MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-03 00:14:28 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): whitelist TERM and COLORTERM in environment sanitization (#20514)

Browse Source 
Co-authored-by: Sri Pasumarthi <sripas@google.com>
Co-authored-by: Sri Pasumarthi <111310667+sripasg@users.noreply.github.com>
This commit is contained in:
Arnav Raj
2026-03-07 08:21:08 +05:30
committed by GitHub
parent 6c3a90645a
commit 33be30ab04
3 changed files with 30 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CONTRIBUTING.md
+3 -5
View File
@@ -320,11 +320,9 @@ npm run lint
- Please adhere to the coding style, patterns, and conventions used throughout - Please adhere to the coding style, patterns, and conventions used throughout
the existing codebase. the existing codebase.
- Consult - Consult [GEMINI.md](../GEMINI.md) (typically found in the project root) for
[GEMINI.md](https://github.com/google-gemini/gemini-cli/blob/main/GEMINI.md) specific instructions related to AI-assisted development, including
(typically found in the project root) for specific instructions related to conventions for React, comments, and Git usage.
AI-assisted development, including conventions for React, comments, and Git
usage.
- **Imports:** Pay special attention to import paths. The project uses ESLint to - **Imports:** Pay special attention to import paths. The project uses ESLint to
enforce restrictions on relative imports between packages. enforce restrictions on relative imports between packages.
packages/core/src/services/environmentSanitization.test.ts
+23
View File
@@ -32,6 +32,29 @@ describe('sanitizeEnvironment', () => {
expect(sanitized).toEqual(env); expect(sanitized).toEqual(env);
}); });
it('should allow TERM and COLORTERM environment variables', () => {
const env = {
TERM: 'xterm-256color',
COLORTERM: 'truecolor',
};
const sanitized = sanitizeEnvironment(env, EMPTY_OPTIONS);
expect(sanitized).toEqual(env);
});
it('should preserve TERM and COLORTERM even in strict sanitization mode', () => {
const env = {
GITHUB_SHA: 'abc123',
TERM: 'xterm-256color',
COLORTERM: 'truecolor',
SOME_OTHER_VAR: 'value',
};
const sanitized = sanitizeEnvironment(env, EMPTY_OPTIONS);
expect(sanitized).toEqual({
TERM: 'xterm-256color',
COLORTERM: 'truecolor',
});
});
it('should allow variables prefixed with GEMINI_CLI_', () => { it('should allow variables prefixed with GEMINI_CLI_', () => {
const env = { const env = {
GEMINI_CLI_FOO: 'bar', GEMINI_CLI_FOO: 'bar',
packages/core/src/services/environmentSanitization.ts
+4
View File
@@ -69,6 +69,10 @@ export const ALWAYS_ALLOWED_ENVIRONMENT_VARIABLES: ReadonlySet<string> =
'TMPDIR', 'TMPDIR',
'USER', 'USER',
'LOGNAME', 'LOGNAME',
// Terminal capability variables (needed by editors like vim/emacs and
// interactive commands like top)
'TERM',
'COLORTERM',
// GitHub Action-related variables // GitHub Action-related variables
'ADDITIONAL_CONTEXT', 'ADDITIONAL_CONTEXT',
'AVAILABLE_LABELS', 'AVAILABLE_LABELS',