@google/gemini-cli-core 0.37.2 → 0.38.0

package/dist/docs/cli/plan-mode.md

@@ -123,6 +123,7 @@ These are the only allowed tools:
   [`glob`](../tools/file-system.md#4-glob-findfiles)
 - **Search:** [`grep_search`](../tools/file-system.md#5-grep_search-searchtext),
   [`google_web_search`](../tools/web-search.md),
+  [`web_fetch`](../tools/web-fetch.md) (requires explicit confirmation),
   [`get_internal_docs`](../tools/internal-docs.md)
 - **Research Subagents:**
   [`codebase_investigator`](../core/subagents.md#codebase-investigator),

package/dist/docs/cli/sandbox.md

@@ -136,6 +136,58 @@ gemini -p "build the snap"
   absolute path — the path must be writable inside the container.
 - Used with tools like Snapcraft or Rockcraft that require a full system.
 
+## Tool sandboxing
+
+Tool-level sandboxing provides granular isolation for individual tool executions
+(like `shell_exec` and `write_file`) instead of sandboxing the entire Gemini CLI
+process.
+
+This approach offers better integration with your local environment for non-tool
+tasks (like UI rendering and configuration loading) while still providing
+security for tool-driven operations.
+
+### How to turn off tool sandboxing
+
+If you experience issues with tool sandboxing or prefer full-process isolation,
+you can disable it by setting `security.toolSandboxing` to `false` in your
+`settings.json` file.
+
+```json
+{
+  "security": {
+    "toolSandboxing": false
+  }
+}
+```
+
+<!-- prettier-ignore -->
+> [!NOTE]
+> Changing the `security.toolSandboxing` setting requires a restart of Gemini
+> CLI to take effect.
+
+## Sandbox expansion
+
+Sandbox expansion is a dynamic permission system that lets Gemini CLI request
+additional permissions for a command when needed.
+
+When a sandboxed command fails due to permission restrictions (like restricted
+file paths or network access), or when a command is proactively identified as
+requiring extra permissions (like `npm install`), Gemini CLI will present you
+with a "Sandbox Expansion Request."
+
+### How sandbox expansion works
+
+1.  **Detection**: Gemini CLI detects a sandbox denial or proactively identifies
+    a command that requires extra permissions.
+2.  **Request**: A modal dialog is shown, explaining which additional
+    permissions (e.g., specific directories or network access) are required.
+3.  **Approval**: If you approve the expansion, the command is executed with the
+    extended permissions for that specific run.
+
+This mechanism ensures you don't have to manually re-run commands with more
+permissive sandbox settings, while still maintaining control over what the AI
+can access.
+
 ## Quickstart
 
 ```bash

package/dist/docs/cli/settings.md

@@ -60,7 +60,7 @@ they appear in the UI.
 | Hide Tips                            | `ui.hideTips`                          | Hide helpful tips in the UI                                                                                                                                       | `false` |
 | Escape Pasted @ Symbols              | `ui.escapePastedAtSymbols`             | When enabled, @ symbols in pasted text are escaped to prevent unintended @path expansion.                                                                         | `false` |
 | Show Shortcuts Hint                  | `ui.showShortcutsHint`                 | Show the "? for shortcuts" hint above the input.                                                                                                                  | `true`  |
-| Compact Tool Output                  | `ui.compactToolOutput`                 | Display tool outputs (like directory listings and file reads) in a compact, structured format.                                                                    | `false` |
+| Compact Tool Output                  | `ui.compactToolOutput`                 | Display tool outputs (like directory listings and file reads) in a compact, structured format.                                                                    | `true`  |
 | Hide Banner                          | `ui.hideBanner`                        | Hide the application banner                                                                                                                                       | `false` |
 | Hide Context Summary                 | `ui.hideContextSummary`                | Hide the context summary (GEMINI.md, MCP servers) above the input.                                                                                                | `false` |
 | Hide CWD                             | `ui.footer.hideCWD`                    | Hide the current working directory in the footer.                                                                                                                 | `false` |
@@ -74,6 +74,8 @@ they appear in the UI.
 | Show Model Info In Chat              | `ui.showModelInfoInChat`               | Show the model name in the chat for each model turn.                                                                                                              | `false` |
 | Show User Identity                   | `ui.showUserIdentity`                  | Show the signed-in user's identity (e.g. email) in the UI.                                                                                                        | `true`  |
