Fix how secureString and secureObject is propagated

[SteveL-MSFT]

PR Summary

In the original code, the intent was to keep secureString and secureObject as objects, but the code incorrectly extracted the contents and didn't keep it marked as secure.

This change keeps the original secureString and secureObject types as objects. Resources may receive these objects and expected to handle them appropriately. When accessed in an expression for secureObject, the properties themselves will be rewrapped as secureString for strings and secureObject for objects, but numbers and booleans aren't secured. Within an array, strings and objects will also be wrapped.

In the case of a secureString or secureObject, the contents will be redacted as <secureValue>. In the case of arrays, individual elements can be redacted. Objects are recursively redacted only affected nested objects that are secureString or secureObject.

For a synthetic test, secure types are skipped for comparison.

If a resource emits a secure type, then use of reference() maintains the wrapper. Only parameters() performs unwrapping while keeping it secure.

The Echo resource now has an optional showSecrets boolean property where if true will emit the sensitive content as plaintext.

PR Context

Fix #1123
Fix #1084

[Copilot]

Pull Request Overview

This PR fixes how secureString and secureObject types are propagated throughout the DSC system. Instead of extracting secure values as plain strings/objects, the code now maintains them as wrapped secure types and properly redacts sensitive information in outputs.

• Restructured SecureString and SecureObject to be proper wrapper objects instead of raw values
• Added redaction functionality to replace secure values with <secureValue> placeholder text in outputs
• Introduced showSecrets property to Echo resource for controlled disclosure of sensitive content

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
dscecho/src/main.rs	Added secure value redaction logic and showSecrets handling
dscecho/src/echo.rs	Restructured secure types as wrapper objects and added showSecrets property
dsc_lib/src/parser/expressions.rs	Enhanced expression parsing to handle secure types and convert values appropriately
dsc_lib/src/functions/parameters.rs	Updated parameter function to create proper secure wrapper objects
dsc_lib/src/dscresources/dscresource.rs	Added redaction function and secure value handling in test operations
dsc_lib/src/dscresources/command_resource.rs	Integrated redaction in test invoke operations
dsc_lib/src/configure/parameters.rs	Added SecureString/SecureObject structs and secure value detection
dsc_lib/locales/en-us.toml	Added localization for secure function result messages
dsc/tests/dsc_parameters.tests.ps1	Updated tests to verify redaction behavior
dsc/tests/dsc_extension_secret.tests.ps1	Updated test to use showSecrets property
dsc/examples/secure_parameters_shown.parameters.yaml	Added example with showSecrets enabled
dsc/examples/secure_parameters.dsc.yaml	Added showSecrets parameter to configuration

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[tgauth]

LGTM