* Ecosystem CI: Allow storing checkouts locally
This adds a --checkouts options to (re)use a local directory instead of checkouts into a tempdir
* Fix missing path conversion
* Count changes for each rule
* Handle case where rule matches were found in a line
* List and sort by changes
* Remove detail from rule changes
* Add comment about leading :
* Only print rule changes if rule changes are present
* Use re.search and match group
* Remove dict().items()
* Use match group to extract rule code
This PR sets up an "ecosystem" check as an optional part of the CI step for pull requests. The primary piece of this is a new script in `scripts/check_ecosystem.py` which takes two ruff binaries as input and compares their outputs against a corpus of open-source code in parallel. I used ruff's `text` reporting format and stdlib's `difflib` (rather than JSON output and jsondiffs) to avoid adding another dependency. There is a new ecosystem-comment workflow to add a comment to the PR (see [this link](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) which explains why it needs to be done as a new workflow for security reasons).