 | Use Alternate Screen Buffer          | `ui.useAlternateBuffer`                | Use an alternate screen buffer for the UI, preserving shell history.                                                                                              | `false` |
+| Render Process                       | `ui.renderProcess`                     | Enable Ink render process for the UI.                                                                                                                             | `true`  |
+| Terminal Buffer                      | `ui.terminalBuffer`                    | Use the new terminal buffer architecture for rendering.                                                                                                           | `false` |
 | Use Background Color                 | `ui.useBackgroundColor`                | Whether to use background colors in the UI.                                                                                                                       | `true`  |
 | Incremental Rendering                | `ui.incrementalRendering`              | Enable incremental rendering for the UI. This option will reduce flickering but may cause rendering artifacts. Only supported when useAlternateBuffer is enabled. | `true`  |
 | Show Spinner                         | `ui.showSpinner`                       | Show the spinner during operations.                                                                                                                               | `true`  |
@@ -129,7 +131,7 @@ they appear in the UI.
 | Sandbox Allowed Paths            | `tools.sandboxAllowedPaths`          | List of additional paths that the sandbox is allowed to access.                                                                                                            | `[]`    |
 | Sandbox Network Access           | `tools.sandboxNetworkAccess`         | Whether the sandbox is allowed to access the network.                                                                                                                      | `false` |
 | Enable Interactive Shell         | `tools.shell.enableInteractiveShell` | Use node-pty for an interactive shell experience. Fallback to child_process still applies.                                                                                 | `true`  |
-| Show Color                       | `tools.shell.showColor`              | Show color in shell output.                                                                                                                                                | `false` |
+| Show Color                       | `tools.shell.showColor`              | Show color in shell output.                                                                                                                                                | `true`  |
 | Use Ripgrep                      | `tools.useRipgrep`                   | Use ripgrep for file content search instead of the fallback implementation. Provides faster search performance.                                                            | `true`  |
 | Tool Output Truncation Threshold | `tools.truncateToolOutputThreshold`  | Maximum characters to show when truncating large tool outputs. Set to 0 or negative to disable truncation.                                                                 | `40000` |
 | Disable LLM Correction           | `tools.disableLLMCorrection`         | Disable LLM-based error correction for edit tools. When enabled, tools will fail immediately if exact string matches are not found, instead of attempting to self-correct. | `true`  |
@@ -138,7 +140,7 @@ they appear in the UI.
 
 | UI Label                              | Setting                                         | Description                                                                                                                                                                                                                          | Default |
 | ------------------------------------- | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------- |
-| Tool Sandboxing                       | `security.toolSandboxing`                       | Experimental tool-level sandboxing (implementation in progress).                                                                                                                                                                     | `false` |
+| Tool Sandboxing                       | `security.toolSandboxing`                       | Tool-level sandboxing. Isolates individual tools instead of the entire CLI process.                                                                                                                                                  | `false` |
 | Disable YOLO Mode                     | `security.disableYoloMode`                      | Disable YOLO mode, even if enabled by a flag.                                                                                                                                                                                        | `false` |
