MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-06-13 12:57:12 -07:00
Code Issues Packages Projects Releases Wiki Activity
5,314 Commits 1,113 Branches 540 Tags
459db523e23edd49c9ea5131f2243c43e0a0f779
Commit Graph

2544 Commits

Author SHA1 Message Date
galz10 459db523e2 fix(core): secure shell execution with AST validation 
Replaces simplistic prefix-matching for shell command policies with robust Abstract Syntax Tree (AST) parsing using `bash-parser`.

Previously, policies for shell tools only checked if the command string started with an allowed prefix (e.g., `echo`), allowing trivial bypasses via shell operators like `&&` or `;` (e.g., `echo "ok" && rm -rf /`).

This update secures the execution pipeline by parsing the shell string and validating *every* extracted sub-command against the allowed policies.

Key changes:
- Integrated `bash-parser` to synchronously extract executable commands from pipelines, lists, and subshells.
- Updated `doesToolInvocationMatch` to enforce policy on all extracted sub-commands instead of just the string prefix.
- Enforced `coreTools` validation at execution time within `ShellTool` to prevent bypasses when tools are configured via `settings.json`.
- Updated the CLI `useShellCommandProcessor` to run human-input commands through the AST `PolicyEngine` check before spawning the process.
- Fixed asynchronous test flakiness in the CLI package caused by the new policy enforcement.
 2026-03-16 15:07:51 -07:00
Emily Hedlund 05fda0cf01 feat(extensions): implement cryptographic integrity verification for extension updates (#21772) 2026-03-16 19:01:52 +00:00
Abhi d43ec6c8f3 feat: enable subagents (#22386) 2026-03-16 18:40:12 +00:00
Sehoon Shon 48130ebd25 Guard pro model usage (#22665) 2026-03-16 17:44:25 +00:00
Sri Pasumarthi e3df87cf1a fix: Adjust ToolGroupMessage filtering to hide Confirming and show Canceled tool calls. (#22230) 2026-03-16 15:50:11 +00:00
N. Taylor Mullen bd590bbde6 fix(cli): improve command conflict handling for skills (#21942) 2026-03-14 23:33:14 +00:00
kevinjwang1 0bf7ea60c5 Add ModelDefinitions to ModelConfigService (#22302) 2026-03-14 21:45:21 +00:00
kevinjwang1 8f2697c2e5 Add registry var (#22224) 2026-03-14 20:14:51 +00:00
Abhijit Balaji 9f7691fd88 feat(prompts): implement Topic-Action-Summary model for verbosity reduction (#21503) 2026-03-14 05:10:30 +00:00
Sehoon Shon 8d68ece8d6 Revert "fix(cli): validate --model argument at startup" (#22378) 2026-03-13 23:17:29 +00:00
Gal Zahavi b49fc8122d feat(security): add disableAlwaysAllow setting to disable auto-approvals (#21941) 2026-03-13 23:02:09 +00:00
Tommaso Sciortino 24933a90d0 fix(cli): support CJK input and full Unicode scalar values in terminal protocols (#22353) 2026-03-13 21:24:26 +00:00
Gal Zahavi fa024133e6 feat(core): integrate SandboxManager to sandbox all process-spawning tools (#22231) 2026-03-13 21:11:51 +00:00
cynthialong0-0 bfbd3c40a7 feat(agent): add allowed domain restrictions for browser agent (#21775) 2026-03-13 19:41:40 +00:00
anj-s dd8d4c98b3 feat(tracker): return TodoList display for tracker tools (#22060) 2026-03-13 18:18:33 +00:00
Abhi 3b601b3d90 refactor(ui): extract SessionBrowser static ui components (#22348) 2026-03-13 17:25:13 +00:00
Alexander Farber aa000d7d30 fix(core): show descriptive error messages when saving settings fails (#18095) 
Co-authored-by: Dev Randalpura <devrandalpura@google.com>
 2026-03-13 16:19:56 +00:00
Tommaso Sciortino 2a7e602356 refactor(cli): consolidate getErrorMessage utility to core (#22190) 2026-03-13 15:40:29 +00:00
Ankit c156bac5f7 fix(settings): prevent j/k navigation keys from intercepting edit buffer input (#21865) 2026-03-13 14:55:36 +00:00
Adib234 263b8cd3b3 fix(plan): Fix AskUser evals (#22074) 2026-03-13 13:30:19 +00:00
Abhi 2d05396dd2 refactor(ui): extract pure session browser utilities (#22256) 2026-03-13 06:22:52 +00:00
krishdef7 19e0b1ff7d fix(cli): escape @ symbols on paste to prevent unintended file expansion (#21239) 2026-03-12 22:05:12 +00:00
