fix(security): multline secrets trivially transformed are redacted (#845)

A multiline secret transformed into a single line by replacing with \ followed by n is also redacted.

<!--start release-notes-assistant-->
<!--URL:https://code.forgejo.org/forgejo/runner-->
- bug fixes
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/845): <!--number 845 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogbXVsdGxpbmUgc2VjcmV0cyB0cml2aWFsbHkgdHJhbnNmb3JtZWQgYXJlIHJlZGFjdGVk-->fix(security): multline secrets trivially transformed are redacted<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/845
Reviewed-by: Mathieu Fenniak <mfenniak@noreply.code.forgejo.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>

internal/pkg/report/mask_test.go

@@ -41,6 +41,19 @@ SIX`
 			out:      "line before\n***\n***\n***\nline after\n",
 			needMore: false,
 		},
+		{
+			//
+			// a multiline secret where newlines are represented
+			// as \ followed by n is masked
+			//
+			name: "MultilineTransformedIsMasked",
+			secrets: []string{
+				multiLineOne,
+			},
+			in:       fmt.Sprintf("line before\n%[1]s\\nTWO\\nTHREE\nline after", lineOne),
+			out:      "line before\n***\nline after\n",
+			needMore: false,
+		},
 		{
 			//
 			// in a multiline secret \r\n is equivalent to \n and does