Edit/Write deny pattern '//bin/**' incorrectly matches project-relative bin/ directory
Bug Description
The Edit(//bin/**) and Write(//bin/**) deny patterns in .claude/settings.json are incorrectly matching project-relative bin/ directories (e.g., <project>/bin/webpack), not just the system /bin/ directory.
According to the documentation, the // prefix should represent an absolute filesystem root path, meaning //bin/** should only match /bin/** (system directory), not <project>/bin/**.
Steps to Reproduce
- Create
.claude/settings.jsonwith the following deny rules:
{
"permissions": {
"deny": [
"Edit(//bin/**)",
"Write(//bin/**)"
]
}
}
- Attempt to edit or create a file in the project's
bin/directory (e.g.,bin/webpack) - The operation is denied with:
File is in a directory that is denied by your permission settings.
Expected Behavior
Edit(//bin/**) should only deny editing files under the system /bin/ directory, not project-relative bin/ directories.
Actual Behavior
Edit(//bin/**) denies editing any file with bin/ in its path, including project files like /Users/user/repos/project/bin/webpack.
Environment
- Claude Code (CLI)
- macOS (Darwin 25.2.0)
Workaround
Remove Edit(//bin/**) and Write(//bin/**) from the deny list entirely. System /bin/ is protected by OS-level permissions anyway.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