fix(dropbox): prevent long sl.u. tokens from being truncated

[lukem-ts]

Newer scoped Dropbox short-lived tokens (sl.u.…) can be ~1.5KB. The scanning engine only passes a keyword-centered window of the chunk (512 bytes by default) to FromData, so these tokens were truncated before the regex saw them, producing an invalid token that always verified as false.

Implement detectors.MaxSecretSizeProvider on the Dropbox scanner so the engine widens its window to fit the full token. Add a regression test that drives a long token through the Aho-Corasick windowing path.

Description:

Checklist:

• Tests passing (make test-community)?
• Lint passing (make lint this requires golangci-lint)?

---

Note

Low Risk
Localized detector and test changes; no auth, data handling, or engine-wide behavior beyond the Dropbox scanner’s secret window size.

Overview
Fixes false negatives for long scoped Dropbox tokens (sl.u.…, ~1.5KB) by implementing detectors.MaxSecretSizeProvider on the Dropbox scanner with MaxSecretSize() → 4096, so the engine widens the keyword-centered chunk window beyond the default 512 bytes before FromData runs the regex.

Adds TestDropBox_LongTokenThroughEngineWindow, which drives a ~1505-character token through the Aho-Corasick match/window path to guard against regressions on that windowing behavior.

^{Reviewed by Cursor Bugbot for commit 664f470. Bugbot is set up for automated code reviews on this repo. Configure here.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[github-actions]

Corpora Test Results

No detector regex or keyword changes in this PR. Bench skipped.