[FEATURE] Feature request: treat equivalent commands uniformly in permission rules
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Commands that do the same thing via different spellings (e.g., npm test vs npx jest, python vs python3, grep vs rg) are currently independent in the permission system. A rule allowing one does not cover the other, leading to redundant rules and user confusion.
Users write Bash(npm test) and are surprised when npx jest (which npm test invokes) still prompts. Similarly, python vs python3, node vs npx, and tool-specific wrappers like ./gradlew vs gradle create friction. The current system is purely string-based, which is correct as a foundation but leaves a usability gap.
Proposed Solution
Proposed Behavior
Two possible approaches (not mutually exclusive):
A) User-defined aliases in settings:
{
"commandAliases": {
"python": ["python3", "python3.11"],
"test": ["npm test", "npx jest", "yarn test"]
}
}
B) Built-in equivalence for common cases:
The permission engine could ship a small set of known equivalences (e.g., python/python3, node/nodejs) that are applied automatically, with an opt-out.
Approach A is more flexible and less magical. Approach B reduces setup friction for common cases.
Current Workaround
List every variant explicitly in allow rules, or use broad wildcards like Bash(python*) which may overmatch.
Alternative Solutions
_No response_
Priority
Medium - Would be very helpful
Feature Category
Configuration and settings
Use Case Example
_No response_
Additional Context
_No response_
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