MCPcopy Index your code
hub / github.com/codeaashu/claude-code / isClaudeSettingsPath

Function isClaudeSettingsPath

src/utils/permissions/filesystem.ts:200–222  ·  view source on GitHub ↗
(filePath: string)

Source from the content-addressed store, hash-verified

198}
199
200export function isClaudeSettingsPath(filePath: string): boolean {
201 // SECURITY: Normalize path structure first to prevent bypass via redundant ./
202 // sequences like `./.claude/./settings.json` which would evade the endsWith() check
203 const expandedPath = expandPath(filePath)
204
205 // Normalize for case-insensitive comparison to prevent bypassing security
206 // with paths like .cLauDe/Settings.locaL.json
207 const normalizedPath = normalizeCaseForComparison(expandedPath)
208
209 // Use platform separator so endsWith checks work on both Unix (/) and Windows (\)
210 if (
211 normalizedPath.endsWith(`${sep}.claude${sep}settings.json`) ||
212 normalizedPath.endsWith(`${sep}.claude${sep}settings.local.json`)
213 ) {
214 // Include .claude/settings.json even for other projects
215 return true
216 }
217 // Check for current project's settings files (including managed settings and CLI args)
218 // Both paths are now absolute and normalized for consistent comparison
219 return getSettingsPaths().some(
220 settingsPath => normalizeCaseForComparison(settingsPath) === normalizedPath,
221 )
222}
223
224// Always ask when Claude Code tries to edit its own config files
225function isClaudeConfigFilePath(filePath: string): boolean {

Callers 2

isClaudeConfigFilePathFunction · 0.85

Calls 3

expandPathFunction · 0.85
getSettingsPathsFunction · 0.85

Tested by

no test coverage detected