Skip to content

fix(trust): Refuse to load extensions from untrusted workspaces #7342

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 28, 2025
Merged

fix(trust): Refuse to load extensions from untrusted workspaces #7342

merged 7 commits into from
Aug 28, 2025

Conversation

richieforeman
Copy link
Member

TLDR

Refuse to load extensions from untrusted workspaces.

Dive Deeper

I also found these tests a little messy, so I took some liberties to tidy them up. Most of the churn in the tests is due to that. .

Reviewer Test Plan

  • Unit tests cover the functionality quite well.

Testing Matrix

🍏 🪟 🐧
npm run x
npx
Docker
Podman - -
Seatbelt - -

Linked issues / bugs

Closes https://github.com/google-gemini/maintainers-gemini-cli/issues/721

@richieforeman richieforeman requested a review from a team as a code owner August 28, 2025 18:59
gemini-code-assist[bot]
gemini-code-assist bot reviewed Aug 28, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary of Changes

Hello @richieforeman, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a critical security enhancement by preventing the loading of extensions from untrusted workspaces. The primary goal is to safeguard users from potentially malicious code by ensuring that extensions are only activated in environments explicitly deemed safe. Alongside this security fix, the pull request also includes significant refactoring and tidying of the extension loading and testing infrastructure, improving the overall maintainability and robustness of the codebase.

Highlights

  • Enhanced Security: Workspace Trust: The system will now refuse to load extensions from workspaces that are not explicitly marked as trusted, significantly enhancing the security posture of the application.
  • Core Logic Update: The logic for loading extensions has been updated to incorporate a trust check, ensuring that only extensions from trusted environments are processed.
  • Comprehensive Test Refactoring and New Test Cases: The test suite has been thoroughly updated, including the addition of a specific test case to validate the new untrusted workspace behavior. Furthermore, various test utility functions and path definitions have been refactored for improved clarity and consistency.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in issue comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Aug 28, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request correctly implements the refusal to load extensions from untrusted workspaces. The changes are well-structured, and the refactoring of the test suite improves its clarity and maintainability. However, I've identified a critical logic error in how workspace trust is checked, which could prevent extensions from loading in implicitly trusted workspaces. Additionally, a test helper function has been refactored in a way that could lead to flaky tests. I've provided detailed comments with suggested fixes for both issues.

