How to tell claude CLI agent to ignore directories (i.e. is there a ".claudeignore"?)
Resolved 💬 16 comments Opened Feb 25, 2025 by dannguyen Closed Feb 26, 2025
💡 Likely answer: A maintainer (bcherny, collaborator)
responded on this thread — see the highlighted reply below.
Was playing around with the CLI tool and noticed that for a relatively small project (<5000 tokens), Claude was regularly making queries using 120,000+ input tokens. I thought it would ignore ancillary code and cache folders (e.g. node_modules/) but I'm not so sure now; asking it if it ignores node_modules/ gives me inconsistent answers
Is there a way to specify that certain folders in a project codebase be ignored?
16 Comments
Another use case here is not wanting Claude to read or index (gitignored) secret files that contain things like API tokens.
Prior art/discussion: https://github.com/continuedev/continue/issues/4053, https://github.com/Aider-AI/aider/issues/282
We added
ignorePatternsin v0.2.18. Restart to get the update, and learn more in the docs: https://docs.anthropic.com/en/docs/agents-and-tools/claude-code/overview#project-configuration.Keep the feedback coming!
@bcherny ignorePatterns doesnt seem to be valid config in 0.2.19:
!Image
Also, will I save alot of tokens by excluding node_modules? I ran
summarize this project(without ignorePatterns) from the docs on my nextjs project with 89 files (no big ones) and that used 180k tokens. Is that normal?I understand that by excluding node_modules claude might not be as smart. But for simpler tasks, saving tokens might be worth it?
Im also wondering if I should ignore .git/ and .next/ (the output for builds/dev) folders?
For anyone else having this problem in version >0.2.19
<img width="600" alt="Image" src="https://github.com/user-attachments/assets/7ebeba16-815b-431e-9c99-aa8daa422dd0" />
The docs are out of date, it should now be
claude config set ignorePatterns node_modulesPosting here even though this issue is closed since it was the top indexed google search result.
hmm, how do you add multiple ignorePatterns? this feels like a bug and it should be
claude config add ignorePatternsas shown in the docs.@bcherny sorry for the ping but I think this issue should be reopened until the tool or docs are updated
Per a @bcherny response elsewhere (https://github.com/anthropics/claude-code/issues/166#issuecomment-2691489811), Claude Code now "ignore[s] anything in your .gitignore, but tools can still access these."
These docs mention
.claudeignore- https://docs.anthropic.com/en/docs/agents-and-tools/claude-code/troubleshooting#high-cpu-or-memory-usageIs that not accurate/used by Claude Code?
This seems to work: update your project's
.claude/settings.local.jsonfile with deny Read permissions:My results
~~This doesn't work with files. Specifically I can't see any way to prevent claude reading my .env file.~~
This does work but I had a trailing comma. Might be a good idea to display a message when this file can't be parsed and to not do anything until it can be.
It doesn't work for me either, even without a trailing comma messing things up. Claude just happily reads whatever file or directory I ask it to, even if it's listed in the
denysection.I asked it directly how I could prevent it from reading certain files and folders, and it told me to add them to .clignore. I did, but it also didn't work.
I'm seeing the same issue.
Claude does not seem to read the
.claude/settings.jsonor.claude/settings.local.jsonfiles in my project dir.❯ claude --version
1.0.70 (Claude Code)
This is very weak protection anyways, unless you carefully review every command. Claude can and will just run command-line tools to get the contents, no matter what the config says. If you want to be sure, you have to remove the permission on a file-system level.
For example, I'm using a VS Code dev container to run Claude in and want to prevent Claude from modifying it, so if it gets stuck with something, it can't try to break out of its box by modifying my container set-up (I don't know if it will attempt that, but I've seen enough examples of similar things to be concerned). Testing deny.Read in config:
There needs to be a more user-friendly way than using VMs/containers or separate OS users to prevent claude from modifying or reading protected files. That's not something a "normal" vibecoder will do and it's also not the default set-up for claude in the docs.
@alpaka You've got a very good point. With agentic systems, who can tell whether a tool down the stack will honour some passed down permission, or whether it's even passed down in the first place.
However, Claude's not off the hook with the settings doc. It's simply not being picked up. Whether some of it works or not in edge cases is yet another issue.
Totally agree they're not off the hook, the documentation is a bit of a mess, and we need a better solution especially for normal users who don't use containers.
But the issue is about if you can tell the software to ignore a directory, and settings.json is just not a reliable solution for that, although it might help with the original intent of saving Claude from putting in too much context. Pointing that out seems important to me, otherwise you will end up sending your secrets to Anthropic at some point.
Regarding settings.json, I should note that the setting is picked up "correctly" for me if I put it in settings.local.json inside my .claude project directory (you can see what that looks like above), but not if I put it in settings.json
This is not working for me, neither is
.claudeignore. How on earth does this exist without the ability to absolutely guarantee certain files or folders are not accessed/exfiltrated?This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.