Merge branch 'main' into patch-2

.github/workflows/auto-label-prs.yml

@@ -17,6 +17,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # See labeling configuration in the `.github/labeler.yml` file
-      - uses: actions/labeler@5f867a63be70efff62b767459b009290364495eb
+      - uses: actions/labeler@e54e5b338fbd6e6cdb5d60f51c22335fc57c401e
         with:
           repo-token: '${{ secrets.GITHUB_TOKEN }}'

.github/workflows/link-check-all.yml

@@ -53,6 +53,14 @@ jobs:
           # Don't care about CDN caching image URLs
           DISABLE_REWRITE_ASSET_URLS: true
         run: |
+
+          # Note as of Aug 2022, we *don't* check external links
+          # on the pages you touched in the PR. We could enable that
+          # but it has the added risk of false positives blocking CI.
+          # We are using this script for the daily/nightly checker that
+          # checks external links too. Once we're confident it really works
+          # well, we can consider enabling it here on every content PR too.
+
           ./script/rendered-content-link-checker.js \
             --language en \
             --max 100 \

components/article/PlatformPicker.tsx

@@ -5,7 +5,7 @@ import { sendEvent, EventType } from 'components/lib/events'
 import { useRouter } from 'next/router'
 
 import { useArticleContext } from 'components/context/ArticleContext'
-import parseUserAgent from 'components/lib/user-agent'
+import { parseUserAgent } from 'components/lib/user-agent'
 
 const platforms = [
   { id: 'mac', label: 'Mac' },

components/hooks/useTheme.ts

@@ -81,7 +81,8 @@ export function getCssTheme(cookieValue = ''): CssColorTheme {
       darkTheme: filterTheme(dark_theme) || defaultCSSTheme.darkTheme,
     }
   } catch (err) {
-    console.warn("Unable to parse 'color_mode' cookie", err)
+    if (process.env.NODE_ENV === 'development')
+      console.warn("Unable to parse 'color_mode' cookie", err)
     return defaultCSSTheme
   }
 }

components/lib/events.ts

@@ -1,7 +1,7 @@
 /* eslint-disable camelcase */
 import { v4 as uuidv4 } from 'uuid'
 import Cookies from 'js-cookie'
-import parseUserAgent from './user-agent'
+import { parseUserAgent } from './user-agent'
 
 const COOKIE_NAME = '_docs-events'
 

components/lib/get-rest-code-samples.ts

@@ -45,7 +45,7 @@ export function getShellExample(operation: Operation, codeSample: CodeSample) {
 
   const args = [
     operation.verb !== 'get' && `-X ${operation.verb.toUpperCase()}`,
-    `-H "Accept: ${defaultAcceptHeader}" \\ \n  -H "Authorization: token <TOKEN>"`,
+    `-H "Accept: ${defaultAcceptHeader}" \\ \n  -H "Authorization: Bearer <YOUR-TOKEN>"`,
     `${operation.serverUrl}${requestPath}`,
     requestBodyParams,
   ].filter(Boolean)
@@ -141,11 +141,7 @@ export function getJSExample(operation: Operation, codeSample: CodeSample) {
     }
   }
   const comment = `// Octokit.js\n// https://github.com/octokit/core.js#readme\n`
-  const require = `const octokit = new Octokit(${stringify(
-    { auth: 'personal-access-token123' },
-    null,
-    2
-  )})\n\n`
+  const require = `const octokit = new Octokit(${stringify({ auth: 'YOUR-TOKEN' }, null, 2)})\n\n`
 
   return `${comment}${require}await octokit.request('${operation.verb.toUpperCase()} ${
     operation.requestPath

components/lib/user-agent.ts

@@ -19,7 +19,7 @@ const BROWSER_REGEXPS = [
   /ms(ie)\/([^\s)]+)/i,
 ]
 
-export default function parseUserAgent(ua = navigator.userAgent) {
+export function parseUserAgent(ua = navigator.userAgent) {
   ua = ua.toLowerCase()
   const osRe = OS_REGEXPS.find((re) => re.test(ua))
   let [, os = 'other', os_version = '0'] = (osRe && ua.match(osRe)) || []

components/playground/ArticleMarkdown.tsx

@@ -5,6 +5,7 @@ import ReactMarkdown from 'react-markdown'
 import { Prism as SyntaxHighlighter } from 'react-syntax-highlighter'
 import { vs, vscDarkPlus } from 'react-syntax-highlighter/dist/cjs/styles/prism'
 import gfm from 'remark-gfm'
+import rehypeRaw from 'rehype-raw'
 
 import { MarkdownContent } from 'components/ui/MarkdownContent'
 
@@ -22,6 +23,9 @@ export const ArticleMarkdown = ({ className, children }: Props) => {
       <ReactMarkdown
         className={cx(styles.articleMarkdown, className)}
         remarkPlugins={[gfm as any]}
+        // This makes it so that HTML inside that `children`, as a string,
+        // is preserved and left alone.
+        rehypePlugins={[rehypeRaw]}
         components={{
           // eslint-disable-next-line @typescript-eslint/no-unused-vars
           code: ({ node, inline, className, children, ...props }) => {

components/playground/PlaygroundContentBlock.tsx

@@ -41,6 +41,7 @@ export const PlaygroundContentBlock = ({ sectionIndex, contentBlock }: Props) =>
   const isActive = sectionIndex === activeSectionIndex
   const anchorLink = getAnchorLink(contentBlock.title || '')
   const showDivider = !isActive && activeSectionIndex - 1 !== sectionIndex
+
   return (
     <div
       className={cx(

components/playground/content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-project-for-codespaces/dotnet.tsx

@@ -11,8 +11,8 @@ const article: PlaygroundArticleT = {
     '/codespaces/setting-up-your-project-for-codespaces/setting-up-your-dotnet-project-for-codespaces',
   codeLanguageId: 'dotnet',
   intro: dedent`
-  This guide shows you how to add a dev container configuration to your repository to define the GitHub Codespaces development environment for your **C# (.NET)** codebase. For more information, see "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)." 
-  
+  This guide shows you how to add a dev container configuration to your repository to define the GitHub Codespaces development environment for your **C# (.NET)** codebase. For more information, see "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)."
+
   If you want to add a dev container configuration for another programming language, click the language button to the right.
  `,
   prerequisites: dedent`
@@ -36,9 +36,9 @@ const article: PlaygroundArticleT = {
         When you create a codespace, your project is created on a remote VM that is dedicated to you. By default, the container for your codespace has many languages and runtimes including .NET. It also includes a common set of tools like git, wget, rsync, openssh, and nano.
 
         You can customize your codespace by adjusting the amount of vCPUs and RAM, [adding dotfiles to personalize your environment](/codespaces/setting-up-your-codespace/personalizing-codespaces-for-your-account), or by modifying the tools and scripts installed.
-        
+
         GitHub Codespaces uses a file called \`devcontainer.json\` to configure the development container that you use when you work in a codespace. Each repository can contain one or more  \`devcontainer.json\` files, to give you exactly the development environment you need to work on your code in a codespace.
-        
+
         On launch, GitHub Codespaces uses a \`devcontainer.json\` file, and any dependent files that make up the dev container configuration, to install tools and runtimes, and perform other setup tasks that the project requires. For more information, see "[Introduction to dev containers](/codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project)."
       `,
     },
@@ -53,17 +53,17 @@ const article: PlaygroundArticleT = {
 
         To set up your repository to use a custom dev container, you will need to create one or more \`devcontainer.json\` files. You can add these either from a template, in Visual Studio Code, or you can write your own. For more information on dev container configurations, see "[Introduction to dev containers](/codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project)".
 
-        1. Access the Command Palette (\`Shift + Command + P\` / \`Ctrl + Shift + P\`), then start typing "dev container". Select **Codespaces: Add Development Container Configuration Files...**.
+        1. Access the Command Palette (<kbd>Shift</kbd> + <kbd>Command</kbd> + <kbd>P</kbd> / <kbd>Ctrl</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd>), then start typing "dev container". Select **Codespaces: Add Development Container Configuration Files...**.
           ![Codespaces: Add Development Container Configuration Files... in the command palette](/assets/images/help/codespaces/add-prebuilt-container-command.png)
         2. For this example, click **C# (.NET)**. If you need additional features you can select any container that’s specific to C# (.NET) or a combination of tools such as C# (.NET) and MS SQL.
-          
+
             ![Select C# (.NET) option from the list](/assets/images/help/codespaces/add-dotnet-prebuilt-container.png)
         3. Click the recommended version of .NET.
           ![.NET version selection](/assets/images/help/codespaces/add-dotnet-version.png)
         4. Accept the default option to add Node.js to your customization.
           ![Add Node.js selection](/assets/images/help/codespaces/dotnet-options.png)
         5. Select any additional features to install and click **OK**.
-        6. Access the command palette (\`Shift + Command + P\`/ \`Ctrl + Shift + P\`), then start typing "rebuild". Select **Codespaces: Rebuild Container**. 
+        6. Access the command palette (<kbd>Shift</kbd> + <kbd>Command</kbd> + <kbd>P</kbd> / <kbd>Ctrl</kbd> + <kbd>Shift</kbd> + <kbd>P</kbd>), then start typing "rebuild". Select **Codespaces: Rebuild Container**.
           ![Rebuild container option](/assets/images/help/codespaces/codespaces-rebuild.png)
       `,
     },
@@ -189,15 +189,15 @@ const article: PlaygroundArticleT = {
                "streetsidesoftware.code-spell-checker"
              ],
            \`\`\`
-         
+
          3. Uncomment the \`postCreateCommand\` to restore dependencies as part of the codespace setup process.
-         
+
             \`\`\`json{:copy}
             // Use 'postCreateCommand' to run commands after the container is created.
             "postCreateCommand": "dotnet restore",
             \`\`\`
 
-        4. Access the command palette (\`Shift + Command + P\`/ \`Ctrl + Shift + P\`), then start typing "rebuild". Select **Codespaces: Rebuild Container**. 
+        4. Access the command palette (\`Shift + Command + P\`/ \`Ctrl + Shift + P\`), then start typing "rebuild". Select **Codespaces: Rebuild Container**.
           ![Rebuild container option](/assets/images/help/codespaces/codespaces-rebuild.png)
           Rebuilding inside your codespace ensures your changes work as expected before you commit the changes to the repository. If something does result in a failure, you’ll be placed in a codespace with a recovery container that you can rebuild from to keep adjusting your container.
 
@@ -253,26 +253,26 @@ const article: PlaygroundArticleT = {
             "INSTALL_AZURE_CLI": "false"
           }
         },
-      
+
         // Set *default* container specific settings.json values on container create.
         "settings": {
           "terminal.integrated.shell.linux": "/bin/bash"
         },
-      
+
         // Add the IDs of extensions you want installed when the container is created.
         "extensions": [
           "ms-dotnettools.csharp"
         ],
-      
+
         // Use 'forwardPorts' to make a list of ports inside the container available locally.
         // "forwardPorts": [5000, 5001],
-      
+
         // Use 'postCreateCommand' to run commands after the container is created.
         // "postCreateCommand": "dotnet restore",
-      
+
         // Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
         "remoteUser": "vscode"
-      }  
+      }
       `,
     },
     '1': {
@@ -282,22 +282,22 @@ const article: PlaygroundArticleT = {
       # [Choice] .NET version: 5.0, 3.1, 2.1
       ARG VARIANT="5.0"
       FROM mcr.microsoft.com/vscode/devcontainers/dotnetcore:0-\${VARIANT}
-      
+
       # [Option] Install Node.js
       ARG INSTALL_NODE="true"
       ARG NODE_VERSION="lts/*"
       RUN if [ "\${INSTALL_NODE}" = "true" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install \${NODE_VERSION} 2>&1"; fi
-      
+
       # [Option] Install Azure CLI
       ARG INSTALL_AZURE_CLI="false"
       COPY library-scripts/azcli-debian.sh /tmp/library-scripts/
       RUN if [ "$INSTALL_AZURE_CLI" = "true" ]; then bash /tmp/library-scripts/azcli-debian.sh; fi \
           && apt-get clean -y && rm -rf /var/lib/apt/lists/* /tmp/library-scripts
-      
+
       # [Optional] Uncomment this section to install additional OS packages.
       # RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
       #     && apt-get -y install --no-install-recommends <your-package-list-here>
-      
+
       # [Optional] Uncomment this line to install global node packages.
       # RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g <your-package-here>" 2>&1
       `,

components/playground/editor/Editor.tsx

@@ -102,7 +102,7 @@ export const Editor: React.FC<Props> = ({ article }) => {
                     className = 'color-bg-accent'
                   }
                 }
-                return { style: { display: 'block' }, class: className }
+                return { style: { display: 'block' }, className }
               }}
               lineNumberStyle={{ minWidth: '3.25em' }}
             >

components/rest/RestOperation.module.scss

@@ -13,6 +13,6 @@
   table-layout: fixed !important;
 }
 
-.codeBlock code {
+.codeBlock code:not(td *) {
   word-break: break-all;
 }

components/ui/MiniTocs/MiniTocs.tsx

@@ -1,43 +1,42 @@
+import { Heading, NavList } from '@primer/react'
 import cx from 'classnames'
-import { ActionList, Heading } from '@primer/react'
 
-import type { MiniTocItem } from 'components/context/ArticleContext'
+import { MiniTocItem } from 'components/context/ArticleContext'
 import { Link } from 'components/Link'
 import { useTranslation } from 'components/hooks/useTranslation'
 
+import styles from './Minitocs.module.scss'
+
 export type MiniTocsPropsT = {
   pageTitle: string
   miniTocItems: MiniTocItem[]
 }
 
-const renderTocItem = (item: MiniTocItem) => {
+function RenderTocItem(item: MiniTocItem) {
   return (
-    <ActionList.Item
-      as="li"
-      key={item.contents.href}
-      className={item.platform}
-      sx={{
-        listStyle: 'none',
-        padding: '2px',
-        ':hover': {
-          bg: 'var(--color-canvas-inset) !important',
-        },
-        'ul > li': {
-          ':hover': {
-            bg: 'var(--color-neutral-subtle) !important',
-          },
-        },
-      }}
-    >
-      <div className={cx('lh-condensed d-block width-full')}>
-        <a className="d-block width-auto" href={item.contents.href}>
-          {item.contents.title}
-        </a>
-        {item.items && item.items.length > 0 ? (
-          <ul className="ml-3">{item.items.map(renderTocItem)}</ul>
-        ) : null}
-      </div>
-    </ActionList.Item>
+    <div className={cx(styles.nested, item.platform)}>
+      <NavList.Item
+        href={item.contents.href}
+        sx={{
+          padding: '4px 0 4px 0',
+          marginLeft: '7px',
+        }}
+      >
+        {item.contents.title}
+      </NavList.Item>
+      {item.items && item.items.length > 0 && (
+        <ul className={cx(styles.indentNested)}>
+          {item.items.map((toc) => (
+            <RenderTocItem
+              key={toc.contents.href}
+              contents={toc.contents}
+              items={toc.items}
+              platform={toc.platform}
+            />
+          ))}
+        </ul>
+      )}
+    </div>
   )
 }
 
@@ -46,17 +45,22 @@ export function MiniTocs({ pageTitle, miniTocItems }: MiniTocsPropsT) {
 
   return (
     <>
-      <Heading as="h2" id="in-this-article" className="mb-1" sx={{ fontSize: 1 }}>
+      <Heading as="h2" id="in-this-article" className="mb-1 ml-3" sx={{ fontSize: 1 }}>
         <Link href="#in-this-article">{t('miniToc')}</Link>
       </Heading>
 
-      <ActionList variant="full" className="my-2" key={pageTitle} as="div">
-        <div>
-          {miniTocItems.map((items, i) => {
-            return <ul key={pageTitle + i}>{renderTocItem(items)}</ul>
-          })}
-        </div>
-      </ActionList>
+      <NavList className="my-2" key={pageTitle}>
+        {miniTocItems.map((items, i) => {
+          return (
+            <RenderTocItem
+              key={items.contents.href + i}
+              contents={items.contents}
+              items={items.items}
+              platform={items.platform}
+            />
+          )
+        })}
+      </NavList>
     </>
   )
 }

components/ui/MiniTocs/Minitocs.module.scss

@@ -0,0 +1,12 @@
+.indentNested {
+  padding-inline-start: 0;
+}
+
+.nested {
+  div ul div li {
+    padding-left: 4em;
+  }
+  div li {
+    padding-left: 2em;
+  }
+}

content/README.md

@@ -227,7 +227,7 @@ defaultPlatform: linux
 
 ### `defaultTool`
 
-- Purpose: Override the initial tool selection for a page, where tool refers to the application the reader is using to work with GitHub (such as GitHub.com's web UI, the GitHub CLI, or GitHub Desktop) or the GitHub APIs (such as cURL or the GitHub CLI). For more information about the tool selector, see [Markup reference for GitHub Docs](../contributing/content-markup-reference.md#tool-tags). If this frontmatter is omitted, then the tool-specific content matching the GitHub web UI is shown by default. If a user has indicated a tool preference (by clicking on a tool tab), then the user's preference will be applied instead of the default value.
+- Purpose: Override the initial tool selection for a page, where the tool refers to the application the reader is using to work with GitHub (such as GitHub.com's web UI, the GitHub CLI, or GitHub Desktop) or the GitHub APIs (such as cURL or the GitHub CLI). For more information about the tool selector, see [Markup reference for GitHub Docs](../contributing/content-markup-reference.md#tool-tags). If this frontmatter is omitted, then the tool-specific content matching the GitHub web UI is shown by default. If a user has indicated a tool preference (by clicking on a tool tab), then the user's preference will be applied instead of the default value.
 - Type: `String`, one of: `webui`, `cli`, `desktop`, `curl`, `codespaces`, `vscode`, `importer_cli`, `graphql`, `powershell`, `bash`, `javascript`.
 - Optional.
 