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 28, 2025
edited
Loading

Code Coverage Summary

Package Lines Statements Functions Branches
CLI 74.8% 74.8% 78.97% 80.19%
Core 78.1% 78.1% 77.74% 84.23%
CLI Package - Full Text Report 
-------------------|---------|----------|---------|---------|-------------------
File               | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s 
-------------------|---------|----------|---------|---------|-------------------
All files          |    74.8 |    80.19 |   78.97 |    74.8 |                   
 src               |   54.18 |    64.51 |   57.14 |   54.18 |                   
  gemini.tsx       |   38.88 |    45.16 |   55.55 |   38.88 | ...22,432-438,452 
  ...ractiveCli.ts |   90.38 |    73.68 |   33.33 |   90.38 | 36-39,58-61,88-90 
  ...ActiveAuth.ts |     100 |      100 |     100 |     100 |                   
 src/commands      |    72.5 |      100 |      25 |    72.5 |                   
  extensions.tsx   |   56.52 |      100 |       0 |   56.52 | 19-27,31          
  mcp.ts           |   94.11 |      100 |      50 |   94.11 | 26                
 ...nds/extensions |   35.65 |       75 |   11.11 |   35.65 |                   
  disable.ts       |    28.2 |      100 |       0 |    28.2 | 17-27,33-44,46-50 
  enable.ts        |    23.4 |      100 |       0 |    23.4 | 17-35,41-52,54-58 
  install.ts       |   55.31 |    66.66 |   33.33 |   55.31 | 20-34,56,59-63    
  list.ts          |   32.14 |      100 |       0 |   32.14 | 11-27,34-35       
  uninstall.ts     |   45.71 |      100 |   33.33 |   45.71 | 15-23,35-40,43-46 
  update.ts        |   26.47 |      100 |       0 |   26.47 | 15-30,36-41,43-46 
 src/commands/mcp  |   95.62 |       80 |    90.9 |   95.62 |                   
  add.ts           |    97.4 |    83.33 |     100 |    97.4 | 109-112,119       
  list.ts          |   90.56 |    80.76 |      80 |   90.56 | ...07-109,134-135 
  remove.ts        |     100 |    66.66 |     100 |     100 | 19-23             
 src/config        |   92.66 |    83.56 |   91.17 |   92.66 |                   
  auth.ts          |     100 |      100 |     100 |     100 |                   
  config.ts        |   96.71 |    86.79 |      80 |   96.71 | ...82,447,613-617 
  extension.ts     |   84.34 |    84.15 |   91.66 |   84.34 | ...74-475,482-486 
  keyBindings.ts   |     100 |      100 |     100 |     100 |                   
  sandboxConfig.ts |   54.16 |    23.07 |   66.66 |   54.16 | ...44,54-68,73-89 
  settings.ts      |   89.72 |    81.86 |   95.45 |   89.72 | ...08-709,781-782 
  ...ingsSchema.ts |     100 |      100 |     100 |     100 |                   
  ...tedFolders.ts |   92.68 |    91.17 |     100 |   92.68 | ...52-153,172-177 
 ...fig/extensions |    87.5 |    66.66 |     100 |    87.5 |                   
  ...ableSchema.ts |     100 |      100 |     100 |     100 |                   
  variables.ts     |   83.72 |    66.66 |     100 |   83.72 | ...40,53-54,64-65 
 src/generated     |     100 |      100 |     100 |     100 |                   
  git-commit.ts    |     100 |      100 |     100 |     100 |                   
 src/patches       |       0 |        0 |       0 |       0 |                   
  is-in-ci.ts      |       0 |        0 |       0 |       0 | 1-17              
 src/services      |   71.42 |    88.15 |   82.35 |   71.42 |                   
  ...mandLoader.ts |     100 |      100 |     100 |     100 |                   
  ...andService.ts |     100 |      100 |     100 |     100 |                   
  ...mandLoader.ts |    92.7 |     92.5 |     100 |    92.7 | 177-182,265-272   
  ...omptLoader.ts |   34.37 |    72.72 |      50 |   34.37 | ...40-241,244-248 
  types.ts         |     100 |      100 |     100 |     100 |                   
 ...mpt-processors |   97.03 |     93.5 |     100 |   97.03 |                   
  ...tProcessor.ts |     100 |      100 |     100 |     100 |                   
  ...eProcessor.ts |   94.44 |    84.21 |     100 |   94.44 | 43-44,90-91       
  ...tionParser.ts |     100 |      100 |     100 |     100 |                   
  ...lProcessor.ts |   96.96 |    94.87 |     100 |   96.96 | 93-96             
  types.ts         |     100 |      100 |     100 |     100 |                   
 src/test-utils    |   91.22 |    83.33 |      80 |   91.22 |                   
  ...omMatchers.ts |   69.69 |       50 |      50 |   69.69 | 32-35,37-39,45-47 
  ...andContext.ts |     100 |      100 |     100 |     100 |                   
  render.tsx       |     100 |      100 |     100 |     100 |                   
 src/ui            |   63.04 |    67.58 |    64.1 |   63.04 |                   
  App.tsx          |   62.36 |    58.27 |   42.85 |   62.36 | ...1253,1279-1308 
  ...tionNudge.tsx |    8.33 |      100 |       0 |    8.33 | 25-97             
  colors.ts        |   79.59 |      100 |   66.66 |   79.59 | ...43,45-46,48-49 
  constants.ts     |     100 |      100 |     100 |     100 |                   
  keyMatchers.ts   |   95.65 |    95.83 |     100 |   95.65 | 25-26             
  ...tic-colors.ts |     100 |      100 |     100 |     100 |                   
  types.ts         |     100 |      100 |     100 |     100 |                   
 src/ui/commands   |   85.64 |    81.48 |   89.47 |   85.64 |                   
  aboutCommand.ts  |     100 |       60 |     100 |     100 | 24-31             
  authCommand.ts   |     100 |      100 |     100 |     100 |                   
  bugCommand.ts    |   79.72 |     37.5 |     100 |   79.72 | 33-36,43,81-90    
