fix(session): include available sessions in --resume error for invalid identifier

.gemini/commands/strict-development-rules.md

@@ -107,7 +107,7 @@ Gemini CLI project.
   set.
 - **Logging**: Use `debugLogger` for rethrown errors to avoid duplicate logging.
 - **Keyboard Shortcuts**: Define all new keyboard shortcuts in
-  `packages/cli/src/config/keyBindings.ts` and document them in
+  `packages/cli/src/ui/key/keyBindings.ts` and document them in
   `docs/cli/keyboard-shortcuts.md`. Be careful of keybindings that require the
   `Meta` key, as only certain meta key shortcuts are supported on Mac. Avoid
   function keys and shortcuts commonly bound in VSCode.

.github/actions/publish-release/action.yml

@@ -193,7 +193,7 @@ runs:
         INPUTS_A2A_PACKAGE_NAME: '${{ inputs.a2a-package-name }}'
 
     - name: '📦 Prepare bundled CLI for npm release'
-      if: "inputs.npm-registry-url != 'https://npm.pkg.github.com/'"
+      if: "inputs.npm-registry-url != 'https://npm.pkg.github.com/' && inputs.npm-tag != 'latest'"
       working-directory: '${{ inputs.working-directory }}'
       shell: 'bash'
       run: |

.github/workflows/release-patch-0-from-comment.yml

@@ -120,6 +120,9 @@ jobs:
             if (recentRuns.length > 0) {
               core.setOutput('dispatched_run_urls', recentRuns.map(r => r.html_url).join(','));
               core.setOutput('dispatched_run_ids', recentRuns.map(r => r.id).join(','));
+
+              const markdownLinks = recentRuns.map(r => `- [View dispatched workflow run](${r.html_url})`).join('\n');
+              core.setOutput('dispatched_run_links', markdownLinks);
             }
 
       - name: 'Comment on Failure'
@@ -138,16 +141,19 @@ jobs:
           token: '${{ secrets.GITHUB_TOKEN }}'
           issue-number: '${{ github.event.issue.number }}'
           body: |
-            ✅ **Patch workflow(s) dispatched successfully!**
+            🚀 **[Step 1/4] Patch workflow(s) waiting for approval!**
 
             **📋 Details:**
             - **Channels**: `${{ steps.dispatch_patch.outputs.dispatched_channels }}`
             - **Commit**: `${{ steps.pr_status.outputs.MERGE_COMMIT_SHA }}`
             - **Workflows Created**: ${{ steps.dispatch_patch.outputs.dispatched_run_count }}
 
+            **⏳ Status:** The patch creation workflow has been triggered and is waiting for deployment approval. Please visit the specific workflow links below and approve the runs.
+
             **🔗 Track Progress:**
-            - [View patch workflows](https://github.com/${{ github.repository }}/actions/workflows/release-patch-1-create-pr.yml)
-            - [This workflow run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
+            ${{ steps.dispatch_patch.outputs.dispatched_run_links }}
+            - [View patch workflow history](https://github.com/${{ github.repository }}/actions/workflows/release-patch-1-create-pr.yml)
+            - [This trigger workflow run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
 
       - name: 'Final Status Comment - Dispatch Success (No URL)'
         if: "always() && startsWith(github.event.comment.body, '/patch') && steps.dispatch_patch.outcome == 'success' && !steps.dispatch_patch.outputs.dispatched_run_urls"
@@ -156,16 +162,18 @@ jobs:
           token: '${{ secrets.GITHUB_TOKEN }}'
           issue-number: '${{ github.event.issue.number }}'
           body: |
-            ✅ **Patch workflow(s) dispatched successfully!**
+            🚀 **[Step 1/4] Patch workflow(s) waiting for approval!**
 
             **📋 Details:**
             - **Channels**: `${{ steps.dispatch_patch.outputs.dispatched_channels }}`
             - **Commit**: `${{ steps.pr_status.outputs.MERGE_COMMIT_SHA }}`
             - **Workflows Created**: ${{ steps.dispatch_patch.outputs.dispatched_run_count }}
 