@@ -263,9 +263,9 @@ includeGuides:
 - Optional.
 
 ### `topics`
-- Purpose: Indicate the topics covered by the article. The topics are used to filter guides on some landing pages. For example, the guides at the bottom of [this page](https://docs.github.com/en/actions/guides) can be filtered by topics and the topics are listed under the guide intro. Topics are also added to all search records that get created for each page. The search records contain a `topics` property that is used to filter search results by topics. For more information, see the [Search](/contributing/search.md) contributing guide. Refer to the content models for more details around adding topics. A full list of  existing topics is located in the [allowed topics file](/data/allowed-topics.js). If topics in article frontmatter and the allow-topics list become out of sync, the [topics CI test](/tests/unit/search/topics.js) will fail.
+- Purpose: Indicate the topics covered by the article. The topics are used to filter guides on some landing pages. For example, the guides at the bottom of [this page](https://docs.github.com/en/actions/guides) can be filtered by topics, and the topics are listed under the guide intro. Topics are also added to all search records that get created for each page. The search records contain a `topics` property that is used to filter search results by topics. For more information, see the [Search](/contributing/search.md) contributing guide. Refer to the content models for more details about adding topics. A full list of  existing topics is located in the [allowed topics file](/data/allowed-topics.js). If topics in article frontmatter and the allow-topics list become out of sync, the [topics CI test](/tests/unit/search/topics.js) will fail.
 - Type: Array of `String`s
-- Optional: Topics are preferred for each article, but, there may be cases where existing articles don't yet have topics or adding a topic to a new article may not add value.
+- Optional: Topics are preferred for each article, but, there may be cases where existing articles don't yet have topics, or adding a topic to a new article may not add value.
 
 ### `contributor`
 - Purpose: Indicate an article is contributed and maintained by a third-party organization, typically a GitHub Technology Partner.
@@ -294,7 +294,7 @@ contributor:
 
 If you see two single quotes in a row (`''`) in YML frontmatter where you might expect to see one (`'`), this is the YML-preferred way to escape a single quote. From [the YAML spec](https://yaml.org/spec/history/2001-12-10.html):
 
-> In single quoted leaves, a single quote character needs to be escaped. This is done by repeating the character.
+> In single-quoted leaves, a single quote character needs to be escaped. This is done by repeating the character.
 
 As an alternative, you can change the single quotes surrounding the frontmatter field to double quotes and leave interior single quotes unescaped.
 
@@ -314,7 +314,7 @@ Make sure not to add hardcoded "In this article" sections in the Markdown source
 A content file can have **two** types of versioning:
 
 * [`versions`](#versions) frontmatter (**required**)
-    * Determines in which the versions the page is available. See [contributing/permalinks](../contributing/permalinks.md) for more info.
+    * Determines in which versions the page is available. See [contributing/permalinks](../contributing/permalinks.md) for more info.
 * Liquid statements in content (**optional**)
     * Conditionally render content depending on the current version being viewed. See [contributing/liquid-helpers](../contributing/liquid-helpers.md) for more info. Note Liquid conditionals can also appear in `data` and `include` files.
 
@@ -358,7 +358,7 @@ and when viewed on GitHub Enterprise Server docs, the version is included as wel
 
 ### Preventing transformations
 
-Sometimes you want to link to a Dotcom-only article in Enterprise content and you don't want the link to be Enterprise-ified. To prevent the transformation, include the preferred version in the path.
+Sometimes you want to link to a Dotcom-only article in Enterprise content and you don't want the link to be Enterprise-ified. To prevent the transformation, you should include the preferred version in the path.
 
 ```markdown
 "[GitHub's Terms of Service](/free-pro-team@latest/github/site-policy/github-terms-of-service)"
@@ -388,8 +388,8 @@ The homepage is the main Table of Contents file for the docs site. The homepage
 
 To create a product guides page (e.g. [Actions' Guide page](https://docs.github.com/en/actions/guides)), create or modify an existing markdown file with these specific frontmatter values:
 
-1. Use the product guides page template by referencing it `layout: product-guides`
-2. (optional) Include the learning tracks in [`learningTracks`](#learningTracks)
+1. Use the product guides page template by referencing `layout: product-guides`.
+2. (optional) Include the learning tracks in [`learningTracks`](#learningTracks).
 3. (optional) Define which articles to include with [`includeGuides`](#includeGuides).
 
 If using learning tracks, they need to be defined in [`data/learning-tracks/*.yml`](../data/learning-tracks/README.md).

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/index.md

@@ -1,6 +1,6 @@
 ---
 title: Setting up and managing your personal account on GitHub
-intro: 'You can manage settings for your personal account on {% data variables.product.prodname_dotcom %}, including email preferences, collaborator access for personal repositories, and organization memberships.'
+intro: You can manage settings for your personal account on {% ifversion fpt or ghec or ghes %}{% data variables.product.product_location %}{% elsif ghae %}{% data variables.product.product_name %}{% endif %}, including email preferences, access to personal repositories, and organization memberships. You can also manage the account itself.
 shortTitle: Personal accounts
 redirect_from:
   - /categories/setting-up-and-managing-your-github-user-account
@@ -15,6 +15,7 @@ topics:
   - Accounts
 children:
   - /managing-personal-account-settings
+  - /managing-your-personal-account
   - /managing-email-preferences
   - /managing-access-to-your-personal-repositories
   - /managing-your-membership-in-organizations

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/index.md

@@ -1,6 +1,6 @@
 ---
 title: Managing user account settings
-intro: 'You can change several settings for your personal account, including changing your username and deleting your account.'
+intro: 'You can manage settings for your personal account, including your theme, username, default branch, accessibility, and security settings.'
 redirect_from:
   - /categories/29/articles
   - /categories/user-accounts
@@ -19,9 +19,6 @@ children:
   - /managing-your-theme-settings
   - /managing-your-tab-size-rendering-preference
   - /changing-your-github-username
-  - /merging-multiple-personal-accounts
-  - /converting-a-user-into-an-organization
-  - /deleting-your-personal-account
   - /permission-levels-for-a-personal-account-repository
   - /permission-levels-for-a-project-board-owned-by-a-personal-account
   - /managing-accessibility-settings
@@ -29,7 +26,6 @@ children:
   - /managing-security-and-analysis-settings-for-your-personal-account
   - /managing-access-to-your-personal-accounts-project-boards
   - /integrating-jira-with-your-personal-projects
-  - /best-practices-for-leaving-your-company
   - /what-does-the-available-for-hire-checkbox-do
 shortTitle: Personal account settings
 ---

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/best-practices-for-leaving-your-company.md

@@ -6,6 +6,7 @@ redirect_from:
   - /github/setting-up-and-managing-your-github-user-account/best-practices-for-leaving-your-company
   - /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/best-practices-for-leaving-your-company
   - /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/best-practices-for-leaving-your-company
+  - /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/best-practices-for-leaving-your-company
 versions:
   fpt: '*'
   ghec: '*'

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md

@@ -7,6 +7,7 @@ redirect_from:
   - /github/setting-up-and-managing-your-github-user-account/converting-a-user-into-an-organization
   - /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/converting-a-user-into-an-organization
   - /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/converting-a-user-into-an-organization
+  - /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/converting-a-user-into-an-organization
 intro: You can convert your personal account into an organization. This allows more granular permissions for repositories that belong to the organization.
 versions:
   fpt: '*'

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/deleting-your-personal-account.md

@@ -1,38 +1,53 @@
 ---
 title: Deleting your personal account
-intro: 'You can delete your personal account on {% data variables.product.product_name %} at any time.'
+intro: 'You can delete your personal account on {% data variables.product.product_location %} at any time.'
 redirect_from:
   - /articles/deleting-a-user-account
   - /articles/deleting-your-user-account
   - /github/setting-up-and-managing-your-github-user-account/deleting-your-user-account
   - /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/deleting-your-user-account
   - /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/deleting-your-user-account
+  - /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/deleting-your-personal-account
 versions:
   fpt: '*'
   ghes: '*'
   ghec: '*'
 topics:
   - Accounts
-shortTitle: Delete your personal account
+shortTitle: Delete your account
 ---
-Deleting your personal account removes all repositories, forks of private repositories, wikis, issues, pull requests, and pages owned by your account. {% ifversion fpt or ghec %} Issues and pull requests you've created and comments you've made in repositories owned by other users will not be deleted - instead, they'll be associated with our [Ghost user](https://github.com/ghost).{% else %}Issues and pull requests you've created and comments you've made in repositories owned by other users will not be deleted.{% endif %}
 
-{% ifversion fpt or ghec %} When you delete your account we stop billing you. The email address associated with the account becomes available for use with a different account on {% data variables.product.product_location %}. After 90 days, the account name also becomes available to anyone else to use on a new account. {% endif %}
+## About deletion of your personal account
 
-If you’re the only owner of an organization, you must transfer ownership to another person or delete the organization before you can delete your personal account. If there are other owners in the organization, you must remove yourself from the organization before you can delete your personal account.
+Deleting your personal account removes all repositories, forks of private repositories, wikis, issues, pull requests, and pages owned by your account. {% ifversion fpt or ghec %}Issues and pull requests you've created and comments you've made in repositories owned by other users will not be deleted. Your resources and comments will become associated with the [ghost user](https://github.com/ghost).{% else %}Issues and pull requests you've created and comments you've made in repositories owned by other users will not be deleted.{% endif %}
+
+{% ifversion ghec %}
+
+{% note %}
+
+**Note**: If your enterprise manages your account and you sign into {% data variables.product.product_location %} through your company's identity provider (IdP), you cannot delete your account. For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users)."
+
+{% endnote %}
+
+{% endif %}
+
+{% ifversion fpt or ghec %}When you delete your account we stop billing you. The email address associated with the account becomes available for use with a different account on {% data variables.product.product_location %}. After 90 days, the account name also becomes available to anyone else to use on a new account. {% endif %}
+
+If you're the only owner of an organization, you must transfer ownership to another person or delete the organization before you can delete your personal account. If there are other owners in the organization, you must remove yourself from the organization before you can delete your personal account.
+
+For more information, see the following articles.
 
-For more information, see:
 - "[Transferring organization ownership](/articles/transferring-organization-ownership)"
 - "[Deleting an organization account](/articles/deleting-an-organization-account)"
 - "[Removing yourself from an organization](/articles/removing-yourself-from-an-organization/)"
 
 ## Back up your account data
 
-Before you delete your personal account, make a copy of all repositories, private forks, wikis, issues, and pull requests owned by your account.
+Before you delete your personal account, make a copy of all repositories, private forks, wikis, issues, and pull requests owned by your account. For more information, see "[Backing up a repository](/repositories/archiving-a-github-repository/backing-up-a-repository)."
 
 {% warning %}
 
-**Warning:** Once your personal account has been deleted, GitHub cannot restore your content.
+**Warning:** Once your personal account has been deleted, {% ifversion fpt or ghec %}{% data variables.product.company_short %}{% elsif ghes or ghae %}an enterprise owner{% endif %} cannot restore your content.
 
 {% endwarning %}
 

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/index.md

@@ -0,0 +1,19 @@
+---
+title: Managing your personal account
+intro: 'You can manage your personal account on {% ifversion fpt or ghec or ghes %}{% data variables.product.product_location %}{% elsif ghae %}{% data variables.product.product_name %}{% endif %}. For example, you can {% ifversion fpt or ghec %}manage multiple accounts, {% endif %}convert an account to an organization{% ifversion fpt or ghec or ghes %}, or delete an account{% endif %}.'
+shortTitle: Manage personal account
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+topics:
+  - Accounts
+children:
+  - /managing-multiple-accounts
+  - /merging-multiple-personal-accounts
+  - /converting-a-user-into-an-organization
+  - /best-practices-for-leaving-your-company
+  - /deleting-your-personal-account
+---
+

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts.md

@@ -0,0 +1,105 @@
+---
+title: Managing multiple accounts
+intro: 'If you use one workstation to contribute to projects for more than one account on {% data variables.product.product_location %}, you can modify your Git configuration to simplify the contribution process.'
+versions:
+  feature: multiple-accounts-one-workstation
+topics:
+  - Accounts
+  - Git
+  - GitHub
+shortTitle: Manage multiple accounts
+---
+
+## About management of multiple accounts
+
+In some cases, you may need to use multiple accounts on {% data variables.product.product_location %}. For example, you may have a personal account for open source contributions, and your employer may also create and manage a user account for you within an enterprise. 
+
+You cannot use your {% data variables.product.prodname_managed_user %} to contribute to public projects on {% data variables.product.product_location %}, so you must contribute to those resources using your personal account. For more information, see "[About  {% data variables.product.prodname_emus %}]({% ifversion fpt %}/enterprise-cloud@latest{% endif %}/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#abilities-and-restrictions-of-managed-user-accounts){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% elsif ghec %}."{% endif %}
+
+If you want to use one workstation to contribute from both accounts, you can simplify contribution with Git by using a mixture of protocols to access repository data, or by using credentials on a per-repository basis.
+
+{% warning %}
+
+**Warning**: Be mindful when you use one workstation to contribute to two separate accounts. Management of two or more accounts can increase the chance of mistakenly leaking internal code to the public.
+
+{% endwarning %}
+
+If you aren't required to use a {% data variables.product.prodname_managed_user %}, {% data variables.product.company_short %} recommends that you use one personal account for all your work on {% data variables.product.product_location %}. With a single personal account, you can contribute to a combination of personal, open source, or professional projects using one identity. Other people can invite the account to contribute to both individual repositories and repositories owned by an organization, and the account can be a member of multiple organizations or enterprises.
+
+## Contributing to two accounts using HTTPS and SSH
+
+If you contribute with two accounts from one workstation, you can access repositories by using a different protocol and credentials for each account. 
+
+Git can use either the HTTPS or SSH protocol to access and update data in repositories on {% data variables.product.product_location %}. The protocol you use to clone a repository determines which credentials your workstation will use to authenticate when you access the repository. With this approach to account management, you store the credentials for one account to use for HTTPS connections and upload an SSH key to the other account to use for SSH connections.
+
+You can find both the HTTPS or an SSH URLs for cloning a repository on {% data variables.product.product_name %}. For more information, see "[Cloning a repository](/repositories/creating-and-managing-repositories/cloning-a-repository)."
+
+For more information about the use of SSH to access repositories on {% data variables.product.product_name %}, see "[Connecting to {% data variables.product.prodname_dotcom %} with SSH](/authentication/connecting-to-github-with-ssh)."
+
+## Contributing to multiple accounts using HTTPS and PATs
+
+Alternatively, if you want to use the HTTPS protocol for both accounts, you can use different personal access tokens (PAT) for each account by configuring Git to store different credentials for each repository.
+
+{% mac %}
+
+{% data reusables.git.open-terminal %}
+{% data reusables.git.confirm-credential-manager %}
+{% data reusables.git.clear-the-stored-credentials %}
+   {% data reusables.git.no-credential-manager %}
+   - If the output is `osxkeychain`, you're using the macOS keychain. To clear the credentials, enter the following command.
+
+     ```shell{:copy}
+     git credential-osxkeychain erase https://github.com
+     ```
+   {% data reusables.git.clear-stored-gcm-credentials %}
+{% data reusables.git.cache-on-repository-path %}
+{% data reusables.accounts.create-personal-access-tokens %}
+{% data reusables.git.provide-credentials %}
+
+{% endmac %}
+
+{% windows %}
+
+1. Open Git Bash.
+{% data reusables.git.confirm-credential-manager %}
+{% data reusables.git.clear-the-stored-credentials %}
+   {% data reusables.git.no-credential-manager %}
+   {% data reusables.git.clear-stored-gcm-credentials %}
+   - If the output is `wincred`, you're using the Windows Credential Manager. To clear the credentials, enter the following command.
+
+     ```shell{:copy}
+     cmdkey /delete:LegacyGeneric:target=git:https://github.com
+     ```
+{% data reusables.git.cache-on-repository-path %}
+{% data reusables.accounts.create-personal-access-tokens %}
+{% data reusables.git.provide-credentials %}
+
+{% endwindows %}
+
+{% linux %}
+
+{% data reusables.git.open-terminal %}
+{% data reusables.git.confirm-credential-manager %}
+{% data reusables.git.clear-the-stored-credentials %}
+   {% data reusables.git.no-credential-manager %}
+   {% data reusables.git.clear-stored-gcm-credentials %}
+{% data reusables.git.cache-on-repository-path %}
+{% data reusables.accounts.create-personal-access-tokens %}
+{% data reusables.git.provide-credentials %}
+
+{% endlinux %}
+
+## Contributing to multiple accounts using SSH and `GIT_SSH_COMMAND`
+
+If you want to use the SSH protocol for both accounts, you can use different SSH keys for each account. For more information about using SSH, see "[Connecting to {% data variables.product.prodname_dotcom %} with SSH](/authentication/connecting-to-github-with-ssh)."
+
+To use a different SSH key for different repositories that you clone to your workstation, you must write a shell wrapper function for Git operations. The function should perform the following steps.
+1. Determine the repository's full name with owner, using a command such as `git config --get remote.origin.url`.
+2. Choose the correct SSH key for authentication.
+3. Modify `GIT_SSH_COMMAND` accordingly. For more information about `GIT_SSH_COMMAND`, see [Environment Variables](https://git-scm.com/docs/git#Documentation/git.txt-codeGITSSHCOMMANDcode) in the Git documentation.
+
+For example, the following command sets the `GIT_SSH_COMMAND` environment variable to specify an SSH command that uses the private key file at **_PATH/TO/KEY/FILE_** for authentication to clone the repository named **_OWNER_**/**_REPOSITORY_** on {% data variables.product.product_location %}.
+
+<pre>
+GIT_SSH_COMMAND='ssh -i <em>PATH/TO/KEY/FILE</em> -o IdentitiesOnly=yes' git clone git@github.com:<em>OWNER</em>/<em>REPOSITORY</em>
+</pre>

content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/merging-multiple-personal-accounts.md

@@ -8,12 +8,13 @@ redirect_from:
   - /github/setting-up-and-managing-your-github-user-account/merging-multiple-user-accounts
   - /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/merging-multiple-user-accounts
   - /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/merging-multiple-user-accounts
+  - /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/merging-multiple-personal-accounts
 versions:
   fpt: '*'
   ghec: '*'
 topics:
   - Accounts
-shortTitle: Merge multiple personal accounts
+shortTitle: Merge multiple accounts
 ---
 {% tip %}
 

content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md

@@ -243,10 +243,12 @@ curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOK
 {% ifversion actions-oidc-hardening-config %}
 ## Customizing the token claims
 
-You can security harden your OIDC configuration by customizing the claims that are included with the JWT. This allows your cloud provider to apply more granular trust conditions when determining whether to grant access to its resources. For example, you can customize the issuer (`iss`) claim to only allow access from a specific enterprise URL, and you can customize the subject (`sub`) value to require that requests originate from a specific repository, reusable workflow, or other source.
+You can security harden your OIDC configuration by customizing the claims that are included with the JWT. This allows your cloud provider to apply more granular trust conditions when determining whether to grant access to its resources. For example, {% ifversion ghec %}you can customize the issuer (`iss`) claim to only allow access from a specific enterprise URL, and {% endif %}you can customize the subject (`sub`) value to require that requests originate from a specific repository, reusable workflow, or other source.
 
 To configure the claim conditions on {% data variables.product.prodname_dotcom %}, you can use the REST API endpoints described in the following sections.
 
+{% ifversion ghec %}
+
 ### Switching to a unique token URL
 
 By default, the JWT is issued by {% data variables.product.prodname_dotcom %}'s OIDC provider at `https://token.actions.githubusercontent.com`. This path is presented to your cloud provider using the `iss` value in the JWT.
@@ -272,6 +274,8 @@ After this setting is applied, the JWT will contain the updated `iss` value. In
 }
 ```
 
