jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 11:26:57 -05:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into fix-typos

Browse Source
This commit is contained in:
Robert Sese
2021-10-12 20:16:34 -05:00
committed by GitHub
parent 75a42df81b fd09e8b058
commit 03d469e972
2913 changed files with 1042 additions and 95565 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/actions-scripts/create-enterprise-issue.js vendored
View File

@@ -86,7 +86,7 @@ async function run() {
'utf8'
)
const issueLabels =
milestone === 'release' ? ['enterprise release'] : ['enterprise deprecation', 'priority-3']
milestone === 'release' ? ['enterprise release'] : ['enterprise deprecation', 'priority-4', 'batch', 'time sensitive']
const issueTitle = `[${nextMilestoneDate}] Enterprise Server ${versionNumber} ${milestone} (technical steps)`
const issueBody = `GHES ${versionNumber} ${milestone} occurs on ${nextMilestoneDate}.

2
.github/dependabot.yml vendored
View File

@@ -9,4 +9,4 @@ updates:
- package-ecosystem: 'github-actions'
directory: '/'
schedule:
interval: weekly
interval: monthly

2
.github/workflows/crowdin.yml vendored
View File

@@ -27,6 +27,8 @@ jobs:
- name: Sync
uses: crowdin/github-action@d7f217268068f1244883a993379d62d816f84f25
with:
# This option enables the transfer of existing translations in this project to Crowdin.
# We explicitly set this to `false` since we only want to use the downloaded translations managed by Crowdin.
upload_translations: false
download_translations: true
create_pull_request: true

2
.github/workflows/move-reopened-issues-to-triage.yaml vendored
View File

@@ -37,5 +37,5 @@ jobs:
}
}
} catch(e) {
console.log(error);
console.log(e);
}

64
.github/workflows/notify-when-maintainers-cannot-edit.yaml vendored Normal file
View File

@@ -0,0 +1,64 @@
name: Notify When Maintainers Cannot Edit
# **What it does**: Notifies the author of a PR when their PR does not allow maintainers to edit it.
# **Why we have it**: To prevent having to do this manually.
# **Who does it impact**: Open-source.
on:
pull_request_target:
types:
- opened
permissions:
pull-requests: write
jobs:
notify-when-maintainers-cannot-edit:
if: github.repository == 'github/docs'
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
with:
script: |
const query = `
query($number: Int!) {
repository(owner: "github", name: "docs") {
pullRequest(number: $number) {
headRepositoryOwner {
login
}
maintainerCanModify
}
}
}
`;
const pullNumber = context.issue.number;
const variables = { number: pullNumber };
try {
console.log(`Check github/docs#${pullNumber} for maintainer edit access ...`);
const result = await github.graphql(query, variables);
console.log(JSON.stringify(result, null, 2));
const pullRequest = result.repository.pullRequest;
if (pullRequest.headRepositoryOwner.login === 'github') {
console.log('PR owned by github');
return;
}
if (!pullRequest.maintainerCanModify) {
console.log('PR not owned by github and does not have maintainer edits enabled');
await github.issues.createComment({
issue_number: pullNumber,
owner: 'github',
repo: 'docs',
body: "Thanks for submitting a PR to the GitHub Docs project!\n\nIn order to review and merge PRs most efficiently, we require that all PRs grant maintainer edit access before we review them. For information on how to do this, [see the documentation](https://docs.github.com/en/github/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)."
});
}
} catch(e) {
console.log(e);
}

11
.github/workflows/staging-deploy-pr.yml vendored
View File

@@ -79,9 +79,18 @@ jobs:
name: prRepoName
}
} = run
const headLabel = `${prRepoOwner}:${headBranch}`
const prIsInternal = owner === prRepoOwner && repo === prRepoName
let headLabel = `${prRepoOwner}:${headBranch}`
// If the PR is external, prefix its head branch name with the
// forked repo owner's login and their fork repo name e.g.
// "octocat/my-fork:docs". We need to include the fork repo
// name as well to account for an API issue (this will work fine
// if they don't have a different fork repo name).
if (!prIsInternal) {
headLabel = `${prRepoOwner}/${prRepoName}:${headBranch}`
}
// If the PR is external, prefix its head branch name with the
// forked repo owner's login, e.g. "octocat:docs"

2
CONTRIBUTING.md
View File

@@ -6,7 +6,7 @@ Read our [Code of Conduct](./CODE_OF_CONDUCT.md) to keep our community approacha
In this guide you will get an overview of the contribution workflow from opening an issue, creating a PR, reviewing, and merging the PR.
Use the table of contents icon <img src="./assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of the this document to get to a specific section of this guide quickly.
Use the table of contents icon <img src="./assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of this document to get to a specific section of this guide quickly.
## New contributor guide

4
README.md
View File

@@ -4,7 +4,7 @@ This repository contains the documentation website code and Markdown source file
GitHub's Docs team works on pre-production content in a private repo that regularly syncs with this public repo.
Use the table of contents icon <img src="./assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of the this document to get to a specific section of this guide quickly.
Use the table of contents icon <img src="./assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of this document to get to a specific section of this guide quickly.
## Contributing
@@ -60,4 +60,4 @@ When using the GitHub logos, be sure to follow the [GitHub logo guidelines](http
## Thanks :purple_heart:
Thanks for all your contributions and efforts towards improving the GitHub documentation. We thank you being part of our community !
Thanks for all your contributions and efforts towards improving the GitHub documentation. We thank you being part of our :sparkles: community :sparkles: !

BIN
assets/images/enterprise/github-ae/organizations/security-and-analysis-disable-or-enable-all-ghae.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 160 KiB

BIN
assets/images/help/repository/code-scanning-library-alert-index.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

BIN
assets/images/help/repository/code-scanning-library-alert-show.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

18
content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md
View File

@@ -134,8 +134,8 @@ Email notifications from {% data variables.product.product_name %} contain the f
| --- | --- |
| `From` address | This address will always be {% ifversion fpt %}'`notifications@github.com`'{% else %}'the no-reply email address configured by your site administrator'{% endif %}. |
| `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} |
| `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are: <ul><li>`assign`: You were assigned to an issue or pull request.</li><li>`author`: You created an issue or pull request.</li><li>`ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.</li><li>`comment`: You commented on an issue or pull request.</li><li>`manual`: There was an update to an issue or pull request you manually subscribed to.</li><li>`mention`: You were mentioned on an issue or pull request.</li><li>`push`: Someone committed to a pull request you're subscribed to.</li><li>`review_requested`: You or a team you're a member of was requested to review a pull request.</li>{% ifversion not ghae %}<li>`security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.</li>{% endif %}<li>`state_change`: An issue or pull request you're subscribed to was either closed or opened.</li><li>`subscribed`: There was an update in a repository you're watching.</li><li>`team_mention`: A team you belong to was mentioned on an issue or pull request.</li><li>`your_activity`: You opened, commented on, or closed an issue or pull request.</li></ul> |
| `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `<repository name>.<repository owner>.{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes %}
| `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are: <ul><li>`assign`: You were assigned to an issue or pull request.</li><li>`author`: You created an issue or pull request.</li><li>`ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.</li><li>`comment`: You commented on an issue or pull request.</li><li>`manual`: There was an update to an issue or pull request you manually subscribed to.</li><li>`mention`: You were mentioned on an issue or pull request.</li><li>`push`: Someone committed to a pull request you're subscribed to.</li><li>`review_requested`: You or a team you're a member of was requested to review a pull request.</li>{% ifversion fpt or ghes or ghae-issue-4864 %}<li>`security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.</li>{% endif %}<li>`state_change`: An issue or pull request you're subscribed to was either closed or opened.</li><li>`subscribed`: There was an update in a repository you're watching.</li><li>`team_mention`: A team you belong to was mentioned on an issue or pull request.</li><li>`your_activity`: You opened, commented on, or closed an issue or pull request.</li></ul> |
| `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `<repository name>.<repository owner>.{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 %}
| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:<ul><li>`low`</li><li>`moderate`</li><li>`high`</li><li>`critical`</li></ul>For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %}
## Choosing your notification settings
@@ -144,7 +144,7 @@ Email notifications from {% data variables.product.product_name %} contain the f
{% data reusables.notifications-v2.manage-notifications %}
3. On the notifications settings page, choose how you receive notifications when:
- There are updates in repositories or team discussions you're watching or in a conversation you're participating in. For more information, see "[About participating and watching notifications](#about-participating-and-watching-notifications)."
- You gain access to a new repository or you've joined a new team. For more information, see "[Automatic watching](#automatic-watching)."{% ifversion fpt or ghes %}
- You gain access to a new repository or you've joined a new team. For more information, see "[Automatic watching](#automatic-watching)."{% ifversion fpt or ghes or ghae-issue-4864 %}
- There are new {% data variables.product.prodname_dependabot_alerts %} in your repository. For more information, see "[{% data variables.product.prodname_dependabot_alerts %} notification options](#dependabot-alerts-notification-options)." {% endif %} {% ifversion fpt %}
- There are workflow runs updates on repositories set up with {% data variables.product.prodname_actions %}. For more information, see "[{% data variables.product.prodname_actions %} notification options](#github-actions-notification-options)."{% endif %}
@@ -161,14 +161,14 @@ If "Automatically watch repositories" is disabled, then you will not automatical
You can choose whether to watch or unwatch an individual repository. You can also choose to only be notified of {% ifversion fpt or ghes > 3.0 or ghae-next %}certain event types such as {% data reusables.notifications-v2.custom-notification-types %} (if enabled for the repository) {% else %}new releases{% endif %}, or completely ignore an individual repository.
{% data reusables.repositories.navigate-to-repo %}
2. In the upper-right corner, click the "Watch" drop-down menu to select a watch option.
{% ifversion fpt or ghes > 3.0 or ghae-next %}
2. In the upper-right corner, select the "Watch" drop-down menu to click a watch option.
{% ifversion fpt or ghes > 3.0 or ghae-issue-4910 %}
![Watch options in a drop-down menu for a repository](/assets/images/help/notifications-v2/watch-repository-options-custom.png)
The **Custom** option allows you to further customize notifications so that you're only notified when specific events happen in the repository, in addition to participating and @mentions.
{% else %}
![Watch options in a drop-down menu for a repository](/assets/images/help/notifications-v2/watch-repository-options.png){% endif %}
{% ifversion fpt or ghes > 3.0 or ghae-next %}
{% ifversion fpt or ghes > 3.0 or ghae-issue-4910 %}
![Custom watch options in a drop-down menu for a repository](/assets/images/help/notifications-v2/watch-repository-options-custom2-dotcom.png)
If you select "Issues", you will be notified about, and subscribed to, updates on every issue (including those that existed prior to you selecting this option) in the repository. If you're @mentioned in a pull request in this repository, you'll receive notifications for that too, and you'll be subscribed to updates on that specific pull request, in addition to being notified about issues.
{% endif %}
@@ -198,12 +198,8 @@ If you are a member of more than one organization, you can configure each one to
5. Select one of your verified email addresses, then click **Save**.
![Switching your per-org email address](/assets/images/help/notifications/notifications_switching_org_email.gif)
{% ifversion not ghae %}
{% ifversion fpt or ghes %}
{% ifversion fpt or ghes or ghae-issue-4864 %}
## {% data variables.product.prodname_dependabot_alerts %} notification options
{% else %}
## Security alert notification options
{% endif %}
{% data reusables.notifications.vulnerable-dependency-notification-enable %}
{% data reusables.notifications.vulnerable-dependency-notification-delivery-method-customization2 %}

19
content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md
View File

@@ -114,14 +114,14 @@ To filter notifications for specific activity on {% data variables.product.produ
- `is:gist`
- `is:issue-or-pull-request`
- `is:release`
- `is:repository-invitation`{% ifversion not ghae %}
- `is:repository-vulnerability-alert`
- `is:repository-invitation`{% ifversion fpt or ghes or ghae-issue-4864 %}
- `is:repository-vulnerability-alert`{% endif %}{% ifversion fpt %}
- `is:repository-advisory`{% endif %}
- `is:team-discussion`{% ifversion fpt %}
- `is:discussion`{% endif %}
{% ifversion not ghae %}
For information about reducing noise from notifications for {% ifversion fpt or ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %}, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies)."
{% ifversion fpt or ghes or ghae-issue-4864 %}
For information about reducing noise from notifications for {% data variables.product.prodname_dependabot_alerts %}, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies)."
{% endif %}
You can also use the `is:` query to describe how the notification was triaged.
@@ -144,7 +144,7 @@ To filter notifications by why you've received an update, you can use the `reaso
| `reason:invitation` | When you're invited to a team, organization, or repository.
| `reason:manual` | When you click **Subscribe** on an issue or pull request you weren't already subscribed to.
| `reason:mention` | You were directly @mentioned.
| `reason:review-requested` | You or a team you're on have been requested to review a pull request.{% ifversion not ghae %}
| `reason:review-requested` | You or a team you're on have been requested to review a pull request.{% ifversion fpt or ghes or ghae-issue-4864 %}
| `reason:security-alert` | When a security alert is issued for a repository.{% endif %}
| `reason:state-change` | When the state of a pull request or issue is changed. For example, an issue is closed or a pull request is merged.
| `reason:team-mention` | When a team you're a member of is @mentioned.
@@ -163,7 +163,7 @@ For example, to see notifications from the octo-org organization, use `org:octo-
{% endif %}
{% ifversion fpt or ghes %}
{% ifversion fpt or ghes or ghae-issue-4864 %}
## {% data variables.product.prodname_dependabot %} custom filters
{% ifversion fpt %}
@@ -175,8 +175,11 @@ If you use {% data variables.product.prodname_dependabot %} to keep your depende
For more information about {% data variables.product.prodname_dependabot %}, see "[About managing vulnerable dependencies](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)."
{% endif %}
{% ifversion ghes %}
If you use {% data variables.product.prodname_dependabot %} to keep your dependencies-up-to-date, you can use and save the `is:repository_vulnerability_alert` custom filter to show notifications for {% data variables.product.prodname_dependabot_alerts %}.
{% ifversion ghes or ghae-issue-4864 %}
If you use {% data variables.product.prodname_dependabot %} to keep your dependencies-up-to-date, you can use and save these custom filters to show notifications for {% data variables.product.prodname_dependabot_alerts %}:
- `is:repository_vulnerability_alert`
- `reason:security_alert`
For more information about {% data variables.product.prodname_dependabot %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
{% endif %}

