MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-04-14 23:31:13 -07:00
Code Issues Packages Projects Releases Wiki Activity

chore: switch from keytar to @github/keytar (#25143)

Browse Source
This commit is contained in:
Coco Sheng
2026-04-10 17:20:26 -04:00
committed by GitHub
parent e2a5231e30
commit 35907057ad
7 changed files with 32 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/core/package.json
View File

@@ -91,13 +91,13 @@
"zod-to-json-schema": "^3.25.1"
},
"optionalDependencies": {
"@github/keytar": "^7.10.6",
"@lydell/node-pty": "1.1.0",
"@lydell/node-pty-darwin-arm64": "1.1.0",
"@lydell/node-pty-darwin-x64": "1.1.0",
"@lydell/node-pty-linux-x64": "1.1.0",
"@lydell/node-pty-win32-arm64": "1.1.0",
"@lydell/node-pty-win32-x64": "1.1.0",
"keytar": "^7.9.0",
"node-pty": "^1.0.0"
},
"devDependencies": {

2
packages/core/src/services/keychainService.test.ts
View File

@@ -42,7 +42,7 @@ const mockFileKeychain: MockKeychain = {
findCredentials: vi.fn(),
};
vi.mock('keytar', () => ({ default: mockKeytar }));
vi.mock('@github/keytar', () => ({ default: mockKeytar }));
vi.mock('./fileKeychain.js', () => ({
FileKeychain: vi.fn(() => mockFileKeychain),

8
packages/core/src/services/keychainService.ts
View File

@@ -22,7 +22,7 @@ import { FileKeychain } from './fileKeychain.js';
export const FORCE_FILE_STORAGE_ENV_VAR = 'GEMINI_FORCE_FILE_STORAGE';
/**
* Service for interacting with OS-level secure storage (e.g. keytar).
* Service for interacting with OS-level secure storage (e.g. @github/keytar).
*/
export class KeychainService {
// Track an ongoing initialization attempt to avoid race conditions.
@@ -119,7 +119,7 @@ export class KeychainService {
}
/**
* Attempts to load and verify the native keychain module (keytar).
* Attempts to load and verify the native keychain module (@github/keytar).
*/
private async getNativeKeychain(): Promise<Keychain | null> {
try {
@@ -152,7 +152,7 @@ export class KeychainService {
// Low-level dynamic loading and structural validation.
private async loadKeychainModule(): Promise<Keychain | null> {
const moduleName = 'keytar';
const moduleName = '@github/keytar';
const module: unknown = await import(moduleName);
const potential = (isRecord(module) && module['default']) || module;
@@ -189,7 +189,7 @@ export class KeychainService {
*/
private isMacOSKeychainAvailable(): boolean {
// Probing via the `security` CLI avoids a blocking OS-level popup that
// occurs when calling keytar without a configured keychain.
// occurs when calling @github/keytar without a configured keychain.
const result = spawnSync('security', ['default-keychain'], {
encoding: 'utf8',
// We pipe stdout to read the path, but ignore stderr to suppress

2
packages/core/src/services/keychainTypes.ts
View File

@@ -8,7 +8,7 @@ import { z } from 'zod';
/**
* Interface for OS-level secure storage operations.
* Note: Method names must match the underlying library (e.g. keytar)
* Note: Method names must match the underlying library (e.g. @github/keytar)
* to support correct dynamic loading and schema validation.
*/
export interface Keychain {