marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
claude-code-ultimate-guide/examples/config/settings.local.json.example
Florian BRUNIAUX 0630fcd883 feat: add configuration management and MCP secrets workflows (closes #16204) 
Major additions to address critical gaps in Claude Code configuration:

## New Documentation Sections

1. Section 3.2.1 "Version Control & Backup" (guide/ultimate-guide.md:4085)
   - Configuration hierarchy: global → project → local
   - Git strategy for ~/.claude (symlinks approach)
   - Backup strategies: Git remote, cloud sync, cron
   - Multi-machine sync workflows
   - Disaster recovery procedures
   - Documented .claude/settings.local.json (previously undocumented)

2. Section 8.3.1 "MCP Secrets Management" (guide/ultimate-guide.md:8113)
   - Three practical approaches: OS Keychain, .env, Secret Vaults
   - Secrets rotation workflow
   - Pre-commit secret detection
   - Verification checklist
   - Best practices summary

## New Templates

1. sync-claude-config.sh (examples/scripts/)
   - Commands: setup, sync, backup, restore, validate
   - .env parsing + envsubst for variable substitution
   - Git repo creation with symlinks
   - Validation checks (secrets not in Git)

2. pre-commit-secrets.sh (examples/hooks/bash/)
   - Detects 10+ secret patterns (OpenAI, GitHub, AWS, etc.)
   - Whitelist system for false positives
   - Clear error messages with remediation steps

3. settings.local.json.example (examples/config/)
   - Machine-specific overrides template
   - Example use cases and patterns

## Resource Evaluation

- Added docs/resource-evaluations/ratinaud-config-management-evaluation.md
- Score: 5/5 (CRITICAL)
- Validated via 3 Perplexity searches + technical-writer agent challenge
- Community demand: GitHub #16204 + brianlovin/claude-config

## Updated References

- machine-readable/reference.yaml: 22 new entries
- Configuration management sections
- MCP secrets workflows
- Community resources (Ratinaud, brianlovin, GitHub issue)

## Impact

- Security: Pre-commit hook prevents secret leaks
- Productivity: Multi-machine sync reduces manual reconfig
- Team coordination: Onboarding workflow for ~/.claude setup
- Disaster recovery: Backup/restore strategies documented

Credits:
- Martin Ratinaud (504 sessions, LinkedIn post)
- brianlovin/claude-config (community example)
- GitHub Issue #16204 (community request)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-02 18:17:42 +01:00

145 lines
3.5 KiB
JSON
Raw Blame History

{
"__comment": "settings.local.json - Machine-specific overrides (gitignored)",
"__usage": [
"This file allows you to override team settings.json without Git conflicts",
"Place in: .claude/settings.local.json (project) or ~/.claude/settings.local.json (global)",
"Precedence: global < project settings.json < settings.local.json",
"This file should be listed in .gitignore"
],
"__example_use_cases": [
"1. Skip linting on laptop (slower hardware)",
"2. Use different MCP endpoints for local development",
"3. Personal permission overrides without affecting team",
"4. Machine-specific hooks (e.g., notify Slack only on CI server)"
],
"hooks": {
"__comment": "Override team hooks for this machine only",
"PreToolUse": [
{
"__example": "Skip expensive pre-commit checks on laptop",
"matcher": "Bash|Edit|Write",
"hooks": [
{
"type": "command",
"command": "echo 'Skipping security check (local override)'",
"timeout": 100
}
]
}
],
"PostToolUse": [
{
"__example": "Disable auto-formatting on this machine (prefer manual)",
"matcher": "Edit|Write",
"hooks": []
}
],
"UserPromptSubmit": [
{
"__example": "Add machine-specific context (hostname, branch info)",
"matcher": "",
"hooks": [
{
"type": "command",
"command": ".claude/hooks/local-context.sh"
}
]
}
]
},
"permissions": {
"__comment": "Personal permission overrides (more permissive or restrictive)",
"allow": [
"Bash(npm *)",
"Bash(pnpm *)",
"Bash(git *)",
"Edit",
"Write",
"WebSearch"
],
"deny": [
"__example": "Block dangerous commands even if team allows them",
"Bash(rm -rf *)",
"Bash(sudo *)",
"Bash(dd *)",
"Bash(mkfs.*)"
],
"ask": [
"__example": "Ask before expensive operations (slow on laptop)",
"Bash(npm run build)",
"Bash(docker build)",
"Bash(cargo build --release)"
]
},
"mcpServers": {
"__comment": "Machine-specific MCP server overrides",
"__use_case": "Use local MCP server instead of team's remote endpoint",
"postgres": {
"__example": "Override team's production DB with local dev DB",
"command": "npx",
"args": ["@modelcontextprotocol/server-postgres"],
"env": {
"DATABASE_URL": "postgresql://localhost:5432/dev_db"
}
},
"serena": {
"__example": "Use local Serena build for development",
"command": "node",
"args": ["/Users/yourname/dev/serena-mcp/dist/index.js"],
"env": {
"DEBUG": "true"
}
}
},
"__real_world_examples": {
"__laptop_skip_heavy_checks": {
"hooks": {
"PreToolUse": [
{
"matcher": "Bash|Edit|Write",
"hooks": [
{
"type": "command",
"command": "true",
"timeout": 10
}
]
}
]
}
},
"__ci_server_strict": {
"permissions": {
"deny": [
"Bash(git push)",
"Bash(npm publish)",
"WebSearch"
]
}
},
"__local_dev_overrides": {
"mcpServers": {
"database": {
"env": {
"DATABASE_URL": "postgresql://localhost:5432/test"
}
}
}
}
}
}
Reference in a new issue View git blame Copy permalink