Support title and remediation text in secret detection custom rules

Problem to solve

In https://gitlab.com/gitlab-org/gitlab/-/issues/505757+s the Secret Detection Analyzer was updated to add title and remediation text from the SD rules to the gl-secrets-report.json.

These new fields, title and remediation, are not supported in custom rulesets. For example, if a customer defines the custom ruleset

title = "extension of gitlab's default gitleaks config"

[extend]
### Extends default packaged path
path = "/gitleaks.toml"

[[rules]]
title = "This is the testing title"
description = "This is the testing description"
remediation = "This is the testing remediation"
id = "testing123"
keywords = ["testing"]
regex = '''testing-key-[1-9]{3}'''

The custom rule's title and remediation fields will be ignored.

Furthermore, if a customer defines a path to extend that does not match the default gitleaks path, any title or remediation text from that file will also be ignored.

Implementation Plan

Update analyzer to allow for title and remediation fields in custom rules - gitlab-org/security-products/analyzers/secrets!352 (merged)
Update documentation to describe the new, optional fields - Add documentation for custom Secret Detection r... (!179796 - merged) • Craig Smith • 17.9

Edited Feb 10, 2025 by Craig Smith