Skip to main content

Using .brewignore to Control File Access

The .brewignore file is a key feature for managing brewdata's interaction with your project files. It allows you to specify files and directories that brewdata should not access or modify, similar to how .gitignore works for Git.

What is .brewignore?

  • Purpose: To protect sensitive information, prevent accidental changes to build artifacts or large assets, and generally define brewdata's operational scope within your workspace.
  • How to Use: Create a file named .brewignore in the root directory of your VS Code workspace. List patterns in this file to tell brewdata which files and directories to ignore.
  • Scope: .brewignore affects both brewdata's tools and context mentions (like @directory attachments).

brewdata actively monitors the .brewignore file. Any changes you make are reloaded automatically, ensuring brewdata always uses the most current rules. The .brewignore file itself is always implicitly ignored, so brewdata cannot change its own access rules.

Pattern Syntax

The syntax for .brewignore is identical to .gitignore. Here are common examples:

  • seeds/: Ignores the entire seeds directory.
  • *.log: Ignores all files ending in .log.
  • config/secrets.json: Ignores a specific file.
  • !important.log: An exception; brewdata will not ignore this specific file, even if a broader pattern like *.log exists.
  • docs/**/*.md: Ignores all Markdown files in the docs directory and its subdirectories.

For a comprehensive guide on syntax, refer to the official Git documentation on .gitignore.

How brewdata Tools Interact with .brewignore

.brewignore rules are enforced across various brewdata tools:

Strict Enforcement (Reads & Writes)

These tools directly check .brewignore before any file operation. If a file is ignored, the operation is blocked:

  • read_file: Will not read ignored files.
  • write_to_file: Will not write to or create new ignored files.
  • apply_diff: Will not apply diffs to ignored files.
  • insert_content: Will not write to ignored files.
  • search_and_replace: Will not search and replace within ignored files.

File Discovery and Listing

  • list_files Tool & @directory Attachments: When brewdata lists files or when you use @directory attachments, ignored files are omitted or marked with a 🔒 symbol (see "User Experience" below). Both use identical filtering logic.
  • Environment Details: Information about your workspace (like open tabs and project structure) provided to brewdata is filtered to exclude or mark ignored items.

Context Mentions

  • @directory Attachments: Directory contents respect .brewignore patterns. Ignored files are filtered out or marked with [🔒] prefix depending on the showbrewdataIgnoredFiles setting.
  • Single File Mentions: Ignored files return "(File is ignored by .brewignore)" instead of content.

Command Execution

  • execute_command Tool: This tool checks if a command (from a predefined list like cat or grep) targets an ignored file. If so, execution is blocked.

Key Limitations and Scope

  • Workspace-Centric: .brewignore rules apply only to files and directories within the current VS Code workspace root. Files outside this scope are not affected.
  • execute_command Specificity: Protection for execute_command is limited to a predefined list of file-reading commands. Custom scripts or uncommon utilities might not be caught.
  • Not a Full Sandbox: .brewignore is a powerful tool for controlling brewdata's file access via its tools, but it does not create a system-level sandbox.

User Experience and Notifications

  • Visual Cue (🔒): In file listings and @directory attachments, files ignored by .brewignore may be marked with a lock symbol (🔒), depending on the showbrewdataIgnoredFiles setting (defaults to true).
  • Ignore Messages: Single file mentions return "(File is ignored by .brewignore)" instead of content.
  • Error Messages: If a tool operation is blocked, brewdata receives an error: "Access to [file_path] is blocked by the .brewignore file settings. You must try to continue in the task without using this file, or ask the user to update the .brewignore file."
  • Chat Notifications: You will typically see a notification in the brewdata chat interface when an action is blocked due to .brewignore.

This guide helps you understand the .brewignore feature, its capabilities, and its current limitations, so you can effectively manage brewdata's interaction with your codebase.

Is this documentation incorrect or incomplete? Report an issue