teleton 0.8.0 → 0.8.2

package/dist/{server-H3QA252W.js → chunk-XBSCYMKM.js}

@@ -1,50 +1,51 @@
 import {
   getModelsForProvider
-} from "./chunk-OJCLKU5Z.js";
+} from "./chunk-WFTC3JJW.js";
 import {
   CONFIGURABLE_KEYS,
+  TonProxyManager,
   WorkspaceSecurityError,
   adaptPlugin,
   clearPromptCache,
   deleteNestedValue,
   deletePluginSecret,
   ensurePluginDeps,
+  getBlocklistConfig,
   getNestedValue,
+  getPluginPriorities,
   getTokenUsage,
+  getTonProxyManager,
+  getTriggersConfig,
   listPluginSecretKeys,
   readRawConfig,
+  resetPluginPriority,
+  setBlocklistConfig,
   setNestedValue,
+  setPluginPriority,
+  setTonProxyManager,
+  setTriggersConfig,
   validateDirectory,
   validatePath,
   validateReadPath,
   validateWritePath,
   writePluginSecret,
   writeRawConfig
-} from "./chunk-RQBAMUCV.js";
+} from "./chunk-GGXJLMOH.js";
 import {
   invalidateEndpointCache,
   invalidateTonClientCache,
   setToncenterApiKey
-} from "./chunk-JHYZYFZJ.js";
-import "./chunk-TVRZJIZX.js";
-import "./chunk-7TECSLJ4.js";
+} from "./chunk-7YKSXOQQ.js";
 import {
   getErrorMessage
-} from "./chunk-XBE4JB7C.js";
-import "./chunk-QVBSUYVX.js";
+} from "./chunk-3UFPFWYP.js";
 import {
   getProviderMetadata,
   validateApiKeyFormat
-} from "./chunk-PHSAHTK4.js";
-import "./chunk-P36I6OIV.js";
-import "./chunk-SD4NLLYG.js";
-import "./chunk-U56QTM46.js";
+} from "./chunk-YOSUPUAJ.js";
 import {
   setTonapiKey
 } from "./chunk-VFA7QMCZ.js";
-import "./chunk-IJBWWQE4.js";
-import "./chunk-XQUHC3JZ.js";
-import "./chunk-R4YSJ4EY.js";
 import {
   WORKSPACE_PATHS,
   WORKSPACE_ROOT
@@ -53,41 +54,10 @@ import {
   addLogListener,
   clearLogListeners,
   createLogger
-} from "./chunk-RCMD3U65.js";
+} from "./chunk-NQ6FZKCE.js";
 import {
   getTaskStore
-} from "./chunk-NUGDTPE4.js";
-import "./chunk-3RG5ZIWI.js";
-
-// src/webui/server.ts
-import { Hono as Hono12 } from "hono";
-import { serve } from "@hono/node-server";
-import { cors } from "hono/cors";
-import { streamSSE as streamSSE2 } from "hono/streaming";
-import { bodyLimit } from "hono/body-limit";
-import { setCookie, getCookie, deleteCookie } from "hono/cookie";
-import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
-import { join as join4, dirname, resolve as resolve2, relative as relative2 } from "path";
-import { fileURLToPath } from "url";
-
-// src/webui/middleware/auth.ts
-import { randomBytes, timingSafeEqual } from "crypto";
-var COOKIE_NAME = "teleton_session";
-var COOKIE_MAX_AGE = 7 * 24 * 60 * 60;
-function generateToken() {
-  return randomBytes(32).toString("base64url");
-}
-function maskToken(token) {
-  if (token.length < 12) return "****";
-  return `${token.slice(0, 4)}...${token.slice(-4)}`;
-}
-function safeCompare(a, b) {
-  if (!a || !b) return false;
-  const bufA = Buffer.from(a);
-  const bufB = Buffer.from(b);
-  if (bufA.length !== bufB.length) return false;
-  return timingSafeEqual(bufA, bufB);
-}
+} from "./chunk-4L66JHQE.js";
 
 // src/webui/log-interceptor.ts
 var LogInterceptor = class {
@@ -413,15 +383,14 @@ function createLogsRoutes(_deps) {
   const app = new Hono3();
   app.get("/stream", (c) => {
     return streamSSE(c, async (stream) => {
-      let cleanup;
       let aborted = false;
       stream.onAbort(() => {
         aborted = true;
         if (cleanup) cleanup();
       });
-      cleanup = logInterceptor.addListener((entry) => {
+      const cleanup = logInterceptor.addListener((entry) => {
         if (!aborted) {
-          stream.writeSSE({
+          void stream.writeSSE({
             data: JSON.stringify(entry),
             event: "log"
           });
@@ -435,9 +404,9 @@ function createLogsRoutes(_deps) {
         }),
         event: "log"
       });
-      await new Promise((resolve3) => {
-        if (aborted) return resolve3();
-        stream.onAbort(() => resolve3());
+      await new Promise((resolve2) => {
+        if (aborted) return resolve2();
+        stream.onAbort(() => resolve2());
       });
       if (cleanup) cleanup();
