From d2b1009e9f08eec86060fa6cad205f1a86a18da1 Mon Sep 17 00:00:00 2001 From: davidapierce Date: Mon, 22 Jun 2026 17:42:11 +0000 Subject: [PATCH] Update public workflow trust, readme, and run formatter. --- .../gemini-automated-issue-dedup.yml | 1 - .../gemini-automated-issue-triage.yml | 28 +-- .github/workflows/gemini-cli-bot-brain.yml | 2 - .../gemini-scheduled-issue-triage.yml | 2 - README.md | 10 + docs/changelogs/index.md | 3 - docs/cli/gemini-md.md | 2 - docs/cli/plan-mode.md | 1 - docs/cli/session-management.md | 1 - docs/cli/system-prompt.md | 2 - docs/cli/telemetry.md | 5 - docs/cli/trusted-folders.md | 10 + docs/ide-integration/ide-companion-spec.md | 2 - docs/ide-integration/index.md | 4 - docs/local-development.md | 2 - docs/reference/commands.md | 4 - docs/reference/configuration.md | 194 ------------------ docs/release-confidence.md | 6 - docs/releases.md | 2 - docs/resources/quota-and-pricing.md | 1 - docs/resources/troubleshooting.md | 13 -- docs/tools/ask-user.md | 2 - docs/tools/mcp-server.md | 1 - .../src/ui/commands/extensionsCommand.test.ts | 6 +- 24 files changed, 31 insertions(+), 273 deletions(-) diff --git a/.github/workflows/gemini-automated-issue-dedup.yml b/.github/workflows/gemini-automated-issue-dedup.yml index ff64f76897..1244c52220 100644 --- a/.github/workflows/gemini-automated-issue-dedup.yml +++ b/.github/workflows/gemini-automated-issue-dedup.yml @@ -68,7 +68,6 @@ jobs: ISSUE_NUMBER: '${{ github.event.issue.number }}' REPOSITORY: '${{ github.repository }}' FIRESTORE_PROJECT: '${{ vars.FIRESTORE_PROJECT }}' - GEMINI_CLI_TRUST_WORKSPACE: 'true' with: upload_artifacts: 'true' gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' diff --git a/.github/workflows/gemini-automated-issue-triage.yml b/.github/workflows/gemini-automated-issue-triage.yml index 631c6498ee..46182bc8cd 100644 --- a/.github/workflows/gemini-automated-issue-triage.yml +++ b/.github/workflows/gemini-automated-issue-triage.yml @@ -131,19 +131,6 @@ jobs: core.info(`Found ${labelNames.length} labels: ${labelNames.join(', ')}`); return labelNames; - - name: 'Prepare Issue Data' - id: 'prepare_issue_data' - env: - ISSUE_TITLE: >- - ${{ github.event_name == 'workflow_dispatch' && steps.get_issue_data.outputs.title || github.event.issue.title }} - ISSUE_BODY: >- - ${{ github.event_name == 'workflow_dispatch' && steps.get_issue_data.outputs.body || github.event.issue.body }} - run: | - set -euo pipefail - echo "Title: ${ISSUE_TITLE}" > issue_context.md - echo "Body:" >> issue_context.md - echo "${ISSUE_BODY}" >> issue_context.md - - name: 'Run Gemini Issue Analysis' uses: 'google-github-actions/run-gemini-cli@a3bf79042542528e91937b3a3a6fbc4967ee3c31' # ratchet:google-github-actions/run-gemini-cli@v0 id: 'gemini_issue_analysis' @@ -153,7 +140,6 @@ jobs: ${{ github.event_name == 'workflow_dispatch' && (github.event.inputs.issue_number || inputs.issue_number) || github.event.issue.number }} REPOSITORY: '${{ github.repository }}' AVAILABLE_LABELS: '${{ steps.get_labels.outputs.available_labels }}' - GEMINI_CLI_TRUST_WORKSPACE: 'true' with: upload_artifacts: 'true' gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' @@ -171,10 +157,7 @@ jobs: "target": "gcp" }, "tools": { - "core": [ - "run_shell_command(echo)", - "read_file" - ] + "core": [] } } prompt: |- @@ -182,8 +165,15 @@ jobs: You are an issue triage assistant. Your role is to analyze a GitHub issue and determine the single most appropriate area/ label based on the definitions provided. + ## Issue Context + Title: ${{ github.event_name == 'workflow_dispatch' && steps.get_issue_data.outputs.title || github.event.issue.title }} + Body: + --- START OF ISSUE BODY --- + ${{ github.event_name == 'workflow_dispatch' && steps.get_issue_data.outputs.body || github.event.issue.body }} + --- END OF ISSUE BODY --- + ## Steps - 1. Use the read_file tool to read the file "issue_context.md" which contains the issue title and body. + 1. Analyze the issue context above. 2. Review the available labels: ${{ env.AVAILABLE_LABELS }}. 3. Select exactly one area/ label that best matches the issue based on Reference 1: Area Definitions. 4. Fallback Logic: diff --git a/.github/workflows/gemini-cli-bot-brain.yml b/.github/workflows/gemini-cli-bot-brain.yml index 88e2c9231d..6a89645bdd 100644 --- a/.github/workflows/gemini-cli-bot-brain.yml +++ b/.github/workflows/gemini-cli-bot-brain.yml @@ -48,8 +48,6 @@ jobs: contents: 'read' issues: 'read' actions: 'read' - env: - GEMINI_CLI_TRUST_WORKSPACE: 'true' steps: - name: 'Determine Checkout Ref' id: 'determine_ref' diff --git a/.github/workflows/gemini-scheduled-issue-triage.yml b/.github/workflows/gemini-scheduled-issue-triage.yml index c65d0632b0..24f5541d02 100644 --- a/.github/workflows/gemini-scheduled-issue-triage.yml +++ b/.github/workflows/gemini-scheduled-issue-triage.yml @@ -176,7 +176,6 @@ jobs: REPOSITORY: '${{ github.repository }}' AVAILABLE_LABELS: '${{ steps.get_labels.outputs.available_labels }}' CLI_VERSION: '${{ steps.get_version.outputs.version }}' - GEMINI_CLI_TRUST_WORKSPACE: 'true' GEMINI_EXP: 'gemini_exp.json' GEMINI_STRICT_TELEMETRY_LIMITS: 'true' GEMINI_MODEL: 'gemini-3-flash-preview' @@ -301,7 +300,6 @@ jobs: REPOSITORY: '${{ github.repository }}' AVAILABLE_LABELS: '${{ steps.get_labels.outputs.available_labels }}' CLI_VERSION: '${{ steps.get_version.outputs.version }}' - GEMINI_CLI_TRUST_WORKSPACE: 'true' GEMINI_EXP: 'gemini_exp.json' GEMINI_STRICT_TELEMETRY_LIMITS: 'true' GEMINI_MODEL: 'gemini-3-flash-preview' diff --git a/README.md b/README.md index 20813de3eb..f185e2a1e6 100644 --- a/README.md +++ b/README.md @@ -143,6 +143,16 @@ Integrate Gemini CLI directly into your GitHub workflows with - **Custom Workflows**: Build automated, scheduled and on-demand workflows tailored to your team's needs + +> [!WARNING] +> **Security best practice for public repositories:** Never set +> `GEMINI_CLI_TRUST_WORKSPACE=true` or use `--skip-trust` in CI/CD workflows +> that process untrusted public inputs (like issue titles/bodies or PR comments). +> Doing so can expose dynamically generated runner secrets (such as GCP OIDC +> service account credentials) to prompt injection attacks. See the +> [Trusted Folders documentation](https://www.geminicli.com/docs/cli/trusted-folders) +> for more information. + ## πŸ” Authentication Options Choose the authentication method that best fits your needs: diff --git a/docs/changelogs/index.md b/docs/changelogs/index.md index f57a976523..0e33755a8f 100644 --- a/docs/changelogs/index.md +++ b/docs/changelogs/index.md @@ -507,7 +507,6 @@ on GitHub. headlessly in notebook cells or interactively in the built-in terminal ([pic](https://imgur.com/a/G0Tn7vi)) - πŸŽ‰**Gemini CLI Extensions:** - - **Conductor:** Planning++, Gemini works with you to build out a detailed plan, pull in extra details as needed, ultimately to give the LLM guardrails with artifacts. Measure twice, implement once! @@ -636,7 +635,6 @@ on GitHub. - **Announcement:** [https://developers.googleblog.com/en/making-the-terminal-beautiful-one-pixel-at-a-time/](https://developers.googleblog.com/en/making-the-terminal-beautiful-one-pixel-at-a-time/) - **πŸŽ‰ New partner extensions:** - - **Arize:** Seamlessly instrument AI applications with Arize AX and grant direct access to Arize support: @@ -676,7 +674,6 @@ on GitHub. ![Codebase investigator subagent in Gemini CLI.](https://i.imgur.com/4J1njsx.png) - **πŸŽ‰ New partner extensions:** - - **πŸ€— Hugging Face extension:** Access the Hugging Face hub. ([gif](https://drive.google.com/file/d/1LEzIuSH6_igFXq96_tWev11svBNyPJEB/view?usp=sharing&resourcekey=0-LtPTzR1woh-rxGtfPzjjfg)) diff --git a/docs/cli/gemini-md.md b/docs/cli/gemini-md.md index 1e3cdad3b7..8c414a7b1c 100644 --- a/docs/cli/gemini-md.md +++ b/docs/cli/gemini-md.md @@ -16,12 +16,10 @@ sends them to the model with every prompt. The CLI loads files in the following order: 1. **Global context file:** - - **Location:** `~/.gemini/GEMINI.md` (in your user home directory). - **Scope:** Provides default instructions for all your projects. 