Core(fix)!: Requiring mode when setting policy to prevent all modes by default (breaking)

[kschaab]

Summary

This change will fail loading of any policies where modes is not present. New auto rules will include this, but old auto rules will be broken by this change along with any user policy where modes was not provided. This provides a fix to help with safe defaults for modes when specifying policies. This prevents unintentional configuration of policies by missing this parameter which currently defaults to all. This specifically prevents an unintentional assignment of non-readonly policies for planning mode.

Details

This change updates policy loading to require modes configuration. It updates all built in policies to include modes. It also updates the policy loader's suggestion message to be more generic where it listed built in fields before. This is because the policy loader already indicates the missing field upon loading the policy file and the loader has different assignable zod schemas so they cannot be dynamically shown without a union of required types for all supported schemas which is not helpful to the user.

Resolves #24797

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a breaking change to the policy engine by mandating the 'modes' parameter for all policy configurations. This ensures safer defaults and prevents accidental policy application across unintended modes, particularly for sensitive operations. The change includes updates to all built-in policies, adjustments to the policy loader's validation logic, and comprehensive updates to tests and documentation to reflect the new requirement.

Highlights

• Policy Configuration Change: The policy engine now strictly requires a 'modes' configuration for all policies, preventing unintentional defaults.
• Built-in Policy Updates: All built-in policies have been updated to explicitly include the necessary 'modes' configuration.
• Policy Loader Improvements: The policy loader's error messaging has been made more generic to better handle various assignable Zod schemas.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request makes the modes field mandatory for all policy rules and safety checkers. The changes include updating core type definitions, enforcing the field in the TOML loader's schema, and updating all default policy files, internal rule generation logic, and test suites to include explicit mode associations. Documentation has also been updated to reflect this requirement. I have no feedback to provide.

_{Note: Security Review did not run due to the size of the PR.}

[jerop]

cc @ruomengz

[jerop]

this doesn't look right, we want this tool to be available in all modes except plan, but when non-interactive

[kschaab]

Fixed, thanks!

[ruomengz]

Not a part of this PR, but maybe we should change /policies list to display policies based on the current approval mode?

[ruomengz]

I can understand that we expand it to [ "autoEdit", "yolo"], but why plan and default? Same for write_file and web_search below?

[kschaab]

Thanks! Fixed.

[github-actions]

Size Change: +533 B (0%)

Total Size: 34 MB

Filename	Size	Change
./bundle/chunk-5ZJ3MCHN.js	0 B	-3.15 MB (removed)	🏆
./bundle/chunk-TFTDKLZ6.js	0 B	-14.8 MB (removed)	🏆
./bundle/core-3DTY43T5.js	0 B	-45.2 kB (removed)	🏆
./bundle/devtoolsService-RQZ7X6PB.js	0 B	-28.4 kB (removed)	🏆
./bundle/interactiveCli-RE2H5ESH.js	0 B	-1.64 MB (removed)	🏆
./bundle/oauth2-provider-C22QU47K.js	0 B	-9.16 kB (removed)	🏆
./bundle/chunk-3D4EJT35.js	3.15 MB	+3.15 MB (new file)	🆕
./bundle/chunk-4LT4RBU2.js	14.8 MB	+14.8 MB (new file)	🆕
./bundle/core-2DX6HZWV.js	45.2 kB	+45.2 kB (new file)	🆕
./bundle/devtoolsService-UQ2GSJI2.js	28.4 kB	+28.4 kB (new file)	🆕
./bundle/interactiveCli-6ZQKVMID.js	1.64 MB	+1.64 MB (new file)	🆕
./bundle/oauth2-provider-VWQ7N6GU.js	9.16 kB	+9.16 kB (new file)	🆕

ℹ️ View Unchanged

Filename	Size
./bundle/bundled/third_party/index.js	8 MB
./bundle/chunk-34MYV7JD.js	2.45 kB
./bundle/chunk-5AUYMPVF.js	858 B
./bundle/chunk-5PS3AYFU.js	1.18 kB
./bundle/chunk-664ZODQF.js	124 kB
./bundle/chunk-DAHVX5MI.js	206 kB
./bundle/chunk-GFUOVHXW.js	1.96 MB
./bundle/chunk-IUUIT4SU.js	56.5 kB
./bundle/chunk-RJTRUG2J.js	39.8 kB
./bundle/devtools-36NN55EP.js	696 kB
./bundle/dist-T73EYRDX.js	356 B
./bundle/events-XB7DADIJ.js	418 B
./bundle/gemini.js	552 kB
./bundle/getMachineId-bsd-TXG52NKR.js	1.55 kB
./bundle/getMachineId-darwin-7OE4DDZ6.js	1.55 kB
./bundle/getMachineId-linux-SHIFKOOX.js	1.34 kB
./bundle/getMachineId-unsupported-5U5DOEYY.js	1.06 kB
./bundle/getMachineId-win-6KLLGOI4.js	1.72 kB
./bundle/memoryDiscovery-ACCRGPX3.js	980 B
./bundle/multipart-parser-KPBZEGQU.js	11.7 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	222 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	229 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	13.4 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B
./bundle/sandbox-macos-permissive-open.sb	890 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB
./bundle/sandbox-macos-strict-open.sb	4.82 kB
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB
./bundle/src-QVCVGIUX.js	47 kB
./bundle/tree-sitter-7U6MW5PS.js	274 kB
./bundle/tree-sitter-bash-34ZGLXVX.js	1.84 MB

_{compressed-size-action}

[jerop]

is this an intentional change?

[jerop]

why isn't this for all modes, otherwise we'd have some ask_user decisions in headless mode, no?

[kschaab]

You're right, but those modes are overriding these polcies anyway. It is safer to keep this for all since the priority will control that aspect instead of removing the modes here.

[jerop]

is this an intentional change?