MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-04-24 20:14:44 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix(trust): Update config.isTrustedFolder (#7373)

Browse Source
This commit is contained in:
shrutip90
2025-08-28 19:41:33 -07:00
committed by GitHub
parent 9037f25df7
commit 2a0e69d833
11 changed files with 67 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/src/config/config.test.ts
+18 -40
View File
@@ -675,69 +675,47 @@ describe('Server Config (config.ts)', () => {
});
describe('setApprovalMode with folder trust', () => {
const baseParams: ConfigParameters = {
sessionId: 'test',
targetDir: '.',
debugMode: false,
model: 'test-model',
cwd: '.',
};
it('should throw an error when setting YOLO mode in an untrusted folder', () => {
const config = new Config({
sessionId: 'test',
targetDir: '.',
debugMode: false,
model: 'test-model',
cwd: '.',
trustedFolder: false, // Untrusted
});
const config = new Config(baseParams);
vi.spyOn(config, 'isTrustedFolder').mockReturnValue(false);
expect(() => config.setApprovalMode(ApprovalMode.YOLO)).toThrow(
'Cannot enable privileged approval modes in an untrusted folder.',
);
});
it('should throw an error when setting AUTO_EDIT mode in an untrusted folder', () => {
const config = new Config({
sessionId: 'test',
targetDir: '.',
debugMode: false,
model: 'test-model',
cwd: '.',
trustedFolder: false, // Untrusted
});
const config = new Config(baseParams);
vi.spyOn(config, 'isTrustedFolder').mockReturnValue(false);
expect(() => config.setApprovalMode(ApprovalMode.AUTO_EDIT)).toThrow(
'Cannot enable privileged approval modes in an untrusted folder.',
);
});
it('should NOT throw an error when setting DEFAULT mode in an untrusted folder', () => {
const config = new Config({
sessionId: 'test',
targetDir: '.',
debugMode: false,
model: 'test-model',
cwd: '.',
trustedFolder: false, // Untrusted
});
const config = new Config(baseParams);
vi.spyOn(config, 'isTrustedFolder').mockReturnValue(false);
expect(() => config.setApprovalMode(ApprovalMode.DEFAULT)).not.toThrow();
});
it('should NOT throw an error when setting any mode in a trusted folder', () => {
const config = new Config({
sessionId: 'test',
targetDir: '.',
debugMode: false,
model: 'test-model',
cwd: '.',
trustedFolder: true, // Trusted
});
const config = new Config(baseParams);
vi.spyOn(config, 'isTrustedFolder').mockReturnValue(true);
expect(() => config.setApprovalMode(ApprovalMode.YOLO)).not.toThrow();
expect(() => config.setApprovalMode(ApprovalMode.AUTO_EDIT)).not.toThrow();
expect(() => config.setApprovalMode(ApprovalMode.DEFAULT)).not.toThrow();
});
it('should NOT throw an error when setting any mode if trustedFolder is undefined', () => {
const config = new Config({
sessionId: 'test',
targetDir: '.',
debugMode: false,
model: 'test-model',
cwd: '.',
trustedFolder: undefined, // Undefined
});
const config = new Config(baseParams);
vi.spyOn(config, 'isTrustedFolder').mockReturnValue(true); // isTrustedFolder defaults to true
expect(() => config.setApprovalMode(ApprovalMode.YOLO)).not.toThrow();
expect(() => config.setApprovalMode(ApprovalMode.AUTO_EDIT)).not.toThrow();
expect(() => config.setApprovalMode(ApprovalMode.DEFAULT)).not.toThrow();
packages/core/src/config/config.ts
+13 -3
View File
@@ -572,7 +572,7 @@ export class Config {
}
setApprovalMode(mode: ApprovalMode): void {
if (this.isTrustedFolder() === false && mode !== ApprovalMode.DEFAULT) {
if (!this.isTrustedFolder() && mode !== ApprovalMode.DEFAULT) {
throw new Error(
'Cannot enable privileged approval modes in an untrusted folder.',
);
@@ -730,8 +730,18 @@ export class Config {
return this.folderTrust;
}
isTrustedFolder(): boolean | undefined {
return this.trustedFolder;
isTrustedFolder(): boolean {
// isWorkspaceTrusted in cli/src/config/trustedFolder.js returns undefined
// when the file based trust value is unavailable, since it is mainly used
// in the initialization for trust dialogs, etc. Here we return true since
// config.isTrustedFolder() is used for the main business logic of blocking
// tool calls etc in the rest of the application.
//
// Default value is true since we load with trusted settings to avoid
// restarts in the more common path. If the user chooses to mark the folder
// as untrusted, the CLI will restart and we will have the trust value
// reloaded.
return this.trustedFolder ?? true;
}
setIdeMode(value: boolean): void {