Change8

v1.28.0

Goose
View on GitHubDocumentation
22 features43 fixes13 improvementsclideveloperextensionsmcpshell

Summary

This release introduces significant new capabilities, including an adversarial agent for security and support for Claude adaptive thinking. Key fixes address issues with session persistence, tool handling across various providers, and stability improvements like resolving deadlocks and preventing hangs during process execution. Users will benefit from enhanced tracing, better configuration options for providers, and a streamlined onboarding experience.

New Features

  • Added an adversarial agent for preventing information leakage.
  • Enabled Claude adaptive thinking support.
  • Introduced a new onboarding flow for new users.
  • Enabled persistence of GooseMode settings per-session via the session database.
  • Propagated session.id to OpenTelemetry spans and log records for improved tracing.
  • Migrated the autovisualiser extension to MCP Apps.
  • Added ACP session/set_mode handler.
  • Added MCP Roots support.
  • Enabled loading hints in nested subdirectories.
  • Added ACP read tool for delegating filesystem I/O to ACP clients.
  • Introduced a Summarize tool for deterministic reads.
  • Added ACP providers for Claude Code and Codex.
  • Enabled capturing reasoning summaries from OpenAI Responses API.
  • Added MiniMax provider with an Anthropic-compatible API.
  • Added Tensorix as a declarative provider.
  • Added skill support for files individually loadable via load() in summon.
  • Added Avian as an LLM provider.
  • Combined TUI UX with publishing configuration.
  • Added a base path field for custom provider configuration.
  • Improved private channel detection for the Slack bot.
  • Enabled preferred microphone selection.
  • Enabled secret interpolation in streamable HTTP extension URLs.

Bug Fixes

  • Removed incorrect agent_visible filter on user message in claude-code.
  • Implemented retry logic on authentication failure with credential refresh.
  • Bumped pctx_code_mode to 0.3.0 to fix iterator type checking.
  • Passed session_id when loading extensions to ensure skills are discovered.
  • Added tool choice and parallel_tool_calls support for the chatgpt_codex provider.
  • Fixed tool confirmation handling for multiple requests.
  • Resolved tokio::sync::Mutex deadlock in the recipe retry path.
  • Stopped writing without error when hitting a broken pipe for goose session list.
  • Skipped upgrade-insecure-requests CSP for external HTTP backends.
  • Prevented hang when a command backgrounds a child process.
  • Added exit from the agent loop when tool call JSON fails to parse.
  • Prevented SSE connection drops from silently truncating responses.
  • Prevented SageMaker TGI from being marked configured when only Bedrock keys are set.
  • Disabled computercontroller functionality when no $DISPLAY is detected.
  • Registered MCP extensions when resuming a session.
  • Loaded .gitignore in prompt_manager for hint file filtering.
  • Remapped max_completion_tokens to max_tokens for OpenAI-compatible providers.
  • Preserved OpenAI Responses API tool call/output linkage.
  • Returned ContextLengthExceeded when the prompt exceeds the effective KV cache size.
  • Used \"includeThoughts/part.thought\" for Google thinking handling.
  • Fixed model selector showing the wrong model in tabs.
  • Avoided word splitting by space for Windows shell commands.
  • Unified path resolution around GOOSE_PATH_ROOT.
  • Passed OAuth scopes to DCR and extracted granted_scopes from the token response.
  • Ensured writing to the real file if config.yaml is a symlink.
  • Preserved pairings when stopping the gateway.
  • Sanitized streamable HTTP extension names derived from URLs.
  • Improved detection of keyring availability errors.
  • Removed insecure default secret from GOOSE_EXTERNAL_BACKEND.
  • Added #[serde(default)] to the description field on ExtensionConfig variants.
  • Restored smart-approve mode.
  • Made TLS configurable in the goosed agent via the GOOSE_TLS environment variable.
  • Added max turns configuration.
  • Implemented comparison of extension configs before skipping add_extension.
  • Ensured only viewable channels are added to Slack bot context.
  • Verified platform binary existence.
  • Replaced the global static output buffer with a per-instance TempDir.
  • Resolved parameters in the initial message with autosubmit.
  • Added analyzer extension in the recipe to maintain backwards compatibility.
  • Scoped empty session reuse to the current window to prevent session mixing.
  • Prevented abort in local inference.
  • Restored provider and extensions for LRU-evicted sessions.
  • Removed double dash in pnpm command.

Improvements

  • Upgraded Electron from 40.6.0 to 41.0.0.
  • Limited source code display to a maximum of 50 lines.
  • Kept messages in sync.
  • Added more ACP tools.
  • Switched to using pnpm for the Desktop Electron App.
  • Used constant-time comparison for authentication token validation.
  • Used camelCase in CallToolResponse and added type discriminators to ContentBlock.
  • Converted the Tanzu provider to declarative JSON configuration.
  • Simplified tokenizer initialization by removing the unnecessary Result wrapper.
  • Reduced server log verbosity.
  • Derived GooseMode string conversions using strum.
  • Updated to rmcp version 1.1.0.
  • Merged platform/builtin extensions.

Goose Documentation

mcpextensionsgetting started