     });
@@ -717,6 +686,52 @@ function createPluginsRoutes(deps) {
     const data = deps.marketplace ? deps.marketplace.modules.filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" })) : deps.plugins;
     return c.json({ success: true, data });
   });
+  app.get("/priorities", (c) => {
+    try {
+      const priorities = getPluginPriorities(deps.memory.db);
+      const data = {};
+      for (const [name, priority] of priorities) {
+        data[name] = priority;
+      }
+      return c.json({ success: true, data });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  app.post("/priorities", async (c) => {
+    try {
+      const body = await c.req.json();
+      const { pluginName, priority } = body;
+      if (!pluginName || typeof pluginName !== "string") {
+        return c.json({ success: false, error: "pluginName is required" }, 400);
+      }
+      if (typeof priority !== "number" || !Number.isInteger(priority)) {
+        return c.json({ success: false, error: "priority must be an integer" }, 400);
+      }
+      if (priority < -1e3 || priority > 1e3) {
+        return c.json(
+          { success: false, error: "priority must be between -1000 and 1000" },
+          400
+        );
+      }
+      setPluginPriority(deps.memory.db, pluginName, priority);
+      return c.json({
+        success: true,
+        data: { pluginName, priority }
+      });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  app.delete("/priorities/:name", (c) => {
+    try {
+      const name = c.req.param("name");
+      resetPluginPriority(deps.memory.db, name);
+      return c.json({ success: true, data: null });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
   return app;
 }
 
@@ -782,7 +797,7 @@ function createMcpRoutes(deps) {
         entry.url = body.url;
       } else {
         entry.command = "npx";
-        entry.args = ["-y", body.package, ...body.args || []];
+        entry.args = ["-y", body.package ?? "", ...body.args || []];
       }
       if (body.scope && body.scope !== "always") entry.scope = body.scope;
       if (body.env && Object.keys(body.env).length > 0) entry.env = body.env;
@@ -833,7 +848,7 @@ function createMcpRoutes(deps) {
   return app;
 }
 function deriveServerName(pkg) {
-  const unscoped = pkg.includes("/") ? pkg.split("/").pop() : pkg;
+  const unscoped = pkg.includes("/") ? pkg.split("/").pop() ?? pkg : pkg;
   return unscoped.replace(/^server-/, "").replace(/^mcp-server-/, "").replace(/^mcp-/, "");
 }
 
@@ -850,6 +865,8 @@ import {
   existsSync
 } from "fs";
 import { join as join2, relative } from "path";
+var MAX_SCAN_DEPTH = 10;
+var MAX_SCAN_ENTRIES = 5e3;
 function errorResponse(c, error, status = 500) {
   const message = getErrorMessage(error);
   const code = error instanceof WorkspaceSecurityError ? 403 : status;
@@ -866,35 +883,46 @@ var IMAGE_MIME_TYPES = {
   ".bmp": "image/bmp",
   ".ico": "image/x-icon"
 };
-function getWorkspaceStats(dir) {
-  let files = 0;
-  let size = 0;
-  if (!existsSync(dir)) return { files, size };
+function getWorkspaceStats(dir, depth = 0, state = { files: 0, size: 0, truncated: false }) {
+  if (!existsSync(dir)) return state;
+  if (depth >= MAX_SCAN_DEPTH || state.files >= MAX_SCAN_ENTRIES) {
+    state.truncated = true;
+    return state;
+  }
   for (const entry of readdirSync(dir, { withFileTypes: true })) {
+    if (state.files >= MAX_SCAN_ENTRIES) {
+      state.truncated = true;
+      return state;
+    }
     const fullPath = join2(dir, entry.name);
     if (entry.isDirectory()) {
-      const sub = getWorkspaceStats(fullPath);
-      files += sub.files;
-      size += sub.size;
+      getWorkspaceStats(fullPath, depth + 1, state);
     } else if (entry.isFile()) {
-      files++;
+      state.files++;
       try {
-        size += statSync(fullPath).size;
+        state.size += statSync(fullPath).size;
       } catch {
       }
     }
   }
-  return { files, size };
+  return state;
 }
-function listDir(absPath, recursive) {
-  if (!existsSync(absPath)) return [];
-  const entries = [];
+function listDir(absPath, recursive, depth = 0, state = { entries: [], truncated: false }) {
+  if (!existsSync(absPath)) return state;
+  if (depth >= MAX_SCAN_DEPTH || state.entries.length >= MAX_SCAN_ENTRIES) {
+    state.truncated = true;
+    return state;
+  }
   for (const entry of readdirSync(absPath, { withFileTypes: true })) {
+    if (state.entries.length >= MAX_SCAN_ENTRIES) {
+      state.truncated = true;
+      return state;
+    }
     const fullPath = join2(absPath, entry.name);
     const relPath = relative(WORKSPACE_ROOT, fullPath);
     try {
       const stats = statSync(fullPath);
-      entries.push({
+      state.entries.push({
         name: entry.name,
         path: relPath,
         isDirectory: entry.isDirectory(),
@@ -902,12 +930,12 @@ function listDir(absPath, recursive) {
         mtime: stats.mtime.toISOString()
       });
       if (recursive && entry.isDirectory()) {
-        entries.push(...listDir(fullPath, true));
+        listDir(fullPath, true, depth + 1, state);
       }
     } catch {
     }
   }
-  return entries;
+  return state;
 }
 function createWorkspaceRoutes(_deps) {
   const app = new Hono8();
@@ -927,12 +955,18 @@ function createWorkspaceRoutes(_deps) {
         const response2 = { success: true, data: [] };
         return c.json(response2);
       }
-      const entries = listDir(validated.absolutePath, recursive);
-      entries.sort((a, b) => {
+      const result = listDir(validated.absolutePath, recursive);
+      result.entries.sort((a, b) => {
         if (a.isDirectory !== b.isDirectory) return a.isDirectory ? -1 : 1;
         return a.name.localeCompare(b.name);
       });
-      const response = { success: true, data: entries };
+      const response = {
+        success: true,
+        data: {
+          entries: result.entries,
+          ...result.truncated && { truncated: true }
+        }
+      };
       return c.json(response);
     } catch (error) {
       return errorResponse(c, error);
@@ -1101,7 +1135,8 @@ function createWorkspaceRoutes(_deps) {
         data: {
           root: WORKSPACE_ROOT,
           totalFiles: stats.files,
-          totalSize: stats.size
+          totalSize: stats.size,
+          ...stats.truncated && { truncated: true }
         }
       };
       return c.json(response);
@@ -1658,7 +1693,7 @@ var MarketplaceService = class {
       const registry = await this.getRegistry();
       const entry = registry.find((e) => e.id === pluginId);
       if (!entry) throw new Error(`Plugin "${pluginId}" not found in registry`);
-      const manifest = await this.fetchRemoteManifest(entry);
+      const _manifest = await this.fetchRemoteManifest(entry);
       mkdirSync2(pluginDir, { recursive: true });
       await this.downloadDir(entry.path, pluginDir);
       await ensurePluginDeps(pluginDir, pluginId);
@@ -1834,7 +1869,7 @@ function createMarketplaceRoutes(deps) {
       const result = await svc.installPlugin(body.id);
       deps.plugins.length = 0;
       deps.plugins.push(
-        ...deps.marketplace.modules.filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" }))
+        ...(deps.marketplace?.modules ?? []).filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" }))
       );
       return c.json({ success: true, data: result });
     } catch (err) {
@@ -1858,7 +1893,7 @@ function createMarketplaceRoutes(deps) {
       const result = await svc.uninstallPlugin(body.id);
       deps.plugins.length = 0;
       deps.plugins.push(
-        ...deps.marketplace.modules.filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" }))
+        ...(deps.marketplace?.modules ?? []).filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" }))
       );
       return c.json({ success: true, data: result });
     } catch (err) {
@@ -1882,7 +1917,7 @@ function createMarketplaceRoutes(deps) {
       const result = await svc.updatePlugin(body.id);
       deps.plugins.length = 0;
       deps.plugins.push(
-        ...deps.marketplace.modules.filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" }))
+        ...(deps.marketplace?.modules ?? []).filter((m) => deps.toolRegistry.isPluginModule(m.name)).map((m) => ({ name: m.name, version: m.version ?? "0.0.0" }))
       );
       return c.json({ success: true, data: result });
     } catch (err) {
@@ -1972,322 +2007,282 @@ function createMarketplaceRoutes(deps) {
   return app;
 }
 
-// src/webui/server.ts
-var log2 = createLogger("WebUI");
-function findWebDist() {
-  const candidates = [
-    resolve2("dist/web"),
-    // npm start / teleton start (from project root)
-    resolve2("web")
-    // fallback
-  ];
-  const __dirname = dirname(fileURLToPath(import.meta.url));
-  candidates.push(
-    resolve2(__dirname, "web"),
-    // dist/web when __dirname = dist/
-    resolve2(__dirname, "../dist/web")
-    // when running with tsx from src/
-  );
-  for (const candidate of candidates) {
-    if (existsSync3(join4(candidate, "index.html"))) {
-      return candidate;
+// src/webui/routes/hooks.ts
+import { Hono as Hono12 } from "hono";
+import { randomUUID } from "crypto";
+function createHooksRoutes(deps) {
+  const app = new Hono12();
+  app.get("/blocklist", (c) => {
+    try {
+      const data = getBlocklistConfig(deps.memory.db);
+      return c.json({ success: true, data });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
     }
-  }
-  return null;
-}
-var WebUIServer = class {
-  app;
-  server = null;
-  deps;
-  authToken;
-  constructor(deps) {
-    this.deps = deps;
-    this.app = new Hono12();
-    this.authToken = deps.config.auth_token || generateToken();
-    this.setupMiddleware();
-    this.setupRoutes();
-  }
-  /** Set an HttpOnly session cookie */
-  setSessionCookie(c) {
-    setCookie(c, COOKIE_NAME, this.authToken, {
-      path: "/",
-      httpOnly: true,
-      sameSite: "Strict",
-      secure: false,
-      // localhost is HTTP
-      maxAge: COOKIE_MAX_AGE
-    });
-  }
-  setupMiddleware() {
-    this.app.use(
-      "*",
-      cors({
-        origin: this.deps.config.cors_origins,
-        credentials: true,
-        allowMethods: ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"],
-        allowHeaders: ["Content-Type", "Authorization"],
-        maxAge: 3600
-      })
-    );
-    if (this.deps.config.log_requests) {
-      this.app.use("*", async (c, next) => {
-        const start = Date.now();
-        await next();
-        const duration = Date.now() - start;
-        log2.info(`${c.req.method} ${c.req.path} \u2192 ${c.res.status} (${duration}ms)`);
-      });
+  });
+  app.put("/blocklist", async (c) => {
+    try {
+      const body = await c.req.json();
+      if (typeof body.enabled !== "boolean") {
+        return c.json({ success: false, error: "enabled must be a boolean" }, 400);
+      }
+      if (!Array.isArray(body.keywords)) {
+        return c.json({ success: false, error: "keywords must be an array" }, 400);
+      }
+      if (body.keywords.length > 200) {
+        return c.json({ success: false, error: "Maximum 200 keywords" }, 400);
+      }
+      const keywords = body.keywords.map((k) => typeof k === "string" ? k.trim() : "").filter((k) => k.length >= 2);
+      const message = typeof body.message === "string" ? body.message.slice(0, 500) : "";
+      const config = {
+        enabled: body.enabled,
+        keywords,
+        message
+      };
+      setBlocklistConfig(deps.memory.db, config);
+      deps.userHookEvaluator?.reload();
+      return c.json({ success: true, data: config });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
     }
-    this.app.use(
-      "*",
-      bodyLimit({
-        maxSize: 2 * 1024 * 1024,
-        // 2MB
-        onError: (c) => c.json({ success: false, error: "Request body too large (max 2MB)" }, 413)
-      })
-    );
-    this.app.use("*", async (c, next) => {
-      await next();
-      c.res.headers.set("X-Content-Type-Options", "nosniff");
-      c.res.headers.set("X-Frame-Options", "DENY");
-      c.res.headers.set("Referrer-Policy", "strict-origin-when-cross-origin");
