Bump Yelp/detect-secrets from 1.4.0 to 1.5.0 (#6)

<!-- markdownlint-disable-file MD041 -->

## Pull request checklist

Please check if your PR fulfills the following requirements:

- [ ] I have read the
[CONTRIBUTING](https://github.com/fabasoad/setup-mark-action/blob/main/CONTRIBUTING.md)
      doc.
- [ ] Tests for the changes have been added (for bug fixes / features).
- [ ] Docs have been reviewed and added / updated if needed (for bug
fixes / features).

## Pull request type

<!-- Please do not submit updates to dependencies unless it fixes an
issue. -->

<!-- Please try to limit your pull request to one type, submit multiple
pull
requests if needed. -->

Please check the type of change your PR introduces:

- [ ] Bugfix
- [ ] Feature
- [ ] Code style update (formatting, renaming)
- [ ] Refactoring (no functional changes, no api changes)
- [ ] Build related changes
- [ ] Documentation content changes
- [ ] Other (please describe):

## What is the current behavior

<!-- Please describe the current behavior that you are modifying, or
link to a
relevant issue. -->

## What is the new behavior

<!-- Please describe the behavior or changes that are being added by
this PR. -->

-
-
-

## Does this introduce a breaking change

- [ ] Yes
- [ ] No

<!-- If this introduces a breaking change, please describe the impact
and
migration path for existing applications below. -->

## Other information

<!-- Any other information that is important to this PR such as
screenshots of
how the component looks before and after the change. -->
<!-- This document was adapted from the open-source
[appium/appium](https://github.com/appium/appium/blob/master/.github/PULL_REQUEST_TEMPLATE.md)
repository. -->

---

Closes #{IssueNumber}

.github/workflows/security.yml

@@ -7,45 +7,10 @@ on: # yamllint disable-line rule:truthy
     branches:
       - main
 
-defaults:
-  run:
-    shell: sh
-
 jobs:
-  code-scanning:
-    name: Code scanning
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v4
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
-        with:
-          languages: "javascript"
-      - name: Perform CodeQL Analysis
-        id: codeql-analysis
-        uses: github/codeql-action/analyze@v3
-      - name: Upload to GHAS
-        if: always()
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          category: "code-scanning"
-          sarif_file: "${{ steps.codeql-analysis.outputs.sarif-output }}"
-  directory-scanning:
-    name: Directory scanning
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v4
-      - name: Scan current project
-        id: scan-directory
-        uses: anchore/scan-action@v3
-        with:
-          by-cve: "true"
-          path: "."
-      - name: Upload to GHAS
-        if: always()
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          category: "directory-scanning"
-          sarif_file: "${{ steps.scan-directory.outputs.sarif }}"
+  sast:
+    name: SAST
+    permissions:
+      contents: read
+      security-events: write
+    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main