 | Disable Always Allow                  | `security.disableAlwaysAllow`                   | Disable "Always allow" options in tool confirmation dialogs.                                                                                                                                                                         | `false` |
 | Allow Permanent Tool Approval         | `security.enablePermanentToolApproval`          | Enable the "Allow for all future sessions" option in tool confirmation dialogs.                                                                                                                                                      | `false` |
@@ -153,20 +155,21 @@ they appear in the UI.
 
 | UI Label                          | Setting                        | Description                                   | Default |
 | --------------------------------- | ------------------------------ | --------------------------------------------- | ------- |
-| Auto Configure Max Old Space Size | `advanced.autoConfigureMemory` | Automatically configure Node.js memory limits | `false` |
+| Auto Configure Max Old Space Size | `advanced.autoConfigureMemory` | Automatically configure Node.js memory limits | `true`  |
 
 ### Experimental
 
-| UI Label                  | Setting                             | Description                                                                                                                                               | Default |
-| ------------------------- | ----------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
-| Enable Git Worktrees      | `experimental.worktrees`            | Enable automated Git worktree management for parallel work.                                                                                               | `false` |
-| Use OSC 52 Paste          | `experimental.useOSC52Paste`        | Use OSC 52 for pasting. This may be more robust than the default system when using remote terminal sessions (if your terminal is configured to allow it). | `false` |
-| Use OSC 52 Copy           | `experimental.useOSC52Copy`         | Use OSC 52 for copying. This may be more robust than the default system when using remote terminal sessions (if your terminal is configured to allow it). | `false` |
-| Model Steering            | `experimental.modelSteering`        | Enable model steering (user hints) to guide the model during tool execution.                                                                              | `false` |
-| Direct Web Fetch          | `experimental.directWebFetch`       | Enable web fetch behavior that bypasses LLM summarization.                                                                                                | `false` |
-| Memory Manager Agent      | `experimental.memoryManager`        | Replace the built-in save_memory tool with a memory manager subagent that supports adding, removing, de-duplicating, and organizing memories.             | `false` |
-| Enable Context Management | `experimental.contextManagement`    | Enable logic for context management.                                                                                                                      | `false` |
-| Topic & Update Narration  | `experimental.topicUpdateNarration` | Enable the experimental Topic & Update communication model for reduced chattiness and structured progress reporting.                                      | `false` |
+| UI Label                                             | Setting                             | Description                                                                                                                                               | Default |
+| ---------------------------------------------------- | ----------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| Enable Git Worktrees                                 | `experimental.worktrees`            | Enable automated Git worktree management for parallel work.                                                                                               | `false` |
+| Use OSC 52 Paste                                     | `experimental.useOSC52Paste`        | Use OSC 52 for pasting. This may be more robust than the default system when using remote terminal sessions (if your terminal is configured to allow it). | `false` |
+| Use OSC 52 Copy                                      | `experimental.useOSC52Copy`         | Use OSC 52 for copying. This may be more robust than the default system when using remote terminal sessions (if your terminal is configured to allow it). | `false` |
+| Model Steering                                       | `experimental.modelSteering`        | Enable model steering (user hints) to guide the model during tool execution.                                                                              | `false` |
+| Direct Web Fetch                                     | `experimental.directWebFetch`       | Enable web fetch behavior that bypasses LLM summarization.                                                                                                | `false` |
