MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-03-13 07:30:52 -07:00
Code Issues Packages Projects Releases Wiki Activity

feat(sandbox): add custom sandbox flags and orchestrator refactor

Browse Source
This commit is contained in:
Spencer
2026-02-27 20:27:03 +00:00
parent d7320f5425
commit 9a6a049ed8
13 changed files with 827 additions and 465 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
docs/cli/sandbox.md
View File

@@ -91,11 +91,21 @@ Built-in profiles (set via `SEATBELT_PROFILE` env var):
### Custom sandbox flags
For container-based sandboxing, you can inject custom flags into the `docker` or
`podman` command using the `SANDBOX_FLAGS` environment variable. This is useful
for advanced configurations, such as disabling security features for specific
use cases.
`podman` command using the `tools.sandboxFlags` setting in your `settings.json`
or the `SANDBOX_FLAGS` environment variable. This is useful for advanced
configurations, such as disabling security features for specific use cases.
**Example (Podman)**:
**Example (`settings.json`)**:
```json
{
"tools": {
"sandboxFlags": "--security-opt label=disable"
}
}
```
**Example (Environment variable)**:
To disable SELinux labeling for volume mounts, you can set the following:

2
docs/cli/settings.md
View File

@@ -106,6 +106,7 @@ they appear in the UI.
| UI Label | Setting | Description | Default |
| -------------------------------- | ------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| Sandbox Flags | `tools.sandboxFlags` | Additional flags to pass to the sandbox container engine (Docker or Podman). Environment variables can be used and will be expanded. | `""` |
| Enable Interactive Shell | `tools.shell.enableInteractiveShell` | Use node-pty for an interactive shell experience. Fallback to child_process still applies. | `true` |
| Show Color | `tools.shell.showColor` | Show color in shell output. | `false` |
| Use Ripgrep | `tools.useRipgrep` | Use ripgrep for file content search instead of the fallback implementation. Provides faster search performance. | `true` |
@@ -118,6 +119,7 @@ they appear in the UI.
| ------------------------------------- | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------- |
| Disable YOLO Mode | `security.disableYoloMode` | Disable YOLO mode, even if enabled by a flag. | `false` |
| Allow Permanent Tool Approval | `security.enablePermanentToolApproval` | Enable the "Allow for all future sessions" option in tool confirmation dialogs. | `false` |
| Auto-add to Policy | `security.autoAddPolicy` | Automatically add "Proceed always" approvals to your persistent policy. | `true` |
| Blocks extensions from Git | `security.blockGitExtensions` | Blocks installing and loading extensions from Git. | `false` |
| Extension Source Regex Allowlist | `security.allowedExtensions` | List of Regex patterns for allowed extensions. If nonempty, only extensions that match the patterns in this list are allowed. Overrides the blockGitExtensions setting. | `[]` |
| Folder Trust | `security.folderTrust.enabled` | Setting to track whether Folder trust is enabled. | `true` |