2. **Environment and workspace context files:** - - **Location:** The CLI searches for `GEMINI.md` files in your configured workspace directories and their parent directories. - **Scope:** Provides context relevant to the projects you are currently diff --git a/docs/cli/plan-mode.md b/docs/cli/plan-mode.md index 4e84caf06b..a0b621aaf0 100644 --- a/docs/cli/plan-mode.md +++ b/docs/cli/plan-mode.md @@ -64,7 +64,6 @@ Gemini CLI takes action. reach an informal agreement on the approach before proceeding. 3. **Review the plan:** Once you've agreed on the strategy, Gemini CLI creates a detailed implementation plan as a Markdown file in your plans directory. - - **View:** You can open and read this file to understand the proposed changes. - **Edit:** Press `Ctrl+X` to open the plan directly in your configured diff --git a/docs/cli/session-management.md b/docs/cli/session-management.md index c18dd1523d..74bc4a4337 100644 --- a/docs/cli/session-management.md +++ b/docs/cli/session-management.md @@ -202,7 +202,6 @@ becoming too large and expensive. exchanges) allowed in a single session. Set to `-1` for unlimited (default). **Behavior when limit is reached:** - - **Interactive mode:** The CLI shows an informational message and stops sending requests to the model. You must manually start a new session. - **Non-interactive mode:** The CLI exits with an error. diff --git a/docs/cli/system-prompt.md b/docs/cli/system-prompt.md index 1f7fe9bdd6..9667e7de86 100644 --- a/docs/cli/system-prompt.md +++ b/docs/cli/system-prompt.md @@ -27,13 +27,11 @@ via a `.gemini/.env` file. See [Persisting Environment Variables](../get-started/authentication.mdx#persisting-environment-variables). - Use the project default path (`.gemini/system.md`): - - `GEMINI_SYSTEM_MD=true` or `GEMINI_SYSTEM_MD=1` - The CLI reads `./.gemini/system.md` (relative to your current project directory). - Use a custom file path: - - `GEMINI_SYSTEM_MD=/absolute/path/to/my-system.md` - Relative paths are supported and resolved from the current working directory. diff --git a/docs/cli/telemetry.md b/docs/cli/telemetry.md index a1d44eeb23..2f42c16c29 100644 --- a/docs/cli/telemetry.md +++ b/docs/cli/telemetry.md @@ -64,7 +64,6 @@ and Cloud Logging. You must complete several setup steps before enabling Google Cloud telemetry. 1. Set your Google Cloud project ID: - - To send telemetry to a separate project: **macOS/Linux** @@ -94,10 +93,8 @@ You must complete several setup steps before enabling Google Cloud telemetry. ``` 2. Authenticate with Google Cloud using one of these methods: - - **Method A: Application Default Credentials (ADC)**: Use this method for service accounts or standard `gcloud` authentication. - - For user accounts: ```bash gcloud auth application-default login @@ -115,7 +112,6 @@ You must complete several setup steps before enabling Google Cloud telemetry. ```powershell $env:GOOGLE_APPLICATION_CREDENTIALS="C:\path\to\your\service-account.json" ``` - * **Method B: CLI Auth** (Direct export only): Simplest method for local users. Gemini CLI uses the same OAuth credentials you used for login. To enable this, set `useCliAuth: true` in your `.gemini/settings.json`: @@ -137,7 +133,6 @@ You must complete several setup steps before enabling Google Cloud telemetry. > telemetry will be disabled. 3. Ensure your account or service account has these IAM roles: - - Cloud Trace Agent - Monitoring Metric Writer - Logs Writer diff --git a/docs/cli/trusted-folders.md b/docs/cli/trusted-folders.md index cbcf5b7fd0..52aa21203c 100644 --- a/docs/cli/trusted-folders.md +++ b/docs/cli/trusted-folders.md @@ -117,6 +117,16 @@ the following methods: These methods will trust the current workspace for the duration of the session without prompting. + +> [!WARNING] +> **Never set `GEMINI_CLI_TRUST_WORKSPACE=true` or use `--skip-trust` in CI/CD +> workflows that process untrusted public inputs** (such as GitHub issues, pull +> requests, or comments). Doing so allows a malicious contributor to commit a +> crafted `.gemini/settings.json` file in their pull request, register +> arbitrary tools (including shell execution), and exfiltrate dynamically +> generated runner secrets (such as GCP service account credentials or AWS keys) +> via prompt injection. + For detailed instructions on managing folder trust within CI/CD workflows, review the [Gemini CLI trust guidance for GitHub Actions](https://github.com/google-github-actions/run-gemini-cli/blob/main/docs/trust-guidance.md). diff --git a/docs/ide-integration/ide-companion-spec.md b/docs/ide-integration/ide-companion-spec.md index e03e167d42..eb4e24bd82 100644 --- a/docs/ide-integration/ide-companion-spec.md +++ b/docs/ide-integration/ide-companion-spec.md @@ -56,7 +56,6 @@ creating a "discovery file." } } ``` - - `port` (number, required): The port of the MCP server. - `workspacePath` (string, required): A list of all open workspace root paths, delimited by the OS-specific path separator (`:` for Linux/macOS, `;` for @@ -188,7 +187,6 @@ The plugin **MUST** register an `openDiff` tool on its MCP server. - **Response (`CallToolResult`):** The tool **MUST** immediately return a `CallToolResult` to acknowledge the request and report whether the diff view was successfully opened. - - On Success: If the diff view was opened successfully, the response **MUST** contain empty content (that is, `content: []`). - On Failure: If an error prevented the diff view from opening, the response diff --git a/docs/ide-integration/index.md b/docs/ide-integration/index.md index 428fe55808..cc3b150c1a 100644 --- a/docs/ide-integration/index.md +++ b/docs/ide-integration/index.md @@ -27,7 +27,6 @@ AI-generated code changes directly within your editor. - **Workspace context:** The CLI automatically gains awareness of your workspace to provide more relevant and accurate responses. This context includes: - - The **10 most recently accessed files** in your workspace. - Your active cursor position. - Any text you have selected (up to a 16KB limit; longer selections will be @@ -229,7 +228,6 @@ If you are using Gemini CLI within a sandbox, be aware of the following: - **Message:** `πŸ”΄ Disconnected: Failed to connect to IDE companion extension in [IDE Name]. Please ensure the extension is running. To install the extension, run /ide install.` - - **Cause:** Gemini CLI could not find the necessary environment variables (`GEMINI_CLI_IDE_WORKSPACE_PATH` or `GEMINI_CLI_IDE_SERVER_PORT`) to connect to the IDE. This usually means the IDE companion extension is not running or @@ -272,7 +270,6 @@ to connect using the provided PID. - **Message:** `πŸ”΄ Disconnected: Directory mismatch. Gemini CLI is running in a different location than the open workspace in [IDE Name]. Please run the CLI from one of the following directories: [List of directories]` - - **Cause:** The CLI's current working directory is outside the workspace you have open in your IDE. - **Solution:** `cd` into the same directory that is open in your IDE and @@ -287,7 +284,6 @@ to connect using the provided PID. - **Message:** `IDE integration is not supported in your current environment. To use this feature, run Gemini CLI in one of these supported IDEs: [List of IDEs]` - - **Cause:** You are running Gemini CLI in a terminal or environment that is not a supported IDE. - **Solution:** Run Gemini CLI from the integrated terminal of a supported diff --git a/docs/local-development.md b/docs/local-development.md index e6f862044d..83520c7506 100644 --- a/docs/local-development.md +++ b/docs/local-development.md @@ -59,7 +59,6 @@ You can view traces in the Jaeger UI for local development. This command configures your workspace for local telemetry and provides a link to the Jaeger UI (usually `http://localhost:16686`). - - **Collector logs:** `~/.gemini/tmp//otel/collector.log` 2. **Run Gemini CLI:** @@ -109,7 +108,6 @@ Trace for custom processing or routing. The script outputs links to view traces, metrics, and logs in the Google Cloud Console. - - **Collector logs:** `~/.gemini/tmp//otel/collector-gcp.log` 3. **Run Gemini CLI:** diff --git a/docs/reference/commands.md b/docs/reference/commands.md index e5133bd1f5..0b30da3d66 100644 --- a/docs/reference/commands.md +++ b/docs/reference/commands.md @@ -506,7 +506,6 @@ the dedicated [Custom Commands documentation](../cli/custom-commands.md). These shortcuts apply directly to the input prompt for text manipulation. - **Undo:** - - **Keyboard shortcut:** Press **Ctrl+z** (Windows), **Cmd+z** (macOS), or **Alt+z** (Linux/WSL) to undo the last action in the input prompt. @@ -520,7 +519,6 @@ At commands are used to include the content of files or directories as part of your prompt to Gemini. These commands include git-aware filtering. - **`@`** - - **Description:** Inject the content of the specified file or files into your current prompt. This is useful for asking questions about specific code, text, or collections of files. @@ -567,7 +565,6 @@ The `!