  chatCommand.ts   |   94.23 |    83.33 |     100 |   94.23 | ...11-212,214-215 
  clearCommand.ts  |     100 |      100 |     100 |     100 |                   
  ...essCommand.ts |     100 |    88.88 |     100 |     100 | 73                
  copyCommand.ts   |     100 |      100 |     100 |     100 |                   
  corgiCommand.ts  |     100 |      100 |     100 |     100 |                   
  ...ryCommand.tsx |   69.69 |    73.07 |     100 |   69.69 | ...24-125,160-168 
  docsCommand.ts   |     100 |      100 |     100 |     100 |                   
  editorCommand.ts |     100 |      100 |     100 |     100 |                   
  ...onsCommand.ts |     100 |      100 |     100 |     100 |                   
  helpCommand.ts   |     100 |      100 |     100 |     100 |                   
  ideCommand.ts    |   62.19 |    66.66 |      60 |   62.19 | ...34-248,256-270 
  initCommand.ts   |     100 |      100 |     100 |     100 |                   
  mcpCommand.ts    |   82.29 |    82.95 |   83.33 |   82.29 | ...83-384,437-444 
  memoryCommand.ts |    99.1 |    81.25 |     100 |    99.1 | 90                
  ...acyCommand.ts |     100 |      100 |     100 |     100 |                   
  quitCommand.ts   |     100 |      100 |     100 |     100 |                   
  ...oreCommand.ts |      92 |    87.09 |     100 |      92 | ...,82-87,128-129 
  ...ngsCommand.ts |     100 |      100 |     100 |     100 |                   
  ...hubCommand.ts |   83.66 |    66.66 |     100 |   83.66 | ...54-157,160-163 
  statsCommand.ts  |   84.48 |       75 |     100 |   84.48 | 25-33             
  ...tupCommand.ts |     100 |      100 |     100 |     100 |                   
  themeCommand.ts  |     100 |      100 |     100 |     100 |                   
  toolsCommand.ts  |     100 |      100 |     100 |     100 |                   
  types.ts         |     100 |      100 |     100 |     100 |                   
  vimCommand.ts    |   44.44 |      100 |       0 |   44.44 | 15-25             
 src/ui/components |    64.8 |    79.92 |   69.64 |    64.8 |                   
  AboutBox.tsx     |     100 |       50 |     100 |     100 | 104               
  AsciiArt.ts      |     100 |      100 |     100 |     100 |                   
  AuthDialog.tsx   |      90 |    96.42 |      75 |      90 | 71-76,105-112     
  ...nProgress.tsx |   16.66 |      100 |       0 |   16.66 | 19-63             
  ...Indicator.tsx |   15.15 |      100 |       0 |   15.15 | 17-47             
  ...ryDisplay.tsx |   89.47 |    33.33 |     100 |   89.47 | 20-21             
  ...ryDisplay.tsx |   92.13 |    94.44 |     100 |   92.13 | 79-84,89          
  ...geDisplay.tsx |     100 |      100 |     100 |     100 |                   
  ...gProfiler.tsx |      24 |      100 |       0 |      24 | 13-36             
  ...esDisplay.tsx |   10.52 |      100 |       0 |   10.52 | 24-82             
  ...ngsDialog.tsx |    6.99 |      100 |       0 |    6.99 | 30-181            
  ...ustDialog.tsx |     100 |      100 |     100 |     100 |                   
  Footer.tsx       |   84.82 |    82.35 |     100 |   84.82 | ...,89-91,136-143 
  ...ngSpinner.tsx |   86.66 |       75 |     100 |   86.66 | 31-32             
  Header.tsx       |   87.23 |    57.14 |     100 |   87.23 | 36-39,55,64       
  Help.tsx         |    3.27 |      100 |       0 |    3.27 | 17-173            
  ...emDisplay.tsx |   81.69 |     62.5 |     100 |   81.69 | 51-56,59-64,95    
  InputPrompt.tsx  |   77.82 |    74.85 |     100 |   77.82 | ...78-780,788-799 
  ...Indicator.tsx |     100 |      100 |     100 |     100 |                   
  ...geDisplay.tsx |   25.92 |      100 |       0 |   25.92 | 15-37             
  ...tsDisplay.tsx |     100 |      100 |     100 |     100 |                   
  PrepareLabel.tsx |      60 |       80 |     100 |      60 | 35-48             
  ...ryDisplay.tsx |     100 |      100 |     100 |     100 |                   
  ...ngsDialog.tsx |   55.76 |    71.27 |      75 |   55.76 | ...80-705,739,750 
  ...ionDialog.tsx |    85.5 |      100 |   33.33 |    85.5 | 35-38,43-50       
  ...Indicator.tsx |   44.44 |      100 |       0 |   44.44 | 12-17             
  ...MoreLines.tsx |      60 |       25 |     100 |      60 | 24-27,33-40       
  StatsDisplay.tsx |    98.5 |    93.33 |     100 |    98.5 | 180-182           
  ...nsDisplay.tsx |   84.61 |    68.42 |     100 |   84.61 | ...08-112,122-124 
  ThemeDialog.tsx  |    5.33 |      100 |       0 |    5.33 | 36-312            
  Tips.tsx         |   19.23 |      100 |       0 |   19.23 | 17-45             
  ...tsDisplay.tsx |     100 |     87.5 |     100 |     100 | 30-31             
  ...ification.tsx |   36.36 |      100 |       0 |   36.36 | 15-22             
  ...ionDialog.tsx |    8.75 |      100 |       0 |    8.75 | 20-108            
 ...nents/messages |   85.27 |    86.82 |   66.66 |   85.27 |                   
  ...onMessage.tsx |   20.68 |      100 |       0 |   20.68 | 23-51             
  DiffRenderer.tsx |   96.41 |    83.51 |     100 |   96.41 | ...17-218,222,284 
  ErrorMessage.tsx |     100 |      100 |     100 |     100 |                   
  ...niMessage.tsx |   18.75 |      100 |       0 |   18.75 | 21-49             
  ...geContent.tsx |   19.04 |      100 |       0 |   19.04 | 25-43             
  InfoMessage.tsx  |     100 |      100 |     100 |     100 |                   
  ...onMessage.tsx |   83.04 |       80 |      40 |   83.04 | ...12-127,141-144 
  ...upMessage.tsx |     100 |      100 |     100 |     100 |                   
