aljaz/goose
1
0
Fork 0
mirror of https://github.com/aljazceru/goose.git synced 2025-12-17 14:14:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Goose security updates (#3579)

Browse Source 
Co-authored-by: Douwe Osinga <douwe@squareup.com>
This commit is contained in:
Douwe Osinga
2025-07-24 03:09:26 +02:00
committed by GitHub
parent ed282ba63f
commit eef72f8a6f
12 changed files with 26 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
Cargo.lock generated
View File

@@ -2740,12 +2740,6 @@ dependencies = [
"zip 0.6.6", "zip 0.6.6",
] ]
[[package]]
name = "dotenv"
version = "0.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77c90badedccf4105eca100756a0b1289e191f6fcbdadd3cee1d2f614f97da8f"
[[package]] [[package]]
name = "dotenvy" name = "dotenvy"
version = "0.15.7" version = "0.15.7"
@@ -2819,7 +2813,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d" checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d"
dependencies = [ dependencies = [
"libc", "libc",
"windows-sys 0.59.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@@ -3453,7 +3447,7 @@ dependencies = [
"ctor", "ctor",
"dashmap 6.1.0", "dashmap 6.1.0",
"dirs 5.0.1", "dirs 5.0.1",
"dotenv", "dotenvy",
"etcetera", "etcetera",
"fs2", "fs2",
"futures", "futures",
@@ -3601,7 +3595,7 @@ dependencies = [
"chrono", "chrono",
"criterion", "criterion",
"ctor", "ctor",
"dotenv", "dotenvy",
"goose", "goose",
"include_dir", "include_dir",
"indoc 1.0.9", "indoc 1.0.9",
@@ -4455,7 +4449,7 @@ checksum = "e19b23d53f35ce9f56aebc7d1bb4e6ac1e9c0db7ac85c8d1760c04379edced37"
dependencies = [ dependencies = [
"hermit-abi 0.4.0", "hermit-abi 0.4.0",
"libc", "libc",
"windows-sys 0.59.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@@ -5194,7 +5188,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34"
dependencies = [ dependencies = [
"cfg-if", "cfg-if",
"windows-targets 0.52.6", "windows-targets 0.48.5",
] ]
[[package]] [[package]]
@@ -5995,9 +5989,9 @@ checksum = "b410bbe7e14ab526a0e86877eb47c6996a2bd7746f027ba551028c925390e4e9"
[[package]] [[package]]
name = "openssl" name = "openssl"
version = "0.10.71" version = "0.10.73"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e14130c6a98cd258fdcb0fb6d744152343ff729cbfcb28c656a9d12b999fbcd" checksum = "8505734d46c8ab1e19a1dce3aef597ad87dcb4c37e7188231769bd6bd51cebf8"
dependencies = [ dependencies = [
"bitflags 2.9.0", "bitflags 2.9.0",
"cfg-if", "cfg-if",
@@ -6036,9 +6030,9 @@ dependencies = [
[[package]] [[package]]
name = "openssl-sys" name = "openssl-sys"
version = "0.9.106" version = "0.9.109"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8bb61ea9811cc39e3c2069f40b8b8e2e70d8569b361f879786cc7ed48b777cdd" checksum = "90096e2e47630d78b7d1c20952dc621f957103f8bc2c8359ec81290d75238571"
dependencies = [ dependencies = [
"cc", "cc",
"libc", "libc",
@@ -6688,7 +6682,7 @@ dependencies = [
"once_cell", "once_cell",
"socket2 0.5.8", "socket2 0.5.8",
"tracing", "tracing",
"windows-sys 0.59.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@@ -7237,7 +7231,7 @@ dependencies = [
"errno", "errno",
"libc", "libc",
"linux-raw-sys 0.4.15", "linux-raw-sys 0.4.15",
"windows-sys 0.59.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@@ -7250,7 +7244,7 @@ dependencies = [
"errno", "errno",
"libc", "libc",
"linux-raw-sys 0.9.4", "linux-raw-sys 0.9.4",
"windows-sys 0.59.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@@ -8297,7 +8291,7 @@ dependencies = [
"getrandom 0.3.1", "getrandom 0.3.1",
"once_cell", "once_cell",
"rustix 0.38.44", "rustix 0.38.44",
"windows-sys 0.59.0", "windows-sys 0.52.0",
] ]
[[package]] [[package]]
@@ -9487,7 +9481,7 @@ version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
dependencies = [ dependencies = [
"windows-sys 0.59.0", "windows-sys 0.48.0",
] ]
[[package]] [[package]]

2
crates/goose-llm/Cargo.toml
View File

@@ -50,7 +50,7 @@ tokio = { version = "1.43", features = ["time", "sync"] }
[dev-dependencies] [dev-dependencies]
criterion = "0.5" criterion = "0.5"
tempfile = "3.15.0" tempfile = "3.15.0"
dotenv = "0.15" dotenvy = "0.15.7"
lazy_static = "1.5" lazy_static = "1.5"
ctor = "0.2.7" ctor = "0.2.7"
tokio = { version = "1.43", features = ["full"] } tokio = { version = "1.43", features = ["full"] }

2
crates/goose-llm/tests/extract_session_name.rs
View File

@@ -1,5 +1,5 @@
use anyhow::Result; use anyhow::Result;
use dotenv::dotenv; use dotenvy::dotenv;
use goose_llm::extractors::generate_session_name; use goose_llm::extractors::generate_session_name;
use goose_llm::message::Message; use goose_llm::message::Message;
use goose_llm::providers::errors::ProviderError; use goose_llm::providers::errors::ProviderError;

