fix: enforce folder trust for workspace settings, skills, and context (#17596)

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-09 21:00:56 -07:00 · 2026-02-03 14:53:31 -08:00
parent d63c34b6e1
commit 71f46f1160
18 changed files with 1310 additions and 788 deletions
--- a/packages/cli/src/ui/AppContainer.tsx
+++ b/packages/cli/src/ui/AppContainer.tsx
@@ -224,7 +224,7 @@ export const AppContainer = (props: AppContainerProps) => {
  const activeHooks = useHookDisplayState();
  const [updateInfo, setUpdateInfo] = useState<UpdateObject | null>(null);
  const [isTrustedFolder, setIsTrustedFolder] = useState<boolean | undefined>(
-    isWorkspaceTrusted(settings.merged).isTrusted,
+    () => isWorkspaceTrusted(settings.merged).isTrusted,
  );

  const [queueErrorMessage, setQueueErrorMessage] = useState<string | null>(
--- a/packages/cli/src/ui/components/FolderTrustDialog.test.tsx
+++ b/packages/cli/src/ui/components/FolderTrustDialog.test.tsx
@@ -32,11 +32,12 @@ vi.mock('node:process', async () => {
 describe('FolderTrustDialog', () => {
  beforeEach(() => {
    vi.clearAllMocks();
+    vi.useRealTimers();
    mockedCwd.mockReturnValue('/home/user/project');
  });

  it('should render the dialog with title and description', () => {
-    const { lastFrame } = renderWithProviders(
+    const { lastFrame, unmount } = renderWithProviders(
      <FolderTrustDialog onSelect={vi.fn()} />,
    );

@@ -44,11 +45,12 @@ describe('FolderTrustDialog', () => {
    expect(lastFrame()).toContain(
      'Trusting a folder allows Gemini to execute commands it suggests.',
    );
+    unmount();
  });

  it('should display exit message and call process.exit and not call onSelect when escape is pressed', async () => {
    const onSelect = vi.fn();
-    const { lastFrame, stdin } = renderWithProviders(
+    const { lastFrame, stdin, unmount } = renderWithProviders(
      <FolderTrustDialog onSelect={onSelect} isRestarting={false} />,
    );

@@ -67,24 +69,27 @@ describe('FolderTrustDialog', () => {
      );
    });
    expect(onSelect).not.toHaveBeenCalled();
+    unmount();
  });

  it('should display restart message when isRestarting is true', () => {
-    const { lastFrame } = renderWithProviders(
+    const { lastFrame, unmount } = renderWithProviders(
      <FolderTrustDialog onSelect={vi.fn()} isRestarting={true} />,
    );

    expect(lastFrame()).toContain('Gemini CLI is restarting');
+    unmount();
  });

  it('should call relaunchApp when isRestarting is true', async () => {
    vi.useFakeTimers();
    const relaunchApp = vi.spyOn(processUtils, 'relaunchApp');
-    renderWithProviders(
+    const { unmount } = renderWithProviders(
      <FolderTrustDialog onSelect={vi.fn()} isRestarting={true} />,
    );
    await vi.advanceTimersByTimeAsync(250);
    expect(relaunchApp).toHaveBeenCalled();
+    unmount();
    vi.useRealTimers();
  });

@@ -106,7 +111,7 @@ describe('FolderTrustDialog', () => {
  });

  it('should not call process.exit when "r" is pressed and isRestarting is false', async () => {
-    const { stdin } = renderWithProviders(
+    const { stdin, unmount } = renderWithProviders(
      <FolderTrustDialog onSelect={vi.fn()} isRestarting={false} />,
    );

