[BUG] Path-based permission rules fail due to undocumented bypass mechanism

Resolved 💬 2 comments Opened Jan 9, 2026 by jodidac Closed Jan 9, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

PROBLEM

Path-based permission patterns fail to match, requiring manual approval despite explicit
configuration:

Configure: Write(/home/user/project/**)
Action: Write to /home/user/project/src/file.txt
Expected: Auto-approve (pattern matches)
Actual: Permission prompt every time

Impact: HIGH - All v2.1.2+ users with path-based permissions, no workaround available

ROOT CAUSE

Discovered through code instrumentation and analysis:

  1. BYPASS MECHANISM (cli.js:2342)

Function Rl5 implements fast-path bypass via 6th parameter (J):

async(Q,I,G,Z,Y,J) => {
return (J !== void 0 ? Promise.resolve(J) : GL(Q,I,G,Z,Y))
}

When J is defined, entire GL → Es → fC → Vr2 chain is skipped.

  1. EVIDENCE

ES6-compatible instrumentation proves ZERO executions:

  • GL: 0 calls
  • Es: 0 calls
  • fC: 0 calls
  • Vr2: 0 calls

See: permissions-debug-fase1.log

  1. PRE-CHECKER BUG

Fast-path pre-checker computes parameter J before Rl5.
Location: Unknown (minified code blocks tracing)
Bug: Likely same as fC (line 2004) - only handles root === "/" case

fC code (deobfuscated):

if (root === "/") {
if (pattern.startsWith("/")) {
pattern = pattern.slice(1);
}
}
// BUG: Missing case for root !== "/"

  1. FIX (3 lines, tested on fC)

if (root !== null && root !== "/" && pattern.startsWith(root)) {
pattern = pattern.slice(root.length);
if (pattern.startsWith("/")) pattern = pattern.slice(1);
}

  1. Apply this fix to the pre-checker (once located in source).

README-FOR-ANTHROPIC.txt
DEEP-DIVE-SESSION.md
AUTONOMOUS-SESSION-SUMMARY.md
FINAL-INVESTIGATION-REPORT.md
PATTERN-SEARCH-FINDINGS.md
BREAKTHROUGH-FINDINGS.md
INVESTIGATION-COMPLETE.md
BUG-REPORT.md
test-real-bug.js
deobfuscated-permissions.js
DATAFLOW.md

permissions-debug-fase1.log
test-completo-es6.js

What Should Happen?

Path-based permission patterns should auto-approve matching operations without prompting. Example: Write(/home/user/project/**) should silently allow writes to /home/user/project/src/file.txt

Error Messages/Logs

No error logs

Steps to Reproduce

permissions-debug-fase1.log
test-completo-es6.js

Claude Model

Sonnet (default)

Is this a regression?

No, this never worked

Last Working Version

_No response_

Claude Code Version

v2.0.37

Platform

Anthropic API

Operating System

Ubuntu/Debian Linux

Terminal/Shell

Xterm

Additional Information

README-FOR-ANTHROPIC.txt
DEEP-DIVE-SESSION.md
AUTONOMOUS-SESSION-SUMMARY.md
FINAL-INVESTIGATION-REPORT.md
PATTERN-SEARCH-FINDINGS.md
BREAKTHROUGH-FINDINGS.md
INVESTIGATION-COMPLETE.md
BUG-REPORT.md
test-real-bug.js
deobfuscated-permissions.js
DATAFLOW.md

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