docs: add git hook automation guide for apply

[yacosta738]

This pull request adds comprehensive documentation and guidance for automating agentsync apply using Git hooks and hook managers. The changes introduce a new "Git Hook Automation" guide, update existing documentation to reference this automation, and improve the discoverability of automation patterns for different team workflows.

Documentation enhancements for automation:

• Added a new guide, git-hook-automation.mdx, detailing how to automate agentsync apply with various Git hook managers (Lefthook, Husky, simple-git-hooks) and native Git hooks, including copy-pasteable examples and best practices.
• Updated the navigation in astro.config.mjs to include the new "Git Hook Automation" guide, making it easily accessible from the docs sidebar.

References and cross-links in existing docs:

• Added references and links to the new Git hook automation guide in the main README.md, npm package README, Getting Started guide, CLI reference, and Gitignore Team Workflows guide, ensuring users can find automation instructions from all relevant entry points. [1] [2] [3] [4] [5] [6] [7]

These changes make it much easier for teams to discover and implement automation for agentsync apply, improving onboarding and reducing manual steps across different Git workflows.

Closes: #279

[coderabbitai]

Warning

Rate limit exceeded

@yacosta738 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 3 minutes and 55 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 3 minutes and 55 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 2867e5ea-9277-4a34-9aa6-937ce378bab5

📥 Commits

Reviewing files that changed from the base of the PR and between bbadff9 and b9677a8.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (2)

• biome.json
• package.json

📝 Walkthrough

Walkthrough

Adds a new "Git Hook Automation" guide and cross-references across docs and READMEs; updates website sidebar, several docs, package manifests, and .agents/agentsync.toml with expanded agent targets and MCP settings. Mostly documentation changes; one large config update to .agents/agentsync.toml.

Changes

Cohort / File(s)	Summary
New Guide website/docs/src/content/docs/guides/git-hook-automation.mdx	Added a comprehensive guide describing when and how to run agentsync apply via prepare, post-checkout, post-merge, and post-rewrite; includes Lefthook, Husky, simple-git-hooks, and native hook examples, failure-handling guidance, and copy-paste configs.
Docs Cross-links & Content Edits website/docs/src/content/docs/guides/getting-started.mdx, website/docs/src/content/docs/guides/gitignore-team-workflows.mdx, website/docs/src/content/docs/reference/cli.mdx, README.md, npm/agentsync/README.md	Inserted inline references and notes pointing to the new Git Hook Automation guide; small README wording and npm README JSON snippet formatting fixes.
Website Navigation website/docs/astro.config.mjs	Added Starlight sidebar entry under Guides: label: "Git Hook Automation", slug: "guides/git-hook-automation".
AgentSync Configuration .agents/agentsync.toml	Large config update: added [mcp] and [mcp_servers.filesystem], expanded/renamed agent blocks (Copilot, Codex, Gemini, OpenCode, Antigravity, Claude) with new symlink-contents targets and patterns, adjusted descriptions, and other target/destination changes.
Package Manifests & Workspace npm/agentsync/package.json, package.json, pnpm-workspace.yaml, website/docs/package.json	Bumped several dependency versions (@types/node, @biomejs/biome, @astrojs/starlight, @iconify/json, astro) and reordered/updated optional platform packages; updated workspace catalog version for @dallay/agentsync.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐰 I nibble docs and stitch the hooks,

Lefthook, Husky — simple copy-paste looks.
Post-checkout, merge, rebase in a row,
Agentsync applies wherever you go.
Hooray for automagic symlink flow!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	Some changes extend beyond the documentation scope: .agents/agentsync.toml contains significant functional configuration changes (agent definitions, MCP settings, symlink patterns) unrelated to the Git hook automation guide requirements.	The .agents/agentsync.toml changes (adding/modifying agent definitions, MCP configuration, and symlink patterns) should be separated into a distinct PR focused on agent configuration updates, keeping this PR focused on Git hook documentation.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the primary change: adding documentation for Git hook automation to automate agentsync apply, which is the main objective of the PR.
Description check	✅ Passed	The description is directly related to the changeset, explaining the new Git Hook Automation guide, navigation updates, and cross-references across existing docs.
Linked Issues check	✅ Passed	The PR fully addresses all coding objectives from issue #279: provides copy-pasteable examples for Lefthook, Husky, simple-git-hooks, and native hooks; covers prepare, post-checkout, post-merge, and post-rewrite hooks; includes decision guidance; cross-links from multiple guides; and documentation builds successfully.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/279-document-git-hook-integration-examples-for-agentsync-apply-lefthook-husky-simple-git-hooks-native-hooks