+            **⏳ Status:** The patch creation workflow has been triggered and is waiting for deployment approval. Please visit the workflow history link below and approve the runs.
+
             **🔗 Track Progress:**
-            - [View patch workflows](https://github.com/${{ github.repository }}/actions/workflows/release-patch-1-create-pr.yml)
-            - [This workflow run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
+            - [View patch workflow history](https://github.com/${{ github.repository }}/actions/workflows/release-patch-1-create-pr.yml)
+            - [This trigger workflow run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
 
       - name: 'Final Status Comment - Failure'
         if: "always() && startsWith(github.event.comment.body, '/patch') && (steps.dispatch_patch.outcome == 'failure' || steps.dispatch_patch.outcome == 'cancelled')"
@@ -174,7 +182,7 @@ jobs:
           token: '${{ secrets.GITHUB_TOKEN }}'
           issue-number: '${{ github.event.issue.number }}'
           body: |
-            ❌ **Patch workflow dispatch failed!**
+            ❌ **[Step 1/4] Patch workflow dispatch failed!**
 
             There was an error dispatching the patch creation workflow.
 

.gitignore

@@ -62,3 +62,5 @@ gemini-debug.log
 .gemini-clipboard/
 .eslintcache
 evals/logs/
+
+temp_agents/

CONTRIBUTING.md

@@ -77,6 +77,10 @@ You can run the review tool in two ways:
     ./scripts/review.sh <PR_NUMBER> [model]
     ```
 
+    **Warning:** If you run `scripts/review.sh`, you must have first verified
+    that the code for the PR being reviewed is safe to run and does not contain
+    data exfiltration attacks.
+
     **Authors are strongly encouraged to run this script on their own PRs**
     immediately after creation. This allows you to catch and fix simple issues
     locally before a maintainer performs a full review.

README.md

@@ -6,7 +6,7 @@
 [![License](https://img.shields.io/github/license/google-gemini/gemini-cli)](https://github.com/google-gemini/gemini-cli/blob/main/LICENSE)
 [![View Code Wiki](https://assets.codewiki.google/readme-badge/static.svg)](https://codewiki.google/github.com/google-gemini/gemini-cli?utm_source=badge&utm_medium=github&utm_campaign=github.com/google-gemini/gemini-cli)
 
-![Gemini CLI Screenshot](./docs/assets/gemini-screenshot.png)
+![Gemini CLI Screenshot](/docs/assets/gemini-screenshot.png)
 
 Gemini CLI is an open-source AI agent that brings the power of Gemini directly
 into your terminal. It provides lightweight access to Gemini, giving you the

docs/cli/cli-reference.md

@@ -8,7 +8,8 @@ and parameters.
 | Command                            | Description                        | Example                                                      |
 | ---------------------------------- | ---------------------------------- | ------------------------------------------------------------ |
 | `gemini`                           | Start interactive REPL             | `gemini`                                                     |
-| `gemini "query"`                   | Query non-interactively, then exit | `gemini "explain this project"`                              |
+| `gemini -p "query"`                | Query non-interactively            | `gemini -p "summarize README.md"`                            |
+| `gemini "query"`                   | Query and continue interactively   | `gemini "explain this project"`                              |
 | `cat file \| gemini`               | Process piped content              | `cat logs.txt \| gemini`<br>`Get-Content logs.txt \| gemini` |
 | `gemini -i "query"`                | Execute and continue interactively | `gemini -i "What is the purpose of this project?"`           |
 | `gemini -r "latest"`               | Continue most recent session       | `gemini -r "latest"`                                         |
@@ -20,9 +21,9 @@ and parameters.
 
