clone/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-17 01:42:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,134 Commits 1,047 Branches 511 Tags
bbfc33ea24cf2ecb9f45a9ff92fa158070f855c0
Commit Graph

3068 Commits

Author SHA1 Message Date
gemini-cli[bot]
bbfc33ea24 fix(security): address MCP security findings (MCPSafe Grade F) 
This PR addresses high and medium severity security findings related to MCP server integration, as reported by MCPSafe.

### Changes:

1. **Shell Heuristics Enforcement**: Updated `PolicyEngine` to apply shell heuristics (e.g., redirection detection) to any tool containing a `command` argument, not just those explicitly named in `SHELL_TOOL_NAMES`. This prevents security bypasses where MCP tools executing shell commands could skip safety checks.
2. **MCP Output Sanitization**: Implemented delimiters and HTML escaping for MCP tool text and resource outputs. This prevents prompt injection attacks where malicious tool output could be mistaken for system instructions by the LLM.
3. **Default Folder Trust**: Enabled folder trust by default in the CLI configuration. This ensures that the CLI verifies workspace trust before executing sensitive operations like loading local stdio MCP servers from project configuration.
4. **Type Safety**: Updated `McpResourceBlock` type to include the `uri` property, aligning with the MCP specification and fixing a TypeScript compilation error.

These changes significantly harden the gemini-cli against common attack vectors in the MCP ecosystem.

