cc-safety-net 0.7.1 → 0.8.0

package/README.md

@@ -203,22 +203,29 @@ Install the cc-safety-net plugin in `~/.config/opencode/opencode.json` (or `.jso
 gemini extensions install https://github.com/kenryu42/gemini-safety-net
 ```
 
-> [!IMPORTANT]
-> You need to set the following settings in `.gemini/settings.json` to enable hooks:
-> ```json
-> {
->   "tools": {
->     "enableHooks": true
->   }
-> }
-> ```
-
 ---
 
 ### GitHub Copilot CLI Installation
 
 Safety Net supports GitHub Copilot CLI via its [hooks system](https://docs.github.com/en/copilot/concepts/agents/coding-agent/about-hooks).
 
+> [!NOTE]
+> Copilot CLI currently supports two hook configuration styles:
+>
+> - Hook files:
+>   - repository: `.github/hooks/*.json`
+>   - user: `~/.copilot/hooks/*.json` on Copilot CLI `0.0.422+`
+> - Inline `hooks` inside Copilot config files on Copilot CLI `1.0.8+`:
+>   - user: `~/.copilot/config.json`
+>   - repository: `.github/copilot/settings.json`
+>   - local override: `.github/copilot/settings.local.json`
+>
+> Copilot settings cascade from user -> repository -> local (later files override earlier ones, so local overrides repository overrides user). `disableAllHooks: true` disables both repo-level and user-level hooks. If you use `COPILOT_HOME`, replace `~/.copilot` with that directory.
+
+#### Option A: Hook Files
+
+This is the classic hook-file format. It still works, and it is the easiest shared setup for a repository.
+
 1. **Create the hooks directory** in your repository:
 
    ```bash
@@ -243,7 +250,52 @@ Safety Net supports GitHub Copilot CLI via its [hooks system](https://docs.githu
    }
    ```
 
-The hook will intercept bash commands and block destructive operations before they execute.
+3. **Restart Copilot CLI** — hooks are loaded at session start.
+
+The hook will intercept shell commands and block destructive operations before they execute.
+
+To install the same hook globally for your user account on Copilot CLI `0.0.422+`, place the same JSON file in:
+
+- `~/.copilot/hooks/safety-net.json`
+
+#### Option B: Inline Hooks In Copilot Settings
+
+On Copilot CLI `1.0.8+`, you can define the same hook inline in Copilot settings files instead of a separate `.json` file under `.github/hooks` or `~/.copilot/hooks`.
+
+```json
+{
+  "hooks": {
+    "preToolUse": [
+      {
+        "type": "command",
+        "bash": "npx -y cc-safety-net --copilot-cli",
+        "cwd": ".",
+        "timeoutSec": 15
+      }
+    ]
+  }
+}
+```
+
+Use that schema in one of these files:
+
+- `~/.copilot/config.json`
+- `.github/copilot/settings.json`
+- `.github/copilot/settings.local.json`
+
+Recommended usage:
+
+- Use `~/.copilot/config.json` for your personal default across repositories.
+- Use `.github/copilot/settings.json` for a committed repository-wide setup.
+- Use `.github/copilot/settings.local.json` for personal repo-specific overrides, and add it to `.gitignore`.
+
+If you need to turn hooks off explicitly, set:
+
+```json
+{
+  "disableAllHooks": true
+}
+```
 
 ## Status Line Integration
 
@@ -395,6 +447,7 @@ npx cc-safety-net explain --cwd /tmp "git status"
 |-----------------|-------------------|
 | git checkout -- files | Discards uncommitted changes permanently |
 | git checkout \<ref\> -- \<path\> | Overwrites working tree with ref version |
+| git checkout \<ref\> \<path\> | May overwrite working tree when Git disambiguates ref vs pathspec |
 | git restore files | Discards uncommitted changes |
 | git restore --worktree | Explicitly discards working tree changes |
 | git reset --hard | Destroys all uncommitted changes |