From d731c310c1d9b2fc706964956372ec980191f5c4 Mon Sep 17 00:00:00 2001
From: Mihai Bors <moreliciouscod@gmail.com>
Date: Sat, 7 Feb 2026 00:02:55 +0100
Subject: [PATCH] fix: RouteConfig.enable_suspicious_detection default
 overrides global enable_penetration_detection=False

RouteConfig.__init__ hardcoded enable_suspicious_detection=True, which
unconditionally overrode the global SecurityConfig.enable_penetration_detection
in _get_effective_penetration_setting(). This meant setting
enable_penetration_detection=False had no effect when a RouteConfig was present.

Changed the default to None and added a None check so route-level config only
overrides the global setting when explicitly set via decorators.

Fixes #72
---
 guard/core/checks/helpers.py | 5 +++--
 guard/decorators/base.py     | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/guard/core/checks/helpers.py b/guard/core/checks/helpers.py
index 6f7d438..6c5fbe2 100644
--- a/guard/core/checks/helpers.py
+++ b/guard/core/checks/helpers.py
@@ -285,8 +285,9 @@ def _get_effective_penetration_setting(
     penetration_enabled = config.enable_penetration_detection
 
     if route_config and hasattr(route_config, "enable_suspicious_detection"):
-        route_specific_detection = route_config.enable_suspicious_detection
-        penetration_enabled = route_specific_detection
+        if route_config.enable_suspicious_detection is not None:
+            route_specific_detection = route_config.enable_suspicious_detection
+            penetration_enabled = route_specific_detection
 
     return penetration_enabled, route_specific_detection
 
diff --git a/guard/decorators/base.py b/guard/decorators/base.py
index 854fc3c..30636f0 100644
--- a/guard/decorators/base.py
+++ b/guard/decorators/base.py
@@ -32,7 +32,7 @@ def __init__(self) -> None:
         self.max_request_size: int | None = None
         self.allowed_content_types: list[str] | None = None
         self.time_restrictions: dict[str, str] | None = None
-        self.enable_suspicious_detection: bool = True
+        self.enable_suspicious_detection: bool | None = None
         self.require_referrer: list[str] | None = None
         self.api_key_required: bool = False
         self.session_limits: dict[str, int] | None = None