Permission allow pattern fails to match Bash commands containing literal double quotes
Description
Bash(jq:*) in settings.json permissions.allow fails to auto-allow commands when the command string contains literal double-quote characters inside single-quoted arguments.
Steps to Reproduce
- Add
"Bash(jq:*)"topermissions.allowin~/.claude/settings.json - Run these commands in Claude Code:
jq --version # ✅ auto-allowed
jq -n '42' # ✅ auto-allowed
jq -n '"hello"' # ❌ prompts for permission
The same issue affects other allowed commands when combined with jq via pipe:
curl -s "https://example.com/api" -o /tmp/out.json # ✅ auto-allowed (Bash(curl:*))
curl -s "https://example.com/api" | jq '.foo' # ✅ auto-allowed (no " in jq expr)
jq '[.values[] | select(.name == "test")]' /tmp/f.json # ❌ prompts (literal " in args)
Expected Behavior
Bash(jq:*) should match any command starting with jq, regardless of quote characters in the arguments.
Actual Behavior
The permission pattern fails to match when the command arguments contain literal " characters (typically inside single-quoted jq expressions). The user is prompted with the standard "Allow this bash command?" dialog.
Environment
- Claude Code VSCode Extension
- macOS (Darwin 24.6.0)
defaultMode: "acceptEdits"in settings.json- jq 1.7.1
Workaround
Write output to a file first (curl -o /tmp/file.json), then process with jq using only non-quoted expressions, or read the file via the Read tool instead.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