Mahima Shanware
a5c2bf81f4
fix(core): remove redundant ENOENT fallback in getPlansDir to fix traversal vulnerability
...
This removes the insecure ENOENT fallback in `Storage.getPlansDir` that could be exploited to bypass the `isSubpath` check via symlinks. The fallback was unnecessary because the underlying `resolveToRealPath` function (via `robustRealpath`) was recently updated to gracefully handle and resolve symlinks for non-existent target paths.
2026-04-07 16:35:24 +00:00
Mahima Shanware
b5d92caf89
fix(core): handle plan dir EEXIST safely and rely on mkdir idempotency
...
This addresses a potential TOCTOU vulnerability and edge case identified during review. The redundant `fs.existsSync` check in `getPlansDir` has been removed, allowing `fs.mkdirSync(..., { recursive: true })` to safely handle directory idempotency.
By relying directly on `mkdirSync`, we ensure that if a non-directory file already exists at the target path, the system will correctly throw an `EEXIST` error rather than silently treating the file as a directory and crashing later during workspace registration.
2026-04-07 16:35:23 +00:00
Mahima Shanware
81c74e1483
perf(core): cache initialized plan directories
...
Adds caching to getPlansDir to avoid redundant synchronous disk I/O and repeated workspace context registrations.
2026-04-07 16:35:23 +00:00
Mahima Shanware
0a8195fb3a
fix(core): address extension context stickiness and symlink path resolution
...
This commit addresses two bugs identified during review:
1. Cleared the sticky `activeExtensionContext` when the standard `/plan` command is executed, ensuring subsequent prompts correctly target the default global plan directory.
2. Fixed a path resolution regression in `Storage.getPlansDir()` by constructing the fallback ENOENT path directly against the real project root. This prevents `isSubpath` validation failures and potential traversal vulnerabilities when the project root is a symlink.
2026-04-07 16:35:23 +00:00
Mahima Shanware
402a96a519
fix(core): migrate consumers to lazily-evaluated getPlansDir
...
Updates prompts and tool implementations (edit, write-file, enter/exit plan mode) to route through Config.getPlansDir() instead of Storage.getPlansDir(). This ensures the plan directory is lazily created exactly when these features attempt to use it, preventing ENOENT failures.
2026-04-07 16:35:23 +00:00
Mahima Shanware
bdf90e9985
feat(core): dynamic MRU plan directory resolution and lazy initialization
...
Introduces active extension context tracking in config to support dynamic switching of plan directories. Resolves circular dependency in storage by deferring plan directory creation until on-demand use, preventing ENOENT errors on non-existent paths.
2026-04-07 16:34:08 +00:00
Emily Hedlund
1762c9c509
temporarily disable sandbox integration test on windows ( #24786 )
2026-04-07 15:33:40 +00:00
Gaurav
4c5e887732
feat(telemetry): add browser agent clearcut metrics ( #24688 )
2026-04-07 07:48:38 +00:00
Abhi
83096c68b0
fix(policy): allow complete_task in plan mode ( #24771 )
2026-04-07 03:43:42 +00:00
Christian Gunderman
d2b775f9a7
Add an eval for and fix unsafe cloning behavior. ( #24457 )
2026-04-07 03:17:44 +00:00
David Pierce
984f02c180
relax tool sandboxing overrides for plan mode to match defaults. ( #24762 )
2026-04-06 22:18:10 +00:00
Gaurav
e116aa34f4
fix(browser): remove premature browser cleanup after subagent invocation ( #24753 )
2026-04-06 21:17:31 +00:00
krishdef7
8ac560d2c9
fix(core): handle partial llm_request in BeforeModel hook override ( #22326 )
2026-04-06 20:11:38 +00:00
Christian Gunderman
8f131ffef7
Fix issue where topic headers can be posted back to back ( #24759 )
2026-04-06 18:36:22 +00:00
Gal Zahavi
7311e242ec
feat(cli): enhance tool confirmation UI and selection layout ( #24376 )
2026-04-04 01:32:35 +00:00
Jacob Richman
ec35ebbe57
fix(core): detect uninitialized lines ( #24646 )
2026-04-04 00:51:29 +00:00
Gal Zahavi
65024d4538
fix(core): ensure global temp directory is always in sandbox allowed paths ( #24638 )
...
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-04 00:23:27 +00:00
Samee Zahid
4fb3790051
feat(core): discourage update topic tool for simple tasks ( #24640 )
...
Co-authored-by: Samee Zahid <sameez@google.com >
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-03 23:52:24 +00:00
Gal Zahavi
893ae4d29a
fix(core): ensure sandbox approvals are correctly persisted and matched for proactive expansions ( #24577 )
2026-04-03 21:48:18 +00:00
Emily Hedlund
370c45de67
fix(core): improve windows sandbox reliability and fix integration tests ( #24480 )
2026-04-03 20:54:48 +00:00
Abhi
a93a1ebd65
fix(core): inject skill system instructions into subagent prompts if activated ( #24620 )
2026-04-03 18:45:11 +00:00
Emily Hedlund
ca0e6f9bd9
test: fix Windows CI execution and resolve exposed platform failures ( #24476 )
2026-04-03 15:50:29 +00:00
Aditya Bijalwan
7a70ab9a5d
Feat/browser agent metrics ( #24210 )
...
