morpheus-cli 0.4.3 → 0.4.6

package/README.md

@@ -242,6 +242,31 @@ Morpheus features a dedicated middleware system called **Sati** (Mindfulness) th
 -   **Data Privacy**: Stored in a local, independent SQLite database (`santi-memory.db`), ensuring sensitive data is handled securely and reducing context window usage.
 -   **Memory Management**: View and manage your long-term memories through the Web UI or via API endpoints.
 
+### 🪝 Webhooks & Notifications
+
+Morpheus includes a **Webhook System** that lets any external service (GitHub Actions, CI/CD pipelines, monitoring tools, etc.) trigger Oracle and receive the result asynchronously.
+
+**How it works:**
+1. Create a webhook via the Web UI or API — give it a name (slug) and a prompt.
+2. You receive a unique `api_key` for that webhook.
+3. Trigger it from anywhere by posting JSON to `POST /api/webhooks/trigger/<name>` with the `x-api-key` header.
+4. Morpheus runs Oracle with your prompt + the received payload in the background.
+5. The result is saved as a **Notification** and optionally pushed to Telegram.
+
+**Example — trigger from GitHub Actions:**
+```yaml
+- name: Notify Morpheus of deployment
+  run: |
+    curl -s -X POST https://your-morpheus-host/api/webhooks/trigger/deploy-done \
+      -H "x-api-key: ${{ secrets.MORPHEUS_WEBHOOK_KEY }}" \
+      -H "Content-Type: application/json" \
+      -d '{"workflow":"${{ github.workflow }}","status":"success","ref":"${{ github.ref }}"}'
+```
+
+**Security:** Each webhook has its own `api_key` (UUID). The key is sent in the `x-api-key` header — never in the URL — to prevent leakage in server logs. Management endpoints remain protected by `THE_ARCHITECT_PASS`.
+
+**Notification channels:** `ui` (Web UI inbox with unread badge) and/or `telegram` (proactive push message).
+
 ### 📊 Usage Analytics
 Track your token usage across different providers and models directly from the Web UI. View detailed breakdowns of input/output tokens and message counts to monitor costs and activity.
 
@@ -920,6 +945,106 @@ Restart the Morpheus agent.
     }
     ```
 
+### Webhook Endpoints
+
+All management endpoints require `x-architect-pass` authentication. The trigger endpoint is **public** — authenticated only by the per-webhook `x-api-key` header.
+
+#### POST `/api/webhooks/trigger/:webhook_name`
+Trigger a webhook and queue an Oracle agent execution in the background.
+
+*   **Authentication:** `x-api-key: <webhook_api_key>` header (no `x-architect-pass` required).
+*   **Parameters:** `webhook_name` — the slug of the webhook to trigger.
+*   **Body:** Any JSON payload (forwarded to the agent as context).
+*   **Response (202 Accepted):**
+    ```json
+    {
+      "accepted": true,
+      "notification_id": "uuid-..."
+    }
+    ```
+*   **Errors:** `401` for missing/invalid api_key; `404` for webhook not found or disabled.
+
+#### GET `/api/webhooks`
+List all configured webhooks.
+
+*   **Authentication:** `x-architect-pass` header.
+*   **Response:**
+    ```json
+    [
+      {
+        "id": "uuid",
+        "name": "deploy-done",
+        "api_key": "uuid",
+        "prompt": "Analyze the deployment result...",
+        "enabled": true,
+        "notification_channels": ["ui", "telegram"],
+        "created_at": 1700000000000,
+        "last_triggered_at": 1700001000000,
+        "trigger_count": 42
+      }
+    ]
+    ```
+
+#### POST `/api/webhooks`
+Create a new webhook.
+
+*   **Authentication:** `x-architect-pass` header.
+*   **Body:**
+    ```json
+    {
+      "name": "deploy-done",
+      "prompt": "A deployment just finished. Analyze the payload and summarize what happened.",
+      "notification_channels": ["ui", "telegram"],
+      "enabled": true
+    }
+    ```
+*   **Response (201):** The created webhook object including the generated `api_key`.
+
+#### PUT `/api/webhooks/:id`
+Update an existing webhook (prompt, channels, enabled status).
+
+*   **Authentication:** `x-architect-pass` header.
+*   **Note:** The `name` (slug) and `api_key` fields are immutable via this endpoint.
+
+#### DELETE `/api/webhooks/:id`
+Delete a webhook and all its associated notifications.
+
+*   **Authentication:** `x-architect-pass` header.
+
+#### GET `/api/webhooks/notifications`
+List webhook execution notifications.
+
+*   **Authentication:** `x-architect-pass` header.
+*   **Query Parameters:** `unreadOnly=true` to filter unread notifications.
+*   **Response:**
+    ```json
+    [
+      {
+        "id": "uuid",
+        "webhook_id": "uuid",
+        "webhook_name": "deploy-done",
+        "status": "completed",
+        "payload": "{\"ref\":\"main\"}",
+        "result": "Deployment of main to production succeeded...",
+        "read": false,
+        "created_at": 1700001000000,
+        "completed_at": 1700001005000
+      }
+    ]
+    ```
+
+#### POST `/api/webhooks/notifications/read`
+Mark notifications as read.
+
+*   **Authentication:** `x-architect-pass` header.
+*   **Body:** `{ "ids": ["uuid1", "uuid2"] }`
+
+#### GET `/api/webhooks/notifications/unread-count`
+Get the count of unread notifications (used by the sidebar badge).
+
+*   **Authentication:** `x-architect-pass` header.
+*   **Response:** `{ "count": 3 }`
+
 ## Testing
 
