fix(core): Use atomic writes for session files to prevent data loss on crash

[jflam]

Problem

ChatRecordingService.writeConversation() currently uses fs.writeFileSync() directly:

fs.writeFileSync(this.conversationFile, newContent);

This is vulnerable to data loss if the process crashes or is killed mid-write - the session file could be left truncated or corrupted, losing the user's chat history.

Solution

Replace fs.writeFileSync() with write-file-atomic, which:

1. Writes to a temporary file first
2. Calls fsync() to ensure data is flushed to disk
3. Atomically renames the temp file to the target path

This guarantees that session files are always in a valid state - readers see either the previous complete version or the new complete version, never a partial write.

Changes

• Add write-file-atomic dependency to packages/core/package.json
• Add @types/write-file-atomic to devDependencies for TypeScript support
• Update ChatRecordingService.writeConversation() to use writeFileAtomic.sync()

Trade-offs

The performance overhead is minimal for session files (~10-50KB written once per message). write-file-atomic is widely used (40M+ weekly npm downloads) and is the standard solution for safe file writes in Node.js.

Testing

• Built and ran Gemini CLI locally
• Verified session files are created and updated correctly
• Confirmed JSON files remain valid after multiple chat interactions

[gemini-code-assist]

Summary of Changes

Hello @jflam, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical vulnerability where session files could become corrupted or truncated if the application crashed during a write operation. By integrating the write-file-atomic library, the system now performs atomic writes, guaranteeing that session files are always in a valid state. This enhancement prevents data loss and ensures a consistent user chat history, improving the overall robustness of the application.

Highlights

• Atomic Writes Implementation: Implemented atomic writes for session files to prevent data loss and corruption during unexpected application crashes or interruptions.
• New Dependency: write-file-atomic: Introduced the write-file-atomic package and its corresponding TypeScript type definitions (@types/write-file-atomic) as new dependencies to facilitate safe file operations.
• ChatRecordingService Update: Modified the ChatRecordingService.writeConversation() method to utilize writeFileAtomic.sync() instead of fs.writeFileSync(), ensuring data integrity and consistency for conversation history.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[gemini-code-assist]

Code Review

This pull request aims to prevent critical data loss in ChatRecordingService.writeConversation() by replacing fs.writeFileSync() with write-file-atomic for atomic session file writes. However, a high-severity Path Traversal vulnerability was identified: user-provided file paths are not validated, allowing an attacker to write to arbitrary locations on the filesystem. The new atomic write operation acts as a sink for this existing vulnerability.

[gemini-code-assist]

The initialize method on line 131 accepts a resumedSessionData object and directly uses resumedSessionData.filePath to set the this.conversationFile property on line 135. This property is later used in file writing operations, including the newly added writeFileAtomic.sync on line 424. There is no validation to ensure that resumedSessionData.filePath points to a file within the intended session storage directory. An attacker who can control the resumedSessionData object passed to the initialize method could provide a malicious path (e.g., ../../../../etc/passwd) to overwrite arbitrary files on the system with the permissions of the running process. This could lead to data corruption, denial of service, or potentially remote code execution if a critical application or system file is overwritten.

Remediation:
Before using resumedSessionData.filePath, validate that it is a legitimate path within the expected chat session directory. Use path.resolve to get the absolute path and then check if it is a subpath of the intended storage directory. You can use a helper function like isSubpath (which already exists in packages/core/src/utils/paths.ts) for this check.

Example:
'''typescript
import { isSubpath } from '../utils/paths.js';
// ... inside initialize method
if (resumedSessionData) {
const chatsDir = path.join(
this.config.storage.getProjectTempDir(),
'chats',
);
const resolvedPath = path.resolve(resumedSessionData.filePath);
if (!isSubpath(chatsDir, resolvedPath)) {
throw new Error('Attempted path traversal in session file path.');
}
this.conversationFile = resolvedPath;
// ...
}
'''

[jflam]

This looks like a pre-existing issue unrelated to this change.

[bdmorgan]

Hi @jflam, thank you so much for your contribution to Gemini CLI! We really appreciate the time and effort you've put into this.

We're making some updates to our contribution process to improve how we track and review changes. Please take a moment to review our recent discussion post: Improving Our Contribution Process & Introducing New Guidelines.

Key Update: Starting January 26, 2026, the Gemini CLI project will require all pull requests to be associated with an existing issue. Any pull requests not linked to an issue by that date will be automatically closed.

Thank you for your understanding and for being a part of our community!

[gemini-cli]

Hi there! Thank you for your contribution to Gemini CLI.

To improve our contribution process and better track changes, we now require all pull requests to be associated with an existing issue, as announced in our recent discussion and as detailed in our CONTRIBUTING.md.

This pull request is being closed because it is not currently linked to an issue. You can easily reopen this PR once you have linked it to an issue.

How to link an issue:
Add a keyword followed by the issue number (e.g., Fixes #123) in the description of your pull request. For more details, see the GitHub Documentation.

Thank you for your understanding and for being a part of our community!