2
content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md
View File

@@ -14,7 +14,7 @@ topics:
- Profiles
shortTitle: Organization's profile
---
You can optionally choose to add a description, location, website, and email address for your organization, and pin important repositories. You can customize your organization's profile by adding a README.md file. For more information, see "[Customizing your organization's profile](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile)."
You can optionally choose to add a description, location, website, and email address for your organization, and pin important repositories.{% ifversion not ghes and not ghae %} You can customize your organization's profile by adding a README.md file. For more information, see "[Customizing your organization's profile](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile)."{% endif %}
{% ifversion fpt %}To confirm your organization's identity and display a "Verified" badge on your organization profile page, you must verify your organization's domains with {% data variables.product.product_name %}. For more information, see "[Verifying or approving a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)."{% endif %}

4
content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md
View File

@@ -43,8 +43,8 @@ The repository owner has full control of the repository. In addition to the acti
| Delete and restore packages | "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" |{% endif %}{% ifversion ghes = 2.22 or ghes = 3.0 or ghae %}
| Delete packages | "[Deleting packages](/packages/learn-github-packages/deleting-a-package)" |{% endif %}
| Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" |
| Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes %}
| Receive {% ifversion fpt or ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} for vulnerable dependencies | "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" |{% endif %}{% ifversion fpt %}
| Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes or ghae-issue-4864 %}
| Control access to {% data variables.product.prodname_dependabot_alerts %} alerts for vulnerable dependencies | "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt %}
| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" |
| Manage data use for a private repository | "[Managing data use settings for your private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository)"|{% endif %}
| Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" |

11
content/actions/deployment/deploying-to-amazon-elastic-container-service.md
View File

@@ -21,9 +21,9 @@ shortTitle: Deploy to Amazon ECS
## Introduction
This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/) when a release is created.
This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/) when there is a push to the `main` branch.
On every new release in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS.
On every new push to `main` in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS.
## Prerequisites
@@ -67,7 +67,9 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials.
{% ifversion fpt or ghes > 3.0 or ghae %}
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
{% endif %}
## Creating the workflow
@@ -85,8 +87,9 @@ Ensure that you provide your own values for all the variables in the `env` key o
name: Deploy to Amazon ECS
on:
release:
types: [ created ]
push:
branches:
- main
env:
AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1

9
content/actions/deployment/deploying-to-azure-app-service.md
View File

@@ -69,13 +69,15 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
4. For Linux apps, add an app setting called `WEBSITE_WEBDEPLOY_USE_SCM` and set it to true in your app. For more information, see "[Configure apps in the portal](https://docs.microsoft.com/en-us/azure/app-service/configure-common#configure-app-settings)" in the Azure documentation.
{% ifversion fpt or ghes > 3.0 or ghae %}
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
{% endif %}
## Creating the workflow
Once you've completed the prerequisites, you can proceed with creating the workflow.
The following example workflow demonstrates how to build, test, and deploy the Node.js project to Azure App Service when a release is created.
The following example workflow demonstrates how to build, test, and deploy the Node.js project to Azure App Service when there is a push to the `main` branch.
Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of the web app you created. You can also change `AZURE_WEBAPP_PACKAGE_PATH` if the path to your project is not the repository root and `NODE_VERSION` if you want to use a node version other than `10.x`.
@@ -85,8 +87,9 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of
{% data reusables.actions.actions-not-certified-by-github-comment %}
on:
release:
types: [created]
push:
branches:
- main
env:
AZURE_WEBAPP_NAME: MY_WEBAPP_NAME # set this to your application's name

9
content/actions/deployment/deploying-to-google-kubernetes-engine.md
View File

@@ -21,7 +21,7 @@ shortTitle: Deploy to Google Kubernetes Engine
## Introduction
This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to Google Container Registry (GCR), and deploy it to Google Kubernetes Engine (GKE) when a release is created.
This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to Google Container Registry (GCR), and deploy it to Google Kubernetes Engine (GKE) when there is a push to the `main` branch.
GKE is a managed Kubernetes cluster service from Google Cloud that can host your containerized workloads in the cloud or in your own datacenter. For more information, see [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine).
@@ -105,9 +105,11 @@ Store the name of your project as a secret named `GKE_PROJECT`. For more informa
### (Optional) Configuring kustomize
Kustomize is an optional tool used for managing YAML specs. After creating a _kustomization_ file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. For more information, see [kustomize usage](https://github.com/kubernetes-sigs/kustomize#usage).
{% ifversion fpt or ghes > 3.0 or ghae %}
### (Optional) Configure a deployment environment
{% data reusables.actions.about-environments %}
{% endif %}
## Creating the workflow
@@ -125,8 +127,9 @@ Under the `env` key, change the value of `GKE_CLUSTER` to the name of your clust
name: Build and Deploy to GKE
on:
release:
types: [created]
push:
branches:
- main
env:
PROJECT_ID: {% raw %}${{ secrets.GKE_PROJECT }}{% endraw %}

6
content/actions/deployment/deploying-with-github-actions.md
View File

@@ -31,13 +31,12 @@ You should be familiar with the syntax for {% data variables.product.prodname_ac
## Triggering your deployment
You can use a variety of events to trigger your deployment workflow. Some of the most common are: `pull_request`, `push`, `release`, and `workflow_dispatch`.
You can use a variety of events to trigger your deployment workflow. Some of the most common are: `pull_request`, `push`, and `workflow_dispatch`.
For example, a workflow with the following triggers runs whenever:
- There is a push to the `main` branch.
- A pull request targeting the `main` branch is opened, synchronized, or reopened.
- A release is created.
- Someone manually triggers it.
```yaml
@@ -48,9 +47,6 @@ on:
pull_request:
branches:
- main
release:
types:
- created
workflow_dispatch:
```

6
content/actions/hosting-your-own-runners/adding-self-hosted-runners.md
View File

@@ -34,7 +34,7 @@ For more information, see "[About self-hosted runners](/github/automating-your-w
## Adding a self-hosted runner to a repository
You can add self-hosted runners to a single repository. To add a self-hosted runner to a user repository, you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository.
You can add self-hosted runners to a single repository. To add a self-hosted runner to a user repository, you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. For information about how to add a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)."
{% ifversion fpt %}
{% data reusables.repositories.navigate-to-repo %}
@@ -55,7 +55,7 @@ You can add self-hosted runners to a single repository. To add a self-hosted run
## Adding a self-hosted runner to an organization
You can add self-hosted runners at the organization level, where they can be used to process jobs for multiple repositories in an organization. To add a self-hosted runner to an organization, you must be an organization owner.
You can add self-hosted runners at the organization level, where they can be used to process jobs for multiple repositories in an organization. To add a self-hosted runner to an organization, you must be an organization owner. For information about how to add a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)."
{% ifversion fpt %}
{% data reusables.organizations.navigate-to-org %}
@@ -84,7 +84,7 @@ You can add self-hosted runners to an enterprise, where they can be assigned to
New runners are assigned to the default group. You can modify the runner's group after you've registered the runner. For more information, see "[Managing access to self-hosted runners](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group)."
{% ifversion fpt %}
To add a self-hosted runner to an enterprise account, you must be an enterprise owner.
To add a self-hosted runner to an enterprise account, you must be an enterprise owner. For information about how to add a self-hosted runner with the REST API, see the [Enterprise Administration GitHub Actions APIs](/rest/reference/enterprise-admin#github-actions).
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}

40
content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md
View File

@@ -15,6 +15,24 @@ type: 'overview'
You can automatically increase or decrease the number of self-hosted runners in your environment in response to the webhook events you receive with a particular label. For example, you can create automation that adds a new self-hosted runner each time you receive a [`workflow_job`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) webhook event with the [`queued`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) activity, which notifies you that a new job is ready for processing. The webhook payload includes label data, so you can identify the type of runner the job is requesting. Once the job has finished, you can then create automation that removes the runner in response to the `workflow_job` [`completed`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) activity.
## Recommended autoscaling solutions
{% data variables.product.prodname_dotcom %} recommends and partners closely with two open source projects that you can use for autoscaling your runners. One or both solutions may be suitable, based on your needs.
The following repositories have detailed instructions for setting up these autoscalers:
- [actions-runner-controller/actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller) - A Kubernetes controller for {% data variables.product.prodname_actions %} self-hosted runnners.
- [philips-labs/terraform-aws-github-runner](https://github.com/philips-labs/terraform-aws-github-runner) - A Terraform module for scalable {% data variables.product.prodname_actions %} runners on Amazon Web Services.
Each solution has certain specifics that may be important to consider:
| **Features** | **actions-runner-controller** | **terraform-aws-github-runner** |
| :--- | :--- | :--- |
| Runtime | Kubernetes | Linux and Windows VMs |
| Supported Clouds | Azure, Amazon Web Services, Google Cloud Platform, on-premises | Amazon Web Services |
| Where runners can be scaled | Enterprise, organization, and repository levels. By runner label and runner group. | Organization and repository levels. By runner label and runner group. |
| Pull-based autoscaling support | Yes | No |
## Using ephemeral runners for autoscaling
{% data variables.product.prodname_dotcom %} recommends implementing autoscaling with ephemeral self-hosted runners; autoscaling with persistent self-hosted runners is not recommended. In certain cases, {% data variables.product.prodname_dotcom %} cannot guarantee that jobs are not assigned to persistent runners while they are shut down. With ephemeral runners, this can be guaranteed because {% data variables.product.prodname_dotcom %} only assigns one job to a runner.
@@ -44,7 +62,7 @@ You can create your own autoscaling environment by using payloads received from
## Authentication requirements
You can register and delete self-hosted runners using [the API](/rest/reference/actions#self-hosted-runners). To authenticate to the API, your autoscaling implementation can use an access token or a {% data variables.product.prodname_dotcom %} app.
You can register and delete repository and organization self-hosted runners using [the API](/rest/reference/actions#self-hosted-runners). To authenticate to the API, your autoscaling implementation can use an access token or a {% data variables.product.prodname_dotcom %} app.
Your access token will require the following scope:
@@ -53,22 +71,8 @@ Your access token will require the following scope:
To authenticate using a {% data variables.product.prodname_dotcom %} App, it must be assigned the following permissions:
- For repositories, assign the `administration` permission.
- for organizations, assign the `organization_self_hosted_runners` permission.
- For organizations, assign the `organization_self_hosted_runners` permission.
## Recommended autoscaling solutions
You can register and delete enterprise self-hosted runners using [the API](/rest/reference/enterprise-admin#github-actions). To authenticate to the API, your autoscaling implementation can use an access token.
{% data variables.product.prodname_dotcom %} recommends and partners closely with two open source projects that you can use for autoscaling your runners. One or both solutions may be suitable, based on your needs.
The following repositories have detailed instructions for setting up these autoscalers:
- [actions-runner-controller/actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller) - A Kubernetes controller for {% data variables.product.prodname_actions %} self-hosted runnners.
- [philips-labs/terraform-aws-github-runner](https://github.com/philips-labs/terraform-aws-github-runner) - A Terraform module for scalable {% data variables.product.prodname_actions %} runners on Amazon Web Services.
Each solution has certain specifics that may be important to consider:
| **Features** | **actions-runner-controller** | **terraform-aws-github-runner** |
| :--- | :--- | :--- |
| Runtime | Kubernetes | Linux and Windows VMs |
| Supported Clouds | Azure, Amazon Web Services, Google Cloud Platform, on-premises | Amazon Web Services |
| Where runners can be scaled | Enterprise, organization, and repository levels. By runner label and runner group. | Organization and repository levels. By runner label and runner group. |
| Pull-based autoscaling support | Yes | No |
Your access token will requite the `manage_runners:enterprise` scope.

4
content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md
View File

@@ -33,7 +33,7 @@ When new runners are created, they are automatically assigned to the default gro
## Creating a self-hosted runner group for an organization
All organizations have a single default self-hosted runner group. Organizations within an enterprise account can create additional self-hosted groups. Organization admins can allow individual repositories access to a runner group.
All organizations have a single default self-hosted runner group. Organizations within an enterprise account can create additional self-hosted groups. Organization admins can allow individual repositories access to a runner group. For information about how to create a self-hosted runner group with the REST API, see "[Self-hosted runner groups](/rest/reference/actions#self-hosted-runner-groups)."
Self-hosted runners are automatically assigned to the default group when created, and can only be members of one group at a time. You can move a runner from the default group to any group you create.
@@ -83,7 +83,7 @@ When creating a group, you must choose a policy that defines which repositories
## Creating a self-hosted runner group for an enterprise
Enterprises can add their self-hosted runners to groups for access management. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account. Organization admins can then assign additional granular repository access policies to the enterprise runner groups.
Enterprises can add their self-hosted runners to groups for access management. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account. Organization admins can then assign additional granular repository access policies to the enterprise runner groups. For information about how to create a self-hosted runner group with the REST API, see the [Enterprise Administration GitHub Actions APIs](/rest/reference/enterprise-admin#github-actions).
Self-hosted runners are automatically assigned to the default group when created, and can only be members of one group at a time. You can assign the runner to a specific group during the registration process, or you can later move the runner from the default group to a custom group.

