Skip to content

Load project-scoped .claude settings files#4

Merged
rblaine95 merged 2 commits into
masterfrom
rules-guard-settings-local
Jul 1, 2026
Merged

Load project-scoped .claude settings files#4
rblaine95 merged 2 commits into
masterfrom
rules-guard-settings-local

Conversation

@rblaine95

@rblaine95 rblaine95 commented Jul 1, 2026

Copy link
Copy Markdown
Owner

Summary

rules-guard now reads the two project-scoped Claude settings files under the working directory — .claude/settings.json (team-shared, committed) and .claude/settings.local.json (personal, git-ignored) — in addition to the existing ~/.claude/settings.json and ~/.claude/remote-settings.json. Their permissions.deny/permissions.allow rules are enforced across all omp tools.

Changes

  • index.ts — Replaced the inline CLAUDE_FILES .map(...) with a pure, injectable claudeFiles(home, cwd) helper (mirrors the home default on compileGlob/globSpecificity). It returns the two ~/.claude files plus <cwd>/.claude/settings.json and <cwd>/.claude/settings.local.json, resolved under the working directory. CLAUDE_FILES = claudeFiles() still feeds the unchanged loadPolicyEntries(), so the new sources merge through the same path. Docblock updated to list all four files.
  • README.md — Added Policy-sources rows for .claude/settings.json (project-shared) and .claude/settings.local.json (project-local), worded as additional project-scoped sources, not order-based overrides.
  • index.test.ts — Added tests: pure path resolution for claudeFiles (all four locations), and an end-to-end merge that writes real .claude/settings.json + .claude/settings.local.json under a project dir and loads them via loadPolicyEntries(claudeFiles(home, proj)) with distinct home/proj dirs so no path collides.

Design notes

  • Resolution point: both project files are anchored under cwd, not ~/.claude. This matches Claude Code, which looks for project settings in the current working directory and does not traverse parent directories (see anthropics/claude-code#12962).
  • Not an override: order is irrelevant. buildPolicy merges every entry and resolves path conflicts by glob specificity (ties → deny), so a project rule adds to the policy rather than winning by position.
  • Fail-open on absence: a missing or unparseable file is skipped by the existing try/catch in loadPolicyEntries — no behavior change when a file is not present.

Verification

  • bun test extensions/rules-guard/index.test.ts → 60 pass / 0 fail, 100% line + func coverage.
  • bun typecheck → clean (exit 0).
  • bun check (Biome) → passed (exit 0).

`rules-guard` now reads `<cwd>/.claude/settings.local.json` in addition
to the two `~/.claude` files, so machine-local project rules apply. The
inline settings-file list becomes a pure, injectable `claudeFiles(home,
cwd)` helper, matching `compileGlob`/`globSpecificity`, so resolution is
unit-testable.

The project-scoped file is an additional policy source, not an
order-based override: `buildPolicy` merges every entry and resolves
path conflicts by glob specificity (ties deny), so a local rule adds
to the policy rather than winning by being local. A missing or
unparseable file is skipped, as with the other sources.

Glory to the Omnissiah
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown

Warning

Review limit reached

@rblaine95, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 53 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: b78379da-95b7-4246-bf9c-44d7f69bf767

📥 Commits

Reviewing files that changed from the base of the PR and between 07ece20 and da77cdc.

📒 Files selected for processing (3)
  • extensions/rules-guard/README.md
  • extensions/rules-guard/index.test.ts
  • extensions/rules-guard/index.ts

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

`rules-guard` now reads `<cwd>/.claude/settings.json` in addition to the
project-local `settings.local.json`, so team-shared project rules that
are committed to source control are enforced too, not only the
git-ignored local overrides. Both project files are resolved under
`cwd`, matching Claude Code, which looks for project settings in the
working directory without traversing parent directories.

Order stays policy-irrelevant: `buildPolicy` merges every entry and
resolves conflicts by glob specificity (ties deny), so the shared file
adds rules rather than winning by position.

By the will of the Machine God
@rblaine95 rblaine95 changed the title Load project-scoped settings.local.json rules Load project-scoped .claude settings files Jul 1, 2026
Repository owner deleted a comment from coderabbitai Bot Jul 1, 2026
@rblaine95 rblaine95 merged commit 7b4616a into master Jul 1, 2026
2 checks passed
@rblaine95 rblaine95 deleted the rules-guard-settings-local branch July 1, 2026 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant