More guides
diff --git a/content/actions/learn-github-actions/index.md b/content/actions/learn-github-actions/index.md
index 8bc97d038f..e120b015a2 100644
--- a/content/actions/learn-github-actions/index.md
+++ b/content/actions/learn-github-actions/index.md
@@ -36,7 +36,8 @@ versions:
{% link_with_intro /managing-complex-workflows %}
{% link_with_intro /sharing-workflows-with-your-organization %}
{% link_with_intro /security-hardening-for-github-actions %}
+{% link_with_intro /migrating-from-azure-pipelines-to-github-actions %}
{% link_with_intro /migrating-from-circleci-to-github-actions %}
{% link_with_intro /migrating-from-gitlab-cicd-to-github-actions %}
-{% link_with_intro /migrating-from-azure-pipelines-to-github-actions %}
{% link_with_intro /migrating-from-jenkins-to-github-actions %}
+{% link_with_intro /migrating-from-travis-ci-to-github-actions %}
\ No newline at end of file
diff --git a/content/actions/learn-github-actions/managing-complex-workflows.md b/content/actions/learn-github-actions/managing-complex-workflows.md
index 38e7e68e94..ae35c35064 100644
--- a/content/actions/learn-github-actions/managing-complex-workflows.md
+++ b/content/actions/learn-github-actions/managing-complex-workflows.md
@@ -24,12 +24,13 @@ This example action demonstrates how to reference an existing secret as an envir
```yaml
jobs:
example-job:
+ runs-on: ubuntu-latest
steps:
- name: Retrieve secret
env:
super_secret: ${{ secrets.SUPERSECRET }}
run: |
- example-command "$SUPER_SECRET"
+ example-command "$super_secret"
```
{% endraw %}
@@ -49,6 +50,7 @@ jobs:
- run: ./setup_server.sh
build:
needs: setup
+ runs-on: ubuntu-latest
steps:
- run: ./build_server.sh
test:
@@ -141,7 +143,7 @@ This example shows how a workflow can use labels to specify the required runner:
```yaml
jobs:
example-job:
- runs-on: [self-hosted, linux, x64, gpu]
+ runs-on: [self-hosted, linux, x64, gpu]
```
For more information, see ["Using labels with self-hosted runners](/actions/hosting-your-own-runners/using-labels-with-self-hosted-runners)."
diff --git a/content/actions/learn-github-actions/migrating-from-azure-pipelines-to-github-actions.md b/content/actions/learn-github-actions/migrating-from-azure-pipelines-to-github-actions.md
index c279889926..15963c3d2e 100644
--- a/content/actions/learn-github-actions/migrating-from-azure-pipelines-to-github-actions.md
+++ b/content/actions/learn-github-actions/migrating-from-azure-pipelines-to-github-actions.md
@@ -41,7 +41,7 @@ Jobs and steps in Azure Pipelines are very similar to jobs and steps in {% data
### Migrating script steps
-You can run a script or a shell command as a step in a workflow. In Azure Pipelines, script steps can be specified using the `script` key, or with the `bash`, `powershell`, or `pwsh` keys. Scripts can also be specified as an input to the [Bash task](https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/bash?view=azure-devops) or the [PowerShell task](https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/powershell?view=azure-devops).
+You can run a script or a shell command as a step in a workflow. In Azure Pipelines, script steps can be specified using the `script` key, or with the `bash`, `powershell`, or `pwsh` keys. Scripts can also be specified as an input to the [Bash task](https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/bash?view=azure-devops) or the [PowerShell task](https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/powershell?view=azure-devops).
In {% data variables.product.prodname_actions %}, all scripts are specified using the `run` key. To select a particular shell, you can specify the `shell` key when providing the script. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsrun)."
diff --git a/content/actions/learn-github-actions/migrating-from-gitlab-cicd-to-github-actions.md b/content/actions/learn-github-actions/migrating-from-gitlab-cicd-to-github-actions.md
index 873144e8fe..618503642e 100644
--- a/content/actions/learn-github-actions/migrating-from-gitlab-cicd-to-github-actions.md
+++ b/content/actions/learn-github-actions/migrating-from-gitlab-cicd-to-github-actions.md
@@ -180,7 +180,7 @@ GitLab CI/CD
deploy_prod:
stage: deploy
script:
- - echo "Deply to production server"
+ - echo "Deploy to production server"
rules:
- if: '$CI_COMMIT_BRANCH == "master"'
```
@@ -194,7 +194,7 @@ jobs:
if: contains( github.ref, 'master')
runs-on: ubuntu-latest
steps:
- - run: echo "Deply to production server"
+ - run: echo "Deploy to production server"
```
{% endraw %}
diff --git a/content/actions/learn-github-actions/migrating-from-jenkins-to-github-actions.md b/content/actions/learn-github-actions/migrating-from-jenkins-to-github-actions.md
index d7c662b90d..28a1e556e0 100644
--- a/content/actions/learn-github-actions/migrating-from-jenkins-to-github-actions.md
+++ b/content/actions/learn-github-actions/migrating-from-jenkins-to-github-actions.md
@@ -232,12 +232,19 @@ Jenkins Pipeline
```yaml
pipeline {
- agent none
- stages {
- stage('Run Tests') {
- parallel {
- stage('Test On MacOS') {
- agent { label "macos" }
+agent none
+stages {
+ stage('Run Tests') {
+ matrix {
+ axes {
+ axis {
+ name: 'PLATFORM'
+ values: 'macos', 'linux'
+ }
+ }
+ agent { label "${PLATFORM}" }
+ stages {
+ stage('test') {
tools { nodejs "node-12" }
steps {
dir("scripts/myapp") {
@@ -246,19 +253,10 @@ pipeline {
}
}
}
- stage('Test On Linux') {
- agent { label "linux" }
- tools { nodejs "node-12" }
- steps {
- dir("script/myapp") {
- sh(script: "npm install -g bats")
- sh(script: "bats tests")
- }
- }
- }
}
}
}
+}
}
```
diff --git a/content/actions/learn-github-actions/migrating-from-travis-ci-to-github-actions.md b/content/actions/learn-github-actions/migrating-from-travis-ci-to-github-actions.md
new file mode 100644
index 0000000000..2d95d8d0f7
--- /dev/null
+++ b/content/actions/learn-github-actions/migrating-from-travis-ci-to-github-actions.md
@@ -0,0 +1,410 @@
+---
+title: Migrating from Travis CI to GitHub Actions
+intro: '{% data variables.product.prodname_actions %} and Travis CI share multiple similarities, which helps make it relatively straightforward to migrate to {% data variables.product.prodname_actions %}.'
+redirect_from:
+ - /actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions
+versions:
+ free-pro-team: '*'
+ enterprise-server: '>=2.22'
+---
+
+### Introduction
+
+This guide helps you migrate from Travis CI to {% data variables.product.prodname_actions %}. It compares their concepts and syntax, describes the similarities, and demonstrates their different approaches to common tasks.
+
+### Before you start
+
+Before starting your migration to {% data variables.product.prodname_actions %}, it would be useful to become familiar with how it works:
+
+- For a quick example that demonstrates a {% data variables.product.prodname_actions %} job, see "[Quickstart for {% data variables.product.prodname_actions %}](/actions/quickstart)."
+- To learn the essential {% data variables.product.prodname_actions %} concepts, see "[Introduction to GitHub Actions](/actions/learn-github-actions/introduction-to-github-actions)."
+
+### Comparing job execution
+
+To give you control over when CI tasks are executed, a {% data variables.product.prodname_actions %} _workflow_ uses _jobs_ that run in parallel by default. Each job contains _steps_ that are executed in a sequence that you define. If you need to run setup and cleanup actions for a job, you can define steps in each job to perform these.
+
+### Key similarities
+
+{% data variables.product.prodname_actions %} and Travis CI share certain similarities, and understanding these ahead of time can help smooth the migration process.
+
+#### Using YAML syntax
+
+Travis CI and {% data variables.product.prodname_actions %} both use YAML to create jobs and workflows, and these files are stored in the code's repository. For more information on how {% data variables.product.prodname_actions %} uses YAML, see ["Creating a workflow file](/actions/learn-github-actions/introduction-to-github-actions#create-an-example-workflow)."
+
+#### Custom environment variables
+
+Travis CI lets you set environment variables and share them between stages. Similarly, {% data variables.product.prodname_actions %} lets you define environment variables for a step, job, or workflow. For more information, see ["Environment variables](/actions/reference/environment-variables)."
+
+#### Default environment variables
+
+Travis CI and {% data variables.product.prodname_actions %} both include default environment variables that you can use in your YAML files. For {% data variables.product.prodname_actions %}, you can see these listed in "[Default environment variables](/actions/reference/environment-variables#default-environment-variables)."
+
+#### Parallel job processing
+
+Travis CI can use `stages` to run jobs in parallel. Similarly, {% data variables.product.prodname_actions %} runs `jobs` in parallel. For more information, see "[Creating dependent jobs](/actions/learn-github-actions/managing-complex-workflows#creating-dependent-jobs)."
+
+#### Status badges
+
+Travis CI and {% data variables.product.prodname_actions %} both support status badges, which let you indicate whether a build is passing or failing.
+For more information, see ["Adding a workflow status badge to your repository](/actions/managing-workflow-runs/adding-a-workflow-status-badge)."
+
+#### Using a build matrix
+
+Travis CI and {% data variables.product.prodname_actions %} both support a build matrix, allowing you to perform testing using combinations of operating systems and software packages. For more information, see "[Using a build matrix](/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix)."
+
+Below is an example comparing the syntax for each system:
+
+
+
+
+#### Targeting specific branches
+
+Travis CI and {% data variables.product.prodname_actions %} both allow you to target your CI to a specific branch. For more information, see "[Workflow syntax for GitHub Actions](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestbranchestags)."
+
+Below is an example of the syntax for each system:
+
+
+
+
+#### Checking out submodules
+
+Travis CI and {% data variables.product.prodname_actions %} both allow you to control whether submodules are included in the repository clone.
+
+Below is an example of the syntax for each system:
+
+
+
+
+### Key features in {% data variables.product.prodname_actions %}
+
+When migrating from Travis CI, consider the following key features in {% data variables.product.prodname_actions %}:
+
+#### Storing secrets
+
+{% data variables.product.prodname_actions %} allows you to store secrets and reference them in your jobs. {% data variables.product.prodname_actions %} also includes policies that allow you to limit access to secrets at the repository and organization level. For more information, see "[Encrypted secrets](/actions/reference/encrypted-secrets)."
+
+#### Sharing files between jobs and workflows
+
+{% data variables.product.prodname_actions %} includes integrated support for artifact storage, allowing you to share files between jobs in a workflow. You can also save the resulting files and share them with other workflows. For more information, see "[Sharing data between jobs](/actions/learn-github-actions/essential-features-of-github-actions#sharing-data-between-jobs)."
+
+#### Hosting your own runners
+
+If your jobs require specific hardware or software, {% data variables.product.prodname_actions %} allows you to host your own runners and send your jobs to them for processing. {% data variables.product.prodname_actions %} also lets you use policies to control how these runners are accessed, granting access at the organization or repository level. For more information, see ["Hosting your own runners](/actions/hosting-your-own-runners)."
+
+#### Concurrent jobs and execution time
+
+The concurrent jobs and workflow execution times in {% data variables.product.prodname_actions %} can vary depending on your {% data variables.product.company_short %} plan. For more information, see "[Usage limits, billing, and administration](/actions/reference/usage-limits-billing-and-administration)."
+
+#### Using different languages in {% data variables.product.prodname_actions %}
+
+When working with different languages in {% data variables.product.prodname_actions %}, you can create a step in your job to set up your language dependencies. For more information about working with a particular language, see the specific guide:
+ - [Building and testing Node.js](/actions/guides/building-and-testing-nodejs)
+ - [Building and testing PowerShell](/actions/guides/building-and-testing-powershell)
+ - [Building and testing Python](/actions/guides/building-and-testing-python)
+ - [Building and testing Java with Maven](/actions/guides/building-and-testing-java-with-maven)
+ - [Building and testing Java with Gradle](/actions/guides/building-and-testing-java-with-gradle)
+ - [Building and testing Java with Ant](/actions/guides/building-and-testing-java-with-ant)
+
+### Executing scripts
+
+{% data variables.product.prodname_actions %} can use `run` steps to run scripts or shell commands. To use a particular shell, you can specify the `shell` type when providing the path to the script. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsrun)."
+
+For example:
+
+```yaml
+ steps:
+ - name: Run build script
+ run: ./.github/scripts/build.sh
+ shell: bash
+```
+
+### Error handling in {% data variables.product.prodname_actions %}
+
+When migrating to {% data variables.product.prodname_actions %}, there are different approaches to error handling that you might need to be aware of.
+
+#### Script error handling
+
+{% data variables.product.prodname_actions %} stops a job immediately if one of the steps returns an error code. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference)."
+
+#### Job error handling
+
+{% data variables.product.prodname_actions %} uses `if` conditionals to execute jobs or steps in certain situations. For example, you can run a step when another step results in a `failure()`. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#example-using-status-check-functions)." You can also use [`continue-on-error`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontinue-on-error) to prevent a workflow run from stopping when a job fails.
+
+### Migrating syntax for conditionals and expressions
+
+To run jobs under conditional expressions, Travis CI and {% data variables.product.prodname_actions %} share a similar `if` condition syntax. {% data variables.product.prodname_actions %} lets you use the `if` conditional to prevent a job or step from running unless a condition is met. For more information, see "[Context and expression syntax for {% data variables.product.prodname_actions %}](/actions/reference/context-and-expression-syntax-for-github-actions)."
+
+This example demonstrates how an `if` conditional can control whether a step is executed:
+
+```yaml
+jobs:
+ conditional:
+ runs-on: ubuntu-latest
+ steps:
+ - run: echo "This step runs with str equals 'ABC' and num equals 123"
+ if: env.str == 'ABC' && env.num == 123
+```
+
+### Migrating phases to steps
+
+Where Travis CI uses _phases_ to run _steps_, {% data variables.product.prodname_actions %} has _steps_ which execute _actions_. You can find prebuilt actions in the [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions), or you can create your own actions. For more information, see "[Building actions](/actions/building-actions)."
+
+Below is an example of the syntax for each system:
+
+
+
+
+### Caching dependencies
+
+Travis CI and {% data variables.product.prodname_actions %} let you manually cache dependencies for later reuse. This example demonstrates the cache syntax for each system.
+
+
+
+
+For more information, see "[Caching dependencies to speed up workflows](/actions/guides/caching-dependencies-to-speed-up-workflows)."
+
+### Examples of common tasks
+
+This section compares how {% data variables.product.prodname_actions %} and Travis CI perform common tasks.
+
+#### Configuring environment variables
+
+You can create custom environment variables in a {% data variables.product.prodname_actions %} job. For example:
+
+
+
+
+#### Building with Node.js
+
+
+
+
+
+### Next steps
+
+To continue learning about the main features of {% data variables.product.prodname_actions %}, see "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)."
diff --git a/content/actions/learn-github-actions/security-hardening-for-github-actions.md b/content/actions/learn-github-actions/security-hardening-for-github-actions.md
index 57cef7eb3e..00afdd7c2b 100644
--- a/content/actions/learn-github-actions/security-hardening-for-github-actions.md
+++ b/content/actions/learn-github-actions/security-hardening-for-github-actions.md
@@ -26,7 +26,7 @@ Secrets use [Libsodium sealed boxes](https://libsodium.gitbook.io/doc/public-key
To help prevent accidental disclosure, {% data variables.product.product_name %} uses a mechanism that attempts to redact any secrets that appear in run logs. This redaction looks for exact matches of any configured secrets, as well as common encodings of the values, such as Base64. However, because there are multiple ways a secret value can be transformed, this redaction is not guaranteed. As a result, there are certain proactive steps and good practices you should follow to help ensure secrets are redacted, and to limit other risks associated with secrets:
- **Never use structured data as a secret**
- - Unstructured data can cause secret redaction within logs to fail, because redaction largely relies on finding an exact match for the specific secret value. For example, do not use a blob of JSON, XML, or YAML (or similar) to encapsulate a secret value, as this significantly reduces the probability the secrets will be properly redacted. Instead, create individual secrets for each sensitive value.
+ - Structured data can cause secret redaction within logs to fail, because redaction largely relies on finding an exact match for the specific secret value. For example, do not use a blob of JSON, XML, or YAML (or similar) to encapsulate a secret value, as this significantly reduces the probability the secrets will be properly redacted. Instead, create individual secrets for each sensitive value.
- **Register all secrets used within workflows**
- If a secret is used to generate another sensitive value within a workflow, that generated value should be formally [registered as a secret](https://github.com/actions/toolkit/tree/main/packages/core#setting-a-secret), so that it will be redacted if it ever appears in the logs. For example, if using a private key to generate a signed JWT to access a web API, be sure to register that JWT as a secret or else it won’t be redacted if it ever enters the log output.
- Registering secrets applies to any sort of transformation/encoding as well. If your secret is transformed in some way (such as Base64 or URL-encoded), be sure to register the new value as a secret too.
@@ -98,7 +98,7 @@ You should also consider the environment of the self-hosted runner machines:
### Auditing {% data variables.product.prodname_actions %} events
-You can use the audit log to monitor administrative tasks in an organization. The audit log records the type of action, when it was run, and which user account perfomed the action.
+You can use the audit log to monitor administrative tasks in an organization. The audit log records the type of action, when it was run, and which user account performed the action.
For example, you can use the audit log to track the `action:org.update_actions_secret` event, which tracks changes to organization secrets:
diff --git a/content/actions/reference/encrypted-secrets.md b/content/actions/reference/encrypted-secrets.md
index dbb301e52e..843ec5cd8b 100644
--- a/content/actions/reference/encrypted-secrets.md
+++ b/content/actions/reference/encrypted-secrets.md
@@ -106,7 +106,7 @@ steps:
```
{% endraw %}
-Avoid passing secrets between processes from the command line, whenever possible. Command-line processes may be visible to other users (using the `ps` command) or captured by [security audit events](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing). To help protect secrets, consider using environment variables, `STDIN`, or other mechanisms supported by the target process.
+Avoid passing secrets between processes from the command line, whenever possible. Command-line processes may be visible to other users (using the `ps` command) or captured by [security audit events](https://docs.microsoft.com/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing). To help protect secrets, consider using environment variables, `STDIN`, or other mechanisms supported by the target process.
If you must pass secrets within a command line, then enclose them within the proper quoting rules. Secrets often contain special characters that may unintentionally affect your shell. To escape these special characters, use quoting with your environment variables. For example:
diff --git a/content/actions/reference/events-that-trigger-workflows.md b/content/actions/reference/events-that-trigger-workflows.md
index 279e7c34c5..e2a0d9010a 100644
--- a/content/actions/reference/events-that-trigger-workflows.md
+++ b/content/actions/reference/events-that-trigger-workflows.md
@@ -100,7 +100,7 @@ You can manually trigger a workflow run using the {% data variables.product.prod
##### Example workflow configuration
-This example defines the `name` and `home` inputs and prints them using the `github.event.inputs.name` and `github.event.inputs.home` contexts. If a `name` isn't provided, the default value 'Mona the Octocat' is printed.
+This example defines the `name` and `home` inputs and prints them using the `github.event.inputs.name` and `github.event.inputs.home` contexts. If a `home` isn't provided, the default value 'The Octoverse' is printed.
{% raw %}
```yaml
@@ -115,6 +115,7 @@ on:
home:
description: 'location'
required: false
+ default: 'The Octoverse'
jobs:
say_hello:
@@ -314,6 +315,33 @@ on:
types: [created, deleted]
```
+The `issue_comment` event occurs for comments on both issues and pull requests. To determine whether the `issue_comment` event was triggered from an issue or pull request, you can check the event payload for the `issue.pull_request` property and use it as a condition to skip a job.
+
+For example, you can choose to run the `pr_commented` job when comment events occur in a pull request, and the `issue_commented` job when comment events occur in an issue.
+
+```yaml
+on: issue_comment
+
+jobs:
+ pr_commented:
+ # This job only runs for pull request comments
+ name: PR comment
+ if: ${{ github.event.issue.pull_request }}
+ runs-on: ubuntu-latest
+ steps:
+ - run: |
+ echo "Comment on PR #${{ github.event.issue.number }}"
+
+ issue-commented:
+ # This job only runs for issue comments
+ name: Issue comment
+ if: ${{ !github.event.issue.pull_request }}
+ runs-on: ubuntu-latest
+ steps:
+ - run: |
+ echo "Comment on issue #${{ github.event.issue.number }}"
+```
+
#### `issues`
Runs your workflow anytime the `issues` event occurs. {% data reusables.developer-site.multiple_activity_types %} For information about the REST API, see "[Issues](/v3/issues)."