 We use **Vitest** for testing.
@@ -957,8 +1082,10 @@ npm run test:watch
 
 - [x] **Web Dashboard**: Local UI for management and logs.
 - [x] **MCP Support**: Full integration with Model Context Protocol.
+- [x] **Webhook System**: External triggers with Oracle execution and multi-channel notifications.
 - [ ] **Discord Adapter**: Support for Discord interactions.
 - [ ] **Plugin System**: Extend functionality via external modules.
+- [ ] **Webhook Retry Logic**: Exponential backoff for failed Oracle executions.
 
 ## 🕵️ Privacy Protection
 

package/dist/channels/telegram.js

@@ -356,6 +356,29 @@ export class TelegramAdapter {
         await fs.writeFile(filePath, buffer);
         return filePath;
     }
+    /**
+     * Sends a proactive message to all allowed Telegram users.
+     * Used by the webhook notification system to push results.
+     */
+    async sendMessage(text) {
+        if (!this.isConnected || !this.bot) {
+            this.display.log('Cannot send message: Telegram bot not connected.', { source: 'Telegram', level: 'warning' });
+            return;
+        }
+        const allowedUsers = this.config.get().channels.telegram.allowedUsers;
+        if (allowedUsers.length === 0) {
+            this.display.log('No allowed Telegram users configured — skipping notification.', { source: 'Telegram', level: 'warning' });
+            return;
+        }
+        for (const userId of allowedUsers) {
+            try {
+                await this.bot.telegram.sendMessage(userId, text, { parse_mode: 'Markdown' });
+            }
+            catch (err) {
+                this.display.log(`Failed to send message to Telegram user ${userId}: ${err.message}`, { source: 'Telegram', level: 'error' });
+            }
+        }
+    }
     async disconnect() {
         if (!this.isConnected || !this.bot) {
             return;
@@ -522,44 +545,83 @@ How can I assist you today?`;
         }
     }
     async handleDoctorCommand(ctx, user) {
-        // Implementação simplificada do diagnóstico
         const config = this.config.get();
         let response = '*Morpheus Doctor*\n\n';
         // Verificar versão do Node.js
         const nodeVersion = process.version;
         const majorVersion = parseInt(nodeVersion.replace('v', '').split('.')[0], 10);
         if (majorVersion >= 18) {
-            response += '✅ Node.js Version: ' + nodeVersion + ' (Satisfied)\n';
+            response += '✅ Node.js: ' + nodeVersion + '\n';
         }
         else {
-            response += '❌ Node.js Version: ' + nodeVersion + ' (Required: >=18)\n';
+            response += '❌ Node.js: ' + nodeVersion + ' (Required: >=18)\n';
         }
-        // Verificar configuração
         if (config) {
             response += '✅ Configuration: Valid\n';
-            // Verificar se há chave de API disponível para o provedor ativo
+            // Helper para verificar API key de um provider
+            const hasApiKey = (provider, apiKey) => {
+                if (apiKey)
+                    return true;
+                if (provider === 'openai')
+                    return !!process.env.OPENAI_API_KEY;
+                if (provider === 'anthropic')
+                    return !!process.env.ANTHROPIC_API_KEY;
+                if (provider === 'gemini' || provider === 'google')
+                    return !!process.env.GOOGLE_API_KEY;
+                if (provider === 'openrouter')
+                    return !!process.env.OPENROUTER_API_KEY;
+                return false; // ollama and others don't need keys
+            };
+            // Oracle (LLM)
             const llmProvider = config.llm?.provider;
             if (llmProvider && llmProvider !== 'ollama') {
-                const hasLlmApiKey = config.llm?.api_key ||
-                    (llmProvider === 'openai' && process.env.OPENAI_API_KEY) ||
-                    (llmProvider === 'anthropic' && process.env.ANTHROPIC_API_KEY) ||
