feat: Add GitHub two new Secret Scanning API endpoints

[Not-Dhananjay-Mishra]

This PR adds support for two new Secret Scanning API endpoints that are currently missing from the go-github library

Implement

POST /repos/{owner}/{repo}/secret-scanning/push-protection-bypasses
GET /repos/{owner}/{repo}/secret-scanning/scan-history

Changes

• Add CreatePushProtectionBypass method
• Add GetScanHistory method
• Made two new struct for PushProtectionBypasses method - PushProtectionBypassRequest and PushProtectionBypass
• Made three new struct for ScanHistory method - Scan, CustomPatternScan and SecretScanningResponse

Issue - #3686

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.14%. Comparing base (ffc5df8) to head (3ccea73).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3687      +/-   ##
==========================================
+ Coverage   91.12%   91.14%   +0.01%     
==========================================
  Files         187      187              
  Lines       16640    16666      +26     
==========================================
+ Hits        15164    15190      +26     
  Misses       1291     1291              
  Partials      185      185              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Not-Dhananjay-Mishra]

@alexandear Thanks for the suggestions. I have changed the method names. Please let me know if you have any other suggestions.

[gmlewis]

Thank you, @Not-Dhananjay-Mishra.
This is a good start. Please address the findings and then we should be ready for a second LGTM+Approval from any other contributor to this repo before merging.

[Not-Dhananjay-Mishra]

Thanks @gmlewis for the feedback! I have fixed all the findings. Sorry for the extra back and forth code review.

[gmlewis]

Thank you, @Not-Dhananjay-Mishra!
LGTM.
Awaiting second LGTM+Approval from any other contributor to this repo before merging.

[gmlewis]

Just FYI - suddenly I have lost write access to this repo, like in #3689... so I can no longer approve the workflows and need to find out what is going on... this may take some time to resolve... I apologize for the inconvenience.

[gmlewis]

@alexandear - do you now approve this PR for merging?

[alexandear]

We should be consistent with the rest code in the file:

Suggested change

	var responsePushProtectionBypass *PushProtectionBypass
	resp, err := s.client.Do(ctx, req, &responsePushProtectionBypass)
	if err != nil {
	return nil, resp, err
	}
	return responsePushProtectionBypass, resp, nil
	var pushProtectionBypass *PushProtectionBypass
	resp, err := s.client.Do(ctx, req, &pushProtectionBypass)
	if err != nil {
	return nil, resp, err
	}
	return pushProtectionBypass, resp, nil

[alexandear]

Could we enhance the comment from GitHub's docs?

Suggested change

	// Reason provides a justification for the push protection bypass.
	// The reason for bypassing push protection.
	// Can be one of: false_positive, used_in_tests, will_fix_later

[alexandear]

Maybe better:

Suggested change

	type SecretScanningHistory struct {
	type SecretScanningScanHistory struct {

[alexandear]

Suggested change

	type CustomPatternScan struct {
	type CustomPatternBackfillScan struct {

[alexandear]

Can you check whether the GitHub API returns pattern_slug or pattern_name?

The documentation is confusing:

The information in the example and the response differs.

[Not-Dhananjay-Mishra]

it return pattern_slug

[alexandear]

Could we think of better names for these variables?

[Not-Dhananjay-Mishra]

incrementalScanStartAt := Timestamp{time.Date(2025, time.July, 29, 9, 55, 0, 0, time.UTC)} incrementalScancompleteAt := Timestamp{time.Date(2025, time.July, 29, 10, 0, 0, 0, time.UTC)} customPatternBackfillScanStartedAt := Timestamp{time.Date(2025, time.July, 29, 9, 0, 0, 0, time.UTC)}
What do you think of these?