Update secret-scan (#170)

* Update secret-scan

Pull the release and tag dynamically, n-1 from the latest release

* fix github output

Author: geoffg-sentry

.github/workflows/secret-scan.yml

@@ -23,8 +23,8 @@ jobs:
         #   echo "latest_tag_name=$LATEST_TAG_NAME" >> "$GITHUB_OUTPUT"
         #   echo "latest_release=$LATEST_RELEASE" >> "$GITHUB_OUTPUT"
         run: |
-          echo "latest_tag_name=v3.89.2" >> "$GITHUB_OUTPUT"
-          echo "latest_release=3.89.2" >> "$GITHUB_OUTPUT"
+          echo "latest_tag_name=$(curl -s https://api.github.com/repos/trufflesecurity/trufflehog/releases | jq -r '.[1].tag_name')" >> "$GITHUB_OUTPUT"
+          echo "latest_release=$(curl -s https://api.github.com/repos/trufflesecurity/trufflehog/releases | jq -r '.[1].tag_name | ltrimstr("v")')" >> "$GITHUB_OUTPUT"
       - name: Download and verify TruffleHog release
         run: |
           curl -sLO https://github.com/trufflesecurity/trufflehog/releases/download/${{ steps.trufflehog_release.outputs.latest_tag_name }}/trufflehog_${{ steps.trufflehog_release.outputs.latest_release }}_checksums.txt