Base64 entropy scanning in v3.0.0

[sushantmimani]

The loosey-goosey "base64-anything" matching introduced in 3.0.0 turned out to be problematic because we several examples of things that looked like base64 encodings but weren't and which generated new issues thanks to the extended combined alphabet.

@rbailey-godaddy has provided a PR to "fix" this issue but we also wanted to get the opinion from the user community as to what they'd prefer.

🎉 Fix entropy scanning as per PR #319
😕 Leave the entropy scanning logic as it is (Users will need to add new exclusions)

[rbailey-godaddy]

Truth in advertising -- the word "fix" is in quotation marks above because it will not completely eliminate all new findings; it will get rid of some of the examples we've seen, but there are other examples that just are valid base64url and will result in findings that weren't issued by tartufo v2.x.

My concern is that there's a computational cost to parsing suspected base64 encodings more carefully, and that cost will be paid by everybody who uses tartufo; I've tried to minimize it, but it's there. The benefit is that we'll eliminate some new findings for some users, but others will need to add exclusions no matter what we do. So:

Do we merge PR 319, thus reducing transition work for at least some users?
Do we not merge PR 319 and accept the status quo?