fix: robust ripgrep path resolution and 1p hermetic execution support

[cocosheng-g]

Summary

This PR fixes two critical regressions related to ripgrep binary resolution that caused the CLI to incorrectly fall back to the slower GrepTool in local development and 1P hermetic environments.

Details

1. Local Development Path Traversal Bug: Fixed a bug where the CLI failed to locate the bundled ripgrep binary when running locally because it assumed the compiled file was at dist/tools/ripGrep.js instead of the actual dist/src/tools/ripGrep.js. Added the correct absolute path fallback.
2. 1P Hermetic Execution Support: Updated isTrustedSystemPath to allow internal hermetic execution.
   • Added standard 1P binary paths (/google/bin, /google/src/cloud) to the POSIX trustedPrefixes allowlist.
   • Added an isHermeticEnv bypass based on standard Bazel/Blaze environment variables (TEST_SRCDIR, TEST_WORKSPACE, BAZEL_TEST, RUNFILES_DIR) to prevent the sandbox CWD from being improperly blocked as an untrusted local binary.
3. Robust Unit Testing: Added comprehensive mock-based unit tests for absolute path resolution targets, OS-specific root directory validation, error handling, and hermetic environment CWD bypass logic.

Related Issues

Addresses the 1P and Local Dev components of the Ripgrep is not available regression.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a regression in the Gemini CLI where the ripgrep binary was failing to be located across local development, 1P hermetic environments, and 3P NPM distributions. By adjusting path resolution strategies and updating security trust boundaries, the changes ensure the CLI can reliably locate the necessary binary without falling back to less efficient tools.

Highlights

• Ripgrep Path Resolution: Updated path resolution logic in ripGrep.ts to support both actual and bundled directory structures, ensuring the binary is correctly located in various execution environments.
• 1P Hermetic Environment Support: Expanded the isTrustedSystemPath allowlist to include internal Google paths (/google/bin, /google/src/cloud) to support hermetic execution.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

Size Change: +545 B (0%)

Total Size: 34.1 MB

Filename	Size	Change
./bundle/chunk-2NW7SCQT.js	0 B	-2.79 MB (removed)	🏆
./bundle/chunk-AILLKRQQ.js	0 B	-3.43 kB (removed)	🏆
./bundle/chunk-BAC72IBC.js	0 B	-49.2 kB (removed)	🏆
./bundle/chunk-OJEE4FEK.js	0 B	-659 kB (removed)	🏆
./bundle/chunk-SZ2RCAKW.js	0 B	-3.77 kB (removed)	🏆
./bundle/chunk-WHMWUNW2.js	0 B	-19.5 kB (removed)	🏆
./bundle/chunk-Y64YIQTR.js	0 B	-12.5 kB (removed)	🏆
./bundle/chunk-YCVV463I.js	0 B	-16.4 MB (removed)	🏆
./bundle/core-2TGLO3GA.js	0 B	-49.2 kB (removed)	🏆
./bundle/devtoolsService-DEODAZP6.js	0 B	-28 kB (removed)	🏆
./bundle/gemini-FIZGPUIA.js	0 B	-585 kB (removed)	🏆
./bundle/interactiveCli-FVU5KCJH.js	0 B	-1.3 MB (removed)	🏆
./bundle/liteRtServerManager-RU56TZZH.js	0 B	-2.08 kB (removed)	🏆
./bundle/oauth2-provider-55BYFFTA.js	0 B	-9.12 kB (removed)	🏆
./bundle/chunk-2IHT6PMO.js	16.4 MB	+16.4 MB (new file)	🆕
./bundle/chunk-JUUFEH74.js	3.43 kB	+3.43 kB (new file)	🆕
./bundle/chunk-L4GBWQ75.js	19.5 kB	+19.5 kB (new file)	🆕
./bundle/chunk-OG5B7TEO.js	3.77 kB	+3.77 kB (new file)	🆕
./bundle/chunk-OYWC7PHA.js	12.5 kB	+12.5 kB (new file)	🆕
./bundle/chunk-PMCC5KBX.js	49.2 kB	+49.2 kB (new file)	🆕
./bundle/chunk-PSLXNPJ6.js	659 kB	+659 kB (new file)	🆕
./bundle/chunk-UO5JORUX.js	2.79 MB	+2.79 MB (new file)	🆕
./bundle/core-BKY5TOAY.js	49.2 kB	+49.2 kB (new file)	🆕
./bundle/devtoolsService-JMCJLE6N.js	28 kB	+28 kB (new file)	🆕
./bundle/gemini-QHSPNL3I.js	585 kB	+585 kB (new file)	🆕
./bundle/interactiveCli-IW5INBRI.js	1.3 MB	+1.3 MB (new file)	🆕
./bundle/liteRtServerManager-TYRLUAXX.js	2.08 kB	+2.08 kB (new file)	🆕
./bundle/oauth2-provider-E7EETL4J.js	9.12 kB	+9.12 kB (new file)	🆕

