Skip to content

feat(goose): implement agent configuration for workspace preparation #2192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bmahabirbu wants to merge 2 commits into
base: main
Choose a base branch
from
+138 −7
Open

feat(goose): implement agent configuration for workspace preparation #2192

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ad2d907
feat(goose): implement agent configuration for workspace preparation
bmahabirbu Jun 17, 2026
af81505
feat(goose): use proper YAML parsing to preserve comments and formatting
bmahabirbu Jun 18, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion extensions/goose/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@
"watch": "vite build --watch"
},
"dependencies": {
"@openkaiden/api": "workspace:*"
"@openkaiden/api": "workspace:*",
"yaml": "^2.8.2"

@coderabbitai coderabbitai Bot Jun 18, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Check yaml package version availability and security advisories

# Check npm registry for yaml package versions
echo "=== Checking yaml package versions ==="
npm view yaml versions --json | jq -r '.[-5:]'
echo ""
echo "Latest version:"
npm view yaml version

# Check for security advisories
echo ""
echo "=== Checking for security vulnerabilities ==="
npm audit --package-lock-only --json 2>/dev/null || echo "Note: Full audit requires package-lock.json"

# Alternative: Check via GitHub API for known vulnerabilities
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: NPM, package: "yaml") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

Repository: openkaiden/kaiden

Length of output: 1591

Update yaml package from 2.8.2 to 2.9.0 to resolve a MODERATE severity vulnerability.

Version 2.8.2 is affected by a Stack Overflow vulnerability via deeply nested YAML collections (published 2026-03-25). The minimum safe version is 2.8.3, but the latest stable release 2.9.0 is recommended.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@extensions/goose/package.json` at line 27, The yaml package dependency is
pinned to version 2.8.2 which contains a MODERATE severity Stack Overflow
vulnerability that can be triggered through deeply nested YAML collections.
Update the yaml package version constraint in the package.json file from
"^2.8.2" to "^2.9.0" to resolve this vulnerability. This will ensure the package
is updated to the latest stable release that includes the security fix.

},
"devDependencies": {
"adm-zip": "^0.5.16",
Expand Down
96 changes: 94 additions & 2 deletions extensions/goose/src/extension.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@
* SPDX-License-Identifier: Apache-2.0
***********************************************************************/

import type { Disposable, ExtensionContext } from '@openkaiden/api';
import type { AgentConfigurationFile, AgentWorkspaceContext, Disposable, ExtensionContext } from '@openkaiden/api';
import { agents } from '@openkaiden/api';
import { beforeEach, describe, expect, test, vi } from 'vitest';

import { activate } from './extension';
import { activate, GOOSE_CONFIG_PATH } from './extension';

const AGENT_DISPOSABLE_MOCK: Disposable = { dispose: vi.fn() };

Expand Down Expand Up @@ -74,4 +74,96 @@ describe('activate', () => {
expect(agent.isSupportedModelType!({ name: 'gemini' })).toBe(true);
expect(agent.isSupportedModelType!({ name: 'openai' })).toBe(true);
});

test('registers agent with config.yaml configuration file', async () => {
await activate(extensionContextMock);

const agent = vi.mocked(agents.registerAgent).mock.calls[0]![0];
expect(agent.configurationFiles).toHaveLength(1);
expect(agent.configurationFiles[0]!.path).toBe(GOOSE_CONFIG_PATH);
});

describe('preWorkspaceStart', () => {
function createContext(configFiles: AgentConfigurationFile[], modelLabel = 'gpt-4o'): AgentWorkspaceContext {
return {
model: {
model: { label: modelLabel },
},
configurationFiles: configFiles,
};
}
Comment on lines +87 to +94

@coderabbitai coderabbitai Bot Jun 18, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Check if workspace property is required in AgentWorkspaceContext

# Find the interface definition
echo "=== AgentWorkspaceContext interface definition ==="
ast-grep --pattern $'export interface AgentWorkspaceContext {
  $$$
}'

# Check for optional markers on workspace property
echo ""
echo "=== Checking workspace property definition ==="
rg -A2 -B2 'interface AgentWorkspaceContext' packages/extension-api/src/extension-api.d.ts

Repository: openkaiden/kaiden

Length of output: 1150

Add the required workspace property to the mock AgentWorkspaceContext.