` prefix lets you interact with your system's shell directly from within Gemini CLI. - **`!`** - - **Description:** Execute the given `` using `bash` on Linux/macOS or `powershell.exe -NoProfile -Command` on Windows (unless you override `ComSpec`). Any output or errors from the command are displayed in @@ -577,7 +574,6 @@ Gemini CLI. - `!git status` (executes `git status` and returns to Gemini CLI) - **`!` (Toggle shell mode)** - - **Description:** Typing `!` on its own toggles shell mode. - **Entering shell mode:** - When active, shell mode uses a different coloring and a "Shell Mode diff --git a/docs/reference/configuration.md b/docs/reference/configuration.md index 293d99313c..96830bf585 100644 --- a/docs/reference/configuration.md +++ b/docs/reference/configuration.md @@ -106,7 +106,6 @@ their corresponding top-level category object in your `settings.json` file. #### `general` - **`general.preferredEditor`** (enum): - - **Description:** The preferred editor to open files in. Must be one of the built-in supported identifiers. Use /editor in the CLI to pick interactively, or leave unset to use $VISUAL/$EDITOR. @@ -116,18 +115,15 @@ their corresponding top-level category object in your `settings.json` file. `"neovim"`, `"emacs"`, `"hx"`, `"emacsclient"`, `"micro"` - **`general.openEditorInNewWindow`** (boolean): - - **Description:** Open VS Code-family editors in a new window when editing files. - **Default:** `false` - **`general.vimMode`** (boolean): - - **Description:** Enable Vim keybindings - **Default:** `false` - **`general.defaultApprovalMode`** (enum): - - **Description:** The default approval mode for tool execution. 'default' prompts for approval, 'auto_edit' auto-approves edit tools, and 'plan' is read-only mode. YOLO mode (auto-approve all actions) can only be enabled via @@ -136,46 +132,38 @@ their corresponding top-level category object in your `settings.json` file. - **Values:** `"default"`, `"auto_edit"`, `"plan"` - **`general.devtools`** (boolean): - - **Description:** Enable DevTools inspector on launch. - **Default:** `false` - **`general.enableAutoUpdate`** (boolean): - - **Description:** Enable automatic updates. - **Default:** `true` - **`general.enableAutoUpdateNotification`** (boolean): - - **Description:** Enable update notification prompts. - **Default:** `true` - **`general.enableNotifications`** (boolean): - - **Description:** Enable terminal run-event notifications for action-required prompts and session completion. - **Default:** `false` - **`general.notificationMethod`** (enum): - - **Description:** How to send terminal notifications. - **Default:** `"auto"` - **Values:** `"auto"`, `"osc9"`, `"osc777"`, `"bell"` - **`general.checkpointing.enabled`** (boolean): - - **Description:** Enable session checkpointing for recovery - **Default:** `false` - **Requires restart:** Yes - **`general.plan.enabled`** (boolean): - - **Description:** Enable Plan Mode for read-only safety during planning. - **Default:** `true` - **Requires restart:** Yes - **`general.plan.directory`** (string): - - **Description:** The directory where planning artifacts are stored. If not specified, defaults to the system temporary directory. A custom directory requires a policy to allow write access in Plan Mode. @@ -183,53 +171,44 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`general.plan.modelRouting`** (boolean): - - **Description:** Automatically switch between Pro and Flash models based on Plan Mode status. Uses Pro for the planning phase and Flash for the implementation phase. - **Default:** `true` - **`general.retryFetchErrors`** (boolean): - - **Description:** Retry on "exception TypeError: fetch failed sending request" errors. - **Default:** `true` - **`general.maxAttempts`** (number): - - **Description:** Maximum number of attempts for requests to the main chat model. Cannot exceed 10. - **Default:** `10` - **`general.debugKeystrokeLogging`** (boolean): - - **Description:** Enable debug logging of keystrokes to the console. - **Default:** `false` - **`general.sessionRetention.enabled`** (boolean): - - **Description:** Enable automatic session cleanup - **Default:** `true` - **`general.sessionRetention.maxAge`** (string): - - **Description:** Automatically delete chats older than this time period (e.g., "30d", "7d", "24h", "1w") - **Default:** `"30d"` - **`general.sessionRetention.maxCount`** (number): - - **Description:** Alternative: Maximum number of sessions to keep (most recent) - **Default:** `undefined` - **`general.sessionRetention.minRetention`** (string): - - **Description:** Minimum retention period (safety limit, defaults to "1d") - **Default:** `"1d"` - **`general.topicUpdateNarration`** (boolean): - - **Description:** Enable the Topic & Update communication model for reduced chattiness and structured progress reporting. - **Default:** `true` @@ -249,198 +228,163 @@ their corresponding top-level category object in your `settings.json` file. #### `ui` - **`ui.debugRainbow`** (boolean): - - **Description:** Enable debug rainbow rendering. Only useful for debugging rendering bugs and performance issues. - **Default:** `false` - **Requires restart:** Yes - **`ui.theme`** (string): - - **Description:** The color theme for the UI. See the CLI themes guide for available options. - **Default:** `undefined` - **`ui.autoThemeSwitching`** (boolean): - - **Description:** Automatically switch between default light and dark themes based on terminal background color. - **Default:** `true` - **`ui.terminalBackgroundPollingInterval`** (number): - - **Description:** Interval in seconds to poll the terminal background color. - **Default:** `60` - **`ui.customThemes`** (object): - - **Description:** Custom theme definitions. - **Default:** `{}` - **`ui.hideWindowTitle`** (boolean): - - **Description:** Hide the window title bar - **Default:** `false` - **Requires restart:** Yes - **`ui.inlineThinkingMode`** (enum): - - **Description:** Display model thinking inline: off or full. - **Default:** `"off"` - **Values:** `"off"`, `"full"` - **`ui.showStatusInTitle`** (boolean): - - **Description:** Show Gemini CLI model thoughts in the terminal window title during the working phase - **Default:** `false` - **`ui.dynamicWindowTitle`** (boolean): - - **Description:** Update the terminal window title with current status icons (Ready: β—‡, Action Required: βœ‹, Working: ✦) - **Default:** `true` - **`ui.showHomeDirectoryWarning`** (boolean): - - **Description:** Show a warning when running Gemini CLI in the home directory. - **Default:** `true` - **Requires restart:** Yes - **`ui.showCompatibilityWarnings`** (boolean): - - **Description:** Show warnings about terminal or OS compatibility issues. - **Default:** `true` - **Requires restart:** Yes - **`ui.hideTips`** (boolean): - - **Description:** Hide helpful tips in the UI - **Default:** `false` - **`ui.escapePastedAtSymbols`** (boolean): - - **Description:** When enabled, @ symbols in pasted text are escaped to prevent unintended @path expansion. - **Default:** `false` - **`ui.showShortcutsHint`** (boolean): - - **Description:** Show the "? for shortcuts" hint above the input. - **Default:** `true` - **`ui.compactToolOutput`** (boolean): - - **Description:** Display tool outputs (like directory listings and file reads) in a compact, structured format. - **Default:** `true` - **`ui.hideBanner`** (boolean): - - **Description:** Hide the application banner - **Default:** `false` - **`ui.hideContextSummary`** (boolean): - - **Description:** Hide the context summary (GEMINI.md, MCP servers) above the input. - **Default:** `false` - **`ui.footer.items`** (array): - - **Description:** List of item IDs to display in the footer. Rendered in order - **Default:** `undefined` - **`ui.footer.showLabels`** (boolean): - - **Description:** Display