Requiring mode when injecting policy to prevent allowing all modes by default

This commit is contained in:
Keith Schaab
2026-04-06 15:44:51 +00:00
parent 6fb58bd31f
commit b96a26b4ef
24 changed files with 558 additions and 82 deletions
@@ -14,7 +14,7 @@ import {
type MockInstance,
} from 'vitest';
import { SimpleExtensionLoader } from './extensionLoader.js';
import { PolicyDecision } from '../policy/types.js';
import { PolicyDecision, MODES_BY_PERMISSIVENESS } from '../policy/types.js';
import type { Config, GeminiCLIExtension } from '../config/config.js';
import { type McpClientManager } from '../tools/mcp-client-manager.js';
import type { GeminiClient } from '../core/client.js';
@@ -59,12 +59,14 @@ describe('SimpleExtensionLoader', () => {
toolName: 'test-tool',
decision: PolicyDecision.ALLOW,
source: 'Extension (test-extension): policies.toml',
modes: MODES_BY_PERMISSIVENESS,
},
],
checkers: [
{
toolName: 'test-tool',
checker: { type: 'external', name: 'test-checker' },
modes: MODES_BY_PERMISSIVENESS,
source: 'Extension (test-extension): policies.toml',
},
],
+1 -1
View File
@@ -20,7 +20,7 @@
function sanitizeJsonString(jsonStr: string): string {
// Match a comma, optional whitespace/newlines, then another comma.
// Replace with just a comma + the captured whitespace.
// Loop to handle cases like `,,,` which would otherwise become `,,` on a single pass.
// Loop to handle cases like `,,` which would otherwise become `,` on a single pass.
let prev: string;
do {
prev = jsonStr;