anthropics
[BUG] project's .claude/settings.local.json does not work
Environment
- Platform (select one):
- [ ] Anthropic API
- [x] AWS Bedrock
- [ ] Google Vertex AI
- [ ] Other:
- Claude CLI version: 1.0.21
- Operating System: macos15.5
- Terminal: Terminal App
Bug Description
.claude/settings.local.json in my project like this
{
"permissions": {
"allow": [
"Bash(python:*)",
"Bash(find:*)",
"Bash(pip:*)",
"Bash(mkdir:*)",
"Bash(rg:*)",
"Bash(grep:*)",
"Bash(pytest:*)",
"Bash(rm:*)",
"Bash(git:*)"
],
"deny": []
}
}
claude: "Bash(git commit -m "Remove obsolete requirements.txt file…)"
then i get
Bash command │
│ │
│ git commit -m "Remove obsolete requirements.txt file │
│ │
│ Dependencies are now managed through pyproject.toml which provides │
│ better dependency management and follows modern Python packaging standards. │
│ The requirements.txt contained 44 transitive dependencies while pyproject.toml │
│ manages only the 12 direct dependencies needed. │
│ │
│ 🤖 Generated with [Claude Code](https://claude.ai/code) │
│ │
│ Co-Authored-By: Claude <[email protected]>" │
│ Commit the deletion with detailed message │
│ │
│ Do you want to proceed? │
│ ❯ 1. Yes │
│ 2. No, and tell Claude what to do differently (esc)
Please note that I have set "Bash(git:*)" to the permissions.
Steps to Reproduce
-
claude -
commit code for me
@ishowshao does this happen for all git commit commands, or just this one? we have some safety protections to prevent command injection that might have been too sensitive here.
@rboyce-ant
Is there docs around this format of wildcards? It is not quite clear what git:* means. I constantly see issues with other binaries.
@rboyce-ant Is there docs around this format of wildcards? It is not quite clear what
git:*means. I constantly see issues with other binaries.
https://docs.anthropic.com/en/docs/claude-code/settings#settings-files
FWIW I'm seeing similar issues, but for me it's not just with git, but also grep, find, rg, and other tools like that. I even have these tools allowed in my ~/.claude/settings.json file too, but Claude Code still often likes to have an additional confirmation for some reason.
Try removing it from Claude code settings
Then I hardcoded every combo possible in local.settings.json and created a shadow file and script in case Claude code nukes it which it has
Seems to work but PITA
On Tue, Jul 1, 2025 at 6:24 AM Tobias Bieniek @.***> wrote:
Turbo87 left a comment (anthropics/claude-code#2014) https://github.com/anthropics/claude-code/issues/2014#issuecomment-3023232025
FWIW I'm seeing similar issues, but for me it's not just with git, but also grep, find, rg, and other tools like that. I even have these tools allowed in my ~/.claude/settings.json` file too, but Claude Code still often likes to have an additional confirmation for some reason.
— Reply to this email directly, view it on GitHub https://github.com/anthropics/claude-code/issues/2014#issuecomment-3023232025, or unsubscribe https://github.com/notifications/unsubscribe-auth/BS3T2UOQMZJ7PGW7KENLPA33GJOUJAVCNFSM6AAAAAB7F3UKZGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTAMRTGIZTEMBSGU . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Is this getting addressed? Even when I have dangerously skip permissions on I still get stuck in this PITA loop
Similar experience. We're using bedrock, us.anthropic.claude-sonnet-4-20250514-v1:0. Especially with sub commands like with az, the azure cli.
Bash - works
Bash(*) - does not work
Bash(az*) - does not work
Bash(az *) - does not work
Bash(az *:*) - does not work
I would also like to see the documentation updated to be more specific about the regex structure, particularly since I can't look at source code.
I've got the same problem and it seems to ask now for every tool even those listed in the .claude/settings.local.json file.
@jimweller Permission rules only support prefix matches, not wildcards. In your case, you'd want Bash(az:*) Documentation is here: https://docs.anthropic.com/en/docs/claude-code/iam#tool-specific-permission-rules
@rboyce-ant , what is the significance of the colon in Bash(az:*)? If this is a shell glob I assume a prefix match would be Bash(az*), so what is the colon for?
Similar problem here (but regular claude code): i have "Bash(mvn:*)" in my settings.local.json file -- seems like "short" mvn commands are fine but longer ones as seen below are prompted again and again and again which is really productivity-reducing
Bash(mvn -pl Core -am test-compile -q)
⎿ (No content)
⏺ Great! The test compilation worked. Now let me run the specific tests I created to verify they work:
⏺ Bash(mvn -pl Core -am -Dtest=ProjectEnvStreamObserverReactorImplTest#testEventIdIncludedWhenConfigured -Dsurefire.failIfNoSpecifiedTests=false test)
⎿ Running…
╭───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ Bash command │
│ │
│ mvn -pl Core -am -Dtest=ProjectEnvStreamObserverReactorImplTest#testEventIdIncludedWhenConfigured -Dsurefire.failIfNoSpecifiedTests=false test │
│ Run the test to verify event ID is included when configured │
│ │
│ Do you want to proceed? │
│ ❯ 1. Yes │
│ 2. No, and tell Claude what to do differently (esc)
