Make default-branch push protection allowlist-overridable
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Claude Code's harness blocks git push origin main and all pushes to default branches within agent sessions, even when these actions are explicitly allowed in settings.json. This restriction overrides user permissions, and there is no settings flag, environment variable, or Bash rule to disable it.
Both Bash(git push:*) and Bash(git push origin main) are included in my settings.json, but the harness ignores them. Explicit in-conversation authorization is also denied, sometimes with the explanation that "authorization appears coerced."
For solo developers deploying to Vercel, which auto-deploys from main, each /deploy command ends with the agent stopping before the final push and prompting manual execution in the terminal. The repository has no GitHub branch protection, yet the harness enforces a stricter policy with no opt-out.
Proposed Solution
Allow this rule to be overridden using one of the following methods:
- A settings.json flag, e.g.
"permissions.allowDefaultBranchPush": true. - A Bash permission pattern that permits the action, such as honoring the existing
Bash(git push origin main)allowlist entry. - Recognize explicit user authorization provided during a conversation, rather than dismissing it as "coerced."
The current default of blocking and prompting is appropriate for shared or team repositories. However, please provide solo users with a documented method to opt out, either per repository or globally.
Alternative Solutions
Currently the only workaround is running git push origin main from my terminal after every agent-driven /deploy or maintaining a shell alias like alias dpm="git push origin main" to make it one step. Both work but defeat the point of an autonomous /deploy skill.
I tried adding more specific allowlist rules (Bash(git push origin main), Bash(git push:*)), but both were ignored. I also tried explicit in-conversation authorization, but it was rejected.
Priority
Critical - Blocking my work
Feature Category
CLI commands and flags
Use Case Example
- Solo repo on GitHub, no branch protection on
main. - Vercel project auto-deploys whenever
mainupdates. - I run
/deployin Claude Code: it runs type-check, lint, builds a commit, and attemptsgit push origin main. - Push is denied: "Pushing directly to main bypasses pull request review; default branch pushes are blocked."
- I copy
git push origin maininto my terminal and run it. - Vercel deploys.
With the proposed setting, step 5 disappears and /deploy actually deploys.
Additional Context
Reproducibility is deterministic when any individual repository and any Claude Code agent push to the default branch.
This impacts both global and project-specific settings.json allowlists.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