From 1a3be5e54f6f936f95d57428e78a1d2d0b330f91 Mon Sep 17 00:00:00 2001 From: Alex Gorevski Date: Fri, 20 Feb 2026 01:58:19 -0800 Subject: [PATCH] fix(config): change web_search.enabled default to false for explicit opt-in (#986) Network access (web search via DuckDuckGo) should require explicit user consent rather than being enabled by default. This aligns with the least-surprise principle and the project's secure-by-default policy: users must opt in to external network requests. Changes: - WebSearchConfig::default() now sets enabled: false - Serde default for enabled field changed from default_true to default (bool defaults to false) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- src/config/schema.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/config/schema.rs b/src/config/schema.rs index 04eee32..f47bb9d 100644 --- a/src/config/schema.rs +++ b/src/config/schema.rs @@ -909,7 +909,7 @@ fn default_http_timeout_secs() -> u64 { #[derive(Debug, Clone, Serialize, Deserialize, JsonSchema)] pub struct WebSearchConfig { /// Enable `web_search_tool` for web searches - #[serde(default = "default_true")] + #[serde(default)] pub enabled: bool, /// Search provider: "duckduckgo" (free, no API key) or "brave" (requires API key) #[serde(default = "default_web_search_provider")] @@ -940,7 +940,7 @@ fn default_web_search_timeout_secs() -> u64 { impl Default for WebSearchConfig { fn default() -> Self { Self { - enabled: true, + enabled: false, provider: default_web_search_provider(), brave_api_key: None, max_results: default_web_search_max_results(),