+| Memory Manager Agent                                 | `experimental.memoryManager`        | Replace the built-in save_memory tool with a memory manager subagent that supports adding, removing, de-duplicating, and organizing memories.             | `false` |
+| Use the generalist profile to manage agent contexts. | `experimental.generalistProfile`    | Suitable for general coding and software development tasks.                                                                                               | `false` |
+| Enable Context Management                            | `experimental.contextManagement`    | Enable logic for context management.                                                                                                                      | `false` |
+| Topic & Update Narration                             | `experimental.topicUpdateNarration` | Enable the experimental Topic & Update communication model for reduced chattiness and structured progress reporting.                                      | `false` |
 
 ### Skills
 

package/dist/docs/core/remote-agents.md

@@ -1,4 +1,4 @@
-# Remote Subagents (experimental)
+# Remote Subagents
 
 Gemini CLI supports connecting to remote subagents using the Agent-to-Agent
 (A2A) protocol. This allows Gemini CLI to interact with other agents, expanding
@@ -10,23 +10,6 @@ agents in the following repositories:
 - [ADK Samples (Python)](https://github.com/google/adk-samples/tree/main/python)
 - [ADK Python Contributing Samples](https://github.com/google/adk-python/tree/main/contributing/samples)
 
-<!-- prettier-ignore -->
-> [!NOTE]
-> Remote subagents are currently an experimental feature.
-
-## Configuration
-
-To use remote subagents, you must explicitly enable them in your
-`settings.json`:
-
-```json
-{
-  "experimental": {
-    "enableAgents": true
-  }
-}
-```
-
 ## Proxy support
 
 Gemini CLI routes traffic to remote agents through an HTTP/HTTPS proxy if one is
@@ -459,3 +442,16 @@ Users can manage subagents using the following commands within the Gemini CLI:
 > [!TIP]
 > You can use the `@cli_help` agent within Gemini CLI for assistance
 > with configuring subagents.
+
+## Disabling remote agents
+
+Remote subagents are enabled by default. To disable them, set `enableAgents` to
+`false` in your `settings.json`:
+
+```json
+{
+  "experimental": {
+    "enableAgents": false
+  }
+}
+```

package/dist/docs/core/subagents.md

@@ -5,15 +5,6 @@ session. They are designed to handle specific, complex tasks—like deep codebas
 analysis, documentation lookup, or domain-specific reasoning—without cluttering
 the main agent's context or toolset.
 
-Subagents are enabled by default. To disable them, set `enableAgents` to `false`
-in your `settings.json`:
-
-```json
-{
-  "experimental": { "enableAgents": false }
-}
-```
-
 ## What are subagents?
 
 Subagents are "specialists" that the main Gemini agent can hire for a specific
@@ -120,10 +111,12 @@ Gemini CLI comes with the following built-in subagents:
 
 The browser agent requires:
 
-- **Chrome** version 144 or later (any recent stable release will work).
-- **Node.js** with `npx` available (used to launch the
-  [`chrome-devtools-mcp`](https://www.npmjs.com/package/chrome-devtools-mcp)
-  server).
+- **Chrome** version 144 or later (any recent stable release works).
+
+The underlying
+[`chrome-devtools-mcp`](https://www.npmjs.com/package/chrome-devtools-mcp)
+server is bundled with Gemini CLI and launched automatically — no separate
+installation is needed.
 
 #### Enabling the browser agent
 
@@ -169,26 +162,58 @@ The available modes are:
 | `isolated`   | Launches Chrome with a temporary profile that is deleted after each session. Use this for clean-state automation.                                                                           |
 | `existing`   | Attaches to an already-running Chrome instance. You must enable remote debugging first by navigating to `chrome://inspect/#remote-debugging` in Chrome. No new browser process is launched. |
 
+#### First-run consent
+
+The first time the browser agent is invoked, Gemini CLI displays a consent
+dialog. You must accept before the browser session starts. This dialog only
+appears once.
+
 #### Configuration reference
 
 All browser-specific settings go under `agents.browser` in your `settings.json`.
-
-| Setting       | Type      | Default        | Description                                                                                     |
-| :------------ | :-------- | :------------- | :---------------------------------------------------------------------------------------------- |
-| `sessionMode` | `string`  | `"persistent"` | How Chrome is managed: `"persistent"`, `"isolated"`, or `"existing"`.                           |
-| `headless`    | `boolean` | `false`        | Run Chrome in headless mode (no visible window).                                                |
-| `profilePath` | `string`  | —              | Custom path to a browser profile directory.                                                     |
-| `visualModel` | `string`  | —              | Model override for the visual agent (for example, `"gemini-2.5-computer-use-preview-10-2025"`). |
+For full details, see the
+[`agents.browser` configuration reference](../reference/configuration.md#agents).