@@ -655,6 +683,10 @@ on:
{% data reusables.webhooks.workflow_run_desc %}
+| Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
+| --------------------- | -------------- | ------------ | -------------|
+| [`workflow_run`](/webhooks/event-payloads/#workflow_run) | - n/a | Last commit on default branch | Default branch |
+
If you need to filter branches from this event, you can use `branches` or `branches-ignore`.
In this example, a workflow is configured to run after the separate “Run Tests” workflow completes.
diff --git a/content/actions/reference/specifications-for-github-hosted-runners.md b/content/actions/reference/specifications-for-github-hosted-runners.md
index e0174430c8..77ee73e11e 100644
--- a/content/actions/reference/specifications-for-github-hosted-runners.md
+++ b/content/actions/reference/specifications-for-github-hosted-runners.md
@@ -29,7 +29,7 @@ You can specify the runner type for each job in a workflow. Each job in a workfl
#### Cloud hosts for {% data variables.product.prodname_dotcom %}-hosted runners
-{% data variables.product.prodname_dotcom %} hosts Linux and Windows runners on Standard_DS2_v2 virtual machines in Microsoft Azure with the {% data variables.product.prodname_actions %} runner application installed. The {% data variables.product.prodname_dotcom %}-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the Standard_DS2_v2 machine resources, see "[Dv2 and DSv2-series](https://docs.microsoft.com/en-us/azure/virtual-machines/dv2-dsv2-series#dsv2-series)" in the Microsoft Azure documentation.
+{% data variables.product.prodname_dotcom %} hosts Linux and Windows runners on Standard_DS2_v2 virtual machines in Microsoft Azure with the {% data variables.product.prodname_actions %} runner application installed. The {% data variables.product.prodname_dotcom %}-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the Standard_DS2_v2 machine resources, see "[Dv2 and DSv2-series](https://docs.microsoft.com/azure/virtual-machines/dv2-dsv2-series#dsv2-series)" in the Microsoft Azure documentation.
{% data variables.product.prodname_dotcom %} uses [MacStadium](https://www.macstadium.com/) to host the macOS runners.
@@ -37,7 +37,7 @@ You can specify the runner type for each job in a workflow. Each job in a workfl
The Linux and macOS virtual machines both run using passwordless `sudo`. When you need to execute commands or install tools that require more privileges than the current user, you can use `sudo` without needing to provide a password. For more information, see the "[Sudo Manual](https://www.sudo.ws/man/1.8.27/sudo.man.html)."
-Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "[How User Account Control works](https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/how-user-account-control-works)" in the Windows documentation.
+Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "[How User Account Control works](https://docs.microsoft.com/windows/security/identity-protection/user-account-control/how-user-account-control-works)" in the Windows documentation.
### Supported runners and hardware resources
diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md
index ca80019785..7c20f9df3a 100644
--- a/content/actions/reference/workflow-commands-for-github-actions.md
+++ b/content/actions/reference/workflow-commands-for-github-actions.md
@@ -65,22 +65,22 @@ You can use the `set-output` command in your workflow to set the same value:
The following table shows which toolkit functions are available within a workflow:
-| Toolkit function| Equivalent workflow command|
-| ------------- | ------------- |
-| `core.addPath` | {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}Accessible using environment file `GITHUB_PATH`{% else %} `add-path` {% endif %} |
-| `core.debug` | `debug` |
-| `core.error` | `error` |
-| `core.endGroup` | `endgroup` |
-| `core.exportVariable` | {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}Accessible using environment file `GITHUB_ENV`{% else %} `set-env` {% endif %} |
-| `core.getInput` | Accessible using environment variable `INPUT_{NAME}` |
-| `core.getState` | Accessible using environment variable `STATE_{NAME}` |
-| `core.isDebug` | Accessible using environment variable `RUNNER_DEBUG` |
-| `core.saveState` | `save-state` |
-| `core.setFailed` | Used as a shortcut for `::error` and `exit 1` |
-| `core.setOutput` | `set-output` |
-| `core.setSecret` | `add-mask` |
-| `core.startGroup` | `group` |
-| `core.warning` | `warning file` |
+| Toolkit function | Equivalent workflow command |
+| ----------------- | ------------- |
+| `core.addPath` | {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}Accessible using environment file `GITHUB_PATH`{% else %} `add-path` {% endif %} |
+| `core.debug` | `debug` |
+| `core.error` | `error` |
+| `core.endGroup` | `endgroup` |
+| `core.exportVariable` | {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}Accessible using environment file `GITHUB_ENV`{% else %} `set-env` {% endif %} |
+| `core.getInput` | Accessible using environment variable `INPUT_{NAME}` |
+| `core.getState` | Accessible using environment variable `STATE_{NAME}` |
+| `core.isDebug` | Accessible using environment variable `RUNNER_DEBUG` |
+| `core.saveState` | `save-state` |
+| `core.setFailed` | Used as a shortcut for `::error` and `exit 1` |
+| `core.setOutput` | `set-output` |
+| `core.setSecret` | `add-mask` |
+| `core.startGroup` | `group` |
+| `core.warning` | `warning file` |
{% if currentVersion ver_lt "enterprise-server@2.23" %}
### Setting an environment variable
@@ -160,6 +160,25 @@ Creates an error message and prints the message to the log. You can optionally p
echo "::error file=app.js,line=10,col=15::Something went wrong"
```
+### Grouping log lines
+
+```
+::group::{title}
+::endgroup::
+```
+
+Creates an expandable group in the log. To create a group, use the `group` command and specify a `title`. Anything you print to the log between the `group` and `endgroup` commands is nested inside an expandable entry in the log.
+
+#### Example
+
+```bash
+echo "::group::My title"
+echo "Inside group"
+echo "::endgroup::"
+```
+
+
+
### Masking a value in log
`::add-mask::{value}`
@@ -255,7 +274,8 @@ echo "action_state=yellow" >> $GITHUB_ENV
Running `$action_state` in a future step will now return `yellow`
-#### Multline strings
+#### Multiline strings
+
For multiline strings, you may use a delimiter with the following syntax.
```
@@ -264,7 +284,8 @@ For multiline strings, you may use a delimiter with the following syntax.
{delimiter}
```
-#### Example
+##### Example
+
In this example, we use `EOF` as a delimiter and set the `JSON_RESPONSE` environment variable to the value of the curl response.
```
steps:
diff --git a/content/admin/authentication/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md b/content/admin/authentication/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md
index 96a33bcc94..310153f2b1 100644
--- a/content/admin/authentication/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md
+++ b/content/admin/authentication/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md
@@ -10,7 +10,7 @@ versions:
### About authentication and user provisioning with Azure AD
-Azure Active Directory (Azure AD) is a service from Microsoft that allows you to centrally manage user accounts and access to web applications. For more information, see [What is Azure Active Directory?](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis) in the Microsoft Docs.
+Azure Active Directory (Azure AD) is a service from Microsoft that allows you to centrally manage user accounts and access to web applications. For more information, see [What is Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) in the Microsoft Docs.
To manage identity and access for {% data variables.product.product_name %}, you can use an Azure AD tenant as a SAML IdP for authentication. You can also configure Azure AD to automatically provision accounts and access with SCIM. This configuration allows you to assign or unassign the {% data variables.product.prodname_ghe_managed %} application for a user account in your Azure AD tenant to automatically create, grant access to, or deactivate a corresponding user account on {% data variables.product.product_name %}.
@@ -18,9 +18,9 @@ For more information about managing identity and access for your enterprise on {
### Prerequisites
-To configure authentication and user provisioning for {% data variables.product.product_name %} using Azure AD, you must have an Azure AD account and tenant. For more information, see the [Azure AD website](https://azure.microsoft.com/en-us/free/active-directory) and [Quickstart: Create an Azure Active Directory tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant) in the Microsoft Docs.
+To configure authentication and user provisioning for {% data variables.product.product_name %} using Azure AD, you must have an Azure AD account and tenant. For more information, see the [Azure AD website](https://azure.microsoft.com/free/active-directory) and [Quickstart: Create an Azure Active Directory tenant](https://docs.microsoft.com/azure/active-directory/develop/quickstart-create-new-tenant) in the Microsoft Docs.
-{% data reusables.saml.assert-the-administrator-attribute %} For more information about including the `administrator` attribute in the SAML claim from Azure AD, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs.
+{% data reusables.saml.assert-the-administrator-attribute %} For more information about including the `administrator` attribute in the SAML claim from Azure AD, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs.
{% data reusables.saml.create-a-machine-user %}
diff --git a/content/admin/authentication/using-saml.md b/content/admin/authentication/using-saml.md
index 3288ec9567..f6fe021b1b 100644
--- a/content/admin/authentication/using-saml.md
+++ b/content/admin/authentication/using-saml.md
@@ -29,7 +29,7 @@ Each {% data variables.product.prodname_ghe_server %} username is determined by
The `NameID` element is required even if other attributes are present.
-A mapping is created between the `NameID` and the {% data variables.product.prodname_ghe_server %} username, so the `NameID` should be persistent, unique, and not subject to change for the lifecyle of the user.
+A mapping is created between the `NameID` and the {% data variables.product.prodname_ghe_server %} username, so the `NameID` should be persistent, unique, and not subject to change for the lifecycle of the user.
{% note %}
diff --git a/content/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server.md b/content/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server.md
index 843cf0bcc0..8d25c497ef 100644
--- a/content/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server.md
+++ b/content/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server.md
@@ -1,11 +1,11 @@
---
title: Enabling alerts for vulnerable dependencies on GitHub Enterprise Server
-intro: 'You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_ghe_cloud %} and enable {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies in repositories in your instance.'
+intro: 'You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_ghe_cloud %} and enable {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies in repositories in your instance.'
redirect_from:
- /enterprise/admin/installation/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enterprise/admin/configuration/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
- /enterprise/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server
-permissions: 'Site administrators for {% data variables.product.prodname_ghe_server %} who are also owners of the connected {% data variables.product.prodname_ghe_cloud %} organization or enterprise account can enable {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}.'
+permissions: 'Site administrators for {% data variables.product.prodname_ghe_server %} who are also owners of the connected {% data variables.product.prodname_ghe_cloud %} organization or enterprise account can enable {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}.'
versions:
enterprise-server: '*'
---
@@ -14,11 +14,11 @@ versions:
{% data reusables.repositories.tracks-vulnerabilities %} For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
-You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}, then sync vulnerability data to your instance and generate {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts in repositories with a vulnerable dependency.
+You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}, then sync vulnerability data to your instance and generate {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts in repositories with a vulnerable dependency.
-After connecting {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %} and enabling {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies, vulnerability data is synced from {% data variables.product.prodname_dotcom_the_website %} to your instance once every hour. You can also choose to manually sync vulnerability data at any time. No code or information about code from {% data variables.product.product_location %} is uploaded to {% data variables.product.prodname_dotcom_the_website %}.
+After connecting {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %} and enabling {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies, vulnerability data is synced from {% data variables.product.prodname_dotcom_the_website %} to your instance once every hour. You can also choose to manually sync vulnerability data at any time. No code or information about code from {% data variables.product.product_location %} is uploaded to {% data variables.product.prodname_dotcom_the_website %}.
-{% if currentVersion ver_gt "enterprise-server@2.21" %}When {% data variables.product.product_location %} receives information about a vulnerability, it will identify repositories in your instance that use the affected version of the dependency and generate {% data variables.product.prodname_dependabot_short %} alerts. You can customize how you receive {% data variables.product.prodname_dependabot_short %} alerts. For more information, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies/#configuring-notifications-for-github-dependabot-alerts)."
+{% if currentVersion ver_gt "enterprise-server@2.21" %}When {% data variables.product.product_location %} receives information about a vulnerability, it will identify repositories in your instance that use the affected version of the dependency and generate {% data variables.product.prodname_dependabot_alerts %}. You can customize how you receive {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies/#configuring-notifications-for-dependabot-alerts)."
{% endif %}
{% if currentVersion == "enterprise-server@2.21" %}When {% data variables.product.product_location %} receives information about a vulnerability, it will identify repositories in your instance that use the affected version of the dependency and generate security alerts. You can customize how you receive security alerts. For more information, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies/#configuring-notifications-for-security-alerts)."
@@ -28,23 +28,25 @@ After connecting {% data variables.product.product_location %} to {% data variab
{% endif %}
{% if currentVersion ver_gt "enterprise-server@2.21" %}
-### Enabling {% data variables.product.prodname_dependabot_short %} alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}
+### Enabling {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}
{% else %}
### Enabling security alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}
{% endif %}
-Before enabling {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.product_location %}, you must connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Connecting {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_cloud %}](/enterprise/{{ currentVersion }}/admin/guides/installation/connecting-github-enterprise-server-to-github-enterprise-cloud)."
+Before enabling {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.product_location %}, you must connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Connecting {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_cloud %}](/enterprise/{{ currentVersion }}/admin/guides/installation/connecting-github-enterprise-server-to-github-enterprise-cloud)."
{% if currentVersion ver_gt "enterprise-server@2.20" %}
-{% if currentVersion ver_gt "enterprise-server@2.21" %}We recommend configuring {% data variables.product.prodname_dependabot_short %} alerts without notifications for the first few days to avoid an overload of emails. After a few days, you can enable notifications to receive {% data variables.product.prodname_dependabot_short %} alerts as usual.{% endif %}
+{% if currentVersion ver_gt "enterprise-server@2.21" %}We recommend configuring {% data variables.product.prodname_dependabot_alerts %} without notifications for the first few days to avoid an overload of emails. After a few days, you can enable notifications to receive {% data variables.product.prodname_dependabot_alerts %} as usual.{% endif %}
{% if currentVersion == "enterprise-server@2.21" %}We recommend configuring security alerts without notifications for the first few days to avoid an overload of emails. After a few days, you can enable notifications to receive security alerts as usual.{% endif %}
{% endif %}
{% data reusables.enterprise_site_admin_settings.sign-in %}
-1. In the administrative shell, enable the {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.product_location %}:
+
+1. In the administrative shell, enable the {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies on {% data variables.product.product_location %}:
+
``` shell
$ ghe-dep-graph-enable
```
diff --git a/content/admin/enterprise-management/upgrading-github-enterprise-server.md b/content/admin/enterprise-management/upgrading-github-enterprise-server.md
index 8a27ae426a..e1bedb0e8b 100644
--- a/content/admin/enterprise-management/upgrading-github-enterprise-server.md
+++ b/content/admin/enterprise-management/upgrading-github-enterprise-server.md
@@ -49,7 +49,7 @@ There are two types of snapshots:
| Platform | Snapshot method | Snapshot documentation URL |
|---|---|---|
| Amazon AWS | Disk |
-| Azure | VM |
| Hyper-V | VM |
| Google Compute Engine | Disk |
| VMware | VM |
diff --git a/content/admin/enterprise-support/submitting-a-ticket.md b/content/admin/enterprise-support/submitting-a-ticket.md
index 39d4ff11e2..056ebaddf0 100644
--- a/content/admin/enterprise-support/submitting-a-ticket.md
+++ b/content/admin/enterprise-support/submitting-a-ticket.md
@@ -58,7 +58,7 @@ After submitting your support request and optional diagnostic information, {% da
{% if currentVersion == "github-ae@latest" %}
### Submitting a ticket using the {% data variables.contact.ae_azure_portal %}
-Commercial customers can submit a support request in the {% data variables.contact.contact_ae_portal %}. Government customers should use the [Azure portal for government customers](https://portal.azure.us/#blade/Microsoft_Azure_Support/HelpAndSupportBlade). For more information, see [Create an Azure support request](https://docs.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request) in the Microsoft documentation.
+Commercial customers can submit a support request in the {% data variables.contact.contact_ae_portal %}. Government customers should use the [Azure portal for government customers](https://portal.azure.us/#blade/Microsoft_Azure_Support/HelpAndSupportBlade). For more information, see [Create an Azure support request](https://docs.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request) in the Microsoft documentation.
For urgent issues, to ensure a quick response, after you submit a ticket, please call the support hotline immediately. Your Technical Support Account Manager (TSAM) will provide you with the number to use in your onboarding session.
diff --git a/content/admin/installation/installing-github-enterprise-server-on-azure.md b/content/admin/installation/installing-github-enterprise-server-on-azure.md
index 4b7a309ad8..23e721683c 100644
--- a/content/admin/installation/installing-github-enterprise-server-on-azure.md
+++ b/content/admin/installation/installing-github-enterprise-server-on-azure.md
@@ -14,7 +14,7 @@ You can deploy {% data variables.product.prodname_ghe_server %} on global Azure
- {% data reusables.enterprise_installation.software-license %}
- You must have an Azure account capable of provisioning new machines. For more information, see the [Microsoft Azure website](https://azure.microsoft.com).
-- Most actions needed to launch your virtual machine (VM) may also be performed using the Azure Portal. However, we recommend installing the Azure command line interface (CLI) for initial setup. Examples using the Azure CLI 2.0 are included below. For more information, see Azure's guide "[Install Azure CLI 2.0](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest)."
+- Most actions needed to launch your virtual machine (VM) may also be performed using the Azure Portal. However, we recommend installing the Azure command line interface (CLI) for initial setup. Examples using the Azure CLI 2.0 are included below. For more information, see Azure's guide "[Install Azure CLI 2.0](https://docs.microsoft.com/cli/azure/install-azure-cli?view=azure-cli-latest)."
### Hardware considerations
@@ -26,9 +26,9 @@ Before launching {% data variables.product.product_location %} on Azure, you'll
#### Supported VM types and regions
-The {% data variables.product.prodname_ghe_server %} appliance requires a premium storage data disk, and is supported on any Azure VM that supports premium storage. For more information, see "[Supported VMs](https://docs.microsoft.com/en-us/azure/storage/common/storage-premium-storage#supported-vms)" in the Azure documentation. For general information about available VMs, see [the Azure virtual machines overview page](http://azure.microsoft.com/en-us/pricing/details/virtual-machines/#Linux).
+The {% data variables.product.prodname_ghe_server %} appliance requires a premium storage data disk, and is supported on any Azure VM that supports premium storage. For more information, see "[Supported VMs](https://docs.microsoft.com/azure/storage/common/storage-premium-storage#supported-vms)" in the Azure documentation. For general information about available VMs, see [the Azure virtual machines overview page](https://azure.microsoft.com/pricing/details/virtual-machines/#Linux).
-{% data variables.product.prodname_ghe_server %} supports any region that supports your VM type. For more information about the supported regions for each VM, see Azure's "[Products available by region](https://azure.microsoft.com/en-us/regions/services/)."
+{% data variables.product.prodname_ghe_server %} supports any region that supports your VM type. For more information about the supported regions for each VM, see Azure's "[Products available by region](https://azure.microsoft.com/regions/services/)."
#### Recommended VM types
@@ -47,20 +47,20 @@ We recommend you use a DS v2 instance type with at least 14 GB of RAM. You can u
{% data reusables.enterprise_installation.create-ghe-instance %}
-1. Find the most recent {% data variables.product.prodname_ghe_server %} appliance image. For more information about the `vm image list` command, see "[az vm image list](https://docs.microsoft.com/en-us/cli/azure/vm/image?view=azure-cli-latest#az_vm_image_list)" in the Microsoft documentation.
+1. Find the most recent {% data variables.product.prodname_ghe_server %} appliance image. For more information about the `vm image list` command, see "[az vm image list](https://docs.microsoft.com/cli/azure/vm/image?view=azure-cli-latest#az_vm_image_list)" in the Microsoft documentation.
```shell
$ az vm image list --all -f GitHub-Enterprise | grep '"urn":' | sort -V
```
-2. Create a new VM using the appliance image you found. For more information, see "[az vm create](https://docs.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az_vm_create)" in the Microsoft documentation.
+2. Create a new VM using the appliance image you found. For more information, see "[az vm create](https://docs.microsoft.com/cli/azure/vm?view=azure-cli-latest#az_vm_create)" in the Microsoft documentation.
- Pass in options for the name of your VM, the resource group, the size of your VM, the name of your preferred Azure region, the name of the appliance image VM you listed in the previous step, and the storage SKU for premium storage. For more information about resource groups, see "[Resource groups](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview#resource-groups)" in the Microsoft documentation.
