refactor(bare): enhance security and performance optimizations

- Remove unnecessary sorting in advertise_refs for deterministic output
- Add path traversal detection and validation in bare_dir construction
- Implement symlink resolution checks to prevent security vulnerabilities
- Refactor cache system with CRC validation and improved metrics
- Integrate repo-specific cache invalidation using indexed keys
- Add comprehensive unit tests for commit operations and diff functionality
- Move configuration constants to centralized config module
- Optimize string operations in disk cache random value generation
- Enhance license detection algorithm with cleaner matching logic
- Streamline argument processing in various git operations
- Update dependencies including crc32fast and flate2 for performance
- Add signal handling capability to tokio runtime configuration

snapshot/sync.rs

@@ -59,7 +59,6 @@ impl BundleApplicator {
             .spawn()
             .map_err(|e| format!("spawn git bundle unbundle: {e}"))?;
 
-        // Stream file contents to stdin in a background thread
         let mut stdin = child.stdin.take().ok_or("no stdin")?;
         let file_handle = file;
         let writer = std::thread::spawn(move || -> Result<(), String> {
@@ -84,7 +83,6 @@ impl BundleApplicator {
             .wait_with_output()
             .map_err(|e| format!("wait bundle: {e}"))?;
 
-        // Wait for writer thread
         let _ = writer.join().map_err(|_| "writer thread panicked")?;
 
         if !output.status.success() {