Merge branch 'main' into sql_cookies_2025

Author: tunetheweb

.github/workflows/check-translations-lengths.yml

@@ -31,14 +31,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           path: this_run
           # Full git history is needed to get a proper list of changed files
           fetch-depth: 0
       - name: Checkout Code
         if: github.event_name == 'pull_request'
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           path: original
           ref: main

.github/workflows/code-static-analysis.yml

@@ -32,7 +32,7 @@ jobs:
         language: ['javascript', 'python']
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Set up Python 3.12
         if: ${{ matrix.language == 'python' }}
         uses: actions/setup-python@v6
@@ -47,11 +47,11 @@ jobs:
           # that includes the dependencies
           echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           config-file: ./.github/codeql/codeql-config.yml
           queries: +security-and-quality
           setup-python-dependencies: false
           languages: '${{ matrix.language }}'
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4

.github/workflows/compress-images.yml

@@ -45,21 +45,22 @@ jobs:
        github.event.pull_request.head.repo.full_name == github.repository)
     steps:
       - name: Checkout Branch
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Run Image Compression
         id: calibre
         uses: calibreapp/image-actions@main
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           compressOnly: ${{ github.event_name != 'pull_request' }}
           jpegProgressive: true
+          minPctChange: '10.0'
       - name: Create Pull Request
         # If it's not a pull request then commit any changes as a new PR
         if: |
           github.event_name != 'pull_request' &&
           steps.calibre.outputs.markdown != ''
         id: cpr
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@v8
         with:
           title: Auto Compress Images
           branch-suffix: timestamp

.github/workflows/linter.yml

@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -44,7 +44,6 @@ jobs:
           VALIDATE_MARKDOWN: true
           VALIDATE_PYTHON_PYLINT: true
           VALIDATE_PYTHON_FLAKE8: true
-          VALIDATE_SQLFLUFF: true
           VALIDATE_YAML: true
 
   dependabot:
@@ -73,7 +72,6 @@ jobs:
             steps.metadata.outputs.update-type == 'version-update:semver-minor'
           ) && (
             contains(steps.metadata.outputs.dependency-names, 'prettier') ||
-            contains(steps.metadata.outputs.dependency-names, 'sqlfluff') ||
             contains(steps.metadata.outputs.dependency-names, 'super-linter')
           )
         run: gh pr merge --admin --squash "$PR_URL"

.github/workflows/lintsql.yml

@@ -7,14 +7,15 @@ on:
   workflow_dispatch:
   pull_request:
     paths:
-      src/requirements.txt
+      - src/requirements.txt
+      - 'sql/**.sql'
 jobs:
   lint:
     name: Lint SQL
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           # Full git history is needed to get a proper list of changed files within `super-linter`
           fetch-depth: 0
@@ -23,9 +24,46 @@ jobs:
         with:
           python-version: '3.12'
       - name: Lint SQL code
-        if: |
-            github.event_name == 'workflow_dispatch' ||
-            startsWith(github.event.pull_request.title,'Bump sqlfluff') == true
         run: |
-          pip install -r src/requirements.txt
-          sqlfluff lint sql -p 4
+          pip install -r src/requirements.txt -q
+          if [ "${{ github.event_name }}" == "workflow_dispatch" ] || \
+            [[ "${{ github.event.pull_request.title }}" == Bump\ sqlfluff* ]]; then
+            # Lint all SQL files for workflow_dispatch or sqlfluff bumps
+            sqlfluff lint sql -p 4
+          else
+            # Lint only changed SQL files
+            git diff --name-only --diff-filter=ACMRT origin/${{ github.base_ref }}...HEAD \
+              | grep '\.sql$' \
+              | xargs -r sqlfluff lint
+          fi
+
+
+  dependabot:
+    name: Dependabot auto-merge
+    runs-on: ubuntu-latest
+    needs: lint
+    if: |
+      github.event.pull_request.user.login == 'dependabot[bot]' &&
+      github.repository == 'HTTPArchive/almanac.httparchive.org'
+
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: Enable auto-merge for Dependabot PRs
+        if: |
+          (
+            steps.metadata.outputs.update-type == 'version-update:semver-patch' ||
+            steps.metadata.outputs.update-type == 'version-update:semver-minor'
+          ) && contains(steps.metadata.outputs.dependency-names, 'sqlfluff')
+        run: gh pr merge --admin --squash "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/predeploy.yml