+{% endif %}
+
 ### Customizing the subject claims for an organization
 
 To configure organization-wide security, compliance, and standardization, you can customize the standard claims to suit your required access conditions. If your cloud provider supports conditions on subject claims, you can create a condition that checks whether the `sub` value matches the path of the reusable workflow, such as `"job_workflow_ref: "octo-org/octo-automation/.github/workflows/oidc.yml@refs/heads/main""`. The exact format will vary depending on your cloud provider's OIDC configuration. To configure the matching condition on {% data variables.product.prodname_dotcom %}, you can can use the REST API to require that the `sub` claim must always include a specific custom claim, such as `job_workflow_ref`. For more information, see "[Set the customization template for an OIDC subject claim for an organization](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization)."

content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md

@@ -18,15 +18,24 @@ shortTitle: Run runner app on startup
 
 {% capture service_first_step %}1. Stop the self-hosted runner application if it is currently running.{% endcapture %}
 {% capture service_non_windows_intro_shell %}On the runner machine, open a shell in the directory where you installed the self-hosted runner application. Use the commands below to install and manage the self-hosted runner service.{% endcapture %}
-{% capture service_nonwindows_intro %}You must add a runner to {% data variables.product.product_name %} before you can configure the self-hosted runner application as a service. For more information, see "[Adding self-hosted runners](/github/automating-your-workflow-with-github-actions/adding-self-hosted-runners)."{% endcapture %}
-{% capture service_win_name %}actions.runner.*{% endcapture %}
 
+{% capture service_nonwindows_intro %}
+
+{% note %}
+
+**Note:** You must add a runner to {% data variables.product.product_name %} before you can configure the self-hosted runner application as a service. 
+For more information, see "[Adding self-hosted runners](/github/automating-your-workflow-with-github-actions/adding-self-hosted-runners)."
+
+{% endnote %}
+{% endcapture %}
+
+{% capture service_win_name %}actions.runner.*{% endcapture %}
 
 {% linux %}
 
 {{ service_nonwindows_intro }}
 
-For Linux systems that use `systemd`, you can use the `svc.sh` script distributed with the self-hosted runner application to install and manage using the application as a service.
+For Linux systems that use `systemd`, you can use the `svc.sh` script that is created after successfully adding the runner to install and manage using the application as a service.
 
 {{ service_non_windows_intro_shell }}
 

content/actions/learn-github-actions/contexts.md

@@ -38,6 +38,8 @@ You can access contexts using the expression syntax. For more information, see "
 | `github` | `object` | Information about the workflow run. For more information, see [`github` context](#github-context). |
 | `env` | `object` | Contains environment variables set in a workflow, job, or step. For more information, see [`env` context](#env-context). |
 | `job` | `object` | Information about the currently running job. For more information, see [`job` context](#job-context). |
+{%- ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %}
+| `jobs` | `object` | For reusable workflows only, contains outputs of jobs from the reusable workflow. For more information, see [`jobs` context](#jobs-context). |{% endif %}
 | `steps` | `object` | Information about the steps that have been run in the current job. For more information, see [`steps` context](#steps-context). |
 | `runner` | `object` | Information about the runner that is running the current job. For more information, see [`runner` context](#runner-context). |
 | `secrets` | `object` | Contains the names and values of secrets that are available to a workflow run. For more information, see [`secrets` context](#secrets-context). |
@@ -404,6 +406,72 @@ jobs:
       - run: ./run-tests
 ```
 
+{% ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %}
+
+## `jobs` context
+
+The `jobs` context is only available in reusable workflows, and can only be used to set outputs for a reusable workflow. For more information, see "[Reusing workflows](/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow)."
+
+| Property name | Type | Description |
+|---------------|------|-------------|
+| `jobs` | `object` | This is only available in reusable workflows, and can only be used to set outputs for a reusable workflow. This object contains all the properties listed below.
+| `jobs.<job_id>.result` | `string` | The result of a job in the reusable workflow. Possible values are `success`, `failure`, `cancelled`, or `skipped`. |
+| `jobs.<job_id>.outputs` | `object` | The set of outputs of a job in a reusable workflow. |
+| `jobs.<job_id>.outputs.<output_name>` | `string` | The value of a specific output for a job in a reusable workflow. |
+
+### Example contents of the `jobs` context
+
+This example `jobs` context contains the result and outputs of a job from a reusable workflow run.
+
+```json
+{
+  example_job: {
+    result: success,
+    outputs: {
+      output1: hello,
+      output2: world
+    }
+  }
+}
+```
+
+### Example usage of the `jobs` context
+
+This example reusable workflow uses the `jobs` context to set outputs for the reusable workflow. Note how the outputs flow up from the steps, to the job, then to the `workflow_call` trigger. For more information, see "[Reusing workflows](/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow)."
+
+{% raw %}
+```yaml{:copy}
+name: Reusable workflow
+
+on:
+  workflow_call:
+    # Map the workflow outputs to job outputs
+    outputs:
+      firstword:
+        description: "The first output string"
+        value: ${{ jobs.example_job.outputs.output1 }}
+      secondword:
+        description: "The second output string"
+        value: ${{ jobs.example_job.outputs.output2 }}
+
+jobs:
+  example_job:
+    name: Generate output
+    runs-on: ubuntu-latest
+    # Map the job outputs to step outputs
+    outputs:
+      output1: ${{ steps.step1.outputs.firstword }}
+      output2: ${{ steps.step2.outputs.secondword }}
+    steps:
+      - id: step1
+        run: echo "::set-output name=firstword::hello"
+      - id: step2
+        run: echo "::set-output name=secondword::world"
+```
+{% endraw %}
+
+{% endif %}
+
 ## `steps` context
 
 The `steps` context contains information about the steps in the current job that have an [`id`](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsid) specified and have already run.

content/actions/publishing-packages/publishing-nodejs-packages.md

@@ -98,9 +98,9 @@ Each time you create a new release, you can trigger a workflow to publish your p
 
 ### Configuring the destination repository
 
-If you don't provide the `repository` key in your *package.json* file, then {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the `name` field of the *package.json* file. For example, a package named `@my-org/test` is published to the `my-org/test` {% data variables.product.prodname_dotcom %} repository.
+Linking your package to {% data variables.product.prodname_registry %} using the `repository` key is optional. If you choose not to provide the `repository` key in your *package.json* file, then {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the `name` field of the *package.json* file. For example, a package named `@my-org/test` is published to the `my-org/test` {% data variables.product.prodname_dotcom %} repository. If the `url` specified in the `repository` key is invalid, your package may still be published however it won't be linked to the repository source as intended.
 
-However, if you do provide the `repository` key, then the repository in that key is used as the destination npm registry for {% data variables.product.prodname_registry %}. For example, publishing the below *package.json* results in a package named `my-amazing-package` published to the `octocat/my-other-repo` {% data variables.product.prodname_dotcom %} repository.
+If you do provide the `repository` key in your *package.json* file, then the repository in that key is used as the destination npm registry for {% data variables.product.prodname_registry %}. For example, publishing the below *package.json* results in a package named `my-amazing-package` published to the `octocat/my-other-repo` {% data variables.product.prodname_dotcom %} repository. Once published, only the repository source is updated, and the package doesn't inherit any permissions from the destination repository.
 
 ```json
 {

content/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise.md

@@ -82,7 +82,11 @@ These restrictions are unacceptable for some enterprises. To determine whether {
 
 ### Do your developers rely on collaboration outside of your enterprise?
 
-{% data variables.product.prodname_managed_users_caps %} can only contribute to repositories within your enterprise. If your developers need to collaborate in repositories outside your enterprise, even private repositories, to complete their work, {% data variables.product.prodname_emus %} may not be right for your enterprise, and SAML SSO may be a better solution.
+{% data variables.product.prodname_managed_users_caps %} can only contribute to repositories within your enterprise. If your developers must contribute to both repositories within and outside of your enterprise, including private repositories, {% data variables.product.prodname_emus %} may not be right for your enterprise. SAML SSO may be a better solution.
+
+Some companies maintain repositories within an existing enterprise using SAML SSO on {% data variables.product.product_location %}, and also create an {% data variables.product.prodname_emu_enterprise %}. Developers who contribute to repositories owned by both enterprises from a single workstation must switch between the accounts on {% data variables.product.product_location %} within a single browser, or use a different browser for each account. The developer may also need to customize the workstation's Git configuration to accommodate the two accounts. The complexity of this workflow can increase the risk of mistakenly leaking internal code to the public.
+
+If you decide to create an {% data variables.product.prodname_emu_enterprise %} but require that developers contribute to resources outside of the enterprise from a single workstation, you can provide support for switching between the accounts in a developer's local Git configuration. For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#supporting-developers-with-multiple-user-accounts-on-githubcom)."
 
 ### Does your enterprise rely on outside collaborators?
 

content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md

@@ -112,6 +112,8 @@ Before your developers can use {% data variables.product.prodname_ghe_cloud %} w
   
 5. Once authentication and provisioning are configured, you can start provisioning members and managing teams. For more information, see "[Managing team memberships with identity provider groups](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)."
 
+If members of your enterprise must use one workstation to contribute to repositories on {% data variables.product.product_location %} from both a  {% data variables.product.prodname_managed_user %} and a personal account, you can provide support. For more information, see "[Supporting developers with multiple user accounts on {% data variables.product.prodname_dotcom_the_website %}](#supporting-developers-with-multiple-user-accounts-on-githubcom)."
+
 ## Authenticating as a {% data variables.product.prodname_managed_user %}
 
 {% data variables.product.prodname_managed_users_caps %} must authenticate through their identity provider. To authenticate, a {% data variables.product.prodname_managed_user %} can visit their IdP application portal or use the login page on {% data variables.product.prodname_dotcom_the_website %}.
@@ -134,3 +136,9 @@ Before your developers can use {% data variables.product.prodname_ghe_cloud %} w
 A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
 
 The profile name and email address of a {% data variables.product.prodname_managed_user %} is also provided by the IdP. {% data variables.product.prodname_managed_users_caps %} cannot change their profile name or email address on {% data variables.product.prodname_dotcom %}, and the IdP can only provide a single email address.
+
+## Supporting developers with multiple user accounts on {% data variables.product.product_location %}
+
+People on your team may need to contribute to resources on {% data variables.product.product_location %} that are outside of your {% data variables.product.prodname_emu_enterprise %}. For example, you may wish to maintain a separate enterprise for your company's open source projects. Because a {% data variables.product.prodname_managed_user %} cannot contribute to public resources, users will need to maintain a separate, personal account for this work.
+
+People who must contribute from two user accounts on {% data variables.product.product_location %} using one workstation can configure Git to simplify the process. For more information, see "[Managing multiple accounts](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts)."

content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md

@@ -44,7 +44,8 @@ You set up the audit log stream on {% data variables.product.product_name %} by
 
 - [Amazon S3](#setting-up-streaming-to-amazon-s3)
 - [Azure Blob Storage](#setting-up-streaming-to-azure-blob-storage)
-- [Azure Event Hubs](#setting-up-streaming-to-azure-event-hubs)
+- [Azure Event Hubs](#setting-up-streaming-to-azure-event-hubs){% ifversion streaming-datadog %}
+- [Datadog](#setting-up-streaming-to-datadog){% endif %}
 - [Google Cloud Storage](#setting-up-streaming-to-google-cloud-storage)
 - [Splunk](#setting-up-streaming-to-splunk)
 
@@ -60,7 +61,7 @@ You can set up streaming to S3 with access keys or, to avoid storing long-lived
 #### Setting up streaming to S3 with access keys
 {% endif %}
 
-To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the the AWS documentation. Make sure to block public access to the bucket to protect your audit log information. 
+To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the AWS documentation. Make sure to block public access to the bucket to protect your audit log information. 
 
