- The permission request handler granted every renderer permission; its media check called callback(true) in both branches. Now only 'media' (dictation microphone) and 'clipboard-sanitized-write' (copy buttons) are granted; everything else is denied and logged. - onBeforeSendHeaders rewrote the Origin header to http://localhost:5173 on every outgoing request, including third-party hosts. goosed's origin policy only concerns loopback targets, so the rewrite is now scoped to them. - Route wrappers fell back to window.history.state for view options, but react-router stores user state under history.state.usr, so the fallback could only ever produce the router's wrapper object — and SettingsRoute then mutated it. Read location.state only, and build the settings view options instead of mutating. - ProgressiveMessageList marked the last *rendered* message as streaming, which targets the wrong message while progressive batches are still loading. Compare against the full message list instead. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> |
||
|---|---|---|
| .cargo | ||
| .claude/skills | ||
| .codex/skills | ||
| .cursor/skills | ||
| .devcontainer | ||
| .github | ||
| .intersect | ||
| bin | ||
| crates | ||
| documentation | ||
| evals/harbor | ||
| examples | ||
| oidc-proxy | ||
| recipe-scanner | ||
| scripts | ||
| services/ask-ai-bot | ||
| ui | ||
| vendor/v8 | ||
| workflow_recipes/release_risk_check | ||
| .dockerignore | ||
| .gitattributes | ||
| .gitignore | ||
| .goosehints | ||
| AGENTS.md | ||
| BUILDING_DOCKER.md | ||
| BUILDING_LINUX.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| CLAUDE.md | ||
| clippy.toml | ||
| CONTRIBUTING.md | ||
| CONTRIBUTING_RECIPES.md | ||
| CUSTOM_DISTROS.md | ||
| deny.toml | ||
| Dockerfile | ||
| download_cli.ps1 | ||
| download_cli.sh | ||
| flake.lock | ||
| flake.nix | ||
| goose-self-test.yaml | ||
| GOVERNANCE.md | ||
| I18N.md | ||
| Justfile | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| README.md | ||
| RELEASE.md | ||
| RELEASE_CHECKLIST.md | ||
| rust-toolchain.toml | ||
| SECURITY.md | ||
| test_acp_client.py | ||
🦆 goose has moved! This project has moved from
block/gooseto the Agentic AI Foundation (AAIF) at the Linux Foundation. Some links and references are still being updated — please bear with us during the transition.
goose
your native open source AI agent — desktop app, CLI, and API — for code, workflows, and everything in between
goose is a general-purpose AI agent that runs on your machine. Not just for code — use it for research, writing, automation, data analysis, or anything you need to get done.
A native desktop app for macOS, Linux, and Windows. A full CLI for terminal workflows. An API to embed it anywhere. Built in Rust for performance and portability.
goose works with 15+ providers — Anthropic, OpenAI, Google, Ollama, OpenRouter, Azure, Bedrock, and more. Use API keys or your existing Claude, ChatGPT, or Gemini subscriptions via ACP. Connect to 70+ extensions via the Model Context Protocol open standard.
goose is part of the Agentic AI Foundation (AAIF) at the Linux Foundation.
Get started
Download the desktop app for macOS, Linux, and Windows.
Or install the CLI:
curl -fsSL https://github.com/aaif-goose/goose/releases/download/stable/download_cli.sh | bash
Quick links
- Quickstart
- Installation
- Tutorials
- Documentation
- Governance
- Custom Distributions — build your own goose distro with preconfigured providers, extensions, and branding
Need help?
a little goose humor 🪿
Why did the developer choose goose as their AI agent?
Because it always helps them "migrate" their code to production! 🚀