Switch to GH secrets scanning?

[bryevdv]

We current use a third-party service, GitGuardian, to scan for secret spills in PRs. This has been the case for several years since they agreed to provide their service gratis to selected OSS projects. However, GH now has built-in secrets scanning that can be enabled.

Should we enable the GH scanning and sunset the GitGuardian integration? It would be one less external service to manage credentials for, etc.

cc @bokeh/dev

[mattpap]

Here's relevant documentation. I think it's fine to move to GithHub if it reduces maintenance burden and especially if it's unclear how long GitGuardian's support will last.