Skip to content

fix(patch): cherry-pick 32e777f to release/v0.31.0-preview.2-pr-20531 to patch version v0.31.0-preview.2 and create version 0.31.0-preview.3#20607

Merged
galdawave merged 5 commits into
release/v0.31.0-preview.2-pr-20531from
hotfix/v0.31.0-preview.2/0.31.0-preview.3/preview/cherry-pick-32e777f/pr-20531
Feb 27, 2026
Merged

fix(patch): cherry-pick 32e777f to release/v0.31.0-preview.2-pr-20531 to patch version v0.31.0-preview.2 and create version 0.31.0-preview.3#20607
galdawave merged 5 commits into
release/v0.31.0-preview.2-pr-20531from
hotfix/v0.31.0-preview.2/0.31.0-preview.3/preview/cherry-pick-32e777f/pr-20531

Conversation

@gemini-cli-robot

@gemini-cli-robot gemini-cli-robot commented Feb 27, 2026

Copy link
Copy Markdown
Collaborator

This PR automatically cherry-picks commit 32e777f to patch version v0.31.0-preview.2 in the preview release to create version 0.31.0-preview.3.

@gemini-cli-robot gemini-cli-robot requested a review from a team as a code owner February 27, 2026 20:49
@github-actions github-actions Bot mentioned this pull request Feb 27, 2026
Merged
10 tasks
@gemini-code-assist

gemini-code-assist Bot commented Feb 27, 2026

Copy link
Copy Markdown
Contributor

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request implements a critical fix by redirecting the storage of auto-saved policy files from a workspace-dependent location to a consistent user-specific directory. This change ensures that policy persistence functions reliably across different projects and environments, improving the overall stability and predictability of policy management.

Highlights

  • Policy Storage Location: The default location for auto-saved policy files has been changed from a workspace-specific directory to a user-specific directory, ensuring consistent storage across projects.
  • Directory Creation Logic: The policy persistence mechanism was updated to correctly create the parent directory for the auto-saved policy file based on its new user-specific path.
  • Test Updates: Relevant unit tests were modified to align with the new policy storage location and updated directory creation behavior.
Changelog
  • packages/core/src/config/storage.ts
    • Updated getAutoSavedPolicyPath to use Storage.getUserPoliciesDir() for policy file location.
  • packages/core/src/policy/config.ts
    • Removed creation of workspacePoliciesDir.
    • Modified fs.mkdir call to create the directory for the policyFile using path.dirname.
  • packages/core/src/policy/persistence.test.ts
    • Replaced workspacePoliciesDir with userPoliciesDir in test setup.
    • Updated fs.mkdir assertion to check for userPoliciesDir.
    • Removed getWorkspacePoliciesDir mock.
  • packages/core/src/policy/policy-updater.test.ts
    • Replaced getWorkspacePoliciesDir mock with getAutoSavedPolicyPath mock pointing to a user-specific path.
Activity
  • This pull request was automatically generated to cherry-pick commit 32e777f into the release/v0.31.0-preview.2-pr-20531 branch.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Feb 27, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request cherry-picks a change that moves the auto-saved policy file from being workspace-specific to user-global. While this improves user experience by making "Always Allow" decisions global, the implementation introduces a critical security issue related to policy priority. A dynamically created "Always Allow" rule has a different (and lower) priority than the same rule when it's persisted and reloaded in a new session. This inconsistency allows workspace policies to be bypassed after the first session, which constitutes a privilege escalation. A security-review comment has been added with details on the issue and a suggested fix.

Comment thread packages/core/src/config/storage.ts
this.getWorkspacePoliciesDir(),
AUTO_SAVED_POLICY_FILENAME,
);
return path.join(Storage.getUserPoliciesDir(), AUTO_SAVED_POLICY_FILENAME);

@gemini-code-assist gemini-code-assist Bot Feb 27, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-critical critical

This change moves auto-saved policies to the user-global directory, but it creates a critical inconsistency in policy priority between sessions.

  • In the current session, a new "Always Allow" rule is added dynamically with ALWAYS_ALLOW_PRIORITY, which is 2.95 (Workspace Tier). This can be overridden by a high-priority workspace policy.
  • In subsequent sessions, the rule is loaded from ~/.gemini/policies/auto-saved.toml. Since this is a user-level directory, the rule gets a priority in the User Tier (~3.1). At this point, it can no longer be overridden by any workspace policy.

This behavior represents a privilege escalation, as a workspace's security restrictions are bypassed after the first session. The priority should be consistent.

Recommendation:
To fix this, the dynamic priority should match the persisted priority's tier. In packages/core/src/policy/config.ts, ALWAYS_ALLOW_PRIORITY should be updated to be in the User Tier, for example:

export const ALWAYS_ALLOW_PRIORITY = USER_POLICY_TIER + 0.0; // e.g., 3.0

The comment for this constant should also be updated to reflect that it creates user-level rules that override workspace policies.

References
  1. Security-sensitive settings, such as policy priorities, must ensure consistent behavior across different configuration scopes (e.g., workspace vs. user-global) to prevent privilege escalation or bypass of security restrictions. Inconsistent priority handling between dynamic and persisted states, especially when it allows a user-level setting to bypass workspace policies, violates the principle of maintaining proper trust boundaries and consistent override behavior.

@github-actions

github-actions Bot commented Feb 27, 2026
edited
Loading

Copy link
Copy Markdown

Size Change: +195 B (0%)

Total Size: 25.7 MB

ℹ️ View Unchanged
Filename Size Change
./bundle/gemini.js 25.2 MB +195 B (0%)
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js 221 kB 0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js 227 kB 0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js 11.5 kB 0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js 132 B 0 B
./bundle/sandbox-macos-permissive-open.sb 890 B 0 B
./bundle/sandbox-macos-permissive-proxied.sb 1.31 kB 0 B
./bundle/sandbox-macos-restrictive-open.sb 3.36 kB 0 B
./bundle/sandbox-macos-restrictive-proxied.sb 3.56 kB 0 B
./bundle/sandbox-macos-strict-open.sb 4.82 kB 0 B
./bundle/sandbox-macos-strict-proxied.sb 5.02 kB 0 B

compressed-size-action

@gemini-cli gemini-cli Bot added the status/need-issue Pull requests that need to have an associated issue. label Feb 27, 2026
@galdawave galdawave requested a review from a team as a code owner February 27, 2026 21:11
@galdawave galdawave merged commit 8553c38 into release/v0.31.0-preview.2-pr-20531 Feb 27, 2026
25 checks passed
@galdawave galdawave deleted the hotfix/v0.31.0-preview.2/0.31.0-preview.3/preview/cherry-pick-32e777f/pr-20531 branch February 27, 2026 21:50
@sripasg sripasg added the size/l A large sized PR label Jun 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
@galdawave galdawave galdawave approved these changes
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/l A large sized PR status/need-issue Pull requests that need to have an associated issue.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@gemini-cli-robot @galdawave @sripasg @Abhijit-2592