Team-wide Claude Code permissions for the dev workflows actually
used in this repo (cargo, npm, docker, psql, curl, git, gh, jq,
exploration commands, common env-var prefixes), plus a targeted
denylist for the destructive operations that warrant explicit
confirmation (force-push, push to main, branch -D, docker prune
variants, rm -rf outside the project tree, sudo / passwd / dd).
* .claude/settings.json — checked-in team-wide config
(125 allow rules, 55 deny rules)
* .claude/settings.local.json — gitignored, kept as the
holding pen for personal in-session grants
* .gitignore — adds the .local.json exclusion
The permissive shape is "allow everything common, deny the
specifically destructive." Mid-pattern wildcards in Bash rules
aren't actually supported by the matcher; the deny list only
uses prefix patterns that the engine respects.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
