Merge remote-tracking branch 'origin/main' into agent-session/local-protocol

Author: adamfweidman

.github/scripts/gemini-lifecycle-manager.cjs

@@ -41,6 +41,41 @@ module.exports = async ({ github, context, core }) => {
     now.getTime() - NO_RESPONSE_DAYS * 24 * 60 * 60 * 1000,
   );
 
+  const maintainerCache = new Map();
+  async function isMaintainer(user, association) {
+    if (user?.type === 'Bot') return true;
+    if (['OWNER', 'MEMBER', 'COLLABORATOR'].includes(association)) return true;
+
+    const username = user?.login;
+    if (!username) return false;
+
+    if (maintainerCache.has(username)) {
+      return maintainerCache.get(username);
+    }
+
+    try {
+      const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
+        owner,
+        repo,
+        username,
+      });
+      // Permission can be admin, write, read, none.
+      // Roles like 'maintain' or 'triage' often map to 'write' or 'read' in the top-level field.
+      const isM =
+        ['admin', 'write'].includes(data.permission) ||
+        ['admin', 'maintain', 'write'].includes(data.role_name);
+
+      maintainerCache.set(username, isM);
+      return isM;
+    } catch (err) {
+      core.warning(
+        `Could not check permissions for ${username}: ${err.message}`,
+      );
+      maintainerCache.set(username, false);
+      return false;
+    }
+  }
+
   async function processItems(query, callback) {
     core.info(`Searching: ${query}`);
     try {
@@ -83,10 +118,7 @@ module.exports = async ({ github, context, core }) => {
       const lastComment = comments[0];
       if (
         lastComment &&
-        !['OWNER', 'MEMBER', 'COLLABORATOR'].includes(
-          lastComment.author_association,
-        ) &&
-        lastComment.user?.type !== 'Bot'
+        !(await isMaintainer(lastComment.user, lastComment.author_association))
       ) {
         core.info(
           `Removing ${NEED_INFO_LABEL} from #${item.number} due to contributor response.`,
@@ -188,11 +220,7 @@ module.exports = async ({ github, context, core }) => {
   await processItems(
     `repo:${owner}/${repo} is:open is:pr -label:"help wanted" -label:"🔒 maintainer only" -label:"status/pr-nudge-sent" created:${prCloseThreshold.toISOString()}..${nudgeThreshold.toISOString()}`,
     async (pr) => {
-      if (
-        ['OWNER', 'MEMBER', 'COLLABORATOR'].includes(pr.author_association) ||
-        pr.user?.type === 'Bot'
-      )
-        return;
+      if (await isMaintainer(pr.user, pr.author_association)) return;
 
       core.info(`Nudging PR #${pr.number} for contribution policy.`);
       if (!dryRun) {
@@ -216,11 +244,7 @@ module.exports = async ({ github, context, core }) => {
   await processItems(
     `repo:${owner}/${repo} is:open is:pr -label:"help wanted" -label:"🔒 maintainer only" created:<${prCloseThreshold.toISOString()}`,
     async (pr) => {
-      if (
-        ['OWNER', 'MEMBER', 'COLLABORATOR'].includes(pr.author_association) ||
-        pr.user?.type === 'Bot'
-      )
-        return;
+      if (await isMaintainer(pr.user, pr.author_association)) return;
 
       core.info(
         `Closing PR #${pr.number} per contribution policy (no 'help wanted').`,

docs/changelogs/index.md

@@ -18,6 +18,20 @@ on GitHub.
 | [Preview](preview.md) | Experimental features ready for early feedback. |
 | [Stable](latest.md)   | Stable, recommended for general use.            |
 
+## Announcements: v0.41.0 - 2026-05-05
+
+- **Real-time Voice Mode:** Implemented real-time voice mode with cloud and
+  local backends
+  ([#24174](https://github.com/google-gemini/gemini-cli/pull/24174) by
+  @Abhijit-2592).
+- **Secure Environment Loading:** Enforced workspace trust and secured .env
+  loading in headless mode
+  ([#25814](https://github.com/google-gemini/gemini-cli/pull/25814) by
+  @ehedlund).
+- **Advanced Shell Validation:** Enhanced shell command validation and added
+  core tools allowlist for improved security
+  ([#25720](https://github.com/google-gemini/gemini-cli/pull/25720) by @galz10).
+
 ## Announcements: v0.40.0 - 2026-04-28
 