  ToolMessage.tsx  |   92.25 |    88.88 |     100 |   92.25 | ...,93-97,171-173 
  UserMessage.tsx  |     100 |      100 |     100 |     100 |                   
  ...llMessage.tsx |   36.36 |      100 |       0 |   36.36 | 17-25             
 ...ponents/shared |   80.94 |    76.27 |   95.34 |   80.94 |                   
  MaxSizedBox.tsx  |   81.14 |    82.35 |   88.88 |   81.14 | ...08-509,614-615 
  ...tonSelect.tsx |   86.18 |    66.66 |     100 |   86.18 | ...53,156-157,227 
  text-buffer.ts   |   77.86 |    78.03 |   96.66 |   77.86 | ...1800,1827,1877 
  ...er-actions.ts |   86.71 |    67.79 |     100 |   86.71 | ...07-608,809-811 
 src/ui/contexts   |    82.9 |    82.03 |     100 |    82.9 |                   
  ...ssContext.tsx |   80.73 |    86.31 |     100 |   80.73 | ...16-321,415-417 
  ...owContext.tsx |   91.07 |    81.81 |     100 |   91.07 | 47-48,60-62       
  ...onContext.tsx |    94.2 |      100 |     100 |    94.2 | 103-106           
  ...gsContext.tsx |   83.33 |       50 |     100 |   83.33 | 17-18             
  ...ngContext.tsx |   71.42 |       50 |     100 |   71.42 | 17-20             
  ...deContext.tsx |   76.08 |    33.33 |     100 |   76.08 | 47-48,52-59,77-78 
 src/ui/editors    |   93.18 |    85.71 |   66.66 |   93.18 |                   
  ...ngsManager.ts |   93.18 |    85.71 |   66.66 |   93.18 | 48,62-63          
 src/ui/hooks      |   80.16 |    81.24 |   86.48 |   80.16 |                   
  ...dProcessor.ts |   78.76 |    80.19 |     100 |   78.76 | ...47-450,461-479 
  ...dProcessor.ts |   96.34 |    76.31 |     100 |   96.34 | ...12-213,218-219 
  ...dProcessor.ts |   81.76 |    72.72 |   71.42 |   81.76 | ...89-393,459-487 
  ...Completion.ts |   92.77 |    89.47 |     100 |   92.77 | ...85-186,219-222 
  ...uthCommand.ts |    8.82 |      100 |       0 |    8.82 | 17-91             
  ...tIndicator.ts |     100 |      100 |     100 |     100 |                   
  ...ketedPaste.ts |     100 |      100 |     100 |     100 |                   
  ...ompletion.tsx |    95.3 |    80.48 |     100 |    95.3 | ...24-225,227-228 
  useCompletion.ts |    92.4 |     87.5 |     100 |    92.4 | 68-69,93-94,98-99 
  ...leMessages.ts |   98.68 |       95 |     100 |   98.68 | 55                
  ...orSettings.ts |     100 |      100 |     100 |     100 |                   
  useFocus.ts      |     100 |      100 |     100 |     100 |                   
  ...olderTrust.ts |     100 |    85.71 |     100 |     100 | 25-27             
  ...miniStream.ts |   72.81 |    71.12 |     100 |   72.81 | ...55-856,886-988 
  ...BranchName.ts |   91.66 |    84.61 |     100 |   91.66 | 57-63             
  ...oryManager.ts |   98.41 |    93.33 |     100 |   98.41 | 43                
  ...putHistory.ts |    92.5 |    85.71 |     100 |    92.5 | 62-63,71,93-95    
  useKeypress.ts   |     100 |      100 |     100 |     100 |                   
  ...rdProtocol.ts |     100 |      100 |     100 |     100 |                   
  ...gIndicator.ts |     100 |      100 |     100 |     100 |                   
  useLogger.ts     |      25 |      100 |       0 |      25 | 15-33             
  ...ssageQueue.ts |     100 |      100 |     100 |     100 |                   
  ...raseCycler.ts |   95.45 |       75 |     100 |   95.45 | ...64-165,183-185 
  ...cySettings.ts |   85.08 |       75 |     100 |   85.08 | ...15-116,127-138 
  ...Completion.ts |   40.64 |    58.33 |     100 |   40.64 | ...23-224,226-227 
  ...lScheduler.ts |   78.82 |    94.44 |     100 |   78.82 | ...00-203,289-299 
  ...oryCommand.ts |       0 |        0 |       0 |       0 | 1-7               
  ...ompletion.tsx |     100 |     92.3 |     100 |     100 | 78                
  ...ngsCommand.ts |    87.5 |      100 |     100 |    87.5 | 13,17             
  ...ellHistory.ts |   91.66 |       80 |     100 |   91.66 | ...69,117-118,128 
  ...oryCommand.ts |       0 |        0 |       0 |       0 | 1-76              
  ...Completion.ts |      94 |    92.53 |     100 |      94 | 58-61,69-72,93    
  ...tateAndRef.ts |   13.63 |      100 |       0 |   13.63 | 16-36             
  ...rminalSize.ts |   18.18 |      100 |       0 |   18.18 | 12-32             
  ...emeCommand.ts |   46.98 |       75 |     100 |   46.98 | ...4,70-71,77-100 
  useTimer.ts      |   88.09 |    85.71 |     100 |   88.09 | 44-45,51-53       
  ...eMigration.ts |    53.7 |    33.33 |   33.33 |    53.7 | ...35,42-57,60-61 
  vim.ts           |   83.57 |    79.67 |     100 |   83.57 | ...38,742-750,759 
 src/ui/privacy    |   14.52 |      100 |       0 |   14.52 |                   
  ...acyNotice.tsx |   10.38 |      100 |       0 |   10.38 | 21-117            
  ...acyNotice.tsx |   14.28 |      100 |       0 |   14.28 | 16-59             
  ...acyNotice.tsx |   12.19 |      100 |       0 |   12.19 | 16-62             
  ...acyNotice.tsx |   30.76 |      100 |       0 |   30.76 | 19-36,39-41       
 src/ui/themes     |   98.92 |    66.66 |     100 |   98.92 |                   
  ansi-light.ts    |     100 |      100 |     100 |     100 |                   
  ansi.ts          |     100 |      100 |     100 |     100 |                   
  atom-one-dark.ts |     100 |      100 |     100 |     100 |                   
  ayu-light.ts     |     100 |      100 |     100 |     100 |                   
  ayu.ts           |     100 |      100 |     100 |     100 |                   
  color-utils.ts   |     100 |      100 |     100 |     100 |                   
  default-light.ts |     100 |      100 |     100 |     100 |                   
