Commit Graph

4079 Commits

Author SHA1 Message Date
Akhilesh Kumar 7586efcf49 chore: resolve merge conflicts 2026-03-13 18:16:28 +00:00
Akhilesh Kumar ee425228fe fix(core): ensure policy engine compatibility with isolated MCP servers
This commit addresses PR feedback regarding the prefixing of isolated subagent MCP servers and its potential to break existing security policies relying on standard FQNs.

1. Added `originalName` to `MCPServerConfig` and `originalServerName` to `DiscoveredMCPTool`.
2. Updated `CoreToolScheduler` to reconstruct the original FQN (without the `__agent__` prefix) when performing policy checks via the Policy Engine. This ensures policies mapping to standard `mcp_{server}_{tool}` formats still apply correctly to isolated agents.
3. Added a remote agent back to `NewAgentsNotification.test.tsx` to maintain coverage for both local and remote agents.
2026-03-13 17:30:32 +00:00
Alexander Farber aa000d7d30 fix(core): show descriptive error messages when saving settings fails (#18095)
Co-authored-by: Dev Randalpura <devrandalpura@google.com>
2026-03-13 16:19:56 +00:00
Tommaso Sciortino 2a7e602356 refactor(cli): consolidate getErrorMessage utility to core (#22190) 2026-03-13 15:40:29 +00:00
Ankit c156bac5f7 fix(settings): prevent j/k navigation keys from intercepting edit buffer input (#21865) 2026-03-13 14:55:36 +00:00
Adib234 263b8cd3b3 fix(plan): Fix AskUser evals (#22074) 2026-03-13 13:30:19 +00:00
Abhi 2d05396dd2 refactor(ui): extract pure session browser utilities (#22256) 2026-03-13 06:22:52 +00:00
Sandy Tao 7b4a822b0e feat(core): instrument file system tools for JIT context discovery (#22082) 2026-03-13 03:44:42 +00:00
Bryan Morgan d44615ac2f feat(core): increase sub-agent turn and time limits (#22196) 2026-03-13 02:39:49 +00:00
joshualitt de656f01d7 feat(core): Fully migrate packages/core to AgentLoopContext. (#22115) 2026-03-13 01:56:31 +00:00
Abhi 1d2585dba6 fix(core): explicitly pass messageBus to policy engine for MCP tool saves (#22255) 2026-03-13 01:31:13 +00:00
Yuna Seol d7d53981f3 feat(core): add trajectoryId to ConversationOffered telemetry (#22214)
Co-authored-by: Yuna Seol <yunaseol@google.com>
2026-03-12 22:12:08 +00:00
krishdef7 19e0b1ff7d fix(cli): escape @ symbols on paste to prevent unintended file expansion (#21239) 2026-03-12 22:05:12 +00:00
Alisa 4d393f9dca feat(a2a): enable native gRPC support and protocol routing (#21403)
Co-authored-by: Adam Weidman <adamfweidman@google.com>
2026-03-12 21:36:50 +00:00
Sehoon Shon b6beab9480 perf(cli): enable code splitting and deferred UI loading (#22117) 2026-03-12 20:37:03 +00:00
Aishanee Shah 663d9c0537 feat(core): implement Stage 1 improvements for webfetch tool (#21313) 2026-03-12 20:13:00 +00:00
Gaurav 4863816b81 fix(browser): fix duplicate function declaration error in browser agent (#22207) 2026-03-12 19:58:09 +00:00
Adarsh Pandey 829c532703 fix(core/ide): add Antigravity CLI fallbacks (#22030) 2026-03-12 19:28:36 +00:00
Akhilesh Kumar 3bf0a5579a Merge remote-tracking branch 'origin/main' into fix-subagent-tool-isolation
# Conflicts:
#	packages/core/src/agents/local-executor.ts
2026-03-12 19:26:33 +00:00
Adam Weidman c68303c553 fix(core): add proxy routing support for remote A2A subagents (#22199) 2026-03-12 19:25:51 +00:00
Abhi 7242d71c01 fix(core): prevent duplicate tool schemas for instantiated tools (#22204) 2026-03-12 19:09:23 +00:00
Akhilesh Kumar 7a08a4fbd5 feat(cli): display MCP servers in agent permission dialog
Updates NewAgentsNotification to inspect the local agent definition and list any MCP servers that the agent introduces, providing users with the necessary visibility before enabling.
2026-03-12 19:06:42 +00:00
Yuna Seol 391715c33c fix(core): fix startup stats to use int values for timestamps and durations (#22201)
Co-authored-by: Yuna Seol <yunaseol@google.com>
2026-03-12 19:06:12 +00:00
Tommaso Sciortino 8a537d85e9 update vulnerable deps (#22180) 2026-03-12 17:14:43 +00:00
Abhi cd7dced951 feat(core): implement model-driven parallel tool scheduler (#21933) 2026-03-12 17:03:44 +00:00
Spencer 73c589f9e3 feat(cli): allow safe tools to execute concurrently while agent is busy (#21988) 2026-03-12 16:03:53 +00:00
Adam Weidman 4b76fe0061 feat(core): add google credentials provider for remote agents (#21024) 2026-03-12 15:39:59 +00:00
Gaurav 867dc0fdda feat(telemetry): add Clearcut instrumentation for AI credits billing events (#22153) 2026-03-12 15:16:27 +00:00
Michael Ramos 7506b00488 fix(core): handle policy ALLOW for exit_plan_mode (#21802) 2026-03-12 14:43:40 +00:00
Jaisal K Jain 34709dc62d fix(cli): validate --model argument at startup (#21393)
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-03-12 14:38:54 +00:00
Abhi 8432bcee75 fix(core): resolve MCP tool FQN validation, schema export, and wildcards in subagents (#22069) 2026-03-12 14:17:36 +00:00
Jack Wotherspoon a38aaa47fb chore: remove unnecessary log for themes (#22165) 2026-03-12 13:51:36 +00:00
Sehoon Shon 18e8dd768a feat(ui): Do not show Ultra users /upgrade hint (#22154) (#22156) 2026-03-12 13:46:58 +00:00
Jack Wotherspoon 45faf4d31b fix: register themes on extension load not start (#22148) 2026-03-12 13:38:09 +00:00
Aditya Bijalwan 333475c41f feat(browser): implement input blocker overlay during automation (#21132)
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Gaurav <39389231+gsquared94@users.noreply.github.com>
Co-authored-by: Gaurav Ghosh <gaghosh@google.com>
2026-03-12 11:29:57 +00:00
Sri Pasumarthi 41d4f59f5e feat: Display pending and confirming tool calls (#22106)
Co-authored-by: Spencer <spencertang@google.com>
2026-03-12 05:57:37 +00:00
Adam Weidman 10ab958378 refactor(core): extract ExecutionLifecycleService for tool backgrounding (#21717) 2026-03-12 04:03:54 +00:00
Bryan Morgan 949e85ca55 feat(core): differentiate User-Agent for a2a-server and ACP clients (#22059) 2026-03-12 02:31:59 +00:00
Spencer f090736ebc fix(core): secure argsPattern and revert WEB_FETCH_TOOL_NAME escalation (#22104)
Co-authored-by: Taylor Mullen <ntaylormullen@google.com>
2026-03-12 02:26:21 +00:00
N. Taylor Mullen 7380424782 fix(policy): ensure user policies are loaded when policyPaths is empty (#22090) 2026-03-11 23:58:58 +00:00
N. Taylor Mullen f368e80baf fix(cli): resolve skill uninstall failure when skill name is updated (#22085) 2026-03-11 23:23:20 +00:00
N. Taylor Mullen 4a6d1fad9d fix(core): propagate subagent context to policy engine (#22086) 2026-03-11 23:01:45 +00:00
Akhilesh Kumar 164abf9d9b fix(core): resolve TypeScript compilation errors in LocalAgentExecutor 2026-03-11 21:47:31 +00:00
Gal Zahavi e3b3b71c14 feat(core): implement SandboxManager interface and config schema (#21774)
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-03-11 21:42:50 +00:00
krishdef7 926dddf0bf fix(hooks): fix BeforeAgent/AfterAgent inconsistencies (#18514) (#21383)
Co-authored-by: Spencer <spencertang@google.com>
2026-03-11 21:40:11 +00:00
nityam 352bbc36c0 merge duplicate imports packages/cli/src subtask3 (#22056) 2026-03-11 21:21:40 +00:00
Abhi 3bf4f885d8 feat(core): simplify subagent success UI and improve early termination display (#21917) 2026-03-11 21:11:07 +00:00
Akhilesh Kumar b132791cd2 test(core): add unit tests for subagent MCP tool isolation
Unit tests added:
1. Tool Registry Filtering: Verified that main registry hides all '__agent__' prefixed tools.
2. Subagent Tool Inheritance: Verified that agents correctly filter out other agents' MCP tools while retaining their own.
Verified with vitest in packages/core.
2026-03-11 20:55:10 +00:00
Akhilesh Kumar 5a020e7720 fix(core): avoid restarting subagent MCP servers
I've tactically refactored the `LocalAgentExecutor` so that it avoids shutting down and restarting subagent MCP servers for every agent execution, which mitigates the performance overhead caused by long startup times.

