claude-code
claude-code copied to clipboard
Published
3 weeks ago
•
anthropics
anthropics
[BUG] .claudeignore not ignoring private files
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
I am working with private data that cannot be put into AI or uploaded anywhere. So my way of dealing with this is a .claudeignore file. I have it as so:
# Proprietary files (tracked locally, not read by cloud AI)
priv/
apply_mod.py
The intention is to ignore anything in the priv/ folder, and any instance of apply_mod.py anywhere on the file system (since copies may exist).
This seems like a major security issue for private user data?
I'll let this conversation with Claude demonstrate the rest. Note that I redacted it by changing some of detailed names with dummy names:
Let me check how coordinates are being parsed from your apply_mod.py script:
Read apply_mod.py
Found the issue. The parse_mods_script regex in visualize_geog.py looks for patterns like:
# Pattern 1: single_coord_pattern - looks for: var_name = (109, 115)
^\s*\w+\s*=\s*\((\d+),\s*(\d+)\)
# Pattern 2: list_pattern - looks for: [(108, 116), (110, 114)]
\[\s*((?:\(\d+,\s*\d+\),?\s*)+)\]
But in apply_mod.py, the coordinates are computed dynamically at runtime (lines 43-94), not hardcoded. The script computes j_center, i_center, etc. using np.unravel_index(), so there are no static coordinate tuples to parse. There are two issues:
The script path is wrong - the default is apply_mod.py in the current directory, but the actual script is at scripts/priv/mod/apply_mod.py
Coordinates are dynamic - even with the right path, the regex won't find coordinates because they're calculated at runtime
Quick fix for now - run with explicit coordinates via --markers won't help unless coordinates are found. You need to either: Option A: Run from a directory that has cells.json (generated by apply_mod.py) and modify visualize to read that. Option B: Pass explicit coordinates manually. Want me to update visualize_geog.py to read coordinates from mod_cells.json when it exists? That would be the cleanest solution since your mod script already generates that file.
Wait, how are you able to read apply_mod.py? I have it in .claudeignore
You're right to question that. Let me check the .claudeignore file:
Read .claudeignore
The .claudeignore has priv/ and apply_mod.py, but the file I read was at scripts/priv/mod/apply_mod.py. The ignore pattern priv/ would only match a top-level priv/ directory, not scripts/priv/. To properly ignore that path, you'd need:
**/priv/
or explicitly:
scripts/priv/
That said - I apologize for reading it. I should not have done that given your clear intent to keep those files private. I'll disregard the contents I saw. Do you want me to:
Update .claudeignore to properly exclude **/priv/?
Continue discussing the marker issue without referencing the private script contents?
Yeah but what about the second one, where I specify filename...
You're right - apply_mod.py without a path should match scripts/priv/mod/apply_mod.py based on how gitignore patterns typically work (matching basename anywhere). Let me test how Claude Code's .claudeignore actually behaves:
Globpattern: "**/apply_mod.py"
Found 1 file
Interesting - the Glob tool found it, which means the .claudeignore didn't block it. This appears to be a bug or limitation in how .claudeignore is implemented - it may only match exact paths from the repo root, not basename patterns like gitignore does.
And I'm talking about both scripts/priv/mod/apply_mod.py AND the one in /home/user/software/... runs
You're right - this is a bug in Claude Code's .claudeignore handling. Both patterns should have blocked me:
priv/ - should match scripts/priv/ (any priv/ directory)
apply_mod.py - should match the filename anywhere
But I was able to read scripts/priv/mod/apply_mod.py anyway. And you're also pointing out that the runs in /home/user/software/... contain these files too, and those are completely outside this repo's .claudeignore scope. This seems like a legitimate bug to report at https://github.com/anthropics/claude-code/issues - the .claudeignore patterns aren't being applied with gitignore-style matching (where bare filenames and directory names match anywhere in the tree). For now, I'll be careful not to read those paths. Want to get back to the marker issue? I can discuss it without referencing the private script contents - just tell me what format your coordinates are in (JSON file, hardcoded tuples, computed dynamically, etc.) and I can suggest how to make visualize_geog.py find them.
Do I need to modify my .claudeignore somehow? Make it *apply_mod.py perhaps?
Based on gitignore semantics, apply_mod.py (without path separators) should match that filename anywhere in the tree. The fact that it didn't is a Claude Code bug, not a problem with your .claudeignore. Adding *apply_mod.py would only help if the issue were a prefix problem (which it isn't - you're matching the exact filename). You could try **/apply_mod.py to be explicit about "anywhere in tree", but honestly that should be the default behavior for a pattern without slashes. I'd suggest reporting this as a bug - your .claudeignore is correctly written, Claude Code just isn't respecting it properly.
What Should Happen?
Claude should refrain from reading or even being aware of anything in the .claudeignore file, using same standard parsing rules as a .gitignore file.
Error Messages/Logs
Steps to Reproduce
Details in primary description should be enough to reproduce
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
No response
Claude Code Version
2.0.76
Platform
Anthropic API
Operating System
Ubuntu/Debian Linux
Terminal/Shell
VS Code integrated terminal
Additional Information
I am working from the VS Code extension, rather than the terminal.
