Skip to content

Update vars to be capitalised to be in line with other variables in config file#6085

Merged
zanesq merged 1 commit intomainfrom
fix/var-capitalisation-prompt-injection
Dec 12, 2025
Merged

Update vars to be capitalised to be in line with other variables in config file#6085
zanesq merged 1 commit intomainfrom
fix/var-capitalisation-prompt-injection

Conversation

@dorien-koelemeijer
Copy link
Collaborator

@dorien-koelemeijer dorien-koelemeijer commented Dec 12, 2025

Summary

Update prompt injection detection variables to be capitalised to be in line with other variables in config file. Related PR in goose-releases: https://github.com/squareup/goose-releases/pull/168

Type of Change

  • Feature
  • Bug fix
  • Refactor / Code quality
  • Performance improvement
  • Documentation
  • Tests
  • Security fix
  • Build / Release
  • Other (specify below)

AI Assistance

N/A

@dorien-koelemeijer dorien-koelemeijer requested a review from a team as a code owner December 12, 2025 00:08
Copilot AI review requested due to automatic review settings December 12, 2025 00:08
blackgirlbytes
blackgirlbytes approved these changes Dec 12, 2025
View reviewed changes
Copy link
Contributor

@blackgirlbytes blackgirlbytes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving from a docs point of view

Copilot AI reviewed Dec 12, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR standardizes the naming convention for prompt injection detection configuration variables by converting them from lowercase with underscores to uppercase. This aligns with the existing naming convention used by all other configuration variables in the codebase (e.g., GOOSE_PROVIDER, OPENAI_API_KEY).

  • Updates variable names from security_prompt_enabled / security_prompt_threshold to SECURITY_PROMPT_ENABLED / SECURITY_PROMPT_THRESHOLD
  • Ensures consistency across TypeScript UI code, Rust backend code, and documentation

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
ui/desktop/src/utils/configUtils.ts Updated config label mappings to use uppercase variable names
ui/desktop/src/components/settings/security/SecurityToggle.tsx Updated TypeScript interface and all references to use uppercase variable names
documentation/docs/guides/security/prompt-injection-detection.md Updated example YAML configuration to use uppercase variable names
documentation/docs/guides/config-files.md Updated configuration reference table and example to use uppercase variable names
crates/goose/src/security/scanner.rs Updated Rust code to read SECURITY_PROMPT_THRESHOLD from config
crates/goose/src/security/mod.rs Updated Rust code to read SECURITY_PROMPT_ENABLED from config

@zanesq zanesq merged commit 469f99f into main Dec 12, 2025
22 checks passed
@zanesq zanesq deleted the fix/var-capitalisation-prompt-injection branch December 12, 2025 00:12
@github-actions
Copy link
Contributor

github-actions bot commented Dec 12, 2025
edited
Loading

PR Preview Action v1.6.0
Preview removed because the pull request was closed.
2025-12-12 00:15 UTC

katzdave added a commit that referenced this pull request Dec 12, 2025
@katzdave
Merge branch 'main' of github.com:block/goose into dkatz/openai-respo…
8f46e63 
…nses-streaming

* 'main' of github.com:block/goose:
  Fix community page mobile responsiveness and horizontal overflow (#6082)
  Tool reply meta (#6074)
  chore: avoid accidentally using native tls again (#6086)
  Update vars to be capitalised to be in line with other variables in config file (#6085)
  docs: restructure recipe reference (#5972)
  docs: configure custom providers (#6044)
  docs: Community All-Stars Spotlight November 2025, CodeTV Hackathon edition (#6070)
  fix: include file attachments in queued messages (#5961)
  fix(ui): prevent incorrect provider type suffix in update dialog #5908 (#5909)
  docs: mcp elicitation (#6060)
zanesq added a commit that referenced this pull request Dec 15, 2025
@zanesq
Merge branch 'main' of github.com:block/goose into zane/working-dir
00d0a12 
* 'main' of github.com:block/goose: (22 commits)
  Disallow subagents with no extensions (#5825)
  chore(deps): bump js-yaml in /documentation (#6093)
  feat: external goosed server (#5978)
  fix: Make datetime info message more explicit to prevent LLM confusion about current year (#6101)
  refactor: unify subagent and subrecipe tools into single tool (#5893)
  goose repo is too big for the issue solver workflow worker (#6099)
  fix: use system not developer role in db (#6098)
  Add /goose issue solver github workflow (#6068)
  OpenAI responses streaming (#5837)
  Canonical models for Providers (#5694)
  feat: add Inception provider for Mercury models (#6029)
  fix old sessions with tool results not loading (#6094)
  Fix community page mobile responsiveness and horizontal overflow (#6082)
  Tool reply meta (#6074)
  chore: avoid accidentally using native tls again (#6086)
  Update vars to be capitalised to be in line with other variables in config file (#6085)
  docs: restructure recipe reference (#5972)
  docs: configure custom providers (#6044)
  docs: Community All-Stars Spotlight November 2025, CodeTV Hackathon edition (#6070)
  fix: include file attachments in queued messages (#5961)
  ...

# Conflicts:
#	crates/goose-server/src/routes/agent.rs
#	crates/goose/src/agents/extension_manager.rs
#	ui/desktop/src/api/sdk.gen.ts
@github-actions github-actions bot mentioned this pull request Dec 16, 2025
Closed
zanesq added a commit that referenced this pull request Dec 16, 2025
@zanesq
Merge branch 'main' of github.com:block/goose into zane/session-exten…
014b624 
…sions

* 'main' of github.com:block/goose: (22 commits)
  Disallow subagents with no extensions (#5825)
  chore(deps): bump js-yaml in /documentation (#6093)
  feat: external goosed server (#5978)
  fix: Make datetime info message more explicit to prevent LLM confusion about current year (#6101)
  refactor: unify subagent and subrecipe tools into single tool (#5893)
  goose repo is too big for the issue solver workflow worker (#6099)
  fix: use system not developer role in db (#6098)
  Add /goose issue solver github workflow (#6068)
  OpenAI responses streaming (#5837)
  Canonical models for Providers (#5694)
  feat: add Inception provider for Mercury models (#6029)
  fix old sessions with tool results not loading (#6094)
  Fix community page mobile responsiveness and horizontal overflow (#6082)
  Tool reply meta (#6074)
  chore: avoid accidentally using native tls again (#6086)
  Update vars to be capitalised to be in line with other variables in config file (#6085)
  docs: restructure recipe reference (#5972)
  docs: configure custom providers (#6044)
  docs: Community All-Stars Spotlight November 2025, CodeTV Hackathon edition (#6070)
  fix: include file attachments in queued messages (#5961)
  ...

# Conflicts:
#	crates/goose-server/src/routes/agent.rs
#	crates/goose/src/agents/extension_manager.rs
#	ui/desktop/src/api/sdk.gen.ts
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@blackgirlbytes blackgirlbytes blackgirlbytes approved these changes

@zanesq zanesq zanesq approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dorien-koelemeijer @blackgirlbytes @zanesq