Censor credentials possibly present in Git remote URIs when pulls fail because of a URI mismatch

Summary: Fixes T12945.

Test Plan:
Mostly faked this, got a censored error:

```
$ ./bin/repository update R38
[2017-07-31 19:40:13] EXCEPTION: (Exception) Working copy at "/Users/epriestley/dev/core/repo/local/38/" has a mismatched origin URI, "https://********@example.com/". The expected origin URI is "https://github.com/phacility/libphutil.git". Fix your configuration, or set the remote URI correctly. To avoid breaking anything, Phabricator will not automatically fix this. at [<phabricator>/src/applications/repository/engine/PhabricatorRepositoryEngine.php:186]
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12945

Differential Revision: https://secure.phabricator.com/D18304

src/applications/repository/engine/PhabricatorRepositoryEngine.php

@@ -135,6 +135,11 @@ abstract class PhabricatorRepositoryEngine extends Phobject {
       $exists = true;
     }
 
+    // These URIs may have plaintext HTTP credentials. If they do, censor
+    // them for display. See T12945.
+    $display_remote = phutil_censor_credentials($remote_uri);
+    $display_expect = phutil_censor_credentials($expect_remote);
+
     if (!$valid) {
       if (!$exists) {
         // If there's no "origin" remote, just create it regardless of how
@@ -172,8 +177,8 @@ abstract class PhabricatorRepositoryEngine extends Phobject {
             'set the remote URI correctly. To avoid breaking anything, '.
             'Phabricator will not automatically fix this.',
             $repository->getLocalPath(),
-            $remote_uri,
+            $display_remote,
-            $expect_remote);
+            $display_expect);
           throw new Exception($message);
         }
       }