Describe the bug
When using claude-code-action@v1, the action’s internal setup appears to install @anthropic-ai/claude-agent-sdk via Bun. In that setup path, the vendored ripgrep binary ends up non-executable on the runner, causing Grep tool calls to fail with EACCES:
EACCES: permission denied, posix_spawn '/home/runner/work/_actions/anthropics/claude-code-action/v1/node_modules/@anthropic-ai/claude-agent-sdk/vendor/ripgrep/x64-linux/rg'
This is especially disruptive in workflows that allow Grep but restrict Bash to a narrow set of scoped commands, because the run may then try shell grep fallbacks that are not permitted.
To Reproduce
Steps to reproduce the behavior:
- Run
claude-code-action@v1 on a GitHub-hosted ubuntu-24.04 runner.
- Configure
--allowedTools to allow Grep but restrict Bash to scoped commands only.
- Trigger a task that causes Claude to use the
Grep tool.
- Observe that the action’s internal setup uses Bun and installs
@anthropic-ai/claude-agent-sdk.
- See
Grep fail with EACCES when spawning the vendored rg binary.
Expected behavior
The vendored ripgrep binary should be executable after bun install --production, and the Grep tool should work normally without falling back to blocked shell commands.
Screenshots
Not applicable.
Workflow yml file
The relevant setup is:
oven-sh/setup-bunbun install --production--allowedTools includes Read, Grep, and GlobBash is restricted to scoped commands such as Bash(git diff:*), Bash(git log:*), Bash(git show:*), Bash(gh pr view:*), etc.
API Provider
[ ] Anthropic First-Party API (default)
[x] AWS Bedrock
[ ] GCP Vertex
Additional context
Environment from the failing run:
- Runner:
GitHub-hosted ubuntu-24.04
- Action version:
claude-code-action@v1
- Action SHA:
bee87b3258c251f9279e5371b0cc3660f37f3f77
@anthropic-ai/claude-agent-sdk: 0.2.89- Bun:
1.3.6+d530ed993
The run log shows:
oven-sh/setup-bun executedbun install --production installed @anthropic-ai/[email protected]- subsequent
Grep tool calls failed repeatedly with EACCES on the vendored rg binary
- later in the run, shell
grep commands were attempted instead, which is problematic in restricted-tool workflows
Possible workaround / mitigation:
find "${GITHUB_ACTION_PATH}/node_modules/@anthropic-ai/claude-agent-sdk/vendor/ripgrep" -name "rg" -type f -exec chmod +x {} \;
Describe the bug
When using
claude-code-action@v1, the action’s internal setup appears to install@anthropic-ai/claude-agent-sdkvia Bun. In that setup path, the vendoredripgrepbinary ends up non-executable on the runner, causing Grep tool calls to fail withEACCES:This is especially disruptive in workflows that allow
Grepbut restrictBashto a narrow set of scoped commands, because the run may then try shellgrepfallbacks that are not permitted.To Reproduce
Steps to reproduce the behavior:
claude-code-action@v1on a GitHub-hostedubuntu-24.04runner.--allowedToolsto allowGrepbut restrictBashto scoped commands only.Greptool.@anthropic-ai/claude-agent-sdk.Grepfail withEACCESwhen spawning the vendoredrgbinary.Expected behavior
The vendored
ripgrepbinary should be executable afterbun install --production, and theGreptool should work normally without falling back to blocked shell commands.Screenshots
Not applicable.
Workflow yml file
The relevant setup is:
oven-sh/setup-bunbun install --production--allowedToolsincludesRead,Grep, andGlobBashis restricted to scoped commands such asBash(git diff:*),Bash(git log:*),Bash(git show:*),Bash(gh pr view:*), etc.API Provider
[ ] Anthropic First-Party API (default)
[x] AWS Bedrock
[ ] GCP Vertex
Additional context
Environment from the failing run:
GitHub-hosted ubuntu-24.04claude-code-action@v1bee87b3258c251f9279e5371b0cc3660f37f3f77@anthropic-ai/claude-agent-sdk:0.2.891.3.6+d530ed993The run log shows:
oven-sh/setup-bunexecutedbun install --productioninstalled@anthropic-ai/[email protected]Greptool calls failed repeatedly withEACCESon the vendoredrgbinarygrepcommands were attempted instead, which is problematic in restricted-tool workflowsPossible workaround / mitigation: