teleton 0.8.4 → 0.8.6

package/dist/chunk-7KI25UJU.js

@@ -0,0 +1,215 @@
+import {
+  sanitizeForContext
+} from "./chunk-AX5NBEHX.js";
+import {
+  getErrorMessage
+} from "./chunk-3UFPFWYP.js";
+import {
+  TOOL_EXECUTION_TIMEOUT_MS
+} from "./chunk-R4YSJ4EY.js";
+import {
+  createLogger
+} from "./chunk-V3S3NXBQ.js";
+
+// src/agent/tools/mcp-loader.ts
+import { Client } from "@modelcontextprotocol/sdk/client/index.js";
+import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
+import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
+import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+var log = createLogger("MCP");
+var MCP_CONNECT_TIMEOUT_MS = 3e4;
+function parseCommand(config) {
+  if (!config.command) throw new Error("No command specified");
+  if (config.args) {
+    return { command: config.command, args: config.args };
+  }
+  const parts = config.command.split(/\s+/);
+  return { command: parts[0], args: parts.slice(1) };
+}
+function extractText(content) {
+  return content.filter((c) => c.type === "text" && c.text).map((c) => c.text ?? "").join("\n");
+}
+async function loadMcpServers(config) {
+  const entries = Object.entries(config.servers).filter(([, cfg]) => cfg.enabled !== false);
+  if (entries.length === 0) return [];
+  const results = await Promise.allSettled(
+    entries.map(async ([name, serverConfig]) => {
+      let transport;
+      if (serverConfig.command) {
+        const { command, args } = parseCommand(serverConfig);
+        const safeEnv = {};
+        for (const key of ["PATH", "HOME", "NODE_PATH", "LANG", "TERM"]) {
+          if (process.env[key]) safeEnv[key] = process.env[key] ?? "";
+        }
+        const BLOCKED_ENV_KEYS = /* @__PURE__ */ new Set([
+          "LD_PRELOAD",
+          "NODE_OPTIONS",
+          "LD_LIBRARY_PATH",
+          "DYLD_INSERT_LIBRARIES",
+          "ELECTRON_RUN_AS_NODE"
+        ]);
+        const filteredEnv = {};
+        for (const [k, v] of Object.entries(serverConfig.env ?? {})) {
+          if (BLOCKED_ENV_KEYS.has(k.toUpperCase())) {
+            log.warn({ key: k, server: name }, "Blocked dangerous env var for MCP server");
+          } else {
+            filteredEnv[k] = v;
+          }
+        }
+        transport = new StdioClientTransport({
+          command,
+          args,
+          env: { ...safeEnv, ...filteredEnv },
+          stderr: "pipe"
+        });
+      } else if (serverConfig.url) {
+        transport = new StreamableHTTPClientTransport(new URL(serverConfig.url));
+      } else {
+        throw new Error(`MCP server "${name}": needs 'command' or 'url'`);
+      }
+      const client = new Client({ name: `teleton-${name}`, version: "1.0.0" });
+      let timeoutHandle;
+      try {
+        await Promise.race([
+          client.connect(transport),
+          new Promise((_, reject) => {
+            timeoutHandle = setTimeout(
+              () => reject(new Error(`Connection timed out after ${MCP_CONNECT_TIMEOUT_MS / 1e3}s`)),
+              MCP_CONNECT_TIMEOUT_MS
+            );
+          })
+        ]).finally(() => clearTimeout(timeoutHandle));
+      } catch (error) {
+        if (serverConfig.url && transport instanceof StreamableHTTPClientTransport) {
+          await client.close().catch(() => {
+          });
+          log.info({ server: name }, "Streamable HTTP failed, falling back to SSE");
+          transport = new SSEClientTransport(new URL(serverConfig.url));
+          const fallbackClient = new Client({ name: `teleton-${name}`, version: "1.0.0" });
+          await Promise.race([
+            fallbackClient.connect(transport),
+            new Promise((_, reject) => {
+              timeoutHandle = setTimeout(
+                () => reject(
+                  new Error(`SSE fallback timed out after ${MCP_CONNECT_TIMEOUT_MS / 1e3}s`)
+                ),