+
+| Setting                   | Type       | Default        | Description                                                                     |
+| :------------------------ | :--------- | :------------- | :------------------------------------------------------------------------------ |
+| `sessionMode`             | `string`   | `"persistent"` | How Chrome is managed: `"persistent"`, `"isolated"`, or `"existing"`.           |
+| `headless`                | `boolean`  | `false`        | Run Chrome in headless mode (no visible window).                                |
+| `profilePath`             | `string`   | —              | Custom path to a browser profile directory.                                     |
+| `visualModel`             | `string`   | —              | Model override for the visual agent.                                            |
+| `allowedDomains`          | `string[]` | —              | Restrict navigation to specific domains (for example, `["github.com"]`).        |
+| `disableUserInput`        | `boolean`  | `true`         | Disable user input on the browser window during automation (non-headless only). |
+| `maxActionsPerTask`       | `number`   | `100`          | Maximum tool calls per task. The agent is terminated when the limit is reached. |
+| `confirmSensitiveActions` | `boolean`  | `false`        | Require manual confirmation for `upload_file` and `evaluate_script`.            |
+| `blockFileUploads`        | `boolean`  | `false`        | Hard-block all file upload requests from the agent.                             |
+
+#### Automation overlay and input blocking
+
+In non-headless mode, the browser agent injects a visual overlay into the
+browser window to indicate that automation is in progress. By default, user
+input (keyboard and mouse) is also blocked to prevent accidental interference.
+You can disable this by setting `disableUserInput` to `false`.
 
 #### Security
 
-The browser agent enforces the following security restrictions:
-
-- **Blocked URL patterns:** `file://`, `javascript:`, `data:text/html`,
-  `chrome://extensions`, and `chrome://settings/passwords` are always blocked.
-- **Sensitive action confirmation:** Actions like form filling, file uploads,
-  and form submissions require user confirmation through the standard policy
-  engine.
+The browser agent enforces several layers of security:
+
+- **Domain restrictions:** When `allowedDomains` is set, the agent can only
+  navigate to the listed domains (and their subdomains when using `*.` prefix).
+  Attempting to visit a disallowed domain throws a fatal error that immediately
+  terminates the agent. The agent also attempts to detect and block the use of
+  allowed domains as proxies (e.g., via query parameters or fragments) to access
+  restricted content.
+- **Blocked URL patterns:** The underlying MCP server blocks dangerous URL
+  schemes including `file://`, `javascript:`, `data:text/html`,
+  `chrome://extensions`, and `chrome://settings/passwords`.
+- **Sensitive action confirmation:** Form filling (`fill`, `fill_form`) always
+  requires user confirmation through the policy engine, regardless of approval
+  mode. When `confirmSensitiveActions` is `true`, `upload_file` and
+  `evaluate_script` also require confirmation.
+- **File upload blocking:** Set `blockFileUploads` to `true` to hard-block all
+  file upload requests, preventing the agent from uploading any files.
+- **Action rate limiting:** The `maxActionsPerTask` setting (default: 100)
+  limits the total number of tool calls per task to prevent runaway execution.
 
 #### Visual agent
 
@@ -534,3 +559,14 @@ configuration, authentication, and usage instructions.
 Extensions can bundle and distribute subagents. See the
 [Extensions documentation](../extensions/index.md#subagents) for details on how
 to package agents within an extension.
+
+## Disabling subagents
+
+Subagents are enabled by default. To disable them, set `enableAgents` to `false`
+in your `settings.json`:
+
+```json
+{
+  "experimental": { "enableAgents": false }
+}
+```

package/dist/docs/get-started/authentication.md

@@ -398,8 +398,8 @@ on this page.
 
 ## Running in headless mode <a id="headless"></a>
 
-[Headless mode](../cli/headless) will use your existing authentication method,
-if an existing authentication credential is cached.
+[Headless mode](../cli/headless.md) will use your existing authentication
+method, if an existing authentication credential is cached.
 
 If you have not already signed in with an authentication credential, you must
 configure authentication using environment variables:

package/dist/docs/get-started/installation.md

@@ -122,6 +122,13 @@ code.
   # From the root of the repository
   npm run start
   ```
+- **Production mode (React optimizations):** This method runs the CLI with React
+  production mode enabled, which is useful for testing performance without
+  development overhead.
+  ```bash
+  # From the root of the repository
+  npm run start:prod
+  ```
 - **Production-like mode (linked package):** This method simulates a global
   installation by linking your local package. It's useful for testing a local
   build in a production workflow.

