fix(secret): ignore .dist-info directories during secret scanning (#8646)

Co-authored-by: DmitriyLewen <[email protected]>

Author: ATIC-Yugandhar

pkg/fanal/secret/builtin-allow-rules.go

@@ -1,6 +1,13 @@
 package secret
 
 var builtinAllowRules = []AllowRule{
+	{
+		// `.dist-info` dir contains only metadata files such as version, license, and entry points.
+		// cf. https://github.com/aquasecurity/trivy/issues/8212
+		ID:          "dist-info",
+		Description: "Ignore Python .dist-info metadata directories",
+		Path:        MustCompile(`\.dist-info\/`),
+	},
 	{
 		ID:          "tests",
 		Description: "Avoid test files and paths",