-                    (llmProvider === 'gemini' && process.env.GOOGLE_API_KEY) ||
-                    (llmProvider === 'openrouter' && process.env.OPENROUTER_API_KEY);
-                if (hasLlmApiKey) {
-                    response += `✅ LLM API key available for ${llmProvider}\n`;
+                if (hasApiKey(llmProvider, config.llm?.api_key)) {
+                    response += `✅ Oracle API key (${llmProvider})\n`;
+                }
+                else {
+                    response += `❌ Oracle API key missing (${llmProvider})\n`;
+                }
+            }
+            // Sati
+            const sati = config.sati;
+            const satiProvider = sati?.provider || llmProvider;
+            if (satiProvider && satiProvider !== 'ollama') {
+                if (hasApiKey(satiProvider, sati?.api_key ?? config.llm?.api_key)) {
+                    response += `✅ Sati API key (${satiProvider})\n`;
+                }
+                else {
+                    response += `❌ Sati API key missing (${satiProvider})\n`;
+                }
+            }
+            // Apoc
+            const apoc = config.apoc;
+            const apocProvider = apoc?.provider || llmProvider;
+            if (apocProvider && apocProvider !== 'ollama') {
+                if (hasApiKey(apocProvider, apoc?.api_key ?? config.llm?.api_key)) {
+                    response += `✅ Apoc API key (${apocProvider})\n`;
                 }
                 else {
-                    response += `❌ LLM API key missing for ${llmProvider}. Either set in config or define environment variable.\n`;
+                    response += `❌ Apoc API key missing (${apocProvider})\n`;
                 }
             }
-            // Verificar token do Telegram se ativado
+            // Telegram token
             if (config.channels?.telegram?.enabled) {
                 const hasTelegramToken = config.channels.telegram?.token || process.env.TELEGRAM_BOT_TOKEN;
                 if (hasTelegramToken) {
-                    response += '✅ Telegram bot token available\n';
+                    response += '✅ Telegram token\n';
+                }
+                else {
+                    response += '❌ Telegram token missing\n';
+                }
+            }
+            // Audio API key
+            if (config.audio?.enabled) {
+                const audioKey = config.audio?.apiKey || process.env.GOOGLE_API_KEY;
+                if (audioKey) {
+                    response += '✅ Audio API key\n';
                 }
                 else {
-                    response += '❌ Telegram bot token missing. Either set in config or define TELEGRAM_BOT_TOKEN environment variable.\n';
+                    response += '❌ Audio API key missing\n';
                 }
             }
         }
@@ -570,29 +632,46 @@ How can I assist you today?`;
     }
     async handleStatsCommand(ctx, user) {
         try {
-            // Criar instância temporária do histórico para obter estatísticas
             const history = new SQLiteChatMessageHistory({
                 sessionId: "default",
-                databasePath: undefined, // Usará o caminho padrão
-                limit: 100, // Limite arbitrário para esta operação
+                databasePath: undefined,
+                limit: 100,
             });
             const stats = await history.getGlobalUsageStats();
             const groupedStats = await history.getUsageStatsByProviderAndModel();
+            // Totals from global stats
+            const totalTokens = stats.totalInputTokens + stats.totalOutputTokens;
+            // Aggregate audio seconds and cost from grouped stats
+            const totalAudioSeconds = groupedStats.reduce((sum, s) => sum + (s.totalAudioSeconds || 0), 0);
+            const totalCost = stats.totalEstimatedCostUsd;
             let response = '*Token Usage Statistics*\n\n';
-            response += `Total Input Tokens: ${stats.totalInputTokens}\n`;
