fix(cli): resolve Ghostty/raw-mode False Cancellation in oauth flow

[Aarchi-07]

Summary

This PR resolves a blocking bug where the /auth OAuth flow prematurely aborts with a "cancelled by user" error when running Gemini CLI inside the Ghostty terminal or VS Code WSL terminal.

Details

When running the CLI in a raw TTY, the oauth2 process listens to standard input to catch a valid Ctrl+C interrupt (0x03, ETX) and safely cancel out of the browser flow.

Previously, the stdin handler used data.includes(0x03) to evaluate this. Terminals like Ghostty and VS Code emit complex multi-byte escape sequences during initialization or resize events. Sometimes, these background sequences coincidentally embed 0x03 within them, triggering a false-positive cancellation.

This PR simply restricts the check to data.length === 1 && data[0] === 0x03 to confidently guarantee we only abort the flow when the user actually types a standalone Ctrl+C. Additional unit test coverage has been added explicitly for multi-byte escape sequences to prevent regression.

Related Issues

Fixes #24745

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical bug in the CLI's OAuth authentication flow that caused premature cancellations in certain terminal environments. By refining the detection mechanism for user-initiated cancellations, the change ensures a more reliable and stable authentication experience, particularly for users of Ghostty and VS Code WSL terminals.

Highlights

• False Cancellation Fix: Resolved a bug where the OAuth flow would prematurely cancel in terminals like Ghostty and VS Code WSL due to incorrect Ctrl+C detection.
• Refined Ctrl+C Detection: Modified the stdin handler to only recognize a standalone 0x03 byte as a Ctrl+C signal, preventing false positives from multi-byte escape sequences.
• Enhanced Test Coverage: Introduced new unit tests specifically designed to cover scenarios involving multi-byte escape sequences, ensuring the fix is robust and prevents regressions.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request fixes a bug in the OAuth2 authentication process where Ctrl+C signals were being misinterpreted, leading to false cancellations in certain terminal environments (e.g., Ghostty, VS Code WSL). The stdinHandler in oauth2.ts has been updated to only trigger cancellation when a lone 0x03 byte (Ctrl+C) is received, ignoring 0x03 when it's part of a multi-byte escape sequence. A new test case has been added to oauth2.test.ts to specifically verify this corrected behavior. There is no feedback to provide on the review comments, as none were provided.

[DavidAPierce]

LGTM.
Thank you for your contribution!