mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-07-04 07:07:16 -07:00
feat(core): use shell for file operations under sandboxing
When `security.toolSandboxing` is enabled, the CLI now excludes the lower-fidelity tools (`grep_search`, `replace`, `write_file`, `read_file`) from the main agent. Instead, it relies on `run_shell_command` (e.g. `sed`, `grep`, `cat`, `echo >`) to perform these actions. To maintain UX and telemetry parity, `run_shell_command` now infers common file operations. When detected: - The UI title is updated to a high-fidelity display (e.g. "Shell (Read File)", "Shell (Replace)"). - File editing/writing commands (like `sed -i` or `echo >`) generate a predicted diff view for the user during confirmation. - The execution emits the standard `FileOperationEvent` telemetry using the canonical tool names, ensuring metrics consistency.
This commit is contained in:
@@ -42,7 +42,7 @@ export function mapToDisplay(
|
||||
if (call.status === CoreToolCallStatus.Error) {
|
||||
description = JSON.stringify(call.request.args);
|
||||
} else {
|
||||
description = call.invocation.getDescription();
|
||||
description = typeof call.invocation.getDisplayTitle === 'function' ? call.invocation.getDisplayTitle() : call.invocation.getDescription();
|
||||
renderOutputAsMarkdown = call.tool.isOutputMarkdown;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user