package/dist/docs/hooks/index.md

@@ -22,11 +22,11 @@ With hooks, you can:
 
 ### Getting started
 
-- **[Writing hooks guide](../hooks/writing-hooks)**: A tutorial on creating your
-  first hook with comprehensive examples.
-- **[Best practices](../hooks/best-practices)**: Guidelines on security,
+- **[Writing hooks guide](../hooks/writing-hooks.md)**: A tutorial on creating
+  your first hook with comprehensive examples.
+- **[Best practices](../hooks/best-practices.md)**: Guidelines on security,
   performance, and debugging.
-- **[Hooks reference](../hooks/reference)**: The definitive technical
+- **[Hooks reference](../hooks/reference.md)**: The definitive technical
   specification of I/O schemas and exit codes.
 
 ## Core concepts
@@ -154,8 +154,8 @@ Gemini CLI **fingerprints** project hooks. If a hook's name or command changes
 (e.g., via `git pull`), it is treated as a **new, untrusted hook** and you will
 be warned before it executes.
 
-See [Security Considerations](../hooks/best-practices#using-hooks-securely) for
-a detailed threat model.
+See [Security Considerations](../hooks/best-practices.md#using-hooks-securely)
+for a detailed threat model.
 
 ## Managing hooks
 

package/dist/docs/reference/configuration.md

@@ -62,11 +62,13 @@ locations for these files:
 
 **Note on environment variables in settings:** String values within your
 `settings.json` and `gemini-extension.json` files can reference environment
-variables using either `$VAR_NAME` or `${VAR_NAME}` syntax. These variables will
-be automatically resolved when the settings are loaded. For example, if you have
-an environment variable `MY_API_TOKEN`, you could use it in `settings.json` like
-this: `"apiKey": "$MY_API_TOKEN"`. Additionally, each extension can have its own
-`.env` file in its directory, which will be loaded automatically.
+variables using `$VAR_NAME`, `${VAR_NAME}`, or `${VAR_NAME:-DEFAULT_VALUE}`
+syntax. These variables will be automatically resolved when the settings are
+loaded. For example, if you have an environment variable `MY_API_TOKEN`, you
+could use it in `settings.json` like this: `"apiKey": "$MY_API_TOKEN"`. If you
+want to provide a fallback value, use `${MY_API_TOKEN:-default-token}`.
+Additionally, each extension can have its own `.env` file in its directory,
+which will be loaded automatically.
 
 **Note for Enterprise Users:** For guidance on deploying and managing Gemini CLI
 in a corporate environment, please see the
@@ -265,7 +267,7 @@ their corresponding top-level category object in your `settings.json` file.
 - **`ui.compactToolOutput`** (boolean):
   - **Description:** Display tool outputs (like directory listings and file
     reads) in a compact, structured format.
-  - **Default:** `false`
+  - **Default:** `true`
 
 - **`ui.hideBanner`** (boolean):
   - **Description:** Hide the application banner
@@ -337,6 +339,16 @@ their corresponding top-level category object in your `settings.json` file.
   - **Default:** `false`
   - **Requires restart:** Yes
 
+- **`ui.renderProcess`** (boolean):
+  - **Description:** Enable Ink render process for the UI.
+  - **Default:** `true`
+  - **Requires restart:** Yes
+
+- **`ui.terminalBuffer`** (boolean):
+  - **Description:** Use the new terminal buffer architecture for rendering.
+  - **Default:** `false`
+  - **Requires restart:** Yes
+
 - **`ui.useBackgroundColor`** (boolean):
   - **Description:** Whether to use background colors in the UI.
   - **Default:** `true`
@@ -1242,7 +1254,8 @@ their corresponding top-level category object in your `settings.json` file.
   - **Requires restart:** Yes
 
 - **`agents.browser.visualModel`** (string):
-  - **Description:** Model override for the visual agent.
+  - **Description:** Model for the visual agent's analyze_screenshot tool. When
+    set, enables the tool.
   - **Default:** `undefined`
   - **Requires restart:** Yes
 
@@ -1391,7 +1404,7 @@ their corresponding top-level category object in your `settings.json` file.
 
 - **`tools.shell.showColor`** (boolean):
   - **Description:** Show color in shell output.
-  - **Default:** `false`
+  - **Default:** `true`
 
 - **`tools.shell.inactivityTimeout`** (number):
   - **Description:** The maximum time in seconds allowed without output from the
@@ -1479,9 +1492,10 @@ their corresponding top-level category object in your `settings.json` file.
 #### `security`
 
 - **`security.toolSandboxing`** (boolean):
-  - **Description:** Experimental tool-level sandboxing (implementation in
-    progress).
+  - **Description:** Tool-level sandboxing. Isolates individual tools instead of
+    the entire CLI process.
   - **Default:** `false`
+  - **Requires restart:** Yes
 
 - **`security.disableYoloMode`** (boolean):
   - **Description:** Disable YOLO mode, even if enabled by a flag.
@@ -1565,7 +1579,7 @@ their corresponding top-level category object in your `settings.json` file.
 
 - **`advanced.autoConfigureMemory`** (boolean):
   - **Description:** Automatically configure Node.js memory limits
-  - **Default:** `false`
+  - **Default:** `true`
   - **Requires restart:** Yes
 
 - **`advanced.dnsResolutionOrder`** (string):
@@ -1587,6 +1601,17 @@ their corresponding top-level category object in your `settings.json` file.
 