a second line above the footer items with descriptive headers (e.g., /model). - **Default:** `true` - **`ui.footer.hideCWD`** (boolean): - - **Description:** Hide the current working directory in the footer. - **Default:** `false` - **`ui.footer.hideSandboxStatus`** (boolean): - - **Description:** Hide the sandbox status indicator in the footer. - **Default:** `false` - **`ui.footer.hideModelInfo`** (boolean): - - **Description:** Hide the model name and context usage in the footer. - **Default:** `false` - **`ui.footer.hideContextPercentage`** (boolean): - - **Description:** Hides the context window usage percentage. - **Default:** `true` - **`ui.hideFooter`** (boolean): - - **Description:** Hide the footer from the UI - **Default:** `false` - **`ui.collapseDrawerDuringApproval`** (boolean): - - **Description:** Whether to collapse the UI drawer when a tool is awaiting confirmation. - **Default:** `true` - **`ui.showMemoryUsage`** (boolean): - - **Description:** Display memory usage information in the UI - **Default:** `false` - **`ui.showLineNumbers`** (boolean): - - **Description:** Show line numbers in the chat. - **Default:** `true` - **`ui.showCitations`** (boolean): - - **Description:** Show citations for generated text in the chat. - **Default:** `false` - **`ui.showModelInfoInChat`** (boolean): - - **Description:** Show the model name in the chat for each model turn. - **Default:** `false` - **`ui.showUserIdentity`** (boolean): - - **Description:** Show the signed-in user's identity (e.g. email) in the UI. - **Default:** `true` - **`ui.useAlternateBuffer`** (boolean): - - **Description:** Use an alternate screen buffer for the UI, preserving shell history. - **Default:** `false` - **Requires restart:** Yes - **`ui.renderProcess`** (boolean): - - **Description:** Enable Ink render process for the UI. - **Default:** `true` - **Requires restart:** Yes - **`ui.terminalBuffer`** (boolean): - - **Description:** Use the new terminal buffer architecture for rendering. - **Default:** `false` - **Requires restart:** Yes - **`ui.useBackgroundColor`** (boolean): - - **Description:** Whether to use background colors in the UI. - **Default:** `true` - **`ui.incrementalRendering`** (boolean): - - **Description:** Enable incremental rendering for the UI. This option will reduce flickering but may cause rendering artifacts. Only supported when useAlternateBuffer is enabled. @@ -448,32 +392,27 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`ui.showSpinner`** (boolean): - - **Description:** Show the spinner during operations. - **Default:** `true` - **`ui.loadingPhrases`** (enum): - - **Description:** What to show while the model is working: tips, witty comments, all, or off. - **Default:** `"off"` - **Values:** `"tips"`, `"witty"`, `"all"`, `"off"` - **`ui.errorVerbosity`** (enum): - - **Description:** Controls whether recoverable errors are hidden (low) or fully shown (full). - **Default:** `"low"` - **Values:** `"low"`, `"full"` - **`ui.customWittyPhrases`** (array): - - **Description:** Custom witty phrases to display during loading. When provided, the CLI cycles through these instead of the defaults. - **Default:** `[]` - **`ui.accessibility.enableLoadingPhrases`** (boolean): - - **Description:** @deprecated Use ui.loadingPhrases instead. Enable loading phrases during operations. - **Default:** `true` @@ -488,7 +427,6 @@ their corresponding top-level category object in your `settings.json` file. #### `ide` - **`ide.enabled`** (boolean): - - **Description:** Enable IDE integration mode. - **Default:** `false` - **Requires restart:** Yes @@ -507,7 +445,6 @@ their corresponding top-level category object in your `settings.json` file. #### `billing` - **`billing.overageStrategy`** (enum): - - **Description:** How to handle quota exhaustion when AI credits are available. 'ask' prompts each time, 'always' automatically uses credits, 'never' disables credit usage. @@ -515,7 +452,6 @@ their corresponding top-level category object in your `settings.json` file. - **Values:** `"ask"`, `"always"`, `"never"` - **`billing.vertexAi.requestType`** (enum): - - **Description:** Sets the X-Vertex-AI-LLM-Request-Type header for Vertex AI requests. - **Default:** `undefined` @@ -532,32 +468,27 @@ their corresponding top-level category object in your `settings.json` file. #### `model` - **`model.name`** (string): - - **Description:** The Gemini model to use for conversations. - **Default:** `undefined` - **`model.maxSessionTurns`** (number): - - **Description:** Maximum number of user/model/tool turns to keep in a session. -1 means unlimited. - **Default:** `-1` - **`model.summarizeToolOutput`** (object): - - **Description:** Enables or disables summarization of tool output. Configure per-tool token budgets (for example {"run_shell_command": {"tokenBudget": 2000}}). Currently only the run_shell_command tool supports summarization. - **Default:** `undefined` - **`model.compressionThreshold`** (number): - - **Description:** The fraction of context usage at which to trigger context compression (e.g. 0.2, 0.3). - **Default:** `0.5` - **Requires restart:** Yes - **`model.disableLoopDetection`** (boolean): - - **Description:** Disable automatic detection and prevention of infinite loops. - **Default:** `false` @@ -570,7 +501,6 @@ their corresponding top-level category object in your `settings.json` file. #### `modelConfigs` - **`modelConfigs.aliases`** (object): - - **Description:** Named presets for model configs. Can be used in place of a model name and can inherit from other aliases using an `extends` property. - **Default:** @@ -878,26 +808,22 @@ their corresponding top-level category object in your `settings.json` file. ``` - **`modelConfigs.customAliases`** (object): - - **Description:** Custom named presets for model configs. These are merged with (and override) the built-in aliases. - **Default:** `{}` - **`modelConfigs.customOverrides`** (array): - - **Description:** Custom model config overrides. These are merged with (and added to) the built-in overrides. - **Default:** `[]` - **`modelConfigs.overrides`** (array): - - **Description:** Apply specific configuration overrides based on matches, with a primary key of model (or alias). The most specific match will be used. - **Default:** `[]` - **`modelConfigs.modelDefinitions`** (object): - - **Description:** Registry of model metadata, including tier, family, and features. - **Default:** @@ -1071,7 +997,6 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`modelConfigs.modelIdResolutions`** (object): - - **Description:** Rules for resolving requested model names to concrete model IDs based on context. - **Default:** @@ -1288,7 +1213,6 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`modelConfigs.classifierIdResolutions`** (object): - - **Description:** Rules for resolving classifier tiers (flash, pro) to concrete model IDs. - **Default:** @@ -1354,7 +1278,6 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`modelConfigs.modelChains`** (object): - - **Description:** Availability policy chains defining fallback behavior for models. - **Default:** @@ -1555,40 +1478,34 @@ their corresponding top-level category object in your `settings.json` file. #### `agents` - **`agents.overrides`** (object): - - **Description:** Override settings for specific agents, e.g. to disable the agent, set a custom model config, or run config. - **Default:** `{}` - **Requires restart:** Yes - **`agents.browser.sessionMode`** (enum): - - **Description:** Session mode: 'persistent', 'isolated', or 'existing'. - **Default:** `"persistent"` - **Values:** `"persistent"`, `"isolated"`, `"existing"` - **Requires restart:** Yes - **`agents.browser.headless`** (boolean): - - **Description:** Run browser in headless mode. - **Default:** `false` - **Requires restart:** Yes - **`agents.browser.profilePath`** (string): - - **Description:** Path to browser profile directory for session persistence. - **Default:** `undefined` - **Requires restart:** Yes - **`agents.browser.visualModel`** (string): - - **Description:** Model for the visual agent's analyze_screenshot tool. When set, enables the tool. - **Default:** `undefined` - **Requires restart:** Yes - **`agents.browser.allowedDomains`** (array): - - **Description:** A list of allowed domains for the browser agent (e.g., ["github.com", "*.google.com"]). - **Default:** @@ -1600,18 +1517,15 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`agents.browser.disableUserInput`** (boolean): - - **Description:** Disable user input on browser window during automation. - **Default:** `true` - **`agents.browser.maxActionsPerTask`** (number): - - **Description:** The maximum number of tool calls allowed per browser task. Enforcement is hard: the agent will be terminated when the limit is reached. - **Default:** `100` - **`agents.browser.confirmSensitiveActions`** (boolean): - - **Description:** Require manual confirmation for sensitive browser actions (e.g., fill_form, evaluate_script). - **Default:** `false` @@ -1625,29 +1539,24 @@ their corresponding top-level category object in your `settings.json` file. #### `context` - **`context.fileName`** (string | string[]): - - **Description:** The name of the context file or files to load into memory. Accepts either a single string or an array of strings. - **Default:** `undefined` - **`context.importFormat`** (string): - - **Description:** The format to use when importing memory. - **Default:** `undefined` - **`context.includeDirectoryTree`** (boolean): - - **Description:** Whether to include the directory tree of the current working directory in the initial request to the model. - **Default:** `true` - **`context.discoveryMaxDirs`** (number): - - **Description:** Maximum number of directories to search for memory. - **Default:** `200` - **`context.memoryBoundaryMarkers`** (array): - - **Description:** File or directory names that mark the boundary for GEMINI.md discovery. The upward traversal stops at the first directory containing any of these markers. An empty array disables parent traversal. @@ -1660,46 +1569,39 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`context.includeDirectories`** (array): - - **Description:** Additional directories to include in the workspace context. Missing directories will be skipped with a warning. - **Default:** `[]` - **`context.loadMemoryFromIncludeDirectories`** (boolean): - - **Description:** Controls how /memory reload loads GEMINI.md files. When true, include directories are scanned; when false, only the current directory is used. - **Default:** `false` - **`context.fileFiltering.respectGitIgnore`** (boolean): - - **Description:** Respect .gitignore files when searching. - **Default:** `true` - **Requires restart:** Yes - **`context.fileFiltering.respectGeminiIgnore`** (boolean): - - **Description:** Respect .geminiignore files when searching. - **Default:** `true` - **Requires restart:** Yes - **`context.fileFiltering.enableFileWatcher`** (boolean): - - **Description:** Enable file watcher updates for @ file suggestions (experimental). - **Default:** `false` - **Requires restart:** Yes - **`context.fileFiltering.enableRecursiveFileSearch`** (boolean): - - **Description:** Enable recursive file search functionality when completing @ references in the prompt. - **Default:** `true` - **Requires restart:** Yes - **`context.fileFiltering.enableFuzzySearch`** (boolean): - - **Description:** Enable fuzzy search when searching for files. - **Default:** `true` - **Requires restart:** Yes @@ -1715,7 +1617,6 @@ their corresponding top-level category object in your `settings.json` file. #### `tools` - **`tools.sandbox`** (string): - - **Description:** Legacy full-process sandbox execution environment. Set to a boolean to enable or disable the sandbox, provide a string path to a sandbox profile, or specify an explicit sandbox command (e.g., "docker", "podman", @@ -1724,27 +1625,23 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`tools.sandboxAllowedPaths`** (array): - - **Description:** List of additional paths that the sandbox is allowed to access. - **Default:** `[]` - **Requires restart:** Yes - **`tools.sandboxNetworkAccess`** (boolean): - - **Description:** Whether the sandbox is allowed to access the network. - **Default:** `false` - **Requires restart:** Yes - **`tools.shell.enableInteractiveShell`** (boolean): - - **Description:** Use node-pty for an interactive shell experience. Fallback to child_process still applies. - **Default:** `true` - **Requires restart:** Yes - **`tools.shell.backgroundCompletionBehavior`** (enum): - - **Description:** Controls what happens when a background shell command finishes. 'silent' (default): quietly exits in background. 'inject': automatically returns output to agent. 'notify': shows brief message in @@ -1753,30 +1650,25 @@ their corresponding top-level category object in your `settings.json` file. - **Values:** `"silent"`, `"inject"`, `"notify"` - **`tools.shell.pager`** (string): - - **Description:** The pager command to use for shell output. Defaults to `cat`. - **Default:** `"cat"` - **`tools.shell.showColor`** (boolean): - - **Description:** Show color in shell output. - **Default:** `true` - **`tools.shell.inactivityTimeout`** (number): - - **Description:** The maximum time in seconds allowed without output from the shell command. Defaults to 5 minutes. - **Default:** `300` - **`tools.shell.enableShellOutputEfficiency`** (boolean): - - **Description:** Enable shell output efficiency optimizations for better performance. - **Default:** `true` - **`tools.core`** (array): - - **Description:** Restrict the set of built-in tools with an allowlist. Match semantics mirror tools.allowed; see the built-in tools documentation for available names. @@ -1784,7 +1676,6 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`tools.allowed`** (array): - - **Description:** Tool names that bypass the confirmation dialog. Useful for trusted commands (for example ["run_shell_command(git)", "run_shell_command(npm test)"]). See shell tool command restrictions for @@ -1793,26 +1684,22 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`tools.confirmationRequired`** (array): - - **Description:** Tool names that always require user confirmation. Takes precedence over allowed tools and core tool allowlists. - **Default:** `undefined` - **Requires restart:** Yes - **`tools.exclude`** (array): - - **Description:** Tool names to exclude from discovery. - **Default:** `undefined` - **Requires restart:** Yes - **`tools.discoveryCommand`** (string): - - **Description:** Command to run for tool discovery. - **Default:** `undefined` - **Requires restart:** Yes - **`tools.callCommand`** (string): - - **Description:** Defines a custom shell command for invoking discovered tools. The command must take the tool name as the first argument, read JSON arguments from stdin, and emit JSON results on stdout. @@ -1820,13 +1707,11 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`tools.useRipgrep`** (boolean): - - **Description:** Use ripgrep for file content search instead of the fallback implementation. Provides faster search performance. - **Default:** `true` - **`tools.truncateToolOutputThreshold`** (number): - - **Description:** Maximum characters to show when truncating large tool outputs. Set to 0 or negative to disable truncation. - **Default:** `40000` @@ -1842,13 +1727,11 @@ their corresponding top-level category object in your `settings.json` file. #### `mcp` - **`mcp.serverCommand`** (string): - - **Description:** Command to start an MCP server. - **Default:** `undefined` - **Requires restart:** Yes - **`mcp.allowed`** (array): - - **Description:** A list of MCP servers to allow. - **Default:** `undefined` - **Requires restart:** Yes @@ -1867,45 +1750,38 @@ their corresponding top-level category object in your `settings.json` file. #### `security` - **`security.toolSandboxing`** (boolean): - - **Description:** Tool-level sandboxing. Isolates individual tools instead of the entire CLI process. - **Default:** `false` - **Requires restart:** Yes - **`security.disableYoloMode`** (boolean): - - **Description:** Disable YOLO mode, even if enabled by a flag. - **Default:** `false` - **Requires restart:** Yes - **`security.disableAlwaysAllow`** (boolean): - - **Description:** Disable "Always allow" options in tool confirmation dialogs. - **Default:** `false` - **Requires restart:** Yes - **`security.enablePermanentToolApproval`** (boolean): - - **Description:** Enable