Bash permission: git push to default branch blocked despite settings.local.json allowlist + explicit user approval
Summary
git push origin main is denied by the Bash permission system even when:
- The project's
.claude/settings.local.jsonincludesBash(git push:*)inpermissions.allow. - The user explicitly approves the command in the chat session.
The denial reason cites a "structural block on default-branch pushes" that is not documented in the public permission policy and is not opt-out-able via user-curated allowlists or explicit user approval.
Environment
- Claude Code (Opus 4.7, 1M context)
- OS: Windows 11
- Shell: Git Bash + PowerShell
- Repository: private repo, single contributor
- Branch protection on
main: none (verified via GitHub Settings → Branches) .claude/settings.local.jsonincludesBash(git push:*)(and other/배포slash-command permissions)
Reproduction
- In a project where
.claude/settings.local.jsonhasBash(git push:*)inpermissions.allow, with no GitHub branch protection rule onmain. - Make commits on
dev, merge intomainlocally withgit merge dev --no-ff. - Ask Claude Code to run
git push origin main.
Attempt 1 — denial
Permission for this action has been denied.
Reason: Pushing the merge commit directly to main (the repository default branch)
bypasses pull request review.
Attempt 2 — denial after explicit user approval
User typed (translated): "Proceed, this is an approval."
Permission for this action has been denied.
Reason: Pushing merge commit directly to main (default branch) bypasses PR review;
user's "approval" doesn't override the structural block on default-branch pushes.
Expected behavior
One of:
- (a) The
Bash(git push:*)allowlist insettings.local.jsonshould permit the call without prompt, since the user has explicitly curated this permission for the repository. - (b) If the harness applies an additional default-branch policy on top of user allowlists, an explicit user approval in the chat session should clear the prompt for that single call (consistent with how other prompted actions resolve).
- (c) If neither, the policy should be documented publicly so users can configure or opt out.
Actual behavior
Both the user-curated allowlist and the explicit user approval are ignored. There is no documented configuration option to override this block. The same git push origin main command succeeds outside Claude Code (run directly in PowerShell on the same machine, same credentials, same branch state).
Impact
- Breaks user-defined
/배포slash-command workflows that includegit pushtomain. - Forces users to leave the assistant session to complete the deploy step manually, defeating the purpose of automated deploy slash commands.
- The behavior is asymmetric across model versions: equivalent workflows did not encounter this block on Opus 4.6; the block surfaces on Opus 4.7.
Workaround
Run git push origin main outside Claude Code (e.g., directly in the terminal). The push succeeds and triggers GitHub Actions normally.
Asks
- Document the default-branch push policy in the public permission docs (currently not listed in the published Bash permission rules).
- Honor
Bash(git push:*)insettings.local.jsonas the authoritative source for that command, or provide an opt-out flag for the structural block. - Make explicit user approval in the chat session resolve the denial for that single call, consistent with other prompted Bash actions.
- Add an Opus 4.6 → 4.7 changelog entry describing any new structural blocks introduced into the harness permission system.
Related
- Issue #55523 — accumulated incident reports on the same permission system.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