 To set up audit log streaming from {% data variables.product.prodname_dotcom %} you will need:
 * The name of your Amazon S3 bucket
@@ -231,6 +232,32 @@ You need two pieces of information about your event hub: its instance name and t
 
 {% data reusables.enterprise.verify-audit-log-streaming-endpoint %}
 
+{% ifversion streaming-datadog %}
+### Setting up streaming to Datadog
+
+To set up streaming to Datadog, you must create a client token or an  API key in Datadog, then configure audit log streaming in {% data variables.product.product_name %} using the token for authentication. You do not need to create a bucket or other storage container in Datadog.
+
+After you set up streaming to Datadog, you can see your audit log data by filtering by "github.audit.streaming." For more information, see [Log Management](https://docs.datadoghq.com/logs/).
+
+1. If you don't already have a Datadog account, create one.
+1. In Datadog, generate a client token or an API key, then click **Copy key**. For more information, see [API and Application Keys](https://docs.datadoghq.com/account_management/api-app-keys/) in Datadog Docs.
+{% data reusables.enterprise.navigate-to-log-streaming-tab %}
+1. Select the **Configure stream** dropdown menu and click **Datadog**.
+   
+   ![Screenshot of the "Configure stream" dropdown menu with "Datadog" highlighted](/assets/images/help/enterprises/audit-stream-choice-datadog.png)
+1. Under "Token", paste the token  you copied earlier.
+
+   ![Screenshot of the "Token" field](/assets/images/help/enterprises/audit-stream-datadog-token.png)
+1. Select the "Site" dropdown menu and click your Datadog site. To determine your Datadog site, compare your Datadog URL to the table in [Datadog sites](https://docs.datadoghq.com/getting_started/site/) in Datadog Docs.
+
+   ![Screenshot of the "Site" dropdown menu](/assets/images/help/enterprises/audit-stream-datadog-site.png)
+1. To verify that {% data variables.product.prodname_dotcom %} can connect and write to the Datadog endpoint, click **Check endpoint**.
+   
+   ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png)
+{% data reusables.enterprise.verify-audit-log-streaming-endpoint %}
+1. After a few minutes, confirm that audit log data is appearing on the **Logs** tab in Datadog. If audit log data is not appearing, confirm that your token and site are correct in {% data variables.product.prodname_dotcom %}.
+{% endif %}
+
 ### Setting up streaming to Google Cloud Storage
 
 To set up streaming to Google Cloud Storage, you must create a service account in Google Cloud with the appropriate credentials and permissions, then configure audit log streaming in {% data variables.product.product_name %} using the service account's credentials for authentication.
@@ -292,6 +319,10 @@ To stream audit logs to Splunk's HTTP Event Collector (HEC) endpoint you must ma
 
 Pausing the stream allows you to perform maintenance on the receiving application without losing audit data. Audit logs are stored for up to seven days on {% data variables.product.product_location %} and are then exported when you unpause the stream.
 
+{% ifversion streaming-datadog %}
+Datadog only accepts logs from up to 18 hours in the past. If you pause a stream to a Datadog endpoint for more than 18 hours, you risk losing logs that Datadog won't accept after you resume streaming.
+{% endif %}
+
 {% data reusables.enterprise.navigate-to-log-streaming-tab %}
 1. Click **Pause stream**.
    

content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md

@@ -81,6 +81,8 @@ You can also configure allowed IP addresses for an individual organization. For
 
 {% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
 
+{% data reusables.identity-and-permissions.ipv6-allow-lists %}
+
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.security-tab %}

content/authentication/managing-commit-signature-verification/generating-a-new-gpg-key.md

@@ -28,11 +28,11 @@ topics:
 {% data reusables.command_line.open_the_multi_os_terminal %}
 3. Generate a GPG key pair. Since there are multiple versions of GPG, you may need to consult the relevant [_man page_](https://en.wikipedia.org/wiki/Man_page) to find the appropriate key generation command. Your key must use RSA.
     - If you are on version 2.1.17 or greater, paste the text below to generate a GPG key pair.
-      ```shell
+      ```shell{:copy}
       $ gpg --full-generate-key
       ```
     - If you are not on version 2.1.17 or greater, the `gpg --full-generate-key` command doesn't work. Paste the text below and skip to step 6.
-      ```shell
+      ```shell{:copy}
       $ gpg --default-new-key-algo rsa4096 --gen-key
       ```
 4. At the prompt, specify the kind of key you want, or press `Enter` to accept the default.
@@ -51,10 +51,10 @@ topics:
 {% data reusables.gpg.list-keys-with-note %}
 {% data reusables.gpg.copy-gpg-key-id %}
 10. Paste the text below, substituting in the GPG key ID you'd like to use. In this example, the GPG key ID is `3AA5C34371567BD2`:
-  ```shell
-  $ gpg --armor --export <em>3AA5C34371567BD2</em>
-  # Prints the GPG key ID, in ASCII armor format
-  ```
+ ```shell{:copy}
+ $ gpg --armor --export 3AA5C34371567BD2
+ # Prints the GPG key ID, in ASCII armor format
+ ```
 11. Copy your GPG key, beginning with `-----BEGIN PGP PUBLIC KEY BLOCK-----` and ending with `-----END PGP PUBLIC KEY BLOCK-----`.
 12. [Add the GPG key to your GitHub account](/articles/adding-a-gpg-key-to-your-github-account).
 

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md

@@ -43,8 +43,8 @@ By default, the code scanning alerts page is filtered to show alerts for the def
 ![Summary of alerts](/assets/images/help/repository/code-scanning-click-alert.png)
 
 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %}
-     {% data reusables.code-scanning.alert-default-branch %}
-     ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %}
+   {% data reusables.code-scanning.alert-default-branch %}
+   ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %}
 1. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used.
   {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %}
    ![The "Show paths" link on an alert](/assets/images/help/repository/code-scanning-show-paths.png)

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md

@@ -151,25 +151,29 @@ The names of the {% data variables.product.prodname_code_scanning %} analysis ch
 
   ![{% data variables.product.prodname_code_scanning %} pull request checks](/assets/images/help/repository/code-scanning-pr-checks.png)
 
-When the {% data variables.product.prodname_code_scanning %} jobs complete, {% data variables.product.prodname_dotcom %} works out whether any alerts were added by the pull request and adds the "{% data variables.product.prodname_code_scanning_capc %} results / TOOL NAME" entry to the list of checks. After {% data variables.product.prodname_code_scanning %} has been performed at least once, you can click **Details** to view the results of the analysis. If you used a pull request to add {% data variables.product.prodname_code_scanning %} to the repository, you will initially see {% ifversion fpt or ghes > 3.2 or ghae or ghec %}an "Analysis not found"{% else %}a "Missing analysis"{% endif %} message when you click **Details** on the "{% data variables.product.prodname_code_scanning_capc %} results / TOOL NAME" check.
+When the {% data variables.product.prodname_code_scanning %} jobs complete, {% data variables.product.prodname_dotcom %} works out whether any alerts were added by the pull request and adds the "{% data variables.product.prodname_code_scanning_capc %} results / TOOL NAME" entry to the list of checks. After {% data variables.product.prodname_code_scanning %} has been performed at least once, you can click **Details** to view the results of the analysis.
 
-{% ifversion fpt or ghes > 3.2 or ghae or ghec %}
-  ![Analysis not found for commit message](/assets/images/help/repository/code-scanning-analysis-not-found.png)
+{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-7095  %}
+<!--Troubleshooting section no longer relevant-->
+{% elsif ghes < 3.5 or ghae %}
+If you used a pull request to add {% data variables.product.prodname_code_scanning %} to the repository, you will initially see {% ifversion ghes > 3.2 or ghae %}an "Analysis not found"{% elsif ghes = 3.2 %}a "Missing analysis"{% endif %} message when you click **Details** on the "{% data variables.product.prodname_code_scanning_capc %} results / TOOL NAME" check.
+
+{% ifversion ghes > 3.2 or ghae %}
+  ![Analysis not found for commit message](/assets/images/enterprise/3.4/repository/code-scanning-analysis-not-found.png)
 
 The table lists one or more categories. Each category relates to specific analyses, for the same tool and commit, performed on a different language or a different part of the code. For each category, the table shows the two analyses that {% data variables.product.prodname_code_scanning %} attempted to compare to determine which alerts were introduced or fixed in the pull request.
 
 For example, in the screenshot above, {% data variables.product.prodname_code_scanning %} found an analysis for the merge commit of the pull request, but no analysis for the head of the main branch.
-{% else %}
-  ![Missing analysis for commit message](/assets/images/enterprise/3.2/repository/code-scanning-missing-analysis.png)
-{% endif %}
 
-{% ifversion fpt or ghes > 3.2 or ghae or ghec %}
 ### Reasons for the "Analysis not found" message
-{% else %}
+
+{% elsif ghes = 3.2 %}
+  ![Missing analysis for commit message](/assets/images/enterprise/3.2/repository/code-scanning-missing-analysis.png)
+
 ### Reasons for the "Missing analysis" message
 {% endif %}
 
-After {% data variables.product.prodname_code_scanning %} has analyzed the code in a pull request, it needs to compare the analysis of the topic branch (the branch you used to create the pull request) with the analysis of the base branch (the branch into which you want to merge the pull request). This allows {% data variables.product.prodname_code_scanning %} to compute which alerts are newly introduced by the pull request, which alerts were already present in the base branch, and whether any existing alerts are fixed by the changes in the pull request. Initially, if you use a pull request to add {% data variables.product.prodname_code_scanning %} to a repository, the base branch has not yet been analyzed, so it's not possible to compute these details. In this case, when you click through from the results check on the pull request you will see the {% ifversion fpt or ghes > 3.2 or ghae or ghec %}"Analysis not found"{% else %}"Missing analysis for base commit SHA-HASH"{% endif %} message.
+After {% data variables.product.prodname_code_scanning %} has analyzed the code in a pull request, it needs to compare the analysis of the topic branch (the branch you used to create the pull request) with the analysis of the base branch (the branch into which you want to merge the pull request). This allows {% data variables.product.prodname_code_scanning %} to compute which alerts are newly introduced by the pull request, which alerts were already present in the base branch, and whether any existing alerts are fixed by the changes in the pull request. Initially, if you use a pull request to add {% data variables.product.prodname_code_scanning %} to a repository, the base branch has not yet been analyzed, so it's not possible to compute these details. In this case, when you click through from the results check on the pull request you will see the {% ifversion ghes > 3.2 or ghae %}"Analysis not found"{% elsif ghes = 3.2 %}"Missing analysis for base commit SHA-HASH"{% endif %} message.
 
 There are other situations where there may be no analysis for the latest commit to the base branch for a pull request. These include:
 
@@ -177,7 +181,7 @@ There are other situations where there may be no analysis for the latest commit
 
   To check whether a branch has been scanned, go to the {% data variables.product.prodname_code_scanning_capc %} page, click the **Branch** drop-down and select the relevant branch.
 
-![Choose a branch from the Branch drop-down menu](/assets/images/help/repository/code-scanning-branch-dropdown.png)
+  ![Choose a branch from the Branch drop-down menu](/assets/images/help/repository/code-scanning-branch-dropdown.png)
 
   The solution in this situation is to add the name of the base branch to the `on:push` and `on:pull_request` specification in the {% data variables.product.prodname_code_scanning %} workflow on that branch and then make a change that updates the open pull request that you want to scan.
 
@@ -189,6 +193,8 @@ There are other situations where there may be no analysis for the latest commit
 
   Merge a trivial change into the base branch to trigger {% data variables.product.prodname_code_scanning %} on this latest commit, then push a change to the pull request to retrigger {% data variables.product.prodname_code_scanning %}.
 
+{% endif %}
+
 ## Next steps
 
 After setting up {% data variables.product.prodname_code_scanning %}, and allowing its actions to complete, you can:

content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md

@@ -45,9 +45,15 @@ If you upload a second SARIF file for a commit with the same category and from t
 
 If you're new to SARIF and want to learn more, see Microsoft's [`SARIF tutorials`](https://github.com/microsoft/sarif-tutorials) repository.
 
-## Preventing duplicate alerts using fingerprints
+## Providing data to track {% data variables.product.prodname_code_scanning %} alerts across runs
 
-Each time the results of a new code scan are uploaded, the results are processed and alerts are added to the repository. To prevent duplicate alerts for the same problem, {% data variables.product.prodname_code_scanning %} uses fingerprints to match results across various runs so they only appear once in the latest run for the selected branch. This makes it possible to match alerts to the right line of code when files are edited.
+Each time the results of a new code scan are uploaded, the results are processed and alerts are added to the repository. To prevent duplicate alerts for the same problem, {% data variables.product.prodname_code_scanning %} uses fingerprints to match results across various runs so they only appear once in the latest run for the selected branch. This makes it possible to match alerts to the correct line of code when files are edited. The `ruleID` for a result has to be the same across analysis.
+ 
+### Reporting consistent filepaths
+
+The filepath has to be consistent across the runs to enable a computation of a stable fingerprint. If the filepaths differ for the same result, each time there is a new analysis a new alert will be created, and the old one will be closed. This will cause having multiple alerts for the same result.
+
+### Including data for fingerprint generation
 
 {% data variables.product.prodname_dotcom %} uses the `partialFingerprints` property in the OASIS standard to detect when two results are logically identical. For more information, see the "[partialFingerprints property](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012611)" entry in the OASIS documentation.
 
@@ -138,7 +144,7 @@ Each `result` object contains details for one alert in the codebase. Within the
 | `level`| **Optional.** The severity of the result. This level overrides the default severity defined by the rule. {% data variables.product.prodname_code_scanning_capc %} uses the level to filter results by severity on {% data variables.product.prodname_dotcom %}.
 | `message.text`| **Required.** A message that describes the result. {% data variables.product.prodname_code_scanning_capc %} displays the message text as the title of the result. Only the first sentence of the message will be displayed when visible space is limited.
 | `locations[]`| **Required.** The set of locations where the result was detected up to a maximum of 10. Only one location should be included unless the problem can only be corrected by making a change at every specified location. **Note:** At least one location is required for {% data variables.product.prodname_code_scanning %} to display a result. {% data variables.product.prodname_code_scanning_capc %} will use this property to decide which file to annotate with the result. Only the first value of this array is used. All other values are ignored.
-| `partialFingerprints`| **Required.** A set of strings used to track the unique identity of the result. {% data variables.product.prodname_code_scanning_capc %} uses `partialFingerprints` to accurately identify which results are the same across commits and branches. {% data variables.product.prodname_code_scanning_capc %} will attempt to use `partialFingerprints` if they exist. If you are uploading third-party SARIF files with the `upload-action`, the action will create `partialFingerprints` for you when they are not included in the SARIF file. For more information, see "[Preventing duplicate alerts using fingerprints](#preventing-duplicate-alerts-using-fingerprints)."  **Note:** {% data variables.product.prodname_code_scanning_capc %} only uses the `primaryLocationLineHash`.
+| `partialFingerprints`| **Required.** A set of strings used to track the unique identity of the result. {% data variables.product.prodname_code_scanning_capc %} uses `partialFingerprints` to accurately identify which results are the same across commits and branches. {% data variables.product.prodname_code_scanning_capc %} will attempt to use `partialFingerprints` if they exist. If you are uploading third-party SARIF files with the `upload-action`, the action will create `partialFingerprints` for you when they are not included in the SARIF file. For more information, see "[Providing data to track code scanning alerts across runs](#providing-data-to-track-code-scanning-alerts-across-runs)."  **Note:** {% data variables.product.prodname_code_scanning_capc %} only uses the `primaryLocationLineHash`.
 | `codeFlows[].threadFlows[].locations[]`| **Optional.** An array of `location` objects for a `threadFlow` object, which describes the progress of a program through a thread of execution. A `codeFlow` object describes a pattern of code execution used to detect a result. If code flows are provided, {% data variables.product.prodname_code_scanning %} will expand code flows on {% data variables.product.prodname_dotcom %} for the relevant result. For more information, see the [`location` object](#location-object).
 | `relatedLocations[]`| A set of locations relevant to this result. {% data variables.product.prodname_code_scanning_capc %} will link to related locations when they are embedded in the result message. For more information, see the [`location` object](#location-object).
 

content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md

@@ -58,7 +58,7 @@ For more information see the [`upload-sarif` action](https://github.com/github/c
 
 The `upload-sarif` action can be configured to run when the `push` and `scheduled` event occur. For more information about {% data variables.product.prodname_actions %}  events, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)."
 
-If your SARIF file doesn't include `partialFingerprints`, the `upload-sarif` action will calculate the `partialFingerprints` field for you and attempt to prevent duplicate alerts. {% data variables.product.prodname_dotcom %} can only create `partialFingerprints` when the repository contains both the SARIF file and the source code used in the static analysis. For more information about preventing duplicate alerts, see "[About SARIF support for code scanning](/code-security/secure-coding/sarif-support-for-code-scanning#preventing-duplicate-alerts-using-fingerprints)."
+If your SARIF file doesn't include `partialFingerprints`, the `upload-sarif` action will calculate the `partialFingerprints` field for you and attempt to prevent duplicate alerts. {% data variables.product.prodname_dotcom %} can only create `partialFingerprints` when the repository contains both the SARIF file and the source code used in the static analysis. For more information about preventing duplicate alerts, see "[About SARIF support for code scanning](/code-security/secure-coding/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs)."
 