+ Pass in options for the name of your VM, the resource group, the size of your VM, the name of your preferred Azure region, the name of the appliance image VM you listed in the previous step, and the storage SKU for premium storage. For more information about resource groups, see "[Resource groups](https://docs.microsoft.com/azure/azure-resource-manager/resource-group-overview#resource-groups)" in the Microsoft documentation.
```shell
$ az vm create -n VM_NAME -g RESOURCE_GROUP --size VM_SIZE -l REGION --image APPLIANCE_IMAGE_NAME --storage-sku Premium_LRS
```
-3. Configure the security settings on your VM to open up required ports. For more information, see "[az vm open-port](https://docs.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az_vm_open_port)" in the Microsoft documentation. See the table below for a description of each port to determine what ports you need to open.
+3. Configure the security settings on your VM to open up required ports. For more information, see "[az vm open-port](https://docs.microsoft.com/cli/azure/vm?view=azure-cli-latest#az_vm_open_port)" in the Microsoft documentation. See the table below for a description of each port to determine what ports you need to open.
```shell
$ az vm open-port -n VM_NAME -g RESOURCE_GROUP --port PORT_NUMBER
@@ -70,7 +70,7 @@ We recommend you use a DS v2 instance type with at least 14 GB of RAM. You can u
{% data reusables.enterprise_installation.necessary_ports %}
-4. Create and attach a new unencrypted data disk to the VM, and configure the size based on your user license count. For more information, see "[az vm disk attach](https://docs.microsoft.com/en-us/cli/azure/vm/disk?view=azure-cli-latest#az_vm_disk_attach)" in the Microsoft documentation.
+4. Create and attach a new unencrypted data disk to the VM, and configure the size based on your user license count. For more information, see "[az vm disk attach](https://docs.microsoft.com/cli/azure/vm/disk?view=azure-cli-latest#az_vm_disk_attach)" in the Microsoft documentation.
Pass in options for the name of your VM (for example, `ghe-acme-corp`), the resource group, the premium storage SKU, the size of the disk (for example, `100`), and a name for the resulting VHD.
@@ -86,7 +86,7 @@ We recommend you use a DS v2 instance type with at least 14 GB of RAM. You can u
### Configuring the {% data variables.product.prodname_ghe_server %} virtual machine
-1. Before configuring the VM, you must wait for it to enter ReadyRole status. Check the status of the VM with the `vm list` command. For more information, see "[az vm list](https://docs.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest#az_vm_list)" in the Microsoft documentation.
+1. Before configuring the VM, you must wait for it to enter ReadyRole status. Check the status of the VM with the `vm list` command. For more information, see "[az vm list](https://docs.microsoft.com/cli/azure/vm?view=azure-cli-latest#az_vm_list)" in the Microsoft documentation.
```shell
$ az vm list -d -g RESOURCE_GROUP -o table
> Name ResourceGroup PowerState PublicIps Fqdns Location Zones
@@ -96,7 +96,7 @@ We recommend you use a DS v2 instance type with at least 14 GB of RAM. You can u
```
{% note %}
- **Note:** Azure does not automatically create a FQDNS entry for the VM. For more information, see Azure's guide on how to "[Create a fully qualified domain name in the Azure portal for a Linux VM](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/portal-create-fqdn)."
+ **Note:** Azure does not automatically create a FQDNS entry for the VM. For more information, see Azure's guide on how to "[Create a fully qualified domain name in the Azure portal for a Linux VM](https://docs.microsoft.com/azure/virtual-machines/linux/portal-create-fqdn)."
{% endnote %}
diff --git a/content/admin/installation/installing-github-enterprise-server-on-hyper-v.md b/content/admin/installation/installing-github-enterprise-server-on-hyper-v.md
index 45f340ae45..7963e81282 100644
--- a/content/admin/installation/installing-github-enterprise-server-on-hyper-v.md
+++ b/content/admin/installation/installing-github-enterprise-server-on-hyper-v.md
@@ -12,7 +12,7 @@ versions:
- {% data reusables.enterprise_installation.software-license %}
- You must have Windows Server 2008 through Windows Server 2016, which support Hyper-V.
-- Most actions needed to create your virtual machine (VM) may also be performed using the [Hyper-V Manager](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/manage/remotely-manage-hyper-v-hosts). However, we recommend using the Windows PowerShell command-line shell for initial setup. Examples using PowerShell are included below. For more information, see the Microsoft guide "[Getting Started with Windows PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/getting-started/getting-started-with-windows-powershell?view=powershell-5.1)."
+- Most actions needed to create your virtual machine (VM) may also be performed using the [Hyper-V Manager](https://docs.microsoft.com/windows-server/virtualization/hyper-v/manage/remotely-manage-hyper-v-hosts). However, we recommend using the Windows PowerShell command-line shell for initial setup. Examples using PowerShell are included below. For more information, see the Microsoft guide "[Getting Started with Windows PowerShell](https://docs.microsoft.com/powershell/scripting/getting-started/getting-started-with-windows-powershell?view=powershell-5.1)."
### Hardware considerations
@@ -30,23 +30,23 @@ versions:
{% data reusables.enterprise_installation.create-ghe-instance %}
-1. In PowerShell, create a new Generation 1 virtual machine, configure the size based on your user license count, and attach the {% data variables.product.prodname_ghe_server %} image you downloaded. For more information, see "[New-VM](https://docs.microsoft.com/en-us/powershell/module/hyper-v/new-vm?view=win10-ps)" in the Microsoft documentation.
+1. In PowerShell, create a new Generation 1 virtual machine, configure the size based on your user license count, and attach the {% data variables.product.prodname_ghe_server %} image you downloaded. For more information, see "[New-VM](https://docs.microsoft.com/powershell/module/hyper-v/new-vm?view=win10-ps)" in the Microsoft documentation.
```shell
PS C:\> New-VM -Generation 1 -Name VM_NAME -MemoryStartupBytes MEMORY_SIZE -BootDevice VHD -VHDPath PATH_TO_VHD
```
-{% data reusables.enterprise_installation.create-attached-storage-volume %} Replace `PATH_TO_DATA_DISK` with the path to the location where you create the disk. For more information, see "[New-VHD](https://docs.microsoft.com/en-us/powershell/module/hyper-v/new-vhd?view=win10-ps)" in the Microsoft documentation.
+{% data reusables.enterprise_installation.create-attached-storage-volume %} Replace `PATH_TO_DATA_DISK` with the path to the location where you create the disk. For more information, see "[New-VHD](https://docs.microsoft.com/powershell/module/hyper-v/new-vhd?view=win10-ps)" in the Microsoft documentation.
```shell
PS C:\> New-VHD -Path PATH_TO_DATA_DISK -SizeBytes DISK_SIZE
```
-3. Attach the data disk to your instance. For more information, see "[Add-VMHardDiskDrive](https://docs.microsoft.com/en-us/powershell/module/hyper-v/add-vmharddiskdrive?view=win10-ps)" in the Microsoft documentation.
+3. Attach the data disk to your instance. For more information, see "[Add-VMHardDiskDrive](https://docs.microsoft.com/powershell/module/hyper-v/add-vmharddiskdrive?view=win10-ps)" in the Microsoft documentation.
```shell
PS C:\> Add-VMHardDiskDrive -VMName VM_NAME -Path PATH_TO_DATA_DISK
```
-4. Start the VM. For more information, see "[Start-VM](https://docs.microsoft.com/en-us/powershell/module/hyper-v/start-vm?view=win10-ps)" in the Microsoft documentation.
+4. Start the VM. For more information, see "[Start-VM](https://docs.microsoft.com/powershell/module/hyper-v/start-vm?view=win10-ps)" in the Microsoft documentation.
```shell
PS C:\> Start-VM -Name VM_NAME
```
-5. Get the IP address of your VM. For more information, see "[Get-VMNetworkAdapter](https://docs.microsoft.com/en-us/powershell/module/hyper-v/get-vmnetworkadapter?view=win10-ps)" in the Microsoft documentation.
+5. Get the IP address of your VM. For more information, see "[Get-VMNetworkAdapter](https://docs.microsoft.com/powershell/module/hyper-v/get-vmnetworkadapter?view=win10-ps)" in the Microsoft documentation.
```shell
PS C:\> (Get-VMNetworkAdapter -VMName VM_NAME).IpAddresses
```
diff --git a/content/admin/packages/configuring-third-party-storage-for-packages.md b/content/admin/packages/configuring-third-party-storage-for-packages.md
index 5c0f19db55..8524547c00 100644
--- a/content/admin/packages/configuring-third-party-storage-for-packages.md
+++ b/content/admin/packages/configuring-third-party-storage-for-packages.md
@@ -13,7 +13,7 @@ versions:
{% data variables.product.prodname_registry %} on {% data variables.product.prodname_ghe_server %} uses external blob storage to store your packages. The amount of storage required depends on your usage of {% data variables.product.prodname_registry %}.
-At this time, {% data variables.product.prodname_registry %} supports blob storage with Amazon Web Services (AWS) S3. MinIO is also supported, but configuration is not currently implemented in the {% data variables.product.product_name %} interface. You can use MinIO for storage by following the instructions for AWS S3, entering the analagous information for your MinIO configuration.
+At this time, {% data variables.product.prodname_registry %} supports blob storage with Amazon Web Services (AWS) S3. MinIO is also supported, but configuration is not currently implemented in the {% data variables.product.product_name %} interface. You can use MinIO for storage by following the instructions for AWS S3, entering the analogous information for your MinIO configuration.
For the best experience, we recommend using a dedicated bucket for {% data variables.product.prodname_registry %}, separate from the bucket you use for {% data variables.product.prodname_actions %} storage.
diff --git a/content/admin/user-management/auditing-users-across-your-enterprise.md b/content/admin/user-management/auditing-users-across-your-enterprise.md
index 685cb12eef..015fe8c7a2 100644
--- a/content/admin/user-management/auditing-users-across-your-enterprise.md
+++ b/content/admin/user-management/auditing-users-across-your-enterprise.md
@@ -66,9 +66,9 @@ You can only use a {% data variables.product.product_name %} username, not an in
The `org` qualifier limits actions to a specific organization. For example:
-* `org:my-org` finds all events that occured for the `my-org` organization.
+* `org:my-org` finds all events that occurred for the `my-org` organization.
* `org:my-org action:team` finds all team events performed within the `my-org` organization.
-* `-org:my-org` excludes all events that occured for the `my-org` organization.
+* `-org:my-org` excludes all events that occurred for the `my-org` organization.
#### Search based on the action performed
diff --git a/content/desktop/installing-and-configuring-github-desktop/creating-your-first-repository-using-github-desktop.md b/content/desktop/installing-and-configuring-github-desktop/creating-your-first-repository-using-github-desktop.md
index 758428325e..fc00f154bd 100644
--- a/content/desktop/installing-and-configuring-github-desktop/creating-your-first-repository-using-github-desktop.md
+++ b/content/desktop/installing-and-configuring-github-desktop/creating-your-first-repository-using-github-desktop.md
@@ -92,13 +92,8 @@ Now that you've created and published your repository, you're ready to make chan
4. At the bottom of the **Changes** list, enter a commit message. To the right of your profile picture, type a short description of the commit. Since we're changing the _README.md_ file, "Add information about purpose of project" would be a good commit summary. Below the summary, you'll see a "Description" text field where you can type a longer description of the changes in the commit, which is helpful when looking back at the history of a project and understanding why changes were made. Since you're making a basic update of a _README.md_ file, you can skip the description.
-<<<<<<< HEAD
5. Click **Commit to BRANCH NAME**. The commit button shows your current branch so you can be sure to commit to the branch you want.
-=======
-5. Click **Commit to master**. The commit button shows your current branch, which in this case is `master`, so that you know which branch you are making a commit to.
- 
->>>>>>> master
6. To push your changes to the remote repository on {% data variables.product.product_name %}, click **Push origin**.
- The **Push origin** button is the same one that you clicked to publish your repository to {% data variables.product.product_name %}. This button changes contextually based on where you are at in the Git workflow. It should now say `Push origin` with a `1` next to it, indicating that there is one commit that has not been pushed up to {% data variables.product.product_name %}.
diff --git a/content/developers/apps/creating-ci-tests-with-the-checks-api.md b/content/developers/apps/creating-ci-tests-with-the-checks-api.md
index 23fe0306b5..dbe3fb274d 100644
--- a/content/developers/apps/creating-ci-tests-with-the-checks-api.md
+++ b/content/developers/apps/creating-ci-tests-with-the-checks-api.md
@@ -836,7 +836,7 @@ Here are a few common problems and some suggested solutions. If you run into any
* **Q:** My app isn't pushing code to GitHub. I don't see the fixes that RuboCop automatically makes!
- **A:** Make sure you have **Read & write** permissions for "Repository contents," and that you are cloning the repository with your intallation token. See [Step 2.2. Cloning the repository](#step-22-cloning-the-repository) for details.
+ **A:** Make sure you have **Read & write** permissions for "Repository contents," and that you are cloning the repository with your installation token. See [Step 2.2. Cloning the repository](#step-22-cloning-the-repository) for details.
* **Q:** I see an error in the `template_server.rb` debug output related to cloning my repository.
diff --git a/content/developers/apps/identifying-and-authorizing-users-for-github-apps.md b/content/developers/apps/identifying-and-authorizing-users-for-github-apps.md
index 39ade7dd24..60a7f9be39 100644
--- a/content/developers/apps/identifying-and-authorizing-users-for-github-apps.md
+++ b/content/developers/apps/identifying-and-authorizing-users-for-github-apps.md
@@ -662,7 +662,7 @@ While most of your API interaction should occur using your server-to-server inst
* [Create commit signature protection](/v3/repos/branches/#create-commit-signature-protection)
* [Delete commit signature protection](/v3/repos/branches/#delete-commit-signature-protection)
* [Get status checks protection](/v3/repos/branches/#get-status-checks-protection)
-* [Update status check potection](/v3/repos/branches/#update-status-check-potection)
+* [Update status check protection](/v3/repos/branches/#update-status-check-protection)
* [Remove status check protection](/v3/repos/branches/#remove-status-check-protection)
* [Get all status check contexts](/v3/repos/branches/#get-all-status-check-contexts)
* [Add status check contexts](/v3/repos/branches/#add-status-check-contexts)
diff --git a/content/developers/apps/setting-up-your-development-environment-to-create-a-github-app.md b/content/developers/apps/setting-up-your-development-environment-to-create-a-github-app.md
index 45e7c4c544..56485e1550 100644
--- a/content/developers/apps/setting-up-your-development-environment-to-create-a-github-app.md
+++ b/content/developers/apps/setting-up-your-development-environment-to-create-a-github-app.md
@@ -262,7 +262,7 @@ Before you can use the Octokit.rb library to make API calls, you'll need to init
# Instantiate an Octokit client authenticated as a GitHub App.
# GitHub App authentication requires that you construct a
# JWT (https://jwt.io/introduction/) signed with the app's private key,
-# so GitHub can be sure that it came from the app an not altererd by
+# so GitHub can be sure that it came from the app an not altered by
# a malicious third party.
def authenticate_app
payload = {
diff --git a/content/developers/github-marketplace/rest-endpoints-for-the-github-marketplace-api.md b/content/developers/github-marketplace/rest-endpoints-for-the-github-marketplace-api.md
index ffbc4c69fc..5ad1d2f177 100644
--- a/content/developers/github-marketplace/rest-endpoints-for-the-github-marketplace-api.md
+++ b/content/developers/github-marketplace/rest-endpoints-for-the-github-marketplace-api.md
@@ -1,6 +1,6 @@
---
title: REST endpoints for the GitHub Marketplace API
-intro: 'To help manage your app on {% data variables.product.prodname_marketplace %}, use these {% data variables.product.prodname_marketplace %} API endoints.'
+intro: 'To help manage your app on {% data variables.product.prodname_marketplace %}, use these {% data variables.product.prodname_marketplace %} API endpoints.'
redirect_from:
- /apps/marketplace/github-marketplace-api-endpoints/
- /apps/marketplace/integrating-with-the-github-marketplace-api/github-marketplace-rest-api-endpoints/
diff --git a/content/github/administering-a-repository/about-github-dependabot-version-updates.md b/content/github/administering-a-repository/about-dependabot-version-updates.md
similarity index 54%
rename from content/github/administering-a-repository/about-github-dependabot-version-updates.md
rename to content/github/administering-a-repository/about-dependabot-version-updates.md
index d765f55cfb..faa1362b55 100644
--- a/content/github/administering-a-repository/about-github-dependabot-version-updates.md
+++ b/content/github/administering-a-repository/about-dependabot-version-updates.md
@@ -1,8 +1,10 @@
---
-title: About GitHub Dependabot version updates
+title: About Dependabot version updates
intro: 'You can use {% data variables.product.prodname_dependabot %} to keep the packages you use updated to the latest versions.'
redirect_from:
- - /github/administering-a-repository/about-github-dependabot
+ - /github/administering-a-repository/about-dependabot
+ - /github/administering-a-repository/about-github-dependabot-version-updates
+
versions:
free-pro-team: '*'
---
@@ -13,11 +15,11 @@ versions:
{% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a configuration file in to your repository. The configuration file specifies the location of the manifest, or other package definition files, stored in your repository. {% data variables.product.prodname_dependabot_short %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot_short %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. Vendored (or cached) dependencies are dependencies that are checked in to a specific directory in a repository, rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary.
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a configuration file in to your repository. The configuration file specifies the location of the manifest, or other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. Vendored (or cached) dependencies are dependencies that are checked in to a specific directory in a repository, rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary.
-When {% data variables.product.prodname_dependabot_short %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot_short %} raises a pull request to directly replace the outdated dependency with the new version. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
+When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to directly replace the outdated dependency with the new version. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
-If you enable security updates, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)."
+If you enable security updates, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
{% data reusables.dependabot.dependabot-tos %}
@@ -27,7 +29,7 @@ You specify how often to check each ecosystem for new versions in the configurat
{% data reusables.dependabot.initial-updates %}
-If you've enabled security updates, you'll sometimes see extra pull requests for security updates. These are triggered by a {% data variables.product.prodname_dependabot_short %} alert for a dependency on your default branch. {% data variables.product.prodname_dependabot %} automatically raises a pull request to update the vulnerable dependency.
+If you've enabled security updates, you'll sometimes see extra pull requests for security updates. These are triggered by a {% data variables.product.prodname_dependabot %} alert for a dependency on your default branch. {% data variables.product.prodname_dependabot %} automatically raises a pull request to update the vulnerable dependency.
### Supported repositories and ecosystems
diff --git a/content/github/administering-a-repository/about-releases.md b/content/github/administering-a-repository/about-releases.md
index c28637462b..96354c437a 100644
--- a/content/github/administering-a-repository/about-releases.md
+++ b/content/github/administering-a-repository/about-releases.md
@@ -30,7 +30,7 @@ People with admin permissions to a repository can choose whether {% data variabl
{% endif %}
{% if currentVersion == "free-pro-team@latest" %}
-If a release fixes a security vulnerability, you should publish a security advisory in your repository. {% data variables.product.prodname_dotcom %} reviews each published security advisory and may use it to send {% data variables.product.prodname_dependabot_short %} alerts to affected repositories. For more information, see "[About GitHub Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
+If a release fixes a security vulnerability, you should publish a security advisory in your repository. {% data variables.product.prodname_dotcom %} reviews each published security advisory and may use it to send {% data variables.product.prodname_dependabot_alerts %} to affected repositories. For more information, see "[About GitHub Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
You can view the **Dependents** tab of the dependency graph to see which repositories and packages depend on code in your repository, and may therefore be affected by a new release. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
{% endif %}
diff --git a/content/github/administering-a-repository/about-securing-your-repository.md b/content/github/administering-a-repository/about-securing-your-repository.md
index 63214df232..9965531c8e 100644
--- a/content/github/administering-a-repository/about-securing-your-repository.md
+++ b/content/github/administering-a-repository/about-securing-your-repository.md
@@ -21,14 +21,14 @@ The first step to securing a repository is to set up who can see and modify your
Privately discuss and fix security vulnerabilities in your repository's code. You can then publish a security advisory to alert your community to the vulnerability and encourage them to upgrade. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."
-- **{% data variables.product.prodname_dependabot_short %} alerts and security updates**
+- **{% data variables.product.prodname_dependabot_alerts %} and security updates**
View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)"
- and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)."