Co-authored-by: Gaurav Ghosh <gaghosh@google.com >
2026-04-03 08:21:09 +00:00
Tommaso Sciortino
8c215c7a88
fix(core): remove broken PowerShell translation and fix native __write in Windows sandbox ( #24571 )
2026-04-03 02:50:44 +00:00
Jacob Richman
1f5d7014c6
feat(ui): enable "TerminalBuffer" mode to solve flicker ( #24512 )
2026-04-03 00:39:49 +00:00
Gal Zahavi
1ae0499e5d
fix(core): pass includeDirectories to sandbox configuration ( #24573 )
2026-04-02 23:34:12 +00:00
Saurav Sharma
e5adeaca80
fix(core): unsafe type assertions in Core File System #19712 ( #19739 )
...
Co-authored-by: Dev Randalpura <devrandalpura@google.com >
2026-04-02 20:44:22 +00:00
Adam Weidman
6fb58bd31f
feat(cli): migrate nonInteractiveCli to LegacyAgentSession ( #22987 )
2026-04-02 20:21:40 +00:00
Jerop Kipruto
64c928fce7
feat(core): implement context-aware persistent policy approvals ( #23257 )
2026-04-02 20:01:33 +00:00
Aashir Javed
77027dff82
fix(cli): clear stale retry/loading state after cancellation ( #21096 ) ( #21960 )
...
Co-authored-by: Aashir Javed <Aaxhirrr@users.noreply.github.com >
Co-authored-by: Dev Randalpura <devrandalpura@google.com >
2026-04-02 19:44:39 +00:00
ruomeng
c0dfa1aec3
Enable 'Other' option for yesno question type ( #24545 )
2026-04-02 19:42:53 +00:00
Sandy Tao
06173c0885
fix(core): move project memory dir under tmp directory ( #24542 )
2026-04-02 17:50:43 +00:00
Jyo
08b926796c
Fix crash when vim editor is not found in PATH on Windows ( #22423 )
...
Co-authored-by: Tommaso Sciortino <sciortino@gmail.com >
2026-04-02 17:40:19 +00:00
Sandy Tao
63cc363606
feat(core): scope subagent workspace directories via AsyncLocalStorage ( #24445 )
2026-04-02 16:33:08 +00:00
joshualitt
e0044f2868
feat(core): Land ContextCompressionService ( #24483 )
2026-04-02 16:22:04 +00:00
Gaurav
beff8c91aa
fix(browser): handle computer-use model detection for analyze_screenshot ( #24502 )
2026-04-02 15:05:21 +00:00
Coco Sheng
f510394721
Implement background process monitoring and inspection tools ( #23799 )
2026-04-02 15:01:00 +00:00
Jacob Richman
40b73c9447
Fix shell output display ( #24490 )
2026-04-02 05:53:46 +00:00
Sandy Tao
e446733b53
feat(core): add background memory service for skill extraction ( #24274 )
2026-04-02 05:05:31 +00:00
Alisa
3344f6849c
Unused error variables in catch block are not allowed ( #24487 )
2026-04-02 04:33:07 +00:00
Jacob Richman
18cdbbf81a
Terminal Serializer Optimization ( #24485 )
2026-04-02 02:56:52 +00:00
Gal Zahavi
13ccc16457
fix(core): enhance sandbox usability and fix build error ( #24460 )
...
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-01 23:51:06 +00:00
Adam Weidman
b5f568fefe
feat(config): add experimental.adk.agentSessionNoninteractiveEnabled setting ( #24439 )
2026-04-01 20:41:38 +00:00
Emily Hedlund
d00b43733c
fix(core): refactor linux sandbox to fix ARG_MAX crashes ( #24286 )
2026-04-01 20:17:10 +00:00
Adib234
55f5d3923c
feat(policy): explicitly allow web_fetch in plan mode with ask_user ( #24456 )
...
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-01 19:57:56 +00:00
Abhi
2d432c1489
fix(core): ensure complete_task tool calls are recorded in chat history ( #24437 )
2026-04-01 19:53:46 +00:00
Gaurav
aed85725b6
feat(browser): supersede stale snapshots to reclaim context-window tokens ( #24440 )
2026-04-01 18:41:39 +00:00
anj-s
43cf63e189
fix: update task tracker storage location in system prompt ( #24034 )
2026-04-01 18:29:09 +00:00
Sri Pasumarthi
6b303a13eb
fix(acp) refactor(core,cli): centralize model discovery logic in ModelConfigService ( #24392 )
2026-04-01 18:03:30 +00:00
cynthialong0-0
16468a855d
feat(core): update browser agent prompt to check open pages first when bringing up ( #24431 )
2026-04-01 17:52:18 +00:00