MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-04-22 19:14:33 -07:00
Code Issues Packages Projects Releases Wiki Activity

feat(core): improve shell redirection transparency and security (#16486)

Browse Source
This commit is contained in:
N. Taylor Mullen
2026-01-19 20:07:28 -08:00
committed by GitHub
parent 451e0b49cb
commit ec7413456e
16 changed files with 497 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/src/tools/shell.test.ts
+52
View File
@@ -538,4 +538,56 @@ describe('ShellTool', () => {
expect(shellTool.description).toMatchSnapshot();
});
});
describe('getConfirmationDetails', () => {
it('should annotate sub-commands with redirection correctly', async () => {
const shellTool = new ShellTool(mockConfig, createMockMessageBus());
const command = 'mkdir -p baz && echo "hello" > baz/test.md && ls';
const invocation = shellTool.build({ command });
// @ts-expect-error - getConfirmationDetails is protected
const details = await invocation.getConfirmationDetails(
new AbortController().signal,
);
expect(details).not.toBe(false);
if (details && details.type === 'exec') {
expect(details.rootCommand).toBe('mkdir, echo, redirection (>), ls');
}
});
it('should annotate all redirected sub-commands', async () => {
const shellTool = new ShellTool(mockConfig, createMockMessageBus());
const command = 'cat < input.txt && grep "foo" > output.txt';
const invocation = shellTool.build({ command });
// @ts-expect-error - getConfirmationDetails is protected
const details = await invocation.getConfirmationDetails(
new AbortController().signal,
);
expect(details).not.toBe(false);
if (details && details.type === 'exec') {
expect(details.rootCommand).toBe(
'cat, redirection (<), grep, redirection (>)',
);
}
});
it('should annotate sub-commands with pipes correctly', async () => {
const shellTool = new ShellTool(mockConfig, createMockMessageBus());
const command = 'ls | grep "baz"';
const invocation = shellTool.build({ command });
// @ts-expect-error - getConfirmationDetails is protected
const details = await invocation.getConfirmationDetails(
new AbortController().signal,
);
expect(details).not.toBe(false);
if (details && details.type === 'exec') {
expect(details.rootCommand).toBe('ls, grep');
}
});
});
});