MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-26 19:53:18 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix security issue

Browse Source
This commit is contained in:
Christine Betts
2026-02-23 17:25:42 -05:00
parent dd58d49aac
commit 29ab667755
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/cli/src/config/extension-manager.ts
+8 -1
View File
@@ -763,7 +763,14 @@ Would you like to attempt to install via "git clone" instead?`,
if (config.policies) {
const policyPath = path.join(effectiveExtensionPath, config.policies);
if (fs.existsSync(policyPath)) {
const resolvedPolicyPath = path.resolve(policyPath);
const resolvedExtensionPath = path.resolve(effectiveExtensionPath);
if (!resolvedPolicyPath.startsWith(resolvedExtensionPath)) {
debugLogger.warn(
`[ExtensionManager] Extension "${config.name}" attempted to contribute a policy file outside its directory: "${config.policies}". Ignoring for security.`,
);
} else if (fs.existsSync(policyPath)) {
const result = await loadPoliciesFromToml(
[policyPath],
() => EXTENSION_POLICY_TIER,