Fail Closed, Then Learn
Failing closed sounds conservative.
It is.
But it should not be passive. A blocked merge should teach the system something. It should become a sharper row, a focused fixture, a route, a lease, a gate, or a question.
Fail closed, then learn.
Refusal Is A Decision
There is a difference between confusion and refusal.
Confusion says:
I do not know what happened.A good fail-closed decision says:
this claim is not admitted
because this proof is missing
for this surface
and the next route is thisThat shape matters because it gives the next worker a smaller job.
The Route After Block
Blocked work should not disappear into a pile.
The refusal is part of the system state.
It should be replayable.
Proof Gets Sharper
The first proof request is often too broad.
prove the UI still works
prove the CSS is fine
prove the type change is safe
prove the branch can mergeAfter a refusal, the proof can become sharper:
prove this selector still reaches this target
prove this runtime capsule has DOM, style, layout, focus, and a11y hashes
prove this React list has unique stable keys
prove this public type still emits the expected declaration shapeThe system learns by turning vague uncertainty into typed requirements.
- Blocked claimrefusedCan proveThe current evidence is not allowed to admit the merge.Stops atDoes not say the idea is wrong.Classify missing proof
- Focused fixturerepeatableCan proveThe exact case now has an expected decision.Stops atDoes not cover every related case.Add gate
- Matrix rowcountedCan proveThe surface is part of the denominator.Stops atStill needs real evidence per candidate.Route future work
- Admission ruleenforcedCan proveFuture candidates cannot bypass the boundary.Stops atCan still be too narrow and need expansion.Apply only when passed
Refusal Preserves Useful Work
Failing closed does not mean throwing everything away.
A candidate can be blocked while parts of its evidence remain useful.
The parser proof may be good. The type proof may be good. The runtime proof may be missing. The route should preserve the good parts and ask for the missing one.
That is how the system avoids both extremes:
do not blindly merge
do not blindly discardThe Mental Model
A blocked merge is not a dead end.
It is the system saying:
this claim is too large for the proof
so make the claim smaller
or make the proof strongerThat is how conservative merge becomes an engine for learning.