feat: add limits fields to scan config

internal/resources/scanner.go

@@ -9,4 +9,9 @@ type ScanConfig struct {
 	CustomRules     []*ruledefine.Rule
 	WithValidation  bool
 	PluginName      string
+
+	// Limit settings
+	MaxFindings               uint64 // Total findings limit across entire scan (0 = no limit)
+	MaxRuleMatchesPerFragment uint64 // Regex matches limit per rule per fragment (0 = no limit)
+	MaxSecretSize             uint64 // Maximum secret size in bytes (0 = no limit)
 }

pkg/scan.go

@@ -33,28 +33,31 @@ func NewScanner() Scanner {
 	return &scanner{}
 }
 
-func (s *scanner) Reset(scanConfig resources.ScanConfig, opts ...engine.EngineOption) error {
+func (s *scanner) Reset(scanConfig *resources.ScanConfig, opts ...engine.EngineOption) error {
 	s.mu.Lock()
 	defer s.mu.Unlock()
 
 	engineInstance, err := engine.Init(&engine.EngineConfig{
-		IgnoredIds:   scanConfig.IgnoreResultIds,
-		SelectedList: scanConfig.SelectRules,
-		CustomRules:  scanConfig.CustomRules,
-		IgnoreList:   scanConfig.IgnoreRules,
-		ScanConfig:   scanConfig,
+		IgnoredIds:                scanConfig.IgnoreResultIds,
+		SelectedList:              scanConfig.SelectRules,
+		CustomRules:               scanConfig.CustomRules,
+		IgnoreList:                scanConfig.IgnoreRules,
+		MaxFindings:               scanConfig.MaxFindings,
+		MaxRuleMatchesPerFragment: scanConfig.MaxRuleMatchesPerFragment,
+		MaxSecretSize:             scanConfig.MaxSecretSize,
+		ScanConfig:                *scanConfig,
 	}, opts...)
 	if err != nil {
 		return fmt.Errorf("error initializing engine: %w", err)
 	}
 
 	s.engineInstance = engineInstance
-	s.scanConfig = scanConfig
+	s.scanConfig = *scanConfig
 
 	return nil
 }
 
-func (s *scanner) Scan(scanItems []ScanItem, scanConfig resources.ScanConfig, opts ...engine.EngineOption) (reporting.IReport, error) {
+func (s *scanner) Scan(scanItems []ScanItem, scanConfig *resources.ScanConfig, opts ...engine.EngineOption) (reporting.IReport, error) {
 	var wg conc.WaitGroup
 	err := s.Reset(scanConfig, opts...)
 	if err != nil {
@@ -106,7 +109,7 @@ func (s *scanner) Scan(scanItems []ScanItem, scanConfig resources.ScanConfig, op
 
 func (s *scanner) ScanDynamic(
 	itemsIn <-chan ScanItem,
-	scanConfig resources.ScanConfig,
+	scanConfig *resources.ScanConfig,
 	opts ...engine.EngineOption,
 ) (reporting.IReport, error) {
 	var wg conc.WaitGroup