Skip to content

bug(output): do not print output by default #202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sethvargo merged 1 commit into from
Aug 20, 2025
Merged

bug(output): do not print output by default #202

sethvargo merged 1 commit into from
Aug 20, 2025

Conversation

@sethvargo
Copy link
Contributor

@sethvargo sethvargo commented Aug 20, 2025

It's possible to trick the LLM into printing sensitive information from the environment like access keys or credentials. While GitHub Actions secret masking + shell_command restrictions provide some protections, the best protection is to suppress Gemini CLI output in the logs. The output is still accessible via the summary and error fields on the GitHub Action, in case later steps do want to print or inspect the output.

@sethvargo
bug(output): do not print output by default
f568f39 
It's possible to trick the LLM into printing sensitive information from the environment like access keys or credentials. While GitHub Actions secret masking + shell_command restrictions provide some protections, the best protection is to suppress Gemini CLI output in the logs. The output is still accessible via the `summary` and `error` fields on the GitHub Action, in case later steps do want to print or inspect the output.
@sethvargo sethvargo requested review from a team as code owners August 20, 2025 14:03
gemini-cli[bot]
gemini-cli bot reviewed Aug 20, 2025
View reviewed changes
Copy link
Contributor

@gemini-cli gemini-cli bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📋 Review Summary

This is an excellent security enhancement that significantly reduces the risk of exposing sensitive information in workflow logs. By default, the action will no longer print the Gemini response or errors, instead making them available as step outputs. This is a much safer approach.

🔍 General Feedback

  • The change is simple, effective, and directly addresses the security concern.
  • The pull request description is clear and explains the rationale well.
  • This change improves the default security posture of the action, which is a huge win for users.

@sethvargo sethvargo enabled auto-merge (squash) August 20, 2025 14:07
@sethvargo sethvargo merged commit 2fa6ffe into main Aug 20, 2025
17 checks passed
@sethvargo sethvargo deleted the sethvargo/out branch August 20, 2025 14:58
@sethvargo sethvargo restored the sethvargo/out branch August 20, 2025 18:39
@sethvargo sethvargo deleted the sethvargo/out branch August 20, 2025 18:43
@google-github-actions-bot google-github-actions-bot mentioned this pull request Aug 26, 2025
Merged
google-github-actions-bot added a commit that referenced this pull request Aug 26, 2025
@google-github-actions-bot
Release: v0.1.12 (#247)
2a77eb2 
## What's Changed
* fix(output): separate the stdout and stderr logs by @sethvargo in
#186
* fix: correct step numbering in setup_workload_identity.sh by
@jasmeetsb in
#188
* Try and address TOCTOU issues in gemini-cli.yml by @sethvargo in
#187
* chore: bump `actions/checkout` GitHub Actions by @Marukome0743 in
#193
* docs: add gitignore recommendations across all workflows by @jerop in
#198
* chore: bump `actions/create-github-app-token` from 2.0.6 to 2.1.1 by
@Marukome0743 in
#200
* bug(output): do not print output by default by @sethvargo in
#202
* Add GOOGLE_API_KEY variable by @vivekkairi in
#201
* Stream live output if (and only if) debug mode is enabled by
@sethvargo in
#207
* bug(debug): use `vars` (not `env`) when enabling debug mode by
@sethvargo in
#211
* feat: Add GEMINI_MODEL support by @vivekkairi in
#214
* feat(actions): use the dispatcher pattern to separate concerns by
@sethvargo in
#212
* bug(ci): set id-token permissions by @sethvargo in
#223
* chore: add a debugger by @sethvargo in
#226
* Add release notes generation example in awesome list by @jerop in
#225
* feat(invoke): update invoke prompt to better separate execution flow
by @sethvargo in
#227
* chore(ci): refactor scheduled triage workflow by @sethvargo in
#232
* Fix triage workflow by @sethvargo in
#233
* Auto trigger PR reviews when they are from branches in repo by @jerop
in #234
* rename workflow from `gemini-issue-scheduled-triage` to
`gemini-scheduled-triage` by @jerop in
#238
* feat: rename triage workflows by @jerop in
#240
* feat: rename gemini-cli to gemini-invoke by @jerop in
#239
* rename PR review workflow to be consistent with the rest by @jerop in
#241
* feat(workflows): refactor examples/workflows to use dispatch pattern
by @jerop in
#242
* feat: pin example workflows to v0 by @jerop in
#246
* add google_api_key input in gemini-triage workflows by @jerop in
#243
* feat: add best practices guide by @jerop in
#245

## New Contributors
* @vivekkairi made their first contribution in
#201

**Full Changelog**:
v0.1.11...v0.1.12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gemini-cli gemini-cli[bot] gemini-cli[bot] left review comments

@jerop jerop jerop approved these changes

@verbanicm verbanicm Awaiting requested review from verbanicm verbanicm is a code owner automatically assigned from google-github-actions/maintainers

@benw307 benw307 Awaiting requested review from benw307 benw307 is a code owner automatically assigned from google-github-actions/run-gemini-cli-maintainers

@anj-s anj-s Awaiting requested review from anj-s anj-s is a code owner automatically assigned from google-github-actions/run-gemini-cli-maintainers

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sethvargo @jerop