refactor(server): replace custom remote clients with macro-based implementation

- Replaced manual remote client functions with remote_client! macro for archive, blame, branch, commit, and diff services
- Simplified remote client creation logic using declarative macro approach
- Maintained same functionality while reducing code duplication across services

security(bare): enhance path traversal protection with comprehensive validation

- Added early relative_path validation to prevent path traversal attacks
- Implemented unified path validation to avoid TOCTOU race conditions
- Enhanced canonicalization checks for both existing and non-existent paths
- Added detailed logging for path traversal detection attempts

feat(cache): migrate from CLruCache to Moka with TTL and invalidation support

- Replaced clru dependency with moka for improved caching capabilities
- Added 300-second time-to-live for cache entries
- Implemented repository-specific cache invalidation mechanism
- Enhanced cache operations with thread-safe async support

refactor(commit): improve security validation for commit operations

- Added ref name validation to prevent command injection in cherry_pick_commit
- Implemented revision validation for commit selectors
- Added comprehensive input validation for create_commit parameters
- Enhanced file path validation to prevent traversal

blob/get_blob.rs

@@ -8,7 +8,7 @@ use crate::tree;
 impl GitBare {
     pub fn get_blob(&self, request: GetBlobRequest) -> GitResult<Blob> {
         let repo = self.gix_repo()?;
-        let revision = tree::resolve_revision(&request.revision);
+        let revision = tree::resolve_revision(&request.revision)?;
         let (blob, mode, path) = if let Some(oid) = request.oid.as_ref() {
             let id = gix::hash::ObjectId::from_hex(oid.hex.as_bytes())
                 .map_err(|e| GitError::InvalidOid(e.to_string()))?;