Shred CredentialPayload upon approval/rejection (#24884)
* Zero LibGit2 credential payload in approve/reject
Previously running securezero! on credentials in the
reject(::CredentialCache, ...) results in the credentials being wiped
before reject(::GitConfig, ...) was run.
* Always return payload from credential_loop
* Add additional shred tests
Note I switched the credential_loop to have a shred keyword as it seems
best to default have the function use the same default as the standard
LibGit2 credential loop.
* challenge_prompt shows process output on ProcessError
* Display message about expected warning
* Code formatting fixes