Alisa 4d393f9dca feat(a2a): enable native gRPC support and protocol routing (#21403) 
Co-authored-by: Adam Weidman <adamfweidman@google.com>
 2026-03-12 21:36:50 +00:00
Sehoon Shon b6beab9480 perf(cli): enable code splitting and deferred UI loading (#22117) 2026-03-12 20:37:03 +00:00
Abhi 7242d71c01 fix(core): prevent duplicate tool schemas for instantiated tools (#22204) 2026-03-12 19:09:23 +00:00
Spencer 73c589f9e3 feat(cli): allow safe tools to execute concurrently while agent is busy (#21988) 2026-03-12 16:03:53 +00:00
Jaisal K Jain 34709dc62d fix(cli): validate --model argument at startup (#21393) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-03-12 14:38:54 +00:00
Jack Wotherspoon a38aaa47fb chore: remove unnecessary log for themes (#22165) 2026-03-12 13:51:36 +00:00
Sehoon Shon 18e8dd768a feat(ui): Do not show Ultra users /upgrade hint (#22154) (#22156) 2026-03-12 13:46:58 +00:00
Jack Wotherspoon 45faf4d31b fix: register themes on extension load not start (#22148) 2026-03-12 13:38:09 +00:00
Aditya Bijalwan 333475c41f feat(browser): implement input blocker overlay during automation (#21132) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Gaurav <39389231+gsquared94@users.noreply.github.com>
Co-authored-by: Gaurav Ghosh <gaghosh@google.com>
 2026-03-12 11:29:57 +00:00
Sri Pasumarthi 41d4f59f5e feat: Display pending and confirming tool calls (#22106) 
Co-authored-by: Spencer <spencertang@google.com>
 2026-03-12 05:57:37 +00:00
Adam Weidman 10ab958378 refactor(core): extract ExecutionLifecycleService for tool backgrounding (#21717) 2026-03-12 04:03:54 +00:00
Bryan Morgan 949e85ca55 feat(core): differentiate User-Agent for a2a-server and ACP clients (#22059) 2026-03-12 02:31:59 +00:00
N. Taylor Mullen 7380424782 fix(policy): ensure user policies are loaded when policyPaths is empty (#22090) 2026-03-11 23:58:58 +00:00
N. Taylor Mullen f368e80baf fix(cli): resolve skill uninstall failure when skill name is updated (#22085) 2026-03-11 23:23:20 +00:00
Gal Zahavi e3b3b71c14 feat(core): implement SandboxManager interface and config schema (#21774) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-03-11 21:42:50 +00:00
nityam 352bbc36c0 merge duplicate imports packages/cli/src subtask3 (#22056) 2026-03-11 21:21:40 +00:00
nityam be16caece2 merge duplicate imports packages/cli/src subtask2 (#22051) 2026-03-11 20:14:12 +00:00
Ali Anari 08e174a05c feat(ui): add vim yank/paste (y/p/P) with unnamed register (#22026) 
Co-authored-by: Jacob Richman <jacob314@gmail.com>
 2026-03-11 18:43:42 +00:00
nityam 016d5d8eb6 merge duplicate imports packages/cli/src subtask1 (#22040) 2026-03-11 17:50:42 +00:00
Gal Zahavi 6900fe5527 feat(policy): add --admin-policy flag for supplemental admin policies (#20360) 2026-03-11 17:35:45 +00:00
Tommaso Sciortino 7e9e196793 feat(cli): support removing keybindings via '-' prefix (#22042) 2026-03-11 17:34:03 +00:00
Jack Wotherspoon b804fe9662 fix: clean up /clear and /resume (#22007) 2026-03-11 15:23:23 +00:00
Gyanranjan Priyam 99bbbc2170 docs: fix misleading YOLO mode description in defaultApprovalMode (#21878) 
Co-authored-by: Adib234 <30782825+Adib234@users.noreply.github.com>
Co-authored-by: A.K.M. Adib <adibakm@google.com>
 2026-03-11 15:10:55 +00:00
Tommaso Sciortino 3e3d04877b docs(cli): add custom keybinding documentation (#21980) 2026-03-11 14:25:24 +00:00
Nick Salerni 88638c14f7 fix(cli): allow scrolling keys in copy mode (Ctrl+S selection mode) (#19933) 
Co-authored-by: Jacob Richman <jacob314@gmail.com>
 2026-03-11 07:16:25 +00:00
Ali Anari f16f13fba8 fix(ui): clamp cursor to last char after all NORMAL mode deletes (#21973) 2026-03-11 06:22:12 +00:00
Tommaso Sciortino 075e0b1a81 feat(cli): support literal character keybindings and extended Kitty protocol keys (#21972) 2026-03-11 04:49:20 +00:00
Aishanee Shah f8ad3a200a Feat/retry fetch notifications (#21813) 2026-03-11 03:33:50 +00:00