From 19984e1ad815aeb078e2850cfc9c0443e08732cc Mon Sep 17 00:00:00 2001 From: Adam Van Prooyen Date: Tue, 17 Mar 2026 23:27:41 -0700 Subject: [PATCH] Fix Claude Desktop config overwrite when using save panel When the save panel fallback is used (first run, no security-scoped bookmark), the existing config file contents were lost because loadConfig() couldn't read the file due to sandbox restrictions. The save panel grants file access, so re-read and merge the existing config before writing instead of overwriting with the empty default. Co-Authored-By: Claude Opus 4.6 (1M context) --- App/Integrations/ClaudeDesktop.swift | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/App/Integrations/ClaudeDesktop.swift b/App/Integrations/ClaudeDesktop.swift index 4f12e46e..74499b59 100644 --- a/App/Integrations/ClaudeDesktop.swift +++ b/App/Integrations/ClaudeDesktop.swift @@ -259,10 +259,26 @@ private func updateConfig( throw ClaudeDesktop.Error.noLocationSelected } - // Create the file first + // The save panel grants us access to the selected URL, so re-read any + // existing contents to merge rather than overwrite. log.debug("Creating configuration at selected URL: \(selectedURL.path)") do { - try writeConfig(updatedConfig, to: selectedURL) + var configToWrite = updatedConfig + if FileManager.default.fileExists(atPath: selectedURL.path) { + log.debug("Selected file exists, re-reading to merge existing config") + let existingData = try Data(contentsOf: selectedURL) + let existingConfig = try jsonDecoder.decode([String: Value].self, from: existingData) + // Start from the existing config and upsert iMCP into it + configToWrite = existingConfig + if var mcpServers = existingConfig["mcpServers"]?.objectValue { + mcpServers["iMCP"] = imcpServerValue + configToWrite["mcpServers"] = .object(mcpServers) + } else { + configToWrite["mcpServers"] = .object(["iMCP": imcpServerValue]) + } + } + + try writeConfig(configToWrite, to: selectedURL) // Then create the security-scoped bookmark log.debug("Creating security-scoped access for selected URL")