Mask sensitive or secure fields in imperative logs redacted by default

[MarkAckert]

Currently, if a command line tool built on imperative passes sensitive or secure fields via the command-line and an error occurs, the fields are repeated verbatim in the log files. In the interest of privacy and data minimization, we should redact at minimum the password field from log files, and optionally any field defined as secure through profiles. Users should be able to disable this behavior by enabling TRACE logs or by setting another documented variable.

Example of the behavior today, using Zowe:

Running: zowe zosmf check status --host a.b.c.d --port 10443 --user itsme --pass mysecret --fakeparam forceError

Creates the following in imperative.log:

[ERROR] [CommandProcessor.js:700] Diagnostic information:
Platform: 'darwin', Architecture: 'x64', Process.argv: '/usr/local/bin/node /usr/local/bin/zowe zosmf check status --host a.b.c.d --port 10443 --user itsme --pass mysecret --fakeparam forceError'
...
...
[INFO] [CommandProcessor.js:684] Command "zowe zosmf check status --host a.b.c.d --port 10443 --user itsme --pass mysecret --fakeparam forceError" completed with success flag: "false"
[2022/05/06 15:43:19.616] [DEBUG] [YargsConfigurer.js:173] Finished invoking the 'FailedCommand' handler

This should instead result in a log statement more like:

[INFO] [CommandProcessor.js:684] Command "zowe zosmf check status --host a.b.c.d --port 10443 --user itsme --pass ***** --fakeparam forceError" completed with success flag: "false"

or

[INFO] [CommandProcessor.js:684] Command "zowe zosmf check status --host a.b.c.d --port 10443 --user ***** --pass ***** --fakeparam forceError" completed with success flag: "false"