 {% data reusables.code-scanning.upload-sarif-alert-limit %}
 

content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md

@@ -417,7 +417,7 @@ updates:
 
 ### `open-pull-requests-limit`
 
-By default, {% data variables.product.prodname_dependabot %} opens a maximum of five pull requests for version updates. Once there are five open pull requests, new requests are blocked until you merge or close some of the open requests, after which new pull requests can be opened on subsequent updates. Use `open-pull-requests-limit` to change this limit. This also provides a simple way to temporarily disable version updates for a package manager.
+By default, {% data variables.product.prodname_dependabot %} opens a maximum of five pull requests for version updates. Once there are five open pull requests from {% data variables.product.prodname_dependabot %}, {% data variables.product.prodname_dependabot %} will not open any new requests until some of those open requests are merged or closed. Use `open-pull-requests-limit` to change this limit. This also provides a simple way to temporarily disable version updates for a package manager.
 
 This option has no impact on security updates, which have a separate, internal limit of ten open pull requests.
 

content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md

@@ -12,25 +12,25 @@ shortTitle: Private image registry
 
 ## About private image registries and {% data variables.product.prodname_github_codespaces %}
 
-A registry is a secure space for storing, managing, and fetching private container images. You may use one to store one or more images. There are many examples of registries, such as {% data variables.product.prodname_dotcom %} Container Registry, Azure Container Registry, or DockerHub.
+A registry is a secure space for storing, managing, and fetching private container images. You may use one to store one or more images. There are many examples of registries, such as {% data variables.product.prodname_container_registry %}, {% data variables.product.prodname_npm_registry %}, Azure Container Registry, or DockerHub.
 
-{% data variables.product.prodname_dotcom %} Container Registry can be configured to pull container images seamlessly, without having to provide any authentication credentials to {% data variables.product.prodname_github_codespaces %}. For other image registries, you must create secrets in {% data variables.product.prodname_dotcom %} to store the access details, which will allow {% data variables.product.prodname_codespaces %} to access images stored in that registry.
+{% data variables.product.prodname_ghcr_and_npm_registry %} can be configured to allow container images to be pulled seamlessly into {% data variables.product.prodname_github_codespaces %} during codespace creation, without having to provide any authentication credentials. For other image registries, you must create secrets in {% data variables.product.prodname_dotcom %} to store the access details, which will allow {% data variables.product.prodname_codespaces %} to access images stored in that registry.
 
-## Accessing images stored in {% data variables.product.prodname_dotcom %} Container Registry
+## Accessing images stored in {% data variables.product.prodname_ghcr_and_npm_registry %}
 
-{% data variables.product.prodname_dotcom %} Container Registry is the easiest way for {% data variables.product.prodname_codespaces %} to consume devcontainer container images.
+{% data variables.product.prodname_ghcr_and_npm_registry %} provide the easiest way for {% data variables.product.prodname_codespaces %} to consume dev container images.
 
-For more information, see "[Working with the Container registry](/packages/working-with-a-github-packages-registry/working-with-the-container-registry)".
+For more information, see "[Working with the Container registry](/packages/working-with-a-github-packages-registry/working-with-the-container-registry)" and "[Working with the npm registry](/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)".
 
 ### Accessing an image published to the same repository as the codespace
 
-If you publish a container image to {% data variables.product.prodname_dotcom %} Container Registry in the same repository that the codespace is being launched in, you will automatically be able to fetch that image on codespace creation. You won't have to provide any additional credentials, unless the **Inherit access from repo** option was unselected when the container image was published.
+If you publish a container image to {% data variables.product.prodname_ghcr_or_npm_registry %} in the same repository that the codespace is being launched in, you will automatically be able to fetch that image on codespace creation. You won't have to provide any additional credentials, unless the **Inherit access from repo** option was unselected when the container image was published.
 
 #### Inheriting access from the repository from which an image was published
 
-By default, when you publish a container image to {% data variables.product.prodname_dotcom %} Container Registry, the image inherits the access setting of the repository from which the image was published. For example, if the repository is public, the image is also public. If the repository is private, the image is also private, but is accessible from the repository.
+By default, when you publish a container image to {% data variables.product.prodname_ghcr_or_npm_registry %}, the image inherits the access setting of the repository from which the image was published. For example, if the repository is public, the image is also public. If the repository is private, the image is also private, but is accessible from the repository.
 
-This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.product.prodname_dotcom %} Container Registry using a Personal Access Token (PAT).
+This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.product.prodname_ghcr_or_npm_registry %} using a Personal Access Token (PAT).
 
 If the **Inherit access from repo** option was not selected when the image was published, you can manually add the repository to the published container image's access controls. For more information, see "[Configuring a package's access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#inheriting-access-for-a-container-image-from-a-repository)."
 
@@ -46,13 +46,13 @@ If you want to allow a subset of an organization's repositories to access a cont
 
 ### Publishing a container image from a codespace
 
-Seamless access from a codespace to {% data variables.product.prodname_dotcom %} Container Registry is limited to pulling container images. If you want to publish a container image from inside a codespace, you must use a personal access token (PAT) with the `write:packages` scope.
+Seamless access from a codespace to {% data variables.product.prodname_ghcr_or_npm_registry %} is limited to pulling container images. If you want to publish a container image from inside a codespace, you must use a personal access token (PAT) with the `write:packages` scope.
 
-We recommend publishing images via {% data variables.product.prodname_actions %}. For more information, see "[Publishing Docker images](/actions/publishing-packages/publishing-docker-images)."
+We recommend publishing images via {% data variables.product.prodname_actions %}. For more information, see "[Publishing Docker images](/actions/publishing-packages/publishing-docker-images)" and "[Publishing Node.js packages](/actions/publishing-packages/publishing-nodejs-packages)."
 
 ## Accessing images stored in other container registries
 
-If you are accessing a container image from a registry that isn't {% data variables.product.prodname_dotcom %} Container Registry, {% data variables.product.prodname_codespaces %} checks for the presence of three secrets, which define the server name, username, and personal access token (PAT) for a container registry. If these secrets are found, {% data variables.product.prodname_github_codespaces %} will make the registry available inside your codespace.
+If you are accessing a container image from a registry that isn't {% data variables.product.prodname_ghcr_or_npm_registry %}, {% data variables.product.prodname_codespaces %} checks for the presence of three secrets, which define the server name, username, and personal access token (PAT) for a container registry. If these secrets are found, {% data variables.product.prodname_github_codespaces %} will make the registry available inside your codespace.
 
 - `<*>_CONTAINER_REGISTRY_SERVER`
 - `<*>_CONTAINER_REGISTRY_USER`

content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md

@@ -23,6 +23,8 @@ When an organization has an allow list, third-party applications that connect vi
 
 ## Adding an IP address allow list to a {% data variables.product.prodname_github_app %}
 
+{% data reusables.identity-and-permissions.ipv6-allow-lists %}
+
 {% data reusables.apps.settings-step %}
 {% data reusables.user-settings.developer_settings %}
 {% data reusables.user-settings.github_apps %}

content/developers/webhooks-and-events/webhooks/securing-your-webhooks.md

@@ -37,12 +37,12 @@ $ export SECRET_TOKEN=<em>your_token</em>
 
 ## Validating payloads from GitHub
 
-When your secret token is set, {% data variables.product.product_name %} uses it to create a hash signature with each payload. This hash signature is included with the headers of each request as `X-Hub-Signature-256`.
+When your secret token is set, {% data variables.product.product_name %} uses it to create a hash signature with each payload. This hash signature is included with the headers of each request as `x-hub-signature-256`.
 
 {% ifversion fpt or ghes or ghec %}
 {% note %}
 
-**Note:** For backward-compatibility, we also include the `X-Hub-Signature` header that is generated using the SHA-1 hash function. If possible, we recommend that you use the `X-Hub-Signature-256` header for improved security. The example below demonstrates using the `X-Hub-Signature-256` header.
+**Note:** For backward-compatibility, we also include the `x-hub-signature` header that is generated using the SHA-1 hash function. If possible, we recommend that you use the `x-hub-signature-256` header for improved security. The example below demonstrates using the `x-hub-signature-256` header.
 
 {% endnote %}
 {% endif %}

content/get-started/exploring-projects-on-github/following-organizations.md

@@ -7,15 +7,11 @@ topics:
   - Profile
 ---
 
-{% note %}
-
-**Note:** The ability to follow organizations is currently in public beta and subject to change.
-
-{% endnote %}
+{% data reusables.organizations.follow-organizations-beta %}
 
 ## About followers on {% data variables.product.product_name %}
 
-When you follow organizations, you'll see their public activity on your personal dashboard. For more information, see "[About your personal dashboard](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard#staying-updated-with-activity-from-the-community)."
+{% data reusables.organizations.about-following-organizations %} For more information, see "[About your personal dashboard](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard#staying-updated-with-activity-from-the-community)."
 
 You can unfollow an organization if you do not wish to see their {% ifversion fpt or ghec %}public{% endif %} activity on {% data variables.product.product_name %}.
 

content/get-started/importing-your-projects-to-github/importing-source-code-to-github/adding-locally-hosted-code-to-github.md