6
content/actions/hosting-your-own-runners/removing-self-hosted-runners.md
View File

@@ -26,7 +26,7 @@ shortTitle: Remove self-hosted runners
{% endnote %}
To remove a self-hosted runner from a user repository you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. We recommend that you also have access to the self-hosted runner machine.
To remove a self-hosted runner from a user repository you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)."
{% data reusables.github-actions.self-hosted-runner-reusing %}
{% ifversion fpt %}
@@ -53,7 +53,7 @@ To remove a self-hosted runner from a user repository you must be the repository
{% endnote %}
To remove a self-hosted runner from an organization, you must be an organization owner. We recommend that you also have access to the self-hosted runner machine.
To remove a self-hosted runner from an organization, you must be an organization owner. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)."
{% data reusables.github-actions.self-hosted-runner-reusing %}
{% ifversion fpt or ghes > 3.1 or ghae-next %}
@@ -81,7 +81,7 @@ To remove a self-hosted runner from an organization, you must be an organization
{% data reusables.github-actions.self-hosted-runner-reusing %}
{% ifversion fpt %}
To remove a self-hosted runner from an enterprise account, you must be an enterprise owner. We recommend that you also have access to the self-hosted runner machine.
To remove a self-hosted runner from an enterprise account, you must be an enterprise owner. We recommend that you also have access to the self-hosted runner machine. For information about how to add a self-hosted runner with the REST API, see the [Enterprise Administration GitHub Actions APIs](/rest/reference/enterprise-admin#github-actions).
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.actions-tab %}

2
content/actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions.md
View File

@@ -358,7 +358,7 @@ jobs:
</tr>
</table>
{% data variables.product.prodname_actions %} caching is only applicable to {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see "<a href="/actions/guides/caching-dependencies-to-speed-up-workflows" class="dotcom-only">Caching dependencies to speed up workflows</a>."
{% data variables.product.prodname_actions %} caching is only applicable for repositories hosted on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "<a href="/actions/guides/caching-dependencies-to-speed-up-workflows" class="dotcom-only">Caching dependencies to speed up workflows</a>."
## Artifacts

2
content/actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md
View File

@@ -334,7 +334,7 @@ cache: npm
</tr>
</table>
{% data variables.product.prodname_actions %} caching is only applicable to {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see "<a href="/actions/guides/caching-dependencies-to-speed-up-workflows" class="dotcom-only">Caching dependencies to speed up workflows</a>."
{% data variables.product.prodname_actions %} caching is only applicable for repositories hosted on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "<a href="/actions/guides/caching-dependencies-to-speed-up-workflows" class="dotcom-only">Caching dependencies to speed up workflows</a>."
## Examples of common tasks

2
content/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise.md
View File

@@ -33,7 +33,7 @@ When you enable {% data variables.product.prodname_GH_advanced_security %} for y
- {% data variables.product.prodname_code_scanning_capc %}, see "[Configuring {% data variables.product.prodname_code_scanning %} for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#prerequisites-for-code-scanning)."
- {% data variables.product.prodname_secret_scanning_caps %}, see "[Configuring {% data variables.product.prodname_secret_scanning %} for your appliance](/admin/advanced-security/configuring-secret-scanning-for-your-appliance#prerequisites-for-secret-scanning)."{% endif %}
- {% data variables.product.prodname_dependabot %}, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."
- {% data variables.product.prodname_dependabot %}, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."
## Checking whether your license includes {% data variables.product.prodname_GH_advanced_security %}

100
content/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server.md
View File

@@ -1,100 +0,0 @@
---
title: Enabling alerts for vulnerable dependencies on GitHub Enterprise Server
intro: 'You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_ghe_cloud %} and enable the dependency graph and {% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts in repositories in your instance.'
shortTitle: Enable alerts for dependencies
miniTocMaxHeadingLevel: 3
redirect_from:
- /enterprise/admin/installation/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enterprise/admin/configuration/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enterprise/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
permissions: 'Site administrators for {% data variables.product.prodname_ghe_server %} who are also owners of the connected {% data variables.product.prodname_ghe_cloud %} organization or enterprise account can enable the dependency graph and {% data variables.product.prodname_dependabot %} alerts on {% data variables.product.prodname_ghe_server %}.'
versions:
ghes: '*'
type: how_to
topics:
- Enterprise
- Security
- Dependency graph
- Dependabot
---
## About alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}
To identify vulnerable dependencies in your repository and receive alerts about vulnerabilities, you need to enable two security features:
- The dependency graph
- {% data variables.product.prodname_dependabot %} alerts
For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
{% data reusables.repositories.tracks-vulnerabilities %}
You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}, then sync vulnerability data to your instance and generate {% data variables.product.prodname_dependabot_alerts %} in repositories with a vulnerable dependency.
After connecting {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %} and enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies, vulnerability data is synced from {% data variables.product.prodname_dotcom_the_website %} to your instance once every hour. You can also choose to manually sync vulnerability data at any time. No code or information about code from {% data variables.product.product_location %} is uploaded to {% data variables.product.prodname_dotcom_the_website %}.
When {% data variables.product.product_location %} receives information about a vulnerability, it will identify repositories in your instance that use the affected version of the dependency and generate {% data variables.product.prodname_dependabot_alerts %}. You can customize how you receive {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies/#configuring-notifications-for-dependabot-alerts)."
Before enabling the dependency graph and {% ifversion ghes > 2.21 %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.product_location %}, you must connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)."
## Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on GitHub Enterprise Server
For {% data variables.product.product_location %} to generate {% data variables.product.prodname_dependabot_alerts %} whenever vulnerabilities are detected on your repositories:
- You must connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Connecting {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_cloud %}](/admin/guides/installation/connecting-github-enterprise-server-to-github-enterprise-cloud)."
- You must enable the dependency graph.
{% ifversion ghes > 3.1 %}
You can enable the dependency graph via the {% data variables.enterprise.management_console %} or the administrative shell. We recommend you follow the {% data variables.enterprise.management_console %} route unless {% data variables.product.product_location %} uses clustering.
### Enabling the dependency graph via the {% data variables.enterprise.management_console %}
{% endif %}{% ifversion ghes > 3.1 %}
{% data reusables.enterprise_site_admin_settings.sign-in %}
{% data reusables.enterprise_site_admin_settings.access-settings %}
{% data reusables.enterprise_site_admin_settings.management-console %}
{% data reusables.enterprise_management_console.advanced-security-tab %}
1. Under "Security," click **Dependency graph**.
![Checkbox to enable or disable the dependency graph](/assets/images/enterprise/3.2/management-console/enable-dependency-graph-checkbox.png)
{% data reusables.enterprise_management_console.save-settings %}
1. Click **Visit your instance**.
### Enabling the dependency graph via the administrative shell
{% else %}
### Enabling the dependency graph
{% endif %}
{% data reusables.enterprise_site_admin_settings.sign-in %}
1. In the administrative shell, enable the dependency graph on {% data variables.product.product_location %}:
``` shell
$ {% ifversion ghes > 3.1 %}ghe-config app.dependency-graph.enabled true{% else %}ghe-config app.github.dependency-graph-enabled true{% endif %}
```
{% note %}
**Note**: For more information about enabling access to the administrative shell via SSH, see "[Accessing the administrative shell (SSH)](/enterprise/{{ currentVersion }}/admin/configuration/accessing-the-administrative-shell-ssh)."
{% endnote %}
1. Apply the configuration.
```shell
$ ghe-config-apply
```
1. Return to {% data variables.product.prodname_ghe_server %}.
### Enabling {% data variables.product.prodname_dependabot_alerts %}
Before enabling {% data variables.product.prodname_dependabot_alerts %} for your instance, you need to enable the dependency graph. For more information, see above.
{% data reusables.enterprise-accounts.access-enterprise %}{% ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}{% data reusables.enterprise-accounts.github-connect-tab %}
1. Under "Repositories can be scanned for vulnerabilities", use the drop-down menu and select **Enabled without notifications**. Optionally, to enable alerts with notifications, select **Enabled with notifications**.
![Drop-down menu to enable scanning repositories for vulnerabilities](/assets/images/enterprise/site-admin-settings/enable-vulnerability-scanning-in-repositories.png)
{% note %}
We recommend configuring {% data variables.product.prodname_dependabot_alerts %} without notifications for the first few days to avoid an overload of emails. After a few days, you can enable notifications to receive {% data variables.product.prodname_dependabot_alerts %} as usual.
{% endnote %}
## Viewing vulnerable dependencies on {% data variables.product.prodname_ghe_server %}
You can view all vulnerabilities in {% data variables.product.product_location %} and manually sync vulnerability data from {% data variables.product.prodname_dotcom_the_website %} to update the list.
{% data reusables.enterprise_site_admin_settings.access-settings %}
2. In the left sidebar, click **Vulnerabilities**.
![Vulnerabilities tab in the site admin sidebar](/assets/images/enterprise/business-accounts/vulnerabilities-tab.png)
3. To sync vulnerability data, click **Sync Vulnerabilities now**.
![Sync vulnerabilities now button](/assets/images/enterprise/site-admin-settings/sync-vulnerabilities-button.png)

114
content/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account.md Normal file
View File

@@ -0,0 +1,114 @@
---
title: Enabling the dependency graph and Dependabot alerts on your enterprise account
intro: 'You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_ghe_cloud %} and enable the dependency graph and {% data variables.product.prodname_dependabot %} alerts in repositories in your instance.'
shortTitle: Enable dependency analysis
redirect_from:
- /enterprise/admin/installation/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enterprise/admin/configuration/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enterprise/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
permissions: 'Enterprise owners who are also owners of the connected {% data variables.product.prodname_ghe_cloud %} organization or enterprise account can enable the dependency graph and {% data variables.product.prodname_dependabot %} alerts on {% data variables.product.product_location %}.'
versions:
ghes: '*'
ghae: "issue-4864"
type: how_to
topics:
- Enterprise
- Security
- Dependency graph
- Dependabot
---
## About alerts for vulnerable dependencies on {% data variables.product.product_location %}
{% data reusables.dependabot.dependabot-alerts-beta %}
{% data variables.product.prodname_dotcom %} identifies vulnerable dependencies in repositories and creates {% data variables.product.prodname_dependabot_alerts %} on {% data variables.product.product_location %}, using:
- Data from the {% data variables.product.prodname_advisory_database %}
- The dependency graph service
For more information about these features, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
### About synchronization of data from the {% data variables.product.prodname_advisory_database %}
{% data reusables.repositories.tracks-vulnerabilities %}
You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %} with {% data variables.product.prodname_github_connect %}. Once connected, vulnerability data is synced from the {% data variables.product.prodname_advisory_database %} to your instance once every hour. You can also choose to manually sync vulnerability data at any time. No code or information about code from {% data variables.product.product_location %} is uploaded to {% data variables.product.prodname_dotcom_the_website %}.
### About generation of {% data variables.product.prodname_dependabot_alerts %}
If you enable vulnerability detection, when {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in your instance that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}.
## Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.product_location %}
### Prerequisites
For {% data variables.product.product_location %} to detect vulnerable dependencies and generate {% data variables.product.prodname_dependabot_alerts %}:
- You must connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghae %}This also enables the dependency graph service. {% endif %}{% ifversion ghes or ghae-next %}For more information, see "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)."{% endif %}
{% ifversion ghes %}- You must enable the dependency graph service.{% endif %}
- You must enable vulnerability scanning.
{% ifversion ghes %}
{% ifversion ghes > 3.1 %}
You can enable the dependency graph via the {% data variables.enterprise.management_console %} or the administrative shell. We recommend you follow the {% data variables.enterprise.management_console %} route unless {% data variables.product.product_location %} uses clustering.
### Enabling the dependency graph via the {% data variables.enterprise.management_console %}
{% data reusables.enterprise_site_admin_settings.sign-in %}
{% data reusables.enterprise_site_admin_settings.access-settings %}
{% data reusables.enterprise_site_admin_settings.management-console %}
{% data reusables.enterprise_management_console.advanced-security-tab %}
1. Under "Security," click **Dependency graph**.
![Checkbox to enable or disable the dependency graph](/assets/images/enterprise/3.2/management-console/enable-dependency-graph-checkbox.png)
{% data reusables.enterprise_management_console.save-settings %}
1. Click **Visit your instance**.
### Enabling the dependency graph via the administrative shell
{% endif %}{% ifversion ghes < 3.2 %}
### Enabling the dependency graph
{% endif %}
{% data reusables.enterprise_site_admin_settings.sign-in %}
1. In the administrative shell, enable the dependency graph on {% data variables.product.product_location %}:
``` shell
$ {% ifversion ghes > 3.1 %}ghe-config app.dependency-graph.enabled true{% else %}ghe-config app.github.dependency-graph-enabled true{% endif %}
```
{% note %}
**Note**: For more information about enabling access to the administrative shell via SSH, see "[Accessing the administrative shell (SSH)](/enterprise/{{ currentVersion }}/admin/configuration/accessing-the-administrative-shell-ssh)."
{% endnote %}
1. Apply the configuration.
```shell
$ ghe-config-apply
```
1. Return to {% data variables.product.prodname_ghe_server %}.
{% endif %}
### Enabling {% data variables.product.prodname_dependabot_alerts %}
{% ifversion ghes %}
Before enabling {% data variables.product.prodname_dependabot_alerts %} for your instance, you need to enable the dependency graph. For more information, see above.
{% endif %}
{% data reusables.enterprise-accounts.access-enterprise %}
{%- ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}
{% data reusables.enterprise-accounts.github-connect-tab %}
1. Under "Repositories can be scanned for vulnerabilities", select the drop-down menu and click **Enabled without notifications**. Optionally, to enable alerts with notifications, click **Enabled with notifications**.
![Drop-down menu to enable scanning repositories for vulnerabilities](/assets/images/enterprise/site-admin-settings/enable-vulnerability-scanning-in-repositories.png)
{% tip %}
**Tip**: We recommend configuring {% data variables.product.prodname_dependabot_alerts %} without notifications for the first few days to avoid an overload of emails. After a few days, you can enable notifications to receive {% data variables.product.prodname_dependabot_alerts %} as usual.
{% endtip %}
## Viewing vulnerable dependencies on {% data variables.product.product_location %}
You can view all vulnerabilities in {% data variables.product.product_location %} and manually sync vulnerability data from {% data variables.product.prodname_dotcom_the_website %} to update the list.
{% data reusables.enterprise_site_admin_settings.access-settings %}
2. In the left sidebar, click **Vulnerabilities**.
![Vulnerabilities tab in the site admin sidebar](/assets/images/enterprise/business-accounts/vulnerabilities-tab.png)
3. To sync vulnerability data, click **Sync Vulnerabilities now**.
![Sync vulnerabilities now button](/assets/images/enterprise/site-admin-settings/sync-vulnerabilities-button.png)