the "Allow for all future sessions" option in tool confirmation dialogs. - **Default:** `false` - **`security.autoAddToPolicyByDefault`** (boolean): - - **Description:** When enabled, the "Allow for all future sessions" option becomes the default choice for low-risk tools in trusted workspaces. - **Default:** `false` - **`security.blockGitExtensions`** (boolean): - - **Description:** Blocks installing and loading extensions from Git. - **Default:** `false` - **Requires restart:** Yes - **`security.allowedExtensions`** (array): - - **Description:** List of Regex patterns for allowed extensions. If nonempty, only extensions that match the patterns in this list are allowed. Overrides the blockGitExtensions setting. @@ -1913,45 +1789,38 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`security.folderTrust.enabled`** (boolean): - - **Description:** Setting to track whether Folder trust is enabled. - **Default:** `true` - **Requires restart:** Yes - **`security.environmentVariableRedaction.allowed`** (array): - - **Description:** Environment variables to always allow (bypass redaction). - **Default:** `[]` - **Requires restart:** Yes - **`security.environmentVariableRedaction.blocked`** (array): - - **Description:** Environment variables to always redact. - **Default:** `[]` - **Requires restart:** Yes - **`security.environmentVariableRedaction.enabled`** (boolean): - - **Description:** Enable redaction of environment variables that may contain secrets. - **Default:** `false` - **Requires restart:** Yes - **`security.auth.selectedType`** (string): - - **Description:** The currently selected authentication type. - **Default:** `undefined` - **Requires restart:** Yes - **`security.auth.enforcedType`** (string): - - **Description:** The required auth type. If this does not match the selected auth type, the user will be prompted to re-authenticate. - **Default:** `undefined` - **Requires restart:** Yes - **`security.auth.useExternal`** (boolean): - - **Description:** Whether to use an external authentication flow. - **Default:** `undefined` - **Requires restart:** Yes @@ -1967,7 +1836,6 @@ their corresponding top-level category object in your `settings.json` file. #### `advanced` - **`advanced.autoConfigureMemory`** (boolean): - - **Description:** Automatically configure Node.js memory limits. Note: Because memory is allocated during the initial process boot, this setting is only read from the global user settings file and ignores workspace-level @@ -1976,13 +1844,11 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`advanced.dnsResolutionOrder`** (string): - - **Description:** The DNS resolution order. - **Default:** `undefined` - **Requires restart:** Yes - **`advanced.excludedEnvVars`** (array): - - **Description:** Environment variables to exclude from project context. - **Default:** @@ -1991,7 +1857,6 @@ their corresponding top-level category object in your `settings.json` file. ``` - **`advanced.ignoreLocalEnv`** (boolean): - - **Description:** Whether to ignore generic .env files in the project directory. - **Default:** `false` @@ -2004,25 +1869,21 @@ their corresponding top-level category object in your `settings.json` file. #### `experimental` - **`experimental.gemma`** (boolean): - - **Description:** Enable access to Gemma 4 models via Gemini API. - **Default:** `true` - **Requires restart:** Yes - **`experimental.voiceMode`** (boolean): - - **Description:** Enable experimental voice dictation and commands (/voice, /voice model). - **Default:** `false` - **`experimental.voice.activationMode`** (enum): - - **Description:** How to trigger voice recording with the Space key. - **Default:** `"push-to-talk"` - **Values:** `"push-to-talk"`, `"toggle"` - **`experimental.voice.backend`** (enum): - - **Description:** The backend to use for voice transcription. Note: When using the Gemini Live backend, voice recordings are sent to Google Cloud for transcription. @@ -2030,163 +1891,138 @@ their corresponding top-level category object in your `settings.json` file. - **Values:** `"gemini-live"`, `"whisper"` - **`experimental.voice.whisperModel`** (enum): - - **Description:** The Whisper model to use for local transcription. - **Default:** `"ggml-base.en.bin"` - **Values:** `"ggml-tiny.en.bin"`, `"ggml-base.en.bin"`, `"ggml-large-v3-turbo-q5_0.bin"`, `"ggml-large-v3-turbo-q8_0.bin"` - **`experimental.voice.stopGracePeriodMs`** (number): - - **Description:** How long to wait for final transcription after stopping recording. - **Default:** `4000` - **`experimental.adk.agentSessionNoninteractiveEnabled`** (boolean): - - **Description:** Enable non-interactive agent sessions. - **Default:** `false` - **Requires restart:** Yes - **`experimental.adk.agentSessionInteractiveEnabled`** (boolean): - - **Description:** Enable the agent session implementation for the interactive CLI. - **Default:** `false` - **Requires restart:** Yes - **`experimental.adk.agentSessionSubagentEnabled`** (boolean): - - **Description:** Route subagent invocations through the AgentSession protocol instead of legacy executors. - **Default:** `false` - **Requires restart:** Yes - **`experimental.enableAgents`** (boolean): - - **Description:** Enable local and remote subagents. - **Default:** `true` - **Requires restart:** Yes - **`experimental.worktrees`** (boolean): - - **Description:** Enable automated Git worktree management for parallel work. - **Default:** `false` - **Requires restart:** Yes - **`experimental.extensionManagement`** (boolean): - - **Description:** Enable extension management features. - **Default:** `true` - **Requires restart:** Yes - **`experimental.extensionConfig`** (boolean): - - **Description:** Enable requesting and fetching of extension settings. - **Default:** `true` - **Requires restart:** Yes - **`experimental.extensionRegistry`** (boolean): - - **Description:** Enable extension registry explore UI. - **Default:** `false` - **Requires restart:** Yes - **`experimental.extensionRegistryURI`** (string): - - **Description:** The URI (web URL or local file path) of the extension registry. - **Default:** `"https://geminicli.com/extensions.json"` - **Requires restart:** Yes - **`experimental.extensionReloading`** (boolean): - - **Description:** Enables extension loading/unloading within the CLI session. - **Default:** `false` - **Requires restart:** Yes - **`experimental.useOSC52Paste`** (boolean): - - **Description:** Use OSC 52 for pasting. This may be more robust than the default system when using remote terminal sessions (if your terminal is configured to allow it). - **Default:** `false` - **`experimental.useOSC52Copy`** (boolean): - - **Description:** Use OSC 52 for copying. This may be more robust than the default system when using remote terminal sessions (if your terminal is configured to allow it). - **Default:** `false` - **`experimental.taskTracker`** (boolean): - - **Description:** Enable task tracker tools. - **Default:** `false` - **Requires restart:** Yes - **`experimental.modelSteering`** (boolean): - - **Description:** Enable model steering (user hints) to guide the model during tool execution. - **Default:** `false` - **`experimental.directWebFetch`** (boolean): - - **Description:** Enable web fetch behavior that bypasses LLM summarization. - **Default:** `false` - **Requires restart:** Yes - **`experimental.dynamicModelConfiguration`** (boolean): - - **Description:** Enable dynamic model configuration (definitions, resolutions, and chains) via settings. - **Default:** `false` - **Requires restart:** Yes - **`experimental.gemmaModelRouter.enabled`** (boolean): - - **Description:** Enable the Gemma Model Router (experimental). Requires a local endpoint serving Gemma via the Gemini API using LiteRT-LM shim. - **Default:** `false` - **Requires restart:** Yes - **`experimental.gemmaModelRouter.autoStartServer`** (boolean): - - **Description:** Automatically start the LiteRT-LM server when Gemini CLI starts and the Gemma router is enabled. - **Default:** `false` - **Requires restart:** Yes - **`experimental.gemmaModelRouter.binaryPath`** (string): - - **Description:** Custom path to the LiteRT-LM binary. Leave empty to use the default location (~/.gemini/bin/litert/). - **Default:** `""` - **Requires