 #### `experimental`
 
+- **`experimental.adk.agentSessionNoninteractiveEnabled`** (boolean):
+  - **Description:** Enable non-interactive agent sessions.
+  - **Default:** `false`
+  - **Requires restart:** Yes
+
+- **`experimental.adk.agentSessionInteractiveEnabled`** (boolean):
+  - **Description:** Enable the agent session implementation for the interactive
+    CLI.
+  - **Default:** `false`
+  - **Requires restart:** Yes
+
 - **`experimental.enableAgents`** (boolean):
   - **Description:** Enable local and remote subagents.
   - **Default:** `true`
@@ -1685,6 +1710,11 @@ their corresponding top-level category object in your `settings.json` file.
   - **Default:** `false`
   - **Requires restart:** Yes
 
+- **`experimental.generalistProfile`** (boolean):
+  - **Description:** Suitable for general coding and software development tasks.
+  - **Default:** `false`
+  - **Requires restart:** Yes
+
 - **`experimental.contextManagement`** (boolean):
   - **Description:** Enable logic for context management.
   - **Default:** `false`

package/dist/docs/reference/keyboard-shortcuts.md

@@ -86,13 +86,14 @@ available combinations.
 
 #### Text Input
 
-| Command                    | Action                                                                    | Keys                                                                                |
-| -------------------------- | ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
-| `input.submit`             | Submit the current prompt.                                                | `Enter`                                                                             |
-| `input.queueMessage`       | Queue the current prompt to be processed after the current task finishes. | `Tab`                                                                               |
-| `input.newline`            | Insert a newline without submitting.                                      | `Ctrl+Enter`<br />`Cmd/Win+Enter`<br />`Alt+Enter`<br />`Shift+Enter`<br />`Ctrl+J` |
-| `input.openExternalEditor` | Open the current prompt or the plan in an external editor.                | `Ctrl+X`                                                                            |
-| `input.paste`              | Paste from the clipboard.                                                 | `Ctrl+V`<br />`Cmd/Win+V`<br />`Alt+V`                                              |
+| Command                              | Action                                                                    | Keys                                                                                |
+| ------------------------------------ | ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
+| `input.submit`                       | Submit the current prompt.                                                | `Enter`                                                                             |
+| `input.queueMessage`                 | Queue the current prompt to be processed after the current task finishes. | `Tab`                                                                               |
+| `input.newline`                      | Insert a newline without submitting.                                      | `Ctrl+Enter`<br />`Cmd/Win+Enter`<br />`Alt+Enter`<br />`Shift+Enter`<br />`Ctrl+J` |
+| `input.openExternalEditor`           | Open the current prompt or the plan in an external editor.                | `Ctrl+G`                                                                            |
+| `input.deprecatedOpenExternalEditor` | Deprecated command to open external editor.                               | `Ctrl+X`                                                                            |
+| `input.paste`                        | Paste from the clipboard.                                                 | `Ctrl+V`<br />`Cmd/Win+V`<br />`Alt+V`                                              |
 
 #### App Controls
 
@@ -100,9 +101,10 @@ available combinations.
 | ----------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ |
 | `app.showErrorDetails`        | Toggle detailed error information.                                                                                                                 | `F12`              |
 | `app.showFullTodos`           | Toggle the full TODO list.                                                                                                                         | `Ctrl+T`           |
-| `app.showIdeContextDetail`    | Show IDE context details.                                                                                                                          | `Ctrl+G`           |
+| `app.showIdeContextDetail`    | Show IDE context details.                                                                                                                          | `F4`               |
 | `app.toggleMarkdown`          | Toggle Markdown rendering.                                                                                                                         | `Alt+M`            |
-| `app.toggleCopyMode`          | Toggle copy mode when in alternate buffer mode.                                                                                                    | `Ctrl+S`           |
+| `app.toggleCopyMode`          | Toggle copy mode when in alternate buffer mode.                                                                                                    | `F9`               |
+| `app.toggleMouseMode`         | Toggle mouse mode (scrolling and clicking).                                                                                                        | `Ctrl+S`           |
 | `app.toggleYolo`              | Toggle YOLO (auto-approval) mode for tool calls.                                                                                                   | `Ctrl+Y`           |
 | `app.cycleApprovalMode`       | Cycle through approval modes: default (prompt), auto_edit (auto-approve edits), and plan (read-only). Plan mode is skipped when the agent is busy. | `Shift+Tab`        |
 | `app.showMoreLines`           | Expand and collapse blocks of content when not in alternate buffer mode.                                                                           | `Ctrl+O`           |
@@ -126,6 +128,9 @@ available combinations.
 | `background.unfocus`        | Move focus from background shell to Gemini.                        | `Shift+Tab` |
 | `background.unfocusList`    | Move focus from background shell list to Gemini.                   | `Tab`       |
 | `background.unfocusWarning` | Show warning when trying to move focus away from background shell. | `Tab`       |
+| `app.dumpFrame`             | Dump the current frame as a snapshot.                              | `F8`        |
+| `app.startRecording`        | Start recording the session.                                       | `F6`        |
+| `app.stopRecording`         | Stop recording the session.                                        | `F7`        |
 
 #### Extension Controls
 

package/dist/docs/reference/tools.md

@@ -115,10 +115,10 @@ each tool.
 