2
content/admin/configuration/managing-connections-between-your-enterprise-accounts/index.md
View File

@@ -18,7 +18,7 @@ children:
- /connecting-your-enterprise-account-to-github-enterprise-cloud
- /enabling-unified-search-between-your-enterprise-account-and-githubcom
- /enabling-unified-contributions-between-your-enterprise-account-and-githubcom
- /enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account
- /enabling-automatic-user-license-sync-between-github-enterprise-server-and-github-enterprise-cloud
shortTitle: Connect enterprise accounts
---

29
content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md
View File

@@ -8,6 +8,7 @@ versions:
fpt: '*'
ghes: '>=3.0'
ghae: '*'
miniTocMaxHeadingLevel: 3
redirect_from:
- /github/managing-security-vulnerabilities/managing-alerts-from-automated-code-scanning
- /github/finding-security-vulnerabilities-and-errors-in-your-code/managing-alerts-from-code-scanning
@@ -58,6 +59,25 @@ To calculate the security severity of an alert, we use Common Vulnerability Scor
By default, any code scanning results with a security severity of `Critical` or `High` will cause a check failure. You can specify which security severity level for code scanning results should cause a check failure. For more information, see "[Defining the severities causing pull request check failure](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)."{% endif %}
### About labels for alerts that are not found in application code
{% data variables.product.product_name %} assigns a category label to alerts that are not found in application code. The label relates to the location of the alert.
- **Generated**: Code generated by the build process
- **Test**: Test code
- **Library**: Library or third-party code
- **Documentation**: Documentation
{% data variables.product.prodname_code_scanning_capc %} categorizes files by file path. You cannot manually categorize source files.
Here is an example from the {% data variables.product.prodname_code_scanning %} alert list of an alert marked as occuring in library code.
![Code scanning library alert in list](/assets/images/help/repository/code-scanning-library-alert-index.png)
On the alert page, you can see that the filepath is marked as library code (`Library` label).
![Code scanning library alert details](/assets/images/help/repository/code-scanning-library-alert-show.png)
## Viewing the alerts for a repository
Anyone with read permission for a repository can see {% data variables.product.prodname_code_scanning %} annotations on pull requests. For more information, see "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests)."
@@ -112,14 +132,7 @@ If you enter multiple filters, the view will show alerts matching _all_ these fi
### Restricting results to application code only
You can use the "Only alerts in application code" filter or `autofilter:true` keyword and value to restrict results to alerts in application code. Application code excludes the following.
- Code generated by the build process
- Test code
- Library or third-party code
- Documentation
{% data variables.product.prodname_code_scanning_capc %} categorizes files by file path. At this time, you cannot manually categorize source files.
You can use the "Only alerts in application code" filter or `autofilter:true` keyword and value to restrict results to alerts in application code. See "[About labels for alerts not in application code](#about-labels-for-alerts-that-are-not-found-in-application-code)" above for more information about the types of code that are not application code.
{% ifversion fpt or ghes > 3.1 %}

11
content/code-security/getting-started/github-security-features.md
View File

@@ -19,9 +19,9 @@ topics:
The {% data variables.product.prodname_advisory_database %} contains a curated list of security vulnerabilities that you can view, search, and filter. {% data reusables.security-advisory.link-browsing-advisory-db %}
{% ifversion fpt or ghes > 2.22 %}
{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
## Available for all repositories
{% endif %}
{% ifversion fpt or ghes > 3.0 or ghae-next %}
### Security policy
@@ -39,9 +39,11 @@ View alerts about dependencies that are known to contain security vulnerabilitie
and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
{% endif %}
{% ifversion ghes > 2.22 %}
{% ifversion ghes > 2.22 or ghae-issue-4864 %}
### {% data variables.product.prodname_dependabot_alerts %}
{% data reusables.dependabot.dependabot-alerts-beta %}
View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
{% endif %}
@@ -51,6 +53,7 @@ View alerts about dependencies that are known to contain security vulnerabilitie
Use {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. This helps reduce your exposure to older versions of dependencies. Using newer versions makes it easier to apply patches if security vulnerabilities are discovered, and also makes it easier for {% data variables.product.prodname_dependabot_security_updates %} to successfully raise pull requests to upgrade vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)."
{% endif %}
{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
### Dependency graph
The dependency graph allows you to explore the ecosystems and packages that your repository depends on and the repositories and packages that depend on your repository.
@@ -75,7 +78,7 @@ Automatically detect security vulnerabilities and coding errors in new or modifi
{% endif %}
{% ifversion fpt or ghes > 3.1 %}
{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %}
### Dependency review
Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)."

24
content/code-security/getting-started/securing-your-organization.md
View File

@@ -32,26 +32,32 @@ You can create a default security policy that will display in any of your organi
{% endif %}
{% ifversion fpt or ghes > 2.22 %}
{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
## Managing {% data variables.product.prodname_dependabot_alerts %} and the dependency graph
By default, {% data variables.product.prodname_dotcom %} detects vulnerabilities in public repositories and generates {% data variables.product.prodname_dependabot_alerts %} and a dependency graph. You can enable or disable {% data variables.product.prodname_dependabot_alerts %} and the dependency graph for all repositories owned by your organization.
{% ifversion fpt %}By default, {% data variables.product.prodname_dotcom %} detects vulnerabilities in public repositories and generates {% data variables.product.prodname_dependabot_alerts %} and a dependency graph. You can enable or disable {% data variables.product.prodname_dependabot_alerts %} and the dependency graph for all private repositories owned by your organization.
1. Click your profile photo, then click **Organizations**.
2. Click **Settings** next to your organization.
3. Click **Security & analysis**.
4. Click **Enable all** or **Disable all** next to the feature that you want to manage.
5. Optionally, select **Automatically enable for new repositories**.
For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
{% endif %}
{% ifversion fpt or ghes > 3.1 %}
{% data reusables.dependabot.dependabot-alerts-beta %}
{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %}
For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
{% endif %}
{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %}
## Managing dependency review
Dependency review lets you visualize dependency changes in pull requests before they are merged into your repositories. Dependency review is available in all public repositories and in repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license that have the dependency graph enabled. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."
Dependency review lets you visualize dependency changes in pull requests before they are merged into your repositories.
{% ifversion fpt %}Dependency review is available in all public repositories. For private and internal repositories you require a license for {% data variables.product.prodname_advanced_security %}. To enable dependency review for an organization, enable the dependency graph and enable {% data variables.product.prodname_advanced_security %}.
{% elsif ghes or ghae %}Dependency review is available when dependency graph is enabled for {% data variables.product.product_location %} and you enable {% data variables.product.prodname_advanced_security %} for the organization (see below).{% endif %}
For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."
{% endif %}
@@ -79,7 +85,11 @@ To enable {% data variables.product.prodname_dependabot_version_updates %}, you
{% ifversion fpt or ghes > 2.22 or ghae %}
## Managing {% data variables.product.prodname_GH_advanced_security %}
{% ifversion fpt or ghes > 2.22 %}
If your organization has an {% data variables.product.prodname_advanced_security %} license, you can enable or disable {% data variables.product.prodname_advanced_security %} features.
{% elsif ghae %}
You can enable or disable {% data variables.product.prodname_advanced_security %} features.
{% endif %}
1. Click your profile photo, then click **Organizations**.
2. Click **Settings** next to your organization.

23
content/code-security/getting-started/securing-your-repository.md
View File

@@ -46,36 +46,47 @@ For more information, see "[Adding a security policy to your repository](/code-s
{% endif %}
{% ifversion fpt or ghes > 2.22 %}
{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
## Managing the dependency graph
Once you have [enabled the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph), it is automatically generated for {% ifversion fpt or ghes > 2.22 %} all public repositories, and you can choose to enable it for private repositories.{% else %} all repositories.{% endif %}
{% ifversion fpt %}
Once you have [enabled the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph), it is automatically generated for all public repositories, and you can choose to enable it for private repositories.
1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %} Settings**.
2. Click **Security & analysis**.
3. Next to Dependency graph, click **Enable** or **Disable**.
{% endif %}
{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %}
For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)."
{% endif %}
{% ifversion fpt or ghes > 2.22 %}
{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
## Managing {% data variables.product.prodname_dependabot_alerts %}
By default, {% data variables.product.prodname_dotcom %} detects vulnerabilities in public repositories and generates {% data variables.product.prodname_dependabot_alerts %}. {% data variables.product.prodname_dependabot_alerts %} can also be enabled for private repositories.
{% ifversion fpt %}By default, {% data variables.product.prodname_dotcom %} detects vulnerabilities in public repositories and generates {% data variables.product.prodname_dependabot_alerts %}. {% data variables.product.prodname_dependabot_alerts %} can also be enabled for private repositories.
1. Click your profile photo, then click **Settings**.
2. Click **Security & analysis**.
3. Click **Enable all** next to {% data variables.product.prodname_dependabot_alerts %}.
{% endif %}
{% data reusables.dependabot.dependabot-alerts-beta %}
{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %}
For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}."
{% endif %}
{% ifversion fpt or ghes > 3.1 %}
{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %}
## Managing dependency review
Dependency review lets you visualize dependency changes in pull requests before they are merged into your repository. Dependency review is available in all public repositories and in repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license that have the dependency graph enabled. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."
Dependency review lets you visualize dependency changes in pull requests before they are merged into your repositories.
{%- ifversion fpt %}Dependency review is available in all public repositories. For private and internal repositories you require a license for {% data variables.product.prodname_advanced_security %}. To enable dependency review for a repository, enable the dependency graph and enable {% data variables.product.prodname_advanced_security %}.
{%- elsif ghes or ghae %}Dependency review is available when dependency graph is enabled for {% data variables.product.product_location %} and you enable {% data variables.product.prodname_advanced_security %} for the repository (see below).{% endif %}
For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."
{% endif %}

1
content/code-security/supply-chain-security/index.md
View File

@@ -8,6 +8,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
topics:
- Dependabot
- Dependencies

7
content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md
View File

@@ -9,6 +9,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
type: overview
topics:
- Dependabot
@@ -29,11 +30,13 @@ When your code depends on a package that has a security vulnerability, this vuln
## Detection of vulnerable dependencies
{% data reusables.dependabot.dependabot-alerts-beta %}
{% data variables.product.prodname_dependabot %} detects vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %} when:
{% ifversion fpt %}
- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)" and "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)."{% else %}
- New advisory data is synchronized to {% data variables.product.prodname_ghe_server %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %}
- New advisory data is synchronized to {% data variables.product.product_location %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %}
- The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on{% ifversion fpt %}, or when the code of one of the dependencies changes{% endif %}. For more information, see "[About the dependency graph](/code-security/supply-chain-security/about-the-dependency-graph)."
{% data reusables.repositories.dependency-review %}
@@ -59,7 +62,7 @@ For information about permission requirements for actions related to {% data var
{% data variables.product.product_name %} starts generating the dependency graph immediately and generates alerts for any vulnerable dependencies as soon as they are identified. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. For more information, see "[Managing data use settings for your private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository)."
{% endif %}
When {% data variables.product.product_name %} identifies a vulnerable dependency, we generate a {% data variables.product.prodname_dependabot %} alert and display it on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of affected repositories about the new alert according to their notification preferences. For more information, see "[Configuring notifications for vulnerable dependencies](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)."
When {% data variables.product.product_name %} identifies a vulnerable dependency, we generate a {% data variables.product.prodname_dependabot %} alert and display it on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} may also notify the maintainers of affected repositories about the new alert according to their notification preferences. For more information, see "[Configuring notifications for vulnerable dependencies](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)."
{% ifversion fpt %}
For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, the alert may also contain a link to a pull request to update the manifest or lock file to the minimum version that resolves the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."