restart:** Yes - **`experimental.gemmaModelRouter.classifier.host`** (string): - - **Description:** The host of the classifier. - **Default:** `"http://localhost:9379"` - **Requires restart:** Yes - **`experimental.gemmaModelRouter.classifier.model`** (string): - - **Description:** The model to use for the classifier. Only tested on `gemma3-1b-gpu-custom`. - **Default:** `"gemma3-1b-gpu-custom"` - **Requires restart:** Yes - **`experimental.stressTestProfile`** (boolean): - - **Description:** Significantly lowers token limits to force early garbage collection and distillation for testing purposes. - **Default:** `false` - **Requires restart:** Yes - **`experimental.autoMemory`** (boolean): - - **Description:** Automatically extract memory patches and skills from past sessions in the background. Every change is written as a unified diff `.patch` file under `/.inbox//` and held for review @@ -2195,19 +2031,16 @@ their corresponding top-level category object in your `settings.json` file. - **Requires restart:** Yes - **`experimental.generalistProfile`** (boolean): - - **Description:** Suitable for general coding and software development tasks. - **Default:** `false` - **Requires restart:** Yes - **`experimental.powerUserProfile`** (boolean): - - **Description:** Less cache friendly version of the generalist profile. - **Default:** `false` - **Requires restart:** Yes - **`experimental.contextManagement`** (boolean): - - **Description:** Enable logic for context management. - **Default:** `false` - **Requires restart:** Yes @@ -2219,7 +2052,6 @@ their corresponding top-level category object in your `settings.json` file. #### `skills` - **`skills.enabled`** (boolean): - - **Description:** Enable Agent Skills. - **Default:** `true` - **Requires restart:** Yes @@ -2232,14 +2064,12 @@ their corresponding top-level category object in your `settings.json` file. #### `hooksConfig` - **`hooksConfig.enabled`** (boolean): - - **Description:** Canonical toggle for the hooks system. When disabled, no hooks will be executed. - **Default:** `true` - **Requires restart:** Yes - **`hooksConfig.disabled`** (array): - - **Description:** List of hook names (commands) that should be disabled. Hooks in this list will not execute even if configured. - **Default:** `[]` @@ -2251,61 +2081,51 @@ their corresponding top-level category object in your `settings.json` file. #### `hooks` - **`hooks.BeforeTool`** (array): - - **Description:** Hooks that execute before tool execution. Can intercept, validate, or modify tool calls. - **Default:** `[]` - **`hooks.AfterTool`** (array): - - **Description:** Hooks that execute after tool execution. Can process results, log outputs, or trigger follow-up actions. - **Default:** `[]` - **`hooks.BeforeAgent`** (array): - - **Description:** Hooks that execute before agent loop starts. Can set up context or initialize resources. - **Default:** `[]` - **`hooks.AfterAgent`** (array): - - **Description:** Hooks that execute after agent loop completes. Can perform cleanup or summarize results. - **Default:** `[]` - **`hooks.Notification`** (array): - - **Description:** Hooks that execute on notification events (errors, warnings, info). Can log or alert on specific conditions. - **Default:** `[]` - **`hooks.SessionStart`** (array): - - **Description:** Hooks that execute when a session starts. Can initialize session-specific resources or state. - **Default:** `[]` - **`hooks.SessionEnd`** (array): - - **Description:** Hooks that execute when a session ends. Can perform cleanup or persist session data. - **Default:** `[]` - **`hooks.PreCompress`** (array): - - **Description:** Hooks that execute before chat history compression. Can back up or analyze conversation before compression. - **Default:** `[]` - **`hooks.BeforeModel`** (array): - - **Description:** Hooks that execute before LLM requests. Can modify prompts, inject context, or control model parameters. - **Default:** `[]` - **`hooks.AfterModel`** (array): - - **Description:** Hooks that execute after LLM responses. Can process outputs, extract information, or log interactions. - **Default:** `[]` @@ -2318,41 +2138,35 @@ their corresponding top-level category object in your `settings.json` file. #### `contextManagement` - **`contextManagement.historyWindow.maxTokens`** (number): - - **Description:** The number of tokens to allow before triggering compression. - **Default:** `150000` - **Requires restart:** Yes - **`contextManagement.historyWindow.retainedTokens`** (number): - - **Description:** The number of tokens to always retain. - **Default:** `40000` - **Requires restart:** Yes - **`contextManagement.messageLimits.normalMaxTokens`** (number): - - **Description:** The target number of tokens to budget for a normal conversation turn. - **Default:** `2500` - **Requires restart:** Yes - **`contextManagement.messageLimits.retainedMaxTokens`** (number): - - **Description:** The maximum number of tokens a single conversation turn can consume before truncation. - **Default:** `12000` - **Requires restart:** Yes - **`contextManagement.messageLimits.normalizationHeadRatio`** (number): - - **Description:** The ratio of tokens to retain from the beginning of a truncated message (0.0 to 1.0). - **Default:** `0.25` - **Requires restart:** Yes - **`contextManagement.tools.distillation.maxOutputTokens`** (number): - - **Description:** Maximum tokens to show to the model when truncating large tool outputs. - **Default:** `10000` @@ -2360,7 +2174,6 @@ their corresponding top-level category object in your `settings.json` file. - **`contextManagement.tools.distillation.summarizationThresholdTokens`** (number): - - **Description:** Threshold above which truncated tool outputs will be summarized by an LLM. - **Default:** `20000` @@ -2368,7 +2181,6 @@ their corresponding top-level category object in your `settings.json` file. - **`contextManagement.tools.outputMasking.protectionThresholdTokens`** (number): - - **Description:** Minimum number of tokens to protect from masking (most recent tool outputs). - **Default:** `50000` @@ -2376,7 +2188,6 @@ their corresponding top-level category object in your `settings.json` file. - **`contextManagement.tools.outputMasking.minPrunableThresholdTokens`** (number): - - **Description:** Minimum prunable tokens required to trigger a masking pass. - **Default:** `30000` - **Requires restart:** Yes @@ -2390,29 +2201,24 @@ their corresponding top-level category object in your `settings.json` file. #### `admin` - **`admin.secureModeEnabled`** (boolean): - - **Description:** If true, disallows YOLO mode and "Always allow" options from being used. - **Default:** `false` - **`admin.extensions.enabled`** (boolean): - - **Description:** If false, disallows extensions from being installed or used. - **Default:** `true` - **`admin.mcp.enabled`** (boolean): - - **Description:** If false, disallows MCP servers from being used. - **Default:** `true` - **`admin.mcp.config`** (object): - - **Description:** Admin-configured MCP servers (allowlist). - **Default:** `{}` - **`admin.mcp.requiredConfig`** (object): - - **Description:** Admin-required MCP servers that are always injected. - **Default:** `{}` diff --git a/docs/release-confidence.md b/docs/release-confidence.md index 7b6bd06249..22769f9556 100644 --- a/docs/release-confidence.md +++ b/docs/release-confidence.md @@ -70,7 +70,6 @@ Before promoting a `preview` release to `stable`, a release manager must manually run through this checklist. - **Setup:** - - [ ] Uninstall any existing global version: `npm uninstall -g @google/gemini-cli` - [ ] Clear npx cache (optional but recommended): `npm cache clean --force` @@ -78,29 +77,24 @@ manually run through this checklist. - [ ] Verify version: `gemini --version` - **Authentication:** - - [ ] In interactive mode run `/auth` and verify all sign in flows work: - [ ] Sign in with Google - [ ] API Key - [ ] Vertex AI - **Basic prompting:** - - [ ] Run `gemini "Tell me a joke"` and verify a sensible response. - [ ] Run in interactive mode: `gemini`. Ask a follow-up question to test context. - **Piped input:** - - [ ] Run `echo "Summarize this" | gemini` and verify it processes stdin. - **Context management:** - - [ ] In interactive mode, use `@file` to add a local file to context. Ask a question about it. - **Settings:** - - [ ] In interactive mode run `/settings` and make modifications - [ ] Validate that setting is changed diff --git a/docs/releases.md b/docs/releases.md index 70a9f069ce..90a218b7f2 100644 --- a/docs/releases.md +++ b/docs/releases.md @@ -475,7 +475,6 @@ This stage happens _after_ the NPM publish and creates the single-file executable that enables `npx` usage directly from the GitHub repository. 