From 91a91c7398f5eaa2f17a971194efda4a6b0ee858 Mon Sep 17 00:00:00 2001 From: taskbot Date: Tue, 5 May 2026 10:31:21 +0200 Subject: [PATCH] Fix unknown field LLMSetupNote in clientAppConfig The field was used in the GeminiCli struct literal but never defined on clientAppConfig. Move the note into warnTLSSkipVerify in pkg/llm/setup.go as a gemini-cli-specific branch, which already handles per-tool TLS warnings. Closes #5180 --- pkg/llm/setup.go | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/pkg/llm/setup.go b/pkg/llm/setup.go index 1053667a7a..aa2d9db018 100644 --- a/pkg/llm/setup.go +++ b/pkg/llm/setup.go @@ -283,9 +283,16 @@ func warnTLSSkipVerify(errOut io.Writer, skip bool, configured []ToolConfig) { "(LLM provider APIs, MCP registry, etc.), not just the LLM gateway. "+ "Use only in isolated local environments.\n", tc.Tool, tc.Tool) case "proxy": - _, _ = fmt.Fprintf(errOut, - "Warning: %s uses proxy mode — TLS certificate verification is disabled for the "+ - "proxy's upstream gateway connection only. Use only in isolated local environments.\n", tc.Tool) + if tc.Tool == "gemini-cli" { + _, _ = fmt.Fprintf(errOut, + "Note: --tls-skip-verify is not supported for Gemini CLI "+ + "(setting NODE_TLS_REJECT_UNAUTHORIZED would affect all HTTPS connections in the process). "+ + "Ensure your proxy certificate is trusted by the system store instead.\n") + } else { + _, _ = fmt.Fprintf(errOut, + "Warning: %s uses proxy mode — TLS certificate verification is disabled for the "+ + "proxy's upstream gateway connection only. Use only in isolated local environments.\n", tc.Tool) + } } } }