@@ -58,11 +58,21 @@ If you have existing source code or repositories stored locally on your computer
 	![Create New Repository drop-down](/assets/images/help/repository/repo-create.png)
 {% data reusables.command_line.open_the_multi_os_terminal %}
 3. Change the current working directory to your local project.
-4. Initialize the local directory as a Git repository.
-  ```shell
-  $ git init -b main
-  ```
+4. Use the `init` command to initialize the local directory as a Git repository. By default, the initial branch is called `master`.
+   
+   If you’re using Git 2.28.0 or a later version, you can set the name of the default branch using `-b`.
+
+   ``` shell
+   $ git init -b main
+   ```
+
+   If you’re using Git 2.27.1 or an earlier version, you can set the name of the default branch using  `&& git branch -m`.
+
+   ``` shell
+   $ git init && git branch -m main
+   ```
 5. Add the files in your new local repository. This stages them for the first commit.
+  
   ```shell
   $ git add .
   # Adds the files in the local repository and stages them for commit. {% data reusables.git.unstage-codeblock %}
@@ -95,10 +105,19 @@ If you have existing source code or repositories stored locally on your computer
 	![Create New Repository drop-down](/assets/images/help/repository/repo-create.png)
 {% data reusables.command_line.open_the_multi_os_terminal %}
 3. Change the current working directory to your local project.
-4. Initialize the local directory as a Git repository.
-  ```shell
-  $ git init -b main
-  ```
+4. Use the `init` command to initialize the local directory as a Git repository. By default, the initial branch is called `master`.
+   
+   If you’re using Git 2.28.0 or a later version, you can set the name of the default branch using `-b`.
+
+   ``` shell
+   $ git init -b main
+   ```
+
+   If you’re using Git 2.27.1 or an earlier version, you can set the name of the default branch using  `&& git branch -m`.
+
+   ``` shell
+   $ git init && git branch -m main
+   ```
 5. Add the files in your new local repository. This stages them for the first commit.
   ```shell
   $ git add .
@@ -132,10 +151,19 @@ If you have existing source code or repositories stored locally on your computer
 	![Create New Repository drop-down](/assets/images/help/repository/repo-create.png)
 {% data reusables.command_line.open_the_multi_os_terminal %}
 3. Change the current working directory to your local project.
-4. Initialize the local directory as a Git repository.
-  ```shell
-  $ git init -b main
-  ```
+4. Use the `init` command to initialize the local directory as a Git repository. By default, the initial branch is called `master`.
+   
+   If you’re using Git 2.28.0 or a later version, you can set the name of the default branch using `-b`.
+
+   ``` shell
+   $ git init -b main
+   ```
+
+   If you’re using Git 2.27.1 or an earlier version, you can set the name of the default branch using  `&& git branch -m`.
+
+   ``` shell
+   $ git init && git branch -m main
+   ```
 5. Add the files in your new local repository. This stages them for the first commit.
   ```shell
   $ git add .

content/get-started/quickstart/be-social.md

@@ -57,7 +57,23 @@ From your dashboard, click the drop down menu of your username on the left side
 
 ![Switch account context dropdown](/assets/images/help/overview/dashboard-contextswitcher.png)
 
-### Exploring other projects on {% data variables.product.prodname_dotcom %}
+{% ifversion for-you-feed %}
+
+## Following organizations
+
+{% data reusables.organizations.follow-organizations-beta %}
+
+{% data reusables.organizations.about-following-organizations %}
+
+To follow an organization, in the header of the organization's page, click **Follow**.
+
+![Screenshot of the organization header, with the follow button highlighted](/assets/images/help/profile/organization-profile-following.png)
+
+For more information, see "[Following organizations](/get-started/exploring-projects-on-github/following-organizations)."
+
+{% endif %}
+
+## Exploring other projects on {% data variables.product.prodname_dotcom %}
 
 You can discover new and interesting projects on {% data variables.product.prodname_dotcom %}'s Explore page. You can star interesting projects to make them easy to find again later. Visit your stars page to see all your starred projects. For more information about stars, see "[Saving repositories with stars](/get-started/exploring-projects-on-github/saving-repositories-with-stars)."
 

content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md

@@ -38,6 +38,8 @@ You can also configure allowed IP addresses for the organizations in an enterpri
 
 {% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
 
+{% data reusables.identity-and-permissions.ipv6-allow-lists %}
+
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security %}

content/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization.md

@@ -1,6 +1,6 @@
 ---
 title: Enabling or disabling GitHub Discussions for an organization
-intro: 'You can use {% data variables.product.prodname_discussions %} in a organization as a place for your organization to have conversations that aren''t specific to a single repository within your organization.'
+intro: 'You can use {% data variables.product.prodname_discussions %} in an organization as a place for your organization to have conversations that aren''t specific to a single repository within your organization.'
 permissions: 'Organization owners can enable {% data variables.product.prodname_discussions %} for their organization.'
 versions:
   feature: discussions

content/packages/index.md

@@ -18,6 +18,7 @@ featuredLinks:
   guideCards:
     - '{% ifversion docker-ghcr-enterprise-migration %}/packages/working-with-a-github-packages-registry/migrating-to-the-container-registry-from-the-docker-registry{% endif %}'
     - '{% ifversion fpt or ghec or ghes > 3.4 %}/packages/working-with-a-github-packages-registry/working-with-the-container-registry{% else %}/packages/working-with-a-github-packages-registry/working-with-the-docker-registry{% endif %}'
+    - '{% ifversion packages-npm-v2 %}/packages/working-with-a-github-packages-registry/working-with-the-npm-registry{% endif %}'
     - /packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry
 changelog:
   label: packages

content/packages/learn-github-packages/about-permissions-for-github-packages.md

@@ -18,20 +18,22 @@ The permissions for packages are either repository-scoped or user/organization-s
 
 A repository-scoped package inherits the permissions and visibility of the repository that owns the package. You can find a package scoped to a repository by going to the main page of the repository and clicking the **Packages** link to the right of the page. {% ifversion fpt or ghec %}For more information, see "[Connecting a repository to a package](/packages/learn-github-packages/connecting-a-repository-to-a-package)."{% endif %}
 
-The {% data variables.product.prodname_registry %} registries below use repository-scoped permissions:
+The {% data variables.product.prodname_registry %} registries below **only** use repository-scoped permissions:
 
   {% ifversion not fpt or ghec %}- Docker registry (`docker.pkg.github.com`){% endif %}
-  - npm registry
+  {% ifversion packages-npm-v2 %}{% else %}- npm registry{% endif %}
   - RubyGems registry
   - Apache Maven registry
   - NuGet registry
 
+{% ifversion packages-npm-v2 %}For {% data variables.product.prodname_ghcr_and_npm_registry %}, you can choose to allow packages to be scoped to a user, an organization, or linked to a repository.{% endif %}
+
 {% ifversion fpt or ghec %}
 ## Granular permissions for user/organization-scoped packages
 
 Packages with granular permissions are scoped to a personal user or organization account. You can change the access control and visibility of the package separately from a repository that is connected (or linked) to a package.
 
-Currently, only the {% data variables.product.prodname_container_registry %} offers granular permissions for your container image packages.
+Currently, the {% data variables.product.prodname_ghcr_and_npm_registry %} offer granular permissions for your container image packages.
 
 ## Visibility and access permissions for container images
 

content/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility.md

@@ -15,7 +15,7 @@ shortTitle: Access control & visibility
 
 Packages with granular permissions are scoped to a personal user or organization account. You can change the access control and visibility of a package separately from the repository that it is connected (or linked) to.
 
-Currently, you can only use granular permissions with the {% data variables.product.prodname_container_registry %}. Granular permissions are not supported in our other package registries, such as the npm registry.{% ifversion docker-ghcr-enterprise-migration %} For more information about migration to the {% data variables.product.prodname_container_registry %}, see "[Migrating to the {% data variables.product.prodname_container_registry %} from the Docker registry](/packages/working-with-a-github-packages-registry/migrating-to-the-container-registry-from-the-docker-registry)."{% endif %}
+Currently, you can only use granular permissions with the {% data variables.product.prodname_ghcr_and_npm_registry %}. Granular permissions are not supported in our other package registries, such as the RubyGems registry.{% ifversion docker-ghcr-enterprise-migration %} For more information about migration to the {% data variables.product.prodname_container_registry %}, see "[Migrating to the {% data variables.product.prodname_container_registry %} from the Docker registry](/packages/working-with-a-github-packages-registry/migrating-to-the-container-registry-from-the-docker-registry)."{% endif %}
 
 For more information about permissions for repository-scoped packages, packages-related scopes for PATs, or managing permissions for your actions workflows, see "[About permissions for GitHub Packages](/packages/learn-github-packages/about-permissions-for-github-packages)."
 
@@ -105,7 +105,7 @@ To further customize access to your container image, see "[Configuring access to
 {% ifversion fpt or ghec %}
 ## Ensuring {% data variables.product.prodname_codespaces %} access to your package
 
-By default, a codespace can seamlessly access certain packages in the {% data variables.product.prodname_dotcom %} Container Registry, such as those published in the same repository with the **Inherit access** option selected. For more information on which access is automatically configured, see "[Accessing images stored in {% data variables.product.prodname_dotcom %} Container Registry](/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry#accessing-images-stored-in-github-container-registry)."
+By default, a codespace can seamlessly access certain packages in the {% data variables.product.prodname_ghcr_and_npm_registry %}, such as those published in the same repository with the **Inherit access** option selected. For more information on which access is automatically configured, see "[Allowing your codespace to access a private image registry](/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry#accessing-images-stored-in-container-registry-and-npm-registry)."
 
 Otherwise, to ensure that a codespace has access to your package, you must grant access to the repository where the codespace is being launched.
 

content/packages/learn-github-packages/deleting-and-restoring-a-package.md

@@ -23,12 +23,12 @@ On {% data variables.product.prodname_dotcom %} if you have the required access,
 - an entire private package
 - an entire public package, if there's not more than 5000 downloads of any version of the package
 - a specific version of a private package
-- a specific version of a public package, if the package version doesn't have more than 5000 downloads
+- a specific version of a public package, if the package version doesn't have more than 5,000 downloads
 
 {% note %}
 
 **Note:**
-- You cannot delete a public package if any version of the package has more than 5000 downloads. In this scenario, contact [GitHub support](https://support.github.com/contact?tags=docs-packages) for further assistance.
+- You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact [GitHub support](https://support.github.com/contact?tags=docs-packages) for further assistance.
 - When deleting public packages, be aware that you may break projects that depend on your package.
 
 {% endnote %}
@@ -46,7 +46,7 @@ You can use the REST API to manage your packages. For more information, see the
 
 {% endif %}
 
-For packages that inherit their permissions and access from repositories, you can use GraphQL to delete a specific package version.{% ifversion fpt or ghec %} The {% data variables.product.prodname_registry %} GraphQL API does not support containers or Docker images that use the package namespace `https://ghcr.io/OWNER/PACKAGE-NAME`.{% endif %} For more information about GraphQL support, see "[Deleting a version of a repository-scoped package with GraphQL](#deleting-a-version-of-a-repository-scoped-package-with-graphql)."
+For packages that inherit their permissions and access from repositories, you can use GraphQL to delete a specific package version.{% data reusables.package_registry.no-graphql-to-delete-packages %} For more information about GraphQL support, see "[Deleting a version of a repository-scoped package with GraphQL](#deleting-a-version-of-a-repository-scoped-package-with-graphql)."
 
 {% endif %}
 
@@ -54,18 +54,19 @@ For packages that inherit their permissions and access from repositories, you ca
 
 For packages that inherit their access permissions from repositories, you can delete a package if you have admin permissions to the repository.
 
-Repository-scoped packages on {% data variables.product.prodname_registry %} include these packages:
-- npm
-- RubyGems
-- maven
-- Gradle
-- NuGet
-{% ifversion not fpt or ghec %}- Docker images at `docker.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`{% endif %}
+The {% data variables.product.prodname_registry %} registries below **only** use repository-scoped permissions:
+
+  {% ifversion not fpt or ghec %}- Docker images at `docker.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`{% endif %}
+  {% ifversion packages-npm-v2 %}{% else %}- npm{% endif %}
+  - RubyGems registry
+  - Apache Maven registry
+  - NuGet registry
+
+{% ifversion packages-npm-v2 %}For {% data variables.product.prodname_ghcr_and_npm_registry %}, you can choose to allow packages to be scoped to a user, an organization, or linked to a repository.{% endif %}
 
 {% ifversion fpt or ghec %}
 
-To delete a package that has granular permissions separate from a repository, such as container images stored at `https://ghcr.io/OWNER/PACKAGE-NAME`, you must have admin access to the package.
-For more information, see "[About permissions for {% data variables.product.prodname_registry %}](/packages/learn-github-packages/about-permissions-for-github-packages)."
+To delete a package that has granular permissions separate from a repository, such as container images stored at `https://ghcr.io/OWNER/PACKAGE-NAME` or `https://npm.pkg.github.com/OWNER/PACKAGE-NAME`, you must have admin access to the package. For more information, see "[About permissions for {% data variables.product.prodname_registry %}](/packages/learn-github-packages/about-permissions-for-github-packages)."
 
 {% endif %}
 
@@ -89,9 +90,7 @@ To delete a version of a repository-scoped package, you must have admin permissi
 
 For packages that inherit their permissions and access from repositories, you can use the GraphQL to delete a specific package version.
 
-{% ifversion fpt or ghec %}
-For containers or Docker images at `ghcr.io`, GraphQL is not supported but you can use the REST API. For more information, see the "[{% data variables.product.prodname_registry %} API](/rest/reference/packages)."
-{% endif %}
+{% data reusables.package_registry.no-graphql-to-delete-packages %}{% ifversion fpt or ghec %} You can however use the REST API. For more information, see the "[{% data variables.product.prodname_registry %} API](/rest/reference/packages)."{% endif %}
 
 Use the `deletePackageVersion` mutation in the GraphQL API. You must use a token with the `read:packages`, `delete:packages`, and `repo` scopes. For more information about tokens, see "[About {% data variables.product.prodname_registry %}](/packages/publishing-and-managing-packages/about-github-packages#authenticating-to-github-packages)."
 

content/packages/learn-github-packages/introduction-to-github-packages.md

@@ -51,7 +51,7 @@ For more information about the configuration of {% data variables.product.prodna
 
 |                    |        |
 |--------------------|--------------------|
-| Permissions        | {% ifversion fpt or ghec %}The permissions for a package are either inherited from the repository where the package is hosted or, for packages in the {% data variables.product.prodname_container_registry %}, they can be defined for specific user or organization accounts. For more information, see "[Configuring a package’s access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility)." {% else %}Each package inherits the permissions of the repository where the package is hosted. <br> <br> For example, anyone with read permissions for a repository can install a package as a dependency in a project, and anyone with write permissions can publish a new package version.{% endif %} |
+| Permissions        | {% ifversion fpt or ghec %}The permissions for a package are either inherited from the repository where the package is hosted or, for packages in the {% data variables.product.prodname_ghcr_and_npm_registry %}, they can be defined for specific user or organization accounts. For more information, see "[Configuring a package’s access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility)." {% else %}Each package inherits the permissions of the repository where the package is hosted. <br> <br> For example, anyone with read permissions for a repository can install a package as a dependency in a project, and anyone with write permissions can publish a new package version.{% endif %} |
 | Visibility         | {% data reusables.package_registry.public-or-private-packages %} |
 
 For more information, see "[About permissions for {% data variables.product.prodname_registry %}](/packages/learn-github-packages/about-permissions-for-github-packages)."
@@ -101,7 +101,9 @@ For more information about Docker and the {% data variables.product.prodname_con
 ## Managing packages
 
 {% ifversion fpt or ghec %}
-You can delete a package in the {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %} user interface or using the REST API. For more information, see the "[{% data variables.product.prodname_registry %} API](/rest/reference/packages)."
+You can delete a package in the {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %} user interface or using the REST API. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and the "[{% data variables.product.prodname_registry %} API](/rest/reference/packages)."
+
+{% data reusables.package_registry.no-graphql-to-delete-packages %}
 {% endif %}
 
 {% ifversion ghes %}
@@ -112,7 +114,9 @@ You can delete a private or public package in the {% data variables.product.prod
 You can delete a version of a package in the {% data variables.product.product_name %} user interface or using the GraphQL API.
 {% endif %}
 
-When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and "[Forming calls with GraphQL](/graphql/guides/forming-calls-with-graphql)."
+When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}.
+
+For more information, see {% ifversion ghes or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and {% endif %}"[Forming calls with GraphQL](/graphql/guides/forming-calls-with-graphql)."
 
 You can configure webhooks to subscribe to package-related events, such as when a package is published or updated. For more information, see the "[`package` webhook event](/webhooks/event-payloads/#package)."
 

content/packages/learn-github-packages/viewing-packages.md

@@ -21,17 +21,17 @@ versions:
 
 ## About package views
 
-Your ability to view a package depends on several factors. By default, you can view all packages you have published. 
+Your ability to view a package depends on several factors. By default, you can view all packages you have published.
 
-Repository-scoped packages inherit their permissions and visibility from the repository that owns the package. The registries below use this type of permissions:{% ifversion not fpt or ghec %}
+Repository-scoped packages inherit their permissions and visibility from the repository that owns the package. The registries below **only** use this type of permissions:{% ifversion not fpt or ghec %}
 - Docker registry (`docker.pkg.github.com`){% endif %}
-- npm registry
+{% ifversion packages-npm-v2 %}{% else %}- npm registry{% endif %}
 - RubyGems registry
 - Apache Maven registry
 - NuGet registry
 
 {% ifversion fpt or ghec %}
-The Container registry offers you the option of granular permissions and visibility settings that can be customized for each package owned by a personal user or organization account. You can choose to use granular permissions or connect the package to a repository and inherit it's permissions. For more information, see "[Connecting a repository to a package](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
+The {% data variables.product.prodname_ghcr_and_npm_registry %} offer you the option of granular permissions and visibility settings that can be customized for each package owned by a personal user or organization account. You can choose to use granular permissions or connect the package to a repository and inherit it's permissions. For more information, see "[Connecting a repository to a package](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
 {% endif %}
 
 For more information, see "[About permissions for GitHub Packages](/packages/learn-github-packages/about-permissions-for-github-packages){% ifversion fpt or ghec %}" and "[Configuring a package's access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility){% endif %}."

content/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions.md

@@ -24,9 +24,9 @@ shortTitle: Publish & install with Actions
 You can extend the CI and CD capabilities of your repository by publishing or installing packages as part of your workflow.
 
 {% ifversion fpt or ghec %}
-### Authenticating to the {% data variables.product.prodname_container_registry %}
+### Authenticating to the {% data variables.product.prodname_ghcr_and_npm_registry %}
 
-{% data reusables.package_registry.authenticate_with_pat_for_container_registry %}
+{% data reusables.package_registry.authenticate_with_pat_for_v2_registry %}
 
 {% endif %}
 
@@ -40,7 +40,7 @@ You can reference the `GITHUB_TOKEN` in your workflow file using the {% raw %}`{
 
 {% note %}
 
-**Note:** Repository-owned packages include RubyGems, npm, Apache Maven, NuGet, {% ifversion fpt or ghec %}and Gradle. {% else %}Gradle, and Docker packages that use the package namespace `docker.pkg.github.com`.{% endif %}
+**Note:** Some registries, such as RubyGems, {% ifversion packages-npm-v2 %}{% else %}npm, {% endif %}Apache Maven, NuGet, {% ifversion fpt or ghec %}and Gradle{% else %}Gradle, and Docker packages that use the package namespace `docker.pkg.github.com`{% endif %}, only allow repository-owned packages. With {% data variables.product.prodname_ghcr_and_npm_registry_full %} you can choose to allow packages to be owned by a user, an organization, or linked to a repository.
 
 {% endnote %}
 
@@ -49,11 +49,11 @@ When you enable GitHub Actions, GitHub installs a GitHub App on your repository.
 {% data variables.product.prodname_registry %} allows you to push and pull packages through the `GITHUB_TOKEN` available to a {% data variables.product.prodname_actions %} workflow.
 
 {% ifversion fpt or ghec %}
-## About permissions and package access for {% data variables.product.prodname_container_registry %}
+## About permissions and package access for {% data variables.product.prodname_ghcr_and_npm_registry %}
 
-The {% data variables.product.prodname_container_registry %} (`ghcr.io`) allows users to create and administer containers as free-standing resources at the organization level. Containers can be owned by an organization or personal account and you can customize access to each of your containers separately from repository permissions.
+The {% data variables.product.prodname_ghcr_and_npm_registry_full %} allows users to create and administer packages as free-standing resources at the organization level. Packages can be owned by an organization or personal account and you can customize access to each of your packages separately from repository permissions.
 
-All workflows accessing the {% data variables.product.prodname_container_registry %} should use the `GITHUB_TOKEN` instead of a personal access token. For more information about security best practices, see "[Security hardening for GitHub Actions](/actions/learn-github-actions/security-hardening-for-github-actions#using-secrets)."
+All workflows accessing the {% data variables.product.prodname_ghcr_and_npm_registry %} should use the `GITHUB_TOKEN` instead of a personal access token. For more information about security best practices, see "[Security hardening for GitHub Actions](/actions/learn-github-actions/security-hardening-for-github-actions#using-secrets)."
 
 ## Default permissions and access settings for containers modified through workflows
 
@@ -484,9 +484,9 @@ Installing packages hosted by {% data variables.product.prodname_registry %} thr
 {% data reusables.package_registry.actions-configuration %}
 
 {% ifversion fpt or ghec %}
-## Upgrading a workflow that accesses `ghcr.io`
+## Upgrading a workflow that accesses a registry using a PAT
 
-The {% data variables.product.prodname_container_registry %} supports the `GITHUB_TOKEN` for easy and secure authentication in your workflows. If your workflow is using a personal access token (PAT) to authenticate to `ghcr.io`, then we highly recommend you update your workflow to use the `GITHUB_TOKEN`.
+The {% data variables.product.prodname_ghcr_and_npm_registry %} support the `GITHUB_TOKEN` for easy and secure authentication in your workflows. If your workflow is using a personal access token (PAT) to authenticate to the registry, then we highly recommend you update your workflow to use the `GITHUB_TOKEN`.
 
 For more information about the `GITHUB_TOKEN`, see "[Authentication in a workflow](/actions/reference/authentication-in-a-workflow#using-the-github_token-in-a-workflow)."
 
@@ -504,9 +504,9 @@ Using the `GITHUB_TOKEN` instead of a PAT, which includes the `repo` scope, incr
   {% endnote %}
 1. Optionally, using the "role" drop-down menu, select the default access level that you'd like the repository to have to your container image.
   ![Permission access levels to give to repositories](/assets/images/help/package-registry/repository-permission-options-for-package-access-through-actions.png)
-1. Open your workflow file. On the line where you log in to `ghcr.io`, replace your PAT with {% raw %}`${{ secrets.GITHUB_TOKEN }}`{% endraw %}.
+1. Open your workflow file. On the line where you log in to the registry, replace your PAT with {% raw %}`${{ secrets.GITHUB_TOKEN }}`{% endraw %}.
 
-For example, this workflow publishes a Docker image using {% raw %}`${{ secrets.GITHUB_TOKEN }}`{% endraw %} to authenticate.
+For example, this workflow publishes a Docker image to the {% data variables.product.prodname_container_registry %} and uses {% raw %}`${{ secrets.GITHUB_TOKEN }}`{% endraw %} to authenticate.
 
