[BUG] Edit allow rule with wildcard does not prevent approval prompt for .claude/settings.json

Resolved 💬 3 comments Opened Mar 19, 2026 by rajivpoddar Closed May 1, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report
  • [x] I am using the latest version of Claude Code

What's Wrong?

User-level permissions.allow rule Edit(/Users/rajiv/Downloads/projects/heydonna-app-*/**) should cover edits to /Users/rajiv/Downloads/projects/heydonna-app-3001/.claude/settings.json, but Claude Code still prompts for approval.

Configuration

~/.claude/settings.json:

{
  "permissions": {
    "allow": [
      "Edit(/Users/rajiv/Downloads/projects/heydonna-app-*/**)",
      "Write(/Users/rajiv/Downloads/projects/heydonna-app-*/**)"
    ]
  }
}

Steps to Reproduce

  1. Set up the allow rule above in user-level settings
  2. Use the Edit tool to modify /Users/rajiv/Downloads/projects/heydonna-app-3001/.claude/settings.json
  3. Claude Code prompts "Do you want to make this edit to settings.json?" with 3 options (Yes / Yes allow .claude/ for session / No)

What Should Happen?

The edit should be auto-approved since the path matches the wildcard allow rule.

Related Issues

  • #22055 — Edit/Write tools bypass permissions.ask rules (related but opposite direction)
  • #18950 — Skills/subagents do not inherit user-level permissions

Version

Claude Code 2.1.78

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