-            response += `Total Output Tokens: ${stats.totalOutputTokens}\n`;
-            response += `Total Tokens: ${stats.totalInputTokens + stats.totalOutputTokens}\n\n`;
+            response += `Input Tokens: ${stats.totalInputTokens.toLocaleString()}\n`;
+            response += `Output Tokens: ${stats.totalOutputTokens.toLocaleString()}\n`;
+            response += `Total Tokens: ${totalTokens.toLocaleString()}\n`;
+            if (totalAudioSeconds > 0) {
+                response += `Audio Processed: ${totalAudioSeconds.toFixed(1)}s\n`;
+            }
+            if (totalCost != null) {
+                response += `Estimated Cost: $${totalCost.toFixed(4)}\n`;
+            }
+            response += '\n';
             if (groupedStats.length > 0) {
-                response += '*Breakdown by Provider and Model:*\n';
+                response += '*By Provider/Model:*\n';
                 for (const stat of groupedStats) {
-                    response += `- ${stat.provider}/${stat.model}:\n ${stat.totalTokens} tokens\n(${stat.messageCount} messages)\n\n`;
+                    response += `\n*${stat.provider}/${stat.model}*\n`;
+                    response += `  Tokens: ${stat.totalTokens.toLocaleString()} (${stat.messageCount} msgs)\n`;
+                    if (stat.totalAudioSeconds > 0) {
+                        response += `  Audio: ${stat.totalAudioSeconds.toFixed(1)}s\n`;
+                    }
+                    if (stat.estimatedCostUsd != null) {
+                        response += `  Cost: $${stat.estimatedCostUsd.toFixed(4)}\n`;
+                    }
                 }
             }
             else {
                 response += 'No detailed usage statistics available.';
             }
             await ctx.reply(response, { parse_mode: 'Markdown' });
-            // Fechar conexão com o banco de dados
             history.close();
         }
         catch (error) {
@@ -632,11 +711,39 @@ How can I assist you today?`;
         response += `*Agent:*\n`;
         response += `- Name: ${config.agent.name}\n`;
         response += `- Personality: ${config.agent.personality}\n\n`;
-        response += `*LLM:*\n`;
+        response += `*Oracle (LLM):*\n`;
         response += `- Provider: ${config.llm.provider}\n`;
         response += `- Model: ${config.llm.model}\n`;
         response += `- Temperature: ${config.llm.temperature}\n`;
         response += `- Context Window: ${config.llm.context_window || 100}\n\n`;
+        // Sati config (falls back to llm if not set)
+        const sati = config.sati;
+        response += `*Sati (Memory):*\n`;
+        if (sati?.provider) {
+            response += `- Provider: ${sati.provider}\n`;
+            response += `- Model: ${sati.model || config.llm.model}\n`;
+            response += `- Temperature: ${sati.temperature ?? config.llm.temperature}\n`;
+            response += `- Memory Limit: ${sati.memory_limit ?? 1000}\n`;
+        }
+        else {
+            response += `- Inherits Oracle config\n`;
+        }
+        response += '\n';
+        // Apoc config (falls back to llm if not set)
+        const apoc = config.apoc;
+        response += `*Apoc (DevTools):*\n`;
+        if (apoc?.provider) {
+            response += `- Provider: ${apoc.provider}\n`;
+            response += `- Model: ${apoc.model || config.llm.model}\n`;
+            response += `- Temperature: ${apoc.temperature ?? 0.2}\n`;
+            if (apoc.working_dir)
+                response += `- Working Dir: ${apoc.working_dir}\n`;
+            response += `- Timeout: ${apoc.timeout_ms ?? 30000}ms\n`;
+        }
+        else {
+            response += `- Inherits Oracle config\n`;
+        }
+        response += '\n';
         response += `*Channels:*\n`;
         response += `- Telegram Enabled: ${config.channels.telegram.enabled}\n`;
         response += `- Discord Enabled: ${config.channels.discord.enabled}\n\n`;

