Module guard 

Path-traversal guard — mirrors JSS src/handlers/git.js lines 31-62 (extractRepoPath + isPathWithinDataRoot).

JSS iteratively strips .. segments (multi-pass, to defeat ....// bypass) and then asserts the resolved absolute path still starts with the data-root prefix. We do the same, plus an explicit rejection of absolute paths and of any remaining .. component after canonicalisation.

Functions

extract_repo_slug

Strip the Git service suffixes (/info/refs, /git-upload-pack, /git-receive-pack) from the incoming URL path to recover the repository-relative slug.

path_safe

Resolve requested against repo_root and assert the result stays inside the root. Rejects: