MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-29 05:02:35 -07:00
Code Issues Packages Projects Releases Wiki Activity
5,645 Commits 1,080 Branches 523 Tags
e99b47c22ea6acdab60bbe57cf59c2b643b8fa3a
Commit Graph

2311 Commits

Author SHA1 Message Date
Mahima Shanware e99b47c22e fix(core): remove redundant ENOENT fallback in getPlansDir to fix traversal vulnerability 
This removes the insecure ENOENT fallback in `Storage.getPlansDir` that could be exploited to bypass the `isSubpath` check via symlinks. The fallback was unnecessary because the underlying `resolveToRealPath` function (via `robustRealpath`) was recently updated to gracefully handle and resolve symlinks for non-existent target paths.
 2026-04-06 20:32:12 +00:00
Mahima Shanware 4195168d4d fix(core): handle plan dir EEXIST safely and rely on mkdir idempotency 
This addresses a potential TOCTOU vulnerability and edge case identified during review. The redundant `fs.existsSync` check in `getPlansDir` has been removed, allowing `fs.mkdirSync(..., { recursive: true })` to safely handle directory idempotency.

By relying directly on `mkdirSync`, we ensure that if a non-directory file already exists at the target path, the system will correctly throw an `EEXIST` error rather than silently treating the file as a directory and crashing later during workspace registration.
 2026-04-06 19:36:05 +00:00
Mahima Shanware 9d600b9e8f perf(core): cache initialized plan directories 
Adds caching to getPlansDir to avoid redundant synchronous disk I/O and repeated workspace context registrations.
 2026-04-06 19:13:49 +00:00
Mahima Shanware c578567488 fix(core): address extension context stickiness and symlink path resolution 
This commit addresses two bugs identified during review:

1. Cleared the sticky `activeExtensionContext` when the standard `/plan` command is executed, ensuring subsequent prompts correctly target the default global plan directory.
2. Fixed a path resolution regression in `Storage.getPlansDir()` by constructing the fallback ENOENT path directly against the real project root. This prevents `isSubpath` validation failures and potential traversal vulnerabilities when the project root is a symlink.
 2026-04-06 17:41:56 +00:00
Mahima Shanware 985c5953c6 fix(core): migrate consumers to lazily-evaluated getPlansDir 
Updates prompts and tool implementations (edit, write-file, enter/exit plan mode) to route through Config.getPlansDir() instead of Storage.getPlansDir(). This ensures the plan directory is lazily created exactly when these features attempt to use it, preventing ENOENT failures.
 2026-04-06 16:56:01 +00:00
Mahima Shanware 625b53ef39 feat(core): dynamic MRU plan directory resolution and lazy initialization 
Introduces active extension context tracking in config to support dynamic switching of plan directories. Resolves circular dependency in storage by deferring plan directory creation until on-demand use, preventing ENOENT errors on non-existent paths.
 2026-04-06 16:56:01 +00:00
cynthialong0-0 c61506bbc1 fix(core): ensure blue border overlay and input blocker to act correctly depending on browser agent activities (#24385) 2026-04-01 16:35:44 +00:00
Emily Hedlund 6a8a0d4faa feat(core): populate sandbox forbidden paths with project ignore file contents (#24038) 2026-04-01 16:27:55 +00:00
ruomeng eb95e99b3d feat(plan): conditionally add enter/exit plan mode tools based on current mode (#24378) 2026-04-01 15:56:10 +00:00
Jerop Kipruto ca43f8c291 feat(core): prioritize discussion before formal plan approval (#24423) 2026-04-01 15:55:47 +00:00
Abhi dcf5afafda fix(core): resolve subagent chat recording gaps and directory inheritance (#24368) 2026-04-01 15:29:38 +00:00
Sri Pasumarthi 1b265f343f fix(core): pin AuthType.GATEWAY to use Gemini 3.1 Pro/Flash Lite by default (#24375) 2026-04-01 00:25:59 +00:00
joshualitt fd5c103f99 refactor(core): Centralize context management logic into src/context (#24380) 2026-04-01 00:01:46 +00:00
Gaurav 782bb4e4bd fix(core): fix browser agent UX issues and improve E2E test reliability (#24312) 2026-03-31 23:00:16 +00:00
David Pierce 94f9480a3a fix(core): resolve Plan Mode deadlock during plan file creation due to sandbox restrictions (#24047) 2026-03-31 22:06:50 +00:00
Abhi 9364dd8a49 feat(core): infrastructure for event-driven subagent history (#23914) 2026-03-31 21:54:22 +00:00
Gal Zahavi 6cade3eaec test(sandbox): add integration test for dynamic permission expansion (#24359) 2026-03-31 20:59:44 +00:00
Sandy Tao c8d18eb2ac fix(config): disable JIT context loading by default (#24364) 2026-03-31 20:31:22 +00:00
Gal Zahavi 554a5a36a3 fix(core): implement __read and __write commands in sandbox managers (#24283) 2026-03-31 19:39:51 +00:00
cynthialong0-0 7c4b497a84 fix(core): fix race condition between browser agent and main closing process (#24340) 2026-03-31 17:43:37 +00:00
Emily Hedlund 65ee6171e7 fix(core): batch macOS seatbelt rules into a profile file to prevent ARG_MAX errors (#24255) 2026-03-31 17:35:13 +00:00
cynthialong0-0 a79f2f81ae Fix(browser): terminate immediately for "browser is already running" error (#24233) 
Co-authored-by: Gaurav <39389231+gsquared94@users.noreply.github.com>
 2026-03-31 17:07:58 +00:00
Gaurav 6805e818f7 fix(browser): terminate subagent immediately on domain restriction violations (#24313) 2026-03-31 16:51:27 +00:00
ruomeng 07e2053e12 feat(plan): promote planning feature to stable (#24282) 2026-03-31 16:10:13 +00:00
cynthialong0-0 3982a252bb fix(browser): reset action counter for each agent session and let it ignore internal actions (#24228) 2026-03-31 15:23:19 +00:00
Sehoon Shon 561418c554 fix(core): enable mid-stream retries for all models and re-enable compression test (#24302) 2026-03-31 06:25:21 +00:00
Adib234 d0d3639e16 feat(plan): support Plan mode in untrusted folders (#17586) 2026-03-31 03:33:55 +00:00
Sandy Tao 46d6b119b6 feat(core): add project-level memory scope to save_memory tool (#24161) 2026-03-31 01:32:15 +00:00
Abhijit Balaji 80929c48c5 feat(core): enable topic update narration for legacy models (#24241) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-03-31 00:57:46 +00:00
Jarrod Whelan 1df5c98b33 feat(cli): implement compact tool output (#20974) 2026-03-30 23:43:29 +00:00
Abhi 5b5f87abc7 fix(core): ensure default agents provide tools and use model-specific schemas (#24268) 2026-03-30 23:10:57 +00:00
joshualitt dfba0e91e2 feat(core): Unified Context Management and Tool Distillation. (#24157) 2026-03-30 22:29:59 +00:00
Spencer a255529c6b fix(a2a-server): prioritize ADC before evaluating headless constraints for auth initialization (#23614) 2026-03-30 12:26:15 +00:00
Christian Gunderman b7c86b5497 UX for topic narration tool (#24079) 2026-03-28 21:33:38 +00:00
Adam Weidman 3eebb75b7a feat(core): agnostic background task UI with CompletionBehavior (#22740) 
Co-authored-by: mkorwel <matt.korwel@gmail.com>
 2026-03-28 21:27:51 +00:00
Abhijit Balaji afc1d50c20 feat(core): implement tool-based topic grouping (Chapters) (#23150) 
Co-authored-by: Christian Gunderman <gundermanc@google.com>
 2026-03-28 01:28:25 +00:00
Gal Zahavi ae123c547c fix(sandbox): implement Windows Mandatory Integrity Control for GeminiSandbox (#24057) 2026-03-28 00:14:35 +00:00
Ivan Porty b5529c2475 fix(core): resolve ACP Operation Aborted Errors in grep_search (#23821) 
Co-authored-by: Sri Pasumarthi <sripas@google.com>
 2026-03-27 23:12:34 +00:00
Tommaso Sciortino 9e74a7ec18 feat(core): implement windows sandbox expansion and denial detection (#24027) 2026-03-27 22:35:01 +00:00
Sandy Tao 4034c030e7 feat(context): add configurable memoryBoundaryMarkers setting (#24020) 2026-03-27 21:51:32 +00:00
Abhi ba71ffa736 fix(core): switch to subshells for shell tool wrapping to fix heredocs and edge cases (#24024) 2026-03-27 20:34:39 +00:00
joshualitt 320c8aba4c feat(core): Land AgentHistoryProvider. (#23978) 2026-03-27 19:22:35 +00:00
Emily Hedlund 29031ea7cf refactor(core): improve ignore resolution and fix directory-matching bug (#23816) 2026-03-27 17:12:26 +00:00
Spencer f3977392e6 revert(core): support custom base URL via env vars (#23976) 2026-03-27 17:10:14 +00:00
Emily Hedlund 535667baf6 feat(core): add forbiddenPaths to GlobalSandboxOptions and refactor createSandboxManager (#23936) 2026-03-27 16:57:26 +00:00
Abhi 104587bae8 feat(core): subagent isolation and cleanup hardening (#23903) 2026-03-27 03:43:39 +00:00
Yuna Seol aca8e1af05 fix(core): explicitly set error names to avoid bundling renaming issues (#23913) 2026-03-27 03:40:49 +00:00
Sri Pasumarthi 750dec5d8d fix(acp): Update allow approval policy flow for ACP clients to fix config persistence and compatible with TUI (#23818) 2026-03-27 01:42:17 +00:00
Tommaso Sciortino 8868b34c75 refactor(core): delegate sandbox denial parsing to SandboxManager (#23928) 2026-03-26 22:10:15 +00:00
Aditya Bijalwan 73dd7328df feat(core): implement persistent browser session management (#21306) 
Co-authored-by: Gaurav <39389231+gsquared94@users.noreply.github.com>
Co-authored-by: cynthialong0-0 <82900738+cynthialong0-0@users.noreply.github.com>
 2026-03-26 21:33:37 +00:00