fix: regenerate secrets baseline

[bakerboy448]

Summary

• Regenerated .secrets.baseline with all 27 detect-secrets plugins
• Previous baseline had empty plugins_used and 0 results (corrupt)
• New baseline correctly detects 6 placeholder/template secret keywords in README.md, config_template.json, and systemd/install.sh

Test plan

• Verified baseline parses as valid JSON
• Confirmed 27 plugins loaded
• Confirmed 6 detected results are all template placeholders, no real secrets

Summary by CodeRabbit

• Chores
  • Updated secrets detection baseline configuration from version 1.4.0 to 1.5.0
  • Enhanced detector plugins with expanded coverage including entropy, token, key, and credential detection capabilities
  • Improved filtering mechanisms with multiple heuristic filters for refined detection accuracy
  • Added timestamp tracking for baseline generation

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 8fd7f48d-c923-4e20-a89f-97808367f6d7

📥 Commits

Reviewing files that changed from the base of the PR and between 6690b0a and 15f7f0b.

📒 Files selected for processing (1)

• .secrets.baseline

---

Walkthrough

The .secrets.baseline file has been updated with schema version 1.5.0, now including a fully populated plugins_used list containing multiple secret detectors, a filters_used set with detection filters, results from scanning three files with identified Secret Keyword findings, and a generated_at timestamp.

Changes

Cohort / File(s)	Summary
Secrets Baseline Configuration .secrets.baseline	Updated schema version to 1.5.0; added plugins_used list with entropy, token, key, and credential detectors and their configurations; populated filters_used set with allowlisting, verification, and heuristic filters; added results containing Secret Keyword findings from README.md, config_template.json, and systemd/install.sh with hashed values and verification flags; added generated_at timestamp.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: regenerate secrets baseline' directly and clearly describes the main change—regenerating the corrupted secrets baseline file with proper plugin configuration and results.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/regenerate-secrets-baseline

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}