1. **The JavaScript bundle is created:** - - **What happens:** The built JavaScript from both `packages/core/dist` and `packages/cli/dist`, along with all third-party JavaScript dependencies, are bundled by `esbuild` into a single, executable JavaScript file (for @@ -487,7 +486,6 @@ executable that enables `npx` usage directly from the GitHub repository. the `core` package) are included directly. 2. **The `bundle` directory is assembled:** - - **What happens:** A temporary `bundle` folder is created at the project root. The single `gemini.js` executable is placed inside it, along with other essential files. diff --git a/docs/resources/quota-and-pricing.md b/docs/resources/quota-and-pricing.md index b3921e38c1..18beb7c761 100644 --- a/docs/resources/quota-and-pricing.md +++ b/docs/resources/quota-and-pricing.md @@ -127,7 +127,6 @@ Standard/PlusΒ and AI Expanded, are not supported._ license seats. For predictable costs, you can sign in with Google. This includes the following request limits: - - Gemini Code Assist Standard edition: - 1500 maximum model requests / user / day - Gemini Code Assist Enterprise edition: diff --git a/docs/resources/troubleshooting.md b/docs/resources/troubleshooting.md index a5580dd0bb..2c63e7c969 100644 --- a/docs/resources/troubleshooting.md +++ b/docs/resources/troubleshooting.md @@ -12,7 +12,6 @@ topics on: - **Error: `You must be a named user on your organization's Gemini Code Assist Standard edition subscription to use this service. Please contact your administrator to request an entitlement to Gemini Code Assist Standard edition.`** - - **Cause:** This error might occur if Gemini CLI detects the `GOOGLE_CLOUD_PROJECT` or `GOOGLE_CLOUD_PROJECT_ID` environment variable is defined. Setting these variables forces an organization subscription check. @@ -20,7 +19,6 @@ topics on: linked to an organizational subscription. - **Solution:** - - **Individual Users:** Unset the `GOOGLE_CLOUD_PROJECT` and `GOOGLE_CLOUD_PROJECT_ID` environment variables. Check and remove these variables from your shell configuration files (for example, `.bashrc`, @@ -32,14 +30,12 @@ topics on: - **Error: `Failed to sign in. Message: Your current account is not eligible... because it is not currently available in your location.`** - - **Cause:** Gemini CLI does not currently support your location. For a full list of supported locations, see the following pages: - Gemini Code Assist for individuals: [Available locations](https://developers.google.com/gemini-code-assist/resources/available-locations#americas) - **Error: `Failed to sign in. Message: Request contains an invalid argument`** - - **Cause:** Users with Google Workspace accounts or Google Cloud accounts associated with their Gmail accounts may not be able to activate the free tier of the Google Code Assist plan. @@ -70,7 +66,6 @@ topics on: ## Common error messages and solutions - **Error: `EADDRINUSE` (Address already in use) when starting an MCP server.** - - **Cause:** Another process is already using the port that the MCP server is trying to bind to. - **Solution:** Either stop the other process that is using the port or @@ -78,7 +73,6 @@ topics on: - **Error: Command not found (when attempting to run Gemini CLI with `gemini`).** - - **Cause:** Gemini CLI is not correctly installed or it is not in your system's `PATH`. - **Solution:** The update depends on how you installed Gemini CLI: @@ -91,7 +85,6 @@ topics on: then rebuild using the command `npm run build`. - **Error: `MODULE_NOT_FOUND` or import errors.** - - **Cause:** Dependencies are not installed correctly, or the project hasn't been built. - **Solution:** @@ -100,7 +93,6 @@ topics on: 3. Verify that the build completed successfully with `npm run start`. - **Error: "Operation not permitted", "Permission denied", or similar.** - - **Cause:** When sandboxing is enabled, Gemini CLI may attempt operations that are restricted by your sandbox configuration, such as writing outside the project directory or system temp directory. @@ -109,7 +101,6 @@ topics on: configuration. - **Gemini CLI is not running in interactive mode in "CI" environments** - - **Issue:** Gemini CLI does not enter interactive mode (no prompt appears) if an environment variable starting with `CI_` (for example, `CI_TOKEN`) is set. This is because the `is-in-ci` package, used by the underlying UI @@ -125,7 +116,6 @@ topics on: `env -u CI_TOKEN gemini` - **DEBUG mode not working from project .env file** - - **Issue:** Setting `DEBUG=true` in a project's `.env` file doesn't enable debug mode for gemini-cli. - **Cause:** The `DEBUG` and `DEBUG_MODE` variables are automatically excluded @@ -165,14 +155,12 @@ is especially useful for scripting and automation. ## Debugging tips - **CLI debugging:** - - Use the `--debug` flag for more detailed output. In interactive mode, press F12 to view the debug console. - Check the CLI logs, often found in a user-specific configuration or cache directory. - **Core debugging:** - - Check the server console output for error messages or stack traces. - Increase log verbosity if configurable. For example, set the `DEBUG_MODE` environment variable to `true` or `1`. @@ -180,7 +168,6 @@ is especially useful for scripting and automation. step through server-side code. - **Tool issues:** - - If a specific tool is failing, try to isolate the issue by running the simplest possible version of the command or operation the tool performs. - For `run_shell_command`, check that the command works directly in your shell diff --git a/docs/tools/ask-user.md b/docs/tools/ask-user.md index 55a95f52f8..065d2227dc 100644 --- a/docs/tools/ask-user.md +++ b/docs/tools/ask-user.md @@ -11,7 +11,6 @@ confirmation. - **Display name:** Ask User - **File:** `ask-user.ts` - **Parameters:** - - `questions` (array of objects, required): A list of 1 to 4 questions to ask. Each question object has the following properties: - `question` (string, required): The complete question text. @@ -31,7 +30,6 @@ confirmation. - `placeholder` (string, optional): Hint text for input fields. - **Behavior:** - - Presents an interactive dialog to the user with the specified questions. - Pauses execution until the user provides answers or dismisses the dialog. - Returns the user's answers to the model. diff --git a/docs/tools/mcp-server.md b/docs/tools/mcp-server.md index d7a219f338..e72089b1eb 100644 --- a/docs/tools/mcp-server.md +++ b/docs/tools/mcp-server.md @@ -768,7 +768,6 @@ defaults: - **Tool lists:** Tool lists are merged securely to ensure the most restrictive policy wins: - - **Exclusions (`excludeTools`):** Arrays are combined (unioned). If either source blocks a tool, it remains disabled. - **Inclusions (`includeTools`):** Arrays are intersected. If both sources diff --git a/packages/cli/src/ui/commands/extensionsCommand.test.ts b/packages/cli/src/ui/commands/extensionsCommand.test.ts index 0f801c5278..cef021f39f 100644 --- a/packages/cli/src/ui/commands/extensionsCommand.test.ts +++ b/packages/cli/src/ui/commands/extensionsCommand.test.ts @@ -439,8 +439,7 @@ describe('extensionsCommand', () => { } it('should return ExtensionRegistryView custom dialog when experimental.extensionRegistry is true', async () => { - mockContext.services.settings.merged.experimental.extensionRegistry = - true; + mockContext.services.settings.merged.experimental.extensionRegistry = true; const result = await exploreAction(mockContext, ''); @@ -456,8 +455,7 @@ describe('extensionsCommand', () => { }); it('should handle onSelect and onClose in ExtensionRegistryView', async () => { - mockContext.services.settings.merged.experimental.extensionRegistry = - true; + mockContext.services.settings.merged.experimental.extensionRegistry = true; const result = await exploreAction(mockContext, ''); if (result?.type !== 'custom_dialog') {