LoggingMiddleware logs raw CloudKit auth headers at debug level

[leogdion]

Source: Code review on PR #298 (v1.0.0-beta.1)

In Sources/MistKit/OpenAPI/Middleware/LoggingMiddleware.swift at line 60:

logger.debug("   Headers: \(request.headerFields)")

When the logger is at `.debug`, this dumps every request header verbatim — including the CloudKit authentication headers that prove our identity:

• `X-Apple-CloudKit-Request-KeyID`
• `X-Apple-CloudKit-Request-ISO8601Date`
• `X-Apple-CloudKit-Request-SignedPayload` (or whatever the current header name is)
• `Authorization` (if any path uses it)

The rest of MistKit goes through `SecureLogging` to redact secrets — this middleware path bypasses that entirely.

The CLAUDE.md guidance for this package even says explicitly:

Sensitive data (tokens, raw bodies) appears only at `.debug`; control exposure via `logLevel`.

That works as a policy if the user knows they're trading secrecy for visibility. But a request signature header isn't a secret the user typically expects to see in logs — and once it's in a log file, it survives in CI logs, log aggregators, support tickets, etc.

Suggested fix

Filter or redact known-sensitive headers before logging:

```swift
let safeHeaders = request.headerFields.filter { header in
!header.name.rawName.hasPrefix("X-Apple-CloudKit-Request")
&& header.name != .authorization
}
logger.debug(" Headers: \(safeHeaders) (signature/auth headers redacted)")
```

Or route through the existing `SecureLogging` helper so we have one place that defines what's sensitive.

[leogdion]

Closing as not planned. Auth headers at .debug level is acceptable given the existing logging contract: sensitive data appears only at .debug, and the README documents that consumers control exposure via logLevel. Neither an inline filter nor a SecureLogging helper is warranted.