10
content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md
View File

@@ -1,12 +1,13 @@
---
title: About managing vulnerable dependencies
intro: '{% data variables.product.prodname_dotcom %} helps you to avoid using third-party software that contains known vulnerabilities.'
intro: '{% data variables.product.product_name %} helps you to avoid using third-party software that contains known vulnerabilities.'
redirect_from:
- /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies
- /code-security/supply-chain-security/about-managing-vulnerable-dependencies
versions:
fpt: '*'
ghes: '>=3.2'
ghae: "issue-4864"
type: overview
topics:
- Dependabot
@@ -20,7 +21,7 @@ shortTitle: Vulnerable dependencies
---
<!--Marketing-LINK: From /features/security/software-supply-chain page "Managing vulnerabilities in your projects dependencies ".-->
{% data variables.product.prodname_dotcom %} provides the following tools for removing and avoiding vulnerable dependencies.
{% data variables.product.product_name %} provides the following tools for removing and avoiding vulnerable dependencies.
## Dependency graph
The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). The information in the dependency graph is used by dependency review and {% data variables.product.prodname_dependabot %}.
@@ -33,13 +34,12 @@ For more information, see "[About the dependency graph](/github/visualizing-repo
By checking the dependency reviews on pull requests you can avoid introducing vulnerabilities from dependencies into your codebase. If the pull requests adds a vulnerable dependency, or changes a dependency to a vulnerable version, this is highlighted in the dependency review. You can change the dependency to a patched version before merging the pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)."
## {% data variables.product.prodname_dependabot_alerts %}
{% data variables.product.prodname_dotcom %} can create {% data variables.product.prodname_dependabot_alerts %} when it detects vulnerable dependencies in your repository. The alert is displayed on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.prodname_dotcom %} also notifies the maintainers of the repository, according to their notification preferences. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
{% data variables.product.product_name %}} can create {% data variables.product.prodname_dependabot_alerts %} when it detects vulnerable dependencies in your repository. The alert is displayed on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of the repository, according to their notification preferences. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
{% ifversion fpt %}
## {% data variables.product.prodname_dependabot_security_updates %}
When {% data variables.product.prodname_dotcom %} generates a {% data variables.product.prodname_dependabot %} alert for a vulnerable dependency in your repository, {% data variables.product.prodname_dependabot %} can automatically try to fix it for you. {% data variables.product.prodname_dependabot_security_updates %} are automatically generated pull requests that update a vulnerable dependency to a fixed version. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
When {% data variables.product.product_name %} generates a {% data variables.product.prodname_dependabot %} alert for a vulnerable dependency in your repository, {% data variables.product.prodname_dependabot %} can automatically try to fix it for you. {% data variables.product.prodname_dependabot_security_updates %} are automatically generated pull requests that update a vulnerable dependency to a fixed version. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
## {% data variables.product.prodname_dependabot_version_updates %}
Enabling {% data variables.product.prodname_dependabot_version_updates %} takes the effort out of maintaining your dependencies. With {% data variables.product.prodname_dependabot_version_updates %}, whenever {% data variables.product.prodname_dotcom %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. By contrast, {% data variables.product.prodname_dependabot_security_updates %} only raises pull requests to fix vulnerable dependencies. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates)."
{% endif %}

8
content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md
View File

@@ -8,6 +8,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
type: how_to
topics:
- Dependabot
@@ -27,10 +28,11 @@ When {% data variables.product.prodname_dependabot %} detects vulnerable depende
{% ifversion fpt %}If you're an organization owner, you can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories in your organization with one click. You can also set whether the detection of vulnerable dependencies will be enabled or disabled for newly-created repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-new-repositories-when-they-are-added)."
{% endif %}
{% ifversion ghes %}
By default, if your site administrator has configured email for notifications on your enterprise, you will receive {% data variables.product.prodname_dependabot_alerts %} by email.{% endif %}
{% ifversion ghes or ghae-issue-4864 %}
By default, if your enterprise owner has configured email for notifications on your enterprise, you will receive {% data variables.product.prodname_dependabot_alerts %} by email.
{% ifversion ghes %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server#enabling-dependabot-alerts)."{% endif %}
Enterprise owners can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."
{% endif %}
## Configuring notifications for {% data variables.product.prodname_dependabot_alerts %}

1
content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md
View File

@@ -10,6 +10,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
topics:
- Repositories
- Dependabot

3
content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md
View File

@@ -8,6 +8,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
type: how_to
topics:
- Dependabot
@@ -33,7 +34,7 @@ The results of dependency detection reported by {% data variables.product.produc
* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
* {% ifversion fpt %}{% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)."
{% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes > 2.22 %} and synchronized to {% data variables.product.prodname_ghe_server %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)."
{% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes > 2.22 or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)."
## Why don't I get vulnerability alerts for some ecosystems?

11
content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md
View File

@@ -6,10 +6,11 @@ redirect_from:
- /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository
- /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository
permissions: Repository administrators and organization owners can view and update dependencies.
shortTitle: Fix vulnerable dependencies
shortTitle: View vulnerable dependencies
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
type: how_to
topics:
- Dependabot
@@ -19,7 +20,7 @@ topics:
- Pull requests
- Repositories
---
Your repository's {% data variables.product.prodname_dependabot %} alerts tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can sort the list of alerts using the drop-down menu, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
Your repository's {% data variables.product.prodname_dependabot %} alerts tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can sort the list of alerts by selecting the drop-down menu, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
{% ifversion fpt %}
You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
@@ -43,17 +44,17 @@ You can enable automatic security updates for any repository that uses {% data v
1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**.
![Create {% data variables.product.prodname_dependabot %} security update button](/assets/images/help/repository/create-dependabot-security-update-button.png)
1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)."
1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, use the "Dismiss" drop-down, and click a reason for dismissing the alert.
1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" drop-down, and click a reason for dismissing the alert.
![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/help/repository/dependabot-alert-dismiss-drop-down.png)
{% elsif ghes > 3.0 %}
{% elsif ghes > 3.0 or ghae-issue-4864 %}
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-security %}
{% data reusables.repositories.sidebar-dependabot-alerts %}
1. Click the alert you'd like to view.
![Alert selected in list of alerts](/assets/images/enterprise/graphs/click-alert-in-alerts-list.png)
1. Review the details of the vulnerability and determine whether or not you need to update the dependency.
1. When you merge a pull request that updates the manifest or lock file to a secure version of the dependency, this will resolve the alert. Alternatively, if you decide not to update the dependency, click the **Dismiss** drop-down, and select a reason for dismissing the alert.
1. When you merge a pull request that updates the manifest or lock file to a secure version of the dependency, this will resolve the alert. Alternatively, if you decide not to update the dependency, select the **Dismiss** drop-down, and click a reason for dismissing the alert.
![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/enterprise/repository/dependabot-alert-dismiss-drop-down.png)
{% else %}

7
content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
View File

@@ -6,6 +6,7 @@ shortTitle: Dependency review
versions:
fpt: '*'
ghes: '>= 3.2'
ghae: "issue-4864"
type: overview
topics:
- Advanced Security
@@ -25,10 +26,14 @@ redirect_from:
If a pull request targets your repository's default branch and contains changes to package manifests or lock files, you can display a dependency review to see what has changed. The dependency review includes details of changes to indirect dependencies in lock files, and it tells you if any of the added or updated dependencies contain known vulnerabilities.
{% ifversion fpt %}
Dependency review is available in:
* All public repositories.
* Private repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license that have the dependency graph enabled. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)."
{% elsif ghes or ghae %}
Dependency review is available when dependency graph is enabled for {% data variables.product.product_location %} and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository.
{% endif %}
Sometimes you might just want to update the version of one dependency in a manifest and generate a pull request. However, if the updated version of this direct dependency also has updated dependencies, your pull request may have more changes than you expected. The dependency review for each manifest and lock file provides an easy way to see what has changed, and whether any of the new dependency versions contain known vulnerabilities.
@@ -40,4 +45,4 @@ Dependency review supports the same languages and package management ecosystems
## Enabling dependency review
The dependency review feature becomes available when you enable the dependency graph. {% ifversion fpt %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes > 3.1 %}For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
The dependency review feature becomes available when you enable the dependency graph. {% ifversion fpt %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes or ghae %}For more information, see "[Enabling the dependency graph and Dependabot alerts on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %}

13
content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
View File

@@ -7,6 +7,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
type: overview
topics:
- Dependency graph
@@ -19,18 +20,20 @@ shortTitle: Dependency graph
## Dependency graph availability
The dependency graph is available for every{% ifversion fpt %} public{% endif %} repository that defines dependencies in a supported package ecosystem using a supported file format.{% ifversion fpt %} Repository administrators can also set up the dependency graph for private repositories.{% endif %}
{% ifversion fpt %}The dependency graph is available for every public repository that defines dependencies in a supported package ecosystem using a supported file format. Repository administrators can also set up the dependency graph for private repositories.{% endif %}
{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %}
## About the dependency graph
The dependency graph is a summary of the manifest and lock files stored in a repository. For each repository, it shows{% ifversion fpt %}:
- Dependencies, the ecosystems and packages it depends on
- Dependents, the repositories and packages that depend on it{% else %} dependencies, that is, the ecosystems and packages it depends on. {% data variables.product.prodname_ghe_server %} does not calculate information about dependents, the repositories and packages that depend on a repository.{% endif %}
- Dependents, the repositories and packages that depend on it{% else %} dependencies, that is, the ecosystems and packages it depends on. {% data variables.product.product_name %} does not calculate information about dependents, the repositories and packages that depend on a repository.{% endif %}
When you push a commit to {% data variables.product.product_name %} that changes or adds a supported manifest or lock file to the default branch, the dependency graph is automatically updated.{% ifversion fpt %} In addition, the graph is updated when anyone pushes a change to the repository of one of your dependencies.{% endif %} For information on the supported ecosystems and manifest files, see "[Supported package ecosystems](#supported-package-ecosystems)" below.
{% ifversion fpt or ghes > 3.1 %}
{% ifversion fpt or ghes > 3.1 or ghae %}
When you create a pull request containing changes to dependencies that targets the default branch, {% data variables.product.prodname_dotcom %} uses the dependency graph to add dependency reviews to the pull request. These indicate whether the dependencies contain vulnerabilities and, if so, the version of the dependency in which the vulnerability was fixed. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)."
{% endif %}
@@ -61,7 +64,7 @@ You can use the dependency graph to:
{% ifversion fpt %}To generate a dependency graph, {% data variables.product.product_name %} needs read-only access to the dependency manifest and lock files for a repository. The dependency graph is automatically generated for all public repositories and you can choose to enable it for private repositories. For information about enabling or disabling it for private repositories, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)."{% endif %}
{% ifversion ghes %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
{% ifversion ghes or ghae %}If the dependency graph is not available in your system, your enterprise owner can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %}
When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository{% ifversion fpt %} and every push to other repositories in the graph{% endif %}.
@@ -73,7 +76,7 @@ The recommended formats explicitly define which versions are used for all direct
| --- | --- | --- | ---|
| Composer | PHP | `composer.lock` | `composer.json`, `composer.lock` |
| `dotnet` CLI | .NET languages (C#, C++, F#, VB) | `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj` | `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj`, `packages.config` |
{%- ifversion fpt or ghes > 3.2 %}
{%- ifversion fpt or ghes > 3.2 or ghae %}
| Go modules | Go | `go.sum` | `go.mod`, `go.sum` |
{%- elsif ghes = 3.2 %}
| Go modules | Go | `go.mod` | `go.mod` |

11
content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md
View File

@@ -12,6 +12,7 @@ redirect_from:
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
type: how_to
topics:
- Dependency graph
@@ -23,8 +24,6 @@ shortTitle: Explore dependencies
## Viewing the dependency graph
{% data reusables.repositories.enable-security-alerts %}
The dependency graph shows the dependencies{% ifversion fpt %} and dependents{% endif %} of your repository. For information about the detection of dependencies and which ecosystems are supported, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
{% data reusables.repositories.navigate-to-repo %}
@@ -33,6 +32,10 @@ The dependency graph shows the dependencies{% ifversion fpt %} and dependents{%
4. Optionally, under "Dependency graph", click **Dependents**.
![Dependents tab on the dependency graph page](/assets/images/help/graphs/dependency-graph-dependents-tab.png){% endif %}
{% ifversion ghes or ghae-issue-4864 %}
Enterprise owners can configure the dependency graph at an enterprise level. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."
{% endif %}
### Dependencies view
{% ifversion fpt %}
@@ -44,14 +47,14 @@ If vulnerabilities have been detected in the repository, these are shown at the
{% endif %}
{% ifversion ghes %}
{% ifversion ghes or ghae %}
Any direct and indirect dependencies that are specified in the repository's manifest or lock files are listed, grouped by ecosystem. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to {% data variables.product.prodname_dependabot_alerts %}.
![Dependencies graph](/assets/images/help/graphs/dependencies_graph_server.png)
{% note %}
**Note:** {% data variables.product.prodname_ghe_server %} does not populate the **Dependents** view.
**Note:** {% data variables.product.product_name %} does not populate the **Dependents** view.
{% endnote %}

1
content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md
View File

@@ -3,6 +3,7 @@ title: Understanding your software supply chain
versions:
fpt: '*'
ghes: '>=3.0'
ghae: "issue-4864"
topics:
- Dependency graph
- Dependencies

2
content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md
View File

@@ -17,7 +17,7 @@ redirect_from:
- /codespaces/working-with-your-codespace/managing-access-and-security-for-codespaces
---
By default, a codespace can only access the repository where it was created. When you enable access and security for a repository owned by your organization, any codespaces that are created for that repository will also have read and write permissions to all other repositories the organization owns and the codespace creator has permissions to access. If you want to restrict the repositories a codespace can access, you can limit to it to either the repository where the codespace was created, or to specific repositories. You should only enable access and security for repositories you trust.
By default, a codespace can only access the repository where it was created. When you enable access and security for a repository owned by your organization, any codespaces that are created for that repository will also have read and write permissions to all other repositories the organization owns and the codespace creator has permissions to access. If you want to restrict the repositories a codespace can access, you can limit it to either the repository where the codespace was created, or to specific repositories. You should only enable access and security for repositories you trust.
To manage which users in your organization can use {% data variables.product.prodname_codespaces %}, see "[Managing user permissions for your organization](/codespaces/managing-codespaces-for-your-organization/managing-user-permissions-for-your-organization)."

