MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-03-10 22:21:22 -07:00
Code Issues Packages Projects Releases Wiki Activity

feat: add strict seatbelt profiles and remove unusable closed profiles (#18876)

Browse Source
This commit is contained in:
Sandy Tao
2026-02-12 10:33:54 -08:00
committed by GitHub
parent 2d38623472
commit 2e91c03e08
8 changed files with 193 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/get-started/configuration.md
View File

@@ -1290,7 +1290,10 @@ the `advanced.excludedEnvVars` setting in your `settings.json` file.
few other folders, see
`packages/cli/src/utils/sandbox-macos-permissive-open.sb`) but allows other
operations.
- `strict`: Uses a strict profile that declines operations by default.
- `restrictive-open`: Declines operations by default, allows network.
- `strict-open`: Restricts both reads and writes to the working directory,
allows network.
- `strict-proxied`: Same as `strict-open` but routes network through proxy.
- `<profile_name>`: Uses a custom profile. To define a custom profile, create
a file named `sandbox-macos-<profile_name>.sb` in your project's `.gemini/`
directory (e.g., `my-project/.gemini/sandbox-macos-custom.sb`).