fix: update TruffleHog configuration to handle different workflow triggers

- Fix "BASE and HEAD commits are the same" error when running on main branch
- Configure dynamic base/head selection based on workflow trigger type:
  - Pull requests: Compare PR head against PR base
  - Push events: Compare new commits against previous state
  - Scheduled runs: Scan entire history

Author: Umutcan ÖNER

.github/workflows/security.yml

@@ -128,8 +128,8 @@ jobs:
         uses: trufflesecurity/trufflehog@v3.63.7
         with:
           path: ./                                         # Scan entire repository
-          base: ${{ github.event.repository.default_branch }}  # Compare against default branch
-          head: HEAD                                       # Current commit
+          base: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || (github.event_name == 'push' && github.event.before || '') }}
+          head: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || (github.event_name == 'push' && github.event.after || 'HEAD') }}
           extra_args: --only-verified                      # Only report verified secrets