perf: skip loadCliConfig + refreshAuth in parent for non-sandbox startup

[bzqzheng]

Summary

Skip loadCliConfig and refreshAuth in the parent process for the non-sandbox startup path, eliminating ~500-1000ms of duplicated work on every startup.

Details

In the common non-sandbox case, the parent process previously ran the full loadCliConfig (extension loading, hierarchical memory search, policy engine construction) and refreshAuth (3-5 network calls) before relaunching the child — which then repeated all of the same work from scratch.

This PR restructures gemini.tsx so that:

• Non-sandbox, no sandbox config → parent skips loadCliConfig/refreshAuth, relaunches immediately. The child handles all initialization.
• Sandbox path → completely unchanged. Full config + auth still runs before sandbox entry.
• Inside sandbox or command mode → unchanged. Full config + auth runs normally.

The key insight: the parent only needs settings and memoryArgs to call relaunchAppInChildProcess. The partialConfig, refreshAuth, remoteAdminSettings, and runDeferredCommand are only consumed by the sandbox branch or are re-done by the child.

Closes #24776

How to Validate

1. npm run build — should pass (verified)
2. Run gemini interactively — should start normally, no auth issues
3. Run with --sandbox flag — sandbox path should be unchanged
4. Run with a prompt command (-p "hello") — non-interactive mode should work
5. Compare startup time before/after — expect ~500-1000ms improvement

Pre-Merge Checklist

• Noted breaking changes (if any): None — behavioral change is purely a performance optimization
• Validated on required platforms/methods:
  • MacOS
    • npm run

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request optimizes the CLI startup sequence by deferring heavy initialization tasks to the child process in non-sandbox environments. By eliminating redundant configuration loading and network-bound authentication calls in the parent process, the application achieves a faster and more efficient launch. The logic remains unchanged for sandbox and command-mode execution paths to ensure compatibility.

Highlights

• Performance Optimization: Skipped redundant 'loadCliConfig' and 'refreshAuth' calls in the parent process for non-sandbox startup paths, resulting in a 500-1000ms reduction in startup time.
• Code Restructuring: Refactored 'gemini.tsx' to ensure that configuration and authentication logic only run when necessary, specifically separating the sandbox and non-sandbox initialization flows.
• Cleanup: Removed unnecessary code comments and streamlined argument handling for stdin processing.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request restructures the CLI startup logic to optimize performance by skipping redundant configuration and authentication during app relaunch. However, the changes introduce significant code duplication and a performance regression where initialization tasks are executed twice when already inside a sandbox. Feedback highlights the need to refactor shared logic into a reusable function to maintain consistency and avoid unnecessary overhead.

[gemini-code-assist]

This else block introduces a performance regression for the sandbox environment. When process.env['SANDBOX'] is true (meaning we are already executing inside the sandbox), this block performs a full loadCliConfig and refreshAuth. However, the execution then continues to line 508, where loadCliConfig is called a second time, and later to initializeApp (line 602) which performs authentication again. Since this PR's objective is to optimize startup time, performing these expensive operations twice inside the sandbox is counterproductive. This block should be skipped if process.env['SANDBOX'] is true, as the main initialization starting at line 507 handles this correctly.

References

1. When the application relaunches into a sandbox, it re-executes the main function. This re-execution includes the logic for fetching and applying remote admin settings, making it unnecessary to perform these steps manually before the main initialization.

[bzqzheng]

Not a new regression. The double load when SANDBOX=true is pre-existing behavior. The old code ran loadCliConfig unconditionally at line ~327 (before the sandbox branch), then again at line ~507. Both old and new code execute it twice in this path. Skipping the else block would break things: it also calls getRemoteAdminSettings() and runDeferredCommand() which are needed before the main init at line 507.

[gemini-code-assist]

The logic for loading configuration, refreshing authentication, and handling remote admin settings is now duplicated between the if (sandboxConfig) block (lines 345-400) and this else block. This duplication increases maintenance overhead and has already introduced inconsistencies, such as the missing initialAuthFailed check in this second block. Please refactor this shared initialization logic into a reusable function or restructure the control flow to avoid duplication.

[bzqzheng]

Good catch on the duplication — addressing in a follow-up commit by extracting a performEarlyInit() function. Re: the missing initialAuthFailed: this is intentional, not a bug. The sandbox path needs a hard exit (FATAL_AUTHENTICATION_ERROR) before entering the sandbox because it blocks OAuth redirects. The else path falls through to the full init at line ~507 which handles auth independently, so an early fatal exit would be wrong.

[bzqzheng]

@jacob314 @scidomino — PTAL. This is a perf optimization that skips loadCliConfig + refreshAuth in the parent process for the non-sandbox startup path (~500-1000ms improvement). Addresses the duplication concern from automated review in a follow-up commit (extracted performEarlyInit()).