 ```yaml{:copy}
 name: Demo Push

content/packages/working-with-a-github-packages-registry/working-with-the-container-registry.md

@@ -42,7 +42,9 @@ When installing or publishing a Docker image, the {% data variables.product.prod
 
 ## Authenticating to the {% data variables.product.prodname_container_registry %}
 
-{% data reusables.package_registry.authenticate_with_pat_for_container_registry %}
+{% ifversion fpt or ghec or ghes > 3.4 %}
+To authenticate to the {% data variables.product.prodname_container_registry %} (`ghcr.io`) within a {% data variables.product.prodname_actions %} workflow, use the `GITHUB_TOKEN` for the best security and experience. {% data reusables.package_registry.authenticate_with_pat_for_v2_registry %}
+{% endif %}
 
 {% ifversion ghes %}Ensure that you replace `HOSTNAME` with {% data variables.product.product_location_enterprise %} hostname or IP address in the examples below.{% endif %}
 

content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md

@@ -21,6 +21,8 @@ shortTitle: npm registry
 
 {% data reusables.package_registry.admins-can-configure-package-types %}
 
+{% ifversion packages-npm-v2 %}
+{% else %}
 ## Limits for published npm versions
 
 If you publish over 1,000 npm package versions to {% data variables.product.prodname_registry %}, you may see performance issues and timeouts occur during usage.
@@ -28,12 +30,17 @@ If you publish over 1,000 npm package versions to {% data variables.product.prod
 In the future, to improve performance of the service, you won't be able to publish more than 1,000 versions of a package on {% data variables.product.prodname_dotcom %}. Any versions published before hitting this limit will still be readable.
 
 If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or "[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)."
+{% endif %}
 
 ## Authenticating to {% data variables.product.prodname_registry %}
 
 {% data reusables.package_registry.authenticate-packages %}
 
-{% data reusables.package_registry.authenticate-packages-github-token %}
+{% ifversion packages-npm-v2 %}
+{% data reusables.package_registry.authenticate_with_pat_for_v2_registry %}
+
+You can also choose to give access permissions to packages independently for {% data variables.product.prodname_codespaces %} and {% data variables.product.prodname_actions %}. For more information, see "[Ensuring Codespaces access to your package](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-codespaces-access-to-your-package) and [Ensuring workflow access to your package](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)."
+{% endif %}
 
 ### Authenticating with a personal access token
 
@@ -94,12 +101,24 @@ $ npm login --scope=@<em>OWNER</em> --registry=https://<em>HOSTNAME</em>/_regist
 
 {% endnote %}
 
+{% ifversion packages-npm-v2 %}
+The {% data variables.product.prodname_registry %} registry stores npm packages within your organization or personal account, and allows you to associate a package with a repository. You can choose whether to inherit permissions from a repository, or set granular permissions independently of a repository.
+{% endif %}
+
 By default, {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the name field of the *package.json* file. For example, you would publish a package named `@my-org/test` to the `my-org/test` {% data variables.product.prodname_dotcom %} repository. If you're running [npm v8.5.3](https://github.com/npm/cli/releases/tag/v8.5.3) or later, you can add a summary for the package listing page by including a *README.md* file in your package directory. For more information, see "[Working with package.json](https://docs.npmjs.com/getting-started/using-a-package.json)" and "[How to create Node.js Modules](https://docs.npmjs.com/getting-started/creating-node-modules)" in the npm documentation.
 
 You can publish multiple packages to the same {% data variables.product.prodname_dotcom %} repository by including a `URL` field in the *package.json* file. For more information, see "[Publishing multiple packages to the same repository](#publishing-multiple-packages-to-the-same-repository)."
 
+{% ifversion fpt or ghec %}
+When a package is published, it isn't automatically linked to a repository. You can however choose to link your published package to a repository using the user interface or command line. For more information, see "[Connecting a repository to a package](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
+{% endif %}
+
 You can set up the scope mapping for your project using either a local *.npmrc* file in the project or using the `publishConfig` option in the *package.json*. {% data variables.product.prodname_registry %} only supports scoped npm packages. Scoped packages have names with the format of `@owner/name`. Scoped packages always begin with an `@` symbol. You may need to update the name in your *package.json* to use the scoped name. For example, `"name": "@codertocat/hello-world-npm"`.
 
+{% ifversion packages-npm-v2 %}
+When you first publish a package, the default visibility is private. When a package is linked to repository, the package visibility is dependent on the repository's visibility. To change the visibility or set access permissions, see "[Configuring a package's access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility)."
+{% endif %}
+
 {% data reusables.package_registry.viewing-packages %}
 
 ### Publishing a package using a local *.npmrc* file

content/rest/deployments/deployments.md

@@ -20,7 +20,7 @@ Deployment statuses allow external services to mark deployments with an `error`,
 Deployment statuses can also include an optional `description` and `log_url`, which are highly recommended because they make deployment statuses more useful. The `log_url` is the full URL to the deployment output, and
 the `description` is a high-level summary of what happened with the deployment.
 
-GitHub dispatches `deployment` and `deployment_status` events when new deployments and deployment statuses are created. These events allows third-party integrations to receive respond to deployment requests and update the status of a deployment as progress is made.
+GitHub dispatches `deployment` and `deployment_status` events when new deployments and deployment statuses are created. These events allow third-party integrations to receive and respond to deployment requests, and update the status of a deployment as progress is made.
 
 Below is a simple sequence diagram for how these interactions would work.
 

content/rest/guides/getting-started-with-the-checks-api.md

@@ -41,7 +41,7 @@ A check run is an individual test that is part of a check suite. Each run includ
 
 ![Check runs workflow](/assets/images/check_runs.png)
 
-If a check run is in a incomplete state for more than 14 days, then the check run's `conclusion` becomes `stale` and appears on {% data variables.product.prodname_dotcom %} as stale with {% octicon "issue-reopened" aria-label="The issue-reopened icon" %}. Only {% data variables.product.prodname_dotcom %} can mark check runs as `stale`. For more information about possible conclusions of a check run, see the [`conclusion` parameter](/rest/reference/checks#create-a-check-run--parameters).
+If a check run is in an incomplete state for more than 14 days, then the check run's `conclusion` becomes `stale` and appears on {% data variables.product.prodname_dotcom %} as stale with {% octicon "issue-reopened" aria-label="The issue-reopened icon" %}. Only {% data variables.product.prodname_dotcom %} can mark check runs as `stale`. For more information about possible conclusions of a check run, see the [`conclusion` parameter](/rest/reference/checks#create-a-check-run--parameters).
 
 As soon as you receive the [`check_suite`](/webhooks/event-payloads/#check_suite) webhook, you can create the check run, even if the check is not complete. You can update the `status` of the check run as it completes with the values `queued`, `in_progress`, or `completed`, and you can update the `output` as more details become available. A check run can contain timestamps, a link to more details on your external site, detailed annotations for specific lines of code, and information about the analysis performed.
 

content/rest/teams/external-groups.md

@@ -19,7 +19,7 @@ To use this API, the authenticated user must be a team maintainer or an owner of
 
 **Notes:** 
 
-- The external groups API is only available for organizations that are part of a enterprise using {% data variables.product.prodname_emus %}. For more information, see "[About Enterprise Managed Users](/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users)."
+- The external groups API is only available for organizations that are part of an enterprise using {% data variables.product.prodname_emus %}. For more information, see "[About Enterprise Managed Users](/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users)."
 - If your organization uses team synchronization, you can use the Team Synchronization API. For more information, see "[Team synchronization API](#team-synchronization)."
 
 {% endnote %}

content/sponsors/sponsoring-open-source-contributors/sponsoring-an-open-source-contributor.md

@@ -25,7 +25,7 @@ shortTitle: Sponsor a contributor
 
 You can sponsor an account on behalf of your personal account to invest in projects that you personally benefit from. You can sponsor an account on behalf of your organization for many reasons.
 - Sustaining specific libraries that your organization's work depends on
-- Investing in the ecosystem you rely on as a organization (such as blockchain)
+- Investing in the ecosystem you rely on as an organization (such as blockchain)
 - Developing brand awareness as an organization that values open source
 - Thanking open source developers for building libraries that complement the product your organization offers
 

data/features/actions-oidc-hardening-config.yml

@@ -1,5 +1,6 @@
 # Reference: #7336
 # General versioning for oidc hardening options
 versions:
+  fpt: '*'
   ghec: '*'
   ghes: '>=3.7'

data/features/multiple-accounts-one-workstation.yml

@@ -0,0 +1,6 @@
+# Issue #7330
+# Documentation for managing multiple GitHub accounts on one workstation
+
+versions:
+  fpt: '*'
+  ghec: '*'

data/features/packages-npm-v2.yml

@@ -0,0 +1,5 @@
+# Issue 7039
+# npm Package Registry Improvements (v2) GA
+versions:
+  fpt: '*'
+  ghec: '*'

data/features/streaming-datadog.yml

@@ -0,0 +1,4 @@
+# Reference #7495
+# Documentation for audit log streaming to a Datadog endpoint
+versions:
+  ghec: '*'

data/graphql/ghae/schema.docs-ghae.graphql

@@ -16291,20 +16291,10 @@ enum MigrationSourceType {
   """
   BITBUCKET_SERVER
 
-  """
-  A GitHub migration source.
-  """
-  GITHUB
-
   """
   A GitHub Migration API source.
   """
   GITHUB_ARCHIVE
-
-  """
-  A GitLab migration source.
-  """
-  GITLAB
 }
 
 """

data/graphql/ghec/schema.docs.graphql

@@ -18551,20 +18551,10 @@ enum MigrationSourceType {
   """
   BITBUCKET_SERVER
 
-  """
-  A GitHub migration source.
-  """
-  GITHUB
-
   """
   A GitHub Migration API source.
   """
   GITHUB_ARCHIVE
-
-  """
-  A GitLab migration source.
-  """
-  GITLAB
 }
 
 """

data/graphql/schema.docs.graphql

@@ -18551,20 +18551,10 @@ enum MigrationSourceType {
   """
   BITBUCKET_SERVER
 
-  """
-  A GitHub migration source.
-  """
-  GITHUB
-
   """
   A GitHub Migration API source.
   """
   GITHUB_ARCHIVE
-
-  """
-  A GitLab migration source.
-  """
-  GITLAB
 }
 
 """

data/release-notes/enterprise-server/3-6/0.yml

@@ -294,3 +294,4 @@ sections:
     - In a repository's settings, enabling the option to allow users with read access to create discussions does not enable this functionality.
     - In some cases, users cannot convert existing issues to discussions.
     - Custom patterns for secret scanning have `.*` as an end delimiter, specifically in the "After secret" field. This delimiter causes inconsistencies in scans for secrets across repositories, and you may notice gaps in a repository's history where no scans completed. Incremental scans may also be impacted. To prevent issues with scans, modify the end of the pattern to remove the `.*` delimiter.
+    - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}'

data/reusables/accounts/create-personal-access-tokens.md

@@ -0,0 +1 @@
+1. For each of your accounts, create a dedicated PAT with `repo` scope. For more information, see "[Creating a personal access token](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."

data/reusables/dependabot/dependabot-alerts-filters.md

@@ -2,7 +2,7 @@ You can sort and filter {% data variables.product.prodname_dependabot_alerts %}
 
 | Option | Description | Example | 
 |:---|:---|:---|
-| `ecosystem` | Displays alerts for the selected ecosystem | Use `ecosystem:npm` to show {% data variables.product.prodname_dependabot_alerts %} for npm |{% ifversion fpt or ghec or ghes > 3.5 %}
+| `ecosystem` | Displays alerts for the selected ecosystem | Use `ecosystem:npm` to show {% data variables.product.prodname_dependabot_alerts %} for npm |{% ifversion fpt or ghec or ghes > 3.5 or ghae-issue-7891 %}
 | `has` | Displays alerts meeting the selected filter criteria | Use `has:patch` to show alerts related to advisories that have a patch{% ifversion dependabot-alerts-vulnerable-calls %}</br>Use `has:vulnerable-calls` to show alerts relating to calls to vulnerable functions{% endif %} |{% endif %}
 | `is` | Displays alerts based on their state | Use `is:open` to show open alerts |
 | `manifest` | Displays alerts for the selected manifest | Use `manifest:webwolf/pom.xml` to show alerts on the pom.xml file of the webwolf application |

data/reusables/enterprise_site_admin_settings/pgp-key-env-variable.md

@@ -1,4 +1,4 @@
-1. Define the key as a environment variable for {% data variables.product.product_name %}, replacing `<YOUR-KEY-ID>` with the GPG key ID.
+1. Define the key as an environment variable for {% data variables.product.product_name %}, replacing `<YOUR-KEY-ID>` with the GPG key ID.
 
     ```bash{:copy}
     ghe-config "secrets.gpgverify.web-signing-key" "$(gpg --export-secret-keys -a <YOUR-KEY-ID> | awk '{printf "%s\\n", $0}')"

data/reusables/git/cache-on-repository-path.md

@@ -0,0 +1,5 @@
+1. To configure Git to cache credentials for each local directory where you clone a repository, enter the following command.
+
+   ```shell{:copy}
+   git config --global credential.useHttpPath true
+   ```

data/reusables/git/clear-stored-gcm-credentials.md

@@ -0,0 +1,5 @@
+- If the output is `manager-core`, you're using Git Credential Manager. To clear the credentials, run the following command.
+
+    ```shell{:copy}
+    git credential-manager reject https://github.com
+    ```

data/reusables/git/clear-the-stored-credentials.md

@@ -0,0 +1 @@
+1. If the output confirms that you're using a credential manager, clear the stored credentials for the credential manager.

data/reusables/git/confirm-credential-manager.md

@@ -0,0 +1,5 @@
+1. To confirm your use of a credential manager, enter the following command and note the output.
+
+   ```shell{:copy}
+   git config --get credential.helper
+   ```

data/reusables/git/no-credential-manager.md

@@ -0,0 +1 @@
+- If the output doesn't include the name of a credential manager, there is no credential manager configured, and you can proceed to the next step.

data/reusables/git/open-terminal.md

@@ -0,0 +1 @@
+1. Open Terminal.

data/reusables/git/provide-credentials.md

@@ -0,0 +1,3 @@
+1. The first time that you use Git to clone a repository or access data in a repository that you've already cloned, Git will request credentials. Provide the PAT for the account with access to the repository.
+
+   Git will cache the PAT for the directory you're in, and you'll be able to access and write repository data on {% data variables.product.product_location %} using the correct account.