2
crates/goose-llm/tests/extract_tooltip.rs
View File

@@ -1,5 +1,5 @@
use anyhow::Result; use anyhow::Result;
use dotenv::dotenv; use dotenvy::dotenv;
use goose_llm::extractors::generate_tooltip; use goose_llm::extractors::generate_tooltip;
use goose_llm::message::{Message, MessageContent, ToolRequest}; use goose_llm::message::{Message, MessageContent, ToolRequest};
use goose_llm::providers::errors::ProviderError; use goose_llm::providers::errors::ProviderError;

2
crates/goose-llm/tests/providers_complete.rs
View File

@@ -1,5 +1,5 @@
use anyhow::Result; use anyhow::Result;
use dotenv::dotenv; use dotenvy::dotenv;
use goose_llm::message::{Message, MessageContent}; use goose_llm::message::{Message, MessageContent};
use goose_llm::providers::base::Provider; use goose_llm::providers::base::Provider;
use goose_llm::providers::errors::ProviderError; use goose_llm::providers::errors::ProviderError;

2
crates/goose-llm/tests/providers_extract.rs
View File

@@ -1,7 +1,7 @@
// tests/providers_extract.rs // tests/providers_extract.rs
use anyhow::Result; use anyhow::Result;
use dotenv::dotenv; use dotenvy::dotenv;
use goose_llm::message::Message; use goose_llm::message::Message;
use goose_llm::providers::base::Provider; use goose_llm::providers::base::Provider;
use goose_llm::providers::{databricks::DatabricksProvider, openai::OpenAiProvider}; use goose_llm::providers::{databricks::DatabricksProvider, openai::OpenAiProvider};

2
crates/goose-mcp/Cargo.toml
View File

@@ -51,7 +51,7 @@ lopdf = "0.35.0"
docx-rs = "0.4.7" docx-rs = "0.4.7"
image = "0.24.9" image = "0.24.9"
umya-spreadsheet = "2.2.3" umya-spreadsheet = "2.2.3"
keyring = { version = "3.6.1", features = [ keyring = { version = "3.6.2", features = [
"apple-native", "apple-native",
"windows-native", "windows-native",
"sync-secret-service", "sync-secret-service",

4
crates/goose/Cargo.toml
View File

@@ -59,7 +59,7 @@ webbrowser = "0.8"
lazy_static = "1.5.0" lazy_static = "1.5.0"
tracing = "0.1" tracing = "0.1"
tracing-subscriber = "0.3" tracing-subscriber = "0.3"
keyring = { version = "3.6.1", features = ["apple-native", "windows-native", "sync-secret-service", "vendored"] } keyring = { version = "3.6.2", features = ["apple-native", "windows-native", "sync-secret-service", "vendored"] }
serde_yaml = "0.9.34" serde_yaml = "0.9.34"
once_cell = "1.20.2" once_cell = "1.20.2"
etcetera = "0.8.0" etcetera = "0.8.0"
@@ -100,7 +100,7 @@ mockall = "0.13.1"
wiremock = "0.6.0" wiremock = "0.6.0"
tokio = { version = "1.43", features = ["full"] } tokio = { version = "1.43", features = ["full"] }
temp-env = "0.3.6" temp-env = "0.3.6"
dotenv = "0.15.0" dotenvy = "0.15.7"
ctor = "0.2.9" ctor = "0.2.9"
[[example]] [[example]]

2
crates/goose/examples/agent.rs
View File

@@ -1,6 +1,6 @@
use std::sync::Arc; use std::sync::Arc;
use dotenv::dotenv; use dotenvy::dotenv;
use futures::StreamExt; use futures::StreamExt;
use goose::agents::{Agent, AgentEvent, ExtensionConfig}; use goose::agents::{Agent, AgentEvent, ExtensionConfig};
use goose::config::{DEFAULT_EXTENSION_DESCRIPTION, DEFAULT_EXTENSION_TIMEOUT}; use goose::config::{DEFAULT_EXTENSION_DESCRIPTION, DEFAULT_EXTENSION_TIMEOUT};

2
crates/goose/examples/databricks_oauth.rs
View File

@@ -1,5 +1,5 @@
use anyhow::Result; use anyhow::Result;
use dotenv::dotenv; use dotenvy::dotenv;
use goose::{ use goose::{
message::Message, message::Message,
providers::{ providers::{

2
crates/goose/examples/image_tool.rs
View File

@@ -1,6 +1,6 @@
use anyhow::Result; use anyhow::Result;
use base64::{engine::general_purpose::STANDARD as BASE64, Engine as _}; use base64::{engine::general_purpose::STANDARD as BASE64, Engine as _};
use dotenv::dotenv; use dotenvy::dotenv;
use goose::{ use goose::{
message::Message, message::Message,
providers::{bedrock::BedrockProvider, databricks::DatabricksProvider, openai::OpenAiProvider}, providers::{bedrock::BedrockProvider, databricks::DatabricksProvider, openai::OpenAiProvider},

2
crates/goose/tests/providers.rs
View File

@@ -1,5 +1,5 @@
use anyhow::Result; use anyhow::Result;
use dotenv::dotenv; use dotenvy::dotenv;
use goose::message::{Message, MessageContent}; use goose::message::{Message, MessageContent};
use goose::providers::base::Provider; use goose::providers::base::Provider;
use goose::providers::errors::ProviderError; use goose::providers::errors::ProviderError;