2
content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md
View File

@@ -97,7 +97,7 @@ Permission | Description
[`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Grants access to the [Contents API](/rest/reference/repos#contents). Can be one of: `none`, `read`, or `write`.
[`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Grants access to the [Starring API](/rest/reference/activity#starring). Can be one of: `none`, `read`, or `write`.
[`statuses`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Grants access to the [Statuses API](/rest/reference/repos#statuses). Can be one of: `none`, `read`, or `write`.
[`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Grants access to the [Team Discussions API](/rest/reference/teams#discussions) and the [Team Discussion Comments API](/rest/reference/teams#discussion-comments). Can be one of: `none`, `read`, or `write`.{% ifversion fpt or ghes %}
[`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Grants access to the [Team Discussions API](/rest/reference/teams#discussions) and the [Team Discussion Comments API](/rest/reference/teams#discussion-comments). Can be one of: `none`, `read`, or `write`.{% ifversion fpt or ghes or ghae-issue-4864 %}
`vulnerability_alerts`| Grants access to receive security alerts for vulnerable dependencies in a repository. See "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" to learn more. Can be one of: `none` or `read`.{% endif %}
`watching` | Grants access to list and change repositories a user is subscribed to. Can be one of: `none`, `read`, or `write`.

2
content/get-started/using-git/pushing-commits-to-a-remote-repository.md
View File

@@ -112,7 +112,7 @@ For more information on working with forks, see "[Syncing a fork](/articles/sync
## Further reading
- [The "Remotes" chapter from the "Pro Git" book](https://git-scm.com/book/ch5-2.html)
- [`git remote` man page](https://git-scm.com/docs/git-remote.html)
- [`git remote` main page](https://git-scm.com/docs/git-remote.html)
- "[Git cheatsheet](/articles/git-cheatsheet)"
- "[Git workflows](/github/getting-started-with-github/git-workflows)"
- "[Git Handbook](https://guides.github.com/introduction/git-handbook/)"

1
content/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md
View File

@@ -5,6 +5,7 @@ product: '{% data reusables.gated-features.dependency-review %}'
versions:
fpt: '*'
ghes: '>= 3.2'
ghae: "issue-4864"
type: how_to
topics:
- Pull requests

2
content/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md
View File

@@ -18,7 +18,7 @@ redirect_from:
{% ifversion ghes %}
By default, if your site administrator has configured email for notifications on your enterprise, you will receive {% ifversion ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} by email.{% endif %}
{% ifversion ghes %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
{% ifversion ghes %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %}
## Configuring notifications for {% ifversion ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %}

2
content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md
View File

@@ -3,8 +3,6 @@ title: Customizing your organization's profile
intro: You can share information about your organization by customizing your organization's profile
versions:
fpt: '*'
ghes: '*'
ghae: '*'
topics:
- Organizations
shortTitle: Customize organization profile

6
content/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization.md
View File

@@ -34,7 +34,7 @@ The page that's displayed allows you to enable or disable all security and analy
{% ifversion ghes > 3.0 %}If you have a license for {% data variables.product.prodname_GH_advanced_security %}, the page will also contain options to enable and disable {% data variables.product.prodname_advanced_security %} features. Any repositories that use {% data variables.product.prodname_GH_advanced_security %} are listed at the bottom of the page.{% endif %}
{% ifversion ghae %}The page will also contain options to enable and disable {% data variables.product.prodname_advanced_security %} features.{% endif %}
{% ifversion ghae %}The page will also contain options to enable and disable {% data variables.product.prodname_advanced_security %} features. Any repositories that use {% data variables.product.prodname_GH_advanced_security %} are listed at the bottom of the page.{% endif %}
## Enabling or disabling a feature for all existing repositories
@@ -91,10 +91,10 @@ You can enable or disable features for all repositories. {% ifversion fpt %}The
1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)."
2. Under "Configure security and analysis features", to the right of the feature, enable or disable the feature by default for new repositories{% ifversion fpt %}, or all new private repositories,{% endif %} in your organization.
{% ifversion fpt or ghes > 3.1 %}
{% ifversion fpt %}
![Checkbox for enabling or disabling a feature for new repositories](/assets/images/help/organizations/security-and-analysis-enable-or-disable-feature-checkbox-dotcom.png)
{% endif %}
{% ifversion ghes = 3.1 %}
{% ifversion ghes > 3.0 %}
![Checkbox for enabling or disabling a feature for new repositories](/assets/images/enterprise/3.1/help/organizations/security-and-analysis-enable-or-disable-feature-checkbox.png)
{% endif %}
{% ifversion ghes = 3.0 %}

8
content/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization.md
View File

@@ -66,9 +66,9 @@ To search for specific events, use the `action` qualifier in your query. Actions
| [`protected_branch`](#protected_branch-category-actions) | Contains all activities related to protected branches.
| [`repo`](#repo-category-actions) | Contains activities related to the repositories owned by your organization.{% ifversion fpt %}
| [`repository_advisory`](#repository_advisory-category-actions) | Contains repository-level activities related to security advisories in the {% data variables.product.prodname_advisory_database %}. For more information, see "[About {% data variables.product.prodname_dotcom %} Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
| [`repository_content_analysis`](#repository_content_analysis-category-actions) | Contains all activities related to [enabling or disabling data use for a private repository](/articles/about-github-s-use-of-your-data).{% endif %}{% ifversion not ghae %}
| [`repository_content_analysis`](#repository_content_analysis-category-actions) | Contains all activities related to [enabling or disabling data use for a private repository](/articles/about-github-s-use-of-your-data).{% endif %}{% ifversion fpt %}
| [`repository_dependency_graph`](#repository_dependency_graph-category-actions) | Contains repository-level activities related to enabling or disabling the dependency graph for a {% ifversion fpt %}private {% endif %}repository. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."{% endif %}{% ifversion fpt or ghes > 2.22 or ghae %}
| [`repository_secret_scanning`](#repository_secret_scanning-category-actions) | Contains repository-level activities related to secret scanning. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)." {% endif %}{% ifversion not ghae %}
| [`repository_secret_scanning`](#repository_secret_scanning-category-actions) | Contains repository-level activities related to secret scanning. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)." {% endif %}{% ifversion fpt or ghes or ghae-issue-4864 %}
| [`repository_vulnerability_alert`](#repository_vulnerability_alert-category-actions) | Contains all activities related to [{% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies).{% endif %}{% ifversion fpt %}
| [`repository_vulnerability_alerts`](#repository_vulnerability_alerts-category-actions) | Contains repository-level configuration activities for {% data variables.product.prodname_dependabot %} alerts. {% endif %}{% ifversion fpt or ghes > 2.22 or ghae %}
| [`secret_scanning`](#secret_scanning-category-actions) | Contains organization-level configuration activities for secret scanning in existing repositories. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)."
@@ -636,7 +636,7 @@ For more information, see "[Managing the publication of {% data variables.produc
| `enable` | Triggered when an organization owner or person with admin access to the repository [enables data use settings for a private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository).
| `disable` | Triggered when an organization owner or person with admin access to the repository [disables data use settings for a private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository).
{% endif %}{% ifversion not ghae %}
{% endif %}{% ifversion fpt %}
### `repository_dependency_graph` category actions
@@ -653,7 +653,7 @@ For more information, see "[Managing the publication of {% data variables.produc
| `disable` | Triggered when a repository owner or person with admin access to the repository disables secret scanning for a {% ifversion fpt %}private {% endif %}repository. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)."
| `enable` | Triggered when a repository owner or person with admin access to the repository enables secret scanning for a {% ifversion fpt %}private {% endif %}repository.
{% endif %}{% ifversion not ghae %}
{% endif %}{% ifversion fpt or ghes or ghae-issue-4864 %}
### `repository_vulnerability_alert` category actions
| Action | Description

16
content/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization.md
View File

@@ -141,20 +141,20 @@ Some of the features listed below are limited to organizations using {% data var
In this section, you can find the repository permission levels required for security features, such as {% data variables.product.prodname_advanced_security %} features.
| Repository action | Read | Triage | Write | Maintain | Admin |
|:---|:---:|:---:|:---:|:---:|:---:| {% ifversion fpt or ghes > 2.22 %}
|:---|:---:|:---:|:---:|:---:|:---:| {% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
| Receive [{% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies) in a repository | | | | | **X** |
| [Dismiss {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository) | | | | | **X** |
| [Designate additional people or teams to receive {% data variables.product.prodname_dependabot_alerts %}](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) for vulnerable dependencies | | | | | **X** |{% endif %}{% ifversion fpt %}
| [Designate additional people or teams to receive security alerts](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) | | | | | **X** |{% endif %}{% ifversion fpt %}
| Create [security advisories](/code-security/security-advisories/about-github-security-advisories) | | | | | **X** |{% endif %}{% ifversion fpt or ghes > 2.22 or ghae %}
| Manage access to {% data variables.product.prodname_GH_advanced_security %} features (see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)") | | | | | **X** |{% endif %}{% ifversion fpt %}<!--Set at site-level for GHES-->
| [Enable the dependency graph](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository) for a private repository | | | | | **X** |{% endif %}{% ifversion fpt or ghes > 3.1 %}
| Manage access to {% data variables.product.prodname_GH_advanced_security %} features (see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)") | | | | | **X** |{% endif %}{% ifversion fpt %}<!--Set at site-level for GHES and GHAE-->
| [Enable the dependency graph](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository) for a private repository | | | | | **X** |{% endif %}{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %}
| [View dependency reviews](/code-security/supply-chain-security/about-dependency-review) | **X** | **X** | **X** | **X** | **X** |{% endif %}
| [View {% data variables.product.prodname_code_scanning %} alerts on pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests) | **X** | **X** | **X** | **X** | **X** |
| [List, dismiss, and delete {% data variables.product.prodname_code_scanning %} alerts](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository) | | | **X** | **X** | **X** |{% ifversion fpt or ghes > 3.0 or ghae-next %}
| [View {% data variables.product.prodname_secret_scanning %} alerts in a repository](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **X**<sup>[1]</sup> | **X**<sup>[1]</sup> | **X** |
| [Resolve, revoke, or re-open {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **X**<sup>[1]</sup> | **X**<sup>[1]</sup> | **X** |{% endif %}{% ifversion ghes = 3.0 %}
| [List, dismiss, and delete {% data variables.product.prodname_code_scanning %} alerts](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository) | | | **X** | **X** | **X** |{% ifversion fpt or ghes > 3.0 or ghae %}
| [View {% data variables.product.prodname_secret_scanning %} alerts in a repository](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **X**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **X**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **X** |
| [Resolve, revoke, or re-open {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | **X**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **X**{% ifversion not ghae %}<sup>[1]</sup>{% endif %} | **X** |{% endif %}{% ifversion ghes = 3.0 %}
| [View {% data variables.product.prodname_secret_scanning %} alerts in a repository](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | | | **X** |
| [Resolve, revoke, or re-open {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | | | **X** |{% endif %}{% ifversion fpt or ghes > 2.22 %}
| [Resolve, revoke, or re-open {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-alerts-from-secret-scanning) | | | | | **X** |{% endif %}{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
| [Designate additional people or teams to receive {% data variables.product.prodname_secret_scanning %} alerts](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) in repositories | | | | | **X** |{% endif %}
{% ifversion fpt or ghes > 3.0 or ghae-next %}

2
content/repositories/viewing-activity-and-data-for-your-repository/about-the-dependency-graph.md
View File

@@ -42,7 +42,7 @@ You can use the dependency graph to:
## Enabling the dependency graph
{% ifversion ghes %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
{% ifversion ghes %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %}
When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository.

6
content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md
View File

@@ -1,6 +1,7 @@
---
title: Understanding connections between repositories
intro: "You can better understand the connections that exist between repositories by viewing a repository's network and forks and the projects that depend on the repository."
product: '{% data reusables.gated-features.repository-insights %}'
redirect_from:
- /articles/viewing-a-repository-s-network
- /articles/viewing-a-repositorys-network
@@ -24,8 +25,7 @@ shortTitle: Connections between repositories
## Viewing a repository's network
'The network graph displays the branch history of the entire repository network, including branches of the root repository and branches of forks that contain commits unique to the network.'
product: '{% data reusables.gated-features.repository-insights %}'
The network graph displays the branch history of the entire repository network, including branches of the root repository and branches of forks that contain commits unique to the network.
![Repository network graph](/assets/images/help/graphs/repo_network_graph.png)
@@ -65,7 +65,7 @@ Forks are listed alphabetically by the username of the person who forked the rep
3. In the left sidebar, click **Forks**.
![Forks tab](/assets/images/help/graphs/graphs-sidebar-forks-tab.png)
{% ifversion fpt or ghes > 2.22 %}
{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %}
## Viewing the dependencies of a repository
You can use the dependency graph to explore the code your repository depends on.

