Add detail of potential secrets in client-side token warnings
Problem
When someone gets a client-side warning about a potential secret in their text, they don't know what the potential secret is. This means they have to go figure out what we matched on, which may not be obvious if they don't even know what type of token it is, or what that token type looks like.
Proposal
- Include the potential secrets in the warning dialog.
- Truncate if necessary, for example if the values are too long or there are too many.
- Identify the type of secret in the text as well, for example, "Potential GitLab Access Token" rather than a generic "potential secret".
Note: Keep in mind that we do want to ultimately align client-side warnings with server-side logic (#405147).