Add SecretMarkingProvider for post-hoc secret marking

[gautamrajur]

I'd like to propose adding SecretMarkingProvider - a wrapper provider that marks configuration values as secrets based on key patterns.

Use case

When integrating with external configuration sources (environment variables, third-party providers) that don't properly identify sensitive data, users need a way to retroactively mark values as secrets.

Current workaround

Implement a custom provider wrapper manually, duplicating boilerplate code.

Proposed solution

A new SecretMarkingProvider<Upstream> wrapper that:

• Wraps any existing ConfigProvider
• Marks values as secrets when keys match a user-provided predicate
• Preserves existing secret status (never removes isSecret flag)

let envProvider = EnvironmentVariablesProvider()
let secretMarkedProvider = envProvider.markSecrets { key in
    key.description.contains("password")
}

I have a working implementation and proposal (SCO-0004) ready for review.

Implementation branch: https://github.com/gautamrajur/swift-configuration/tree/feature/secret-marking-provider

[czechboy0]

Hi @gautamrajur,

this is a good idea. Could this provider potentially accept the existing SecretsSpecifier, so that things compose better?

[czechboy0]

If you have a proposal ready, please open a PR and I can provide some early feedback, and then I'll kick off the official review

[gautamrajur]

Thanks @czechboy0! Good call on SecretsSpecifier - makes sense to reuse that instead of a custom closure. I'll refactor to use SecretsSpecifier<AbsoluteConfigKey, ConfigValue>.

PR is up at #132.