redact/secret

secret hides a value inside a closure so that string.inspect, echo, and io.debug do not expose our secret

Avoid mistakes such as https://www.bleepingcomputer.com/news/security/proton-fixes-authenticator-bug-leaking-totp-secrets-in-logs/

pub opaque type Secret(kind)

pub fn expose(secret: Secret(kind)) -> kind

pub fn new(x: kind) -> Secret(kind)