feat(gitlab): verify self-hosted tokens in scanner

[frjcomp]

No description provided.

[Copilot]

Pull request overview

This PR adds a custom GitLab token detector that can verify GitLab tokens against a user-supplied/self-hosted GitLab instance URL, and wires that URL into GitLab scan commands so verification can be performed against non-gitlab.com targets.

Changes:

• Add GitLabURLDetector that detects multiple GitLab token types and (optionally) verifies API-capable tokens against a configured GitLab base URL.
• Integrate the custom detector into the scanner engine alongside default TruffleHog detectors.
• Propagate the configured GitLab URL from gl scan and gluna scan commands into the detector, and tidy minor docs formatting.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
pkg/scanner/engine/engine.go	Runs the new GitLab URL-aware detector in the TruffleHog detection phase.
pkg/scanner/engine/engine_test.go	Adds engine-level tests asserting the custom detector is active and detects GitLab token formats.
pkg/scanner/detectors/gitlab_url_detector.go	Introduces the URL-aware GitLab token detector with optional self-hosted verification.
pkg/scanner/detectors/gitlab_url_detector_test.go	Adds unit tests for detection behavior and URL setter/getter helpers.
internal/cmd/gitlab/scan/scan.go	Sets the GitLab instance URL for self-hosted verification during authenticated scans.
internal/cmd/gitlab/scanpublic/scan_public.go	Sets the GitLab instance URL for self-hosted verification during unauthenticated/public scans.
docs/introduction/secrets_verification.md	Removes extra blank lines in the custom rules section.