[fix] relax @CompileTimeConstant requirement on SafeArg key

[iamdanfox]

Motivation

In 1.8.0 we started requiring SafeArg.of(key, value) to have a compile time constant key. The intention was to prevent people wrapping unknown key-value pairs as SafeArgs, which would make it harder to CR and spot potential data leaks.

Since merging this, we've had a lot of complaints - particularly because it is impossible to suppress the CompileTimeStatic check. This has caused problems for anyone who was dynamically constructing args, leading them to choose one of the following approaches:

1. just stop taking upgrades
2. add a line to versions.props to force safe-logging down to <1.8.0
3. obfuscate their codebase with a subclassed Arg hack:

    /**
     * Like {@link SafeArg}, but works around strict {@link com.google.errorprone.annotations.CompileTimeConstant}
     * argument name restrictions.
     */
    private static final class DynamicSafeArg<T> extends Arg<T> {
        DynamicSafeArg(String name, @Nullable T value) {
            super(name, value);
        }
        @Override
        public boolean isSafeForLogging() {
            return true;
        }
    }

As far as we can tell, this annotation hasn't actually motivated people to replace dynamic usages with non-dynamic usages.

Proposal

Google's error-prone maintainers carefully weigh the cost-benefit of introducing a new check vs the false positives and friction it causes. In this case, I think the friction outweighs the potential upside.

I'd propose turning this into a regular error-prone check, as part of baseline. This would ensure that at the time new code is being written, people will get a warning if they dynamically construct SafeArgs and have to either rethink their approach or justify their suppression of this check.