[Bug] Permission System Fails to Respect Configured Settings

Resolved 💬 3 comments Opened Sep 4, 2025 by totaleasy Closed Sep 4, 2025

Bug Description

Bug Report: Claude Code v1.0.103 - Permission System Issues

Summary

Claude Code v1.0.103 has critical issues with the permission system that significantly impact developer productivity by constantly requesting authorization even when permissions are explicitly configured.

Environment

  • Claude Code Version: 1.0.103
  • Operating System: Windows (PowerShell)
  • Project Type: TypeScript/React Enterprise Application

Bug Description

Issue 1: Ignoring Existing Permissions

Claude Code consistently ignores permissions configured in .claude/settings.local.json, continuing to prompt for authorization even when explicit permissions are granted.

Expected Behavior:
When permissions are configured in .claude/settings.local.json, Claude Code should respect these settings and not prompt for authorization.

Actual Behavior:
Claude Code ignores the settings file and prompts for authorization on every file access attempt.

Issue 2: Permission Duplication

When users respond to authorization prompts, Claude Code duplicates permission entries in the settings file instead of recognizing existing permissions.

Example of Duplication:

{
  "permissions": {
    "allow": [
      "Read(/C:\\SOURCE\\stac-web\\src/**)",
      "Read(/C:\\SOURCE\\stac-web\\src/**)",
      "Read(/C:\\SOURCE\\stac-web\\src/**)"
    ]
  }
}

Issue 3: Configuration System Inconsistency

The legacy claude config system shows different available options compared to what's actually modifiable:

  • Error message claims only certain keys can be modified: allowedTools, hasTrustDialogAccepted, hasCompletedProjectOnboarding, ignorePatterns
  • But attempting to modify these often fails or has no effect
  • Migration to .claude/settings.local.json system appears incomplete or buggy

Steps to Reproduce

  1. Create .claude/settings.local.json with broad permissions:
{
  "$schema": "https://json.schemastore.org/claude-code-settings.json",
  "permissions": {
    "allow": [
      "Read(**)"
    ]
  }
}
  1. Run any Claude Code command that requires file access
  2. Observe that authorization prompt still appears despite explicit permission
  3. Respond "Yes" to authorization prompt
  4. Check .claude/settings.local.json - observe duplicated entries

Impact on Developer Experience

  • Workflow Interruption: Constant authorization prompts break development flow
  • Time Waste: Developers must repeatedly authorize the same operations
  • Inconsistent Behavior: Settings don't work as documented
  • Configuration Confusion: Multiple configuration systems that don't work reliably

Workaround Attempts

  1. claude config set hasTrustDialogAccepted true - Applied successfully but no effect
  2. claude config set auto-approve-read true - Not available in this version
  3. ❌ Global settings with --global flag - Limited options available
  4. ❌ Manual .claude/settings.local.json configuration - Ignored by the system
  5. ❌ Wildcard permissions like Read(**) - No effect

Expected Fix

  1. Respect Settings File: Claude Code should honor permissions configured in .claude/settings.local.json
  2. Prevent Duplication: Don't add duplicate entries when users authorize operations
  3. Improve Documentation: Clear guidance on which configuration method is current/supported
  4. Backward Compatibility: If migrating from old config system, provide clear migration path

Additional Context

This affects enterprise developers working with complex codebases who need reliable, uninterrupted access to project files. The current behavior makes Claude Code impractical for daily development workflow.

Suggested Priority

High - This significantly impacts core functionality and developer productivity.

Environment Info

  • Platform: win32
  • Terminal: vscode
  • Version: 1.0.103
  • Feedback ID: 89dd2cba-2073-4969-8685-bd1506b2ccfb

Errors

[]

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