Add secret scanning REST API functions (alerts and locations) [Changelog 2021-12-01]

[MariusStorhaug]

Summary

Secret scanning has no coverage in this module — there is no SecretScanning command category under src/functions/public/. The secret scanning REST API lets you list and update alerts and enumerate the locations where a detected secret appears, which is key for remediation automation.

Changelog reference

• 2021-12-01 — Secret scanning REST API now surfaces locations: REST API endpoint to retrieve commit details and locations of secrets detected in repository scans (builds on the secret scanning alerts API).

Desired capability

Add functions for the secret scanning REST API:

• Get-GitHubSecretScanningAlert — list/get alerts for a repo, org, or enterprise, with filters (state, secret type, resolution).
• Set-GitHubSecretScanningAlert — update alert state (open/resolved) with resolution reason/comment.
• Get-GitHubSecretScanningAlertLocation — list the locations (commits/paths) where a secret was detected.

Acceptance criteria

• Functions use Invoke-GitHubAPI and the active GitHubContext; pagination handled.
• Typed alert/location objects with default formats.
• Org- and enterprise-level listing supported in addition to repo-level.
• Integration tests against an owned repo with secret scanning enabled (skipped gracefully when unavailable).

Notes

• Requires secret_scanning_alerts read/write (or repo) scope; enterprise endpoints require enterprise admin access.