Fix log injection sanitization: regex variable, missing using, int? type error, nullable query

[Copilot]

Prior log-injection fix had several issues preventing correct compilation and safe behavior: Regex was used without importing System.Text.RegularExpressions, the regex pattern was duplicated inline across ~15 call sites, ownerId (int?) was incorrectly passed to Regex.Replace, and nullable query would throw at runtime.

Changes

• Added using System.Text.RegularExpressions to PackageService.cs and PackagesController.cs
• Extracted shared regex pattern into a _sanitize_regex field on each class, replacing all inline @"[^\x20-\x7e]+" literals
• Fixed ownerId type error — int? logged directly; no sanitization needed for numeric values
• Fixed nullable query — uses query ?? string.Empty before passing to Regex.Replace

// Before: scattered inline literals, wouldn't compile, throws on null/int?
_logger.LogWarning("...", Regex.Replace(ownerId, @"[^\x20-\x7e]+", ""), ...);
_logger.LogError(ex, "... '{Query}'", Regex.Replace(query, @"[^\x20-\x7e]+", ""));

// After
private readonly string _sanitize_regex = @"[^\x20-\x7e]+";
_logger.LogWarning("...", ownerId, Regex.Replace(PurrConfig.Name, _sanitize_regex, ""));
_logger.LogError(ex, "... '{Query}'", Regex.Replace(query ?? string.Empty, _sanitize_regex, ""));

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.