This pull request creates a new script that's in charge of running the safety check, where previously this logic was stored in the Makefile. The idea is to have this this script be a very thin wrapper around safety itself, with the main purpose being to load the appropriate IDs to ignore from a project-level JSON config file. The JSON data can be shared with the fpf-www-projects check and processed to separate ignores and failures there, rather than here, where this script only needs to output pass or fail for CI runs on feature branches.
This pull request creates a new script that's in charge of running the safety check, where previously this logic was stored in the Makefile. The idea is to have this this script be a very thin wrapper around
safety
itself, with the main purpose being to load the appropriate IDs to ignore from a project-level JSON config file. The JSON data can be shared with the fpf-www-projects check and processed to separate ignores and failures there, rather than here, where this script only needs to output pass or fail for CI runs on feature branches.Refs https://github.com/freedomofpress/fpf-www-projects/issues/123