Redact protected config values in argv logs

[AI-DEV-BOT]

Summary

• redact protected config values such as nerfed registry auth tokens when logging cooked argv
• use the same argv cleaner for command args included in error details
• share the existing protected config key logic with the config command
• add regression coverage for protected config values passed on the command line and in command-error args

Testing

• node node_modules\tap\bin\run.js --no-coverage test\lib\cli\entry.js test\lib\commands\config.js test\lib\utils\error-message.js
• node node_modules\eslint\bin\eslint.js lib\npm.js lib\commands\config.js lib\utils\protected-config.js lib\utils\clean-argv.js lib\utils\error-message.js test\lib\cli\entry.js test\lib\utils\error-message.js
• git diff --check -- lib\npm.js lib\commands\config.js lib\utils\protected-config.js lib\utils\clean-argv.js lib\utils\error-message.js test\lib\cli\entry.js test\lib\utils\error-message.js tap-snapshots\test\lib\utils\error-message.js.test.cjs

[owlstronaut]

could we revert the errror-message.js switch from replaceinfo to cleanargv? er.args is for arbitrary child processes, so applying npm's protected-key list will redact unrelated flags in spawn-error details. That's a regression vs today's url/toke only redaction