feat(claude-code-settings): add managed/enterprise settings fields (SchemaStore#5389)

ant-kurt · bogini · web-flow · commit 10f7f8584efd · 2026-02-20T21:41:19.000Z
Co-authored-by: bogini &lt;bogini@users.noreply.github.com&gt;
diff --git a/src/negative_test/claude-code-settings/invalid-managed-settings.json b/src/negative_test/claude-code-settings/invalid-managed-settings.json
@@ -0,0 +1,13 @@
+{
+  "allowManagedMcpServersOnly": "yes",
+  "blockedMarketplaces": [
+    {
+      "source": "github"
+    }
+  ],
+  "sandbox": {
+    "network": {
+      "allowManagedDomainsOnly": "yes"
+    }
+  }
+}
diff --git a/src/schemas/json/claude-code-settings.json b/src/schemas/json/claude-code-settings.json
@@ -1012,13 +1012,9 @@
               },
               "description": "Allowlist of network domains for sandboxed commands. Supports wildcard patterns like *.example.com"
             },
-            "deniedDomains": {
-              "type": "array",
-              "items": {
-                "type": "string",
-                "minLength": 1
-              },
-              "description": "Denylist of network domains for sandboxed commands. Supports wildcard patterns like *.example.com"
+            "allowManagedDomainsOnly": {
+              "type": "boolean",
+              "description": "(Managed settings only) Only allowedDomains and WebFetch(domain:...) allow rules from managed settings are respected. User, project, local, and flag settings domains are ignored. Denied domains are still respected from all sources."
             }
           },
           "additionalProperties": false
@@ -1177,6 +1173,118 @@
         "additionalProperties": false
       },
       "description": "Per-plugin configuration including MCP server user configs, keyed by plugin ID (plugin@marketplace format). See https://code.claude.com/docs/en/plugins"
+    },
+    "allowManagedMcpServersOnly": {
+      "type": "boolean",
+      "description": "(Managed settings only) Only allowedMcpServers from managed settings are respected. deniedMcpServers still merges from all sources. Users can still add their own MCP servers, but only the admin-defined allowlist applies."
+    },
+    "blockedMarketplaces": {
+      "type": "array",
+      "description": "(Managed settings only) Blocklist of marketplace sources. These exact sources are blocked from being added as marketplaces. The check happens before downloading, so blocked sources never touch the filesystem.",
+      "items": {
+        "anyOf": [
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "url" },
+              "url": {
+                "type": "string",
+                "format": "uri",
+                "description": "Direct URL to marketplace.json file"
+              },
+              "headers": {
+                "type": "object",
+                "additionalProperties": { "type": "string" },
+                "description": "Custom HTTP headers (e.g., for authentication)"
+              }
+            },
+            "required": ["source", "url"]
+          },
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "github" },
+              "repo": {
+                "type": "string",
+                "description": "GitHub repository in owner/repo format"
+              },
+              "ref": {
+                "type": "string",
+                "description": "Git branch or tag to use"
+              },
+              "path": {
+                "type": "string",
+                "description": "Path to marketplace.json within repo"
+              }
+            },
+            "required": ["source", "repo"]
+          },
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "git" },
+              "url": {
+                "type": "string",
+                "pattern": ".*\\.git$",
+                "description": "Full git repository URL"
+              },
+              "ref": {
+                "type": "string",
+                "description": "Git branch or tag to use"
+              },
+              "path": {
+                "type": "string",
+                "description": "Path to marketplace.json within repo"
+              }
+            },
+            "required": ["source", "url"]
+          },
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "npm" },
+              "package": {
+                "type": "string",
+                "description": "NPM package containing marketplace.json"
+              }
+            },
+            "required": ["source", "package"]
+          },
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "file" },
+              "path": {
+                "type": "string",
+                "description": "Local file path to marketplace.json"
+              }
+            },
+            "required": ["source", "path"]
+          },
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "directory" },
+              "path": {
+                "type": "string",
+                "description": "Local directory containing .claude-plugin/marketplace.json"
+              }
+            },
+            "required": ["source", "path"]
+          },
+          {
+            "type": "object",
+            "properties": {
+              "source": { "type": "string", "const": "hostPattern" },
+              "hostPattern": {
+                "type": "string",
+                "description": "Regex pattern to match the host/domain extracted from any marketplace source type"
+              }
+            },
+            "required": ["source", "hostPattern"]
+          }
+        ]
+      }
     }
   },
   "title": "Claude Code Settings"
diff --git a/src/test/claude-code-settings/managed-settings.json b/src/test/claude-code-settings/managed-settings.json
@@ -0,0 +1,44 @@
+{
+  "allowManagedHooksOnly": true,
+  "allowManagedMcpServersOnly": true,
+  "allowManagedPermissionRulesOnly": true,
+  "allowedMcpServers": [
+    {
+      "serverName": "approved-server"
+    },
+    {
+      "serverUrl": "https://mcp.company.com/*"
+    }
+  ],
+  "blockedMarketplaces": [
+    {
+      "repo": "untrusted-org/plugins",
+      "source": "github"
+    },
+    {
+      "package": "malicious-plugins",
+      "source": "npm"
+    },
+    {
+      "hostPattern": "^untrusted\\.example\\.com$",
+      "source": "hostPattern"
+    }
+  ],
+  "deniedMcpServers": [
+    {
+      "serverName": "dangerous-server"
+    }
+  ],
+  "disableAllHooks": false,
+  "permissions": {
+    "allow": ["Bash(git:*)", "Read"],
+    "deny": ["Bash(rm:*)"]
+  },
+  "sandbox": {
+    "enabled": true,
+    "network": {
+      "allowManagedDomainsOnly": true,
+      "allowedDomains": ["*.company.com", "registry.npmjs.org"]
+    }
+  }
+}
diff --git a/src/test/claude-code-settings/modern-complete-config.json b/src/test/claude-code-settings/modern-complete-config.json
@@ -118,9 +118,9 @@
     "network": {
       "allowAllUnixSockets": false,
       "allowLocalBinding": true,
+      "allowManagedDomainsOnly": true,
       "allowUnixSockets": ["/var/run/docker.sock"],
       "allowedDomains": ["github.com", "*.npmjs.org", "registry.yarnpkg.com"],
-      "deniedDomains": ["malware.example"],
       "httpProxyPort": 8080,
       "socksProxyPort": 8081
     }
