Skip to content

Grep tool fails with EACCES on vendored ripgrep after bun install --production #1140

Open
Open
Grep tool fails with EACCES on vendored ripgrep after bun install --production#1140
Labels
bugSomething isn't working
@bluebox-steven

Description

@bluebox-steven
bluebox-steven
opened on Apr 1, 2026

Describe the bug
When using claude-code-action@v1, the action’s internal setup appears to install @anthropic-ai/claude-agent-sdk via Bun. In that setup path, the vendored ripgrep binary ends up non-executable on the runner, causing Grep tool calls to fail with EACCES:

EACCES: permission denied, posix_spawn '/home/runner/work/_actions/anthropics/claude-code-action/v1/node_modules/@anthropic-ai/claude-agent-sdk/vendor/ripgrep/x64-linux/rg'

This is especially disruptive in workflows that allow Grep but restrict Bash to a narrow set of scoped commands, because the run may then try shell grep fallbacks that are not permitted.

To Reproduce
Steps to reproduce the behavior:

  1. Run claude-code-action@v1 on a GitHub-hosted ubuntu-24.04 runner.
  2. Configure --allowedTools to allow Grep but restrict Bash to scoped commands only.
  3. Trigger a task that causes Claude to use the Grep tool.
  4. Observe that the action’s internal setup uses Bun and installs @anthropic-ai/claude-agent-sdk.
  5. See Grep fail with EACCES when spawning the vendored rg binary.

Expected behavior
The vendored ripgrep binary should be executable after bun install --production, and the Grep tool should work normally without falling back to blocked shell commands.

Screenshots
Not applicable.

Workflow yml file
The relevant setup is:

  • oven-sh/setup-bun
  • bun install --production
  • --allowedTools includes Read, Grep, and Glob
  • Bash is restricted to scoped commands such as Bash(git diff:*), Bash(git log:*), Bash(git show:*), Bash(gh pr view:*), etc.

API Provider

[ ] Anthropic First-Party API (default)
[x] AWS Bedrock
[ ] GCP Vertex

Additional context
Environment from the failing run:

  • Runner: GitHub-hosted ubuntu-24.04
  • Action version: claude-code-action@v1
  • Action SHA: bee87b3258c251f9279e5371b0cc3660f37f3f77
  • @anthropic-ai/claude-agent-sdk: 0.2.89
  • Bun: 1.3.6+d530ed993

The run log shows:

  • oven-sh/setup-bun executed
  • bun install --production installed @anthropic-ai/claude-agent-sdk@0.2.89
  • subsequent Grep tool calls failed repeatedly with EACCES on the vendored rg binary
  • later in the run, shell grep commands were attempted instead, which is problematic in restricted-tool workflows

Possible workaround / mitigation:

find "${GITHUB_ACTION_PATH}/node_modules/@anthropic-ai/claude-agent-sdk/vendor/ripgrep" -name "rg" -type f -exec chmod +x {} \;

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions