feat(gemini): --skip-trust default + /at trigger_source follow-up (rc6, #471 + #271)#472
Merged
Merged
Conversation
Mirror the cron:<id> / webhook:<id> footer markers added in #271 (rc4) and Tier 2/3 (rc5) so /at-scheduled runs also show provenance. at_scheduler.schedule_delayed_run wraps the captured chat context (or a fresh RunContext when the chat is unmapped) with trigger_source = "at:<token>" via dataclasses.replace. runner_bridge.handle_message's icon-prefix tuple extends from ("cron:",) to ("cron:", "at:") so the alarm-clock icon renders for both — semantically /at is a one-shot delayed cron. record_run's existing triggered=bool(context and context.trigger_source) gate picks up /at runs in the /stats triggered/manual breakdown automatically. Tests: 1 new in test_at_command.py (test_handle_stamps_trigger_source_on_mapped_chat); the existing test_handle_captures_global_default_when_unmapped extended to assert the trigger_source-only RunContext path; existing test_run_delayed_forwards_captured_context_and_engine updated since the captured context is no longer reference-equal to the original. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Gemini CLI rejects runs from any directory not in ~/.gemini/trustedFolders.json — even with --approval-mode yolo — and there is no interactive prompt path in headless usage, so projects outside the trust list silently failed before any agent output. Untether already runs Gemini with yolo for the same "always headless" reason, so passing --skip-trust extends the same precedent. GeminiRunner.skip_trust (default True) is the runtime switch; opt out per deployment with [gemini] skip_trust = false in untether.toml (security-conscious operators who want Gemini's project-local extension/MCP trust gate enforced). Bump to 0.35.3rc6 for staging. Tests: 2 new in test_build_args.py::TestGeminiBuildArgs (test_skip_trust_default_includes_flag, test_skip_trust_opt_out_omits_flag). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two changes bundled for 0.35.3rc6 staging:
feat(gemini): --skip-trust by default— closes #471~/.gemini/trustedFolders.json— even with--approval-mode yolo— and there is no interactive prompt path in headless usage, so projects outside the trust list silently failed before any agent output.yolofor the same "always headless" reason;--skip-trustextends the same precedent.GeminiRunner.skip_trust(defaultTrue) is the runtime switch; opt out per deployment with[gemini] skip_trust = falseinuntether.toml.build_runner+build_argsintegration: argv with default config =[..., '--approval-mode', 'yolo', '--skip-trust', '--prompt=...']; argv withskip_trust = falsedrops the flag.fix(at): stamp trigger_source on /at runs— #271 follow-up/atfires were the only trigger source whose footer was indistinguishable from a regular user-initiated run.at_scheduler.schedule_delayed_runnow wraps the captured chat context (or a freshRunContextif unmapped) withtrigger_source = "at:<token>"viadataclasses.replace.runner_bridge.handle_message's icon-prefix tuple extends from("cron:",)to("cron:", "at:")so the alarm-clock icon renders for both — semantically/atis a one-shot delayed cron.record_run's existingtriggered=bool(context and context.trigger_source)gate picks up/atruns in the/statstriggered/manual breakdown automatically.Staging
0.35.3rc6for TestPyPI staging.Test plan
tests/test_build_args.py::TestGeminiBuildArgs::test_skip_trust_default_includes_flag✅tests/test_build_args.py::TestGeminiBuildArgs::test_skip_trust_opt_out_omits_flag✅tests/test_at_command.py::TestAtCommand::test_handle_stamps_trigger_source_on_mapped_chat✅tests/test_build_args.py(51 tests) +tests/test_at_command.py(38 tests) +tests/test_gemini_runner.py(29 tests) — 118 passedruff format --check+ruff checkclean on modified filesuntether-devrestarted onlba-1, picks up new code without crash@untether_dev_botGemini chat from a project dir not in~/.gemini/trustedFolders.json🤖 Generated with Claude Code