Scan all repos retrospectively

[pburkholder]

Changes proposed in this pull request:

Framework to scan all of our unarchived repositories for any leaks, ever.

To use, `cd org-scan/; ./scan_org.sh

This is not perfect. It represents a working 0.1 release. It's still lacking:

• A README with guidance on why the patterns excluded from the parent are reasonable - DONE
• A mechanism for checkpointing the last scanned commit, and only scanning forward from that point in the future
  • This is needed as the patterns now pick up a lot of matches in YAML files that I reviewed along with our 3PAO. So we should only scan using --commit-to flags from now on.
• ALSO - removed the test for 40 consecutive base64 characters - it produced too many false positives, especially since Git commit hashes are also matches.

This PR also includes the results from two scans, in ./org-scan/results-2020-05-29 and ./org-scan/results.2020-06-17/ The first of these is a "clean" scan with no WARN messages. The second has a lot of "WARN" messages, but I have reviewed the results from those scans and determined they're all false positives.

security considerations

Not operational code, no information leakage.

[pburkholder]

Still need to demonstrate that the keys in gitleaks.toml are indeed non-applicable.