Secure value censorship refactor

[awharn]

What It Does

Refactors LoggerUtils into a new Censor class to globally use the same list of censored options, and intelligently add options to censor on the fly. Also removes duplication (and deprecates functions) to the old utilities. Points old utilities to use the new utility when possible.

Fixes #2430

How to Test

Make configuration file modifications, adding various properties to the config's secure array.
Any property that is added to the secure array should be hidden when running any Zowe CLI command with --show-inputs-only.

Additionally, run commands with ZOWE_APP_LOG_LEVEL=info and ZOWE_IMPERATIVE_LOG_LEVEL=info environment variables, and view the logs. Any secure property should be hidden in the logs, even if passed in on the command line.

To test the #2430 fix, set ZOWE_SHOW_SECURE_ARGS to true, and run a command with --show-inputs-only. Observe secure values are not masked.

Review Checklist
I certify that I have:

• tested my changes
• added/updated automated tests
• updated the changelog
• followed the contribution guidelines

Additional Comments

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.49%. Comparing base (1626aa7) to head (94364f5).
Report is 26 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2424      +/-   ##
==========================================
+ Coverage   91.41%   91.49%   +0.07%     
==========================================
  Files         639      641       +2     
  Lines       18267    18358      +91     
  Branches     3843     3978     +135     
==========================================
+ Hits        16699    16796      +97     
+ Misses       1566     1560       -6     
  Partials        2        2              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

📅 Suggested merge-by date: 2/20/2025

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
5 Accepted issues

Measures
0 Security Hotspots
91.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[anaxceron]

Left some comments re: minor edits for changelog

[anaxceron]

thanks for the changelog update, @awharn, everything looks good

[pjfarleyiii]

Question from a CLI user: Will this resolve the non-printing of secure user and password values in the output from zowe config list? And if yes, will a new release be posted to the npm registry so that ordinary users can get back the ability to see secure values when really needed?

[adam-wolfe]

Question from a CLI user: Will this resolve the non-printing of secure user and password values in the output from zowe config list? And if yes, will a new release be posted to the npm registry so that ordinary users can get back the ability to see secure values when really needed?

That was not the intention with this PR, which was mainly to clean up how we determine what should be considered to be a secure property.

However, it's something we should consider (for a future PR). We'll take another look at #2259.

[traeok]

Thanks for all your work on this Andrew! I see there was quite a bit of refactoring done to keep our behavior consistent - its much appreciated 🙏 I had a couple comments from the code review, but wanted to post those ahead of time before continuing with manual testing.

[github-actions]

Reminder: This pull request has a merge-by date coming up within the next 24 hours. Please review this PR as soon as possible.

@t1m0thyj @gejohnston @zFernand0 @pujal0909 @jace-roell @ATorrise

[traeok]

LGTM, thanks Andrew!

[t1m0thyj]

LGTM, thanks @awharn!