feat: implement project-level policy support #18679
Description
What would you like to be added?
Support for project-specific policies stored in the $PROJECT_ROOT/.gemini/policies directory. This should include:
- A new
Projectpolicy tier (Tier 3). - Logic to load these policies only when a workspace is trusted.
- Updated policy hierarchy: Admin (4) > Project (3) > User (2) > Default (1).
- Integration into the CLI configuration loading process.
Why is this needed?
Currently, policies are global or per-user. Many projects have specific guidelines or constraints (e.g., allowed tools, specific formatting rules, or security policies) that should be shared among all contributors to that project. Project-level policies allow these rules to be version-controlled and automatically applied for everyone working on the codebase, provided they trust the workspace.
Additional context
This will allow for better governance and consistency across different repositories using Gemini CLI.