  default.ts       |     100 |      100 |     100 |     100 |                   
  dracula.ts       |     100 |      100 |     100 |     100 |                   
  github-dark.ts   |     100 |      100 |     100 |     100 |                   
  github-light.ts  |     100 |      100 |     100 |     100 |                   
  googlecode.ts    |     100 |      100 |     100 |     100 |                   
  no-color.ts      |     100 |      100 |     100 |     100 |                   
  ...tic-tokens.ts |     100 |      100 |     100 |     100 |                   
  ...-of-purple.ts |     100 |      100 |     100 |     100 |                   
  theme-manager.ts |    86.6 |    76.27 |     100 |    86.6 | ...86-292,297-298 
  theme.ts         |     100 |    42.55 |     100 |     100 | 255-270           
  xcode.ts         |     100 |      100 |     100 |     100 |                   
 src/ui/utils      |   65.99 |    79.62 |   82.25 |   65.99 |                   
  ...Colorizer.tsx |   79.31 |    81.25 |     100 |   79.31 | ...51-154,190-216 
  ...olePatcher.ts |      96 |       75 |     100 |      96 | 59-60             
  ...nRenderer.tsx |   52.85 |    27.27 |     100 |   52.85 | ...26-132,142-144 
  ...wnDisplay.tsx |   85.88 |    87.69 |     100 |   85.88 | ...73-281,314-337 
  ...eRenderer.tsx |   78.09 |    76.19 |     100 |   78.09 | 55-83             
  ...boardUtils.ts |   32.25 |     37.5 |     100 |   32.25 | ...55-114,129-145 
  commandUtils.ts  |   92.79 |    88.63 |     100 |   92.79 | ...12,116,118-119 
  computeStats.ts  |     100 |      100 |     100 |     100 |                   
  displayUtils.ts  |     100 |      100 |     100 |     100 |                   
  formatters.ts    |   90.47 |    95.83 |     100 |   90.47 | 57-60             
  isNarrowWidth.ts |     100 |      100 |     100 |     100 |                   
  ...olDetector.ts |   13.88 |      100 |      50 |   13.88 | 16-97             
  ...nUtilities.ts |   69.84 |    85.71 |     100 |   69.84 | 75-91,100-101     
  ...mConstants.ts |     100 |      100 |     100 |     100 |                   
  terminalSetup.ts |       4 |      100 |       0 |       4 | 40-342            
  textUtils.ts     |   94.11 |    82.35 |     100 |   94.11 | 17-18             
  updateCheck.ts   |     100 |    80.95 |     100 |     100 | 27-39             
 src/utils         |   47.21 |    90.82 |   83.87 |   47.21 |                   
  checks.ts        |   33.33 |      100 |       0 |   33.33 | 23-28             
  cleanup.ts       |   65.38 |      100 |   66.66 |   65.38 | 28-37             
  ...ScopeUtils.ts |   79.06 |    66.66 |     100 |   79.06 | 55-64             
  errors.ts        |   28.57 |      100 |       0 |   28.57 | 8-12              
  events.ts        |     100 |      100 |     100 |     100 |                   
  gitUtils.ts      |   94.66 |    82.35 |     100 |   94.66 | 75-78             
  ...AutoUpdate.ts |    81.6 |    95.83 |   66.66 |    81.6 | 89-103,129-136    
  ...lationInfo.ts |     100 |      100 |     100 |     100 |                   
  package.ts       |   88.88 |       80 |     100 |   88.88 | 33-34             
  readStdin.ts     |   79.24 |       90 |      80 |   79.24 | 31-38,50-52       
  resolvePath.ts   |   66.66 |       25 |     100 |   66.66 | 12-13,16,18-19    
  sandbox.ts       |       0 |        0 |       0 |       0 | 1-947             
  settingsUtils.ts |   86.94 |    92.13 |   96.66 |   86.94 | ...78-405,444-445 
  spawnWrapper.ts  |     100 |      100 |     100 |     100 |                   
  ...upWarnings.ts |   23.07 |      100 |       0 |   23.07 | 14-40             
  ...entEmitter.ts |     100 |      100 |     100 |     100 |                   
  ...upWarnings.ts |     100 |      100 |     100 |     100 |                   
  version.ts       |     100 |       50 |     100 |     100 | 11                
 ...ed-integration |    25.2 |        0 |       0 |    25.2 |                   
  acp.ts           |    3.29 |        0 |       0 |    3.29 | ...53-289,292-339 
  ...temService.ts |   19.35 |      100 |       0 |   19.35 | 15-19,22-34,37-46 
  schema.ts        |     100 |      100 |     100 |     100 |                   
  ...ntegration.ts |    3.16 |        0 |       0 |    3.16 | ...17-860,875-925 
-------------------|---------|----------|---------|---------|-------------------
Core Package - Full Text Report 
-------------------|---------|----------|---------|---------|-------------------
File               | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s 
-------------------|---------|----------|---------|---------|-------------------
All files          |    78.1 |    84.23 |   77.74 |    78.1 |                   
 src               |     100 |      100 |     100 |     100 |                   
  index.ts         |     100 |      100 |     100 |     100 |                   
 src/__mocks__/fs  |     100 |      100 |     100 |     100 |                   
  promises.ts      |     100 |      100 |     100 |     100 |                   
 src/code_assist   |   74.81 |    78.46 |      80 |   74.81 |                   
  codeAssist.ts    |   18.51 |      100 |       0 |   18.51 | 15-37             
  converter.ts     |   94.93 |    93.02 |     100 |   94.93 | ...83,197,214-215 
  oauth2.ts        |   77.47 |    65.45 |   91.66 |   77.47 | ...20-426,431-432 
  server.ts        |   50.29 |       80 |   53.84 |   50.29 | ...75-216,219-222 
  setup.ts         |   86.66 |    78.94 |     100 |   86.66 | ...,92-94,118-124 
