From 28518aee0ab8ffc0881f807c41d2236afb96ae4b Mon Sep 17 00:00:00 2001
From: Olcan <olcans@gmail.com>
Date: Tue, 29 Apr 2025 09:02:08 -0700
Subject: [PATCH] use exec instead of spawn for command -v to go through shell
 and let it interpret command as a shell built-in instead of looking for a
 command binary on system (note setting shell:true for spawn could also work)
 (#211)

---
 packages/cli/src/gemini.ts | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/packages/cli/src/gemini.ts b/packages/cli/src/gemini.ts
index 29d2b1b7..3ac52a8e 100644
--- a/packages/cli/src/gemini.ts
+++ b/packages/cli/src/gemini.ts
@@ -28,9 +28,9 @@ function sandbox_command(): string {
   const opts: object = { stdio: 'ignore' };
   if (['1', 'true'].includes(sandbox)) {
     // look for docker or podman, in that order
-    if (spawnSync('command', ['-v', 'docker'], opts).status === 0) {
+    if (execSync('command -v docker').toString().trim()) {
       return 'docker'; // Set sandbox to 'docker' if found
-    } else if (spawnSync('command', ['-v', 'podman'], opts).status === 0) {
+    } else if (execSync('command -v podman').toString().trim()) {
       return 'podman'; // Set sandbox to 'podman' if found
     } else {
       console.error(
@@ -41,13 +41,14 @@ function sandbox_command(): string {
     }
   } else if (sandbox) {
     // confirm that specfied command exists
-    if (spawnSync('command', ['-v', sandbox], opts).status !== 0) {
+    if (execSync(`command -v ${sandbox}`).toString().trim()) {
+      return sandbox;
+    } else {
       console.error(
         `ERROR: missing sandbox command '${sandbox}' (from GEMINI_CODE_SANDBOX)`,
       );
       process.exit(1);
     }
-    return sandbox;
   } else {
     return ''; // no sandbox
   }
@@ -191,10 +192,12 @@ async function start_sandbox(sandbox: string) {
   // set SANDBOX as container name
   args.push('--env', `SANDBOX=${image}-${index}`);
 
-  // for podman, use empty --authfile to skip unnecessary auth refresh overhead
-  const emptyAuthFilePath = path.join(os.tmpdir(), 'empty_auth.json');
-  fs.writeFileSync(emptyAuthFilePath, '{}', 'utf-8');
-  args.push('--authfile', emptyAuthFilePath);
+  // for podman only, use empty --authfile to skip unnecessary auth refresh overhead
+  if (sandbox === 'podman') {
+    const emptyAuthFilePath = path.join(os.tmpdir(), 'empty_auth.json');
+    fs.writeFileSync(emptyAuthFilePath, '{}', 'utf-8');
+    args.push('--authfile', emptyAuthFilePath);
+  }
 
   // enable debugging via node --inspect-brk if DEBUG is set
   const nodeArgs = [];