feat: add block-no-verify PreToolUse hook to .claude/settings.json

[tupe12334]

Summary

Adds block-no-verify@1.1.2 as a PreToolUse Bash hook in .claude/settings.json, preserving existing configuration (PostToolUse format-and-lint hook).

Details

When an agent runs git commit or git push with the hook-bypass flag, it silently disables pre-commit, commit-msg, and pre-push hooks. block-no-verify reads tool_input.command from the Claude Code hook stdin payload, detects the hook-bypass flag across all git subcommands, and exits 2 to block. All existing configuration is preserved unchanged.

Closes #7686

---

Disclosure: I am the author and maintainer of block-no-verify.

[github-actions]

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and also include the author name at the end inside parenthesis. It looks like your proposed title needs to be adjusted.

Details:

Title "feat: add block-no-verify PreToolUse hook to .claude/settings.json"
didn't match the configured pattern. Please ensure that the title
contains your name so that you can be credited in our changelog.

A correct version would look something like:

feat: add new feature (@github_username)
impr(quotes): add english quotes (@username)
fix(leaderboard): show user rank correctly (@user1, @user2, @user3)

[Copilot]

Pull request overview

Adds a Claude Code PreToolUse hook intended to prevent agents from bypassing git hooks via --no-verify, complementing the existing PostToolUse format/lint hook.

Changes:

• Add block-no-verify@1.1.2 as a PreToolUse hook for the Bash tool.
• Preserve existing PostToolUse hook configuration.

[Copilot]

npx block-no-verify@1.1.2 can prompt to install the package when it isn’t already available (npm exec confirmation). In a hook this can hang/block all Bash tool usage. Use a non-interactive invocation (e.g., add the appropriate "yes"/non-interactive flag or use an equivalent exec command that never prompts).

Suggested change

	"hooks": [{"type": "command", "command": "npx block-no-verify@1.1.2"}]
	"hooks": [{"type": "command", "command": "npx --yes block-no-verify@1.1.2"}]

[Copilot]

This PreToolUse hook is matched on all Bash tool calls, so it will run for every shell command an agent executes. Running npx each time adds noticeable startup/network overhead and introduces a failure point unrelated to git. Consider a lightweight local wrapper script that first checks tool_input.command for git + --no-verify and only then invokes the heavier logic (or blocks directly).

Suggested change

	"hooks": [{"type": "command", "command": "npx block-no-verify@1.1.2"}]
	"hooks": [{"type": "command", "command": "bash .claude/hooks/block-no-verify.sh"}]