  types.ts         |     100 |      100 |     100 |     100 |                   
 src/config        |   77.82 |    91.45 |   52.21 |   77.82 |                   
  config.ts        |   76.78 |     90.9 |   46.66 |   76.78 | ...07,836-837,848 
  models.ts        |     100 |      100 |     100 |     100 |                   
  storage.ts       |   83.52 |    94.44 |   73.91 |   83.52 | ...08-109,112-113 
 src/core          |   79.91 |    83.89 |   76.29 |   79.91 |                   
  client.ts        |   81.43 |    82.24 |   77.77 |   81.43 | ...50,952-953,956 
  ...tGenerator.ts |    92.7 |    79.16 |     100 |    92.7 | 83-84,135,155-158 
  ...lScheduler.ts |   81.94 |    82.26 |      88 |   81.94 | ...,940,1020-1024 
  geminiChat.ts    |   77.77 |     86.2 |   60.71 |   77.77 | ...40-741,744-745 
  geminiRequest.ts |     100 |      100 |     100 |     100 |                   
  logger.ts        |   82.94 |    81.81 |     100 |   82.94 | ...44-348,388-399 
  ...tGenerator.ts |   16.78 |      100 |      20 |   16.78 | ...47-178,181-182 
  ...olExecutor.ts |     100 |      100 |      50 |     100 |                   
  prompts.ts       |   95.76 |    96.96 |      50 |   95.76 | 37-38,304-361     
  subagent.ts      |   87.59 |    82.41 |     100 |   87.59 | ...65-673,716-717 
  tokenLimits.ts   |   14.28 |      100 |       0 |   14.28 | 15-32             
  turn.ts          |    86.2 |    88.57 |     100 |    86.2 | ...74-275,288-289 
 src/generated     |     100 |      100 |     100 |     100 |                   
  git-commit.ts    |     100 |      100 |     100 |     100 |                   
 src/ide           |   75.37 |    83.78 |   79.16 |   75.37 |                   
  constants.ts     |     100 |      100 |     100 |     100 |                   
  detect-ide.ts    |   96.96 |    97.29 |     100 |   96.96 | 63-65             
  ide-client.ts    |   60.22 |    71.15 |   64.28 |   60.22 | ...90-498,523-531 
  ide-installer.ts |   91.45 |       84 |     100 |   91.45 | ...95,130-134,147 
  ideContext.ts    |   83.65 |      100 |     100 |   83.65 | 74-90             
  process-utils.ts |   90.17 |    84.61 |     100 |   90.17 | ...08,111-113,144 
 src/mcp           |   76.51 |    68.55 |   81.57 |   76.51 |                   
  ...h-provider.ts |   86.36 |      100 |   33.33 |   86.36 | ...85,89,93,97-98 
  ...h-provider.ts |   74.19 |    51.64 |     100 |   74.19 | ...05-809,816-818 
  ...en-storage.ts |     100 |      100 |     100 |     100 |                   
  oauth-utils.ts   |   67.78 |    78.57 |    90.9 |   67.78 | ...61-282,307-330 
 .../token-storage |   85.31 |    85.71 |      90 |   85.31 |                   
  ...en-storage.ts |     100 |      100 |     100 |     100 |                   
  ...en-storage.ts |   82.75 |    82.35 |   92.85 |   82.75 | ...62-172,180-181 
  types.ts         |       0 |        0 |       0 |       0 | 1                 
 src/mocks         |     100 |      100 |     100 |     100 |                   
  msw.ts           |     100 |      100 |     100 |     100 |                   
 src/prompts       |   26.41 |      100 |      25 |   26.41 |                   
  mcp-prompts.ts   |   18.18 |      100 |       0 |   18.18 | 11-19             
  ...t-registry.ts |   28.57 |      100 |   28.57 |   28.57 | ...42,48-55,68-73 
 src/services      |   88.47 |    86.69 |   91.52 |   88.47 |                   
  ...ingService.ts |   77.01 |     61.9 |     100 |   77.01 | ...06-408,435-437 
  ...eryService.ts |   93.33 |    88.46 |   85.71 |   93.33 | 32,40,85,110-111  
  ...temService.ts |     100 |      100 |     100 |     100 |                   
  gitService.ts    |      70 |    93.33 |      60 |      70 | ...15-125,128-132 
  ...ionService.ts |   99.25 |    97.18 |     100 |   99.25 | 297-298           
  ...ionService.ts |   92.21 |    88.15 |     100 |   92.21 | ...69-370,446-460 
 src/telemetry     |   64.75 |    79.21 |   67.03 |   64.75 |                   
  constants.ts     |     100 |      100 |     100 |     100 |                   
  ...-exporters.ts |   26.47 |      100 |       0 |   26.47 | ...84,87-88,91-92 
  index.ts         |     100 |      100 |     100 |     100 |                   
  ...t.circular.ts |       0 |        0 |       0 |       0 | 1-63              
  ...t.circular.ts |       0 |        0 |       0 |       0 | 1-128             
  loggers.ts       |   56.59 |    75.86 |   52.38 |   56.59 | ...46-565,568-587 
  metrics.ts       |   64.86 |    93.54 |      50 |   64.86 | ...67-269,275-277 
  sdk.ts           |   78.37 |    44.44 |     100 |   78.37 | ...83,188-189,191 
  ...etry-utils.ts |     100 |      100 |     100 |     100 |                   
  ...l-decision.ts |     100 |      100 |     100 |     100 |                   
  types.ts         |   77.29 |    74.57 |   81.81 |   77.29 | ...92-403,406-417 
  uiTelemetry.ts   |    99.3 |    95.83 |     100 |    99.3 | 130               
 ...learcut-logger |   66.34 |    76.05 |    60.6 |   66.34 |                   
  ...cut-logger.ts |   62.51 |    75.71 |    60.6 |   62.51 | ...56-957,960-963 
  ...tadata-key.ts |     100 |      100 |     100 |     100 |                   
 src/test-utils    |   96.87 |       96 |   81.81 |   96.87 |                   
  config.ts        |     100 |      100 |     100 |     100 |                   
  ...aceContext.ts |     100 |      100 |     100 |     100 |                   
  tools.ts         |   95.86 |    95.23 |      80 |   95.86 | 60-61,129,133-134 
 src/tools         |   73.75 |    82.34 |   81.43 |   73.75 |                   
