This PR updates the code that detects the encoding of XML files so that
it correctly detects the `encoding=` attribute if there is also a
`standalone=` directive. Previously we only supported XML directives of
the form:

```xml
<?xml version="1.x" encoding="xxx"?>
```

However the XML declaration may also contain a `standalone=` attribute.
If present we previously failed to detect the encoding attribute, but
now we also support XML directives of the form:
```xml
<?xml version="1.x" encoding="xxx" standalone="yes"?>
```

What does this PR do?

- Adds a secure password prompt feature to the CLI, making user input
hidden (echo off) when entering passwords.
- Updated the README with usage instructions and a demo GIF for the new
password prompt.
- Introduces tests for validation password prompt behavior.

This is a small PR intended to remove some warnings when running tests:
Pytest scans classes named `Test*` for tests to run, and logs a warning
because it can't find any tests in the `TestApp` class.

This PR updates the type hints on the `Prompts` interface:

- No more `Any` (which is never checked), instead generic type arguments
are used.
- The interface for `choice()` now specifies that the choices must be
strings; the internal implementation assumed this anyway.
- Read-only (collection) types are used instead of `dict[]` and
`list[]`, indicating the arguments are not modified.

In addition, we now use (and allow) precompiled regexes for the
`valid_regex` argument on `Prompt.question()`.

These changes are backwards compatible at runtime, and mostly backwards
compatible for type-checking. The exception is the change to
`Prompt.choice()`: if the `choices` argument was not known to be a
sequence of strings, a type checker must now be able to infer this.

CI Fixes

* Added Password Prompt to operate with echo off in terminal
([#265](#265)). The
command-line interface now includes a secure password prompt feature,
allowing users to enter sensitive information without it being visible
on the screen. This is achieved through a new method that utilizes the
`getpass` library to hide user input when entering passwords, taking a
prompt message and an optional maximum number of attempts as parameters.
The method repeatedly prompts the user for a password until a valid
input is provided or the maximum number of attempts is reached, at which
point it raises a `ValueError`. This addition enhances the security and
usability of the interface, and its functionality is validated through
new test methods that cover both successful password entry and the
scenario where the maximum number of attempts is exceeded, ensuring the
feature behaves as expected in various situations.
* Sniff encoding properly in XML files with a standalone directive
([#256](#256)). The
XML file encoding detection has been improved to support a wider range
of valid XML declarations. The regular expression used to match XML
declarations has been updated to correctly handle cases where both
`encoding` and `standalone` attributes are present, such as `<?xml
version="1.x" encoding="xxx" standalone="yes"?>`. This change enables
more accurate detection of the encoding attribute in XML files, even
when a `standalone` directive is present. Additionally, test functions
have been added and modified to verify this functionality, including
tests for XML files with a BOM prefix and those with an XML standalone
declaration, ensuring that the code can correctly read these files and
detect the encoding.