+ and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
-- **{% data variables.product.prodname_dependabot_short %} version updates**
+- **{% data variables.product.prodname_dependabot %} version updates**
- Use {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. This helps reduce your exposure to older versions of dependencies. Using newer versions makes it easier to apply patches if security vulnerabilities are discovered, and also makes it easier for {% data variables.product.prodname_dependabot_security_updates %} to successfully raise pull requests to upgrade vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-github-dependabot-version-updates)."
+ Use {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. This helps reduce your exposure to older versions of dependencies. Using newer versions makes it easier to apply patches if security vulnerabilities are discovered, and also makes it easier for {% data variables.product.prodname_dependabot_security_updates %} to successfully raise pull requests to upgrade vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)."
- **{% data variables.product.prodname_code_scanning_capc %} alerts**
@@ -44,6 +44,6 @@ The first step to securing a repository is to set up who can see and modify your
* Ecosystems and packages that your repository depends on
* Repositories and packages that depend on your repository
-You must enable the dependency graph before {% data variables.product.prodname_dotcom %} can generate {% data variables.product.prodname_dependabot_short %} alerts for dependencies with security vulnerabilities.
+You must enable the dependency graph before {% data variables.product.prodname_dotcom %} can generate {% data variables.product.prodname_dependabot_alerts %} for dependencies with security vulnerabilities.
You can find the dependency graph on the **Insights** tab for your repository. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
diff --git a/content/github/administering-a-repository/configuration-options-for-dependency-updates.md b/content/github/administering-a-repository/configuration-options-for-dependency-updates.md
index da6eb3422b..717819bb6a 100644
--- a/content/github/administering-a-repository/configuration-options-for-dependency-updates.md
+++ b/content/github/administering-a-repository/configuration-options-for-dependency-updates.md
@@ -12,7 +12,7 @@ versions:
The {% data variables.product.prodname_dependabot %} configuration file, *dependabot.yml*, uses YAML syntax. If you're new to YAML and want to learn more, see "[Learn YAML in five minutes](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)."
-You must store this file in the `.github` directory of your repository. When you add or update the *dependabot.yml* file, this triggers an immediate check for version updates. Any options that also affect security updates are used the next time a security alert triggers a pull request with for security update. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)."
+You must store this file in the `.github` directory of your repository. When you add or update the *dependabot.yml* file, this triggers an immediate check for version updates. Any options that also affect security updates are used the next time a security alert triggers a pull request with for security update. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)."
### Configuration options for *dependabot.yml*
@@ -56,13 +56,13 @@ In addition, the [`open-pull-requests-limit`](#open-pull-requests-limit) option
Security updates are raised for vulnerable package manifests only on the default branch. When configuration options are set for the same branch (true unless you use `target-branch`), and specify a `package-ecosystem` and `directory` for the vulnerable manifest, then pull requests for security updates use relevant options.
-In general, security updates use any configuration options that affect pull requests, for example, adding metadata or changing their behavior. For more information about security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)."
+In general, security updates use any configuration options that affect pull requests, for example, adding metadata or changing their behavior. For more information about security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)."
{% endnote %}
### `package-ecosystem`
-**Required** You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot_short %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below.
+**Required** You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below.
{% data reusables.dependabot.supported-package-managers %}
@@ -308,7 +308,7 @@ updates:
{% note %}
-**Note**: {% data variables.product.prodname_dependabot_version_updates %} can't run version updates for any dependencies in manifests containing private git dependencies or private git registries, even if you add the private dependencies to the `ignore` option of your configuration file. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-github-dependabot#supported-repositories-and-ecosystems)."
+**Note**: {% data variables.product.prodname_dependabot_version_updates %} can't run version updates for any dependencies in manifests containing private git dependencies or private git registries, even if you add the private dependencies to the `ignore` option of your configuration file. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot#supported-repositories-and-ecosystems)."
{% endnote %}
@@ -544,7 +544,7 @@ updates:
### `vendor`
-Use the `vendor` option to tell {% data variables.product.prodname_dependabot_short %} to vendor dependencies when updating them.
+Use the `vendor` option to tell {% data variables.product.prodname_dependabot %} to vendor dependencies when updating them.
```yaml
# Configure version updates for both dependencies defined in manifests and vendored dependencies
@@ -559,7 +559,7 @@ updates:
interval: "weekly"
```
-{% data variables.product.prodname_dependabot_short %} only updates the vendored dependencies located in specific directories in a repository.
+{% data variables.product.prodname_dependabot %} only updates the vendored dependencies located in specific directories in a repository.
| Package manager | Required file path for vendored dependencies | More information |
|------------------|-------------------------------|--------|
diff --git a/content/github/administering-a-repository/customizing-dependency-updates.md b/content/github/administering-a-repository/customizing-dependency-updates.md
index 26f64bba21..95340f31d2 100644
--- a/content/github/administering-a-repository/customizing-dependency-updates.md
+++ b/content/github/administering-a-repository/customizing-dependency-updates.md
@@ -20,7 +20,7 @@ After you've enabled version updates, you can customize how {% data variables.pr
For more information about the configuration options, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)."
-When you update the *dependabot.yml* file in your repository, {% data variables.product.prodname_dependabot %} runs an immediate check with the new configuration. Within minutes you will see an updated list of dependencies on the **{% data variables.product.prodname_dependabot_short %}** tab, this may take longer if the repository has many dependencies. You may also see new pull requests for version updates. For more information, see "[Listing dependencies configured for version updates](/github/administering-a-repository/listing-dependencies-configured-for-version-updates)."
+When you update the *dependabot.yml* file in your repository, {% data variables.product.prodname_dependabot %} runs an immediate check with the new configuration. Within minutes you will see an updated list of dependencies on the **{% data variables.product.prodname_dependabot %}** tab, this may take longer if the repository has many dependencies. You may also see new pull requests for version updates. For more information, see "[Listing dependencies configured for version updates](/github/administering-a-repository/listing-dependencies-configured-for-version-updates)."
### Impact of configuration changes on security updates
diff --git a/content/github/administering-a-repository/enabling-and-disabling-version-updates.md b/content/github/administering-a-repository/enabling-and-disabling-version-updates.md
index c3e997f0dc..51734816e3 100644
--- a/content/github/administering-a-repository/enabling-and-disabling-version-updates.md
+++ b/content/github/administering-a-repository/enabling-and-disabling-version-updates.md
@@ -10,7 +10,7 @@ versions:
### About version updates for dependencies
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a *dependabot.yml* configuration file in to your repository's `.github` directory. {% data variables.product.prodname_dependabot_short %} then raises pull requests to keep the dependencies you configure up-to-date. For each package manager's dependencies that you want to update, you must specify the location of the package manifest files and how often to check for updates to the dependencies listed in those files. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)."
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a *dependabot.yml* configuration file in to your repository's `.github` directory. {% data variables.product.prodname_dependabot %} then raises pull requests to keep the dependencies you configure up-to-date. For each package manager's dependencies that you want to update, you must specify the location of the package manifest files and how often to check for updates to the dependencies listed in those files. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)."
{% data reusables.dependabot.initial-updates %} For more information, see "[Customizing dependency updates](/github/administering-a-repository/customizing-dependency-updates)."
@@ -72,7 +72,7 @@ On a fork, you also need to explicitly enable {% data variables.product.prodname
### Checking the status of version updates
-After you enable version updates, you'll see a new **Dependabot** tab in the dependency graph for the repository. This tab shows which package managers {% data variables.product.prodname_dependabot %} is configured to monitor and when {% data variables.product.prodname_dependabot_short %} last checked for new versions.
+After you enable version updates, you'll see a new **Dependabot** tab in the dependency graph for the repository. This tab shows which package managers {% data variables.product.prodname_dependabot %} is configured to monitor and when {% data variables.product.prodname_dependabot %} last checked for new versions.
diff --git a/content/github/administering-a-repository/index.md b/content/github/administering-a-repository/index.md
index 553b78e911..ecae8ec4f0 100644
--- a/content/github/administering-a-repository/index.md
+++ b/content/github/administering-a-repository/index.md
@@ -91,11 +91,11 @@ versions:
{% topic_link_in_list /keeping-your-dependencies-updated-automatically %}
- {% link_in_list /about-github-dependabot-version-updates %}
+ {% link_in_list /about-dependabot-version-updates %}
{% link_in_list /enabling-and-disabling-version-updates %}
{% link_in_list /listing-dependencies-configured-for-version-updates %}
{% link_in_list /managing-pull-requests-for-dependency-updates %}
{% link_in_list /customizing-dependency-updates %}
{% link_in_list /configuration-options-for-dependency-updates %}
- {% link_in_list /keeping-your-actions-up-to-date-with-github-dependabot %}
+ {% link_in_list /keeping-your-actions-up-to-date-with-dependabot %}
diff --git a/content/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot.md b/content/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot.md
similarity index 70%
rename from content/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot.md
rename to content/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot.md
index 408911429a..e489fec42f 100644
--- a/content/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot.md
+++ b/content/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot.md
@@ -1,6 +1,8 @@
---
-title: Keeping your actions up to date with GitHub Dependabot
+title: Keeping your actions up to date with Dependabot
intro: 'You can use {% data variables.product.prodname_dependabot %} to keep the actions you use updated to the latest versions.'
+redirect_from:
+ - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot
versions:
free-pro-team: '*'
---
@@ -9,7 +11,7 @@ versions:
### About {% data variables.product.prodname_dependabot_version_updates %} for actions
-Actions are often updated with bug fixes and new features to make automated processes more reliable, faster, and safer. When you enable {% data variables.product.prodname_dependabot_version_updates %} for {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dependabot %} will help ensure that references to actions in a repository's *workflow.yml* file are kept up to date. For each action in the file, {% data variables.product.prodname_dependabot_short %} checks the action's reference (typically a version number or commit identifier associated with the action) against the latest version. If a more recent version of the action is available, {% data variables.product.prodname_dependabot_short %} will send you a pull request that updates the reference in the workflow file to the latest version. For more information about {% data variables.product.prodname_dependabot_version_updates %}, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-github-dependabot-version-updates)." For more information about configuring workflows for {% data variables.product.prodname_actions %}, see "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)."
+Actions are often updated with bug fixes and new features to make automated processes more reliable, faster, and safer. When you enable {% data variables.product.prodname_dependabot_version_updates %} for {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dependabot %} will help ensure that references to actions in a repository's *workflow.yml* file are kept up to date. For each action in the file, {% data variables.product.prodname_dependabot %} checks the action's reference (typically a version number or commit identifier associated with the action) against the latest version. If a more recent version of the action is available, {% data variables.product.prodname_dependabot %} will send you a pull request that updates the reference in the workflow file to the latest version. For more information about {% data variables.product.prodname_dependabot_version_updates %}, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)." For more information about configuring workflows for {% data variables.product.prodname_actions %}, see "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)."
### Enabling {% data variables.product.prodname_dependabot_version_updates %} for actions
@@ -23,7 +25,7 @@ You can also enable {% data variables.product.prodname_dependabot_version_update
#### Example *dependabot.yml* file for {% data variables.product.prodname_actions %}
-The example *dependabot.yml* file below configures version updates for {% data variables.product.prodname_actions %}. The `directory` must be set to `"/"` to check for workflow files in `.github/workflows`. The `schedule.interval` is set to `"daily"`. After this file has been checked in or updated, {% data variables.product.prodname_dependabot %} checks for new versions of your actions. {% data variables.product.prodname_dependabot_short %} will raise pull requests for version updates for any outdated actions that it finds. After the initial version updates, {% data variables.product.prodname_dependabot_short %} will continue to check for outdated versions of actions once a day.
+The example *dependabot.yml* file below configures version updates for {% data variables.product.prodname_actions %}. The `directory` must be set to `"/"` to check for workflow files in `.github/workflows`. The `schedule.interval` is set to `"daily"`. After this file has been checked in or updated, {% data variables.product.prodname_dependabot %} checks for new versions of your actions. {% data variables.product.prodname_dependabot %} will raise pull requests for version updates for any outdated actions that it finds. After the initial version updates, {% data variables.product.prodname_dependabot %} will continue to check for outdated versions of actions once a day.
```yaml
# Set update schedule for GitHub Actions
diff --git a/content/github/administering-a-repository/listing-dependencies-configured-for-version-updates.md b/content/github/administering-a-repository/listing-dependencies-configured-for-version-updates.md
index 00fe9a059c..19a0c93aee 100644
--- a/content/github/administering-a-repository/listing-dependencies-configured-for-version-updates.md
+++ b/content/github/administering-a-repository/listing-dependencies-configured-for-version-updates.md
@@ -9,7 +9,7 @@ versions:
### Viewing dependencies monitored by {% data variables.product.prodname_dependabot %}
-After you've enabled version updates, you can confirm that your configuration is correct using the **{% data variables.product.prodname_dependabot_short %}** tab in the dependency graph for the repository. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
+After you've enabled version updates, you can confirm that your configuration is correct using the **{% data variables.product.prodname_dependabot %}** tab in the dependency graph for the repository. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.accessing-repository-graphs %}
@@ -22,7 +22,7 @@ If any dependencies are missing, check the log files for errors. If any package
### Viewing {% data variables.product.prodname_dependabot %} log files
-1. On the **{% data variables.product.prodname_dependabot_short %}** tab, click **Last checked *TIME* ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates.
+1. On the **{% data variables.product.prodname_dependabot %}** tab, click **Last checked *TIME* ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates.
2. Optionally, to rerun the version check, click **Check for updates**.
diff --git a/content/github/administering-a-repository/managing-pull-requests-for-dependency-updates.md b/content/github/administering-a-repository/managing-pull-requests-for-dependency-updates.md
index 6f93905e1f..ebe089535a 100644
--- a/content/github/administering-a-repository/managing-pull-requests-for-dependency-updates.md
+++ b/content/github/administering-a-repository/managing-pull-requests-for-dependency-updates.md
@@ -11,7 +11,7 @@ versions:
{% data reusables.dependabot.pull-request-introduction %}
-When {% data variables.product.prodname_dependabot %} raises a pull request, you're notified by your chosen method for the repository. Each pull request contains detailed information about the proposed change, taken from the package manager. These pull requests follow the normal checks and tests defined in your repository. In addition, where enough information is available, you'll see a compatibility score. This may also help you decide whether or not to merge the change. For information about this score, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)."
+When {% data variables.product.prodname_dependabot %} raises a pull request, you're notified by your chosen method for the repository. Each pull request contains detailed information about the proposed change, taken from the package manager. These pull requests follow the normal checks and tests defined in your repository. In addition, where enough information is available, you'll see a compatibility score. This may also help you decide whether or not to merge the change. For information about this score, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
If you have many dependencies to manage, you may want to customize the configuration for each package manager so that pull requests have specific reviewers, assignees, and labels. For more information, see "[Customizing dependency updates](/github/administering-a-repository/customizing-dependency-updates)."
diff --git a/content/github/authenticating-to-github/connecting-with-third-party-applications.md b/content/github/authenticating-to-github/connecting-with-third-party-applications.md
index 7e12bae6e3..e792daf5ec 100644
--- a/content/github/authenticating-to-github/connecting-with-third-party-applications.md
+++ b/content/github/authenticating-to-github/connecting-with-third-party-applications.md
@@ -55,10 +55,10 @@ There are several types of data that applications can request.
| Type of data | Description |
| --- | --- |
| Commit status | You can grant access for a third-party application to report your commit status. Commit status access allows applications to determine if a build is a successful against a specific commit. Applications won't have access to your code, but they can read and write status information against a specific commit. |
-| Deployments | Deployment status access allows applicationss to determine if a deployment is successful against a specific commit for public and private repositories. Applicationss won't have access to your code. |
+| Deployments | Deployment status access allows applications to determine if a deployment is successful against a specific commit for public and private repositories. Applications won't have access to your code. |
| Gists | [Gist](https://gist.github.com) access allows applications to read or write to both your public and secret Gists. |
| Hooks | [Webhooks](/webhooks) access allows applications to read or write hook configurations on repositories you manage. |
-| Notifications | Notification access allows applicationss to read your {% data variables.product.product_name %} notifications, such as comments on issues and pull requests. However, applications remain unable to access anything in your repositories. |
+| Notifications | Notification access allows applications to read your {% data variables.product.product_name %} notifications, such as comments on issues and pull requests. However, applications remain unable to access anything in your repositories. |
| Organizations and teams | Organization and teams access allows apps to access and manage organization and team membership. |
| Personal user data | User data includes information found in your user profile, like your name, e-mail address, and location. |
| Repositories | Repository information includes the names of contributors, the branches you've created, and the actual files within your repository. Applications can request access for either public or private repositories on a user-wide level. |
diff --git a/content/github/building-a-strong-community/blocking-a-user-from-your-personal-account.md b/content/github/building-a-strong-community/blocking-a-user-from-your-personal-account.md
index 6cdae54729..5b35b38b92 100644
--- a/content/github/building-a-strong-community/blocking-a-user-from-your-personal-account.md
+++ b/content/github/building-a-strong-community/blocking-a-user-from-your-personal-account.md
@@ -20,6 +20,7 @@ You can block a user in your account settings or from the user's profile. {% dat
When you block a user:
- The user stops following you
- The user stops watching and unpins your repositories
+- The user is not able to join any organizations you are an owner of
- The user's stars and issue assignments are removed from your repositories
- The user's forks of your repositories are deleted
- You delete any forks of the user's repositories
diff --git a/content/github/building-a-strong-community/index.md b/content/github/building-a-strong-community/index.md
index 9674f9f7e0..854d6d0950 100644
--- a/content/github/building-a-strong-community/index.md
+++ b/content/github/building-a-strong-community/index.md
@@ -37,6 +37,7 @@ versions:
{% link_in_list /managing-disruptive-comments %}
{% link_in_list /locking-conversations %}
{% link_in_list /limiting-interactions-in-your-repository %}
+ {% link_in_list /limiting-interactions-for-your-user-account %}
{% link_in_list /limiting-interactions-in-your-organization %}
{% link_in_list /tracking-changes-in-a-comment %}
{% link_in_list /managing-how-contributors-report-abuse-in-your-organizations-repository %}
diff --git a/content/github/building-a-strong-community/limiting-interactions-for-your-user-account.md b/content/github/building-a-strong-community/limiting-interactions-for-your-user-account.md
new file mode 100644
index 0000000000..6c01ed2e08
--- /dev/null
+++ b/content/github/building-a-strong-community/limiting-interactions-for-your-user-account.md
@@ -0,0 +1,27 @@
+---
+title: Limiting interactions for your user account
+intro: 'You can temporarily enforce a period of limited activity for certain users in all public repositories owned by your user account.'
+versions:
+ free-pro-team: '*'
+permissions: Anyone can limit interactions for their own user account.
+---
+
+### About temporary interaction limits
+
+Limiting interactions for your user account enables temporary interaction limits for all public repositories owned by your user account. {% data reusables.community.interaction-limits-restrictions %}
+
+{% data reusables.community.interaction-limits-duration %} After the duration of your limit passes, users can resume normal activity in your public repositories.
+
+{% data reusables.community.types-of-interaction-limits %}
+
+When you enable user-wide activity limitations, you can't enable or disable interaction limits on individual repositories. For more information on limiting activity for an individual repository, see "[Limiting interactions in your repository](/articles/limiting-interactions-in-your-repository)."
+
+You can also block users. For more information, see "[Blocking a user from your personal account](/github/building-a-strong-community/blocking-a-user-from-your-personal-account)."
+
+### Limiting interactions for your user account
+
+{% data reusables.user_settings.access_settings %}
+1. In your user settings sidebar, under "Moderation settings", click **Interaction limits**.
+ 
+{% data reusables.community.set-interaction-limit %}
+ 
\ No newline at end of file
diff --git a/content/github/building-a-strong-community/limiting-interactions-in-your-organization.md b/content/github/building-a-strong-community/limiting-interactions-in-your-organization.md
index f820de44a5..8c96c26302 100644
--- a/content/github/building-a-strong-community/limiting-interactions-in-your-organization.md
+++ b/content/github/building-a-strong-community/limiting-interactions-in-your-organization.md
@@ -1,31 +1,39 @@
---
title: Limiting interactions in your organization
-intro: 'Organization owners can temporarily restrict certain users from commenting, opening issues, or creating pull requests in the organization''s public repositories to enforce a period of limited activity.'
+intro: 'You can temporarily enforce a period of limited activity for certain users in all public repositories owned by your organization.'
redirect_from:
- /github/setting-up-and-managing-organizations-and-teams/limiting-interactions-in-your-organization
- /articles/limiting-interactions-in-your-organization
versions:
free-pro-team: '*'
+permissions: Organization owners can limit interactions in an organization.
