fix(cli): allow installing extensions from ssh repo#26274
fix(cli): allow installing extensions from ssh repo#26274danielmundi wants to merge 1 commit intogoogle-gemini:mainfrom
Conversation
Current code doesn't allow installing extensios from an URL with `ssh://` prefix. Update the filter to include this prefix option. Signed-off-by: Daniel Finimundi <danielrf@motorola.com>
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request improves the CLI's flexibility by enabling support for SSH-based Git repository URLs during the extension installation process. This ensures that users can install extensions from a wider range of repository hosting configurations that utilize the ssh:// protocol. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request adds support for the ssh:// protocol when inferring extension installation metadata. Feedback suggests expanding this to include git+ssh:// for better coverage. There is also a concern regarding potential failures in existing security checks that use filesystem-based path resolution on these remote URLs, which could lead to extensions being blocked incorrectly.
| source.startsWith('gitlab:') || | ||
| source.startsWith('ssh://') |
There was a problem hiding this comment.
While adding ssh:// support is correct, consider also including the git+ssh:// prefix to provide more comprehensive support for common Git protocols. Many hosting services and package managers use git+ssh:// for secure access.
Security Note: Please be aware that the allowedExtensions security check (at lines 188 and 730) currently calls getRealPath() on the source string. Since ssh:// (and other remote protocols) are URLs rather than filesystem paths, getRealPath will likely throw an error if allowedExtensions is configured in the settings. This would prevent the installation or loading of remote extensions when security restrictions are enabled. This should be addressed in a follow-up to ensure the allowlist validation works correctly for URLs, while maintaining a 'fail-closed' approach as per repository standards.
source.startsWith('gitlab:') ||
source.startsWith('ssh://') ||
source.startsWith('git+ssh://')References
- Security checks, such as an extension allowlist, should be implemented in a 'fail-closed' manner. If an item's validity cannot be verified (e.g., due to missing metadata), it should be rejected by default.
There was a problem hiding this comment.
Could you please address this
There was a problem hiding this comment.
This GCA comment is not correct. The getRealPath() function does not work well with any of the URL, including "github:" and "git@", it treats them as relative paths and just appends the CWD path to transform it in an absolute path. As an example, installing the Google Workspace extension "https:/github.com/gemini-cli-extensions/workspace", from the user's home, the getRealPath() would return /home/daniel/https:/github.com/gemini-cli-extensions/workspace.
The regex comparison on installOrUpdateExtension() still work, because the path is still there, but using https://, github:, git@ or ssh:// doesn't change this behavior.
I also don't know of any place that uses git+ssh://, so I'd rather not include it here. There is no security advantage of using this prefix, it's just an indication to help some tools confirm the URL is a git repository, which is not the case for gemini-cli.
- BerriAI/litellm#26969: tool-permission guardrail tightening (merge-after-nits) - BerriAI/litellm#26967: VCR Redis observability (merge-as-is) - google-gemini/gemini-cli#26303: brain/critique role split + iteration (needs-discussion) - google-gemini/gemini-cli#26287: voice transcription cursor-position insert (merge-after-nits) - google-gemini/gemini-cli#26274: ssh:// extension install scheme (merge-as-is)
|
Hi there! Thank you for your interest in contributing to Gemini CLI. To ensure we maintain high code quality and focus on our prioritized roadmap, we only guarantee review and consideration of pull requests for issues that are explicitly labeled as 'help wanted'. This PR will be closed in 7 days if it remains without that designation. We encourage you to find and contribute to existing 'help wanted' issues in our backlog! Thank you for your understanding. |
| source.startsWith('gitlab:') || | ||
| source.startsWith('ssh://') |
There was a problem hiding this comment.
Could you please address this
|
I agree with the author's assessment regarding both
The PR's current implementation for Edit: This is the Gemini review with |
|
Based on the discussion, the next steps are related to resolving the
immediate change (PR #26274) and addressing the underlying systemic issue
identified during the review:
1. *Merge PR #26274* ("fix(cli): allow installing extensions from ssh
repo"). The PR is open and mergeable, and the proposed change to allow the
ssh:// prefix has been assessed as safe and consistent with existing
logic, introducing no new regressions.
2. *Track the getRealPath() Issue* Create a separate issue to track any
refactoring required for how remote URLs are handled in security checks, as
the current implementation of getRealPath() incorrectly treats all
remote URLs (including https:// and github:) as relative paths by
prepending the Current Working Directory (CWD).
…On Sat, May 9, 2026 at 1:34 PM Daniel Finimundi ***@***.***> wrote:
*danielmundi* left a comment (google-gemini/gemini-cli#26274)
<#26274 (comment)>
I agree with the author's assessment regarding both getRealPath and
git+ssh://.
1. *getRealPath*: As pointed out, the current implementation of
getRealPath handles all remote URLs (including https://, github:,
etc.) by falling back to path.resolve(). This effectively prepends the
CWD to the URL string but doesn't throw an error. While this behavior isn't
ideal for URLs, it means the regex checks in allowedExtensions still
function as before because the original URL string is preserved within the
mangled path. Adding ssh:// introduces no new regressions here. Any
refactoring of how remote URLs are handled in security checks should be
tracked as a separate issue.
2. *git+ssh://*: Adding support for git+ssh:// is unnecessary unless
there's a specific, reported use case for it within the context of Gemini
CLI extension installation. Keeping the supported prefixes strict is the
right approach.
The PR's current implementation for ssh:// is safe and consistent with
existing logic.
—
Reply to this email directly, view it on GitHub
<#26274 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BPTYXQHI42ANTNVOYITFLAT4Z523ZAVCNFSM6AAAAACYMRZOQ6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DIMJTGM3DIOJXHE>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Current code doesn't allow installing extensios from an URL with
ssh://prefix.Update the filter to include this prefix option.
Summary
Allow installing extensions from Git repositories that have the URL using the
ssh://prefix.Details
Some repositories don't accept the github and gitlab URL patterns and instead use the URL as
ssh://url.domain.com. It should be possible to install from those Git repositories as well.Related Issues
Fixes #26273
How to Validate
Execute command to install extension using an URL with
ssh://prefix, such as:Pre-Merge Checklist