2
contributing/content-style-guide.md
View File

@@ -4,7 +4,7 @@ Welcome to the content style guide for [GitHub Docs](https://docs.github.com/).
These guidelines are specific to GitHubs documentation. For general style questions or guidance on topics not covered here, see the [GitHub Brand Guide](https://brand.github.com/content/) first, then the [Microsoft Style Guide](https://docs.microsoft.com/style-guide/welcome/). For markup specific to source content on docs.github.com, see our [markup reference guide](content-markup-reference.md).
Use table of contents icon <img src="../assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of the this document to get to a specific section of this guide quickly.
Use table of contents icon <img src="../assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of this document to get to a specific section of this guide quickly.
## The GitHub Docs approach to style

25
data/release-notes/enterprise-server/3-0/17.yml Normal file
View File

@@ -0,0 +1,25 @@
date: '2021-10-12'
sections:
security_fixes:
- 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/27034, https://github.com/github/enterprise2/pull/27010 {% endcomment %}'
bugs:
- 'Custom pre-receive hooks could have failed due to too restrictive virtual memory or CPU time limits. {% comment %} https://github.com/github/enterprise2/pull/26971, https://github.com/github/enterprise2/pull/26955 {% endcomment %}'
- 'Attempting to wipe all existing configuration settings with `ghe-cleanup-settings` failed to restart the Management Console service. {% comment %} https://github.com/github/enterprise2/pull/26986, https://github.com/github/enterprise2/pull/26901 {% endcomment %}'
- 'During replication teardown via `ghe-repl-teardown` Memcached failed to be restarted. {% comment %} https://github.com/github/enterprise2/pull/26992, https://github.com/github/enterprise2/pull/26983 {% endcomment %}'
- 'During periods of high load, users would receive HTTP 503 status codes when upstream services failed internal healthchecks. {% comment %} https://github.com/github/enterprise2/pull/27081, https://github.com/github/enterprise2/pull/26999 {% endcomment %}'
- 'Pre-receive hook environments were forbidden from calling the cat command via BusyBox on Alpine. {% comment %} https://github.com/github/enterprise2/pull/27114, https://github.com/github/enterprise2/pull/27094 {% endcomment %}'
- 'The external database password was logged in plaintext. {% comment %} https://github.com/github/enterprise2/pull/27172, https://github.com/github/enterprise2/pull/26413 {% endcomment %}'
- 'An erroneous `jq` error message may have been displayed when running `ghe-config-apply`. {% comment %} https://github.com/github/enterprise2/pull/27203, https://github.com/github/enterprise2/pull/26784 {% endcomment %}'
- 'Failing over from a primary Cluster datacenter to a secondary Cluster datacenter succeeds, but then failing back over to the original primary Cluster datacenter failed to promote Elasticsearch indicies. {% comment %} https://github.com/github/github/pull/193180, https://github.com/github/github/pull/192447 {% endcomment %}'
- 'The Site Admin page for repository self-hosted runners returned an HTTP 500. {% comment %} https://github.com/github/github/pull/194205 {% endcomment %}'
- 'In some cases, GitHub Enterprise Administrators attempting to view the `Dormant users` page received `502 Bad Gateway` or `504 Gateway Timeout` response. {% comment %} https://github.com/github/github/pull/194259, https://github.com/github/github/pull/193609 {% endcomment %}'
changes:
- 'More effectively delete Webhook logs that fall out of the Webhook log retention window. {% comment %} https://github.com/github/enterprise2/pull/27157 {% endcomment %}'
known_issues:
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
- Custom firewall rules are removed during the upgrade process.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.

28
data/release-notes/enterprise-server/3-1/9.yml Normal file
View File

@@ -0,0 +1,28 @@
date: '2021-10-12'
sections:
security_fixes:
- 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/27035, https://github.com/github/enterprise2/pull/27010 {% endcomment %}'
bugs:
- 'Custom pre-receive hooks could have failed due to too restrictive virtual memory or CPU time limits. {% comment %} https://github.com/github/enterprise2/pull/26972, https://github.com/github/enterprise2/pull/26955 {% endcomment %}'
- 'Attempting to wipe all existing configuration settings with `ghe-cleanup-settings` failed to restart the Management Console service. {% comment %} https://github.com/github/enterprise2/pull/26987, https://github.com/github/enterprise2/pull/26901 {% endcomment %}'
- 'During replication teardown via `ghe-repl-teardown` Memcached failed to be restarted. {% comment %} https://github.com/github/enterprise2/pull/26993, https://github.com/github/enterprise2/pull/26983 {% endcomment %}'
- 'During periods of high load, users would receive HTTP 503 status codes when upstream services failed internal healthchecks. {% comment %} https://github.com/github/enterprise2/pull/27082, https://github.com/github/enterprise2/pull/26999 {% endcomment %}'
- 'With Actions configured, MSSQL replication would fail after restoring from a GitHub Enterprise Backup Utilities snapshot. {% comment %} https://github.com/github/enterprise2/pull/27097, https://github.com/github/enterprise2/pull/26254 {% endcomment %}'
- 'An erroneous `jq` error message may have been displayed when running `ghe-config-apply`. {% comment %} https://github.com/github/enterprise2/pull/27194, https://github.com/github/enterprise2/pull/26784 {% endcomment %}'
- 'Pre-receive hook environments were forbidden from calling the cat command via BusyBox on Alpine. {% comment %} https://github.com/github/enterprise2/pull/27115, https://github.com/github/enterprise2/pull/27094 {% endcomment %}'
- 'The external database password was logged in plaintext. {% comment %} https://github.com/github/enterprise2/pull/27173, https://github.com/github/enterprise2/pull/26413 {% endcomment %}'
- 'Failing over from a primary Cluster datacenter to a secondary Cluster datacenter succeeds, but then failing back over to the original primary Cluster datacenter failed to promote Elasticsearch indicies. {% comment %} https://github.com/github/github/pull/193181, https://github.com/github/github/pull/192447 {% endcomment %}'
- 'The "Import teams" button on the Teams page for an Organization returned an HTTP 404. {% comment %} https://github.com/github/github/pull/193302 {% endcomment %}'
- 'In some cases, GitHub Enterprise Administrators attempting to view the `Dormant users` page received `502 Bad Gateway` or `504 Gateway Timeout` response. {% comment %} https://github.com/github/github/pull/194260, https://github.com/github/github/pull/193609 {% endcomment %}'
- 'Performance was negatively impacted in certain high load situations as a result of the increased number of `SynchronizePullRequestJob` jobs. {% comment %} https://github.com/github/github/pull/195253, https://github.com/github/github/pull/194591 {% endcomment %}'
changes:
- 'More effectively delete Webhook logs that fall out of the Webhook log retention window. {% comment %} https://github.com/github/enterprise2/pull/27158 {% endcomment %}'
known_issues:
- The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
- Custom firewall rules are removed during the upgrade process.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- If {% data variables.product.prodname_actions %} is enabled for {% data variables.product.prodname_ghe_server %}, teardown of a replica node with `ghe-repl-teardown` will succeed, but may return `ERROR:Running migrations`.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.

27
data/release-notes/enterprise-server/3-2/1.yml Normal file
View File

@@ -0,0 +1,27 @@
date: '2021-10-12'
sections:
security_fixes:
- 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/27118, https://github.com/github/enterprise2/pull/27110 {% endcomment %}'
bugs:
- 'Custom pre-receive hooks could have failed due to too restrictive virtual memory or CPU time limits. {% comment %} https://github.com/github/enterprise2/pull/26973, https://github.com/github/enterprise2/pull/26955 {% endcomment %}'
- 'In a GitHub Enterprise Server clustering configuration, Dependency Graph settings could have been incorrectly applied. {% comment %} https://github.com/github/enterprise2/pull/26981, https://github.com/github/enterprise2/pull/26861 {% endcomment %}'
- 'Attempting to wipe all existing configuration settings with `ghe-cleanup-settings` failed to restart the Management Console service. {% comment %} https://github.com/github/enterprise2/pull/26988, https://github.com/github/enterprise2/pull/26901 {% endcomment %}'
- 'During replication teardown via `ghe-repl-teardown` Memcached failed to be restarted. {% comment %} https://github.com/github/enterprise2/pull/26994, https://github.com/github/enterprise2/pull/26983 {% endcomment %}'
- 'During periods of high load, users would receive HTTP 503 status codes when upstream services failed internal healthchecks. {% comment %} https://github.com/github/enterprise2/pull/27083, https://github.com/github/enterprise2/pull/26999 {% endcomment %}'
- 'Pre-receive hook environments were forbidden from calling the cat command via BusyBox on Alpine. {% comment %} https://github.com/github/enterprise2/pull/27116, https://github.com/github/enterprise2/pull/27094 {% endcomment %}'
- 'Failing over from a primary Cluster datacenter to a secondary Cluster datacenter succeeds, but then failing back over to the original primary Cluster datacenter failed to promote Elasticsearch indicies. {% comment %} https://github.com/github/github/pull/193182, https://github.com/github/github/pull/192447 {% endcomment %}'
- 'The "Import teams" button on the Teams page for an Organization returned an HTTP 404. {% comment %} https://github.com/github/github/pull/193303 {% endcomment %}'
- 'Using the API to disable Secret Scanning correctly disabled the property but incorrectly returned an HTTP 422 and an error message. {% comment %} https://github.com/github/github/pull/193455, https://github.com/github/github/pull/192907 {% endcomment %}'
- 'In some cases, GitHub Enterprise Administrators attempting to view the `Dormant users` page received `502 Bad Gateway` or `504 Gateway Timeout` response. {% comment %} https://github.com/github/github/pull/194262, https://github.com/github/github/pull/193609 {% endcomment %}'
- 'Performance was negatively impacted in certain high load situations as a result of the increased number of `SynchronizePullRequestJob` jobs. {% comment %} https://github.com/github/github/pull/195256, https://github.com/github/github/pull/194591 {% endcomment %}'
- 'A user defined pattern created for Secret Scanning would continue getting scanned even after it was deleted. {% comment %} https://github.com/github/token-scanning-service/pull/1039, https://github.com/github/token-scanning-service/pull/822 {% endcomment %}'
changes:
- 'GitHub Apps now set the Secret Scanning feature on a repository consistently with the API. {% comment %} https://github.com/github/github/pull/193456, https://github.com/github/github/pull/193125 {% endcomment %}'
known_issues:
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
- Custom firewall rules are removed during the upgrade process.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.

7
data/reusables/dependabot/dependabot-alerts-beta.md Normal file
View File

@@ -0,0 +1,7 @@
{% ifversion ghae-issue-4864 %}
{% note %}
**Note:** {% data variables.product.prodname_dependabot_alerts %} is currently in beta and is subject to change.
{% endnote %}
{% endif %}

3
data/reusables/dependabot/dependabot-alerts-dependency-graph-enterprise.md Normal file
View File

@@ -0,0 +1,3 @@
{% ifversion ghes or ghae-issue-4864 %}
The dependency graph and {% data variables.product.prodname_dependabot_alerts %} are configured at an enterprise level by the enterprise owner. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."
{% endif %}

7
data/reusables/notifications-v2/custom-notification-types.md
View File

@@ -1,2 +1,5 @@
{%- ifversion fpt or ghes > 3.1 or ghae-issue-4910 %}issues, pulls requests, releases, security alerts, or discussions{% endif %}
{%- ifversion ghes = 3.1 %}issues, pull requests, releases, or discussions{% endif %}
{%- ifversion fpt or ghes > 3.1 or ghae-issue-4910 %}
issues, pulls requests, releases, security alerts, or discussions
{%- else %}issues, pull requests, releases, or discussions
{% endif %}
<!-- `else1` statement probably not picked up by GHES 3.1 deprecation script. Will need to review here -->

4
data/reusables/notifications/vulnerable-dependency-notification-delivery-method-customization.md
View File

@@ -1,5 +1,3 @@
{% ifversion fpt %}
{% ifversion fpt or ghes or ghae-issue-4864 %}
You can choose the delivery method and frequency of notifications about {% data variables.product.prodname_dependabot_alerts %} on repositories that you are watching or where you have subscribed to notifications for security alerts.
{% else %}
You can choose the delivery method for notifications about {% ifversion ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} on repositories that you are watching, as well as the frequency at which the notifications are sent to you.
{% endif %}

10
data/reusables/notifications/vulnerable-dependency-notification-options.md
View File

@@ -1,15 +1,15 @@
{% ifversion fpt or ghes > 3.1 %}
{% ifversion fpt %}By default, you will receive notifications:{% endif %}{% ifversion ghes > 3.1 %}By default, if your site administrator has configured email for notifications on your instance, you will receive {% data variables.product.prodname_dependabot_alerts %}:{% endif %}
{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %}
{% ifversion fpt %}By default, you will receive notifications:{% endif %}{% ifversion ghes > 3.1 or ghae-issue-4864 %}By default, if your enterprise owner has configured email for notifications on your instance, you will receive {% data variables.product.prodname_dependabot_alerts %}:{% endif %}
- by email, an email is sent when {% data variables.product.prodname_dependabot %} is enabled for a repository, when a new manifest file is committed to the repository, and when a new vulnerability with a critical or high severity is found (**Email each time a vulnerability is found** option).
- in the user interface, a warning is shown in your repository's file and code views if there are any vulnerable dependencies (**UI alerts** option).
- on the command line, warnings are displayed as callbacks when you push to repositories with any vulnerable dependencies (**Command Line** option).
- in your inbox, as web notifications. A web notification is sent when {% data variables.product.prodname_dependabot %} is enabled for a repository, when a new manifest file is committed to the repository, and when a new vulnerability with a critical or high severity is found (**Web** option).
- on {% data variables.product.prodname_mobile %}, as web notifications. For more information, see "[Enabling push notifications with GitHub for mobile](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#enabling-push-notifications-with-github-for-mobile)."
- in your inbox, as web notifications. A web notification is sent when {% data variables.product.prodname_dependabot %} is enabled for a repository, when a new manifest file is committed to the repository, and when a new vulnerability with a critical or high severity is found (**Web** option).{% ifversion not ghae %}
- on {% data variables.product.prodname_mobile %}, as web notifications. For more information, see "[Enabling push notifications with GitHub for mobile](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#enabling-push-notifications-with-github-for-mobile)."{% endif %}
{% note %}
**Note:** The email and web/{% data variables.product.prodname_mobile %} notifications are:
**Note:** The email and web{% ifversion not ghae %}/{% data variables.product.prodname_mobile %}{% endif %} notifications are:
- _per repository_ when {% data variables.product.prodname_dependabot %} is enabled on the repository, or when a new manifest file is committed to the repository.