---
-After 24 hours, users can resume normal activity in your organization's public repositories. When you enable organization-wide activity limitations, you can't enable or disable interaction limits on individual repositories. For more information on per-repository activity limitation, see "[Limiting interactions in your repository](/articles/limiting-interactions-in-your-repository)."
+### About temporary interaction limits
-{% tip %}
+Limiting interactions in your organization enables temporary interaction limits for all public repositories owned by the organization. {% data reusables.community.interaction-limits-restrictions %}
-**Tip:** Organization owners can also block users for a specific amount of time. After the block expires, the user is automatically unblocked. For more information, see "[Blocking a user from your organization](/articles/blocking-a-user-from-your-organization)."
+{% data reusables.community.interaction-limits-duration %} After the duration of your limit passes, users can resume normal activity in your organization's public repositories.
-{% endtip %}
+{% data reusables.community.types-of-interaction-limits %}
+
+Members of the organization are not affected by any of the limit types.
+
+When you enable organization-wide activity limitations, you can't enable or disable interaction limits on individual repositories. For more information on limiting activity for an individual repository, see "[Limiting interactions in your repository](/articles/limiting-interactions-in-your-repository)."
+
+Organization owners can also block users for a specific amount of time. After the block expires, the user is automatically unblocked. For more information, see "[Blocking a user from your organization](/articles/blocking-a-user-from-your-organization)."
+
+### Limiting interactions in your organization
{% data reusables.profile.access_profile %}
{% data reusables.profile.access_org %}
{% data reusables.organizations.org_settings %}
-4. In your organization's Settings sidebar, click **Interaction limits**.
-
-5. Under "Temporary interaction limits", click one or more options.
+1. In the organization settings sidebar, click **Moderation settings**.
+ 
+1. Under "Moderation settings", click **Interaction limits**.
+ 
+{% data reusables.community.set-interaction-limit %}
- - **Limit to existing users**: Limits activity for organization users with accounts that are less than 24 hours old who do not have prior contributions and are not collaborators.
- - **Limit to prior contributors**: Limits activity for organization users who have not previously contributed and are not collaborators.
- - **Limit to repository collaborators**: Limits activity for organization users who do not have write access or are not collaborators.
### Further reading
- "[Reporting abuse or spam](/articles/reporting-abuse-or-spam)"
diff --git a/content/github/building-a-strong-community/limiting-interactions-in-your-repository.md b/content/github/building-a-strong-community/limiting-interactions-in-your-repository.md
index de9ccb7c28..da85594b43 100644
--- a/content/github/building-a-strong-community/limiting-interactions-in-your-repository.md
+++ b/content/github/building-a-strong-community/limiting-interactions-in-your-repository.md
@@ -1,30 +1,34 @@
---
title: Limiting interactions in your repository
-intro: 'People with owner or admin access can temporarily restrict certain users from commenting, opening issues, or creating pull requests in your public repository to enforce a period of limited activity.'
+intro: 'You can temporarily enforce a period of limited activity for certain users on a public repository.'
redirect_from:
- /articles/limiting-interactions-with-your-repository/
- /articles/limiting-interactions-in-your-repository
versions:
free-pro-team: '*'
+permissions: People with admin permissions to a repository can temporarily limit interactions in that repository.
---
-After 24 hours, users can resume normal activity in your repository.
+### About temporary interaction limits
-{% tip %}
+{% data reusables.community.interaction-limits-restrictions %}
-**Tip:** Organization owners can enable organization-wide activity limitations. If organization-wide activity limitations are enabled, you can't limit activity for individual repositories. For more information, see "[Limiting interactions in your organization](/articles/limiting-interactions-in-your-organization)."
+{% data reusables.community.interaction-limits-duration %} After the duration of your limit passes, users can resume normal activity in your repository.
-{% endtip %}
+{% data reusables.community.types-of-interaction-limits %}
+
+You can also enable activity limitations on all repositories owned by your user account or an organization. If a user-wide or organization-wide limit is enabled, you can't limit activity for individual repositories owned by the account. For more information, see "[Limiting interactions for your user account](/github/building-a-strong-community/limiting-interactions-for-your-user-account)" and "[Limiting interactions in your organization](/github/building-a-strong-community/limiting-interactions-in-your-organization)."
+
+### Limiting interactions in your repository
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-settings %}
-3. In your repository's Settings sidebar, click **Interaction limits**.
-
-4. Under "Temporary interaction limits", click one or more options:
+1. In the left sidebar, click **Moderation settings**.
+ 
+1. Under "Moderation settings", click **Interaction limits**.
+ 
+{% data reusables.community.set-interaction-limit %}
- - **Limit to existing users**: Limits activity for users with accounts that are less than 24 hours old who do not have prior contributions and are not collaborators.
- - **Limit to prior contributors**: Limits activity for users who have not previously contributed and are not collaborators.
- - **Limit to repository collaborators**: Limits activity for users who do not have write access or are not collaborators.
### Further reading
- "[Reporting abuse or spam](/articles/reporting-abuse-or-spam)"
diff --git a/content/github/collaborating-with-issues-and-pull-requests/about-pull-request-reviews.md b/content/github/collaborating-with-issues-and-pull-requests/about-pull-request-reviews.md
index f5ea217203..fd7f06c5b6 100644
--- a/content/github/collaborating-with-issues-and-pull-requests/about-pull-request-reviews.md
+++ b/content/github/collaborating-with-issues-and-pull-requests/about-pull-request-reviews.md
@@ -38,6 +38,10 @@ You can view all of the reviews a pull request has received in the Conversation
{% data reusables.pull_requests.resolving-conversations %}
+### Re-requesting a review
+
+{% data reusables.pull_requests.re-request-review %}
+
### Required reviews
{% data reusables.pull_requests.required-reviews-for-prs-summary %}
diff --git a/content/github/collaborating-with-issues-and-pull-requests/incorporating-feedback-in-your-pull-request.md b/content/github/collaborating-with-issues-and-pull-requests/incorporating-feedback-in-your-pull-request.md
index 9d5652672b..68bcb96e4a 100644
--- a/content/github/collaborating-with-issues-and-pull-requests/incorporating-feedback-in-your-pull-request.md
+++ b/content/github/collaborating-with-issues-and-pull-requests/incorporating-feedback-in-your-pull-request.md
@@ -29,6 +29,10 @@ Each person who suggested a change included in the commit will be a co-author of
5. Click **Commit changes.**
+### Re-requesting a review
+
+{% data reusables.pull_requests.re-request-review %}
+
### Opening an issue for an out-of-scope suggestion
If someone suggests changes to your pull request and the changes are out of the pull request's scope, you can open a new issue to track the feedback. For more information, see "[Opening an issue from a comment](/github/managing-your-work-on-github/opening-an-issue-from-a-comment)."
diff --git a/content/github/developing-online-with-codespaces/configuring-codespaces-for-your-project.md b/content/github/developing-online-with-codespaces/configuring-codespaces-for-your-project.md
index 9b692c800f..bae90e2db4 100644
--- a/content/github/developing-online-with-codespaces/configuring-codespaces-for-your-project.md
+++ b/content/github/developing-online-with-codespaces/configuring-codespaces-for-your-project.md
@@ -61,7 +61,6 @@ You can use configuration keys supported by {% data variables.product.prodname_c
- `settings`
- `extensions`
- `forwardPorts`
-- `devPort`
- `postCreateCommand`
#### Docker, Dockerfile, or image settings
@@ -73,13 +72,9 @@ You can use configuration keys supported by {% data variables.product.prodname_c
- `remoteEnv`
- `containerUser`
- `remoteUser`
-- `updateRemoteUserUID`
- `mounts`
-- `workspaceMount`
-- `workspaceFolder`
- `runArgs`
- `overrideCommand`
-- `shutdownAction`
- `dockerComposeFile`
For more information about the available settings for `devcontainer.json`, see [devcontainer.json reference](https://aka.ms/vscode-remote/devcontainer.json) in the {% data variables.product.prodname_vscode %} documentation.
diff --git a/content/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account.md b/content/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account.md
index 155e958d02..e157b686f5 100644
--- a/content/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account.md
+++ b/content/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account.md
@@ -32,7 +32,7 @@ If none of these files are found, then any files or folders in `dotfiles` starti
Any changes to your `dotfiles` repository will apply only to each new codespace, and do not affect any existing codespace.
-For more information, see [Personalizing](https://docs.microsoft.com/en-us/visualstudio/online/reference/personalizing) in the {% data variables.product.prodname_vscode %} documentation.
+For more information, see [Personalizing](https://docs.microsoft.com/visualstudio/online/reference/personalizing) in the {% data variables.product.prodname_vscode %} documentation.
{% note %}
diff --git a/content/github/getting-started-with-github/finding-ways-to-contribute-to-open-source-on-github.md b/content/github/getting-started-with-github/finding-ways-to-contribute-to-open-source-on-github.md
index a609dda17d..d1b5e3c6c9 100644
--- a/content/github/getting-started-with-github/finding-ways-to-contribute-to-open-source-on-github.md
+++ b/content/github/getting-started-with-github/finding-ways-to-contribute-to-open-source-on-github.md
@@ -32,14 +32,14 @@ Some open-source projects provide mirrors on {% data variables.product.prodname_
Here are a few prominent repositories that are mirrored on {% data variables.product.prodname_dotcom_the_website %}:
-- [android](https://github.com/android)
+- [Android Open Source Project](https://github.com/aosp-mirror)
- [The Apache Software Foundation](https://github.com/apache)
- [The Chromium Project](https://github.com/chromium)
-- [The Eclipse Foundation](https://github.com/eclipse)
+- [Eclipse Foundation](https://github.com/eclipse)
- [The FreeBSD Project](https://github.com/freebsd)
-- [The Glasgow Haskell Compiler](https://github.com/ghc)
+- [Glasgow Haskell Compiler](https://github.com/ghc)
- [GNOME](https://github.com/GNOME)
-- [The Linux kernel source tree](https://github.com/torvalds/linux)
+- [Linux kernel source tree](https://github.com/torvalds/linux)
- [Qt](https://github.com/qt)
To set up your own mirror, you can configure [a post-receive hook](https://git-scm.com/book/en/Customizing-Git-Git-Hooks) on your official project repository to automatically push commits to a mirror repository on {% data variables.product.product_name %}.
diff --git a/content/github/getting-started-with-github/setting-up-a-trial-of-github-enterprise-server.md b/content/github/getting-started-with-github/setting-up-a-trial-of-github-enterprise-server.md
index 4a2ad75b8e..52e4315c74 100644
--- a/content/github/getting-started-with-github/setting-up-a-trial-of-github-enterprise-server.md
+++ b/content/github/getting-started-with-github/setting-up-a-trial-of-github-enterprise-server.md
@@ -13,7 +13,7 @@ versions:
You can request a 45-day trial to evaluate {% data variables.product.prodname_ghe_server %}. Your trial will be installed as a virtual appliance, with options for on-premises or cloud deployment. For a list of supported visualization platforms, see "[Setting up a GitHub Enterprise Server instance](/enterprise/admin/installation/setting-up-a-github-enterprise-server-instance)."
-{% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}Security{% endif %} alerts and {% data variables.product.prodname_github_connect %} are not currently available in trials of {% data variables.product.prodname_ghe_server %}. For a demonstration of these features, contact {% data variables.contact.contact_enterprise_sales %}. For more information about these features, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Connecting {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/installation/connecting-github-enterprise-server-to-github-enterprise-cloud)."
+{% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}Security{% endif %} alerts and {% data variables.product.prodname_github_connect %} are not currently available in trials of {% data variables.product.prodname_ghe_server %}. For a demonstration of these features, contact {% data variables.contact.contact_enterprise_sales %}. For more information about these features, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Connecting {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/installation/connecting-github-enterprise-server-to-github-enterprise-cloud)."
Trials are also available for {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Setting up a trial of {% data variables.product.prodname_ghe_cloud %}](/articles/setting-up-a-trial-of-github-enterprise-cloud)."
diff --git a/content/github/managing-large-files/removing-files-from-a-repositorys-history.md b/content/github/managing-large-files/removing-files-from-a-repositorys-history.md
index 16cf70a104..e0b980ab1f 100644
--- a/content/github/managing-large-files/removing-files-from-a-repositorys-history.md
+++ b/content/github/managing-large-files/removing-files-from-a-repositorys-history.md
@@ -16,10 +16,6 @@ versions:
{% endwarning %}
-### Removing a file that was added in an earlier commit
-
-If you added a file in an earlier commit, you need to remove it from the repository's history. To remove files from the repository's history, you can use the BFG Repo-Cleaner or the `git filter-branch` command. For more information see "[Removing sensitive data from a repository](/github/authenticating-to-github/removing-sensitive-data-from-a-repository)."
-
### Removing a file added in the most recent unpushed commit
If the file was added with your most recent commit, and you have not pushed to {% data variables.product.product_location %}, you can delete the file and amend the commit:
@@ -43,3 +39,7 @@ If the file was added with your most recent commit, and you have not pushed to {
$ git push
# Push our rewritten, smaller commit
```
+
+### Removing a file that was added in an earlier commit
+
+If you added a file in an earlier commit, you need to remove it from the repository's history. To remove files from the repository's history, you can use the BFG Repo-Cleaner or the `git filter-branch` command. For more information see "[Removing sensitive data from a repository](/github/authenticating-to-github/removing-sensitive-data-from-a-repository)."
diff --git a/content/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md b/content/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md
index 2056d1ac51..c0f46c3657 100644
--- a/content/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md
+++ b/content/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md
@@ -17,7 +17,7 @@ When your code depends on a package that has a security vulnerability, this vuln
### Detection of vulnerable dependencies
- {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %} detects vulnerable dependencies and sends {% data variables.product.prodname_dependabot_short %} alerts{% else %}{% data variables.product.product_name %} detects vulnerable dependencies and sends security alerts{% endif %} when:
+ {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %} detects vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %}{% else %}{% data variables.product.product_name %} detects vulnerable dependencies and sends security alerts{% endif %} when:
{% if currentVersion == "free-pro-team@latest" %}
- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)."
@@ -49,11 +49,11 @@ You can also enable or disable {% data variables.product.prodname_dependabot_ale
{% endif %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
-When {% data variables.product.product_name %} identifies a vulnerable dependency, we generate a {% data variables.product.prodname_dependabot_short %} alert and display it on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of affected repositories about the new alert according to their notification preferences. For more information, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies)."
+When {% data variables.product.product_name %} identifies a vulnerable dependency, we generate a {% data variables.product.prodname_dependabot %} alert and display it on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of affected repositories about the new alert according to their notification preferences. For more information, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies)."
{% endif %}
{% if currentVersion == "free-pro-team@latest" %}
-For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, the alert may also contain a link to a pull request to update the manifest or lock file to the minimum version that resolves the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)."
+For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, the alert may also contain a link to a pull request to update the manifest or lock file to the minimum version that resolves the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
{% endif %}
{% if enterpriseServerVersions contains currentVersion and currentVersion ver_lt "enterprise-server@2.22" %}
@@ -66,12 +66,12 @@ When {% data variables.product.product_name %} identifies a vulnerable dependenc
{% endwarning %}
-### Access to {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts
+### Access to {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts
You can see all of the alerts that affect a particular project{% if currentVersion == "free-pro-team@latest" %} on the repository's Security tab or{% endif %} in the repository's dependency graph.{% if currentVersion == "free-pro-team@latest" %} For more information, see "[Viewing and updating vulnerable dependencies in your repository](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)."{% endif %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
-By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_short %} alerts.{% endif %} {% if currentVersion == "free-pro-team@latest" %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_short %} alerts visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-github-dependabot-alerts)."
+By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_alerts %}.{% endif %} {% if currentVersion == "free-pro-team@latest" %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_alerts %} visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-dependabot-alerts)."
{% endif %}
{% if enterpriseServerVersions contains currentVersion and currentVersion ver_lt "enterprise-server@2.22" %}
@@ -83,6 +83,6 @@ We send security alerts to people with admin permissions in the affected reposit
{% if currentVersion == "free-pro-team@latest" %}
### Further reading
-- "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)"
+- "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)"
- "[Viewing and updating vulnerable dependencies in your repository](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"
- "[Understanding how {% data variables.product.product_name %} uses and protects your data](/categories/understanding-how-github-uses-and-protects-your-data)"{% endif %}
diff --git a/content/github/managing-security-vulnerabilities/about-dependabot-security-updates.md b/content/github/managing-security-vulnerabilities/about-dependabot-security-updates.md
new file mode 100644
index 0000000000..1d01216b97
--- /dev/null
+++ b/content/github/managing-security-vulnerabilities/about-dependabot-security-updates.md
@@ -0,0 +1,35 @@
+---
+title: About Dependabot security updates
+intro: '{% data variables.product.prodname_dependabot %} can fix vulnerable dependencies for you by raising pull requests with security updates.'
+shortTitle: About Dependabot security updates
+redirect_from:
+ - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates
+versions:
+ free-pro-team: '*'
+---
+
+### About {% data variables.product.prodname_dependabot_security_updates %}
+
+{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)."
+
+{% data variables.product.prodname_dependabot %} checks whether it's possible to upgrade the vulnerable dependency to a fixed version without disrupting the dependency graph for the repository. Then {% data variables.product.prodname_dependabot %} raises a pull request to update the dependency to the minimum version that includes the patch and links the pull request to the {% data variables.product.prodname_dependabot %} alert, or reports an error on the alert. For more information, see "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)."
+
+{% note %}
+
+**Note**
+
+The {% data variables.product.prodname_dependabot_security_updates %} feature is available for repositories where you have enabled the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. You will see a {% data variables.product.prodname_dependabot %} alert for every vulnerable dependency identified in your full dependency graph. However, security updates are triggered only for dependencies that are specified in a manifest or lock file. {% data variables.product.prodname_dependabot %} is unable to update an indirect or transitive dependency that is not explicitly defined. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#dependencies-included)."
+
+{% endnote %}
+
+### About pull requests for security updates
+
+Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_alerts %} for the repository.
+
+When you merge a pull request that contains a security update, the corresponding {% data variables.product.prodname_dependabot %} alert is marked as resolved for your repository. For more information about {% data variables.product.prodname_dependabot %} pull requests, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates)."
+
+{% data reusables.dependabot.automated-tests-note %}
+
+### About compatibility scores
+
+{% data variables.product.prodname_dependabot_security_updates %} may include compatibility scores to let you know whether updating a vulnerability could cause breaking changes to your project. These are calculated from CI tests in other public repositories where the same security update has been generated. An update's compatibility score is the percentage of CI runs that passed when updating between specific versions of the dependency.
diff --git a/content/github/managing-security-vulnerabilities/about-github-dependabot-security-updates.md b/content/github/managing-security-vulnerabilities/about-github-dependabot-security-updates.md
deleted file mode 100644
index 4b7addb049..0000000000
--- a/content/github/managing-security-vulnerabilities/about-github-dependabot-security-updates.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: About GitHub Dependabot security updates
-intro: '{% data variables.product.prodname_dependabot %} can fix vulnerable dependencies for you by raising pull requests with security updates.'
-shortTitle: About Dependabot security updates
-versions:
- free-pro-team: '*'
----
-
-### About {% data variables.product.prodname_dependabot_security_updates %}
-
-{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot_short %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot_short %} automatically tries to fix it. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)."
-
-{% data variables.product.prodname_dependabot %} checks whether it's possible to upgrade the vulnerable dependency to a fixed version without disrupting the dependency graph for the repository. Then {% data variables.product.prodname_dependabot_short %} raises a pull request to update the dependency to the minimum version that includes the patch and links the pull request to the {% data variables.product.prodname_dependabot %} alert, or reports an error on the alert. For more information, see "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors)."
-
-{% note %}
-
-**Note**
-
-The {% data variables.product.prodname_dependabot_security_updates %} feature is available for repositories where you have enabled the dependency graph and {% data variables.product.prodname_dependabot_short %} alerts. You will see a {% data variables.product.prodname_dependabot_short %} alert for every vulnerable dependency identified in your full dependency graph. However, security updates are triggered only for dependencies that are specified in a manifest or lock file. {% data variables.product.prodname_dependabot_short %} is unable to update an indirect or transitive dependency that is not explicitly defined. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#dependencies-included)."
-
-{% endnote %}
-
-### About pull requests for security updates
-
-Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_short %} alerts for the repository.
