ctb: Add triage mode to slither script

Also ensures that absolute local paths are not stored in the slither db.

packages/contracts-bedrock/package.json

@@ -32,6 +32,7 @@
     "storage-snapshot": "./scripts/storage-snapshot.sh",
     "validate-spacers": "hardhat compile && hardhat validate-spacers",
     "slither": "./scripts/slither.sh",
+    "slither:triage": "TRIAGE_MODE=1 ./scripts/slither.sh",
     "clean": "rm -rf ./dist ./artifacts ./forge-artifacts ./cache ./tsconfig.tsbuildinfo ./tsconfig.build.tsbuildinfo ./src/contract-artifacts.ts ./test-case-generator/fuzz",
     "lint:ts:check": "eslint . --max-warnings=0",
     "lint:forge-tests:check": "ts-node scripts/forge-test-names.ts",

packages/contracts-bedrock/scripts/slither.sh

@@ -2,11 +2,24 @@
 
 rm -rf artifacts forge-artifacts
 
-# Handle slither bug unable to work with the foundry tests
-TEMP=$(mktemp -d)
-mv contracts/test $TEMP/test
-
 # See slither.config.json for slither settings
-slither .
+if [ -n "$TRIAGE_MODE" ]; then
+  # Slither's triage mode will run an 'interview' in the terminal, allowing you to review each of
+  # its findings, and specify which should be ignored in future runs of slither. This will update
+  # (or create) the slither.db.json file. This DB is a cleaner alternative to adding slither-disable
+  # comments throughout the codebase.
+  # Triage mode should only be run manually, and can be used to update the db when new findings are
+  # causing a CI failure.
+  slither . --triage-mode
 
-mv $TEMP/test contracts/test
+  # For whatever reason the slither db contains a filename_absolute property which includes the full
+  # local path to source code on the machine where it was generated. This property does not
+  # seem to be required for slither to run, so we remove it.
+  DB=slither.db.json
+  TEMP_DB=temp-slither.db.json
+  mv $DB $TEMP_DB
+  jq 'walk(if type == "object" then del(.filename_absolute) else . end)' $TEMP_DB > $DB
+  rm -f $TEMP_DB
+else
+  slither .
+fi