-    });
-    this.app.use("/api/*", async (c, next) => {
-      const cookieToken = getCookie(c, COOKIE_NAME);
-      if (cookieToken && safeCompare(cookieToken, this.authToken)) {
-        return next();
-      }
-      const authHeader = c.req.header("Authorization");
-      if (authHeader) {
-        const match = authHeader.match(/^Bearer\s+(.+)$/i);
-        if (match && safeCompare(match[1], this.authToken)) {
-          return next();
-        }
+  });
+  app.get("/triggers", (c) => {
+    try {
+      const data = getTriggersConfig(deps.memory.db);
+      return c.json({ success: true, data });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  app.post("/triggers", async (c) => {
+    try {
+      const body = await c.req.json();
+      const keyword = typeof body.keyword === "string" ? body.keyword.trim() : "";
+      const context = typeof body.context === "string" ? body.context.trim() : "";
+      if (keyword.length < 2 || keyword.length > 100) {
+        return c.json(
+          { success: false, error: "keyword must be 2-100 characters" },
+          400
+        );
       }
-      const queryToken = c.req.query("token");
-      if (queryToken && safeCompare(queryToken, this.authToken)) {
-        return next();
+      if (context.length < 1 || context.length > 2e3) {
+        return c.json(
+          { success: false, error: "context must be 1-2000 characters" },
+          400
+        );
       }
-      return c.json({ success: false, error: "Unauthorized" }, 401);
-    });
-  }
-  setupRoutes() {
-    this.app.get("/health", (c) => c.json({ status: "ok" }));
-    this.app.get("/auth/exchange", (c) => {
-      const token = c.req.query("token");
-      if (!token || !safeCompare(token, this.authToken)) {
-        return c.json({ success: false, error: "Invalid token" }, 401);
-      }
-      this.setSessionCookie(c);
-      return c.redirect("/");
-    });
-    this.app.post("/auth/login", async (c) => {
-      try {
-        const body = await c.req.json();
-        if (!body.token || !safeCompare(body.token, this.authToken)) {
-          return c.json({ success: false, error: "Invalid token" }, 401);
+      const triggers = getTriggersConfig(deps.memory.db);
+      if (triggers.length >= 50) {
+        return c.json({ success: false, error: "Maximum 50 triggers" }, 400);
+      }
+      const entry = {
+        id: randomUUID(),
+        keyword,
+        context,
+        enabled: body.enabled !== false
+      };
+      triggers.push(entry);
+      setTriggersConfig(deps.memory.db, triggers);
+      deps.userHookEvaluator?.reload();
+      return c.json({ success: true, data: entry });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  app.put("/triggers/:id", async (c) => {
+    try {
+      const id = c.req.param("id");
+      const body = await c.req.json();
+      const triggers = getTriggersConfig(deps.memory.db);
+      const idx = triggers.findIndex((t) => t.id === id);
+      if (idx === -1) {
+        return c.json({ success: false, error: "Trigger not found" }, 404);
+      }
+      if (typeof body.keyword === "string") {
+        const kw = body.keyword.trim();
+        if (kw.length < 2 || kw.length > 100) {
+          return c.json(
+            { success: false, error: "keyword must be 2-100 characters" },
+            400
+          );
         }
-        this.setSessionCookie(c);
-        return c.json({ success: true });
-      } catch {
-        return c.json({ success: false, error: "Invalid request body" }, 400);
+        triggers[idx].keyword = kw;
       }
-    });
-    this.app.post("/auth/logout", (c) => {
-      deleteCookie(c, COOKIE_NAME, { path: "/" });
-      return c.json({ success: true });
-    });
-    this.app.get("/auth/check", (c) => {
-      const cookieToken = getCookie(c, COOKIE_NAME);
-      const authenticated = !!(cookieToken && safeCompare(cookieToken, this.authToken));
-      return c.json({ success: true, data: { authenticated } });
-    });
