Secret Scanner is notfailing/warning on exposed Secrets.

[lucas-zimerman]

Environment

Sentry Capacitor, using the latest version of Sentry Secrets on each run.

Steps to Reproduce

getsentry/sentry-capacitor#688
On this test PR, I added some secrets for testing the Secret Scanner integration, but it seems like it didn't fail nor trigger to anything (I also included the sample code used on the docs for triggering it).

Expected Result

A warning message or a failed action if secrets were found.

Actual Result

Test passed

Run if [ -e .secret_scan_ignore ]; then
🐷🔑🐷  TruffleHog. Unearth your secrets. 🐷🔑🐷

2024-07-10T15:34:44Z	info-0	trufflehog	running source	{"source_manager_worker_id": "3aoRY", "with_units": true}
2024-07-10T15:34:44Z	info-0	trufflehog	scanning repo	{"source_manager_worker_id": "3aoRY", "unit": ".", "unit_kind": "dir", "repo": "https://github.com/getsentry/sentry-capacitor"}
2024-07-10T15:34:44Z	info-0	trufflehog	finished scanning	{"chunks": 737, "bytes": 2882128, "verified_secrets": 0, "unverified_secrets": 0, "scan_duration": "249.706709ms", "trufflehog_version": "3.79.0"}

[kahest]

@Jeffreyhung @mdtro @hubertdeng123 can you take a look please?

[mdtro]

TruffleHog's support for detecting Sentry tokens isn't great. It particularly does not handle our new formats or the org auth tokens.
https://github.com/trufflesecurity/trufflehog/blob/e5f6c8d87284376abda55eb2c191be4dd141521e/pkg/detectors/sentrytoken/sentrytoken.go#L29

We're working on some contributions to Trufflehog to detect these with more confidence.