refined sandbox/seatbelt log message, pass NODE_OPTIONS along to sandboxed node (#292)

packages/cli/src/gemini.ts

@@ -31,7 +31,6 @@ async function main() {
   if (!process.env.SANDBOX) {
     const sandbox = sandbox_command(config.getSandbox());
     if (sandbox) {
-      console.log('hopping into sandbox ...');
       await start_sandbox(sandbox);
       process.exit(0);
     }

packages/cli/src/utils/sandbox.ts

@@ -142,7 +142,8 @@ function entrypoint(workdir: string): string[] {
 
 export async function start_sandbox(sandbox: string) {
   if (sandbox === 'sandbox-exec') {
-    process.env.SEATBELT_PROFILE ??= 'minimal';
+    const profile = (process.env.SEATBELT_PROFILE ??= 'minimal');
+    console.log(`using macos seatbelt (profile: ${profile}) ...`);
     const args = [
       '-D',
       `TARGET_DIR=${fs.realpathSync(process.cwd())}`,
@@ -151,19 +152,18 @@ export async function start_sandbox(sandbox: string) {
       '-D',
       `HOME_DIR=${fs.realpathSync(os.homedir())}`,
       '-f',
-      new URL(
-        `sandbox-macos-${process.env.SEATBELT_PROFILE}.sb`,
-        import.meta.url,
-      ).pathname,
+      new URL(`sandbox-macos-${profile}.sb`, import.meta.url).pathname,
       'bash',
       '-c',
-      'SANDBOX=sandbox-exec ' +
+      `SANDBOX=sandbox-exec NODE_OPTIONS="${process.env.NODE_OPTIONS}" ` +
         process.argv.map((arg) => quote([arg])).join(' '),
     ];
     spawnSync(sandbox, args, { stdio: 'inherit' });
     return;
   }
 
+  console.log(`hopping into sandbox (command: ${sandbox}) ...`);
+
   // determine full path for gemini-code to distinguish linked vs installed setting
   const gcPath = execSync(`realpath $(which gemini-code)`).toString().trim();
 
@@ -345,6 +345,11 @@ export async function start_sandbox(sandbox: string) {
     }
   }
 
+  // copy NODE_OPTIONS
+  if (process.env.NODE_OPTIONS) {
+    args.push('--env', `NODE_OPTIONS="${process.env.NODE_OPTIONS}"`);
+  }
+
   // set SANDBOX as container name
   args.push('--env', `SANDBOX=${containerName}-${index}`);