1. Leveraging the Global McpClientManager:
Instead of instantiating an entirely new `McpClientManager` instance within the `LocalAgentExecutor` per execution (and shutting it down in its `finally` block), we now use the single global `McpClientManager` available on `context.config`. Since the global manager deduplicates connection attempts by checking if the server is already active, subagent MCP servers will now naturally stay alive after their initial initialization.

2. Prefixing to Avoid Polluting the Global Namespace:
To isolate the agent-specific tools, we now register the subagent's MCP servers with a unique prefix: `__agent__${definition.name}__${name}`.

3. Strict Filtering for True Isolation (ToolRegistry):
- Main CLI context: Added a block in the global `ToolRegistry.getFunctionDeclarations()` that strictly hides any tool belonging to a server prefixed with `__agent__` if the registry `isMainRegistry`. This prevents internal subagent tools from leaking to the main agent.
- Subagent context (`LocalAgentExecutor`): When inheriting tools from the parent registry (the fallback when an agent doesn't explicitly define `tools: []`), the agent now ignores `__agent__` prefixed tools that belong to *other* agents, ensuring strict tool isolation while keeping the actual underlying server processes alive and reusable.
2026-03-11 20:43:25 +00:00
Spencer 775bcbf3a6 fix(core): silently retry API errors up to 3 times before halting session (#21989) 2026-03-11 20:40:06 +00:00