fix: improve logging and add shell escaping for git ls-remote

Two improvements to Git deployment handling:

1. **ApplicationDeploymentJob.php**:
   - Fixed log message to show actual resolved commit SHA (`$this->commit`)
   - Previously showed `$this->application->git_commit_sha` which could be "HEAD"
   - Now displays the actual 40-character commit SHA that will be deployed

2. **Application.php (generateGitLsRemoteCommands)**:
   - Added `escapeshellarg()` for repository URL in 'other' deployment type
   - Prevents shell injection in git ls-remote commands
   - Complements existing shell escaping in `generateGitImportCommands`
   - Ensures consistent security across all Git operations

**Security Impact:**
- All Git commands now use properly escaped repository URLs
- Prevents command injection through malicious repository URLs
- Consistent escaping in both ls-remote and clone operations

**User Experience:**
- Deployment logs now show exact commit SHA being deployed
- More accurate debugging information for deployment issues

Co-Authored-By: Claude <noreply@anthropic.com>

app/Jobs/ApplicationDeploymentJob.php

@@ -1927,7 +1927,7 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue
     {
         $importCommands = $this->generate_git_import_commands();
         $this->application_deployment_queue->addLogEntry("\n----------------------------------------");
-        $this->application_deployment_queue->addLogEntry("Importing {$this->customRepository}:{$this->application->git_branch} (commit sha {$this->application->git_commit_sha}) to {$this->basedir}.");
+        $this->application_deployment_queue->addLogEntry("Importing {$this->customRepository}:{$this->application->git_branch} (commit sha {$this->commit}) to {$this->basedir}.");
         if ($this->pull_request_id !== 0) {
             $this->application_deployment_queue->addLogEntry("Checking out tag pull/{$this->pull_request_id}/head.");
         }