fix(core): whitelist TERM and COLORTERM in environment sanitization (#20514)

Co-authored-by: Sri Pasumarthi <sripas@google.com> Co-authored-by: Sri Pasumarthi <111310667+sripasg@users.noreply.github.com>
2026-03-11 06:31:01 -07:00 · 2026-03-07 08:21:08 +05:30
parent 6c3a90645a
commit 33be30ab04
3 changed files with 30 additions and 5 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -320,11 +320,9 @@ npm run lint

 - Please adhere to the coding style, patterns, and conventions used throughout
  the existing codebase.
- Consult
-  [GEMINI.md](https://github.com/google-gemini/gemini-cli/blob/main/GEMINI.md)
-  (typically found in the project root) for specific instructions related to
-  AI-assisted development, including conventions for React, comments, and Git
-  usage.
+- Consult [GEMINI.md](../GEMINI.md) (typically found in the project root) for
+  specific instructions related to AI-assisted development, including
+  conventions for React, comments, and Git usage.
 - **Imports:** Pay special attention to import paths. The project uses ESLint to
  enforce restrictions on relative imports between packages.

--- a/packages/core/src/services/environmentSanitization.test.ts
+++ b/packages/core/src/services/environmentSanitization.test.ts
@@ -32,6 +32,29 @@ describe('sanitizeEnvironment', () => {
    expect(sanitized).toEqual(env);
  });

+  it('should allow TERM and COLORTERM environment variables', () => {
+    const env = {
+      TERM: 'xterm-256color',
+      COLORTERM: 'truecolor',
+    };
+    const sanitized = sanitizeEnvironment(env, EMPTY_OPTIONS);
+    expect(sanitized).toEqual(env);
+  });
+
+  it('should preserve TERM and COLORTERM even in strict sanitization mode', () => {
+    const env = {
+      GITHUB_SHA: 'abc123',
+      TERM: 'xterm-256color',
+      COLORTERM: 'truecolor',
+      SOME_OTHER_VAR: 'value',
+    };
+    const sanitized = sanitizeEnvironment(env, EMPTY_OPTIONS);
+    expect(sanitized).toEqual({
+      TERM: 'xterm-256color',
+      COLORTERM: 'truecolor',
+    });
+  });
+
  it('should allow variables prefixed with GEMINI_CLI_', () => {
    const env = {
      GEMINI_CLI_FOO: 'bar',
--- a/packages/core/src/services/environmentSanitization.ts
+++ b/packages/core/src/services/environmentSanitization.ts
@@ -69,6 +69,10 @@ export const ALWAYS_ALLOWED_ENVIRONMENT_VARIABLES: ReadonlySet<string> =
    'TMPDIR',
    'USER',
    'LOGNAME',
+    // Terminal capability variables (needed by editors like vim/emacs and
+    // interactive commands like top)
+    'TERM',
+    'COLORTERM',
    // GitHub Action-related variables
    'ADDITIONAL_CONTEXT',
    'AVAILABLE_LABELS',