Previously, std::env::home_dir() could give surprising results in some Windows configurations if the HOME environment variable was set (which is not the normal configuration on Windows). This has been fixed in Rust 1.85.0

https://blog.rust-lang.org/2025/02/20/Rust-1.85.0/#updates-to-std-env-home-dir

- Improves code readability as return type is now more concise
- Adheres to DRY principle
- Will make it easier in the future to introduce custom Error type

Potential fix for code scanning alert no. 1: Workflow does not contain permissions

Code QL Rule ID: actions/missing-workflow-permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

- Add path-clean dependency to sanitize file paths
- Fix 7 CodeQL path injection vulnerabilities in src/commands/setup.rs:
  * Alert #13: hooks_dir.exists() with unsanitized path from git config
  * Alert #12: hooks_dir.exists() with unsanitized global hooks directory
  * Alert #11: fs::rename() with unsanitized backup path construction
  * Alert #10: fs::set_permissions() with unsanitized file path
  * Alert #9: fs::write() with unsanitized file path
  * Alert #8: fs::create_dir_all() with unsanitized prepare_commit_msg_path
  * Alert #7: fs::create_dir_all() with unsanitized local hooks directory

- Use PathClean::clean() to normalize paths and remove directory traversal sequences
- Ensure all file system operations use sanitized paths to prevent path injection attacks
- Maintain backward compatibility and pass all existing tests

Fixes: GitHub Security Advisory alerts #7-#13

…ility