@@ -117,31 +122,35 @@ describe('FolderTrustDialog', () => {
    await waitFor(() => {
      expect(mockedExit).not.toHaveBeenCalled();
    });
+    unmount();
  });

  describe('directory display', () => {
    it('should correctly display the folder name for a nested directory', () => {
      mockedCwd.mockReturnValue('/home/user/project');
-      const { lastFrame } = renderWithProviders(
+      const { lastFrame, unmount } = renderWithProviders(
        <FolderTrustDialog onSelect={vi.fn()} />,
      );
      expect(lastFrame()).toContain('Trust folder (project)');
+      unmount();
    });

    it('should correctly display the parent folder name for a nested directory', () => {
      mockedCwd.mockReturnValue('/home/user/project');
-      const { lastFrame } = renderWithProviders(
+      const { lastFrame, unmount } = renderWithProviders(
        <FolderTrustDialog onSelect={vi.fn()} />,
      );
      expect(lastFrame()).toContain('Trust parent folder (user)');
+      unmount();
    });

    it('should correctly display an empty parent folder name for a directory directly under root', () => {
      mockedCwd.mockReturnValue('/project');
-      const { lastFrame } = renderWithProviders(
+      const { lastFrame, unmount } = renderWithProviders(
        <FolderTrustDialog onSelect={vi.fn()} />,
      );
      expect(lastFrame()).toContain('Trust parent folder ()');
+      unmount();
    });
  });
 });
--- a/packages/cli/src/ui/hooks/toolMapping.test.ts
+++ b/packages/cli/src/ui/hooks/toolMapping.test.ts
@@ -21,17 +21,6 @@ import {
 } from '@google/gemini-cli-core';
 import { ToolCallStatus } from '../types.js';

-vi.mock('@google/gemini-cli-core', async (importOriginal) => {
-  const actual =
-    await importOriginal<typeof import('@google/gemini-cli-core')>();
-  return {
-    ...actual,
-    debugLogger: {
-      warn: vi.fn(),
-    },
-  };
-});
-
 describe('toolMapping', () => {
  beforeEach(() => {
    vi.clearAllMocks();
--- a/packages/cli/src/ui/hooks/useThemeCommand.ts
+++ b/packages/cli/src/ui/hooks/useThemeCommand.ts
@@ -74,7 +74,6 @@ export const useThemeCommand = (
  const handleThemeSelect = useCallback(
    (themeName: string, scope: LoadableSettingScope) => {
      try {
-        // Merge user and workspace custom themes (workspace takes precedence)
        const mergedCustomThemes = {
          ...(loadedSettings.user.settings.ui?.customThemes || {}),
          ...(loadedSettings.workspace.settings.ui?.customThemes || {}),
--- a/packages/cli/src/ui/utils/textUtils.ts
+++ b/packages/cli/src/ui/utils/textUtils.ts
@@ -30,6 +30,18 @@ export const getAsciiArtWidth = (asciiArt: string): number => {
 *  code units so that surrogate‑pair emoji count as one "column".)
 * ---------------------------------------------------------------------- */

+/**
+ * Checks if a string contains only ASCII characters (0-127).
+ */
+export function isAscii(str: string): boolean {
+  for (let i = 0; i < str.length; i++) {
+    if (str.charCodeAt(i) > 127) {
+      return false;
+    }
+  }
+  return true;
+}
+
 // Cache for code points
 const MAX_STRING_LENGTH_TO_CACHE = 1000;
 const codePointsCache = new LRUCache<string, string[]>(
@@ -37,15 +49,8 @@ const codePointsCache = new LRUCache<string, string[]>(
 );

 export function toCodePoints(str: string): string[] {
-  // ASCII fast path - check if all chars are ASCII (0-127)
-  let isAscii = true;
-  for (let i = 0; i < str.length; i++) {
-    if (str.charCodeAt(i) > 127) {
-      isAscii = false;
-      break;
-    }
-  }
-  if (isAscii) {
+  // ASCII fast path
+  if (isAscii(str)) {
    return str.split('');
  }

@@ -68,6 +73,9 @@ export function toCodePoints(str: string): string[] {
 }

 export function cpLen(str: string): number {
+  if (isAscii(str)) {
+    return str.length;
+  }
  return toCodePoints(str).length;
 }

@@ -79,6 +87,9 @@ export function cpIndexToOffset(str: string, cpIndex: number): number {
 }

 export function cpSlice(str: string, start: number, end?: number): string {
+  if (isAscii(str)) {
+    return str.slice(start, end);
+  }
  // Slice by code‑point indices and re‑join.
  const arr = toCodePoints(str).slice(start, end);
  return arr.join('');