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sentry]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@website/docs/src/content/docs/guides/gitignore-team-workflows.mdx`:
- Line 16: Replace the repetitive sentence that begins with three "For ..."
phrases by combining the links into one smoother sentence: e.g., "See the
configuration reference (field-by-field details), the CLI reference (command
semantics), and Git Hook Automation (hook-manager and native Git hook examples)
for more information." Update the sentence in the gitignore-team-workflows.mdx
content where the triple "For field-by-field details, ... For command semantics,
... For hook-manager ..." appears so it reads as a single, concise sentence
referencing the three links.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 012eaff4-24b8-4455-8818-f7783b44871b

📥 Commits

Reviewing files that changed from the base of the PR and between 8d8c44c and 627edaf.

📒 Files selected for processing (7)

• README.md
• npm/agentsync/README.md
• website/docs/astro.config.mjs
• website/docs/src/content/docs/guides/getting-started.mdx
• website/docs/src/content/docs/guides/git-hook-automation.mdx
• website/docs/src/content/docs/guides/gitignore-team-workflows.mdx
• website/docs/src/content/docs/reference/cli.mdx

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.agents/agentsync.toml:
- Around line 207-209: The mcp_servers.filesystem entry currently runs npx with
the unpinned package name "@modelcontextprotocol/server-filesystem"; update the
args array so the package is pinned to a tested version (e.g., change
"@modelcontextprotocol/server-filesystem" to
"@modelcontextprotocol/server-filesystem@<version>") so npx installs a fixed
release; locate the mcp_servers.filesystem block (the command "npx" and its
args) and replace the package string with the chosen semver or date-based tag.

In `@npm/agentsync/package.json`:
- Line 47: The devDependency "@types/node" in package.json is set to "^25.5.0"
but engines.node declares ">=18"; change the "@types/node" entry under
devDependencies to the matching minimum major (e.g., "^18.0.0") or alternatively
raise engines.node to match the types major (e.g., ">=25") so the TypeScript
types align with the supported runtime; update the package.json devDependencies
"@types/node" line and/or the "engines.node" field accordingly and run npm
install to refresh lock files.

In `@pnpm-workspace.yaml`:
- Line 6: Update the cataloged CLI version for `@dallay/agentsync` in
pnpm-workspace.yaml to match the workspace package (change the listed version
from 1.35.0 to 1.35.2), ensuring it aligns with npm/agentsync/package.json's
catalog entry; after changing the version, run your package manager (pnpm
install) to refresh the workspace lockfiles so pnpm exec uses the updated CLI.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 05267b1c-39d7-4553-8d2f-49cf65755367

📥 Commits

Reviewing files that changed from the base of the PR and between 627edaf and bbadff9.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (6)

• .agents/agentsync.toml
• npm/agentsync/package.json
• package.json
• pnpm-workspace.yaml
• website/docs/package.json
• website/docs/src/content/docs/guides/gitignore-team-workflows.mdx

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

🧩 Analysis chain

🌐 Web query:

Does npx -y @modelcontextprotocol/server-filesystem`` run the latest published version when no @Version is specified, and what is the recommended way to pin a specific version in a committed configuration file?

💡 Result:

Yes, npx -y @modelcontextprotocol/server-filesystem runs the latest published version of the package when no version specifier (like @version or @latest) is provided. npx resolves bare package names (without @) to the latest version available on the npm registry by default, installing a temporary copy if necessary. The -y flag bypasses the installation confirmation prompt. The recommended way to pin a specific version in a committed configuration file (such as .vscode/mcp.json, ~/.cursor/mcp.json, or similar MCP client configs) is to append the version specifier directly to the package name in the args array, e.g.: { "mcpServers": { "filesystem": { "command": "npx", "args": [ "-y", "@modelcontextprotocol/server-filesystem@2026.1.14", "/path/to/allowed/dir" ] } } } This uses standard npm package specifiers (@, @latest, etc.), ensuring reproducible builds across environments. Official package docs and MCP examples consistently show bare package names for latest usage and support version pinning this way.

