refactor(core): centralize path validation and allow temp dir access for tools#17185
refactor(core): centralize path validation and allow temp dir access for tools#17185joshualitt merged 11 commits intomainfrom
Conversation
gemini-cli
bot
added
the
status/need-issue
Summary of ChangesHello @NTaylorMullen, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly enhances the security and maintainability of file system operations by centralizing path validation logic. By moving these critical checks into a dedicated Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a centralized path validation mechanism by adding isPathAllowed and getValidationErrorForPath methods to the Config class. These methods check if a given absolute path is within the workspace context or the project's temporary directory. The change refactors path validation logic across several tools (EditTool, GlobTool, GrepTool, LSTool, ReadFileTool, ReadManyFilesTool, RipGrepTool, ShellTool, WriteFileTool), replacing individual, often duplicated, checks with calls to the new Config methods. Corresponding test files have been updated to reflect these changes, including adjustments to mock configurations and expected error messages. A review comment highlights a potential path traversal vulnerability in the isPathAllowed method related to symbolic links in the project's temporary directory, suggesting the use of fs.realpathSync for full path resolution before validation. Other review comments recommend using the new getValidationErrorForPath helper consistently and ensuring concise, user-facing error messages.
gemini-cli
bot
added
area/agent
NTaylorMullen
force-pushed
the
ntm/gh.17164
branch
from
ec28b05 to
633dfb1
Compare
|
Size Change: +3.87 kB (+0.02%) Total Size: 23.5 MB
ℹ️ View Unchanged
|
NTaylorMullen
force-pushed
the
ntm/gh.17164
branch
2 times, most recently
from
9bbbc80 to
e62bcba
Compare
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request effectively centralizes path validation logic into the Config class, which is a great refactoring for consistency and maintainability. The changes across the various tools to adopt these new helpers are well-executed.
My review focuses on a few critical areas related to file system operations. I've identified instances where synchronous file system calls are used, which can block the event loop and impact performance. This is against the repository's guidelines. Specifically:
- The new
isPathAllowedmethod inConfigusesfs.realpathSync. - The
greptool'sexecutemethod usesfs.statSyncwithin anasyncfunction. - The
ripGreptool usesfs.statSyncfor validation.
While I understand that synchronous validation methods might constrain some of these choices, using asynchronous operations is crucial for performance. I've provided specific comments with suggestions where applicable. Addressing these points will improve the performance and robustness of the application.
NTaylorMullen
force-pushed
the
ntm/gh.17164
branch
from
78dcffe to
2c0bb46
Compare
joshualitt
force-pushed
the
ntm/gh.17164
branch
from
10c5658 to
d827f9a
Compare
…ystem tools - Implement centralized path validation logic in the Config class (isPathAllowed, getValidationErrorForPath). - Update all 9 file system tools (ls, glob, grep, ripGrep, read-file, write-file, read-many-files, edit, shell) to use the new Config validation helpers. - Ensure consistent boundary and existence checks across all file system tools. - Update test suites with necessary mocks and expectations for centralized validation. Fixes #17164
- Refactor Config.isPathAllowed to use fs.realpathSync and isSubpath for robustness against path traversal and Windows drive letter casing. - Update 10 tool tests to use the new validation pattern in their mocks. - Refactor RipGrepTool, GrepTool, and ReadManyFilesTool to provide concise human-facing error messages while maintaining detailed agent feedback. - Add consistent path validation to EditTool and WriteFileTool execute methods. Fixes #17164
…messages, and use centralized validation - Refactored execute methods in Grep, RipGrep, Shell, Edit, and WriteFile tools to use asynchronous file system operations. - Updated path validation error messages to 'Path not in workspace' for better clarity. - Consolidated path validation in RipGrep and ReadManyFiles tools using Config.getValidationErrorForPath. - Updated test mocks and expectations to match the new error messages. Part of #17164
Renamed the path security validation helper to more accurately reflect its purpose of enforcing access boundaries. Part of #17164
… methods - Added getWorkingDir and getContentGenerator to mockConfig in CLI hook tests. - Added getCurrentSequenceModel to MockedGeminiClientClass in useGeminiStream.test.tsx. - Fixed a Vitest hoisting issue with MockValidationRequiredError. These fixes resolve TypeErrors observed in Windows CI logs. Part of #17164
- Used toLowerCase() for path comparison on Windows in isPathAllowed. - Added a realpath helper to handle non-existent paths gracefully. - Imported node:os for platform detection. This should resolve silent test failures on Windows caused by drive letter casing mismatches. Part of #17164
joshualitt
force-pushed
the
ntm/gh.17164
branch
from
d827f9a to
beee994
Compare
…for tools (google-gemini#17185) Co-authored-by: Your Name <joshualitt@google.com>
…for tools (google-gemini#17185) Co-authored-by: Your Name <joshualitt@google.com>
4 participants
Summary
This PR centralizes path validation logic within the
Configclass and refactors 9 file system tools to use these new helpers. This change consistently allows tools to access the project's temporary directory (~/.gemini/tmp/<project_hash>) while maintaining strict workspace boundary enforcement.Details
isPathAllowedandgetValidationErrorForPathinConfigto encapsulate workspace and project temp directory boundary checks.ls,glob,grep,ripGrep,read-file,write-file,read-many-files,edit, andshellto utilize centralized validation, reducing code duplication and ensuring consistent security.grep,ripGrep).Related Issues
Fixes #17164
How to Validate
Run the full tool test suite in the core package:
npm test -w @google/gemini-cli-core -- src/tools/ls.test.ts src/tools/glob.test.ts src/tools/write-file.test.ts src/tools/grep.test.ts src/tools/ripGrep.test.ts src/tools/read-file.test.ts src/tools/read-many-files.test.ts src/tools/edit.test.ts src/tools/shell.test.ts --runAll 292 tests should pass.
Pre-Merge Checklist