Enhance DockerReferenceUtility to handle invalid characters

[jpinz]

This pull request enhances the robustness and clarity of Docker image reference parsing by improving detection and handling of unresolved template tokens and invalid characters. It introduces stricter validation, ensures that all skipped or invalid references are logged as warnings, and expands test coverage for these scenarios.

Parsing and Validation Improvements:

• Added support for recognizing tokens wrapped in matching # or ! (e.g., #imageTag#, !imageTag!) as unresolved template variables, ensuring these are skipped rather than misreported as invalid references [1] [2].
• Introduced a ValidReferenceChars set and a new GetInvalidReferenceCharacters helper to detect and report any characters not allowed by the Docker reference grammar, such as stray # or ! not in a template token [1] [2].
• Updated TryParseImageReference to log a warning and return null for references with unresolved variables or invalid characters, making failures more visible in logs [1] [2].

Testing Enhancements:

• Expanded unit tests to cover the new template token formats (#...#, !...!) and to verify that warnings are logged for all skipped or invalid references, including those with stray invalid characters [1] [2] [3].

These changes make Docker reference parsing more predictable and debuggable, especially when dealing with templated or malformed references.

[Copilot]

Pull request overview

This pull request improves Docker image reference handling in DockerReferenceUtility by treating additional templating-token forms as “unresolved” (so they’re skipped) and by pre-validating references for clearly invalid characters, with consistent warning logs to aid troubleshooting.

Changes:

• Recognize #token# and !token! patterns as unresolved template tokens when parsing Docker image references.
• Add a fast invalid-character pre-check (ValidReferenceChars + GetInvalidReferenceCharacters) and log warnings for skipped/invalid references.
• Expand unit tests to cover the new templating-token formats and to assert warnings are emitted for skipped/invalid references.

Show a summary per file

File	Description
src/Microsoft.ComponentDetection.Common/DockerReference/DockerReferenceUtility.cs	Adds additional templating-token detection, invalid-character detection, and warning logging to make parsing failures more diagnosable.
test/Microsoft.ComponentDetection.Common.Tests/DockerReferenceUtilityTests.cs	Adds/updates tests for #...# / !...! token handling and warning logging behavior.

Copilot's findings

• Files reviewed: 2/2 changed files
• Comments generated: 2

[Copilot]

Copilot's findings

• Files reviewed: 2/2 changed files
• Comments generated: 1

[Copilot]

Copilot's findings

• Files reviewed: 2/2 changed files
• Comments generated: 1

[github-actions]

👋 Hi! It looks like you modified some files in the Detectors folder.
You may need to bump the detector versions if any of the following scenarios apply:

• The detector detects more or fewer components than before
• The detector generates different parent/child graph relationships than before
• The detector generates different devDependencies values than before

If none of the above scenarios apply, feel free to ignore this comment 🙂