  diffOptions.ts   |     100 |      100 |     100 |     100 |                   
  edit.ts          |    82.6 |    87.35 |   85.71 |    82.6 | ...52-453,543-586 
  glob.ts          |    91.6 |    82.69 |    87.5 |    91.6 | ...26-227,318-319 
  grep.ts          |   59.25 |    82.14 |      80 |   59.25 | ...04-608,618-619 
  ls.ts            |   97.37 |    91.66 |     100 |   97.37 | 140-145           
  ...nt-manager.ts |   78.43 |    55.55 |      80 |   78.43 | ...28-135,143-144 
  mcp-client.ts    |   31.05 |    78.26 |      50 |   31.05 | ...1356,1360-1363 
  mcp-tool.ts      |    94.9 |    92.85 |   94.11 |    94.9 | 199-209,271-272   
  memoryTool.ts    |   84.56 |    83.67 |   88.88 |   84.56 | ...31-246,388-406 
  ...iable-tool.ts |     100 |    84.61 |     100 |     100 | 99,106            
  read-file.ts     |   98.66 |    96.96 |    87.5 |   98.66 | 63-64             
  ...many-files.ts |   79.95 |    78.37 |   85.71 |   79.95 | ...84-485,492-493 
  ripGrep.ts       |    89.6 |    86.02 |    92.3 |    89.6 | ...34-435,456-457 
  shell.ts         |   85.41 |    77.33 |    90.9 |   85.41 | ...91-392,403-404 
  tool-error.ts    |     100 |      100 |     100 |     100 |                   
  tool-registry.ts |   73.02 |    66.07 |   77.77 |   73.02 | ...07-409,436-437 
  tools.ts         |   86.34 |    89.13 |      75 |   86.34 | ...68-369,385-391 
  web-fetch.ts     |   60.38 |    54.05 |    90.9 |   60.38 | ...43-344,351-352 
  web-search.ts    |     100 |     93.1 |     100 |     100 | 104-105           
  write-file.ts    |   82.82 |    79.68 |      75 |   82.82 | ...63-466,478-514 
 src/utils         |    86.5 |    87.94 |    88.6 |    86.5 |                   
  LruCache.ts      |   70.96 |     62.5 |     100 |   70.96 | 20-22,28,30-34    
  bfsFileSearch.ts |   89.02 |    90.47 |     100 |   89.02 | 86-94             
  browser.ts       |    7.69 |      100 |       0 |    7.69 | 17-56             
  editCorrector.ts |    77.3 |    61.11 |   91.66 |    77.3 | ...66-678,712,726 
  editor.ts        |   97.63 |    94.54 |     100 |   97.63 | 154,224,227-228   
  ...entContext.ts |     100 |      100 |     100 |     100 |                   
  errorParsing.ts  |     100 |     92.3 |     100 |     100 | 76,80,86          
  ...rReporting.ts |   83.72 |    84.61 |     100 |   83.72 | 82-86,107-115     
  errors.ts        |   45.94 |       60 |      30 |   45.94 | ...0,76-92,96-102 
  fetch.ts         |   34.04 |      100 |       0 |   34.04 | 22-27,31-57       
  fileUtils.ts     |   94.65 |       90 |     100 |   94.65 | ...08-113,322-328 
  formatters.ts    |   54.54 |       50 |     100 |   54.54 | 12-16             
  ...eUtilities.ts |    95.4 |    94.87 |     100 |    95.4 | 16-17,45-46       
  ...rStructure.ts |   95.96 |    94.93 |     100 |   95.96 | ...14-117,345-347 
  getPty.ts        |    12.5 |      100 |       0 |    12.5 | 21-34             
  ...noreParser.ts |     100 |    89.47 |     100 |     100 | 27,47             
  gitUtils.ts      |   51.21 |     90.9 |      50 |   51.21 | 40-41,50-73       
  ...rePatterns.ts |     100 |      100 |     100 |     100 |                   
  ...ionManager.ts |     100 |       90 |     100 |     100 | 23                
  ...-detection.ts |     100 |      100 |     100 |     100 |                   
  ...yDiscovery.ts |   85.48 |       75 |   77.77 |   85.48 | ...79-380,383-384 
  ...tProcessor.ts |   91.51 |    88.46 |   84.61 |   91.51 | ...02-308,385-386 
  ...Inspectors.ts |     100 |      100 |     100 |     100 |                   
  ...kerChecker.ts |   83.33 |    83.33 |     100 |   83.33 | 64-65,75-80,88-94 
  partUtils.ts     |     100 |      100 |     100 |     100 |                   
  pathReader.ts    |     100 |      100 |     100 |     100 |                   
  paths.ts         |   86.13 |    87.87 |     100 |   86.13 | ...,89-90,101-102 
  ...rDetection.ts |    64.4 |    76.19 |     100 |    64.4 | ...4,88-89,99-100 
  retry.ts         |   62.55 |    73.21 |     100 |   62.55 | ...58-278,323-338 
  ...nStringify.ts |     100 |      100 |     100 |     100 |                   
  ...aValidator.ts |    82.6 |       50 |     100 |    82.6 | 27-28,30-31       
  ...r-launcher.ts |   76.52 |     87.5 |   66.66 |   76.52 | ...33,135,153-191 
  session.ts       |     100 |      100 |     100 |     100 |                   
  shell-utils.ts   |   96.08 |    93.96 |     100 |   96.08 | ...94-195,242-244 
  summarizer.ts    |     100 |    88.88 |     100 |     100 | 91                
  ...emEncoding.ts |      98 |    94.11 |     100 |      98 | 106-107           
  testUtils.ts     |   84.44 |    72.72 |   83.33 |   84.44 | 27-28,34-35,70-72 
  textUtils.ts     |    12.5 |      100 |       0 |    12.5 | 15-34             
  tool-utils.ts    |   91.48 |    89.47 |     100 |   91.48 | 53-54,57-58       
  ...untManager.ts |   97.14 |    94.44 |     100 |   97.14 | 36-38             
  ...aceContext.ts |   96.82 |    95.12 |    92.3 |   96.82 | 94-95,109-110     
 ...ils/filesearch |   96.17 |     91.4 |     100 |   96.17 |                   
  crawlCache.ts    |     100 |      100 |     100 |     100 |                   
  crawler.ts       |   96.22 |     92.3 |     100 |   96.22 | 66-67             
  fileSearch.ts    |   93.22 |    87.14 |     100 |   93.22 | ...28-229,231-232 
  ignore.ts        |     100 |      100 |     100 |     100 |                   
  result-cache.ts  |     100 |     92.3 |     100 |     100 | 46                
-------------------|---------|----------|---------|---------|-------------------

