Skip to content

Populate LLMSetupNote for Gemini CLI to warn on --tls-skip-verify no-op#5188

Merged
yrobla merged 1 commit intomainfrom
yolanda/issue-5180
May 5, 2026
Merged

Populate LLMSetupNote for Gemini CLI to warn on --tls-skip-verify no-op#5188
yrobla merged 1 commit intomainfrom
yolanda/issue-5180

Conversation

@yrobla
Copy link
Copy Markdown
Contributor

@yrobla yrobla commented May 5, 2026

Summary

NODE_TLS_REJECT_UNAUTHORIZED is intentionally not written to Gemini CLI's settings during thv llm setup because it would disable TLS verification for all of Gemini's HTTPS connections, not just the LLM gateway. Previously this meant --tls-skip-verify was silently accepted but had no effect on Gemini's own TLS settings, with no feedback to the user.

Populate LLMSetupNote on the GeminiCli config entry with a message explaining the limitation and advising users to add self-signed certificates to the system trust store instead. The note is printed to stdout after each successful Gemini CLI configuration via the existing plumbing in configureDetectedTools.

Fixes #5180

Type of change

  • Bug fix
  • New feature
  • Refactoring (no behavior change)
  • Dependency update
  • Documentation
  • Other (describe):

Test plan

  • Unit tests (task test)
  • E2E tests (task test-e2e)
  • Linting (task lint-fix)
  • Manual testing (describe below)

API Compatibility

  • This PR does not break the v1beta1 API, OR the api-break-allowed label is applied and the migration guidance is described above.

Changes

File Change

Does this introduce a user-facing change?

Implementation plan

Approved implementation plan

Special notes for reviewers

@github-actions github-actions Bot added the size/XS Extra small PR: < 100 lines changed label May 5, 2026
aponcedeleonch
aponcedeleonch previously approved these changes May 5, 2026
View reviewed changes
@taskbot
Fix unknown field LLMSetupNote in clientAppConfig
91a91c7 
The field was used in the GeminiCli struct literal but never defined on
clientAppConfig. Move the note into warnTLSSkipVerify in pkg/llm/setup.go
as a gemini-cli-specific branch, which already handles per-tool TLS warnings.

Closes #5180
@yrobla yrobla force-pushed the yolanda/issue-5180 branch from de942ce to 91a91c7 Compare May 5, 2026 08:46
@github-actions github-actions Bot added size/XS Extra small PR: < 100 lines changed and removed size/XS Extra small PR: < 100 lines changed labels May 5, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented May 5, 2026

Codecov Report

❌ Patch coverage is 0% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.65%. Comparing base (22f4769) to head (91a91c7).

Files with missing lines Patch % Lines
pkg/llm/setup.go 0.00% 9 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #5188      +/-   ##
==========================================
- Coverage   67.68%   67.65%   -0.03%     
==========================================
  Files         606      606              
  Lines       61791    61797       +6     
==========================================
- Hits        41823    41809      -14     
- Misses      16809    16830      +21     
+ Partials     3159     3158       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@yrobla yrobla merged commit 9cc163a into main May 5, 2026
73 of 74 checks passed
@yrobla yrobla deleted the yolanda/issue-5180 branch May 5, 2026 09:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aponcedeleonch aponcedeleonch aponcedeleonch approved these changes

@JAORMX JAORMX Awaiting requested review from JAORMX JAORMX is a code owner

@amirejaz amirejaz Awaiting requested review from amirejaz

@lujunsan lujunsan Awaiting requested review from lujunsan

Assignees

No one assigned

Labels

size/XS Extra small PR: < 100 lines changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

llm: populate LLMSetupNote for Gemini and warn on --tls-skip-verify no-op

3 participants

@yrobla @aponcedeleonch @taskbot