abbyswag/qwen-code
1
0
Fork 0
mirror of https://github.com/QwenLM/qwen-code.git synced 2025-12-21 09:17:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Disable YOLO and AUTO_EDIT modes for untrusted folders (#7041)

Browse Source
This commit is contained in:
shrutip90
2025-08-25 17:30:04 -07:00
committed by GitHub
parent 2c6794feed
commit ae1f67df04
9 changed files with 451 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
packages/cli/src/config/config.test.ts
View File

@@ -23,7 +23,7 @@ import * as ServerConfig from '@google/gemini-cli-core';
import { isWorkspaceTrusted } from './trustedFolders.js';
vi.mock('./trustedFolders.js', () => ({
isWorkspaceTrusted: vi.fn(),
isWorkspaceTrusted: vi.fn().mockReturnValue(true), // Default to trusted
}));
vi.mock('fs', async (importOriginal) => {
@@ -1002,6 +1002,7 @@ describe('Approval mode tool exclusion logic', () => {
beforeEach(() => {
process.stdin.isTTY = false; // Ensure non-interactive mode
vi.mocked(isWorkspaceTrusted).mockReturnValue(true);
});
afterEach(() => {
@@ -1680,6 +1681,7 @@ describe('loadCliConfig tool exclusions', () => {
vi.mocked(os.homedir).mockReturnValue('/mock/home/user');
vi.stubEnv('GEMINI_API_KEY', 'test-api-key');
process.stdin.isTTY = true;
vi.mocked(isWorkspaceTrusted).mockReturnValue(true);
});
afterEach(() => {
@@ -1789,6 +1791,7 @@ describe('loadCliConfig approval mode', () => {
vi.mocked(os.homedir).mockReturnValue('/mock/home/user');
vi.stubEnv('GEMINI_API_KEY', 'test-api-key');
process.argv = ['node', 'script.js']; // Reset argv for each test
vi.mocked(isWorkspaceTrusted).mockReturnValue(true);
});
afterEach(() => {
@@ -1856,6 +1859,41 @@ describe('loadCliConfig approval mode', () => {
const config = await loadCliConfig({}, [], 'test-session', argv);
expect(config.getApprovalMode()).toBe(ServerConfig.ApprovalMode.YOLO);
});
// --- Untrusted Folder Scenarios ---
describe('when folder is NOT trusted', () => {
beforeEach(() => {
vi.mocked(isWorkspaceTrusted).mockReturnValue(false);
});
it('should override --approval-mode=yolo to DEFAULT', async () => {
process.argv = ['node', 'script.js', '--approval-mode', 'yolo'];
const argv = await parseArguments({} as Settings);
const config = await loadCliConfig({}, [], 'test-session', argv);
expect(config.getApprovalMode()).toBe(ServerConfig.ApprovalMode.DEFAULT);
});
it('should override --approval-mode=auto_edit to DEFAULT', async () => {
process.argv = ['node', 'script.js', '--approval-mode', 'auto_edit'];
const argv = await parseArguments({} as Settings);
const config = await loadCliConfig({}, [], 'test-session', argv);
expect(config.getApprovalMode()).toBe(ServerConfig.ApprovalMode.DEFAULT);
});
it('should override --yolo flag to DEFAULT', async () => {
process.argv = ['node', 'script.js', '--yolo'];
const argv = await parseArguments({} as Settings);
const config = await loadCliConfig({}, [], 'test-session', argv);
expect(config.getApprovalMode()).toBe(ServerConfig.ApprovalMode.DEFAULT);
});
it('should remain DEFAULT when --approval-mode=default', async () => {
process.argv = ['node', 'script.js', '--approval-mode', 'default'];
const argv = await parseArguments({} as Settings);
const config = await loadCliConfig({}, [], 'test-session', argv);
expect(config.getApprovalMode()).toBe(ServerConfig.ApprovalMode.DEFAULT);
});
});
});
describe('loadCliConfig trustedFolder', () => {

8
packages/cli/src/config/config.ts
View File

@@ -406,6 +406,14 @@ export async function loadCliConfig(
argv.yolo || false ? ApprovalMode.YOLO : ApprovalMode.DEFAULT;
}
// Force approval mode to default if the folder is not trusted.
if (!trustedFolder && approvalMode !== ApprovalMode.DEFAULT) {
logger.warn(
`Approval mode overridden to "default" because the current folder is not trusted.`,
);
approvalMode = ApprovalMode.DEFAULT;
}
const interactive =
!!argv.promptInteractive || (process.stdin.isTTY && question.length === 0);
// In non-interactive mode, exclude tools that require a prompt.