 - **Offline Search and Themes:** Bundled ripgrep for offline search support and

docs/changelogs/latest.md

@@ -13,6 +13,7 @@ import { type SessionMetrics } from '../contexts/SessionContext.js';
 import {
   ToolCallDecision,
   getShellConfiguration,
+  isWindows,
   type WorktreeSettings,
 } from '@google/gemini-cli-core';
 
@@ -22,6 +23,7 @@ vi.mock('@google/gemini-cli-core', async (importOriginal) => {
   return {
     ...actual,
     getShellConfiguration: vi.fn(),
+    isWindows: vi.fn(),
   };
 });
 
@@ -44,6 +46,7 @@ vi.mock('../contexts/ConfigContext.js', async (importOriginal) => {
 });
 
 const getShellConfigurationMock = vi.mocked(getShellConfiguration);
+const isWindowsMock = vi.mocked(isWindows);
 const useSessionStatsMock = vi.mocked(SessionContext.useSessionStats);
 
 const renderWithMockedStats = async (
@@ -106,6 +109,7 @@ describe('<SessionSummaryDisplay />', () => {
       argsPrefix: ['-c'],
       shell: 'bash',
     });
+    isWindowsMock.mockReturnValue(false);
   });
 
   it('renders the summary display with a title', async () => {
@@ -149,7 +153,7 @@ describe('<SessionSummaryDisplay />', () => {
       );
       const output = lastFrame();
 
-      // Standard UUID characters should not be escaped/quoted by default for bash.
+      // Standard UUID characters are NOT wrapped in double quotes on non-Windows.
       expect(output).toContain('gemini --resume 1234-abcd-5678-efgh');
       unmount();
     });
@@ -167,7 +171,8 @@ describe('<SessionSummaryDisplay />', () => {
       unmount();
     });
 
-    it('renders a standard UUID-formatted session ID in the footer (powershell)', async () => {
+    it('renders a standard UUID-formatted session ID in the footer (powershell) on Windows', async () => {
+      isWindowsMock.mockReturnValue(true);
       getShellConfigurationMock.mockReturnValue({
         executable: 'powershell.exe',
         argsPrefix: ['-NoProfile', '-Command'],
@@ -181,9 +186,8 @@ describe('<SessionSummaryDisplay />', () => {
       );
       const output = lastFrame();
 
-      // PowerShell doesn't wraps UUID in single quotes because
-      // it contains no special characters.
-      expect(output).toContain('gemini --resume 1234-abcd-5678-efgh');
+      // PowerShell doesn't wrap UUID in quotes by default, but we wrap it in double quotes on Windows.
+      expect(output).toContain('gemini --resume "1234-abcd-5678-efgh"');
       unmount();
     });
 
@@ -201,7 +205,8 @@ describe('<SessionSummaryDisplay />', () => {
       );
       const output = lastFrame();
 
-      // PowerShell wraps in single quotes and escapes internal single quotes by doubling them
+      // PowerShell wraps in single quotes and escapes internal single quotes by doubling them.
+      // Since it's already quoted, we don't add redundant double quotes.
       expect(output).toContain("gemini --resume '''; rm -rf / #'");
       unmount();
     });

packages/cli/src/ui/components/SessionSummaryDisplay.test.tsx

@@ -8,7 +8,11 @@ import type React from 'react';
 import { StatsDisplay } from './StatsDisplay.js';
 import { useSessionStats } from '../contexts/SessionContext.js';
 import { useConfig } from '../contexts/ConfigContext.js';
-import { escapeShellArg, getShellConfiguration } from '@google/gemini-cli-core';
+import {
+  escapeShellArg,
+  getShellConfiguration,
+  isWindows,
+} from '@google/gemini-cli-core';
 
 interface SessionSummaryDisplayProps {
   duration: string;
@@ -24,11 +28,17 @@ export const SessionSummaryDisplay: React.FC<SessionSummaryDisplayProps> = ({
   const worktreeSettings = config.getWorktreeSettings();
 
   const escapedSessionId = escapeShellArg(stats.sessionId, shell);
-  let footer = `To resume this session: gemini --resume ${escapedSessionId}`;
+  const footerSessionId =
+    isWindows() &&
+    !escapedSessionId.startsWith('"') &&
+    !escapedSessionId.startsWith("'")
+      ? `"${escapedSessionId}"`
+      : escapedSessionId;
+  let footer = `To resume this session: gemini --resume ${footerSessionId}`;
 
   if (worktreeSettings) {
     footer =
-      `To resume work in this worktree: cd ${escapeShellArg(worktreeSettings.path, shell)} && gemini --resume ${escapedSessionId}\n` +
+      `To resume work in this worktree: cd ${escapeShellArg(worktreeSettings.path, shell)} && gemini --resume ${footerSessionId}\n` +
       `To remove manually: git worktree remove ${escapeShellArg(worktreeSettings.path, shell)}`;
   }
 

packages/cli/src/ui/components/SessionSummaryDisplay.tsx

@@ -192,11 +192,17 @@ describe('contentPartsToGeminiParts', () => {
     const content = [
       { type: 'custom_widget', payload: 123 },
     ] as unknown as ContentPart[];
+
+    const warnSpy = vi.spyOn(debugLogger, 'warn');
     const result = contentPartsToGeminiParts(content);
+
+    expect(warnSpy).toHaveBeenCalled();
     expect(result).toHaveLength(1);
     expect(result[0]).toEqual({
       text: JSON.stringify({ type: 'custom_widget', payload: 123 }),
     });
+
+    warnSpy.mockRestore();
   });
 });
 

packages/core/src/agent/content-utils.test.ts

@@ -60,9 +60,7 @@ describe('ContextManager Sync Pressure Barrier Tests', () => {
 
     // Verify Episode 0 (System) was pruned, so we now start with a sentinel due to role alternation
     expect(projection[0].role).toBe('user');
-    expect(projection[0].parts![0].text).toBe(
-      '[Continuing from previous AI thoughts...]',
-    );
+    expect(projection[0].parts![0].text).toContain('User turn 17');
 
     // Filter out synthetic Yield nodes (they are model responses without actual tool/text bodies)
     const contentNodes = projection.filter(

packages/core/src/context/contextManager.barrier.test.ts

@@ -72,7 +72,11 @@ export class ContextManager {
         event.targets,
         event.returnedNodes,
       );
-      this.evaluateTriggers(new Set());
+      // We explicitly DO NOT call evaluateTriggers here.
+      // The Context Manager is a one-way assembly line. It only evaluates triggers
+      // when fundamentally new organic context is added via PristineHistoryUpdated.
+      // Re-evaluating after a processor finishes creates infinite feedback loops if
+      // the processor fails to reduce the token count below the threshold.
     });
 
     this.historyObserver.start();
@@ -126,10 +130,15 @@ export class ContextManager {
       // Walk backwards finding nodes that fall out of the retained budget
       for (let i = this.buffer.nodes.length - 1; i >= 0; i--) {
         const node = this.buffer.nodes[i];
+        const priorTokens = rollingTokens;
         rollingTokens += this.env.tokenCalculator.calculateConcreteListTokens([
           node,
         ]);
-        if (rollingTokens > this.sidecar.config.budget.retainedTokens) {
+
+        // Loose Boundary Policy: If this node is the one that pushes us over the retained limit,
+        // we KEEP it to prevent aggressive undershooting. We only age out nodes that are
+        // strictly *older* than the boundary node.
+        if (priorTokens > this.sidecar.config.budget.retainedTokens) {
           // Only age out if not protected
           if (!protectedIds.has(node.id)) {
             agedOutNodes.add(node.id);