete(socket));
+	});
+	return wss;
+}
 function startUiServer(options) {
+	const { applyLiveConfigReload, configPath, corsOrigins, cronService, getBootstrapStatus, getPluginChannelBindings, getPluginUiMetadata, host, initializeAgentHomeDirectory, marketplace, ncpAgent, ncpSessionService, port, productVersion, remoteAccess, runtimeControl, runtimeUpdate, staticDir } = options;
 	const app = new Hono();
 	app.use("/*", compress());
-	const corsPolicy = options.corsOrigins ?? DEFAULT_CORS_ORIGINS;
-	const authService = new UiAuthService(options.configPath);
+	const corsPolicy = corsOrigins ?? DEFAULT_CORS_ORIGINS;
+	const authService = new UiAuthService(configPath);
 	app.use("/api/*", async (c, next) => {
 		const allowOrigin = resolveAllowedCorsOrigin(readRequestHeader(c.req.raw, "origin"), corsPolicy);
 		const allowHeaders = readRequestHeader(c.req.raw, "access-control-request-headers");
@@ -4986,86 +5120,40 @@ function startUiServer(options) {
 		});
 	});
 	const clients = /* @__PURE__ */ new Set();
-	const publish = (event) => {
-		const payload = JSON.stringify(event);
-		for (const client of clients) if (client.readyState === WebSocket.OPEN) client.send(payload);
-	};
+	const publish = createUiEventPublisher(clients);
 	app.route("/", createUiRouter({
-		configPath: options.configPath,
-		productVersion: options.productVersion,
+		configPath,
+		productVersion,
 		publish,
-		applyLiveConfigReload: options.applyLiveConfigReload,
-		initializeAgentHomeDirectory: options.initializeAgentHomeDirectory,
-		marketplace: options.marketplace,
-		cronService: options.cronService,
-		ncpAgent: options.ncpAgent,
-		ncpSessionService: options.ncpSessionService,
+		applyLiveConfigReload,
+		initializeAgentHomeDirectory,
+		marketplace,
+		cronService,
+		ncpAgent,
+		ncpSessionService,
 		authService,
-		remoteAccess: options.remoteAccess,
-		runtimeControl: options.runtimeControl,
-		getBootstrapStatus: options.getBootstrapStatus,
-		getPluginChannelBindings: options.getPluginChannelBindings,
-		getPluginUiMetadata: options.getPluginUiMetadata
+		remoteAccess,
+		runtimeControl,
+		runtimeUpdate,
+		getBootstrapStatus,
+		getPluginChannelBindings,
+		getPluginUiMetadata
 	}));
-	const staticDir = options.staticDir;
-	if (staticDir && existsSync(join(staticDir, "index.html"))) {
-		const indexHtml = readFileSync(join(staticDir, "index.html"), "utf-8");
-		app.use("/*", serveStatic({
-			root: staticDir,
-			join,
-			getContent: async (path) => {
-				try {
-					return await readFile(path);
-				} catch {
-					return null;
-				}
-			},
-			isDir: async (path) => {
-				try {
-					return (await stat(path)).isDirectory();
-				} catch {
-					return false;
-				}
-			}
-		}));
-		app.get("*", (c) => {
-			const path = c.req.path;
-			if (path.startsWith("/api") || path.startsWith("/ws") || path.startsWith("/_remote")) return c.notFound();
-			return c.html(indexHtml);
-		});
-	}
+	if (staticDir) mountUiStaticAssets(app, staticDir);
 	const server = serve({
 		fetch: app.fetch,
-		port: options.port,
-		hostname: options.host
-	});
-	const httpServer = server;
-	const wss = new WebSocketServer({ noServer: true });
-	httpServer.on("upgrade", (request, socket, head) => {
-		const host = request.headers.host ?? "127.0.0.1";
-		const url = request.url ?? "/";
-		if (new URL(url, `http://${host}`).pathname !== "/ws") return;
-		if (!authService.isSocketAuthenticated(request)) {
-			socket.write("HTTP/1.1 401 Unauthorized\r\nConnection: close\r\n\r\n");
-			socket.destroy();
-			return;
-		}
-		wss.handleUpgrade(request, socket, head, (ws) => {
-			wss.emit("connection", ws, request);
-		});
-	});
-	wss.on("connection", (socket) => {
-		clients.add(socket);
-		socket.on("close", () => clients.delete(socket));
+		port,
+		hostname: host
 	});
+	const wss = attachUiSocketServer(server, authService, clients);
 	return {
-		host: options.host,
-		port: options.port,
+		host,
+		port,
 		publish,
 		close: () => new Promise((resolve) => {
 			wss.close(() => {
 				server.close(() => {
-					Promise.resolve(options.ncpAgent?.agentClientEndpoint.stop()).catch(() => void 0).finally(() => resolve());
+					Promise.resolve(ncpAgent?.agentClientEndpoint.stop()).catch(() => void 0).finally(() => resolve());
 				});
 			});
 		})

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nextclaw/server",
-  "version": "0.12.11",
+  "version": "0.12.13-beta.0",
   "private": false,
   "description": "Nextclaw UI/API server.",
   "type": "module",
@@ -18,12 +18,13 @@
     "@hono/node-server": "^1.13.3",
     "hono": "^4.6.2",
     "ws": "^8.18.0",
-    "@nextclaw/core": "0.12.11",
-    "@nextclaw/mcp": "0.1.76",
-    "@nextclaw/ncp": "0.5.5",
-    "@nextclaw/ncp-http-agent-server": "0.3.17",
-    "@nextclaw/openclaw-compat": "1.0.11",
-    "@nextclaw/runtime": "0.2.43"
+    "@nextclaw/core": "0.12.13-beta.1",
+    "@nextclaw/mcp": "0.1.78-beta.0",
+    "@nextclaw/kernel": "0.1.2-beta.1",
+    "@nextclaw/ncp": "0.5.6-beta.0",
+    "@nextclaw/runtime": "0.2.45-beta.0",
+    "@nextclaw/ncp-http-agent-server": "0.3.18-beta.0",
+    "@nextclaw/openclaw-compat": "1.0.13-beta.0"
   },
   "devDependencies": {
     "@types/node": "^20.17.6",