-    this.app.route("/api/status", createStatusRoutes(this.deps));
-    this.app.route("/api/tools", createToolsRoutes(this.deps));
-    this.app.route("/api/logs", createLogsRoutes(this.deps));
-    this.app.route("/api/memory", createMemoryRoutes(this.deps));
-    this.app.route("/api/soul", createSoulRoutes(this.deps));
-    this.app.route("/api/plugins", createPluginsRoutes(this.deps));
-    this.app.route("/api/mcp", createMcpRoutes(this.deps));
-    this.app.route("/api/workspace", createWorkspaceRoutes(this.deps));
-    this.app.route("/api/tasks", createTasksRoutes(this.deps));
-    this.app.route("/api/config", createConfigRoutes(this.deps));
-    this.app.route("/api/marketplace", createMarketplaceRoutes(this.deps));
-    this.app.post("/api/agent/start", async (c) => {
-      const lifecycle = this.deps.lifecycle;
-      if (!lifecycle) {
-        return c.json({ error: "Agent lifecycle not available" }, 503);
-      }
-      const state = lifecycle.getState();
-      if (state === "running") {
-        return c.json({ state: "running" }, 409);
-      }
-      if (state === "stopping") {
-        return c.json({ error: "Agent is currently stopping, please wait" }, 409);
-      }
-      lifecycle.start().catch((err) => {
-        log2.error({ err }, "Agent start failed");
-      });
-      return c.json({ state: "starting" });
-    });
-    this.app.post("/api/agent/stop", async (c) => {
-      const lifecycle = this.deps.lifecycle;
-      if (!lifecycle) {
-        return c.json({ error: "Agent lifecycle not available" }, 503);
+      if (typeof body.context === "string") {
+        const ctx = body.context.trim();
+        if (ctx.length < 1 || ctx.length > 2e3) {
+          return c.json(
+            { success: false, error: "context must be 1-2000 characters" },
+            400
+          );
+        }
+        triggers[idx].context = ctx;
       }
-      const state = lifecycle.getState();
-      if (state === "stopped") {
-        return c.json({ state: "stopped" }, 409);
+      if (typeof body.enabled === "boolean") {
+        triggers[idx].enabled = body.enabled;
       }
-      if (state === "starting") {
-        return c.json({ error: "Agent is currently starting, please wait" }, 409);
+      setTriggersConfig(deps.memory.db, triggers);
+      deps.userHookEvaluator?.reload();
+      return c.json({ success: true, data: triggers[idx] });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  app.delete("/triggers/:id", (c) => {
+    try {
+      const id = c.req.param("id");
+      const triggers = getTriggersConfig(deps.memory.db);
+      const filtered = triggers.filter((t) => t.id !== id);
+      setTriggersConfig(deps.memory.db, filtered);
+      deps.userHookEvaluator?.reload();
+      return c.json({ success: true, data: null });
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  app.patch("/triggers/:id/toggle", async (c) => {
+    try {
+      const id = c.req.param("id");
+      const body = await c.req.json();
+      if (typeof body.enabled !== "boolean") {
+        return c.json({ success: false, error: "enabled must be a boolean" }, 400);
       }
-      lifecycle.stop().catch((err) => {
-        log2.error({ err }, "Agent stop failed");
-      });
-      return c.json({ state: "stopping" });
-    });
-    this.app.get("/api/agent/status", (c) => {
-      const lifecycle = this.deps.lifecycle;
-      if (!lifecycle) {
-        return c.json({ error: "Agent lifecycle not available" }, 503);
+      const triggers = getTriggersConfig(deps.memory.db);
+      const trigger = triggers.find((t) => t.id === id);
+      if (!trigger) {
+        return c.json({ success: false, error: "Trigger not found" }, 404);
       }
+      trigger.enabled = body.enabled;
+      setTriggersConfig(deps.memory.db, triggers);
+      deps.userHookEvaluator?.reload();
       return c.json({
-        state: lifecycle.getState(),
-        uptime: lifecycle.getUptime(),
-        error: lifecycle.getError() ?? null
+        success: true,
+        data: { id, enabled: body.enabled }
