Secret Detection should scan all MR commits

Proposal

When run in a pipeline relating to an open MR, Secret Detection should use Gitleaks args --from-commit and --to-commit to scan all the commits since the first parent shared with the default branch. This will improve the visibility of secrets at MR review, before they are merged to main.