data/reusables/gpg/copy-gpg-key-id.md

@@ -1,9 +1,9 @@
 1. From the list of GPG keys, copy the long form of the GPG key ID you'd like to use. In this example, the GPG key ID is `3AA5C34371567BD2`:
-  ```shell
+    ```shell{:copy}
   $ gpg --list-secret-keys --keyid-format=long
   /Users/hubot/.gnupg/secring.gpg
   ------------------------------------
   sec   4096R/<em>3AA5C34371567BD2</em> 2016-03-10 [expires: 2017-03-10]
   uid                          Hubot <hubot@example.com>
   ssb   4096R/42B317FD4BA89E7A 2016-03-10
-  ```
+ ```

data/reusables/gpg/list-keys-with-note.md

@@ -1,10 +1,11 @@
-
 1. Use the `gpg --list-secret-keys --keyid-format=long` command to list the long form of the GPG keys for which you have both a public and private key. A private key is required for signing commits or tags.
-  ```shell
-  $ gpg --list-secret-keys --keyid-format=long
-```
-  {% note %}
 
-  **Note:** Some GPG installations on Linux may require you to use `gpg2 --list-keys --keyid-format LONG` to view a list of your existing keys instead. In this case you will also need to configure Git to use `gpg2` by running `git config --global gpg.program gpg2`.
+   ```shell{:copy}
+   $ gpg --list-secret-keys --keyid-format=long
+   ```
+   
+   {% note %}
 
-  {% endnote %}
+   **Note:** Some GPG installations on Linux may require you to use `gpg2 --list-keys --keyid-format LONG` to view a list of your existing keys instead. In this case you will also need to configure Git to use `gpg2` by running `git config --global gpg.program gpg2`.
+
+   {% endnote %}

data/reusables/identity-and-permissions/ipv6-allow-lists.md

@@ -0,0 +1,7 @@
+{% ifversion fpt or ghec %}
+{% note %}
+
+**Note:** {% data variables.product.company_short %} is gradually rolling out support for IPv6. As {% data variables.product.prodname_dotcom %} services continue to add IPv6 support, we will start recognizing IPv6 addresses of {% data variables.product.prodname_dotcom %} users. To prevent possible access interruptions, please ensure you have added any necessary IPv6 addresses to your IP allow list.
+
+{% endnote %}
+{% endif %}

data/reusables/organizations/about-following-organizations.md

@@ -0,0 +1 @@
+When you follow organizations on {% data variables.product.product_name %}, you'll see their {% ifversion fpt or ghec %}public{% endif %} activity on your personal dashboard. This activity includes new discussions, sponsorships, and repositories.

data/reusables/organizations/follow-organizations-beta.md

@@ -0,0 +1,5 @@
+{% note %}
+
+**Note:** The ability to follow organizations is currently in public beta and subject to change.
+
+{% endnote %}

data/reusables/package_registry/authenticate-packages.md

@@ -4,4 +4,4 @@ You can use a personal access token (PAT) to authenticate to {% data variables.p
 
 To authenticate to a {% data variables.product.prodname_registry %} registry within a {% data variables.product.prodname_actions %} workflow, you can use:
 - `GITHUB_TOKEN` to publish packages associated with the workflow repository.
-- a PAT to install packages associated with other private repositories (which `GITHUB_TOKEN` can't access).
+- a PAT with at least `packages:read` scope to install packages associated with other private repositories (which `GITHUB_TOKEN` can't access).

data/reusables/package_registry/authenticate_with_pat_for_container_registry.md

@@ -1,11 +0,0 @@
-{% ifversion fpt or ghec or ghes > 3.4 %}
-
-To authenticate to the {% data variables.product.prodname_container_registry %} within a {% data variables.product.prodname_actions %} workflow, use the `GITHUB_TOKEN` for the best security and experience. If your workflow is using a personal access token (PAT) to authenticate to `{% data reusables.package_registry.container-registry-hostname %}`, then we highly recommend you update your workflow to use the `GITHUB_TOKEN`.
-
-{% ifversion fpt or ghec %}For guidance on updating your workflows that authenticate to `{% data reusables.package_registry.container-registry-hostname %}` with a personal access token, see "[Upgrading a workflow that accesses `ghcr.io`](/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-ghcrio)."{% endif %}
-
-For more information about the `GITHUB_TOKEN`, see "[Authentication in a workflow](/actions/reference/authentication-in-a-workflow#using-the-github_token-in-a-workflow)."
-
-If you're using the {% data variables.product.prodname_container_registry %} in actions, follow our security best practices at "[Security hardening for GitHub Actions](/actions/getting-started-with-github-actions/security-hardening-for-github-actions#considering-cross-repository-access)."
-
-{% endif %}

data/reusables/package_registry/authenticate_with_pat_for_v2_registry.md

@@ -0,0 +1,7 @@
+If your workflow is using a personal access token (PAT) to authenticate to a registry, then we highly recommend you update your workflow to use the `GITHUB_TOKEN`.
+
+{% ifversion fpt or ghec %}For guidance on updating your workflows that authenticate to a registry with a personal access token, see "[Upgrading a workflow that accesses a registry using a PAT](/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-a-registry-using-a-pat)."{% endif %}
+
+For more information about the `GITHUB_TOKEN`, see "[Authentication in a workflow](/actions/reference/authentication-in-a-workflow#using-the-github_token-in-a-workflow)."
+
+For more information about the best practises when using a registry in actions, see "[Security hardening for GitHub Actions](/actions/getting-started-with-github-actions/security-hardening-for-github-actions#considering-cross-repository-access)."

data/reusables/package_registry/no-graphql-to-delete-packages.md

@@ -0,0 +1 @@
+{% ifversion fpt or ghec %} The {% data variables.product.prodname_registry %} GraphQL API does not support containers or Docker images that use the package namespace `https://ghcr.io/OWNER/PACKAGE-NAME`, or npm images that use the package namespace `https://npm.pkg.github.com/OWNER/PACKAGE-NAME`.{% endif %}

data/reusables/release-notes/ghas-3.4-secret-scanning-known-issue.md

@@ -1,16 +1,16 @@
-{% ifversion ghes > 3.1 or ghes < 3.5 %}
+{% ifversion ghes < 3.5 %}
 
-In some cases, GitHub Advanced Security customers who upgrade to GitHub Enterprise Server 3.5 or later may notice that alerts from secret scanning are missing in the web UI and REST API. To ensure the alerts remain visible, do not skip 3.4 when you upgrade from an earlier release to 3.5 or later. A fix for 3.5 and later will be available in an upcoming patch release.
+In some cases, GitHub Advanced Security customers who upgrade to GitHub Enterprise Server 3.5 or later may notice that alerts from secret scanning are missing in the web UI and REST API. To ensure the alerts remain visible, do not skip 3.4 when you upgrade from an earlier release to 3.5 or later. A fix will be available in upcoming patch releases.
 
-To plan an upgrade through 3.4, see the [Upgrade assistant](https://support.github.com/enterprise/server-upgrade). [Updated: 2022-08-16]
+To plan an upgrade through 3.4, see the [Upgrade assistant](https://support.github.com/enterprise/server-upgrade). [Updated: 2022-08-26]
 
-{% elsif ghes > 3.4 or ghes < 3.7 %}
+{% elsif ghes = 3.5 or ghes = 3.6 %}
 
-In some cases, GitHub Advanced Security customers who upgrade to GitHub Enterprise Server {{ currentVersion }} may notice that alerts from secret scanning are missing in the web UI and REST API. To ensure the alerts remain visible, do not skip 3.4 as you upgrade to the latest release. To plan an upgrade through 3.4, see the [Upgrade assistant](https://support.github.com/enterprise/server-upgrade).
+In some cases, GitHub Advanced Security customers who upgrade to GitHub Enterprise Server {{ allVersions[currentVersion].currentRelease }} may notice that alerts from secret scanning are missing in the web UI and REST API. To ensure the alerts remain visible, do not skip 3.4 as you upgrade to the latest release. To plan an upgrade through 3.4, see the [Upgrade assistant](https://support.github.com/enterprise/server-upgrade).
 
 - To display the missing alerts for all repositories owned by an organization, organization owners can navigate to the organization's **Code security and analysis** settings, then click **Enable all** for secret scanning. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories)."
 - To display the missing alerts for an individual repository, people with admin access to the repository can disable then enable secret scanning for the repository. For more information, see "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)."
 
-A fix will be available in an upcoming patch release. [Updated: 2022-08-16]
+A fix will be available in an upcoming patch release. [Updated: 2022-08-26]
 
 {% endif %}

data/variables/product.yml

@@ -139,6 +139,10 @@ prodname_registry: 'GitHub Packages'
 prodname_container_registry: 'Container registry'
 prodname_docker_registry_namespace: '{% ifversion fpt or ghec %}`docker.pkg.github.com`{% elsif ghes or ghae %}<code>docker.<em>HOSTNAME</em></code>{% endif %}'
 prodname_container_registry_namespace: '{% ifversion fpt or ghec %}`ghcr.io`{% elsif ghes or ghae %}<code>containers.<em>HOSTNAME</em></code>{% endif %}'
+prodname_npm_registry: 'npm registry'
+prodname_ghcr_and_npm_registry: '{% data variables.product.prodname_container_registry %}{% ifversion packages-npm-v2 %} and {% data variables.product.prodname_npm_registry %}{% endif %}'
+prodname_ghcr_or_npm_registry: '{% data variables.product.prodname_container_registry %}{% ifversion packages-npm-v2 %} or {% data variables.product.prodname_npm_registry %}{% endif %}'
+prodname_ghcr_and_npm_registry_full: '{% data variables.product.prodname_container_registry %} (`ghcr.io`){% ifversion packages-npm-v2 %} and {% data variables.product.prodname_npm_registry %} (`npm.pkg.github.com`){% endif %}'
 
 # GitHub Insights
 prodname_insights: 'GitHub Insights'

jest.config.js

@@ -8,6 +8,7 @@ let reporters = ['default']
 
 if (testTranslation) {
   // only use custom reporter if we are linting translations
+  // Remove this when removing translations directory B504EDD0
   reporters = ['<rootDir>/tests/helpers/lint-translation-reporter.js']
 } else if (isActions) {
   reporters.push('jest-github-actions-reporter')

lib/graphql/static/changelog.json

@@ -1,4 +1,18 @@
 [
+  {
+    "schemaChanges": [
+      {
+        "title": "The GraphQL schema includes these changes:",
+        "changes": [
+          "<p>Enum value <code>GITHUB</code> was removed from enum <code>MigrationSourceType</code></p>",
+          "<p>Enum value <code>GITLAB</code> was removed from enum <code>MigrationSourceType</code></p>"
+        ]
+      }
+    ],
+    "previewChanges": [],
+    "upcomingChanges": [],
+    "date": "2022-08-26"
+  },
   {
     "schemaChanges": [
       {

lib/graphql/static/schema-dotcom.json

@@ -74864,17 +74864,9 @@
           "name": "BITBUCKET_SERVER",
           "description": "<p>A Bitbucket Server migration source.</p>"
         },
-        {
-          "name": "GITHUB",
-          "description": "<p>A GitHub migration source.</p>"
-        },
         {
           "name": "GITHUB_ARCHIVE",
           "description": "<p>A GitHub Migration API source.</p>"
-        },
-        {
-          "name": "GITLAB",
-          "description": "<p>A GitLab migration source.</p>"
         }
       ]
     },

lib/graphql/static/schema-ghae.json

@@ -61371,17 +61371,9 @@
           "name": "BITBUCKET_SERVER",
           "description": "<p>A Bitbucket Server migration source.</p>"
         },
-        {
-          "name": "GITHUB",
-          "description": "<p>A GitHub migration source.</p>"
-        },
         {
           "name": "GITHUB_ARCHIVE",
           "description": "<p>A GitHub Migration API source.</p>"
-        },
-        {
-          "name": "GITLAB",
-          "description": "<p>A GitLab migration source.</p>"
         }
       ]
     },

lib/graphql/static/schema-ghec.json

@@ -74864,17 +74864,9 @@
           "name": "BITBUCKET_SERVER",
           "description": "<p>A Bitbucket Server migration source.</p>"
         },
-        {
-          "name": "GITHUB",
-          "description": "<p>A GitHub migration source.</p>"
-        },
         {
           "name": "GITHUB_ARCHIVE",
           "description": "<p>A GitHub Migration API source.</p>"
-        },
-        {
-          "name": "GITLAB",
-          "description": "<p>A GitLab migration source.</p>"
         }
       ]
     },

lib/redis/create-client.js

@@ -1,171 +0,0 @@
-import Redis from 'redis'
-
-const { REDIS_MIN_DB, REDIS_MAX_DB } = process.env
-
-// By default, every Redis instance supports database numbers 0 - 15
-const redisMinDb = REDIS_MIN_DB || 0
-const redisMaxDb = REDIS_MAX_DB || 15
-
-// Maximum delay between reconnection attempts after backoff
-const maxReconnectDelay = 5000
-
-function formatRedisError(error) {
-  const errorCode = error ? error.code : null
-  const errorName = error ? error.constructor.name : 'Server disconnection'
-  const errorMsg = error ? error.toString() : 'unknown (commonly a server idle timeout)'
-  const preamble = errorName + (errorCode ? ` with code "${errorCode}"` : '')
-  return preamble + ': ' + errorMsg
-}
-
-export default function createClient(options = {}) {
-  const { db, name, url } = options
-
-  // If no Redis URL is provided, bail out
-  // NOTE: Could support other options like `host`, `port`, and `path` but
-  // choosing not to for the time being!
-  if (!url) return null
-
-  // Verify database number is within range
-  if (db != null) {
-    if (!Number.isInteger(db) || db < redisMinDb || db > redisMaxDb) {
-      throw new TypeError(
-        `Redis database number must be an integer between ${redisMinDb} and ${redisMaxDb} but was: ${JSON.stringify(
-          db
-        )}`
-      )
-    }
-  }
-
-  let pingInterval = null
-  function stopPinging() {
-    if (pingInterval) {
-      clearInterval(pingInterval)
-      pingInterval = null
-    }
-  }
-
-  // Create the client
-  const client = Redis.createClient(url, {
-    // Only add this configuration for TLS-enabled Redis URL values.
-    // Otherwise, it breaks for local Redis instances without TLS enabled.
-    ...(url.startsWith('rediss://') && {
-      tls: {
-        // Required for production Heroku Redis
-        rejectUnauthorized: false,
-      },
-    }),
-
-    // Any running command that is unfulfilled when a connection is lost should
-    // NOT be retried after the connection has been reestablished.
-    retry_unfulfilled_commands: false,
-
-    // If we failed to send a new command during a disconnection, do NOT
-    // enqueue it to send later after the connection has been [re-]established.
-    // This is also critical to preventing a backend pile-up!
-    enable_offline_queue: false,
-
-    // This timeout value will be applied to both the initial connection
-    // and any auto-reconnect attempts (if the `retry_strategy` option is
-    // provided). If not using the `retry_strategy` option, this value can be
-    // set to a very low number. If using the `retry_strategy` option to allow
-    // more than one reconnection attempt, this value must be set to a higher
-    // number. Defaults to 1 hour if not configured!
-    connect_timeout: 60 * 60 * 1000, // 60 minutes
-
-    // Be aware that this retry (NOT just reconnection) strategy appears to
-    // be a major point of confusion (and possibly legitimate issues) between
-    // reconnecting and retrying failed commands.
-    retry_strategy: function ({
-      attempt,
-      error,
-      total_retry_time: totalRetryTime,
-      times_connected: timesConnected,
-    }) {
-      let delayPerAttempt = 100
-
-      // If the server appears to be unavailable, slow down faster
-      if (error && error.code === 'ECONNREFUSED') {
-        delayPerAttempt *= 5
-      }
-
-      // Reconnect after delay
-      return Math.min(attempt * delayPerAttempt, maxReconnectDelay)
-    },
-
-    // Expand whatever other options and overrides were provided
-    ...options,
-  })
-
-  // Handle connection errors to prevent killing the Node.js process
-  client.on('error', (connectError) => {
-    try {
-      // Forcibly close the connection to the Redis server.
-      // Allow all still running commands to silently fail immediately.
-      client.end(false)
-    } catch (disconnectError) {
-      // Swallow any failure
-    }
-
-    // Also, stop pinging the Redis server
-    stopPinging()
-  })
-
-  client.on('connect', () => {
-    // Stop pinging the Redis server, if any such timer already exists
-    stopPinging()
-
-    // Start pinging the server once per minute to prevent Redis connection
-    // from closing when its idle `timeout` configuration value expires
-    pingInterval = setInterval(() => {
-      client.ping(() => {})
-    }, 60 * 1000)
-  })
-
-  client.on('end', () => {
-    // Stop pinging the Redis server
-    stopPinging()
-  })
-
-  // If a `name` was provided, use it in the prefix for logging event messages
-  const logPrefix = '[redis' + (name ? ` (${name})` : '') + ']'
-
-  // Add event listeners for basic logging
-  client.on('connect', () => {
-    console.log(logPrefix, 'Connection opened')
-  })
-  client.on('ready', () => {
-    console.log(logPrefix, 'Ready to receive commands')
-  })
-  client.on('end', () => {
-    console.log(logPrefix, 'Connection closed')
-  })
-  client.on(
-    'reconnecting',
-    ({
-      attempt,
-      delay,
-      // The rest are unofficial properties but currently supported
-      error,
-      total_retry_time: totalRetryTime,
-      times_connected: timesConnected,
-    }) => {
-      console.log(
-        logPrefix,
-        'Reconnecting,',
-        `attempt ${attempt}`,
-        `with ${delay} delay`,
-        `due to ${formatRedisError(error)}.`,
-        `Elapsed time: ${totalRetryTime}.`,
-        `Successful connections: ${timesConnected}.`
-      )
-    }
-  )
-  client.on('warning', (msg) => {
-    console.warn(logPrefix, 'Warning:', msg)
-  })
-  client.on('error', (error) => {
-    console.error(logPrefix, formatRedisError(error))
-  })
-
-  return client
-}

lib/search/indexes/github-docs-3.2-cn-records.json.br

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:fd7f8440a1b8849eab305f09238ccd6dd700e726187f8510985f7cba172b020c
-size 795434
+oid sha256:bfe278b2b1bfac92aca5d191432d1571a24b311cf11bd9fd4b010ee191b2e03c
+size 795816

lib/search/indexes/github-docs-3.2-cn.json.br

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:ace3014dbbf8de64f28ae96c092e638ac0afeb188d10c94f7ade09c2a4e670ab
-size 1644386
+oid sha256:74b0d349ba3b832f8ac81f3ee7d46066e38e110379d8587f6408366887925dc5
+size 1649529

lib/search/indexes/github-docs-3.2-en-records.json.br

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:41b9fae2a4d7f132b6d5b14b93ec1b93db5c83ffaa185fc5c48c9d76a08e8093
-size 1093762
+oid sha256:5242a215be5c6e3c4adf789cafc3e3d3bd1820bd8224977b7a123ff660c42011
+size 1094439