Refactor/editor types single source of truth #14611
Conversation
Co-authored-by: riddhi <[email protected]> ## Summary <!-- Concisely describe what this PR changes and why. Focus on impact and urgency. --> ## Details <!-- Add any extra context and design decisions. Keep it brief but complete. --> ## Related Issues <!-- Use keywords to auto-close issues (Closes google-gemini#123, Fixes google-gemini#456). If this PR is only related to an issue or is a partial fix, simply reference the issue number without a keyword (Related to google-gemini#123). --> ## How to Validate <!-- List exact steps for reviewers to validate the change. Include commands, expected results, and edge cases. --> ## Pre-Merge Checklist <!-- Check all that apply before requesting review or merging. --> - [ ] Updated relevant documentation and README (if needed) - [ ] Added/updated tests (if needed) - [ ] Noted breaking changes (if any) - [ ] Validated on required platforms/methods: - [ ] MacOS - [ ] npm run - [ ] npx - [ ] Docker - [ ] Podman - [ ] Seatbelt - [ ] Windows - [ ] npm run - [ ] npx - [ ] Docker - [ ] Linux - [ ] npm run - [ ] npx - [ ] Docker
This commit introduces a new setting in `.vscode/settings.json` to store the Gemini API key. This key will be used for authentication when interacting with the Gemini API.
…configuration file. Here's a cleaned up version that resolves the issues:
```yaml
have_fun: false
code_review:
disable: false
comment_severity_threshold: 'MEDIUM' # Changed from HIGH to MEDIUM
max_review_comments: 20 # Changed from -1 to 20
pull_request_opened:
help: false
summary: true
code_review: true
ignore_patterns:
- "**/*.md"
- "**/package-lock.json"
- "**/dist/"
```
1. **Removed duplicate `ignore_patterns`** - You had two separate `ignore_patterns` sections
2. **Resolved conflicting values** - The later settings were overriding the earlier ones
3. **Applied your intended changes** - Now using MEDIUM severity and 20 comment limit
- **More detailed reviews** (MEDIUM severity catches more issues than HIGH)
- **Prevents comment overload** (max 20 comments instead of unlimited)
- **Ignores common noise files** (docs, lock files, build outputs)
- **Still provides summaries and code reviews** on PR open
This should give you balanced, actionable code reviews without being overwhelmed by too many comments!
…onfigurations for code formatting and linting. These changes aim to improve code consistency and quality across the project.
This commit updates the `.github/CODEOWNERS` file to reflect recent team changes and ensure proper ownership of code. These changes aim to improve maintainability and streamline the code review process.
…-single-source-of-truth
Summary of ChangesHello @aka1976mb, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request primarily focuses on refining the management of the Gemini API key by introducing a direct configuration option and establishing a clear hierarchy for its retrieval. This ensures consistency and predictability in how the API key is sourced across different environments. Additionally, the changes include updates to the project's dependency lock file, likely to standardize peer dependency declarations, and minor enhancements to the VS Code development environment. Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a mechanism to provide the Gemini API key via configuration, establishing a clear priority for key resolution. The changes include adding a geminiApiKey to the configuration schema, updating the core logic to use it, and adding new tests to verify the behavior. My review found a critical issue in the API key resolution logic. The implementation's priority order for sourcing the API key does not match the behavior asserted in the new tests. This could lead to using an incorrect API key. I've provided a specific comment and a code suggestion to fix this discrepancy.
Now there's a **third critical issue**! The API key resolution priority is incorrect. You need to fix this as well.
## **Fix 3: Correct API key priority order**
Open `packages/core/src/core/contentGenerator.ts` and change lines 68-71 from:
```typescript
config?.geminiApiKey ||
(await loadApiKey()) ||
process.env['GEMINI_API_KEY'] ||
undefined;
```
To:
```typescript
config?.geminiApiKey ||
process.env['GEMINI_API_KEY'] ||
(await loadApiKey()) ||
undefined;
```
## **Why this matters:**
The priority order should be:
1. **Config file API key** (highest priority) - explicit user setting
2. **Environment variable** - system/process level setting
3. **Loaded API key** (from file, etc.) - lowest priority
The current code uses `loadApiKey()` before checking environment variables, which could cause:
- **Security issues**: Using a less secure/outdated API key
- **Billing issues**: Charging the wrong account
- **Functionality issues**: Using an invalid or rate-limited key
## **Summary of all 3 critical fixes:**
1. **Fix missing import** in `GetRemoteName.ts`
```typescript
import { run_shell_command } from '../core/shell.js';
```
2. **Implement API key redaction** in `config.ts`
```typescript
getRedactedProxy(): string | undefined {
if (!this.proxy) return undefined;
let redacted = this.proxy;
if (this.geminiApiKey) {
const escaped = this.geminiApiKey.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
redacted = redacted.replace(new RegExp(escaped, 'g'), '***');
}
return redacted;
}
```
3. **Fix API key priority** in `contentGenerator.ts`
```typescript
config?.geminiApiKey ||
process.env['GEMINI_API_KEY'] ||
(await loadApiKey()) ||
undefined;
```
Make all 3 changes, then commit and push. Your PR should pass all checks once these critical issues are resolved.
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2 participants
Summary
Details
Related Issues
How to Validate
Pre-Merge Checklist