-
-When you merge a pull request that contains a security update, the corresponding {% data variables.product.prodname_dependabot_short %} alert is marked as resolved for your repository. For more information about {% data variables.product.prodname_dependabot_short %} pull requests, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates)."
-
-{% data reusables.dependabot.automated-tests-note %}
-
-### About compatibility scores
-
-{% data variables.product.prodname_dependabot_security_updates %} may include compatibility scores to let you know whether updating a vulnerability could cause breaking changes to your project. These are calculated from CI tests in other public repositories where the same security update has been generated. An update's compatibility score is the percentage of CI runs that passed when updating between specific versions of the dependency.
diff --git a/content/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates.md b/content/github/managing-security-vulnerabilities/configuring-dependabot-security-updates.md
similarity index 87%
rename from content/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates.md
rename to content/github/managing-security-vulnerabilities/configuring-dependabot-security-updates.md
index 2acde31d0a..a834954969 100644
--- a/content/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates.md
+++ b/content/github/managing-security-vulnerabilities/configuring-dependabot-security-updates.md
@@ -1,20 +1,21 @@
---
-title: Configuring GitHub Dependabot security updates
+title: Configuring Dependabot security updates
intro: 'You can use {% data variables.product.prodname_dependabot_security_updates %} or manual pull requests to easily update vulnerable dependencies.'
+shortTitle: Configuring Dependabot security updates
redirect_from:
- /articles/configuring-automated-security-fixes
- /github/managing-security-vulnerabilities/configuring-automated-security-fixes
- /github/managing-security-vulnerabilities/configuring-automated-security-updates
-shortTitle: Configuring Dependabot security updates
+ - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates
versions:
free-pro-team: '*'
---
### About configuring {% data variables.product.prodname_dependabot_security_updates %}
-You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_short %} alerts and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)."
+You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
-You can disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository or for all repositories owned by your user account or organization. For more information, see "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-github-dependabot-security-updates-for-your-repositories)" below.
+You can disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository or for all repositories owned by your user account or organization. For more information, see "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-dependabot-security-updates-for-your-repositories)" below.
{% data reusables.dependabot.dependabot-tos %}
@@ -24,7 +25,7 @@ You can disable {% data variables.product.prodname_dependabot_security_updates %
{% note %}
-**Note**: You can manually enable {% data variables.product.prodname_dependabot_security_updates %}, even if the repository doesn't meet some of the prerequisites below. For example, you can enable {% data variables.product.prodname_dependabot_security_updates %} on a fork, or for a package manager that isn't directly supported by following the instructions in "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-github-dependabot-security-updates-for-your-repositories)."
+**Note**: You can manually enable {% data variables.product.prodname_dependabot_security_updates %}, even if the repository doesn't meet some of the prerequisites below. For example, you can enable {% data variables.product.prodname_dependabot_security_updates %} on a fork, or for a package manager that isn't directly supported by following the instructions in "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-dependabot-security-updates-for-your-repositories)."
{% endnote %}
@@ -34,7 +35,7 @@ You can disable {% data variables.product.prodname_dependabot_security_updates %
| Repository is not archived | "[Archiving repositories](/github/creating-cloning-and-archiving-repositories/archiving-repositories)" |
| Repository is public, or repository is private and you have enabled read-only analysis by {% data variables.product.prodname_dotcom %}, dependency graph, and vulnerability alerts in the repository's settings | "[Managing data use settings for your private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository)." |
| Repository contains dependency manifest file from a package ecosystem that {% data variables.product.prodname_dotcom %} supports | "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" |
-| {% data variables.product.prodname_dependabot_security_updates %} are not disabled for the repository | "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repository](#managing-github-dependabot-security-updates-for-your-repositories)" |
+| {% data variables.product.prodname_dependabot_security_updates %} are not disabled for the repository | "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repository](#managing-dependabot-security-updates-for-your-repositories)" |
| Repository is not already using an integration for dependency management | "[About integrations](/github/customizing-your-github-workflow/about-integrations)" |
If security updates are not enabled for your repository and you don't know why, first try enabling them using the instructions given in the procedural sections below. If security updates are still not working, you can [contact support](https://support.github.com/contact).
@@ -50,7 +51,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-security %}
{% data reusables.repositories.sidebar-dependabot-alerts %}
-1. Above the list of alerts, use the drop-down menu and select or unselect **{% data variables.product.prodname_dependabot_short %} security updates**.
+1. Above the list of alerts, use the drop-down menu and select or unselect **{% data variables.product.prodname_dependabot %} security updates**.
### Further reading
diff --git a/content/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies.md b/content/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies.md
index 9eb238ba9b..2b32234811 100644
--- a/content/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies.md
+++ b/content/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies.md
@@ -1,7 +1,7 @@
---
title: Configuring notifications for vulnerable dependencies
shortTitle: Configuring notifications
-intro: 'Optimize how you receive notifications about {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts.'
+intro: 'Optimize how you receive notifications about {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts.'
versions:
free-pro-team: '*'
enterprise-server: '>=2.21'
@@ -9,10 +9,10 @@ versions:
### About notifications for vulnerable dependencies
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}When {% data variables.product.prodname_dependabot %} detects vulnerable dependencies in your repositories, we generate a {% data variables.product.prodname_dependabot_short %} alert and display it on the Security tab for the repository. {% data variables.product.product_name %} notifies the maintainers of affected repositories about the new alert according to their notification preferences.{% else %}When {% data variables.product.product_name %} detects vulnerable dependencies in your repositories, it sends security alerts.{% endif %}{% if currentVersion == "free-pro-team@latest" %} {% data variables.product.prodname_dependabot_short %} is enabled by default on all public repositories. For {% data variables.product.prodname_dependabot_alerts %}, by default, you will receive {% data variables.product.prodname_dependabot_alerts %} by email, grouped by the specific vulnerability.
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}When {% data variables.product.prodname_dependabot %} detects vulnerable dependencies in your repositories, we generate a {% data variables.product.prodname_dependabot %} alert and display it on the Security tab for the repository. {% data variables.product.product_name %} notifies the maintainers of affected repositories about the new alert according to their notification preferences.{% else %}When {% data variables.product.product_name %} detects vulnerable dependencies in your repositories, it sends security alerts.{% endif %}{% if currentVersion == "free-pro-team@latest" %} {% data variables.product.prodname_dependabot %} is enabled by default on all public repositories. For {% data variables.product.prodname_dependabot_alerts %}, by default, you will receive {% data variables.product.prodname_dependabot_alerts %} by email, grouped by the specific vulnerability.
{% endif %}
-{% if currentVersion == "free-pro-team@latest" %}If you're an organization owner, you can enable or disable {% data variables.product.prodname_dependabot_short %} alerts for all repositories in your organization with one click. You can also set whether the detection of vulnerable dependencies will be enabled or disabled for newly-created repositories. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-features-for-new-repositories)."
+{% if currentVersion == "free-pro-team@latest" %}If you're an organization owner, you can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories in your organization with one click. You can also set whether the detection of vulnerable dependencies will be enabled or disabled for newly-created repositories. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-features-for-new-repositories)."
{% endif %}
{% if enterpriseServerVersions contains currentVersion and currentVersion == "enterprise-server@2.21" %}
@@ -21,7 +21,7 @@ Your site administrator needs to enable security alerts for vulnerable dependenc
{% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.20" %}
By default, if your site administrator has configured email for notifications on your enterprise, you will receive {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} by email.{% endif %}
-{% if currentVersion ver_gt "enterprise-server@2.21" %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling {% data variables.product.prodname_dependabot_short %} alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
+{% if currentVersion ver_gt "enterprise-server@2.21" %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
{% if currentVersion ver_lt "enterprise-server@2.22" %}Site administrators can also enable security alerts without notifications. For more information, see "[Enabling security alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
@@ -33,14 +33,14 @@ You can configure notification settings for yourself or your organization from t
{% data reusables.notifications.vulnerable-dependency-notification-options %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
- 
+ 
{% else %}
{% endif %}
{% note %}
-**Note:** You can filter your {% data variables.product.company_short %} inbox notifications to show {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %} security{% endif %} alerts. For more information, see "[Managing notifications from your inbox](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#supported-queries-for-custom-filters)."
+**Note:** You can filter your {% data variables.product.company_short %} inbox notifications to show {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %} security{% endif %} alerts. For more information, see "[Managing notifications from your inbox](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#supported-queries-for-custom-filters)."
{% endnote %}
diff --git a/content/github/managing-security-vulnerabilities/index.md b/content/github/managing-security-vulnerabilities/index.md
index 61c09009e1..819e4c4e24 100644
--- a/content/github/managing-security-vulnerabilities/index.md
+++ b/content/github/managing-security-vulnerabilities/index.md
@@ -30,9 +30,9 @@ versions:
{% link_in_list /about-alerts-for-vulnerable-dependencies %}
{% link_in_list /configuring-notifications-for-vulnerable-dependencies %}
- {% link_in_list /about-github-dependabot-security-updates %}
- {% link_in_list /configuring-github-dependabot-security-updates %}
+ {% link_in_list /about-dependabot-security-updates %}
+ {% link_in_list /configuring-dependabot-security-updates %}
{% link_in_list /viewing-and-updating-vulnerable-dependencies-in-your-repository %}
{% link_in_list /troubleshooting-the-detection-of-vulnerable-dependencies %}
- {% link_in_list /troubleshooting-github-dependabot-errors %}
+ {% link_in_list /troubleshooting-dependabot-errors %}
diff --git a/content/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors.md b/content/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors.md
new file mode 100644
index 0000000000..c33aa46aba
--- /dev/null
+++ b/content/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors.md
@@ -0,0 +1,84 @@
+---
+title: Troubleshooting Dependabot errors
+intro: 'Sometimes {% data variables.product.prodname_dependabot %} is unable to raise a pull request to update your dependencies. You can review the error and unblock {% data variables.product.prodname_dependabot %}.'
+shortTitle: Troubleshooting errors
+redirect_from:
+ - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors
+versions:
+ free-pro-team: '*'
+---
+
+{% data reusables.dependabot.beta-note %}
+
+### About {% data variables.product.prodname_dependabot %} errors
+
+{% data reusables.dependabot.pull-request-introduction %}
+
+If anything prevents {% data variables.product.prodname_dependabot %} from raising a pull request, this is reported as an error.
+
+### Investigating errors with {% data variables.product.prodname_dependabot_security_updates %}
+
+When {% data variables.product.prodname_dependabot %} is blocked from creating a pull request to fix a {% data variables.product.prodname_dependabot %} alert, it posts the error message on the alert. The {% data variables.product.prodname_dependabot_alerts %} view shows a list of any alerts that have not been resolved yet. To access the alerts view, click **{% data variables.product.prodname_dependabot_alerts %}** on the **Security** tab for the repository. Where a pull request that will fix the vulnerable dependency has been generated, the alert includes a link to that pull request.
+
+
+
+There are three reasons why an alert may have no pull request link:
+
+1. {% data variables.product.prodname_dependabot_security_updates %} are not enabled for the repository.
+1. The alert is for an indirect or transitive dependency that is not explicitly defined in a lock file.
+1. An error blocked {% data variables.product.prodname_dependabot %} from creating a pull request.
+
+If an error blocked {% data variables.product.prodname_dependabot %} from creating a pull request, you can display details of the error by clicking the alert.
+
+
+
+### Investigating errors with {% data variables.product.prodname_dependabot_version_updates %}
+
+When {% data variables.product.prodname_dependabot %} is blocked from creating a pull request to update a dependency in an ecosystem, it posts the error icon on the manifest file. The manifest files that are managed by {% data variables.product.prodname_dependabot %} are listed on the {% data variables.product.prodname_dependabot %} tab. To access this tab, on the **Insights** tab for the repository click **Dependency graph**, and then click the **{% data variables.product.prodname_dependabot %}** tab.
+
+
+
+To see the log file for any manifest file, click the **Last checked TIME ago** link. When you display the log file for a manifest that's shown with an error symbol (for example, Maven in the screenshot above), any errors are also displayed.
+
+
+
+### Understanding {% data variables.product.prodname_dependabot %} errors
+
+Pull requests for security updates act to upgrade a vulnerable dependency to the minimum version that includes a fix for the vulnerability. In contrast, pull requests for version updates act to upgrade a dependency to the latest version allowed by the package manifest and {% data variables.product.prodname_dependabot %} configuration files. Consequently, some errors are specific to one type of update.
+
+#### {% data variables.product.prodname_dependabot %} cannot update DEPENDENCY to a non-vulnerable version
+
+**Security updates only.** {% data variables.product.prodname_dependabot %} cannot create a pull request to update the vulnerable dependency to a secure version without breaking other dependencies in the dependency graph for this repository.
+
+Every application that has dependencies has a dependency graph, that is, a directed acyclic graph of every package version that the application directly or indirectly depends on. Every time a dependency is updated, this graph must resolve otherwise the application won't build. When an ecosystem has a deep and complex dependency graph, for example, npm and RubyGems, it is often impossible to upgrade a single dependency without upgrading the whole ecosystem.
+
+The best way to avoid this problem is to stay up to date with the most recently released versions, for example, by enabling version updates. This increases the likelihood that a vulnerability in one dependency can be resolved by a simple upgrade that doesn't break the dependency graph. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
+
+#### {% data variables.product.prodname_dependabot %} cannot update to the required version as there is already an open pull request for the latest version
+
+**Security updates only.** {% data variables.product.prodname_dependabot %} will not create a pull request to update the vulnerable dependency to a secure version because there is already an open pull request to update this dependency. You will see this error when a vulnerability is detected in a single dependency and there's already an open pull request to update the dependency to the latest version.
+
+There are two options: you can review the open pull request and merge it as soon as you are confident that the change is safe, or close that pull request and trigger a new security update pull request. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)."
+
+#### {% data variables.product.prodname_dependabot %} timed out during its update
+
+{% data variables.product.prodname_dependabot %} took longer than the maximum time allowed to assess the update required and prepare a pull request. This error is usually seen only for large repositories with many manifest files, for example, npm or yarn monorepo projects with hundreds of *package.json* files. Updates to the Composer ecosystem also take longer to assess and may time out.
+
+This error is difficult to address. If a version update times out, you could specify the most important dependencies to update using the `allow` parameter or, alternatively, use the `ignore` parameter to exclude some dependencies from updates. Updating your configuration might allow {% data variables.product.prodname_dependabot %} to review the version update and generate the pull request in the time available.
+
+If a security update times out, you can reduce the chances of this happening by keeping the dependencies updated, for example, by enabling version updates. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
+
+#### {% data variables.product.prodname_dependabot %} cannot open any more pull requests
+
+There's a limit on the number of open pull requests {% data variables.product.prodname_dependabot %} will generate. When this limit is reached, no new pull requests are opened and this error is reported. The best way to resolve this error is to review and merge some of the open pull requests.
+
+There are separate limits for security and version update pull requests, so that open version update pull requests cannot block the creation of a security update pull request. The limit for security update pull requests is 10. By default, the limit for version updates is 5 but you can change this using the `open-pull-requests-limit` parameter in the configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)."
+
+The best way to resolve this error is to merge or close some of the existing pull requests and trigger a new pull request manually. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)."
+
+### Triggering a {% data variables.product.prodname_dependabot %} pull request manually
+
+If you unblock {% data variables.product.prodname_dependabot %}, you can manually trigger a fresh attempt to create a pull request.
+
+- **Security updates**—display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**.
+- **Version updates**—display the log file for the manifest that shows the error that you have fixed and click **Check for updates**.
diff --git a/content/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors.md b/content/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors.md
deleted file mode 100644
index a376ff1995..0000000000
--- a/content/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-title: Troubleshooting GitHub Dependabot errors
-intro: 'Sometimes {% data variables.product.prodname_dependabot %} is unable to raise a pull request to update your dependencies. You can review the error and unblock {% data variables.product.prodname_dependabot_short %}.'
-shortTitle: Troubleshooting errors
-versions:
- free-pro-team: '*'
----
-
-{% data reusables.dependabot.beta-note %}
-
-### About {% data variables.product.prodname_dependabot %} errors
-
-{% data reusables.dependabot.pull-request-introduction %}
-
-If anything prevents {% data variables.product.prodname_dependabot_short %} from raising a pull request, this is reported as an error.
-
-### Investigating errors with {% data variables.product.prodname_dependabot_security_updates %}
-
-When {% data variables.product.prodname_dependabot_short %} is blocked from creating a pull request to fix a {% data variables.product.prodname_dependabot_short %} alert, it posts the error message on the alert. The {% data variables.product.prodname_dependabot_short %} alerts view shows a list of any alerts that have not been resolved yet. To access the alerts view, click **{% data variables.product.prodname_dependabot_short %} alerts** on the **Security** tab for the repository. Where a pull request that will fix the vulnerable dependency has been generated, the alert includes a link to that pull request.
-
-
-
-There are three reasons why an alert may have no pull request link:
-
-1. {% data variables.product.prodname_dependabot_security_updates %} are not enabled for the repository.
-1. The alert is for an indirect or transitive dependency that is not explicitly defined in a lock file.
-1. An error blocked {% data variables.product.prodname_dependabot_short %} from creating a pull request.
-
-If an error blocked {% data variables.product.prodname_dependabot_short %} from creating a pull request, you can display details of the error by clicking the alert.
-
-
-
-### Investigating errors with {% data variables.product.prodname_dependabot_version_updates %}
-
-When {% data variables.product.prodname_dependabot_short %} is blocked from creating a pull request to update a dependency in an ecosystem, it posts the error icon on the manifest file. The manifest files that are managed by {% data variables.product.prodname_dependabot_short %} are listed on the {% data variables.product.prodname_dependabot_short %} tab. To access this tab, on the **Insights** tab for the repository click **Dependency graph**, and then click the **{% data variables.product.prodname_dependabot_short %}** tab.
-
-
-
-To see the log file for any manifest file, click the **Last checked TIME ago** link. When you display the log file for a manifest that's shown with an error symbol (for example, Maven in the screenshot above), any errors are also displayed.
-
-
-
-### Understanding {% data variables.product.prodname_dependabot_short %} errors
-
-Pull requests for security updates act to upgrade a vulnerable dependency to the minimum version that includes a fix for the vulnerability. In contrast, pull requests for version updates act to upgrade a dependency to the latest version allowed by the package manifest and {% data variables.product.prodname_dependabot_short %} configuration files. Consequently, some errors are specific to one type of update.
-
-#### {% data variables.product.prodname_dependabot_short %} cannot update DEPENDENCY to a non-vulnerable version
-
-**Security updates only.** {% data variables.product.prodname_dependabot_short %} cannot create a pull request to update the vulnerable dependency to a secure version without breaking other dependencies in the dependency graph for this repository.
-
-Every application that has dependencies has a dependency graph, that is, a directed acyclic graph of every package version that the application directly or indirectly depends on. Every time a dependency is updated, this graph must resolve otherwise the application won't build. When an ecosystem has a deep and complex dependency graph, for example, npm and RubyGems, it is often impossible to upgrade a single dependency without upgrading the whole ecosystem.
-
-The best way to avoid this problem is to stay up to date with the most recently released versions, for example, by enabling version updates. This increases the likelihood that a vulnerability in one dependency can be resolved by a simple upgrade that doesn't break the dependency graph. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
-
-#### {% data variables.product.prodname_dependabot_short %} cannot update to the required version as there is already an open pull request for the latest version
-
-**Security updates only.** {% data variables.product.prodname_dependabot_short %} will not create a pull request to update the vulnerable dependency to a secure version because there is already an open pull request to update this dependency. You will see this error when a vulnerability is detected in a single dependency and there's already an open pull request to update the dependency to the latest version.
-
-There are two options: you can review the open pull request and merge it as soon as you are confident that the change is safe, or close that pull request and trigger a new security update pull request. For more information, see "[Triggering a {% data variables.product.prodname_dependabot_short %} pull request manually](#triggering-a-dependabot-pull-request-manually)."
-
-#### {% data variables.product.prodname_dependabot_short %} timed out during its update
-
-{% data variables.product.prodname_dependabot_short %} took longer than the maximum time allowed to assess the update required and prepare a pull request. This error is usually seen only for large repositories with many manifest files, for example, npm or yarn monorepo projects with hundreds of *package.json* files. Updates to the Composer ecosystem also take longer to assess and may time out.
-
-This error is difficult to address. If a version update times out, you could specify the most important dependencies to update using the `allow` parameter or, alternatively, use the `ignore` parameter to exclude some dependencies from updates. Updating your configuration might allow {% data variables.product.prodname_dependabot_short %} to review the version update and generate the pull request in the time available.
