refactor(bare): enhance security and performance optimizations

- Remove unnecessary sorting in advertise_refs for deterministic output
- Add path traversal detection and validation in bare_dir construction
- Implement symlink resolution checks to prevent security vulnerabilities
- Refactor cache system with CRC validation and improved metrics
- Integrate repo-specific cache invalidation using indexed keys
- Add comprehensive unit tests for commit operations and diff functionality
- Move configuration constants to centralized config module
- Optimize string operations in disk cache random value generation
- Enhance license detection algorithm with cleaner matching logic
- Streamline argument processing in various git operations
- Update dependencies including crc32fast and flate2 for performance
- Add signal handling capability to tokio runtime configuration

refs/find_refs.rs

@@ -72,19 +72,16 @@ impl GitBare {
             "--format=%(refname)%00%(objectname)%00%(symref)".to_string(),
         ];
 
-        // Sort direction
         let sort_prefix = match SortDirection::try_from(request.sort_direction) {
             Ok(SortDirection::Asc) => "",
             _ => "-",
         };
         args.push(format!("--sort={sort_prefix}refname"));
 
-        // Containing OIDs filter
         if let Some(first_oid) = request.containing_oids.first() {
             args.push(format!("--points-at={first_oid}"));
         }
 
-        // Prefix or pattern
         if !request.prefixes.is_empty() {
             for prefix in &request.prefixes {
                 args.push(prefix.clone());
@@ -115,7 +112,6 @@ impl GitBare {
                 let oid = parts[1].to_string();
                 let symref = parts.get(2).map(|s| s.to_string()).unwrap_or_default();
 
-                // Apply glob pattern filter if set
                 if !request.pattern.is_empty() && !simple_glob_match(&request.pattern, &ref_name) {
                     continue;
                 }