[INS-470] Add Tly detector to defaults.go, gate it behind feat flag and update its verification logic

[MuneebUllahKhan222]

Description:

This PR adds the Tly detector to defaults.go and gates it behind the appropriate feature flag.

Additionally, the PR updates the detector’s verification logic to align with the latest implementation changes.

Corpora Test

The detector appear in the list but on the lower side.

Checklist:

• Tests passing (make test-community)?
• Lint passing (make lint this requires golangci-lint)?

---

Note

Low Risk
Adds a gated third-party API detector and changes verification HTTP behavior only for TLy; no auth or core scan pipeline changes.

Overview
This PR enables the TLy URL-shortener API key detector in the default engine and wires it behind a new TlyDetectorEnabled feature flag (on by default in OSS main, same pattern as Pinecone/Cloudinary/GitLab OAuth).

The tly scanner is refactored to dedupe matched keys, verify via GET https://api.t.ly/api/v1/link/list with a Bearer token (replacing the old query-token stats URL), record verification errors on results, and handle HTTP status codes explicitly. Integration tests switch from pretty to go-cmp with ignored verification/metadata fields.

^{Reviewed by Cursor Bugbot for commit 24e4fd8. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

Corpora Test Results

No detector regex or keyword changes in this PR. Bench skipped.