Pipeline secret detection docs are vague on what is scanned

Problem to solve

The pipeline secret detection documentation is vague on what is scanned for secrets. This is a problem because users don't know what to expect from pipeline secret detection.

Further details

• 🤔 Consider if including a Git scenario would help the user's understanding.

Proposal

Review the content of the following sections and ensure they are specific about what pipeline secret detection scans for secrets. Also consider changing the order as follows:

• Introduction
• Coverage
  • Full history pipeline secret detection
  • Advanced vulnerability tracking
    • Unsupported workflows
  • Detected secrets

It appears that pipeline secret detection scans a maximum of 50 commits in historic mode. If that's correct then this should be stated in the documentation as it's not currently stated. In general, historic mode should be explained in more detail, including its benefits and how it works.

Who can address the issue

Anyone with sufficient knowledge of pipeline secret detection.

Other links/references