DEV Community

brian austin
brian austin

Posted on

Claude Code just git reset --hard my repo. Here's what I changed in my .claude/ settings.

#claudecode #ai #git #productivity

It happened to me too

If you've been following the Claude Code GitHub issue #40710, you know: Claude Code has been running git reset --hard origin/main against project repos — automatically, without asking, every 10 minutes.

I lost 2 hours of work before I figured out what happened.

Here's how I locked down my .claude/ settings to prevent this — and a few other aggressive behaviors I've reined in.

The problem

Claude Code's agentic mode is powerful but it has real teeth. When it runs autonomously, it can and will:

  • Execute destructive git commands
  • Overwrite files without confirmation
  • Run commands that assume a clean git state

This isn't a bug exactly — it's the agent doing what it thinks is right. The git reset --hard behavior appears when Claude Code tries to "fix" what it perceives as a dirty working state.

But losing uncommitted work is never acceptable.

The fix: .claude/settings.json

Add this to your project's .claude/settings.json:

{
  "permissions": {
    "allow": [
      "Bash(git status)",
      "Bash(git diff)",
      "Bash(git log:*)",
      "Bash(git add:*)",
      "Bash(git commit:*)"
    ],
    "deny": [
      "Bash(git reset:*)",
      "Bash(git clean:*)",
      "Bash(git checkout:*)",
      "Bash(git restore:*)"
    ]
  }
}
Enter fullscreen mode Exit fullscreen mode

This allowlists safe git operations and explicitly blocks the destructive ones.

Claude Code will still be able to:

  • Read git history
  • Stage files
  • Commit changes

But it cannot:

  • Reset your working tree
  • Clean untracked files
  • Restore files to HEAD (overwriting your edits)

Add a pre-run hook as a backup

Double protection: add a hook that stashes your work before any agent run.

Create .claude/hooks/pre-run.sh:

#!/bin/bash
# Auto-stash before Claude Code runs
# This saves your work even if something goes wrong

if [ -n "$(git status --porcelain)" ]; then
  echo "[pre-run hook] Uncommitted changes detected. Stashing..."
  git stash push -m "claude-code-auto-stash-$(date +%Y%m%d-%H%M%S)"
  echo "[pre-run hook] Stashed. Run 'git stash pop' to restore."
fi
Enter fullscreen mode Exit fullscreen mode

Make it executable:

chmod +x .claude/hooks/pre-run.sh
Enter fullscreen mode Exit fullscreen mode

My full safe .claude/settings.json

Here's the complete settings file I'm running after the incident:

{
  "model": "claude-sonnet-4-5",
  "permissions": {
    "allow": [
      "Bash(git status)",
      "Bash(git diff:*)",
      "Bash(git log:*)",
      "Bash(git add:*)",
      "Bash(git commit:*)",
      "Bash(git push:*)",
      "Bash(git pull:*)",
      "Bash(git stash:*)",
      "Bash(npm run:*)",
      "Bash(npm test:*)",
      "Bash(node:*)"
    ],
    "deny": [
      "Bash(git reset:*)",
      "Bash(git clean:*)",
      "Bash(git checkout -- :*)",
      "Bash(git restore:*)",
      "Bash(rm -rf:*)",
      "Bash(sudo:*)"
    ]
  },
  "autoUpdaterStatus": "disabled"
}
Enter fullscreen mode Exit fullscreen mode

Note autoUpdaterStatus: disabled — that stops Claude Code from auto-updating itself in the middle of a session, which can cause unexpected behavior changes.

One more thing: the cost

While I was auditing my Claude Code setup, I also looked at what I'm paying.

Claude Code uses the Anthropic API under the hood. By default it uses your Claude Pro subscription ($20/month). But you can override the API endpoint:

// In your ~/.claude/settings.json (global)
{
  "env": {
    "ANTHROPIC_BASE_URL": "https://api.simplylouie.com"
  }
}
Enter fullscreen mode Exit fullscreen mode

I switched to SimplyLouie — same Claude models, $2/month instead of $20. That's $216/year saved, which I immediately reinvested in more compute time instead.

The 7-day free trial is at simplylouie.com — no charge until day 8.

TL;DR

  1. Add .claude/settings.json with an explicit deny list for destructive git commands
  2. Add a pre-run hook that stashes your work automatically
  3. Disable auto-updater to prevent mid-session behavior changes
  4. Consider switching the API endpoint to save $18/month while you're in there

The git reset --hard issue will probably get patched. But defense in depth on destructive operations is good engineering practice regardless.

Running Claude Code on a budget? The same .claude/ config works whether you're using the default Anthropic API or a cheaper endpoint like SimplyLouie. All the settings above apply either way.

Top comments (1)

Collapse
 
apex_stack profile image
Apex Stack

The pre-run stash hook is a really smart addition — I run a similar safety net on my own projects. One thing I'd add: if you're running Claude Code in any kind of scheduled or autonomous mode (like automated code reviews or CI pipelines), the deny list becomes even more critical because there's no human in the loop to catch a destructive command before it fires.

I manage a large Astro site with 80K+ pages and use agentic workflows heavily for auditing, content generation, and deployment. The approach I've settled on is treating the agent like a junior dev with restricted permissions — read access to everything, write access to a specific working branch only, and absolutely no force pushes or resets. Defense in depth is exactly right.