Sanitize network errors

[chrmarti]

No description provided.

[Copilot]

Pull request overview

Adds a targeted sanitizer for network-related error strings to reduce leaking hostnames/IPs/credentials into telemetry, and applies it to fetcher telemetry probe error reporting in the Copilot extension.

Changes:

• Added sanitizeNetworkErrorForTelemetry() in the shared log service to redact proxy credentials/hosts, URL credentials, IPv4s, and FQDNs.
• Added a Vitest suite covering common proxy/URL/IP/FQDN sanitization cases.
• Updated fetcher telemetry probe error collection to sanitize error details before sending/recording.

Show a summary per file

File	Description
extensions/copilot/src/platform/log/common/logService.ts	Introduces sanitizeNetworkErrorForTelemetry() used to redact network identifiers in telemetry strings.
extensions/copilot/src/extension/log/vscode-node/test/sanitizeNetworkError.spec.ts	Adds unit tests validating the sanitization behavior for proxy/URL/IP/FQDN patterns.
extensions/copilot/src/extension/log/vscode-node/loggingActions.ts	Uses the new sanitizer for fetcher telemetry probe error strings.

Copilot's findings

Comments suppressed due to low confidence (1)

extensions/copilot/src/platform/log/common/logService.ts:420

• This sanitizer claims to scrub IP addresses, but it only replaces IPv4 dotted quads. IPv6 addresses (e.g. 2001:db8::1, [2001:db8::1]:443, or NAT64 forms) will be left intact and can still contain sensitive network info in telemetry. Consider adding an IPv6 replacement (and corresponding tests) or explicitly documenting that IPv6 is not sanitized.

	// Replace IPv4 addresses, preserving the port if present
	message = message.replace(/\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/g, '<ip>');
	// Replace FQDNs (at least one dot, TLD of 2+ alpha chars), preserving the port if present
	message = message.replace(/\b([a-zA-Z0-9][-a-zA-Z0-9]*\.)+[a-zA-Z]{2,}\b/g, '<host>');

• Files reviewed: 3/3 changed files
• Comments generated: 3