+                MCP_CONNECT_TIMEOUT_MS
+              );
+            })
+          ]).finally(() => clearTimeout(timeoutHandle));
+          return {
+            serverName: name,
+            client: fallbackClient,
+            scope: serverConfig.scope ?? "always"
+          };
+        }
+        throw error;
+      }
+      return { serverName: name, client, scope: serverConfig.scope ?? "always" };
+    })
+  );
+  const connections = [];
+  for (let i = 0; i < results.length; i++) {
+    const result = results[i];
+    const [name] = entries[i];
+    if (result.status === "fulfilled") {
+      connections.push(result.value);
+    } else {
+      const reason = result.reason instanceof Error ? result.reason.stack ?? result.reason.message : result.reason;
+      log.warn({ server: name, reason }, `MCP server "${name}" failed to connect`);
+    }
+  }
+  return connections;
+}
+async function registerMcpTools(connections, registry) {
+  let totalCount = 0;
+  const serverNames = [];
+  for (const conn of connections) {
+    try {
+      const { tools: mcpTools } = await conn.client.listTools();
+      if (!mcpTools || mcpTools.length === 0) continue;
+      const registryTools = [];
+      for (const mcpTool of mcpTools) {
+        const prefixedName = `mcp_${conn.serverName}_${mcpTool.name}`;
+        const executor = async (params) => {
+          try {
+            let timeoutHandle;
+            const result = await Promise.race([
+              conn.client.callTool({
+                name: mcpTool.name,
+                arguments: params
+              }),
+              new Promise((_, reject) => {
+                timeoutHandle = setTimeout(
+                  () => reject(
+                    new Error(
+                      `MCP tool "${mcpTool.name}" timed out after ${TOOL_EXECUTION_TIMEOUT_MS / 1e3}s`
+                    )
+                  ),
+                  TOOL_EXECUTION_TIMEOUT_MS
+                );
+              })
+            ]).finally(() => clearTimeout(timeoutHandle));
+            if (result.isError) {
+              const errorText = extractText(
+                result.content
+              );
+              return {
+                success: false,
+                error: sanitizeForContext(errorText) || "MCP tool returned error"
+              };
+            }
+            const text = extractText(result.content);
+            return { success: true, data: sanitizeForContext(text) };
+          } catch (innerError) {
+            return {
+              success: false,
+              error: `MCP tool "${mcpTool.name}" failed: ${getErrorMessage(innerError)}`
+            };
+          }
+        };
+        const schema = mcpTool.inputSchema ?? { type: "object", properties: {} };
+        if (!schema.properties || Object.keys(schema.properties).length === 0) {
+          log.warn(
+            { tool: mcpTool.name, server: conn.serverName },
+            "MCP tool has no parameter schema \u2014 inputs will not be validated"
+          );
+        }
+        registryTools.push({
+          tool: {
+            name: prefixedName,
+            description: mcpTool.description || `MCP tool from ${conn.serverName}`,
+            parameters: schema
+          },
+          executor,
+          scope: conn.scope
+        });
+      }
+      const count = registry.registerPluginTools(`mcp_${conn.serverName}`, registryTools);
+      if (count > 0) {
+        totalCount += count;
+        serverNames.push(conn.serverName);
+      }
+    } catch (error) {
+      log.warn(`MCP server "${conn.serverName}" tool discovery failed: ${getErrorMessage(error)}`);
+    }
+  }
+  return { count: totalCount, names: serverNames };
+}
+async function closeMcpServers(connections) {
+  await Promise.allSettled(
+    connections.map(async (conn) => {
+      try {
+        await conn.client.close();
+      } catch (error) {
+        log.warn(`MCP server "${conn.serverName}" close failed: ${getErrorMessage(error)}`);
+      }
+    })
+  );
+}
+
+export {
+  loadMcpServers,
+  registerMcpTools,
+  closeMcpServers
+};

package/dist/chunk-AX5NBEHX.js

@@ -0,0 +1,12 @@
+// src/utils/sanitize.ts
+function sanitizeForPrompt(text) {
+  return text.normalize("NFKC").replace(/[\x00-\x08\x0b\x0c\x0e-\x1f]/g, "").replace(/[\u00AD\u034F\u061C\u180E\u200B-\u200F\u2060-\u2064\uFEFF]/g, "").replace(/[\uFE00-\uFE0F]/g, "").replace(/[\u{E0000}-\u{E007F}]/gu, "").replace(/[\u{E0100}-\u{E01EF}]/gu, "").replace(/[\u202A-\u202E\u2066-\u2069]/g, "").replace(/[\r\n\u2028\u2029]+/g, " ").replace(/#{1,6}\s/g, "").replace(/<\/?[a-zA-Z_][^>]*>/g, "").replace(/`{3,}/g, "`").trim().slice(0, 128);
+}
+function sanitizeForContext(text) {
+  return text.normalize("NFKC").replace(/[\x00-\x08\x0b\x0c\x0e-\x1f]/g, "").replace(/[\u00AD\u034F\u061C\u180E\u200B-\u200F\u2060-\u2064\uFEFF]/g, "").replace(/[\uFE00-\uFE0F]/g, "").replace(/[\u{E0000}-\u{E007F}]/gu, "").replace(/[\u{E0100}-\u{E01EF}]/gu, "").replace(/[\u202A-\u202E\u2066-\u2069]/g, "").replace(/[\u2028\u2029]/g, "\n").replace(/<\/?[a-zA-Z_][^>]*>/g, "").replace(/`{3,}/g, "``").trim();
+}
+
+export {
+  sanitizeForPrompt,
+  sanitizeForContext
+};

package/dist/{chunk-5LOHRZYY.js → chunk-BLUES3FJ.js}

@@ -1,6 +1,6 @@
 import {
   getModelsForProvider
-} from "./chunk-WFTC3JJW.js";
+} from "./chunk-3NO7QU7W.js";
 import {
   generateWallet,
   getWalletAddress,
@@ -9,34 +9,39 @@ import {
   saveWallet,
   walletExists,
   writeRawConfig
-} from "./chunk-JROBTXWY.js";
+} from "./chunk-ZHRDETCX.js";
 import {
   ConfigSchema,
-  DealsConfigSchema,
+  DealsConfigSchema
+} from "./chunk-2UUGRY5B.js";
+import {
+  getErrorMessage
+} from "./chunk-3UFPFWYP.js";
+import {
   ensureWorkspace,
   isNewWorkspace
-} from "./chunk-NH2CNRKJ.js";
+} from "./chunk-CXTZPOTA.js";
 import {
   TELEGRAM_MAX_MESSAGE_LENGTH
-} from "./chunk-C4NKJT2Z.js";
+} from "./chunk-J4WDJ7XS.js";
 import {
   getClaudeCodeApiKey,
   isClaudeCodeTokenValid
-} from "./chunk-WTDAICGT.js";
+} from "./chunk-R6W4DJRK.js";
 import {
   getProviderMetadata,
   getSupportedProviders,
   validateApiKeyFormat
-} from "./chunk-6OOHHJ4N.js";
+} from "./chunk-TFTNZZDH.js";
 import {
   fetchWithTimeout
 } from "./chunk-XQUHC3JZ.js";
 import {
   TELETON_ROOT
-} from "./chunk-EYWNOHMJ.js";
+} from "./chunk-L653KKCR.js";
 import {
   createLogger
-} from "./chunk-NQ6FZKCE.js";
+} from "./chunk-V3S3NXBQ.js";
 
 // src/webui/routes/setup.ts
 import { Hono } from "hono";
@@ -143,9 +148,9 @@ var TelegramAuthManager = class {
       await this.saveSession(session);
       log.info("Telegram authentication successful");
       return { status: "authenticated", user };
-    } catch (err) {
-      const error = err;
-      if (error.errorMessage === "SESSION_PASSWORD_NEEDED") {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.errorMessage === "SESSION_PASSWORD_NEEDED") {
         session.state = "2fa_required";
         try {
           const passwordResult = await session.client.invoke(new Api.account.GetPassword());
@@ -154,14 +159,14 @@ var TelegramAuthManager = class {
         }
         return { status: "2fa_required", passwordHint: session.passwordHint };
       }
-      if (error.errorMessage === "PHONE_CODE_INVALID") {
+      if (tgError.errorMessage === "PHONE_CODE_INVALID") {
         return { status: "invalid_code" };
       }
-      if (error.errorMessage === "PHONE_CODE_EXPIRED") {
+      if (tgError.errorMessage === "PHONE_CODE_EXPIRED") {
         session.state = "failed";
         return { status: "expired" };
       }
-      throw err;
+      throw error;
     }
   }
   /**
@@ -186,12 +191,12 @@ var TelegramAuthManager = class {
       await this.saveSession(session);
       log.info("Telegram 2FA authentication successful");
