refactor(bare): enhance security and performance optimizations

- Remove unnecessary sorting in advertise_refs for deterministic output
- Add path traversal detection and validation in bare_dir construction
- Implement symlink resolution checks to prevent security vulnerabilities
- Refactor cache system with CRC validation and improved metrics
- Integrate repo-specific cache invalidation using indexed keys
- Add comprehensive unit tests for commit operations and diff functionality
- Move configuration constants to centralized config module
- Optimize string operations in disk cache random value generation
- Enhance license detection algorithm with cleaner matching logic
- Streamline argument processing in various git operations
- Update dependencies including crc32fast and flate2 for performance
- Add signal handling capability to tokio runtime configuration

repository/optimize.rs

@@ -18,7 +18,6 @@ impl GitBare {
             OptimizeStrategy::Heuristic | OptimizeStrategy::Aggressive => {
                 let stats = self.get_repository_statistics()?;
 
-                // Run commit-graph write if needed
                 if (stats.commit_graph_size_bytes == 0 || strategy == OptimizeStrategy::Aggressive)
                     && let Ok(resp) = write_commit_graph(self, false, false)
                 {
@@ -28,7 +27,6 @@ impl GitBare {
                     stdout_all.push_str(&resp.stdout);
                 }
 
-                // Repack if many loose objects or packfiles
                 let repack_needed = stats.loose_object_count > 1000 || stats.packfile_count > 10;
 
                 if repack_needed || strategy == OptimizeStrategy::Aggressive {
@@ -41,7 +39,6 @@ impl GitBare {
                     }
                 }
 
-                // Prune if aggressive
                 if strategy == OptimizeStrategy::Aggressive
                     && let Ok(resp) = run_gc(self, true, true)
                 {
@@ -52,7 +49,6 @@ impl GitBare {
                 }
             }
             OptimizeStrategy::Incremental => {
-                // Just run commit-graph write incrementally
                 if let Ok(resp) = write_commit_graph(self, false, false) {
                     if !resp.ok {
                         stderr_all.push_str(&resp.stderr);
@@ -71,7 +67,6 @@ impl GitBare {
     }
 
     fn get_repository_statistics(&self) -> GitResult<RepositoryStatistics> {
-        // Count loose objects
         let loose = std::fs::read_dir(self.bare_dir.join("objects"))
             .map(|d| {
                 d.filter_map(|e| e.ok())
@@ -83,13 +78,11 @@ impl GitBare {
             })
             .unwrap_or(0);
 
-        // Count packfiles
         let pack_dir = self.bare_dir.join("objects").join("pack");
         let pack_count = std::fs::read_dir(&pack_dir)
             .map(|d| d.filter_map(|e| e.ok()).count() as u64)
             .unwrap_or(0);
 
-        // Check commit-graph
         let cg_size = std::fs::metadata(
             self.bare_dir
                 .join("objects")