fix(patch): cherry-pick 14b2f35 to release/v0.38.1-pr-24974 to patch version v0.38.1 and create version 0.38.2

[gemini-cli-robot]

This PR automatically cherry-picks commit 14b2f35 to patch version v0.38.1 in the stable release to create version 0.38.2.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces improvements to the tool confirmation UI by ensuring that tool descriptions, specifically those containing file information, are properly displayed. These changes enhance the clarity of the user interface during edit operations and include updated tests and snapshots to maintain consistency.

Highlights

• UI Component Updates: Updated the ToolConfirmationQueue component to consistently render tool descriptions, ensuring that file information is visible for edit operations.
• Test Coverage: Added new test cases to verify that filenames are correctly rendered in the headers for both ToolConfirmationQueue and DenseToolMessage components.
• Snapshot Updates: Updated UI snapshots to reflect the improved rendering of tool descriptions and file information in the terminal interface.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

Size Change: -26 B (0%)

Total Size: 34 MB

Filename	Size	Change
./bundle/chunk-3U6OY7XP.js	0 B	-14.8 MB (removed)	🏆
./bundle/chunk-AATI4DQJ.js	0 B	-3.15 MB (removed)	🏆
./bundle/core-YXQC444B.js	0 B	-45.4 kB (removed)	🏆
./bundle/devtoolsService-6WXNISK3.js	0 B	-28.4 kB (removed)	🏆
./bundle/interactiveCli-PZAL2JQ2.js	0 B	-1.65 MB (removed)	🏆
./bundle/oauth2-provider-LX26NTOV.js	0 B	-9.16 kB (removed)	🏆
./bundle/chunk-6SYT2X5U.js	3.15 MB	+3.15 MB (new file)	🆕
./bundle/chunk-GBE3IMCN.js	14.8 MB	+14.8 MB (new file)	🆕
./bundle/core-XQEO7G57.js	45.4 kB	+45.4 kB (new file)	🆕
./bundle/devtoolsService-D2UKY3HO.js	28.4 kB	+28.4 kB (new file)	🆕
./bundle/interactiveCli-XTM7YB7D.js	1.65 MB	+1.65 MB (new file)	🆕
./bundle/oauth2-provider-ORIOYOC5.js	9.16 kB	+9.16 kB (new file)	🆕

ℹ️ View Unchanged

Filename	Size
./bundle/bundled/third_party/index.js	8 MB
./bundle/chunk-34MYV7JD.js	2.45 kB
./bundle/chunk-5AUYMPVF.js	858 B
./bundle/chunk-5PS3AYFU.js	1.18 kB
./bundle/chunk-664ZODQF.js	124 kB
./bundle/chunk-DAHVX5MI.js	206 kB
./bundle/chunk-IUUIT4SU.js	56.5 kB
./bundle/chunk-RJTRUG2J.js	39.8 kB
./bundle/chunk-Z34XA6FT.js	1.96 MB
./bundle/devtools-36NN55EP.js	696 kB
./bundle/dist-T73EYRDX.js	356 B
./bundle/events-XB7DADIJ.js	418 B
./bundle/gemini.js	553 kB
./bundle/getMachineId-bsd-TXG52NKR.js	1.55 kB
./bundle/getMachineId-darwin-7OE4DDZ6.js	1.55 kB
./bundle/getMachineId-linux-SHIFKOOX.js	1.34 kB
./bundle/getMachineId-unsupported-5U5DOEYY.js	1.06 kB
./bundle/getMachineId-win-6KLLGOI4.js	1.72 kB
./bundle/memoryDiscovery-PYBLKP7S.js	980 B
./bundle/multipart-parser-KPBZEGQU.js	11.7 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	222 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	229 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	13.4 kB
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B
./bundle/sandbox-macos-permissive-open.sb	890 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB
./bundle/sandbox-macos-strict-open.sb	4.82 kB
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB
./bundle/src-QVCVGIUX.js	47 kB
./bundle/tree-sitter-7U6MW5PS.js	274 kB
./bundle/tree-sitter-bash-34ZGLXVX.js	1.84 MB

_{compressed-size-action}

[gemini-code-assist]

Code Review

This pull request enables the display of tool descriptions for edit operations within the ToolConfirmationQueue component, which were previously suppressed. It includes updated UI snapshots and new test cases to ensure that filenames and descriptions are correctly rendered in the terminal. A security concern was identified regarding the direct rendering of LLM-generated tool descriptions, which could lead to terminal injection; a suggestion was provided to sanitize this input using existing utility functions.

[gemini-code-assist]

The tool.description field, which originates from LLM-generated tool calls, is rendered directly to the terminal without proper sanitization. This introduces a terminal injection vulnerability. An attacker could craft a malicious tool.description containing ANSI escape sequences to manipulate the terminal output, potentially leading to UI spoofing (e.g., obscuring the actual command or diff being confirmed), clipboard manipulation (via OSC 52), or even opening malicious URLs (via OSC 8).

Given that this component is responsible for confirming sensitive actions (like file edits or shell command execution), UI spoofing poses a significant risk, as it could trick users into approving unintended or harmful operations. The changes in this pull request specifically extend this behavior to 'edit' tools, thereby expanding the attack surface.

Remediation: Sanitize the tool.description string before rendering it. It is recommended to use existing utility functions like stripUnsafeCharacters or sanitizeForDisplay (which are already utilized for other sensitive fields within ToolConfirmationMessage.tsx) to effectively remove or escape terminal control characters and ANSI escape sequences.

Suggested change

	{!!tool.description && ' '}
	</Text>
	{!isEdit && !!tool.description && (
	{!!tool.description && (
	{!!tool.description && ' '}
	</Text>
	{!!tool.description && (
	<Box flexShrink={1} overflow="hidden">
	<Text color={theme.text.primary} wrap="truncate-end">
	{sanitizeForDisplay(tool.description)}
	</Text>

References

1. Always treat user-provided data as untrusted and apply proper validation and sanitization at the point of use, even if it is believed to have been filtered or sanitized upstream. This follows the principle of defense-in-depth.

[jacob314]