chore: add gitguardian precommit checks

[halfwhole]

Problem

Devs like me may accidentally commit and push secrets to GitHub

Solution

Add GitGuardian pre-commit check to detect secrets and stop commits with secrets from being made. Devs are still able to manually override these checks if it's a false positive.

To enable secrets detection, the user must:

• Install ggshield on their local machine (unfortunately, no npm package is available)
• Set GITGUARDIAN_API_KEY in .env

If neither of those are set up, the secrets detection check will be skipped.

Screenshots

Example of what happens when a secret is exposed (this test credential has already been revoked):

[gweiying]

Code change looks good to me, but we should somehow enforce that everybody installs this to reap the rewards!

[halfwhole]

Would any of these approaches be a good idea?

1. Make it compulsory for all devs, i.e. pre-commit check fails if gitguardian is not set up locally
2. Make it optional, but change the echo'ed message to a warning that strongly recommends setting up gitguardian if not already done so
3. Make it optional, just discuss internally within our team to ensure that we set this up

Edit: oops, realised that by "everybody" you might've meant not just everyone who's working on this project, but for everyone else in ogp as well - dat and I were just discussing about whether that's doable