ℹ️ View Unchanged

Filename	Size	Change
./bundle/bundled/third_party/index.js	8 MB	0 B
./bundle/chunk-34MYV7JD.js	2.45 kB	0 B
./bundle/chunk-5AUYMPVF.js	858 B	0 B
./bundle/chunk-5PS3AYFU.js	1.18 kB	0 B
./bundle/chunk-664ZODQF.js	124 kB	0 B
./bundle/chunk-DAHVX5MI.js	206 kB	0 B
./bundle/chunk-IUUIT4SU.js	56.5 kB	0 B
./bundle/chunk-TUDYL3X4.js	40.3 kB	0 B
./bundle/cleanup-V2L4ROR5.js	0 B	-902 B (removed)	🏆
./bundle/devtools-36NN55EP.js	696 kB	0 B
./bundle/events-XB7DADIJ.js	418 B	0 B
./bundle/examples/hooks/scripts/on-start.js	188 B	0 B
./bundle/examples/mcp-server/example.js	1.43 kB	0 B
./bundle/gemini.js	5.07 kB	0 B
./bundle/getMachineId-bsd-TXG52NKR.js	1.55 kB	0 B
./bundle/getMachineId-darwin-7OE4DDZ6.js	1.55 kB	0 B
./bundle/getMachineId-linux-SHIFKOOX.js	1.34 kB	0 B
./bundle/getMachineId-unsupported-5U5DOEYY.js	1.06 kB	0 B
./bundle/getMachineId-win-6KLLGOI4.js	1.72 kB	0 B
./bundle/https-proxy-agent-AVGR4LHR.js	490 B	0 B
./bundle/multipart-parser-KPBZEGQU.js	11.7 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	222 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	229 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	13.4 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B	0 B
./bundle/sandbox-macos-permissive-open.sb	890 B	0 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB	0 B
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB	0 B
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB	0 B
./bundle/sandbox-macos-strict-open.sb	4.82 kB	0 B
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB	0 B
./bundle/src-QVCVGIUX.js	47 kB	0 B
./bundle/start-DNA5IH2I.js	0 B	-622 B (removed)	🏆
./bundle/tree-sitter-7U6MW5PS.js	274 kB	0 B
./bundle/tree-sitter-bash-34ZGLXVX.js	1.84 MB	0 B
./bundle/worker/worker-entry.js	361 kB	0 B
./bundle/cleanup-4EXCU6O2.js	902 B	+902 B (new file)	🆕
./bundle/start-PUSSJ6QL.js	622 B	+622 B (new file)	🆕

_{compressed-size-action}

[gemini-code-assist]

Code Review

This pull request updates the ripgrep path resolution to support different build layouts and expands the list of trusted system paths to include internal Google execution paths. Feedback suggests adding a candidate path for flattened SEA layouts where the binary resides in the same directory as the script. Additionally, it was noted that the implementation for trusted paths is missing an environment variable bypass for hermetic environments, which was mentioned in the PR description but not included in the code.

[cocosheng-g]

/gemini review

[gemini-code-assist]

Code Review

This pull request expands the candidate search paths for the ripgrep binary to support multiple deployment layouts and introduces a bypass for hermetic environments in the system path trust check. Feedback indicates that the hermetic environment bypass is logically incomplete as it still subjects paths to the allowlist check, and unit tests for this security-sensitive logic are currently missing.

[cocosheng-g]

/gemini review

[gemini-code-assist]

Code Review

This pull request expands the search paths for the ripgrep binary to support various deployment layouts, including flattened SEA and specific Dev/Dist structures. It also updates path validation logic to trust internal execution paths and allow CWD-based paths within hermetic environments like Bazel. Feedback was provided regarding test robustness in paths.test.ts, specifically recommending the use of beforeEach and afterEach hooks to ensure global state and environment variables are correctly restored after tests, adhering to the repository's testing conventions.

[cocosheng-g]

/gemini review

[gemini-code-assist]

Code Review

This pull request expands the ripgrep binary resolution logic to support additional directory layouts, including flattened SEA runtimes and specific development/distribution structures. It also updates the isTrustedSystemPath utility to recognize and permit execution within hermetic environments (such as Bazel or Blaze) by checking for specific environment variables and adding internal 1P execution paths to the trusted list. Corresponding unit tests have been added to verify these new resolution paths and security bypasses. I have no feedback to provide.

[github-actions]

🚨 Action Required: Eval Regressions Detected

Model: gemini-3-flash-preview

The following trustworthy evaluations passed on main and in recent Nightly runs, but failed in this PR. These regressions must be addressed before merging.

Test Name	Nightly	PR Result	Status
should allow file modification in plans directory when in plan mode	89%	0%	❌ Regression

The check passed or was cleared for 66 other trustworthy evaluations.

🛠️ Troubleshooting & Fix Instructions

1. Ask Gemini CLI to fix it (Recommended)

Copy and paste this prompt to the agent:

The eval "should allow file modification in plans directory when in plan mode" in evals/plan_mode.eval.ts is failing. Investigate and fix it using the behavioral-evals skill.

2. Reproduce Locally

Run the following command to see the failure trajectory:

GEMINI_MODEL=gemini-3-flash-preview npm run test:all_evals -- evals/plan_mode.eval.ts --testNamePattern="should allow file modification in plans directory when in plan mode"

3. Manual Fix

See the Fixing Guide for detailed troubleshooting steps.

### 🧠 Model Steering Guidance

This PR modifies files that affect the model's behavior (prompts, tools, or instructions).

• ⚠️ Consider adding Evals: No behavioral evaluations (evals/*.eval.ts) were added or updated in this PR. Consider adding a test case to verify the new behavior and prevent regressions.
• 🚀 Maintainer Reminder: Please ensure that these changes do not regress results on benchmark evals before merging.

---

This is an automated guidance message triggered by steering logic signatures.

[rmedranollamas]

LGTM