cc @mcpsafe-gh for visibility on the fixes.
cc @google-gemini-mcp-experts

Labels: bot-fix, area/security, kind/bug
 2026-05-12 21:49:54 +00:00
Dev Randalpura
c37b9113d7 fix(ui): fixed line wrap padding for selection lists (#26944) 2026-05-12 21:24:40 +00:00
Adam Weidman
c987b99394 refactor(core): introduce SubagentState enum for progress (#26934) 2026-05-12 18:58:25 +00:00
Kuroda Kayn
11a9edc808 fix(cli): restore resume for legacy sessions (#26577) 
Co-authored-by: Tommaso Sciortino <sciortino@gmail.com>
 2026-05-12 00:28:47 +00:00
Adam Weidman
24b98ade86 fix(cli): enable adk non-interactive session (#26895) 2026-05-11 23:38:23 +00:00
Franco Pieri
9ff7304391 Allow Enter to select session while in search mode in /resume (#21523) 
Co-authored-by: Tommaso Sciortino <sciortino@gmail.com>
 2026-05-11 21:46:00 +00:00
Dev Randalpura
c0d5ab1f1e fix(ui): added a gutter width to the input prompt width calculation (#26882) 2026-05-11 20:26:48 +00:00
Coco Sheng
36a7fa089c fix(cli): use static tool name in confirmation prompt to avoid parsing errors (#26866) 2026-05-11 17:45:58 +00:00
Sri Pasumarthi
4739495e39 fix(cli/acp): prevent infinite thought loop in ACP mode by disablig nextSpeakerCheck (#26874) 2026-05-11 17:38:20 +00:00
Aryan Singh
ecfaac2dc7 fix(cli): prevent duplicate SessionStart systemMessage render (#25827) 
Co-authored-by: Jacob Richman <jacob314@gmail.com>
 2026-05-11 16:44:04 +00:00
Daniel Finimundi
7cd228f5af fix(cli): allow installing extensions from ssh repo (#26274) 
Signed-off-by: Daniel Finimundi <danielrf@motorola.com>
Co-authored-by: Dev Randalpura <devrandalpura@google.com>
 2026-05-11 15:57:52 +00:00
JAYADITYA
9d0860bd0f fix(cli): remove noisy theme registration logs from terminal (#25858) 
Co-authored-by: Jack Wotherspoon <jackwoth@google.com>
 2026-05-08 19:59:33 +00:00
Dev Randalpura
dfec94869b fix(ui): added quotes around session id in resume tip (#26669) 2026-05-08 16:55:51 +00:00
mahadevan
2cad5db770 Feat: Add Machine Hostname to CLI interface (#25637) 
Signed-off-by: M-DEV-1 <mahadevankizhakkedathu@gmail.com>
Co-authored-by: Tommaso Sciortino <sciortino@gmail.com>
 2026-05-08 16:12:35 +00:00
Coco Sheng
3805640530 feat: export session to file and import via flag (#26514) 2026-05-08 15:53:52 +00:00
Br1an
c52acebaa2 fix: prevent false command conflicts when launching from home directory (#23069) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Tommaso Sciortino <sciortino@gmail.com>
 2026-05-07 22:41:12 +00:00
Sandy Tao
16e345831b fix(cli): hide /memory add subcommand when memoryV2 is enabled (#26605) 2026-05-07 20:48:12 +00:00
Dev Randalpura
451bf32c82 fix(ux): fixed issue with transcribed text not showing after releasing space (#26609) 2026-05-07 19:39:03 +00:00
Tommaso Sciortino
a809bc7c51 don't wrap args unnecessarily (#26599) 2026-05-06 23:20:47 +00:00
Michael Bleigh
90304b279c refactor(cli): migrate core tools to native ToolDisplay property and fix UI rendering (#25186) 2026-05-06 21:23:26 +00:00
Adib234
a38f393af7 fix(cli): improve mcp list UX in untrusted folders (#26457) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-05-06 19:35:35 +00:00
Christian Van
e4242edf61 fix(cli): hide read-only settings scopes (#26249) 2026-05-06 19:03:48 +00:00
Kartik
5155221bbe fix(cli): randomize sandbox container names (#26014) 2026-05-06 16:33:24 +00:00
Sri Pasumarthi
97a2bd7507 fix(acp): move tool explanation from thought stream to tool call content (#26554) 2026-05-06 15:42:01 +00:00
cynthialong0-0
469092a72c fix(cli): provide JSON output for AgentExecutionStopped in non-interactive mode (#26504) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-05-06 00:33:31 +00:00
Coco Sheng
e80d7cc083 feat: allow queuing messages during compression (#24071) (#26506) 2026-05-05 17:52:08 +00:00
Jack Wotherspoon
7cc19c2a1b fix(cli): prevent settings dialog border clipping using maxHeight (#26507) 2026-05-05 16:22:58 +00:00
Tirth Naik
8f0edcd64f fix(cli): use os.homedir() for home directory warning check (#25890) 2026-05-04 23:24:49 +00:00
Sandy Tao
56809d7069 fix(cli): make SkillInboxDialog fit and scroll in alternate buffer (#26455) 2026-05-04 21:54:13 +00:00
Anjaligarhwal
5dfbb739e5 feat(cli): add /bug-memory command and auto-capture heap snapshot in /bug (#25639) 2026-05-04 21:17:36 +00:00
Coco Sheng
0d6bd29752 feat(cli): improve /agents refresh logging (#26442) 2026-05-04 19:40:48 +00:00
Coco Sheng
493b555646 feat: add ignoreLocalEnv setting and --ignore-env flag (#2493) (#26445) 2026-05-04 19:14:33 +00:00
Adib234
75a8de83fc test(cleanup): fix temporary directory leaks in test suites (#26217) 2026-05-04 19:08:02 +00:00
Sandy Tao
a7beb890d0 feat(memory): add Auto Memory inbox flow with canonical-patch contract (#26338) 2026-05-04 19:07:13 +00:00
Coco Sheng
60a6a47d56 feat(voice): add privacy and compliance UX warning for Gemini Live backend (#26454) 2026-05-04 18:32:15 +00:00
Aryan Singh
77f4be1f3d fix(cli): render LaTeX-style output as Unicode in the TUI (#25802) 
Co-authored-by: cynthialong0-0 <82900738+cynthialong0-0@users.noreply.github.com>
 2026-05-04 18:05:06 +00:00
Manav Sharma
0da1a2026a fix(cli)#21297: clear skills consent dialog before reload (#26431) 
Co-authored-by: Tommaso Sciortino <sciortino@gmail.com>
 2026-05-04 17:53:03 +00:00
Coco Sheng
37edd1d4df fix(cli): allow early stdout when config is undefined (#26453) 2026-05-04 17:48:24 +00:00
Adib234
704be5a418 fix(cli): ensure branch indicator updates in sub-directories and worktrees (#26330) 2026-05-04 17:35:13 +00:00
Dev Randalpura
0657d315fb refactor(UI): created constants file for ThemeDialog (#26446) 2026-05-04 17:28:33 +00:00
Coco Sheng
ab48aad213 perf: skip redundant GEMINI.md loading in partialConfig (#26443) 2026-05-04 16:05:24 +00:00
Sri Pasumarthi
4e175527a2 fix(acp): resolve agent mode disconnect and improve mode awareness (#26332) 2026-05-01 23:00:10 +00:00
AK
40b384de2c fix(core): make subagents aware of active approval modes (#23608) 2026-05-01 22:21:38 +00:00
Sandy Tao
9380e13f6d fix(core): remove "System: Please continue." injection on InvalidStream events (#26340) 2026-05-01 19:45:31 +00:00
Coco Sheng
997f461cad fix(cli): prevent Escape from clearing input buffer (#17083) (#26339) 2026-05-01 18:58:55 +00:00
Dev Randalpura
b14a29efa2 feat(ui): added wave animation for voice mode (#26284) 2026-05-01 17:56:05 +00:00
ruomeng
76d1a73606 fix(cli): enable daemon relaunch in binary and bundle keytar (#26333) 2026-05-01 17:53:56 +00:00
David Pierce
9cb48020e1 fix(cli): respect .env override for GOOGLE_CLOUD_PROJECT (#26288) 2026-05-01 16:49:45 +00:00
Christian Gunderman
8943640a71 fix(ui): fix issue with box edges (#26148) 2026-05-01 16:46:16 +00:00
Zheyuan Lin
7213822e84 fix(cli): insert voice transcription at cursor position instead of ap… (#26287) 
Co-authored-by: Zheyuan <zlin252@emory.edu>
 2026-05-01 16:41:17 +00:00