       });
-    });
-    this.app.get("/api/agent/events", (c) => {
-      const lifecycle = this.deps.lifecycle;
-      if (!lifecycle) {
-        return c.json({ error: "Agent lifecycle not available" }, 503);
-      }
-      return streamSSE2(c, async (stream) => {
-        let aborted = false;
-        stream.onAbort(() => {
-          aborted = true;
-        });
-        const now = Date.now();
-        await stream.writeSSE({
-          event: "status",
-          id: String(now),
-          data: JSON.stringify({
-            state: lifecycle.getState(),
-            error: lifecycle.getError() ?? null,
-            timestamp: now
-          }),
-          retry: 3e3
-        });
-        const onStateChange = (event) => {
-          if (aborted) return;
-          stream.writeSSE({
-            event: "status",
-            id: String(event.timestamp),
-            data: JSON.stringify({
-              state: event.state,
-              error: event.error ?? null,
-              timestamp: event.timestamp
-            })
-          });
-        };
-        lifecycle.on("stateChange", onStateChange);
-        while (!aborted) {
-          await stream.sleep(3e4);
-          if (aborted) break;
-          await stream.writeSSE({
-            event: "ping",
-            data: ""
-          });
-        }
-        lifecycle.off("stateChange", onStateChange);
+    } catch (err) {
+      return c.json({ success: false, error: getErrorMessage(err) }, 500);
+    }
+  });
+  return app;
+}
+
+// src/webui/routes/ton-proxy.ts
+import { Hono as Hono13 } from "hono";
+var log2 = createLogger("TonProxyRoute");
+function createTonProxyRoutes(deps) {
+  const app = new Hono13();
+  app.get("/", (c) => {
+    const mgr = getTonProxyManager();
+    if (!mgr) {
+      return c.json({
+        success: true,
+        data: { running: false, installed: false, port: 8080, enabled: false }
       });
+    }
+    return c.json({
+      success: true,
+      data: { ...mgr.getStatus(), enabled: true }
     });
-    const webDist = findWebDist();
-    if (webDist) {
-      const indexHtml = readFileSync3(join4(webDist, "index.html"), "utf-8");
-      const mimeTypes = {
-        js: "application/javascript",
-        css: "text/css",
-        svg: "image/svg+xml",
-        png: "image/png",
-        jpg: "image/jpeg",
-        jpeg: "image/jpeg",
-        ico: "image/x-icon",
-        json: "application/json",
-        woff2: "font/woff2",
-        woff: "font/woff"
-      };
-      this.app.get("*", (c) => {
-        const filePath = resolve2(join4(webDist, c.req.path));
-        const rel = relative2(webDist, filePath);
-        if (rel.startsWith("..") || resolve2(filePath) !== filePath) {
-          return c.html(indexHtml);
-        }
-        try {
-          const content = readFileSync3(filePath);
-          const ext = filePath.split(".").pop() || "";
-          if (mimeTypes[ext]) {
-            const immutable = c.req.path.startsWith("/assets/");
-            return c.body(content, 200, {
-              "Content-Type": mimeTypes[ext],
-              "Cache-Control": immutable ? "public, max-age=31536000, immutable" : "public, max-age=3600"
-            });
-          }
-        } catch {
-        }
-        return c.html(indexHtml);
+  });
+  app.post("/start", async (c) => {
+    try {
+      const runtimeConfig = deps.agent.getConfig();
+      const port = runtimeConfig.ton_proxy?.port ?? 8080;
+      const binaryPath = runtimeConfig.ton_proxy?.binary_path;
+      const existing = getTonProxyManager();
+      if (existing?.isRunning()) await existing.stop();
+      const mgr = new TonProxyManager({ enabled: true, port, binary_path: binaryPath });
+      setTonProxyManager(mgr);
+      await mgr.start();
+      const raw = readRawConfig(deps.configPath);
+      setNestedValue(raw, "ton_proxy.enabled", true);
+      writeRawConfig(raw, deps.configPath);
+      setNestedValue(runtimeConfig, "ton_proxy.enabled", true);
+      log2.info(`TON Proxy started on port ${port} (WebUI)`);
+      return c.json({
+        success: true,
+        data: { ...mgr.getStatus(), enabled: true }
       });
+    } catch (err) {
+      log2.error({ err }, "Failed to start TON Proxy");
+      return c.json(
+        { success: false, error: err instanceof Error ? err.message : String(err) },
+        500
+      );
     }
-    this.app.onError((err, c) => {
-      log2.error({ err }, "WebUI error");
+  });
+  app.post("/stop", async (c) => {
+    try {
+      const mgr = getTonProxyManager();
+      if (mgr) {
+        await mgr.stop();
+        setTonProxyManager(null);
+      }
+      const runtimeConfig = deps.agent.getConfig();
+      const raw = readRawConfig(deps.configPath);
+      setNestedValue(raw, "ton_proxy.enabled", false);
+      writeRawConfig(raw, deps.configPath);
+      setNestedValue(runtimeConfig, "ton_proxy.enabled", false);
+      log2.info("TON Proxy stopped (WebUI)");
+      return c.json({
+        success: true,
+        data: { running: false, installed: true, port: 8080, enabled: false }
+      });
+    } catch (err) {
+      log2.error({ err }, "Failed to stop TON Proxy");
       return c.json(
-        {
-          success: false,
-          error: err.message || "Internal server error"
-        },
+        { success: false, error: err instanceof Error ? err.message : String(err) },
         500
       );
-    });
-  }
-  async start() {
-    return new Promise((resolve3, reject) => {
-      try {
-        logInterceptor.install();
-        this.server = serve(
-          {
-            fetch: this.app.fetch,
-            hostname: this.deps.config.host,
-            port: this.deps.config.port
-          },
-          (info) => {
-            const url = `http://${info.address}:${info.port}`;
-            log2.info(`WebUI server running`);
-            log2.info(`URL: ${url}/auth/exchange?token=${this.authToken}`);
-            log2.info(`Token: ${maskToken(this.authToken)} (use Bearer header for API access)`);
-            resolve3();
-          }
-        );
-      } catch (error) {
-        logInterceptor.uninstall();
-        reject(error);
+    }
+  });
+  app.post("/uninstall", async (c) => {
+    try {
+      const mgr = getTonProxyManager();
+      if (mgr) {
+        await mgr.uninstall();
+        setTonProxyManager(null);
+      } else {
+        const runtimeConfig2 = deps.agent.getConfig();
+        const port = runtimeConfig2.ton_proxy?.port ?? 8080;
+        const binaryPath = runtimeConfig2.ton_proxy?.binary_path;
+        const tmp = new TonProxyManager({ enabled: false, port, binary_path: binaryPath });
+        await tmp.uninstall();
       }
-    });
-  }
-  async stop() {
-    if (this.server) {
-      return new Promise((resolve3) => {
-        this.server.close(() => {
-          logInterceptor.uninstall();
-          log2.info("WebUI server stopped");
-          resolve3();
-        });
+      const runtimeConfig = deps.agent.getConfig();
+      const raw = readRawConfig(deps.configPath);
+      setNestedValue(raw, "ton_proxy.enabled", false);
+      writeRawConfig(raw, deps.configPath);
+      setNestedValue(runtimeConfig, "ton_proxy.enabled", false);
+      log2.info("TON Proxy uninstalled (WebUI)");
+      return c.json({
+        success: true,
+        data: { running: false, installed: false, port: 8080, enabled: false }
       });
+    } catch (err) {
+      log2.error({ err }, "Failed to uninstall TON Proxy");
+      return c.json(
+        { success: false, error: err instanceof Error ? err.message : String(err) },
+        500
+      );
     }
-  }
-  getToken() {
-    return this.authToken;
-  }
-};
+  });
+  return app;
+}
+
 export {
-  WebUIServer
+  logInterceptor,
+  createStatusRoutes,
+  createToolsRoutes,
+  createLogsRoutes,
+  createMemoryRoutes,
+  createSoulRoutes,
+  createPluginsRoutes,
+  createMcpRoutes,
+  createWorkspaceRoutes,
+  createTasksRoutes,
+  createConfigRoutes,
+  createMarketplaceRoutes,
+  createHooksRoutes,
+  createTonProxyRoutes
 };