package/dist/cli/commands/start.js

@@ -8,6 +8,7 @@ import { writePid, readPid, isProcessRunning, clearPid, checkStalePid, killProce
 import { ConfigManager } from '../../config/manager.js';
 import { renderBanner } from '../utils/render.js';
 import { TelegramAdapter } from '../../channels/telegram.js';
+import { WebhookDispatcher } from '../../runtime/webhooks/dispatcher.js';
 import { PATHS } from '../../config/paths.js';
 import { Oracle } from '../../runtime/oracle.js';
 import { ProviderError } from '../../runtime/errors.js';
@@ -136,6 +137,8 @@ export const startCommand = new Command('start')
                 const telegram = new TelegramAdapter(oracle);
                 try {
                     await telegram.connect(config.channels.telegram.token, config.channels.telegram.allowedUsers || []);
+                    // Wire Telegram adapter to webhook dispatcher for proactive notifications
+                    WebhookDispatcher.setTelegramAdapter(telegram);
                     adapters.push(telegram);
                 }
                 catch (e) {

package/dist/config/schemas.js

@@ -26,6 +26,9 @@ export const ApocConfigSchema = LLMConfigSchema.extend({
     working_dir: z.string().optional(),
     timeout_ms: z.number().int().positive().optional(),
 });
+export const WebhookConfigSchema = z.object({
+    telegram_notify_all: z.boolean().optional(),
+}).optional();
 // Zod Schema matching MorpheusConfig interface
 export const ConfigSchema = z.object({
     agent: z.object({
@@ -35,6 +38,7 @@ export const ConfigSchema = z.object({
     llm: LLMConfigSchema.default(DEFAULT_CONFIG.llm),
     sati: SatiConfigSchema.optional(),
     apoc: ApocConfigSchema.optional(),
+    webhooks: WebhookConfigSchema,
     audio: AudioConfigSchema.default(DEFAULT_CONFIG.audio),
     memory: z.object({
         limit: z.number().int().positive().optional(),

package/dist/http/middleware/auth.js

@@ -10,7 +10,7 @@ export const authMiddleware = (req, res, next) => {
     // If password is not configured (using default), log a warning
     if (!process.env.THE_ARCHITECT_PASS) {
         const display = DisplayManager.getInstance();
-        display.log('Using default password for dashboard access. For security, set THE_ARCHITECT_PASS environment variable.', { source: 'http', level: 'warning' });
+        // display.log('Using default password for dashboard access. For security, set THE_ARCHITECT_PASS environment variable.', { source: 'http', level: 'warning' });
     }
     const providedPass = req.headers[AUTH_HEADER];
     if (providedPass === architectPass) {

package/dist/http/server.js

@@ -6,7 +6,9 @@ import { fileURLToPath } from 'url';
 import { ConfigManager } from '../config/manager.js';
 import { DisplayManager } from '../runtime/display.js';
 import { createApiRouter } from './api.js';
+import { createWebhooksRouter } from './webhooks-router.js';
 import { authMiddleware } from './middleware/auth.js';
+import { WebhookDispatcher } from '../runtime/webhooks/dispatcher.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 export class HttpServer {
@@ -16,6 +18,8 @@ export class HttpServer {
     constructor(oracle) {
         this.app = express();
         this.oracle = oracle;
+        // Wire Oracle into the webhook dispatcher so triggers use the full agent
+        WebhookDispatcher.setOracle(oracle);
         this.setupMiddleware();
         this.setupRoutes();
     }
@@ -45,6 +49,10 @@ export class HttpServer {
                 uptime: process.uptime()
             });
         });
+        // Webhooks router — mounted BEFORE the auth-guarded /api block.
+        // The trigger endpoint is public (validated via x-api-key header internally).
+        // All other webhook management endpoints apply authMiddleware internally.
+        this.app.use('/api/webhooks', createWebhooksRouter());
         this.app.use('/api', authMiddleware, createApiRouter(this.oracle));
         // Serve static frontend from compiled output
         const uiPath = path.resolve(__dirname, '../ui');

