Bash permission pattern with wildcard not matching commands with redirects
Resolved 💬 6 comments Opened Dec 5, 2025 by snelling-a Closed Feb 7, 2026
Description
Bash permission patterns using wildcards (*) are not matching commands that include shell redirects like 2>&1, even though they should based on prefix matching logic.
Environment
- Claude Code version: 2.0.59
- Platform: macOS (Darwin 24.6.0)
Configuration
In ~/.claude/settings.json:
{
"permissions": {
"allow": [
"Bash(npm run test*)",
...
]
}
}
Expected Behavior
The pattern Bash(npm run test*) should match:
npm run testnpm run test 2>&1npm run test:unit
Since * is a wildcard that should match any characters after npm run test.
Actual Behavior
Claude Code prompts for permission when running npm run test 2>&1, even though the pattern Bash(npm run test*) is in the allow list.
Notes
- Version 1.0.123 changelog states: "Bash permission rules now support output redirections when matching (e.g.,
Bash(python:*)matchespython script.py > output.txt)" - This suggests redirects should be handled, but they don't appear to be working with
2>&1 - The piped version
npm run test 2>&1 | head -200also doesn't match, which may be expected behavior due to shell operator security (preventingsafe-cmd && malicious-cmdbypasses), but the non-piped redirect case should work
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