feat(event-handlers): introduce event handler system for GitProxy lifecycle events

[Andreybest]

Implements #1449.

Introduces a lightweight, async, observer-only event system so external integrations (notifications, audit feeds) can react to push/pull lifecycle events without coupling to chain internals.

Event hooks can be added the same way as the plugins in config.proxy.json

Supports 2 operations: pull and push
With 4 phases:

• started
• completed
• error
• permissionDenied

This is not well documented, and not sure where to add info on that, would appreciate suggestions on that matter :)

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	e53fccb
🔍 Latest deploy log	https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/69fa7930f08fbe00097f4a33

[codecov]

Codecov Report

❌ Patch coverage is 95.15571% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 90.46%. Comparing base (b6d72fc) to head (e53fccb).

Files with missing lines	Patch %	Lines
src/eventHandlers/loader.ts	91.17%	6 Missing ⚠️
src/proxy/chain.ts	83.33%	3 Missing ⚠️
src/eventHandlers/dispatcher.ts	97.53%	1 Missing and 1 partial ⚠️
src/eventHandlers/index.ts	0.00%	2 Missing ⚠️
src/config/index.ts	75.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1519      +/-   ##
==========================================
+ Coverage   90.21%   90.46%   +0.24%     
==========================================
  Files          69       75       +6     
  Lines        5511     5798     +287     
  Branches      944     1005      +61     
==========================================
+ Hits         4972     5245     +273     
- Misses        521      534      +13     
- Partials       18       19       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[andypols]

@Andreybest Could I vote for an additional phase?

We have several custom actions that run when a push is first received and the proxy blocks it for review. This state is not really permissionDenied or error; it is closer to pendingReview.

We also have custom actions that would work really well as plugin events. For example, we:

• run an AI-based security audit of the changes
• create an AI summary of the changes to help the reviewer
• notify reviewers when there is a push to review

It would be great if plugins could also add data that can be rendered in the UI.

This would be a hugely helpful change, as it would allow us to separate our custom code from the base git-proxy. Keeping the two in sync is painful at the moment.

[Andreybest]

Hey @andypols ! Thanks for the suggestion, this seems like a good use cases for events. Will try to add mechanisms that would be able to support your use cases :)
Will ping you on that later.

[re-vlad]

Just a wish: while the code is well-documented, there's no external docs (README, docs, etc.) explaining how to use the event system. This should be added.

[re-vlad]

The config schema shows the eventHandlers array, but there are no examples of how to configure event handlers in proxy.config.json. Consider to document example

[re-vlad]

EventDetails.user and repository must be immutable copies (using String()) of Action fields — not references. Otherwise, async handlers may see stale or modified data if Action is mutated later in the chain. This rather critical I believe, but easy to fix:

return { 
  username = action.user ? String(action.user) : undefined;
  email = action.userEmail ? String(action.userEmail) : undefined;
}```. 

[re-vlad]

The same problem like line 38, don't return references, return values instead:

name: action.repoName? String(action.repoName) : undefined,
url: String(action.url),