From b1c449d11c58386aadf38be9c308e6dee2713f91 Mon Sep 17 00:00:00 2001
From: Olcan <olcans@gmail.com>
Date: Thu, 8 May 2025 14:50:35 -0700
Subject: [PATCH] refined sandbox/seatbelt log message, pass NODE_OPTIONS along
 to sandboxed node (#292)

---
 packages/cli/src/gemini.ts        |  1 -
 packages/cli/src/utils/sandbox.ts | 17 +++++++++++------
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/packages/cli/src/gemini.ts b/packages/cli/src/gemini.ts
index 940a1ba8..420f3242 100644
--- a/packages/cli/src/gemini.ts
+++ b/packages/cli/src/gemini.ts
@@ -31,7 +31,6 @@ async function main() {
   if (!process.env.SANDBOX) {
     const sandbox = sandbox_command(config.getSandbox());
     if (sandbox) {
-      console.log('hopping into sandbox ...');
       await start_sandbox(sandbox);
       process.exit(0);
     }
diff --git a/packages/cli/src/utils/sandbox.ts b/packages/cli/src/utils/sandbox.ts
index 0f7e1e10..7e2e4cf7 100644
--- a/packages/cli/src/utils/sandbox.ts
+++ b/packages/cli/src/utils/sandbox.ts
@@ -142,7 +142,8 @@ function entrypoint(workdir: string): string[] {
 
 export async function start_sandbox(sandbox: string) {
   if (sandbox === 'sandbox-exec') {
-    process.env.SEATBELT_PROFILE ??= 'minimal';
+    const profile = (process.env.SEATBELT_PROFILE ??= 'minimal');
+    console.log(`using macos seatbelt (profile: ${profile}) ...`);
     const args = [
       '-D',
       `TARGET_DIR=${fs.realpathSync(process.cwd())}`,
@@ -151,19 +152,18 @@ export async function start_sandbox(sandbox: string) {
       '-D',
       `HOME_DIR=${fs.realpathSync(os.homedir())}`,
       '-f',
-      new URL(
-        `sandbox-macos-${process.env.SEATBELT_PROFILE}.sb`,
-        import.meta.url,
-      ).pathname,
+      new URL(`sandbox-macos-${profile}.sb`, import.meta.url).pathname,
       'bash',
       '-c',
-      'SANDBOX=sandbox-exec ' +
+      `SANDBOX=sandbox-exec NODE_OPTIONS="${process.env.NODE_OPTIONS}" ` +
         process.argv.map((arg) => quote([arg])).join(' '),
     ];
     spawnSync(sandbox, args, { stdio: 'inherit' });
     return;
   }
 
+  console.log(`hopping into sandbox (command: ${sandbox}) ...`);
+
   // determine full path for gemini-code to distinguish linked vs installed setting
   const gcPath = execSync(`realpath $(which gemini-code)`).toString().trim();
 
@@ -345,6 +345,11 @@ export async function start_sandbox(sandbox: string) {
     }
   }
 
+  // copy NODE_OPTIONS
+  if (process.env.NODE_OPTIONS) {
+    args.push('--env', `NODE_OPTIONS="${process.env.NODE_OPTIONS}"`);
+  }
+
   // set SANDBOX as container name
   args.push('--env', `SANDBOX=${containerName}-${index}`);