badwords: check FAQ with allowlisted 'will', fix a typo

Also:
- badwords.pl: add support for filename:word exceptions.
- badwords.pl: handle `-w` file open errors.

Ref: https://github.com/curl/curl/pull/19817#issuecomment-3612386568
Closes #19837

.github/scripts/badwords.ok

@@ -0,0 +1,7 @@
+# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# SPDX-License-Identifier: curl
+#
+# whitelisted uses of bad words
+# file:[line]:rule
+docs/FAQ::\bwill\b

.github/scripts/badwords.pl

@@ -30,13 +30,13 @@ my %wl;
 if($ARGV[0] eq "-w") {
     shift @ARGV;
     my $file = shift @ARGV;
-    open(W, "<$file");
+    open(W, "<$file") or die "Cannot open '$file': $!";
     while(<W>) {
         if(/^#/) {
             # allow #-comments
             next;
         }
-        if(/^([^:]*):(\d+):(.*)/) {
+        if(/^([^:]*):(\d*):(.*)/) {
             $wl{"$1:$2:$3"}=1;
             #print STDERR "whitelisted $1:$2:$3\n";
         }
@@ -93,7 +93,13 @@ sub file {
 
                 my $ch = "$f:$l:$w";
                 if($wl{$ch}) {
-                    # whitelisted
+                    # whitelisted filename + line + word
+                    print STDERR "$ch found but whitelisted\n";
+                    next;
+                }
+                $ch = $f . "::" . $w;
+                if($wl{$ch}) {
+                    # whitelisted filename + word
                     print STDERR "$ch found but whitelisted\n";
                     next;
                 }

.github/workflows/checkdocs.yml

@@ -140,7 +140,7 @@ jobs:
           persist-credentials: false
 
       - name: 'badwords'
-        run: .github/scripts/badwords.pl '**.md' docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 < .github/scripts/badwords.txt
+        run: .github/scripts/badwords.pl -w .github/scripts/badwords.ok '**.md' docs/FAQ docs/KNOWN_BUGS docs/TODO packages/OS400/README.OS400 < .github/scripts/badwords.txt
 
       - name: 'verify synopsis'
         run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md

docs/FAQ

@@ -666,7 +666,7 @@ FAQ
   does not require this, you do not need a client certificate.
 
   A client certificate is always used together with a private key, and the
-  private key has a pass phrase that protects it.
+  private key has a passphrase that protects it.
 
   SERVER CERTIFICATE