 ### Web
 
-| Tool                                          | Kind     | Description                                                                                                                                                                                                 |
-| :-------------------------------------------- | :------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [`google_web_search`](../tools/web-search.md) | `Search` | Performs a Google Search to find up-to-date information.                                                                                                                                                    |
-| [`web_fetch`](../tools/web-fetch.md)          | `Fetch`  | Retrieves and processes content from specific URLs. **Warning:** This tool can access local and private network addresses (e.g., localhost), which may pose a security risk if used with untrusted prompts. |
+| Tool                                          | Kind     | Description                                                                                                                                                                                                                                                              |
+| :-------------------------------------------- | :------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [`google_web_search`](../tools/web-search.md) | `Search` | Performs a Google Search to find up-to-date information.                                                                                                                                                                                                                 |
+| [`web_fetch`](../tools/web-fetch.md)          | `Fetch`  | Retrieves and processes content from specific URLs. **Warning:** This tool can access local and private network addresses (e.g., localhost), which may pose a security risk if used with untrusted prompts. In Plan Mode, this tool requires explicit user confirmation. |
 
 ## Under the hood
 

package/dist/docs/release-confidence.md

@@ -22,12 +22,6 @@ nightly) or the release branch (for preview/stable).
 
 - **Platforms:** Tests must pass on **Linux and macOS**.
 
-<!-- prettier-ignore -->
-> [!NOTE]
-> Windows tests currently run with `continue-on-error: true`. While a
-> failure here doesn't block the release technically, it should be
-> investigated.
-
 - **Checks:**
   - **Linting:** No linting errors (ESLint, Prettier, etc.).
   - **Typechecking:** No TypeScript errors.

package/dist/docs/releases.md

@@ -1,5 +1,9 @@
 # Gemini CLI releases
 
+<!-- prettier-ignore -->
+> [!IMPORTANT]
+> **Coordinate with the Release Manager:** The release manager is responsible for coordinating patches and releases. Please update them before performing any of the release actions described in this document.
+
 ## `dev` vs `prod` environment
 
 Our release flows support both `dev` and `prod` environments.

package/dist/docs/tools/mcp-server.md

@@ -290,7 +290,7 @@ When connecting to an OAuth-enabled server:
 > OAuth authentication requires that your local machine can:
 >
 > - Open a web browser for authentication
-> - Receive redirects on `http://localhost:7777/oauth/callback`
+> - Receive redirects on `http://localhost:<random-port>/oauth/callback` (or a specific port if configured via `redirectUri`)
 
 This feature will not work in:
 
@@ -323,8 +323,8 @@ Use the `/mcp auth` command to manage OAuth authentication:
   if omitted)
 - **`tokenUrl`** (string): OAuth token endpoint (auto-discovered if omitted)
 - **`scopes`** (string[]): Required OAuth scopes
-- **`redirectUri`** (string): Custom redirect URI (defaults to
-  `http://localhost:7777/oauth/callback`)
+- **`redirectUri`** (string): Custom redirect URI (defaults to an OS-assigned
+  random port, e.g., `http://localhost:<random-port>/oauth/callback`)
 - **`tokenParamName`** (string): Query parameter name for tokens in SSE URLs
 - **`audiences`** (string[]): Audiences the token is valid for
 

package/dist/docs/tools/web-fetch.md

@@ -17,6 +17,9 @@ specific operations like summarization or extraction.
 ## Technical behavior
 
 - **Confirmation:** Triggers a confirmation dialog showing the converted URLs.
+- **Plan Mode:** In [Plan Mode](../cli/plan-mode.md), `web_fetch` is available
+  but always requires explicit user confirmation (`ask_user`) due to security
+  implications of accessing external or private network addresses.
 - **Processing:** Uses the Gemini API's `urlContext` for retrieval.
 - **Fallback:** If API access fails, the tool attempts to fetch raw content
   directly from your local machine.