2
data/reusables/repositories/dependency-review.md
View File

@@ -1,3 +1,3 @@
{% ifversion fpt or ghes > 3.1 %}
{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %}
Additionally, {% data variables.product.prodname_dotcom %} can review any dependencies added, updated, or removed in a pull request made against the default branch of a repository, and flag any changes that would introduce a vulnerability into your project. This allows you to spot and deal with vulnerable dependencies before, rather than after, they reach your codebase. For more information, see "[Reviewing dependency changes in a pull request](/github/collaborating-with-issues-and-pull-requests/reviewing-dependency-changes-in-a-pull-request)."
{% endif %}

4
data/reusables/repositories/enable-security-alerts.md
View File

@@ -1,3 +1,3 @@
{% ifversion ghes %}
Your site administrator must enable {% data variables.product.prodname_dependabot %} alerts for vulnerable dependencies for {% data variables.product.product_location %} before you can use this feature. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."
{% ifversion ghes or ghae-issue-4864 %}
Enterprise owners must enable {% data variables.product.prodname_dependabot %} alerts for vulnerable dependencies for {% data variables.product.product_location %} before you can use this feature. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."
{% endif %}

2
data/reusables/secret-scanning/partner-secret-list-private-repo.md
View File

@@ -250,6 +250,8 @@ Tableau | Tableau Personal Access Token | tableau_personal_access_token{% endif
Telegram | Telegram Bot Token | telegram_bot_token{% endif %}
{%- ifversion fpt or ghes > 2.22 or ghae %}
Tencent Cloud | Tencent Cloud Secret ID | tencent_cloud_secret_id{% endif %}
{%- ifversion fpt or ghes > 3.3 %}
Twilio | Twilio Access Token | twilio_access_token{% endif %}
{%- ifversion fpt or ghes > 2.22 or ghae %}
Twilio | Twilio Account String Identifier | twilio_account_sid{% endif %}
{%- ifversion fpt or ghes > 2.22 or ghae %}

2
lib/languages.js
View File

@@ -31,7 +31,7 @@ const languages = {
nativeName: 'Español',
code: 'es',
hreflang: 'es',
dir: 'translations/es-XL',
dir: 'translations/es-ES',
wip: false,
},
pt: {

4
lib/search/indexes/github-docs-2.22-cn-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1665cc88b7a50973daa5461d146806548f5d624ac72fb23143debfcad6fd85d5
size 527327
oid sha256:a8356def70ed33b01a0daa1e0e02bf01a422d60fb01fa97dae5f2869c7d70de7
size 527440

4
lib/search/indexes/github-docs-2.22-cn.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5ba7a04c09c639d4e0368f2a8d7efa6afe2bed3dfea3e83184ede6468b078bdb
size 883253
oid sha256:93f772a1e644eff798d9ca2b2a2abd95a62c93200e7a8904ccb863043f2668f1
size 883095

4
lib/search/indexes/github-docs-2.22-de-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:024849dc4946ae5751527bc2a7d549dc235f43ee44c8a2434f6aae40bed827f3
size 481393
oid sha256:5085cba9d37e0b402383f8f3e326cffde01417c930fd2df78359980e434872cb
size 481235

4
lib/search/indexes/github-docs-2.22-de.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:879f7823b402a8cbc7a076fa67fc26a8c626336b45607ad4304b243f525bd302
size 2139786
oid sha256:f279e08ddaadecb62e2228e9e2873c9d2d8031cb36268e0c1f7b999f96fef699
size 2140522

4
lib/search/indexes/github-docs-2.22-en-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c9bffecb978bd12cbb1b1654061f3d8c65f6ee5573496a69c473e796a3cf6694
size 433821
oid sha256:659741a9102ee5c69473027ed3440379adc6e1d123ce0866705ababc16aae75d
size 433789

4
lib/search/indexes/github-docs-2.22-en.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8ef33596a70801f0152029dfda51aad422334f998d326a44e206aeb91e31d8cb
size 1695720
oid sha256:488b28b5a01c9af757105a919f5f74da25ec754f14da60bc252dcca60e93fab5
size 1694743

4
lib/search/indexes/github-docs-2.22-es-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7476f04676d4d0eb40c30e833efe0f9bebc4caec2f803217023e0d235d182060
size 187147
oid sha256:95922d64a40aa341c29ec45489454d49b084197ff46c35dad59ab1128d7d3d41
size 187115

4
lib/search/indexes/github-docs-2.22-es.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:19da86e268afb5daa5dab5c6dbe1e54f0bd2360d58dd9542fc5683be8627f3e6
size 657778
oid sha256:e1aef3d19b30ee99b600f4861d5c3b18deb84d74cc6c6f08d9eb9e5d4c121d40
size 658160

4
lib/search/indexes/github-docs-2.22-ja-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:71d6eaffca545306ee1842175ee1d5b19ee06025de549c95591b36d9abb1ddab
size 547795
oid sha256:89610819421985327459a57e961cd4052ba8947c4e35c8ca477d9173b288f815
size 547796

4
lib/search/indexes/github-docs-2.22-ja.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:61781b406893f4fd12abc95c64c905510da12db3bb454ed316239785d99bfb0f
size 2899640
oid sha256:c9f1f5e87e73e2eb085acc1f4db948fa92fd772c3400723160de500d52a4688e
size 2898975

4
lib/search/indexes/github-docs-2.22-pt-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fdfc1097a2da6d1805bb6052d2fdb7e40d1e6b03eeb8afa02bd31b4117ddc48b
size 457011
oid sha256:52cffd2ce7d913a8fd4005b18f85c06dcb17fe1e6949ba1ea67fd64502102490
size 457070

4
lib/search/indexes/github-docs-2.22-pt.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:deea07a58c7516345418b9cba60611b9b977cc9a1a4805c9be1dde7aedc8706e
size 1888182
oid sha256:782faef7162121b7d2429a0829220bf8f637ca1adf6e03db2afa5258d6bc0251
size 1886436

4
lib/search/indexes/github-docs-3.0-cn-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:01bcd3e08ff16f2b8d08d5362a16c66bec4b17f8410c8686a9d9c7bc3eb5d0de
size 546958
oid sha256:1851b648979fc28bc0dff607367b8fdbb59a18362eca09ceac36c7d303e986ac
size 547028

4
lib/search/indexes/github-docs-3.0-cn.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cffd26fc81e4d0cf7c31eb8d17884220adece3ec1e8bd36452956fa8a6abdf4f
size 922469
oid sha256:78f9d90262ce021878bf75b61f1e83b240eada12f9c22631aebc4a0eeaff7272
size 922809

4
lib/search/indexes/github-docs-3.0-de-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1545d66124f1cfebc2fe86c17ea6688feee0d03644f64c373bce01df58f80769
size 501904
oid sha256:ff24b07832cff76b970f90bba3f4b5e8ef5f09b079707bb2bf03b5ab28f21f07
size 501928

4
lib/search/indexes/github-docs-3.0-de.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c039d457f13d2968b0563a75212b045053ef5bd2dc9e1bc93938933f5ef47245
size 2246603
oid sha256:138efbce24d4c856ac287376df530d2c8bdf22d273735345368e2a1a4bad2833
size 2247106

4
lib/search/indexes/github-docs-3.0-en-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ace42d13edea4a19811cc1f913367d0e0a2791905c059f5c42c21afe8a9e03e5
size 454394
oid sha256:7ec35c64523e6868280d0f9bf1cb96d7518bdc5ab2a540434eeb9c86ea724ec6
size 454197

4
lib/search/indexes/github-docs-3.0-en.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:70d6b0072022b264d3c71c01c3c566340d012e4c9990ba658db4a842b0e4df57
size 1771124
oid sha256:41d2bfcb5d0af671a90150c8bfd0d87d2b69024ae6c941f1fdd84eff0d2688a2
size 1769470

4
lib/search/indexes/github-docs-3.0-es-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ae1d9822590b794e0850039b3a3e0b956dca09c079aab9b389ce55d493088ec7
size 185672
oid sha256:476505198f26985c07d48df67b65193eb9cf5188f7c87f916a4685776d7b19eb
size 185721

4
lib/search/indexes/github-docs-3.0-es.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0689d2c2cddc693333a743cea27de354c98b5228d65af709a30471080c022770
size 650111
oid sha256:015e8fd6c77ed9fd01835fd9b670cab9f4159de8026cf6cf9d50ef0a9be3303d
size 650327

4
lib/search/indexes/github-docs-3.0-ja-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f906976cf1c6b6b896a359d1cf27f9199e611280699d245089451e82490017f1
size 570114
oid sha256:31199b067cdd460fb6f88fec0083b2cb5f09bce372d448f410ad5e9a25d33f02
size 570158

4
lib/search/indexes/github-docs-3.0-ja.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f31eddefaf145a3f1bc98785d478ec45621406377c449529917970a06c63da2c
size 3023744
oid sha256:b49b217eb8b42e78ec9afec4ca03f4c09fb1677e5410106bc84bb4b2ff4a2ef5
size 3023912

4
lib/search/indexes/github-docs-3.0-pt-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c125bf480672eb2b8274600a16e556d2bed433d3ba069c75e90a0516a0a95515
size 477292
oid sha256:f03c346dea1e0fef8384321603cc49cbc086346dccc9af879e11a0dd54eada65
size 477211

4
lib/search/indexes/github-docs-3.0-pt.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:86354729e88f94890cff034b4265e9ef780555c26668f4c346656ba485f23561
size 1971667
oid sha256:559de8f0aec0252819ec3fb6c7c10573d042a18fb904df21b9d3a0396fda765a
size 1972002

4
lib/search/indexes/github-docs-3.1-cn-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9d0485398ea75315d6d487be1a88b85784c48568f19c14ca357c34cb08faf8ae
size 560781
oid sha256:9f472189dbe08ddda1370bdf2f2e1ce5f02ac809d8b88005139244d4bde49d1a
size 560785

4
lib/search/indexes/github-docs-3.1-cn.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:bd066e510a8796f904b41ecc44728c77f8e63e928251b569a26b60a4f94cfa53
size 951042
oid sha256:0d8ad367352418c3b1c4c9afda2115351dfdd1fb61d93b3fc04999689d2fecae
size 950719

4
lib/search/indexes/github-docs-3.1-de-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ee1361aa92301681d9ddb6b302d3805df6d39d7c882bb4261917a1a75e5d96ac
size 511522
oid sha256:85f209a72786a0d0f6cc7422f55470229c1fd28fba8e10cc527c2467ad6fcc62
size 511585

4
lib/search/indexes/github-docs-3.1-de.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:166fd667094cf78990c884f58301c0a292369d4eb7c41dec34bb2311d40e595d
size 2303946
oid sha256:38f33d1e2213eb26179909c21bceda28d498d06e32a3c8457604bb185daacdb8
size 2304581

4
lib/search/indexes/github-docs-3.1-en-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a4bff3a94831850f4f216114cf70a7c2a532dd0534b6cfdc8ccd73848f10a550
size 463615
oid sha256:94938a6551020b21e326a5450c00d28d27dad39b99315c82523b16a839691fe9
size 464365

4
lib/search/indexes/github-docs-3.1-en.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2fb187e7635de1bb23cf6ff4082cf640c13694272ab18e35a785e938a3600e1d
size 1813848
oid sha256:0ffd54699179f1f6dcd31a30791d77e7a5bc7d103338cca325f537ae6f9e8600
size 1813221

4
lib/search/indexes/github-docs-3.1-es-records.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:989b009040b43d218d35c00a12f2840339dab6c261853bc0abb7369ce65a37f7
size 185744
oid sha256:0bfc0fc8753452bf1b985e2fc23a8d9987e9b3f4fd8b926a0a61c5dac6da5314
size 185700

4
lib/search/indexes/github-docs-3.1-es.json.br
View File

@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:50e260791795811b051ba5bdfa715a0dbe74ab29f3527d28416da22ece9f2da7
size 650052
oid sha256:d7132a6b6b3c30edfebdb606876b33995d183f993766fda83cb2208383307b14
size 650089

Some files were not shown because too many files have changed in this diff Show More