The createContext helper is missing the workspace property, which is required (not optional) by the AgentWorkspaceContext interface. This will cause a TypeScript compilation error.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@extensions/goose/src/extension.spec.ts` around lines 87 - 94, The
createContext helper function is returning an object that is missing the
required workspace property from the AgentWorkspaceContext interface. Add the
workspace property to the returned object in the createContext function. The
workspace property should be a valid mock object that satisfies the
AgentWorkspaceContext interface requirements. Ensure all required properties of
the workspace object are included to resolve the TypeScript compilation error.


function createConfigFile(content = ''): AgentConfigurationFile & { updateMock: ReturnType<typeof vi.fn> } {
const updateMock = vi.fn();
const file: AgentConfigurationFile = {
path: GOOSE_CONFIG_PATH,
read: vi.fn().mockResolvedValue(content),
update: updateMock,
};
return Object.assign(file, { updateMock });
}

test('writes model configuration into config.yaml', async () => {
await activate(extensionContextMock);
const agent = vi.mocked(agents.registerAgent).mock.calls[0]![0];

const configFile = createConfigFile();
await agent.preWorkspaceStart(createContext([configFile]));

expect(configFile.updateMock).toHaveBeenCalledOnce();
expect(configFile.updateMock.mock.calls[0]![0]).toBe('GOOSE_MODEL: gpt-4o\n');
});

test('preserves existing configuration fields', async () => {
await activate(extensionContextMock);
const agent = vi.mocked(agents.registerAgent).mock.calls[0]![0];

const configFile = createConfigFile('GOOSE_PROVIDER: openai\nGOOSE_MODEL: old-model\n');
await agent.preWorkspaceStart(createContext([configFile], 'claude-sonnet'));

const written = configFile.updateMock.mock.calls[0]![0] as string;
expect(written).toContain('GOOSE_PROVIDER: openai');
expect(written).toContain('GOOSE_MODEL: claude-sonnet');
expect(written).not.toContain('old-model');
});

test('preserves existing YAML comments', async () => {
await activate(extensionContextMock);
const agent = vi.mocked(agents.registerAgent).mock.calls[0]![0];

const configFile = createConfigFile('# existing comment\nGOOSE_PROVIDER: openai\n');
await agent.preWorkspaceStart(createContext([configFile], 'claude-sonnet'));

const written = configFile.updateMock.mock.calls[0]![0] as string;
expect(written).toContain('# existing comment');
expect(written).toContain('GOOSE_PROVIDER: openai');
expect(written).toContain('GOOSE_MODEL: claude-sonnet');
});

test('handles empty config file', async () => {
await activate(extensionContextMock);
const agent = vi.mocked(agents.registerAgent).mock.calls[0]![0];

const configFile = createConfigFile('');
await agent.preWorkspaceStart(createContext([configFile], 'gemini-2.5-pro'));

expect(configFile.updateMock.mock.calls[0]![0]).toBe('GOOSE_MODEL: gemini-2.5-pro\n');
});

test('does nothing when config file is not in context', async () => {
await activate(extensionContextMock);
const agent = vi.mocked(agents.registerAgent).mock.calls[0]![0];

const updateMock = vi.fn();
const otherFile: AgentConfigurationFile = {
path: 'some/other/path.yaml',
read: vi.fn(),
update: updateMock,
};

await agent.preWorkspaceStart(createContext([otherFile]));

expect(updateMock).not.toHaveBeenCalled();
});
});
});
43 changes: 39 additions & 4 deletions extensions/goose/src/extension.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,30 @@
* SPDX-License-Identifier: Apache-2.0
***********************************************************************/

import type { ExtensionContext } from '@openkaiden/api';
import type { AgentWorkspaceContext, ExtensionContext } from '@openkaiden/api';
import { agents } from '@openkaiden/api';
import { isMap, parseDocument } from 'yaml';

export const GOOSE_CONFIG_PATH = '.goose/config.yaml';

function updateGooseModelConfig(content: string, modelLabel: string): string {
const document = parseDocument(content);

if (document.errors.length > 0) {
throw document.errors[0];
}

if (document.contents === null) {
document.contents = document.createNode({});
} else if (!isMap(document.contents)) {
throw new Error('Goose config must be a YAML mapping.');
}

document.set('GOOSE_MODEL', modelLabel);

const updatedContent = document.toString();
return updatedContent.endsWith('\n') ? updatedContent : `${updatedContent}\n`;
}

export async function activate(extensionContext: ExtensionContext): Promise<void> {
const disposable = agents.registerAgent({
Expand All @@ -30,16 +52,29 @@ export async function activate(extensionContext: ExtensionContext): Promise<void
},
command: 'goose',
acp: { args: ['acp'] },
configurationFiles: [],
configurationFiles: [
{
path: GOOSE_CONFIG_PATH,
async read(): Promise<string> {
return '';
},
},
],
destinationSkillsFolder: '${HOME}/.agents/skills',
isSupportedRuntime(runtime): boolean {
return runtime === 'podman';
},
isSupportedModelType(): boolean {
return true;
},
async preWorkspaceStart(): Promise<void> {
throw new Error('not implemented');
async preWorkspaceStart(context: AgentWorkspaceContext): Promise<void> {
const configFile = context.configurationFiles.find(f => f.path === GOOSE_CONFIG_PATH);
if (!configFile) {
return;
}

const content = await configFile.read();
await configFile.update(updateGooseModelConfig(content, context.model.model.label));
},
});
extensionContext.subscriptions.push(disposable);
Expand Down
3 changes: 3 additions & 0 deletions pnpm-lock.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.