@@ -31,9 +31,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout branch
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
     - name: Setup Node.js for use with actions
-      uses: actions/setup-node@v5
+      uses: actions/setup-node@v6
       with:
         node-version: '20'
     - name: Set up Python 3.12
@@ -67,7 +67,7 @@ jobs:
         npm run ebooks
     - name: Upload PDF artifact
       if: ${{ github.event.inputs.ebooks == 'true' }}
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v6
       with:
         name: pdfs
         path: ./src/static/pdfs/*.pdf
@@ -79,7 +79,7 @@ jobs:
         npm run timestamps
     - name: Create Pull Request
       id: cpr
-      uses: peter-evans/create-pull-request@v7
+      uses: peter-evans/create-pull-request@v8
       with:
         title: Pre-deploy Updates
         branch-suffix: timestamp

.github/workflows/production-checks.yml

@@ -24,7 +24,7 @@ jobs:
     if: github.repository == 'HTTPArchive/almanac.httparchive.org'
     steps:
     - name: Checkout branch
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
     - name: Set the list of URLs for Lighthouse to check
       run: ./src/tools/scripts/set_lighthouse_urls.sh -p
     - name: Audit URLs using Lighthouse

.github/workflows/test-template-changes.yml

@@ -29,11 +29,11 @@ jobs:
     if: github.repository == 'HTTPArchive/almanac.httparchive.org'
     steps:
     - name: Checkout Code
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         fetch-depth: 0
     - name: Setup Node.js for use with actions
-      uses: actions/setup-node@v5
+      uses: actions/setup-node@v6
       with:
         node-version: '20'
     - name: Test Template Changes

.github/workflows/test_website.yml

@@ -21,12 +21,12 @@ jobs:
     if: github.repository == 'HTTPArchive/almanac.httparchive.org'
     steps:
     - name: Checkout branch
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         # Full git history is needed to get a proper list of changed files within `super-linter`
         fetch-depth: 0
     - name: Setup Node.js for use with actions
-      uses: actions/setup-node@v5
+      uses: actions/setup-node@v6
       with:
         node-version: '20'
     - name: Set up Python 3.12
@@ -42,9 +42,9 @@ jobs:
     - name: Lint Generated HTML
       uses: super-linter/super-linter/slim@v8
       env:
-        DEFAULT_BRANCH: main
         FILTER_REGEX_INCLUDE: src/static/html/.*
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        LOG_LEVEL: DEBUG
         VALIDATE_HTML: true
         USE_FIND_ALGORITHM: true
     - name: Set the list of URLs for Lighthouse to check

sql/.sqlfluff

@@ -28,7 +28,7 @@ exclude_rules = AL01,AL04,AL07,AL09,AM03,AM05,AM08,CP02,CP03,CV02,CV12,LT05,LT09
 # ST08 - Sometimes clearer to include brackets for complex COUNT(DISTINCT) cases
 # ST11 - Doesn't consider wildcards in SELECT. Issue: https://github.com/sqlfluff/sqlfluff/issues/6511
 
-large_file_skip_byte_limit = 40000
+large_file_skip_byte_limit = 1120000
 # CPU processes to use while linting.
 # If positive, just implies number of processes.
 # If negative or zero, implies number_of_cpus - specifed_number.
@@ -52,14 +52,13 @@ extended_capitalisation_policy = upper
 
 [sqlfluff:rules:convention.blocked_words]
 # Regex of blocked SQL that should not be used.
-# Can be overridden with `-- noqa: CV09` for those chapters using secondary pages
+# Can be overridden with `-- noqa: CV09` for those chapters using other dates
 # TABLESAMPLE - sometimes used for testing. Shouldn't be used in production as not random.
 # sample_data - sometimes used for testing. Shouldn't be used in production.
-# Block 2022_05_12 (contains secondary pages)
-# Block 2022_06_09 (contains secondary pages)
-# Block 2022_07_01 (probably forgot to update month to June for 2022)
-# Block 2021_06_01 (probably forgot to update month to July for 2021)
-blocked_regex = (TABLESAMPLE|sample_data|2022_?05_?12|2022_?06_?09|2022_?07_?01|2021_?06_?01)
+# The Web Almanac has run in different months due to timing or delays. This
+# means it's easy to use the wrong month by copying a previous query and only
+# updating the year and not the month. Block those months to warn about this.
+blocked_regex = (TABLESAMPLE|sample_data|2025-?08-?01|2025-?06-?01|2024-?08-?01|2024-?07-?01|2022-?08-?01|2022-?07-?01|2021-?06-?01|2021-?08-?01|2020-?07-?01)
 
 [sqlfluff:rules:convention.count_rows]
 prefer_count_0 = True