The current stable version of Python is Python 3.12, see
https://www.python.org/downloads, so we should switch to that since
Python 3.10 is older and only receives security updates.
This commit tweaks the Fluent linter workflow to match the other
workflow files we have, so we make sure the steps have a newline between
them for better readability and align names and descriptions of steps
with how they are called in the other workflow files we have.
This commit migrates this functionality away from the bots. Nowadays
it's possible to build and deploy the website to GitHub Pages directly
through the GitHub Actions, which provides a nice simplication of the
process. Not only does this remove the requirement to have a `gh-pages`
branch in the repository, it also avoids the complexity of having to
configure the workflow to commit to Git branches and allows us to remove
the Git committing code from the Gulpfile.
Note that deploying directly though GitHub Actions workflows needs to be
enabled in the repository settings, but this is easy and well documented
on the link below.
The following resources are relevant for this patch:
- Enabling deployment to GitHub Pages directly through GitHub Actions:
https://docs.github.com/en/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site#publishing-with-a-custom-github-actions-workflow
- Uploading GitHub Pages artifacts example:
https://github.com/actions/upload-pages-artifact#usage
- Deploying GitHub Pages artifacts example:
https://github.com/actions/deploy-pages#usage
In PR #16327 the `eslint-plugin-mozilla` package was updated so we no
longer have to force-install packages, and the force-install flags for
`npm install` were removed. However, the CI job was missing from this
commit, which we fix here. In general force-installing packages
shouldn't be necessary unless there are problems with dependencies,
which we would like to know about, so especially in the CI job it seems
like a good idea to not force-install packages to catch upcoming defects
early on.
Extends 19526d2322.
Version 16 that we used before is now in maintenance mode, so we should
upgrade to the most recent LTS version. For more information on the
Node.js release schedule please refer to
https://github.com/nodejs/release#release-schedule.
Version 14 that we used before is now in maintenance mode, so we should
upgrade to the most recent LTS version.
Moreover, use the most recent `setup-node` workflow version and syntax;
see https://github.com/actions/setup-node#usage.
This command was added all the way back when basic CI-support was first introduced (using Travis at the time), however it's never really intended to be used e.g. for local development.
By having a `npm test`-command listed in the `package.json` file, there's a very real risk that someone unfamiliar with the code-base would only run that one and thus miss all the other (more important) test-suites[1].
Hence this patch which removes the `npm test`-command, and instead simply calls the relevant gulp-task[2] directly in the GitHub Actions configuration.
---
[1] Which consist of the unit-tests (run in browsers), the font-tests (potentially), the reference-tests, and the integration-tests.
[2] Which is also renamed slightly, to better fit its current usage.
This allows us to get the quality checks that LGTM does into GitHub
Advanced Security. Since it not only runs security checks anymore, the
workflow is also renamed to CodeQL to make this more explicit (and this
matches the documentation better).
This makes it consistent with the GitHub Advanced Security file and,
more importantly, ensures that all steps have a proper name for better
visibility.
