Secret detection for passwords in plaintext/config

Hello,

This is more improvement proposal than an issue. As per https://docs.gitlab.com/user/application_security/secret_detection/detected_secrets/ GitLab can detect API keys, etc, but passing simple files like

config.yaml

...
databases:
  'db1':
    type:       'mysql'
    user:       'mydb_test'
    password:   'SuperSecretPassowordNeedToBeDetected'
    base:       'db'
    host:       'mydb.my.domain'
...

Is there something could be done here?

Cheers, Ihor