feat: introduce `CanBeMasked`, `SecurityStringer` type for sensitive data handling

[saitofun]

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

To enhance security, we should introduce a mechanism to automatically mask or redact sensitive fields (e.g., credentials, tokens, or PII) during logging and serialization.

eg:

type SecurityStriner interface{
	SecurityString() string
}
type Password string

func (Password) SecurityString() string {
	return "--masked--"
}

// in zap library
func SecurityString(key string) Field{
	return String(key, "--masked--"
}

func Any(key string, v any) Field {
	if key == "passowrd" || key == "passwd" { // ... or other sensitive key
		return zap.String(key, "--masked--")
	}

	swtich v.(type) {
	//...
	case SecurityStringer:
		return zap.String(key, "--masked--")
	//...
	}
}

Describe alternatives you've considered
Security

Is this a breaking change?
No

Additional context
No

[sywhang]

thanks @saitofun for posting this issue. my hope is #1534 is something that could help you write a zapcore that'll redact fields. Let me know what you think