block
Basically just doesnt work anymore
No matter what model, provider, etc
i have the latest version,
checked the latest model names
was working before perfectly
any provider i choose, i get a 404 error response. ALWAYS
any provider.
and i know i have API credits,
and not just that, i get the same with free openrouter models
everything every config, model, provider, etc.
always 404 error "no endpoint for this" its always endpoint endpoint endpoint 404 error.
also i cant configure my github copilot even though i pay for a pro subscription for it and its be properly integrated into my keyring for macOS..
use it fine with vscode insiders, use every other model i mentioned above fine with Cline, Roo Code, Cascade in windsurf, etc.
Goose, desktop or CLi simply just DOES NOT WORK.
i would show you screenshots and reproducing the problem, but its EVERYTHING. nothing i do fixes it. EVERYTHING i try i get the exact same issue.
claude code in CLI works, Manus works, Cline Cascade, BlackboxAI, github copilot, any other agent i use LMSTUDIO, etc. EVERYTHING WORKS except for Goose. which sucks because it used to work so well. Now it does nothing but give me 404 errors
@dead-developers can you try removing both ~/.config/goose and ~/.local/share/goose and then running "goose configure" again?
Anthropic returns rate limit errors after I configure it in Goose Desktop (following the quick start guide):
- Click 'Configure' on Anthropic from the Provider Configuration Settings
- The ANTHROPIC_API_KEY is reset to the value 'true':
- Paste my valid API key into the field
- The ANTHROPIC_API_KEY is set to the key:
- Click 'Submit'. In the Developer Tools console, I can see the API key value output a second time
- There is a 404 logged on a
POSTtohttp://127.0.0.1:58248/config/read:
- I can see more
POSTrequests to the same endpoint, all returning 200
If I prompt claude-3-5-sonnet-latest with the Quickstart prompt in an empty directory:
create an interactive browser-based tic-tac-toe game in javascript where a player competes against a bot
I receive this error:
I then go back into the Provider Config screen, click 'Configure' on Anthropic, and the field is reset to the value 'true':
Next, I restarted Goose Desktop and tried the same prompt in the same directory, with a similar result:
I open up Keychain Access and find the goose entry and reveal the contents ("Show password"):
I examined the entire JSON object and confirmed that all the provider API keys I configured in Goose Desktop, including the Anthropic key, are present in it.
The contents of my ~/.config/goose/config.yaml:
OPENAI_HOST: https://api.openai.com
GOOSE_MODEL: claude-3-5-sonnet-latest
ANTHROPIC_HOST: https://api.anthropic.com
OLLAMA_HOST: localhost
GOOSE_PROVIDER: anthropic
extensions:
computercontroller:
bundled: true
display_name: Computer Controller
enabled: false
name: computercontroller
timeout: 300
type: builtin
developer:
bundled: true
display_name: Developer
enabled: true
name: developer
timeout: 300
type: builtin
jetbrains:
bundled: true
display_name: Jetbrains
enabled: false
name: jetbrains
timeout: 300
type: builtin
memory:
bundled: true
display_name: Memory
enabled: false
name: memory
timeout: 300
type: builtin
tutorial:
bundled: true
display_name: Tutorial
enabled: false
name: tutorial
timeout: 300
type: builtin
OPENAI_BASE_PATH: v1/chat/completions
My other external providers are OpenAI and Google Gemini. I do get a complete response from OpenAI (gpt-4o and o4-mini), but get a rate limit error with Gemini (gemini-2.0-pro-exp-02-05):
I installed Goose via brew install --cask block-goose and have never used the CLI.
^^^ I have basically the same exact problems! especially with gemini. Even though my Gemini API key is connected to a Google Workspace Project with a proper billing account that is not behind in payments and is active (and I just checked - has ZERO requests in its log so the rate limit errors are very frustrating)
that and not being able to be able to use my GitHub copilot (Pro paid subscription) as the model in the Goose assistant, also very frustrating.
I just saw this so im going to do as
@dead-developers can you try removing both ~/.config/goose and ~/.local/share/goose and then running "goose configure" again?
suggested, but I would just like to point out that, I may be over paranoid, but I feel like the developer console logging the plain text API keys like in the response above shows, couldnt possibly be a good idea. Maybe not a huge security threat right now, but it only takes one clever bad actor and a cleverly social engineering attack, say something as simple as getting your goose assistant to visit a link that is actually a BEEF hook, or a malicious MCP Server cleverly obfuscating some sort of similar spyware..
I feel like it could ONLY lead to something bad, and that no one will EVER say "thank God my paid API key was fully exposed in my network logs!"
its fairly easy to ****** those values in the backend and network logs.. im not sure it warrants submitting a separate issue over, but just thought I would throw it out there.
I am not going to remove goose in .config/ and .local/share/ and run goose configure again and will update
Plaintext keys are very very bad - they will be hoovered by poisoned pacakges, adversaries, etc. See https://attack.mitre.org/techniques/T1654/
did you manage to solve this @dead-developers ? I think we solved the issue of storing the keys in the logs for gemini if that is what was going on here
I'm hoping this has been fixed since I haven't heard about this anymore, so closing for now. feel free to reopen if it occurs again