From 38213d910cc7057e2780edae86cb89f8ce128477 Mon Sep 17 00:00:00 2001 From: "A.K.M. Adib" Date: Mon, 30 Mar 2026 18:14:08 -0400 Subject: [PATCH] format files --- docs/reference/policy-engine.md | 5 ++++- docs/tools/mcp-server.md | 6 +++++- packages/cli/src/commands/mcp/add.test.ts | 4 +++- packages/cli/src/commands/mcp/add.ts | 3 ++- packages/core/src/tools/mcp-client.ts | 1 - 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/docs/reference/policy-engine.md b/docs/reference/policy-engine.md index bcf892262a..eff9607c70 100644 --- a/docs/reference/policy-engine.md +++ b/docs/reference/policy-engine.md @@ -439,7 +439,10 @@ The Gemini CLI ships with a set of default policies to provide a safe out-of-the-box experience. - **Read-only tools** (like `read_file`, `glob`) are generally **allowed**. -- **MCP Read-only tools**: MCP tools that explicitly declare themselves as read-only via the `readOnlyHint` annotation are automatically allowed, but **only if tool sandboxing is enabled**. If sandboxing is disabled, they default to `ask_user`. +- **MCP Read-only tools**: MCP tools that explicitly declare themselves as + read-only via the `readOnlyHint` annotation are automatically allowed, but + **only if tool sandboxing is enabled**. If sandboxing is disabled, they + default to `ask_user`. - **Agent delegation** defaults to **`ask_user`** to ensure remote agents can prompt for confirmation, but local sub-agent actions are executed silently and checked individually. diff --git a/docs/tools/mcp-server.md b/docs/tools/mcp-server.md index 92f46f12a5..fc0341958f 100644 --- a/docs/tools/mcp-server.md +++ b/docs/tools/mcp-server.md @@ -653,7 +653,11 @@ When confirmation is required, users can choose: #### Read-only bypass -If an MCP tool provides a `readOnlyHint` in its metadata (annotations) AND tool sandboxing is enabled, the Gemini CLI will automatically execute it without prompting for confirmation, regardless of the configured approval mode. This ensures a seamless experience for safe, data-fetching operations while maintaining system security. +If an MCP tool provides a `readOnlyHint` in its metadata (annotations) AND tool +sandboxing is enabled, the Gemini CLI will automatically execute it without +prompting for confirmation, regardless of the configured approval mode. This +ensures a seamless experience for safe, data-fetching operations while +maintaining system security. ### 3. Execution diff --git a/packages/cli/src/commands/mcp/add.test.ts b/packages/cli/src/commands/mcp/add.test.ts index a69978af3c..3f58df8957 100644 --- a/packages/cli/src/commands/mcp/add.test.ts +++ b/packages/cli/src/commands/mcp/add.test.ts @@ -113,7 +113,9 @@ describe('mcp add command', () => { }, }); - const debugLoggerWarnSpy = vi.spyOn(debugLogger, 'warn').mockImplementation(() => {}); + const debugLoggerWarnSpy = vi + .spyOn(debugLogger, 'warn') + .mockImplementation(() => {}); await parser.parseAsync('add sandbox-server /path/to/server'); diff --git a/packages/cli/src/commands/mcp/add.ts b/packages/cli/src/commands/mcp/add.ts index 205608407f..1057999730 100644 --- a/packages/cli/src/commands/mcp/add.ts +++ b/packages/cli/src/commands/mcp/add.ts @@ -153,7 +153,8 @@ async function addMcpServer( sanitizationConfig: { enableEnvironmentVariableRedaction: true, allowedEnvironmentVariables: [], - blockedEnvironmentVariables: settings.merged.advanced?.excludedEnvVars ?? [], + blockedEnvironmentVariables: + settings.merged.advanced?.excludedEnvVars ?? [], }, emitMcpDiagnostic: () => {}, isTrustedFolder: () => true, diff --git a/packages/core/src/tools/mcp-client.ts b/packages/core/src/tools/mcp-client.ts index b9a4ce8b8b..e1f96d449a 100644 --- a/packages/core/src/tools/mcp-client.ts +++ b/packages/core/src/tools/mcp-client.ts @@ -2406,4 +2406,3 @@ export function isEnabled( ) ); } -