Using .controllerignore to Control File Access

The .controllerignore file is a key feature for managing Controller's interaction with your project files. It allows you to specify files and directories that Controller should not access or modify, similar to how .gitignore works for Git.

What is `.controllerignore`?

Purpose: To protect sensitive information, prevent accidental changes to build artifacts or large assets, and generally define Controller's operational scope within your workspace.
How to Use: Create a file named .controllerignore in the Controllert directory of your VS Code workspace. List patterns in this file to tell Controller which files and directories to ignore.
Scope: .controllerignore affects both Controller's tools and context mentions (like @directory attachments).

Controller actively monitors the .controllerignore file. Any changes you make are reloaded automatically, ensuring Controller always uses the most current rules. The .controllerignore file itself is always implicitly ignored, so Controller cannot change its own access rules.

Pattern Syntax

The syntax for .controllerignore is identical to .gitignore. Here are common examples:

node_modules/: Ignores the entire node_modules directory.
*.log: Ignores all files ending in .log.
config/secrets.json: Ignores a specific file.
!important.log: An exception; Controller will not ignore this specific file, even if a broader pattern like *.log exists.
build/: Ignores the build directory.
docs/**/*.md: Ignores all Markdown files in the docs directory and its subdirectories.

For a comprehensive guide on syntax, refer to the official Git documentation on .gitignore.

How Controller Tools Interact with `.controllerignore`

.controllerignore rules are enforced across various Controller tools:

Strict Enforcement (Reads & Writes)

These tools directly check .controllerignore before any file operation. If a file is ignored, the operation is blocked:

read_file: Will not read ignored files.
write_to_file: Will not write to or create new ignored files.
apply_diff: Will not apply diffs to ignored files.
insert_content: Will not write to ignored files.
search_and_replace: Will not search and replace within ignored files.
list_code_definition_names: Will not parse ignored files for code symbols.

File Discovery and Listing

list_files Tool & @directory Attachments: When Controller lists files or when you use @directory attachments, ignored files are omitted or marked with a 🔒 symbol (see "User Experience" below). Both use identical filtering logic.
Environment Details: Information about your workspace (like open tabs and project structure) provided to Controller is filtered to exclude or mark ignored items.

Context Mentions

@directory Attachments: Directory contents respect .controllerignore patterns. Ignored files are filtered out or marked with [🔒] prefix depending on the showControllerIgnoredFiles setting.
Single File Mentions: Ignored files return "(File is ignored by .controllerignore)" instead of content.

Command Execution

execute_command Tool: This tool checks if a command (from a predefined list like cat or grep) targets an ignored file. If so, execution is blocked.

Key Limitations and Scope

Workspace-Centric: .controllerignore rules apply only to files and directories within the current VS Code workspace Controllert. Files outside this scope are not affected.
execute_command Specificity: Protection for execute_command is limited to a predefined list of file-reading commands. Custom scripts or uncommon utilities might not be caught.
Not a Full Sandbox: .controllerignore is a powerful tool for controlling Controller's file access via its tools, but it does not create a system-level sandbox.

User Experience and Notifications

Visual Cue (🔒): In file listings and @directory attachments, files ignored by .controllerignore may be marked with a lock symbol (🔒), depending on the showControllerIgnoredFiles setting (defaults to true).
Ignore Messages: Single file mentions return "(File is ignored by .controllerignore)" instead of content.
Error Messages: If a tool operation is blocked, Controller receives an error: "Access to [file_path] is blocked by the .controllerignore file settings. You must try to continue in the task without using this file, or ask the user to update the .controllerignore file."
Chat Notifications: You will typically see a notification in the Controller chat interface when an action is blocked due to .controllerignore.

This guide helps you understand the .controllerignore feature, its capabilities, and its current limitations, so you can effectively manage Controller's interaction with your codebase.

What is .controllerignore?​

Pattern Syntax​

How Controller Tools Interact with .controllerignore​

Strict Enforcement (Reads & Writes)​

File Discovery and Listing​

Context Mentions​

Command Execution​

Key Limitations and Scope​

User Experience and Notifications​