 ### Positional arguments
 
-| Argument | Type              | Description                                                                                                        |
-| -------- | ----------------- | ------------------------------------------------------------------------------------------------------------------ |
-| `query`  | string (variadic) | Positional prompt. Defaults to one-shot mode. Use `-i/--prompt-interactive` to execute and continue interactively. |
+| Argument | Type              | Description                                                                                                |
+| -------- | ----------------- | ---------------------------------------------------------------------------------------------------------- |
+| `query`  | string (variadic) | Positional prompt. Defaults to interactive mode in a TTY. Use `-p/--prompt` for non-interactive execution. |
 
 ## Interactive commands
 
@@ -47,7 +48,7 @@ These commands are available within the interactive REPL.
 | `--version`                      | `-v`  | -       | -         | Show CLI version number and exit                                                                                                                                       |
 | `--help`                         | `-h`  | -       | -         | Show help information                                                                                                                                                  |
 | `--model`                        | `-m`  | string  | `auto`    | Model to use. See [Model Selection](#model-selection) for available values.                                                                                            |
-| `--prompt`                       | `-p`  | string  | -         | Prompt text. Appended to stdin input if provided. **Deprecated:** Use positional arguments instead.                                                                    |
+| `--prompt`                       | `-p`  | string  | -         | Prompt text. Appended to stdin input if provided. Forces non-interactive mode.                                                                                         |
 | `--prompt-interactive`           | `-i`  | string  | -         | Execute prompt and continue in interactive mode                                                                                                                        |
 | `--sandbox`                      | `-s`  | boolean | `false`   | Run in a sandboxed environment for safer execution                                                                                                                     |
 | `--approval-mode`                | -     | string  | `default` | Approval mode for tool execution. Choices: `default`, `auto_edit`, `yolo`                                                                                              |

docs/cli/headless.md

@@ -6,7 +6,7 @@ structured text or JSON output without an interactive terminal UI.
 ## Technical reference
 
 Headless mode is triggered when the CLI is run in a non-TTY environment or when
-providing a query as a positional argument without the interactive flag.
+providing a query with the `-p` (or `--prompt`) flag.
 
 ### Output formats
 

docs/cli/plan-mode.md

@@ -150,6 +150,27 @@ Plan Mode's default tool restrictions are managed by the
 but you can customize these rules by creating your own policies in your
 `~/.gemini/policies/` directory (Tier 2).
 
+#### Global vs. mode-specific rules
+
+As described in the
+[policy engine documentation](../reference/policy-engine.md#approval-modes), any
+rule that does not explicitly specify `modes` is considered "always active" and
+will apply to Plan Mode as well.
+
+If you want a rule to apply to other modes but _not_ to Plan Mode, you must
+explicitly specify the target modes. For example, to allow `npm test` in default
+and Auto-Edit modes but not in Plan Mode:
+
+```toml
+[[rule]]
+toolName = "run_shell_command"
+commandPrefix = "npm test"
+decision = "allow"
+priority = 100
+# By omitting "plan", this rule will not be active in Plan Mode.
+modes = ["default", "autoEdit"]
+```
+
 #### Example: Automatically approve read-only MCP tools
 
 By default, read-only MCP tools require user confirmation in Plan Mode. You can

docs/cli/settings.md

@@ -125,6 +125,7 @@ they appear in the UI.
 | ------------------------------------- | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------- |
 | Disable YOLO Mode                     | `security.disableYoloMode`                      | Disable YOLO mode, even if enabled by a flag.                                                                                                                                                                                        | `false` |
 | Allow Permanent Tool Approval         | `security.enablePermanentToolApproval`          | Enable the "Allow for all future sessions" option in tool confirmation dialogs.                                                                                                                                                      | `false` |
+| Auto-add to Policy by Default         | `security.autoAddToPolicyByDefault`             | When enabled, the "Allow for all future sessions" option becomes the default choice for low-risk tools in trusted workspaces.                                                                                                        | `false` |
 | Blocks extensions from Git            | `security.blockGitExtensions`                   | Blocks installing and loading extensions from Git.                                                                                                                                                                                   | `false` |
 | Extension Source Regex Allowlist      | `security.allowedExtensions`                    | List of Regex patterns for allowed extensions. If nonempty, only extensions that match the patterns in this list are allowed. Overrides the blockGitExtensions setting.                                                              | `[]`    |
 | Folder Trust                          | `security.folderTrust.enabled`                  | Setting to track whether Folder trust is enabled.                                                                                                                                                                                    | `true`  |