For detailed HTML reports, please see the 'coverage-reports-22.x-ubuntu-latest' artifact from the main CI run.

cornmander
cornmander reviewed Aug 28, 2025
View reviewed changes
shrutip90
shrutip90 reviewed Aug 28, 2025
View reviewed changes
packages/cli/src/config/extension.ts
@@ -112,7 +113,10 @@ export function loadExtensions(workspaceDir: string): Extension[] {
const disabledExtensions = settings.extensions?.disabled ?? [];
const allExtensions = [...loadUserExtensions()];

if (!settings.experimental?.extensionManagement) {
if (
(isWorkspaceTrusted(settings) ?? true) &&
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everywhere else in code, we use config.isTrustedFolder. Please use that if possible.

Copy link
Member Author

@richieforeman richieforeman Aug 28, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That just checks a boolean. I don't think that does what you're thinking. It's possible to enable folderTrust mode and not be in a restricted/un-trusted folder. It's really important to use this function (or some version of it). This checks the bool + the current dir.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh i see, you're reading isWorkspaceTrusted into that variable within the config (odd. okay).

I have concerns about plumbing config into here since it has so many dependencies.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We actually wanted to move trustedFolders parsing etc also to core package. Since trust applies to non-CLI packages too. I see one issue with the current implementation for config.isTrustedFolder that it doesnt take into account that the boolean folderTrust flags could change since these settings changes also don't trigger a restart. We can modify config.isTrustedFolder to call isWorkspaceTrusted. I think it would be nice to have one method thats the source of truth that all the checkers rely on.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that config isn't plumbed into here, I'd like to keep this as-is for the moment and have it as something you potentially catch in a followup.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, thanks.

@cornmander cornmander added this pull request to the merge queue Aug 28, 2025
Merged via the queue into main with commit 2fc8570 Aug 28, 2025
18 checks passed
@cornmander cornmander deleted the rf/extensions branch August 28, 2025 20:59
thacio added a commit to thacio/auditaria that referenced this pull request Aug 28, 2025
@thacio
Merge Commit '2fc8570': fix(trust): Refuse to load extensions from un…
880ec18 
…trusted workspaces (google-gemini#7342)
davideast pushed a commit to davideast/gemini-cli that referenced this pull request Sep 2, 2025
@richieforeman @davideast
fix(trust): Refuse to load extensions from untrusted workspaces (goog…
d471079 
…le-gemini#7342)
LukeSchlangen pushed a commit to LukeSchlangen/gemini-cli that referenced this pull request Sep 2, 2025
@richieforeman @LukeSchlangen
fix(trust): Refuse to load extensions from untrusted workspaces (goog…
1e80a8d 
…le-gemini#7342)
acoliver pushed a commit to acoliver/llxprt-code that referenced this pull request Sep 13, 2025
@richieforeman @acoliver
fix(trust): Refuse to load extensions from untrusted workspaces (goog…
453ee78 
…le-gemini#7342)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shrutip90 shrutip90 shrutip90 left review comments

@cornmander cornmander cornmander approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@richieforeman @cornmander @shrutip90