allow / ask me before
Syntax
allow edits automatically, but ask me before migrations or pushes
What it does
The action policy โ it splits what the loop may do into an auto class it performs without asking and a confirm class that pauses for you first. The canonical classes are edit, migrate, push, deploy, delete. allow โฆ automatically grants a class outright; ask me before โฆ makes the loop stop and wait for a yes/no before it takes that action, then remembers your answer for the rest of the run.
This is how you get an unattended loop that is still safe on the irreversible parts. The whole point of a self-correcting loop is that it iterates on its own โ but iterating freely over a schema migration, a force-push, or a production deploy is how a green run leaves real damage behind. The policy line lets you say "edit source all you like, but stop at the blast radius": routine work stays fast, risky work stays gated. Reach for it whenever a loop can touch anything you'd want a human to sign off on. It pairs with a human approves before โฆ, which is a harder, per-stage gate for the truly one-way doors; ask me before โฆ is the lighter, run-scoped control for everyday risk. When no policy is given, the loop follows the git strategy's defaults โ edits allowed, no push.
Example
allow edits automatically, but ask me before migrations or pushesper-class policy
loop "tidy the invoices module":
goal: invoices code is clean and the suite is green
done when "pnpm test invoices" passes
look at: src/invoices/, and the last failure
allow edits automatically, but ask me before deletes or migrationsgate only the irreversible actions
Common mistakes
- Gating nothing on an unattended run.
allow edits automaticallywith noask me before โฆlets the loop migrate, delete, and push on its own. On anything irreversible, always name a confirm class. - Using
ask me beforefor a hard stop. It pauses once and remembers your answer for the run โ fine for everyday risk, but for a true one-way door (charging a card, a prod deploy) usea human approves before โฆ, a per-stage gate that blocks every time. - Expecting it to override git safety. The policy can't authorize a push to
main/masterโ that's blocked unconditionally regardless of what you allow. Set the branch strategy in agit:block, not here. - Inventing action classes. Stick to the canonical classes โ
edit,migrate,push,deploy,delete. A made-up class may not map to anything the runner recognizes.