       return { status: "authenticated", user };
-    } catch (err) {
-      const error = err;
-      if (error.errorMessage === "PASSWORD_HASH_INVALID") {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.errorMessage === "PASSWORD_HASH_INVALID") {
         return { status: "invalid_password" };
       }
-      throw err;
+      throw error;
     }
   }
   /**
@@ -319,9 +324,9 @@ var TelegramAuthManager = class {
         };
       }
       return { status: "waiting" };
-    } catch (err) {
-      const error = err;
-      if (error.errorMessage === "SESSION_PASSWORD_NEEDED") {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.errorMessage === "SESSION_PASSWORD_NEEDED") {
         session.state = "2fa_required";
         try {
           const passwordResult = await session.client.invoke(new Api.account.GetPassword());
@@ -330,7 +335,7 @@ var TelegramAuthManager = class {
         }
         return { status: "2fa_required", passwordHint: session.passwordHint };
       }
-      throw err;
+      throw error;
     }
   }
   /**
@@ -351,8 +356,8 @@ var TelegramAuthManager = class {
       if (this.session.client.connected) {
         await this.session.client.disconnect();
       }
-    } catch (err) {
-      log.warn({ err }, "Error disconnecting auth client");
+    } catch (error) {
+      log.warn({ error }, "Error disconnecting auth client");
     }
     this.session = null;
   }
@@ -429,11 +434,8 @@ function createSetupRoutes(options) {
           }
         }
       });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        500
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 500);
     }
   });
   app.get("/providers", (c) => {
@@ -489,17 +491,14 @@ function createSetupRoutes(options) {
       const body = await c.req.json();
       const error = validateApiKeyFormat(body.provider, body.apiKey);
       return c.json({ success: true, data: { valid: !error, error } });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        400
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 400);
     }
   });
   app.post("/validate/bot-token", async (c) => {
     try {
       const body = await c.req.json();
-      if (!body.token || !body.token.includes(":")) {
+      if (!body.token || !/^[0-9]+:[A-Za-z0-9_-]+$/.test(body.token)) {
         return c.json({
           success: true,
           data: { valid: false, networkError: false, error: "Invalid format (expected id:hash)" }
@@ -528,11 +527,8 @@ function createSetupRoutes(options) {
           data: { valid: false, networkError: true, error: "Could not reach Telegram API" }
         });
       }
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        400
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 400);
     }
   });
   app.post("/workspace/init", async (c) => {
@@ -554,11 +550,8 @@ function createSetupRoutes(options) {
         success: true,
         data: { created: !isNewWorkspace(workspace) === false, path: workspace.root }
       });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        500
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 500);
     }
   });
   app.get("/wallet/status", (c) => {
@@ -575,11 +568,8 @@ function createSetupRoutes(options) {
         success: true,
         data: { address: wallet.address, mnemonic: wallet.mnemonic }
       });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        500
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 500);
     }
   });
   app.post("/wallet/import", async (c) => {
@@ -593,11 +583,8 @@ function createSetupRoutes(options) {
       saveWallet(wallet);
       log2.info("TON wallet imported via setup UI");
       return c.json({ success: true, data: { address: wallet.address } });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        400
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 400);
     }
   });
   app.post("/telegram/send-code", async (c) => {
@@ -608,19 +595,19 @@ function createSetupRoutes(options) {
       }
       const result = await authManager.sendCode(body.apiId, body.apiHash, body.phone);
       return c.json({ success: true, data: result });
-    } catch (err) {
-      const error = err;
-      if (error.seconds) {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.seconds) {
         return c.json(
           {
             success: false,
-            error: `Rate limited. Please wait ${error.seconds} seconds.`
+            error: `Rate limited. Please wait ${tgError.seconds} seconds.`
           },
           429
         );
       }
       return c.json(
-        { success: false, error: error.errorMessage || error.message || String(err) },
+        { success: false, error: tgError.errorMessage || tgError.message || String(error) },
         500
       );
     }
@@ -633,19 +620,19 @@ function createSetupRoutes(options) {
       }
       const result = await authManager.verifyCode(body.authSessionId, body.code);
       return c.json({ success: true, data: result });
-    } catch (err) {
-      const error = err;
-      if (error.seconds) {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.seconds) {
         return c.json(
           {
             success: false,
-            error: `Rate limited. Please wait ${error.seconds} seconds.`
+            error: `Rate limited. Please wait ${tgError.seconds} seconds.`
           },
           429
         );
       }
       return c.json(
-        { success: false, error: error.errorMessage || error.message || String(err) },
+        { success: false, error: tgError.errorMessage || tgError.message || String(error) },
         500
       );
     }
@@ -658,19 +645,19 @@ function createSetupRoutes(options) {
       }
       const result = await authManager.verifyPassword(body.authSessionId, body.password);
       return c.json({ success: true, data: result });
-    } catch (err) {
-      const error = err;
-      if (error.seconds) {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.seconds) {
         return c.json(
           {
             success: false,
-            error: `Rate limited. Please wait ${error.seconds} seconds.`
+            error: `Rate limited. Please wait ${tgError.seconds} seconds.`
           },
           429
         );
       }
       return c.json(
-        { success: false, error: error.errorMessage || error.message || String(err) },
+        { success: false, error: tgError.errorMessage || tgError.message || String(error) },
         500
       );
     }
@@ -686,19 +673,19 @@ function createSetupRoutes(options) {
         return c.json({ success: false, error: "Session expired or invalid" }, 400);
       }
       return c.json({ success: true, data: result });
-    } catch (err) {
-      const error = err;
-      if (error.seconds) {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.seconds) {
         return c.json(
           {
             success: false,
-            error: `Rate limited. Please wait ${error.seconds} seconds.`
+            error: `Rate limited. Please wait ${tgError.seconds} seconds.`
           },
           429
         );
       }
       return c.json(
-        { success: false, error: error.errorMessage || error.message || String(err) },
+        { success: false, error: tgError.errorMessage || tgError.message || String(error) },
         500
       );
     }
@@ -711,16 +698,16 @@ function createSetupRoutes(options) {
       }
       const result = await authManager.startQrSession(body.apiId, body.apiHash);
       return c.json({ success: true, data: result });
-    } catch (err) {
-      const error = err;
-      if (error.seconds) {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.seconds) {
         return c.json(
-          { success: false, error: `Rate limited. Please wait ${error.seconds} seconds.` },
+          { success: false, error: `Rate limited. Please wait ${tgError.seconds} seconds.` },
           429
         );
       }
       return c.json(
-        { success: false, error: error.errorMessage || error.message || String(err) },
+        { success: false, error: tgError.errorMessage || tgError.message || String(error) },
         500
       );
     }
@@ -733,16 +720,16 @@ function createSetupRoutes(options) {
       }
       const result = await authManager.refreshQrToken(body.authSessionId);
       return c.json({ success: true, data: result });
-    } catch (err) {
-      const error = err;
-      if (error.seconds) {
+    } catch (error) {
+      const tgError = error;
+      if (tgError.seconds) {
         return c.json(
-          { success: false, error: `Rate limited. Please wait ${error.seconds} seconds.` },
+          { success: false, error: `Rate limited. Please wait ${tgError.seconds} seconds.` },
           429
         );
       }
       return c.json(
-        { success: false, error: error.errorMessage || error.message || String(err) },
+        { success: false, error: tgError.errorMessage || tgError.message || String(error) },
         500
       );
     }
@@ -752,16 +739,13 @@ function createSetupRoutes(options) {
       const body = await c.req.json().catch(() => ({ authSessionId: "" }));
       await authManager.cancelSession(body.authSessionId);
       return c.json({ success: true });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        500
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 500);
     }
   });
   app.post("/embeddings/warmup", async (c) => {
     try {
-      const { LocalEmbeddingProvider } = await import("./local-IHKJFQJS.js");
+      const { LocalEmbeddingProvider } = await import("./local-MSZAXWUL.js");
       const provider = new LocalEmbeddingProvider({});
       const success = await provider.warmup();
       return c.json({
@@ -770,10 +754,7 @@ function createSetupRoutes(options) {
         dimensions: provider.dimensions
       });
     } catch (error) {
-      return c.json(
-        { success: false, error: error instanceof Error ? error.message : String(error) },
-        500
-      );
+      return c.json({ success: false, error: getErrorMessage(error) }, 500);
     }
   });
   app.get("/embeddings/status", (c) => {
@@ -814,6 +795,7 @@ function createSetupRoutes(options) {
           }
         },
         telegram: {
+          ...input.telegram.mode === "bot" ? { mode: "bot" } : {},
           api_id: input.telegram.api_id,
           api_hash: input.telegram.api_hash,
           phone: input.telegram.phone,
@@ -896,11 +878,8 @@ function createSetupRoutes(options) {
       writeFileSync2(configPath, YAML.stringify(config), { encoding: "utf-8", mode: 384 });
       log2.info(`Configuration saved: ${configPath}`);
       return c.json({ success: true, data: { path: configPath } });
-    } catch (err) {
-      return c.json(
-        { success: false, error: err instanceof Error ? err.message : String(err) },
-        400
-      );
+    } catch (error) {
+      return c.json({ success: false, error: getErrorMessage(error) }, 400);
     }
   });
   return app;

package/dist/{chunk-CUE4UZXR.js → chunk-BT2I3ETV.js}

@@ -1,9 +1,9 @@
 import {
   TELETON_ROOT
-} from "./chunk-EYWNOHMJ.js";
+} from "./chunk-L653KKCR.js";
 import {
   createLogger
-} from "./chunk-NQ6FZKCE.js";
+} from "./chunk-V3S3NXBQ.js";
 
 // src/memory/embeddings/local.ts
 import { pipeline, env } from "@huggingface/transformers";
@@ -42,7 +42,7 @@ async function ensureModelCached(model) {
     }
     const buffer = Buffer.from(await res.arrayBuffer());
     const tmpPath = localPath + ".tmp";
-    writeFileSync(tmpPath, buffer);
+    writeFileSync(tmpPath, buffer, { mode: 384 });
     renameSync(tmpPath, localPath);
   }
 }