fix(cli): fall back for oversized bug report URLs

[he-yufeng]

Summary

Fix /bug for oversized GitHub issue URLs.

The command currently encodes the title, client info, and full problem description into a single issue-template URL. On Android/Termux, that can exceed the deep-link/intent limit and crash or fail before the user can submit the report.

This keeps the normal short-report path unchanged, but when the generated URL is too large it writes the full report to a local markdown file and opens a short GitHub issue URL instead.

Changes

• move bug report URL construction into a small helper
• add an oversized-URL fallback that writes bug-report-<timestamp>.md under the project temp dir
• truncate only the issue title in the fallback URL; the full title/problem/info stay in the markdown file
• add regression coverage for the oversized-report path

To verify

npm run generate
npm run build --workspace @google/gemini-cli-core
npm run build --workspace @google/gemini-cli-devtools
npm run test --workspace @google/gemini-cli -- src/ui/commands/bugCommand.test.ts
npm run typecheck --workspace @google/gemini-cli
npx eslint packages/cli/src/ui/commands/bugCommand.ts packages/cli/src/ui/commands/bugCommand.test.ts --max-warnings 0
npx prettier --check packages/cli/src/ui/commands/bugCommand.ts packages/cli/src/ui/commands/bugCommand.test.ts
git diff --check

Fixes #27590

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses an issue where bug reports containing large amounts of data (such as logs or extensive problem descriptions) could cause crashes or failures due to URL length limitations in certain environments like Android/Termux. By introducing a local file fallback, the system ensures that the full report content is preserved while still allowing the user to initiate the issue submission process via a shortened URL.

Highlights

• Oversized URL Handling: Implemented a fallback mechanism for bug reports where the generated GitHub issue URL exceeds 8000 characters.
• Local File Fallback: When a URL is too large, the full report is now written to a local markdown file in the project's temporary directory, and the user is provided with a shortened URL.
• Refactoring: Extracted bug report URL construction and formatting into dedicated helper functions to improve maintainability.
• Testing: Added regression coverage to verify that oversized reports are correctly saved to disk and that the resulting URL is truncated appropriately.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a mechanism to handle oversized bug reports in the bug command by writing reports that exceed the URL length limit to a local markdown file and providing a fallback URL. The review feedback recommends a security improvement: using mkdtempSync from node:fs to create uniquely and securely named temporary directories in global temp locations to prevent symlink attacks, along with corresponding updates to the unit tests.

[gemini-code-assist]

Import mkdtempSync from node:fs to securely create a temporary directory, and keep stat and writeFile from node:fs/promises.

Suggested change

	import { stat, writeFile } from 'node:fs/promises';
	import { mkdtempSync } from 'node:fs';
	import { stat, writeFile } from 'node:fs/promises';

References

1. When creating temporary files or directories in global temporary directories (e.g., /tmp), use fs.mkdtempSync() to generate securely named, uniquely named temporary directories. This mitigates symlink attacks where an attacker could pre-create a symlink with a predictable name to truncate arbitrary files.
2. Use the node: prefix when importing built-in Node.js modules for consistency across the codebase.

[gemini-code-assist]

When creating temporary directories in global temporary directories (e.g., /tmp), use mkdtempSync to generate securely named, uniquely named temporary directories. This mitigates symlink attacks where an attacker could pre-create a symlink with a predictable name to truncate arbitrary files.

Suggested change

	await writeFile(
	bugReportFilePath,
	formatBugReportFile(bugDescription, info, problemValue),
	'utf8',
	);
	const tempDir = mkdtempSync(path.join(os.tmpdir(), 'gemini-'));
	const bugReportFilePath = path.join(tempDir, 'bug-report.txt');
	await writeFile(
	bugReportFilePath,
	formatBugReportFile(bugDescription, info, problemValue),
	'utf8',
	);

References

1. When creating temporary files or directories in global temporary directories (e.g., /tmp), use fs.mkdtempSync() to generate securely named, uniquely named temporary directories. This mitigates symlink attacks where an attacker could pre-create a symlink with a predictable name to truncate arbitrary files.

[gemini-code-assist]

Mock mkdtempSync in the node:fs mock to prevent unit tests from creating real directories on the host filesystem during test execution.

    writeFile: vi.fn().mockResolvedValue(undefined),
    mkdtempSync: vi.fn().mockReturnValue('/tmp/gemini-123456'),

[he-yufeng]

Pushed 93341d49e for the temp-file review.

Change:

• the oversized-report fallback now creates a unique bug-report-* directory with mkdtempSync(...) and writes report.md inside it, instead of writing a predictable timestamped markdown file directly in the temp directory;
• the regression test now asserts the mkdtempSync prefix and the final report.md path.

Validation:

• npm ci (to restore this clean clone's missing dependencies)
• npm exec -- vitest run packages/cli/src/ui/commands/bugCommand.test.ts — 7 passed
• npm exec -- eslint packages/cli/src/ui/commands/bugCommand.ts packages/cli/src/ui/commands/bugCommand.test.ts
• npm exec -- prettier --check packages/cli/src/ui/commands/bugCommand.ts packages/cli/src/ui/commands/bugCommand.test.ts
• npm run typecheck --workspace=packages/cli
• npm run build --workspace=packages/cli
• git diff --check