package/dist/http/webhooks-router.js

@@ -0,0 +1,181 @@
+import { Router } from 'express';
+import { z } from 'zod';
+import { WebhookRepository } from '../runtime/webhooks/repository.js';
+import { WebhookDispatcher } from '../runtime/webhooks/dispatcher.js';
+import { authMiddleware } from './middleware/auth.js';
+import { DisplayManager } from '../runtime/display.js';
+const CreateWebhookSchema = z.object({
+    name: z
+        .string()
+        .min(1)
+        .max(100)
+        .regex(/^[a-z0-9-_]+$/, 'Name must be a slug: lowercase letters, numbers, hyphens, underscores only'),
+    prompt: z.string().min(1).max(10_000),
+    notification_channels: z.array(z.enum(['ui', 'telegram'])).min(1).default(['ui']),
+});
+const UpdateWebhookSchema = z.object({
+    name: z
+        .string()
+        .min(1)
+        .max(100)
+        .regex(/^[a-z0-9-_]+$/, 'Name must be a slug')
+        .optional(),
+    prompt: z.string().min(1).max(10_000).optional(),
+    enabled: z.boolean().optional(),
+    notification_channels: z.array(z.enum(['ui', 'telegram'])).min(1).optional(),
+});
+const MarkReadSchema = z.object({
+    ids: z.array(z.string().uuid()).min(1),
+});
+export function createWebhooksRouter() {
+    const router = Router();
+    const repo = WebhookRepository.getInstance();
+    const display = DisplayManager.getInstance();
+    const dispatcher = new WebhookDispatcher();
+    // ─────────────────────────────────────────────────────────────────────────────
+    // PUBLIC TRIGGER ENDPOINT — no authMiddleware, api_key validated via header
+    // Must be declared BEFORE router.use(authMiddleware) below
+    // ─────────────────────────────────────────────────────────────────────────────
+    router.post('/trigger/:webhook_name', async (req, res) => {
+        const { webhook_name } = req.params;
+        const apiKey = req.headers['x-api-key'];
+        if (!apiKey || typeof apiKey !== 'string') {
+            return res.status(401).json({ error: 'Missing x-api-key header' });
+        }
+        const webhook = repo.getAndValidateWebhook(webhook_name, apiKey);
+        if (!webhook) {
+            // Intentionally ambiguous — don't reveal whether the name exists or is disabled
+            return res.status(401).json({ error: 'Invalid webhook name or api key' });
+        }
+        const payload = req.body ?? {};
+        // Create pending notification immediately
+        const notification = repo.createNotification({
+            webhook_id: webhook.id,
+            webhook_name: webhook.name,
+            payload: JSON.stringify(payload),
+        });
+        // Increment trigger counter
+        repo.recordTrigger(webhook.id);
+        display.log(`Webhook "${webhook.name}" triggered (notification: ${notification.id})`, { source: 'Webhooks' });
+        // Fire-and-forget — respond immediately with 202
+        setImmediate(() => {
+            dispatcher.dispatch(webhook, payload, notification.id).catch((err) => {
+                display.log(`Unhandled webhook dispatch error for "${webhook.name}": ${err.message}`, { source: 'Webhooks', level: 'error' });
+            });
+        });
+        return res.status(202).json({
+            accepted: true,
+            notification_id: notification.id,
+        });
+    });
+    // ─────────────────────────────────────────────────────────────────────────────
+    // NOTIFICATION ENDPOINTS — declared before /:id to prevent route conflict
+    // (still public here, authMiddleware applied below protects management routes)
+    // ─────────────────────────────────────────────────────────────────────────────
+    router.get('/notifications', authMiddleware, (req, res) => {
+        try {
+            const { webhookId, unreadOnly } = req.query;
+            const notifications = repo.listNotifications({
+                webhookId: typeof webhookId === 'string' ? webhookId : undefined,
