feat(core): add GEMINI_API_BASE_URL env var for custom API endpoints

[albertpurnama]

Summary

This PR adds support for a GEMINI_API_BASE_URL environment variable that allows users to override the default Gemini API endpoint. This enables using the CLI as a frontend for local-first workflows with OpenAI-compatible proxies like Ollama and LiteLLM.

Details

• New Environment Variable: Added GEMINI_API_BASE_URL support in contentGenerator.ts
• Pass to SDK: The base URL is passed to the @google/genai SDK via httpOptions.baseUrl
• Backward Compatible: When the env var is not set, behavior is unchanged

Related Issues

Fixes #15430

How to Validate

1. Test with custom endpoint:

   export GEMINI_API_BASE_URL="http://localhost:4000"
   export GEMINI_API_KEY="test-key"
   gemini -p "test"

   Verify requests go to localhost:4000 instead of generativelanguage.googleapis.com

2. Test without env var:

   unset GEMINI_API_BASE_URL
   gemini -p "test"

   Verify normal operation with default endpoint

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
  • Windows
    • npm run
    • npx
  • Linux
    • npm run
    • npx

[gemini-code-assist]

Summary of Changes

Hello @albertpurnama, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the core functionality by allowing users to specify a custom base URL for the Gemini API through a new environment variable, GEMINI_API_BASE_URL. This feature is crucial for developers looking to integrate with local LLM proxies like Ollama or LiteLLM, providing greater flexibility for local-first development and testing. The implementation ensures that existing workflows are unaffected when the environment variable is not present.

Highlights

• New Environment Variable: Introduced GEMINI_API_BASE_URL to allow overriding the default Gemini API endpoint.
• Custom API Endpoints: Enables the use of custom API endpoints, facilitating integration with local LLM proxies such as Ollama and LiteLLM for local-first workflows.
• SDK Integration: The custom base URL is passed to the @google/genai SDK via httpOptions.baseUrl.
• Backward Compatibility: The change is fully backward compatible; if GEMINI_API_BASE_URL is not set, the default behavior remains unchanged.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request adds support for a "GEMINI_API_BASE_URL" environment variable, a valuable feature for using local LLM proxies. However, this introduces a high-severity Server-Side Request Forgery (SSRF) vulnerability because the application accepts the URL from the environment variable without any validation, potentially allowing an attacker to direct requests to internal network services. Strict validation on the provided URL is recommended. Additionally, the logging mechanism in "packages/core/src/core/loggingContentGenerator.ts" needs to be updated. The "_getEndpointUrl" method currently logs the default Google API endpoint, which will be misleading when a custom base URL is used. It should be updated to correctly reflect the "GEMINI_API_BASE_URL" for accurate debugging.

[gemini-code-assist]

A Server-Side Request Forgery (SSRF) vulnerability exists due to the introduction of the "GEMINI_API_BASE_URL" environment variable. This variable is used to construct the "baseUrl" for API requests without any validation. An attacker who can control this environment variable can force the application to make requests to arbitrary URLs, including internal network services or cloud provider metadata endpoints (e.g., "169.254.169.254"). This can lead to sensitive information disclosure, internal network scanning, and interaction with internal services. Remediation: The application should validate the "baseUrl" to ensure it points to a trusted, external domain. Implement a strict allow-list of permitted domains or, at a minimum, block requests to private/internal IP addresses and loopback devices. For example, check if the resolved IP address of the hostname is a private IP before making the request.

[albertpurnama]

seems overly cautious..

Environment variables are trusted input, they're set by the system admin/user who controls the machine. If an attacker can set env vars, they already have shell access and SSRF is the least of your worries.

[PatrickHeaney]

I agree with @albertpurnama.

The security alert seems to think I will set the GEMINI_API_BASE_URL to servers I am not authorized to use. The server I assign in GEMINI_API_BASE_URL is responsible for this function, not the requesting application (Gemini CLI). nist-sp-800-53/r4/ AC and SC families, along other cyber security standards already dictate the contacted server hosts this responsibility.

From perspective of user adoption, this change will eliminate the need for users to switch to other CLI tools when using other LLMs, particularly local LLMs.

Pls approve.