[FEATURE] VS Code extension should respect permissions allowlist from settings.json
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
he CLI version of Claude Code allows users to configure granular tool permissions via .claude/settings.json, enabling specific commands to run without manual approval while keeping dangerous operations locked down. However, the VS Code Claude Code extension does not appear to honor these same permission allowlists.
This creates a significant limitation: users cannot run autonomous or semi-autonomous coding sessions in VS Code because every tool invocation requires manual approval, even for safe, pre-approved operations.
Proposed Solution
The VS Code extension should read and respect the permissions.allow configuration from:
- .claude/settings.json (project-level)
- .claude/settings.local.json (local, gitignored overrides)
- ~/.claude/settings.json (global user settings)
This would bring the VS Code experience in line with the CLI, allowing the same granular permission model across both interfaces.
Alternative Solutions
_No response_
Priority
High - Significant impact on productivity
Feature Category
Configuration and settings
Use Case Example
I want to set Claude on long-running tasks overnight (e.g., implementing a feature, fixing a batch of bugs, or running a test-driven development loop) without needing to be present to approve every tool use.
However, I don't want to grant blanket permissions for all operations—that would be dangerous. I want to allow:
- Safe read operations (Read(**))
- Git commands (Bash(git:*))
- Package manager commands (Bash(npm:), Bash(pnpm:))
- Test runners (Bash(vitest:), Bash(jest:))
- Linting/formatting (Bash(eslint:), Bash(prettier:))
While still requiring approval for:
- Arbitrary shell commands
- File deletions outside of safe patterns
- Network operations beyond known safe domains
- Any destructive git operations like push --force
Current state: In VS Code, I cannot do this. Every action requires approval, making overnight or unattended sessions impossible.
Desired state: My .claude/settings.json allowlist is respected, so Claude can work autonomously within the boundaries I've defined.
Additional Context
_No response_
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