-
-If a security update times out, you can reduce the chances of this happening by keeping the dependencies updated, for example, by enabling version updates. For more information, see "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)."
-
-#### {% data variables.product.prodname_dependabot_short %} cannot open any more pull requests
-
-There's a limit on the number of open pull requests {% data variables.product.prodname_dependabot_short %} will generate. When this limit is reached, no new pull requests are opened and this error is reported. The best way to resolve this error is to review and merge some of the open pull requests.
-
-There are separate limits for security and version update pull requests, so that open version update pull requests cannot block the creation of a security update pull request. The limit for security update pull requests is 10. By default, the limit for version updates is 5 but you can change this using the `open-pull-requests-limit` parameter in the configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)."
-
-The best way to resolve this error is to merge or close some of the existing pull requests and trigger a new pull request manually. For more information, see "[Triggering a {% data variables.product.prodname_dependabot_short %} pull request manually](#triggering-a-dependabot-pull-request-manually)."
-
-### Triggering a {% data variables.product.prodname_dependabot_short %} pull request manually
-
-If you unblock {% data variables.product.prodname_dependabot_short %}, you can manually trigger a fresh attempt to create a pull request.
-
-- **Security updates**—display the {% data variables.product.prodname_dependabot_short %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot_short %} security update**.
-- **Version updates**—display the log file for the manifest that shows the error that you have fixed and click **Check for updates**.
diff --git a/content/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies.md b/content/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies.md
index 9926d8bcf2..ce6fe1bc8e 100644
--- a/content/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies.md
+++ b/content/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies.md
@@ -14,14 +14,14 @@ The results of dependency detection reported by {% data variables.product.produc
* {% data variables.product.prodname_advisory_database %} is one of the data sources that {% data variables.product.prodname_dotcom %} uses to identify vulnerable dependencies. It's a free, curated database of vulnerability information for common package ecosystems on {% data variables.product.prodname_dotcom %}. It includes both data reported directly to {% data variables.product.prodname_dotcom %} from {% data variables.product.prodname_security_advisories %}, as well as official feeds and community sources. This data is reviewed and curated by {% data variables.product.prodname_dotcom %} to ensure that false or unactionable information is not shared with the development community. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)" and "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."
* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
-* {% data variables.product.prodname_dependabot_short %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_short %} alerts are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
-* {% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot_short %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors)."
+* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
+* {% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)."
- {% data variables.product.prodname_dependabot_short %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is discovered and added to the advisory database.
+ {% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is discovered and added to the advisory database.
### Why don't I get vulnerability alerts for some ecosystems?
-{% data variables.product.prodname_dotcom %} limits its support for vulnerability alerts to a set of ecosystems where we can provide high-quality, actionable data. Curated vulnerabilities in the {% data variables.product.prodname_advisory_database %}, the dependency graph, {% data variables.product.prodname_dependabot_short %} alerts, and {% data variables.product.prodname_dependabot_short %} security updates are provided for several ecosystems, including Java’s Maven, JavaScript’s npm and Yarn, .NET’s NuGet, Python’s pip, Ruby's RubyGems, and PHP’s Composer. We'll continue to add support for more ecosystems over time. For an overview of the package ecosystems that we support, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)."
+{% data variables.product.prodname_dotcom %} limits its support for vulnerability alerts to a set of ecosystems where we can provide high-quality, actionable data. Curated vulnerabilities in the {% data variables.product.prodname_advisory_database %}, the dependency graph, {% data variables.product.prodname_dependabot_alerts %}, and {% data variables.product.prodname_dependabot %} security updates are provided for several ecosystems, including Java’s Maven, JavaScript’s npm and Yarn, .NET’s NuGet, Python’s pip, Ruby's RubyGems, and PHP’s Composer. We'll continue to add support for more ecosystems over time. For an overview of the package ecosystems that we support, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)."
It's worth noting that [{% data variables.product.prodname_dotcom %} Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories) may exist for other ecosystems. The information in a security advisory is provided by the maintainers of a particular repository. This data is not curated in the same way as information for the supported ecosystems.
@@ -31,7 +31,7 @@ It's worth noting that [{% data variables.product.prodname_dotcom %} Security Ad
The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file.
-{% data variables.product.prodname_dependabot_short %} alerts advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% data variables.product.prodname_dependabot_short %} security updates only suggests a change where it can directly "fix" the dependency, that is, when these are:
+{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% data variables.product.prodname_dependabot %} security updates only suggests a change where it can directly "fix" the dependency, that is, when these are:
* Direct dependencies explicitly declared in a manifest or lockfile
* Transitive dependencies declared in a lockfile
@@ -51,21 +51,21 @@ Yes, the dependency graph has two categories of limits:
1. **Processing limits**
- These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_short %} alerts being created.
+ These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created.
- Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_short %} alerts.
+ Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}.
- By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_short %} alerts are not be created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}.
+ By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not be created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}.
2. **Visualization limits**
- These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_short %} alerts that are created.
+ These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created.
- The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_short %} alerts are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}.
+ The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}.
**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests?
-### Does {% data variables.product.prodname_dependabot_short %} generate alerts for vulnerabilities that have been known for many years?
+### Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years?
The {% data variables.product.prodname_advisory_database %} was launched in November 2019, and initially back-filled to include vulnerability information for the supported ecosystems, starting from 2017. When adding CVEs to the database, we prioritize curating newer CVEs, and CVEs affecting newer versions of software.
@@ -77,19 +77,19 @@ Some information on older vulnerabilities is available, especially where these C
Some third-party tools use uncurated CVE data that isn't checked or filtered by a human. This means that CVEs with tagging or severity errors, or other quality issues, will cause more frequent, more noisy, and less useful alerts.
-Since {% data variables.product.prodname_dependabot_short %} uses curated data in the {% data variables.product.prodname_advisory_database %}, the volume of alerts may be lower, but the alerts you do receive will be accurate and relevant.
+Since {% data variables.product.prodname_dependabot %} uses curated data in the {% data variables.product.prodname_advisory_database %}, the volume of alerts may be lower, but the alerts you do receive will be accurate and relevant.
### Does each dependency vulnerability generate a separate alert?
When a dependency has multiple vulnerabilities, only one aggregated alert is generated for that dependency, instead of one alert per vulnerability.
-The {% data variables.product.prodname_dependabot_short %} alerts count in {% data variables.product.prodname_dotcom %} shows a total for the number of alerts, that is, the number of dependencies with vulnerabilities, not the number of vulnerabilities.
+The {% data variables.product.prodname_dependabot_alerts %} count in {% data variables.product.prodname_dotcom %} shows a total for the number of alerts, that is, the number of dependencies with vulnerabilities, not the number of vulnerabilities.
-
+
When you click to display the alert details, you can see how many vulnerabilities are included in the alert.
-
+
**Check**: If there is a discrepancy in the totals you are seeing, check that you are not comparing alert numbers with vulnerability numbers.
@@ -98,4 +98,4 @@ When you click to display the alert details, you can see how many vulnerabilitie
- "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)"
- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"
- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"
-- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors)"
+- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"
diff --git a/content/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/content/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository.md
index 37ed54adfe..0dea3bd05c 100644
--- a/content/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository.md
+++ b/content/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository.md
@@ -10,11 +10,11 @@ versions:
---
Your repository's {% data variables.product.prodname_dependabot %} alerts tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}. You can sort the list of alerts using the drop-down menu, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
-You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)."
+You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
### About updates for vulnerable dependencies in your repository
-{% data variables.product.product_name %} generates {% data variables.product.prodname_dependabot_alerts %} when we detect vulnerabilities affecting your repository. For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, when {% data variables.product.product_name %} detects a vulnerable dependency {% data variables.product.prodname_dependabot_short %} creates a pull request to fix it. The pull request will upgrade the dependency to the minimum possible secure version needed to avoid the vulnerability.
+{% data variables.product.product_name %} generates {% data variables.product.prodname_dependabot_alerts %} when we detect vulnerabilities affecting your repository. For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, when {% data variables.product.product_name %} detects a vulnerable dependency {% data variables.product.prodname_dependabot %} creates a pull request to fix it. The pull request will upgrade the dependency to the minimum possible secure version needed to avoid the vulnerability.
### Viewing and updating vulnerable dependencies
@@ -24,16 +24,16 @@ You can enable automatic security updates for any repository that uses {% data v
1. Click the alert you'd like to view.
1. Review the details of the vulnerability and, if available, the pull request containing the automated security update.
-1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot_short %} security update**.
- 
-1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot_short %} includes information on commands you can use to control {% data variables.product.prodname_dependabot_short %}. For more information, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates#managing-github-dependabot-pull-requests-with-comment-commands)."
+1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**.
+ 
+1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)."
1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, use the "Dismiss" drop-down, and click a reason for dismissing the alert.
### Further reading
- "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)"
-- "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)"
+- "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)"
- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"
- "[Troubleshooting the detection of vulnerable dependencies](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)"
-- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors)"
+- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"
diff --git a/content/github/managing-subscriptions-and-notifications-on-github/configuring-notifications.md b/content/github/managing-subscriptions-and-notifications-on-github/configuring-notifications.md
index af33febe9d..d7d72cd23e 100644
--- a/content/github/managing-subscriptions-and-notifications-on-github/configuring-notifications.md
+++ b/content/github/managing-subscriptions-and-notifications-on-github/configuring-notifications.md
@@ -121,7 +121,7 @@ Email notifications from {% data variables.product.product_name %} contain the f
3. On the notifications settings page, choose how you receive notifications when:
- There are updates in repositories or team discussions you're watching or in a conversation you're participating in. For more information, see "[About participating and watching notifications](#about-participating-and-watching-notifications)."
- You gain access to a new repository or you've joined a new team. For more information, see "[Automatic watching](#automatic-watching)."{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
- - There are new {% data variables.product.prodname_dependabot_alerts %} in your repository. For more information, see "[{% data variables.product.prodname_dependabot_alerts %} notification options](#github-dependabot-alerts-notification-options)." {% endif %}{% if currentVersion == "enterprise-server@2.21" %}
+ - There are new {% data variables.product.prodname_dependabot_alerts %} in your repository. For more information, see "[{% data variables.product.prodname_dependabot_alerts %} notification options](#dependabot-alerts-notification-options)." {% endif %}{% if currentVersion == "enterprise-server@2.21" %}
- There are new security alerts in your repository. For more information, see "[Security alert notification options](#security-alert-notification-options)." {% endif %} {% if currentVersion == "free-pro-team@latest" %}
- There are workflow runs updates on repositories set up with {% data variables.product.prodname_actions %}. For more information, see "[{% data variables.product.prodname_actions %} notification options](#github-actions-notification-options)."{% endif %}
diff --git a/content/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox.md b/content/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox.md
index 0745c85f3e..01b445461a 100644
--- a/content/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox.md
+++ b/content/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox.md
@@ -82,6 +82,7 @@ Custom filters do not currently support:
- Distinguishing between the `is:issue`, `is:pr`, and `is:pull-request` query filters. These queries will return both issues and pull requests.
- Creating more than 15 custom filters.
- Changing the default filters or their order.
+ - Search [exclusion](/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) using `NOT` or `-QUALIFIER`.
### Supported queries for custom filters
@@ -113,7 +114,7 @@ To filter notifications by why you've received an update, you can use the `reaso
#### Supported `is:` queries
-To filter notifications for specific activity on {% data variables.product.product_name %}, you can use the `is` query. For example, to only see repository invitation updates, use `is:repository-invitation`{% if currentVersion != "github-ae@latest" %}, and to only see {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %} security{% endif %} alerts, use `is:repository-vulnerability-alert`.{% endif %}
+To filter notifications for specific activity on {% data variables.product.product_name %}, you can use the `is` query. For example, to only see repository invitation updates, use `is:repository-invitation`{% if currentVersion != "github-ae@latest" %}, and to only see {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %} security{% endif %} alerts, use `is:repository-vulnerability-alert`.{% endif %}
- `is:check-suite`
- `is:commit`
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/managing-code-review-assignment-for-your-team.md b/content/github/setting-up-and-managing-organizations-and-teams/managing-code-review-assignment-for-your-team.md
index 47ed076cb2..750351b231 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/managing-code-review-assignment-for-your-team.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/managing-code-review-assignment-for-your-team.md
@@ -18,7 +18,7 @@ When code owners are automatically requested for review, the team is still remov
### Routing algorithms
-Code review assignments automatically choose and assign reviewers based on one of two possible alogrithms.
+Code review assignments automatically choose and assign reviewers based on one of two possible algorithms.
The round robin algorithm chooses reviewers based on who's received the least recent review request, focusing on alternating between all members of the team regardless of the number of outstanding reviews they currently have.
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md
index 88b866b9f2..6b04032d74 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/permission-levels-for-an-organization.md
@@ -64,7 +64,7 @@ Organization members can have *owner*{% if currentVersion == "free-pro-team@late
| Purchase, install, manage billing for, and cancel {% data variables.product.prodname_marketplace %} apps | **X** | | |
| List apps in {% data variables.product.prodname_marketplace %} | **X** | | |{% if currentVersion != "github-ae@latest" %}
| Receive [{% data variables.product.prodname_dependabot_alerts %} about vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) for all of an organization's repositories | **X** | | |
-| Manage {% data variables.product.prodname_dependabot_security_updates %} (see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-github-dependabot-security-updates)") | **X** | | |{% endif %}
+| Manage {% data variables.product.prodname_dependabot_security_updates %} (see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)") | **X** | | |{% endif %}
| [Manage the forking policy](/github/setting-up-and-managing-organizations-and-teams/managing-the-forking-policy-for-your-organization) | **X** | | |
| [Limit activity in public repositories in an organization](/articles/limiting-interactions-in-your-organization) | **X** | | |
| Pull (read), push (write), and clone (copy) *all repositories* in the organization | **X** | | |
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md
index aa1dd9d200..61497be9a9 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization.md
@@ -47,7 +47,7 @@ To search for specific events, use the `action` qualifier in your query. Actions
| `repo` | Contains all activities related to the repositories owned by your organization.{% if currentVersion == "free-pro-team@latest" %}
| `repository_content_analysis` | Contains all activities related to [enabling or disabling data use for a private repository](/articles/about-github-s-use-of-your-data).
| `repository_dependency_graph` | Contains all activities related to [enabling or disabling the dependency graph for a private repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-and-dependents-of-a-repository).{% endif %}{% if currentVersion != "github-ae@latest" %}
-| `repository_vulnerability_alert` | Contains all activities related to [{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies).{% endif %}{% if currentVersion == "free-pro-team@latest" %}
+| `repository_vulnerability_alert` | Contains all activities related to [{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies).{% endif %}{% if currentVersion == "free-pro-team@latest" %}
| `sponsors` | Contains all events related to sponsor buttons (see "[Displaying a sponsor button in your repository](/articles/displaying-a-sponsor-button-in-your-repository)"){% endif %}{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}
| `team` | Contains all activities related to teams in your organization.{% endif %}
| `team_discussions` | Contains activities related to managing team discussions for an organization.
@@ -354,10 +354,10 @@ For more information, see "[Restricting publication of {% data variables.product
| Action | Description
|------------------|-------------------
-| `create` | Triggered when {% data variables.product.product_name %} creates a [{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alert for a vulnerable dependency](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) in a particular repository.
+| `create` | Triggered when {% data variables.product.product_name %} creates a [{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alert for a vulnerable dependency](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) in a particular repository.
| `resolve` | Triggered when someone with write access to a repository [pushes changes to update and resolve a vulnerability](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) in a project dependency.
-| `dismiss` | Triggered when an organization owner or person with admin access to the repository dismisses a {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alert about a vulnerable dependency.{% if currentVersion == "free-pro-team@latest" %}
-| `authorized_users_teams` | Triggered when an organization owner or a member with admin permissions to the repository [updates the list of people or teams authorized to receive {% data variables.product.prodname_dependabot_short %} alerts](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-github-dependabot-alerts) for vulnerable dependencies in the repository.{% endif %}
+| `dismiss` | Triggered when an organization owner or person with admin access to the repository dismisses a {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alert about a vulnerable dependency.{% if currentVersion == "free-pro-team@latest" %}
+| `authorized_users_teams` | Triggered when an organization owner or a member with admin permissions to the repository [updates the list of people or teams authorized to receive {% data variables.product.prodname_dependabot_alerts %}](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-dependabot-alerts) for vulnerable dependencies in the repository.{% endif %}
{% endif %}
{% if currentVersion == "free-pro-team@latest" %}
diff --git a/content/github/setting-up-and-managing-organizations-and-teams/viewing-insights-for-your-organization.md b/content/github/setting-up-and-managing-organizations-and-teams/viewing-insights-for-your-organization.md
index e0d30a7295..4e18a1b3a6 100644
--- a/content/github/setting-up-and-managing-organizations-and-teams/viewing-insights-for-your-organization.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/viewing-insights-for-your-organization.md
@@ -43,7 +43,7 @@ With dependency insights you can view vulnerabilities, licenses, and other impor
5. To view dependency insights for all your {% data variables.product.prodname_ghe_cloud %} organizations, click **My organizations**.
6. You can click the results in the **Open security advisories** and **Licenses** graphs to filter by a vulnerability status, a license, or a combination of the two.
- 
+ 
7. You can click on {% octicon "package" aria-label="The package icon" %} **dependents** next to each vulnerability to see which dependents in your organization are using each library.
diff --git a/content/github/setting-up-and-managing-your-enterprise/about-enterprise-accounts.md b/content/github/setting-up-and-managing-your-enterprise/about-enterprise-accounts.md
index 3b2d6509e9..bedbb2ace5 100644
--- a/content/github/setting-up-and-managing-your-enterprise/about-enterprise-accounts.md
+++ b/content/github/setting-up-and-managing-your-enterprise/about-enterprise-accounts.md
@@ -5,6 +5,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /articles/about-github-business-accounts/
- /articles/about-enterprise-accounts
+ - /github/setting-up-and-managing-your-enterprise-account/about-enterprise-accounts
versions:
free-pro-team: '*'
enterprise-server: '*'
diff --git a/content/github/setting-up-and-managing-your-enterprise/adding-organizations-to-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/adding-organizations-to-your-enterprise-account.md
index 044a76924f..893493f000 100644
--- a/content/github/setting-up-and-managing-your-enterprise/adding-organizations-to-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/adding-organizations-to-your-enterprise-account.md
@@ -4,6 +4,7 @@ intro: You can create new organizations to manage within your enterprise account
product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /articles/adding-organizations-to-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/adding-organizations-to-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md b/content/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md
index 184216b67a..86ee087d2a 100644
--- a/content/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md
+++ b/content/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md
@@ -4,6 +4,7 @@ intro: 'You can use Security Assertion Markup Language (SAML) single sign-on (SS
product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /github/setting-up-and-managing-your-enterprise/configuring-single-sign-on-and-scim-for-your-enterprise-account-using-okta
+ - /github/setting-up-and-managing-your-enterprise-account/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta
versions:
free-pro-team: '*'
---
@@ -63,7 +64,7 @@ After you enable SCIM, the following provisioning features are available for any
1. Assign the application you created for your enterprise account to each group. {% data variables.product.prodname_dotcom %} will receive all `groups` data for each user.
