Enhance secret scanning API calls to return more data

[felickz]

Newly Added Fields (All Scopes)

• updated_at - Timestamp when alert was last updated
• resolution_comment - Comment provided when resolving the alert
• validity - Validation status of the secret (active, inactive, unknown)
• publicly_leaked - Whether the secret was publicly leaked (boolean)
• multi_repo - Whether the secret appears in multiple repositories (boolean)
• is_base64_encoded - Whether the secret is base64 encoded (boolean)
• first_location_path - File path where secret was detected (with fallbacks to PR/issue/discussion URLs)
• first_location_start_line - Line number where secret starts
• first_location_commit_sha - Commit SHA where secret was first detected
• push_protection_bypassed - Whether push protection was bypassed (boolean)
• push_protection_bypassed_by - Username who bypassed push protection
• push_protection_bypassed_at - Timestamp when push protection was bypassed
• push_protection_bypass_request_reviewer - Reviewer of the bypass request
• push_protection_bypass_request_reviewer_comment - Reviewer's comment on bypass request
• push_protection_bypass_request_comment - Comment on the bypass request
• push_protection_bypass_request_html_url - URL to the bypass request
• assigned_to - Username of person assigned to the alert

Technical Enhancements

• hide_secret=true parameter - Added to all API calls to prevent exposure of secret values in responses (pulled from Remove secrets in secret scanning API calls #85 )
• Improved deduplication logic - Uses composite keys to prevent false duplicates:
  • Repository scope: alert_number
  • Organization scope: (repo_full_name, alert_number)
  • Enterprise scope: (org_login, repo_name, alert_number)
• Location fallback chain - first_location_path now cascades through: path → pull_request_body_url → issue_body_url → discussion_body_url