Debug log `Unhandled node type: file_redirect` leaks to user output from permission walker
Summary
The Bash permission walker emits Unhandled node type: file_redirect to user-visible output whenever it evaluates a command containing a shell redirect (>, >>, 2>&1, heredoc <<, or input redirect <). This is a developer diagnostic — a fallthrough log for AST node types the walker doesn't yet handle — that shipped to users.
Repro
Run any Bash command containing a redirect in a Claude Code session, e.g.:
ls 2>&1
Observe Unhandled node type: file_redirect printed alongside the approval prompt.
Expected
Either:
- the walker handles
file_redirect(and relatedredirected_statement,heredoc_body,pipeline,command_substitutionnode types) by unwrapping to the inner command, or - the diagnostic is downgraded to a debug-level log that doesn't surface in user-visible output.
Actual
The diagnostic line leaks on every Bash command that contains a redirect.
Scope
This issue is specifically about the user-visible log leak.
The broader concern — "allow-list should auto-match compound/piped commands when all parts are individually allowed" — is already tracked as a feature request in #46868. Implementing that feature would likely subsume this bug by adding real handlers for these node types, but the log leak is a distinct and more easily fixable issue on its own.
Environment
- Platform: Windows 11 (MSYS2 / Git Bash)
- Shell: bash
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