/claim #6532

Description

This PR integrates the typos spell-checker into the CI pipeline to automatically catch typos in future PRs and maintain code quality consistently.

Changes

1. Added .github/workflows/typos.yaml

• GitHub Actions workflow using official crate-ci/typos@v1.32.2 action
• Runs on push and PR to main and dev branches
• Configured with concurrency control for efficiency

2. Added _typos.toml

• Comprehensive configuration for nuclei project
• Excludes: templates, integration tests, vendor, node_modules, lock files
• Nuclei-specific allowed words: pd, nuclei, httpx, fofa, shodan, etc.
• Security vendor names: akamai, citrix, fortinet, checkpoint, sophos, etc.
• Technical terms: kubernetes, docker, regex, boolean, serializer, etc.
• Pattern exclusions: URLs, emails, SHA hashes, base64 strings

Proof

The typos workflow will:

1. Run automatically on every push/PR to dev/main branches
2. Fail if typos are found, providing clear error messages
3. Allow project-specific terms via the _typos.toml configuration

Checklist

• PR created against the correct branch (dev)
• Workflow follows existing CI patterns
• Configuration excludes appropriate directories
• Minimal diff (2 files added)

References

• Issue: #6532
• Typos docs: https://github.com/crate-ci/typos/blob/master/docs/github-action.md
• Related PR: #6521

Summary by CodeRabbit

• Chores
  • Configured spell-check settings to enhance development workflows and code quality by excluding common non-source files and build artifacts, ignoring technical patterns and encoded content like hashes and URLs, and expanding recognition of security research and domain-specific terminology to reduce false positives during automated analysis.