Citations:

• 1: https://www.npmjs.com/package/@modelcontextprotocol/server-filesystem
• 2: https://registry.npmjs.org/%40modelcontextprotocol%2Fserver-filesystem
• 3: https://www.npmjs.com/package/npx?activeTab=versions
• 4: https://www.npmjs.com/package/npx
• 5: http://www.npmjs.cn/cli/v11/commands/npx
• 6: https://docs.npmjs.com/cli/v7/commands/npx

---

Pin the MCP server package version in the committed configuration.

Line 209 references @modelcontextprotocol/server-filesystem without a version specifier. This causes npx to always fetch the latest published version, creating drift in contributor setups and supply-chain instability. Pin a tested version directly in the package name using standard npm notation.

Suggested change

-args = ["-y", "@modelcontextprotocol/server-filesystem", "."]
+args = ["-y", "@modelcontextprotocol/server-filesystem@<tested-version>", "."]

Example: @modelcontextprotocol/server-filesystem@2026.1.14

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.agents/agentsync.toml around lines 207 - 209, The mcp_servers.filesystem
entry currently runs npx with the unpinned package name
"@modelcontextprotocol/server-filesystem"; update the args array so the package
is pinned to a tested version (e.g., change
"@modelcontextprotocol/server-filesystem" to
"@modelcontextprotocol/server-filesystem@<version>") so npx installs a fixed
release; locate the mcp_servers.filesystem block (the command "npx" and its
args) and replace the package string with the chosen semver or date-based tag.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python - <<'PY'
import json
import pathlib
import re

pkg = json.loads(pathlib.Path("npm/agentsync/package.json").read_text())
engine = pkg["engines"]["node"]
types = pkg["devDependencies"]["@types/node"]

engine_floor_major = int(re.search(r"(\d+)", engine).group(1))
types_major = int(re.search(r"(\d+)", types).group(1))

print({
    "engines.node": engine,
    "engine_floor_major": engine_floor_major,
    "@types/node": types,
    "@types/node_major": types_major,
    "types_exceed_engine_floor": types_major > engine_floor_major,
})
PY

Repository: dallay/agentsync

Length of output: 196

---

Align @types/node with the minimum supported Node runtime version.

The @types/node version is ^25.5.0 while engines.node specifies >=18. This 7-version gap means Node 25 APIs will pass type-checking even though they are unavailable in Node 18, which is still a supported runtime. Align the types package to the minimum supported major version (18) or raise the engine floor accordingly.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@npm/agentsync/package.json` at line 47, The devDependency "@types/node" in
package.json is set to "^25.5.0" but engines.node declares ">=18"; change the
"@types/node" entry under devDependencies to the matching minimum major (e.g.,
"^18.0.0") or alternatively raise engines.node to match the types major (e.g.,
">=25") so the TypeScript types align with the supported runtime; update the
package.json devDependencies "@types/node" line and/or the "engines.node" field
accordingly and run npm install to refresh lock files.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python - <<'PY'
import json
import pathlib
import re

catalog_text = pathlib.Path("pnpm-workspace.yaml").read_text()
catalog_version = re.search(r"['\"]@dallay/agentsync['\"]:\s*([0-9.]+)", catalog_text).group(1)

root_pkg = json.loads(pathlib.Path("package.json").read_text())
workspace_pkg = json.loads(pathlib.Path("npm/agentsync/package.json").read_text())

print({
    "root_dependency_spec": root_pkg["devDependencies"]["@dallay/agentsync"],
    "catalog_version": catalog_version,
    "workspace_package_version": workspace_pkg["version"],
    "catalog_matches_workspace_package": catalog_version == workspace_pkg["version"],
})
PY

Repository: dallay/agentsync

Length of output: 208

---

Align the cataloged CLI version with the workspace package.

package.json resolves @dallay/agentsync through catalog:, but Line 6 leaves repo-level scripts on 1.35.0 while npm/agentsync/package.json is already 1.35.2. This means pnpm exec agentsync ... runs an older CLI than the one defined in the workspace.

Suggested fix

-  '@dallay/agentsync': 1.35.0
+  '@dallay/agentsync': 1.35.2

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	'@dallay/agentsync': 1.35.0
	'@dallay/agentsync': 1.35.2

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pnpm-workspace.yaml` at line 6, Update the cataloged CLI version for
`@dallay/agentsync` in pnpm-workspace.yaml to match the workspace package (change
the listed version from 1.35.0 to 1.35.2), ensuring it aligns with
npm/agentsync/package.json's catalog entry; after changing the version, run your
package manager (pnpm install) to refresh the workspace lockfiles so pnpm exec
uses the updated CLI.