+                unreadOnly: unreadOnly === 'true',
+            });
+            res.json(notifications);
+        }
+        catch (err) {
+            res.status(500).json({ error: err.message });
+        }
+    });
+    router.post('/notifications/read', authMiddleware, (req, res) => {
+        const parsed = MarkReadSchema.safeParse(req.body);
+        if (!parsed.success) {
+            return res.status(400).json({ error: 'Invalid payload', details: parsed.error.issues });
+        }
+        try {
+            repo.markNotificationsRead(parsed.data.ids);
+            res.json({ success: true });
+        }
+        catch (err) {
+            res.status(500).json({ error: err.message });
+        }
+    });
+    router.get('/notifications/unread-count', authMiddleware, (req, res) => {
+        try {
+            const count = repo.countUnread();
+            res.json({ count });
+        }
+        catch (err) {
+            res.status(500).json({ error: err.message });
+        }
+    });
+    // ─────────────────────────────────────────────────────────────────────────────
+    // WEBHOOK MANAGEMENT ENDPOINTS — all require authMiddleware
+    // ─────────────────────────────────────────────────────────────────────────────
+    router.use(authMiddleware);
+    // GET /api/webhooks — list all webhooks
+    router.get('/', (req, res) => {
+        try {
+            const webhooks = repo.listWebhooks();
+            res.json(webhooks);
+        }
+        catch (err) {
+            res.status(500).json({ error: err.message });
+        }
+    });
+    // POST /api/webhooks — create a webhook
+    router.post('/', (req, res) => {
+        const parsed = CreateWebhookSchema.safeParse(req.body);
+        if (!parsed.success) {
+            return res.status(400).json({ error: 'Invalid payload', details: parsed.error.issues });
+        }
+        try {
+            const webhook = repo.createWebhook(parsed.data);
+            res.status(201).json(webhook);
+        }
+        catch (err) {
+            // SQLite UNIQUE constraint error
+            if (err.message?.includes('UNIQUE constraint failed: webhooks.name')) {
+                return res.status(409).json({ error: `A webhook with name "${parsed.data.name}" already exists` });
+            }
+            res.status(500).json({ error: err.message });
+        }
+    });
+    // GET /api/webhooks/:id — get one webhook
+    router.get('/:id', (req, res) => {
+        const webhook = repo.getWebhookById(req.params.id);
+        if (!webhook)
+            return res.status(404).json({ error: 'Webhook not found' });
+        res.json(webhook);
+    });
+    // PUT /api/webhooks/:id — update a webhook
+    router.put('/:id', (req, res) => {
+        const parsed = UpdateWebhookSchema.safeParse(req.body);
+        if (!parsed.success) {
+            return res.status(400).json({ error: 'Invalid payload', details: parsed.error.issues });
+        }
+        try {
+            const updated = repo.updateWebhook(req.params.id, parsed.data);
+            if (!updated)
+                return res.status(404).json({ error: 'Webhook not found' });
+            res.json(updated);
+        }
+        catch (err) {
+            if (err.message?.includes('UNIQUE constraint failed: webhooks.name')) {
+                return res.status(409).json({ error: `A webhook with that name already exists` });
+            }
+            res.status(500).json({ error: err.message });
+        }
+    });
+    // DELETE /api/webhooks/:id — delete a webhook
+    router.delete('/:id', (req, res) => {
+        try {
+            const deleted = repo.deleteWebhook(req.params.id);
+            if (!deleted)
+                return res.status(404).json({ error: 'Webhook not found' });
+            res.json({ success: true });
+        }
+        catch (err) {
+            res.status(500).json({ error: err.message });
+        }
+    });
+    return router;
+}