[BUG] Permission glob matching still fails on '- sequence in arguments (re: #22581, #16449)

Resolved 💬 5 comments Opened Feb 20, 2026 by rekrevs Closed Apr 2, 2026

Summary

This is a follow-up to #22581 and #16449, both of which were closed as inactive.
The bug is still present as of v2.1.49.

Bash permission rules fail to match commands when an argument contains the
character sequence '- (single quote followed by hyphen), even though the
glob pattern matches the command path correctly.

Environment

  • Claude Code version: 2.1.49
  • OS: macOS (Darwin 25.2.0)
  • Architecture: arm64

Steps to Reproduce

Add permission rule to .claude/settings.local.json:

{
  "permissions": {
    "allow": ["Bash(sqlite3:*)"]
  }
}

Run commands in Claude Code:

# WORKS — no permission prompt:
sqlite3 mydb.db "SELECT 1"
sqlite3 mydb.db "SELECT -1"
sqlite3 mydb.db "SELECT 'test'"
sqlite3 mydb.db "SELECT 'a', 'b'"

# FAILS — prompts for permission despite matching Bash(sqlite3:*):
sqlite3 mydb.db "SELECT '-1'"
sqlite3 mydb.db "SELECT datetime('now', '-7 days')"

Expected Behavior

All commands should auto-match Bash(sqlite3:*) since they start with sqlite3.
The glob pattern should match against the command prefix, not parse or validate argument contents.

Actual Behavior

Any command with '- in the argument string triggers a permission prompt, even though the command itself matches the rule.

Ablation Table

| Command | Result |
|---|---|
| sqlite3 db "SELECT 1" | ✅ Auto-allowed |
| sqlite3 db "SELECT -1" | ✅ Auto-allowed |
| sqlite3 db "SELECT 'test'" | ✅ Auto-allowed |
| sqlite3 db "SELECT 'a', 'b'" | ✅ Auto-allowed |
| sqlite3 db "SELECT coalesce('a', 'b')" | ✅ Auto-allowed |
| sqlite3 db "SELECT '-1'" | ❌ Prompts |
| sqlite3 db "SELECT coalesce('a', '-1')" | ❌ Prompts |
| sqlite3 db "SELECT datetime('now', '-7 days')" | ❌ Prompts |

The triggering pattern is specifically '- (single quote immediately followed by hyphen).

Root Cause Hypothesis

The '- sequence is likely being interpreted as a glob character class
(e.g., '[a-z]' style range syntax) rather than as literal characters in an argument string.

Impact

This breaks permission rules for any tool that accepts SQLite datetime modifiers such as
datetime('now', '-7 days') or datetime('now', '-1 month') — a very common pattern for
date-range queries. Users must manually approve every such invocation, defeating the purpose
of the allow rule.

References

  • #22581 — closed as inactive
  • #16449 — closed as inactive

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