fix: keep Rust workflow vendor updates current

[blink-claw-bot]

Summary

• update shared Rust audit workflow to keep actions/checkout@v6 and rustsec/audit-check@v2.0.0
• update shared Rust check-code workflow to keep concurrency, timeout, permissions, and newer Nix/cache/checkout actions
• keep the GitHub Actions dependabot entry and avoid spelling checkout downgrades when vendoring shared files

Context

This fixes the workflow downgrades spotted on blinkbitcoin/blink-lnurl-server#17 after vendoring shared CI files.

Validation

• python3 - <<'PY' ... yaml.safe_load(...) ... PY for changed YAML files
• git diff --check

[blink-claw-bot]

Commit 62b6489 — Keep Rust workflow vendor updates current

What: Updated the shared Rust GitHub Actions templates to preserve newer audit/check-code/spelling action versions and check-code concurrency, timeout, and permissions. Also kept the GitHub Actions dependabot entry in the Rust dependabot template.

Why: Vendoring shared CI into blink-lnurl-server was downgrading workflows in blinkbitcoin/blink-lnurl-server#17.

Files: shared/actions/rust-audit.yml, shared/actions/rust-check-code.yml, shared/actions/spelling.yml, shared/ci/config/rust-dependabot.yml

Tests: git diff --check; parsed changed YAML files with Python/PyYAML.