1. Add users to groups based on the organizations you'd like users to belong to.
-### Configuring user provisioning with SCIM in Okta
+### Configuring user provisioning with SCIM in Okta
{% data reusables.scim.enterprise-account-scim %}
diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-enterprise-account.md
index 7a75d8c7a3..2bd1d3b766 100644
--- a/content/github/setting-up-and-managing-your-enterprise/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-enterprise-account.md
@@ -2,6 +2,8 @@
title: Configuring the retention period for GitHub Actions artifacts and logs in your enterprise account
intro: 'Enterprise owners can configure the retention period for {% data variables.product.prodname_actions %} artifacts and logs in an enterprise account.'
product: '{% data reusables.gated-features.enterprise-accounts %}'
+redirect_from:
+ - /github/setting-up-and-managing-your-enterprise-account/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-enterprise-account
miniTocMaxHeadingLevel: 4
versions:
free-pro-team: '*'
diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-webhooks-for-organization-events-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/configuring-webhooks-for-organization-events-in-your-enterprise-account.md
index a0f7833340..9aeb15a046 100644
--- a/content/github/setting-up-and-managing-your-enterprise/configuring-webhooks-for-organization-events-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/configuring-webhooks-for-organization-events-in-your-enterprise-account.md
@@ -5,6 +5,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /articles/configuring-webhooks-for-organization-events-in-your-business-account/
- /articles/configuring-webhooks-for-organization-events-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/configuring-webhooks-for-organization-events-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account.md
index 52526f6a04..036f99a198 100644
--- a/content/github/setting-up-and-managing-your-enterprise/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account.md
@@ -5,6 +5,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /articles/enforcing-a-policy-on-dependency-insights/
- /articles/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/enforcing-github-actions-policies-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/enforcing-github-actions-policies-in-your-enterprise-account.md
index b41a2ff40b..62fb446de8 100644
--- a/content/github/setting-up-and-managing-your-enterprise/enforcing-github-actions-policies-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/enforcing-github-actions-policies-in-your-enterprise-account.md
@@ -2,6 +2,8 @@
title: Enforcing GitHub Actions policies in your enterprise account
intro: 'Enterprise owners can disable, enable, and limit {% data variables.product.prodname_actions %} for an enterprise account.'
product: '{% data reusables.gated-features.enterprise-accounts %}'
+redirect_from:
+ - /github/setting-up-and-managing-your-enterprise-account/enforcing-github-actions-policies-in-your-enterprise-account
miniTocMaxHeadingLevel: 4
versions:
free-pro-team: '*'
@@ -9,13 +11,13 @@ versions:
### About {% data variables.product.prodname_actions %} permissions for your enterprise account
-By default, {% data variables.product.prodname_actions %} is enabled in all organizations owned by an enterprise account. You can choose to disable {% data variables.product.prodname_actions %} for all organizations owned by an enterprise account, or only allow specified organizations. You can also limit the use of public actions, so that people can only use local actions that exist in your organization.
+By default, {% data variables.product.prodname_actions %} is enabled in all organizations owned by an enterprise account. You can choose to disable {% data variables.product.prodname_actions %} for all organizations owned by an enterprise account, or only allow specified organizations. You can also limit the use of public actions, so that people can only use local actions that exist in your organization.
For more information about {% data variables.product.prodname_actions %}, see "[About {% data variables.product.prodname_actions %}](/actions/getting-started-with-github-actions/about-github-actions)."
### Managing {% data variables.product.prodname_actions %} permissions for your enterprise account
-You can disable all workflows for an enterprise or set a policy that configures which actions can be used in an organization.
+You can disable all workflows for an enterprise or set a policy that configures which actions can be used in an organization.
{% data reusables.actions.actions-use-policy-settings %}
diff --git a/content/github/setting-up-and-managing-your-enterprise/enforcing-project-board-policies-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/enforcing-project-board-policies-in-your-enterprise-account.md
index 382e0c0a29..2b1f5bec09 100644
--- a/content/github/setting-up-and-managing-your-enterprise/enforcing-project-board-policies-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/enforcing-project-board-policies-in-your-enterprise-account.md
@@ -6,6 +6,7 @@ redirect_from:
- /articles/enforcing-project-board-settings-for-organizations-in-your-business-account/
- /articles/enforcing-project-board-policies-for-organizations-in-your-enterprise-account/
- /articles/enforcing-project-board-policies-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/enforcing-project-board-policies-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/enforcing-repository-management-policies-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/enforcing-repository-management-policies-in-your-enterprise-account.md
index 1dae91bd46..f5e9e4c082 100644
--- a/content/github/setting-up-and-managing-your-enterprise/enforcing-repository-management-policies-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/enforcing-repository-management-policies-in-your-enterprise-account.md
@@ -6,6 +6,7 @@ redirect_from:
- /articles/enforcing-repository-management-settings-for-organizations-in-your-business-account/
- /articles/enforcing-repository-management-policies-for-organizations-in-your-enterprise-account/
- /articles/enforcing-repository-management-policies-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/enforcing-repository-management-policies-in-your-enterprise-account
versions:
free-pro-team: '*'
---
@@ -47,10 +48,10 @@ Across all organizations owned by your enterprise account, you can allow people
Across all organizations owned by your enterprise account, you can allow members to invite outside collaborators to repositories, restrict outside collaborator invitations to organization owners, or allow owners to administer the setting on the organization level.
-{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
-3. On the **Repository policies** tab, under "Repository invitations", review the information about changing the setting. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
-4. Under "Repository invitations", use the drop-down menu and choose a policy.
+3. On the **Repository policies** tab, under "Repository invitations", review the information about changing the setting. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
+4. Under "Repository invitations", use the drop-down menu and choose a policy.
### Enforcing a policy on changing repository visibility
diff --git a/content/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account.md
index f2f5b9ec29..ca7c927f26 100644
--- a/content/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account.md
@@ -8,6 +8,7 @@ redirect_from:
- /articles/enforcing-security-settings-for-organizations-in-your-enterprise-account/
- /articles/enforcing-security-settings-in-your-enterprise-account
- /github/articles/managing-allowed-ip-addresses-for-organizations-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/enforcing-security-settings-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/enforcing-team-policies-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/enforcing-team-policies-in-your-enterprise-account.md
index 008d1a2115..6d95d38f9f 100644
--- a/content/github/setting-up-and-managing-your-enterprise/enforcing-team-policies-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/enforcing-team-policies-in-your-enterprise-account.md
@@ -6,6 +6,7 @@ redirect_from:
- /articles/enforcing-team-settings-for-organizations-in-your-business-account/
- /articles/enforcing-team-policies-for-organizations-in-your-enterprise-account/
- /articles/enforcing-team-policies-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/enforcing-team-policies-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/managing-licenses-for-visual-studio-subscription-with-github-enterprise.md b/content/github/setting-up-and-managing-your-enterprise/managing-licenses-for-visual-studio-subscription-with-github-enterprise.md
index 6664696bc0..8e06d27934 100644
--- a/content/github/setting-up-and-managing-your-enterprise/managing-licenses-for-visual-studio-subscription-with-github-enterprise.md
+++ b/content/github/setting-up-and-managing-your-enterprise/managing-licenses-for-visual-studio-subscription-with-github-enterprise.md
@@ -5,11 +5,12 @@ redirect_from:
- /github/setting-up-and-managing-your-enterprise/managing-licenses-for-the-github-enterprise-and-visual-studio-bundle
- /github/articles/about-the-github-and-visual-studio-bundle
- /articles/about-the-github-and-visual-studio-bundle
+ - /github/setting-up-and-managing-your-enterprise-account/managing-licenses-for-visual-studio-subscription-with-github-enterprise
versions:
free-pro-team: '*'
---
-### About {% data variables.product.prodname_vss_ghe %}
+### About {% data variables.product.prodname_vss_ghe %}
{% data variables.product.prodname_vss_ghe %} is a combined offering from Microsoft that allows a subscriber to use both {% data variables.product.prodname_enterprise %} and {% data variables.product.prodname_vs %}. {% data variables.product.prodname_vss_ghe %} is available from Microsoft under the terms of the Microsoft Enterprise Agreement. For more information, see [{% data variables.product.prodname_vss_ghe %}](https://visualstudio.microsoft.com/subscriptions/visual-studio-github/) on the {% data variables.product.prodname_vs %} website.
@@ -21,7 +22,7 @@ For more information about {% data variables.product.prodname_enterprise %}, see
1. After you buy {% data variables.product.prodname_vss_ghe %}, contact {% data variables.contact.contact_enterprise_sales %} and mention "{% data variables.product.prodname_vss_ghe %}." You'll work with the Sales team to create an enterprise account on {% data variables.product.prodname_dotcom_the_website %}. If you already have an enterprise account on {% data variables.product.prodname_dotcom_the_website %}, or if you're not sure, please tell our Sales team.
-2. Assign licenses for {% data variables.product.prodname_vss_ghe %} to subscribers in {% data variables.product.prodname_vss_admin_portal_with_url %}. For more information about assigning licenses, see [Manage {% data variables.product.prodname_vs %} subscriptions with {% data variables.product.prodname_enterprise %}](https://docs.microsoft.com/en-us/visualstudio/subscriptions/assign-github) in the Microsoft Docs.
+2. Assign licenses for {% data variables.product.prodname_vss_ghe %} to subscribers in {% data variables.product.prodname_vss_admin_portal_with_url %}. For more information about assigning licenses, see [Manage {% data variables.product.prodname_vs %} subscriptions with {% data variables.product.prodname_enterprise %}](https://docs.microsoft.com/visualstudio/subscriptions/assign-github) in the Microsoft Docs.
3. On {% data variables.product.prodname_dotcom_the_website %}, create at least one organization owned by your enterprise account. For more information, see "[Adding organizations to your enterprise account](/github/setting-up-and-managing-your-enterprise/adding-organizations-to-your-enterprise-account)."
@@ -39,4 +40,4 @@ You can also see pending {% data variables.product.prodname_enterprise %} invita
### Further reading
-- [Introducing Visual Studio subscriptions with GitHub Enterprise](https://docs.microsoft.com/en-us/visualstudio/subscriptions/access-github) in the Microsoft Docs
+- [Introducing Visual Studio subscriptions with GitHub Enterprise](https://docs.microsoft.com/visualstudio/subscriptions/access-github) in the Microsoft Docs
diff --git a/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account.md
index 9bce247ef1..9045814fc6 100644
--- a/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account.md
@@ -4,7 +4,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
mapTopic: true
redirect_from:
- /articles/managing-organizations-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/managing-organizations-in-your-enterprise-account
versions:
free-pro-team: '*'
---
-
diff --git a/content/github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account.md
index 79221d9b93..feb1214b10 100644
--- a/content/github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account.md
@@ -3,6 +3,8 @@ title: Managing unowned organizations in your enterprise account
intro: You can become an owner of an organization in your enterprise account that currently has no owners.
product: '{% data reusables.gated-features.enterprise-accounts %}'
permissions: Enterprise owners can manage unowned organizations in an enterprise account.
+redirect_from:
+ - /github/setting-up-and-managing-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise.md b/content/github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise.md
index 97c906ecd0..6ccf673df3 100644
--- a/content/github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise.md
+++ b/content/github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise.md
@@ -4,6 +4,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
mapTopic: true
redirect_from:
- /github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/managing-users-in-your-enterprise-account
- /articles/managing-users-in-your-enterprise-account
- /articles/managing-users-in-your-enterprise
versions:
@@ -11,4 +12,3 @@ versions:
enterprise-server: '*'
github-ae: '*'
---
-
diff --git a/content/github/setting-up-and-managing-your-enterprise/setting-policies-for-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/setting-policies-for-organizations-in-your-enterprise-account.md
index 4d664620ad..27d125ccd8 100644
--- a/content/github/setting-up-and-managing-your-enterprise/setting-policies-for-organizations-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/setting-policies-for-organizations-in-your-enterprise-account.md
@@ -4,7 +4,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
mapTopic: true
redirect_from:
- /articles/setting-policies-for-organizations-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/setting-policies-for-organizations-in-your-enterprise-account
versions:
free-pro-team: '*'
---
-
diff --git a/content/github/setting-up-and-managing-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md b/content/github/setting-up-and-managing-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md
index 4d401dda7d..560bdf10af 100644
--- a/content/github/setting-up-and-managing-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md
+++ b/content/github/setting-up-and-managing-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md
@@ -5,6 +5,7 @@ permissions: Enterprise owners can view and manage a member's SAML access to an
product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /github/setting-up-and-managing-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/viewing-and-managing-a-users-saml-access-to-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account.md
index 661d9c5cb1..b63394ccd3 100644
--- a/content/github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account.md
+++ b/content/github/setting-up-and-managing-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise-account.md
@@ -5,6 +5,7 @@ product: '{% data reusables.gated-features.enterprise-accounts %}'
redirect_from:
- /articles/viewing-the-audit-logs-for-organizations-in-your-business-account/
- /articles/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
+ - /github/setting-up-and-managing-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
versions:
free-pro-team: '*'
---
diff --git a/content/github/site-policy/github-insights-and-data-protection-for-your-organization.md b/content/github/site-policy/github-insights-and-data-protection-for-your-organization.md
index 6b1c3afe84..52a69a7135 100644
--- a/content/github/site-policy/github-insights-and-data-protection-for-your-organization.md
+++ b/content/github/site-policy/github-insights-and-data-protection-for-your-organization.md
@@ -5,9 +5,7 @@ product: '{% data reusables.gated-features.github-insights %}'
redirect_from:
- /github/installing-and-configuring-github-insights/github-insights-and-data-protection-for-your-organization
versions:
- free-pro-team: '*'
enterprise-server: '*'
- github-ae: '*'
---
For more information about the terms that govern {% data variables.product.prodname_insights %}, see your {% data variables.product.prodname_ghe_one %} subscription agreement.
diff --git a/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md b/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md
index 5336dba564..110de95ccc 100644
--- a/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md
+++ b/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md
@@ -194,7 +194,6 @@ In addition to the non-public user account information and account access logs m
- Any security keys used for authentication or encryption
-
-
**Under exigent circumstances** —
If we receive a request for information under certain exigent circumstances (where we believe the disclosure is necessary to prevent an emergency involving danger of death or serious physical injury to a person), we may disclose limited information that we determine necessary to enable law enforcement to address the emergency. For any information beyond that, we would require a subpoena, search warrant, or court order, as described above. For example, we will not disclose contents of private repositories without a search warrant. Before disclosing information, we confirm that the request came from a law enforcement agency, an authority sent an official notice summarizing the emergency, and how the information requested will assist in addressing the emergency.
diff --git a/content/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository.md b/content/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository.md
index fe736eb9c6..dc1c7cecd5 100644
--- a/content/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository.md
+++ b/content/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository.md
@@ -10,7 +10,7 @@ versions:
### About data use for your private repository
-When you enable data use for your private repository, you'll be able to access the dependency graph, where you can track your repository's dependencies and receive {% data variables.product.prodname_dependabot_short %} alerts when {% data variables.product.product_name %} detects vulnerable dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#github-dependabot-alerts-for-vulnerable-dependencies)."
+When you enable data use for your private repository, you'll be able to access the dependency graph, where you can track your repository's dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."
### Enabling or disabling data use features
diff --git a/content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md b/content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md
index e674add356..ee6e10f5bc 100644
--- a/content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md
+++ b/content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md
@@ -47,7 +47,7 @@ You can use the dependency graph to:
{% if currentVersion == "free-pro-team@latest" %}To generate a dependency graph, {% data variables.product.product_name %} needs read-only access to the dependency manifest and lock files for a repository. The dependency graph is automatically generated for all public repositories and you can choose to enable it for private repositories. For information about enabling or disabling it for private repositories, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)."{% endif %}
-{% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_short %} alerts. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
+{% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %}
{% if enterpriseServerVersions contains currentVersion and currentVersion ver_lt "enterprise-server@2.22" %} If the dependency graph is not available in your system, your site administrator can enable the dependency graph and security alerts. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."
diff --git a/content/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository.md b/content/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository.md
index 3b3df2d46e..e06ac92e9a 100644
--- a/content/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository.md
+++ b/content/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository.md
@@ -36,7 +36,7 @@ If vulnerabilities have been detected in the repository, these are shown at the
{% endif %}
{% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}
-Any direct and indirect dependencies that are specified in the repository's manifest or lock files are listed, grouped by ecosystem. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to {% data variables.product.prodname_dependabot_short %} alerts.
+Any direct and indirect dependencies that are specified in the repository's manifest or lock files are listed, grouped by ecosystem. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to {% data variables.product.prodname_dependabot_alerts %}.
{% note %}
diff --git a/content/github/working-with-github-pages/creating-a-github-pages-site.md b/content/github/working-with-github-pages/creating-a-github-pages-site.md
index 8203c8e22d..660a785a25 100644
--- a/content/github/working-with-github-pages/creating-a-github-pages-site.md
+++ b/content/github/working-with-github-pages/creating-a-github-pages-site.md
@@ -2,6 +2,9 @@
title: Creating a GitHub Pages site
intro: 'You can create a {% data variables.product.prodname_pages %} site in a new or existing repository.'
redirect_from:
+ - /articles/creating-pages-manually/
+ - /articles/creating-project-pages-manually/
+ - /articles/creating-project-pages-from-the-command-line/
- /articles/creating-project-pages-using-the-command-line/
- /articles/creating-a-github-pages-site
product: '{% data reusables.gated-features.pages %}'
diff --git a/content/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site.md b/content/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site.md
index e3d3015e50..722694a358 100644
--- a/content/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site.md
+++ b/content/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site.md
@@ -40,7 +40,7 @@ To set up a `www` or custom subdomain, such as `www.example.com` or `blog.exampl
{% data reusables.pages.navigate-site-repo %}
{% data reusables.repositories.sidebar-settings %}
{% data reusables.pages.save-custom-domain %}
-5. Navigate to your DNS provider and create a `CNAME` record that points your subdomain to the default domain for your site. For example, if you want to use the subdomain `www.example.com` for your user site, create a `CNAME` record that points `www.example.com` to `.github.io`. If you want to use the subdomain `www.anotherexample.com` for your organization site, create a `CNAME` record that points `www.anotherexample.com` to `.github.io`. The `CNAME` file should always point to `.github.io` or `.github.io`, excluding the repository name. {% data reusables.pages.contact-dns-provider %}{% data reusables.pages.default-domain-information %}
+5. Navigate to your DNS provider and create a `CNAME` record that points your subdomain to the default domain for your site. For example, if you want to use the subdomain `www.example.com` for your user site, create a `CNAME` record that points `www.example.com` to `.github.io`. If you want to use the subdomain `www.anotherexample.com` for your organization site, create a `CNAME` record that points `www.anotherexample.com` to `.github.io`. The `CNAME` file should always point to `.github.io` or `.github.io`, excluding the repository name. {% data reusables.pages.contact-dns-provider %} {% data reusables.pages.default-domain-information %}
{% data reusables.command_line.open_the_multi_os_terminal %}
6. To confirm that your DNS record configured correctly, use the `dig` command, replacing _WWW.EXAMPLE.COM_ with your subdomain.
```shell
diff --git a/content/github/working-with-github-pages/troubleshooting-jekyll-build-errors-for-github-pages-sites.md b/content/github/working-with-github-pages/troubleshooting-jekyll-build-errors-for-github-pages-sites.md
index 62457004f9..3b2bb2212b 100644
--- a/content/github/working-with-github-pages/troubleshooting-jekyll-build-errors-for-github-pages-sites.md
+++ b/content/github/working-with-github-pages/troubleshooting-jekyll-build-errors-for-github-pages-sites.md
@@ -183,6 +183,6 @@ To troubleshoot, make sure all output tags in the file in the error message are
This error means that your code contains an unrecognized Liquid tag.
-To troubleshoot, make sure all Liquid tags in the file in the error message match Jekyll's default variables and there are no typos in the tag names. For a list of default varibles, see "[Variables](https://jekyllrb.com/docs/variables/)" in the Jekyll documentation.
+To troubleshoot, make sure all Liquid tags in the file in the error message match Jekyll's default variables and there are no typos in the tag names. For a list of default variables, see "[Variables](https://jekyllrb.com/docs/variables/)" in the Jekyll documentation.
Unsupported plugins are a common source of unrecognized tags. If you use an unsupported plugin in your site by generating your site locally and pushing your static files to {% data variables.product.product_name %}, make sure the plugin is not introducing tags that are not in Jekyll's default variables. For a list of supported plugins, see "[About {% data variables.product.prodname_pages %} and Jekyll](/articles/about-github-pages-and-jekyll#plugins)."
diff --git a/content/insights/installing-and-configuring-github-insights/managing-contributors-and-teams.md b/content/insights/installing-and-configuring-github-insights/managing-contributors-and-teams.md
index 0fffd07374..7c054d9bdb 100644
--- a/content/insights/installing-and-configuring-github-insights/managing-contributors-and-teams.md
+++ b/content/insights/installing-and-configuring-github-insights/managing-contributors-and-teams.md
@@ -103,7 +103,7 @@ You can create and manage custom teams in {% data variables.product.prodname_ins
{% data reusables.github-insights.teams-tab %}
{% data reusables.github-insights.edit-team %}
3. Under "Contributors", use the drop-down menu and select a contributor.
- 
+ 
4. Click **Done**.
#### Removing a contributor from a custom team
diff --git a/content/packages/publishing-and-managing-packages/about-github-packages.md b/content/packages/publishing-and-managing-packages/about-github-packages.md
index 72abeced17..32f561cf52 100644
--- a/content/packages/publishing-and-managing-packages/about-github-packages.md
+++ b/content/packages/publishing-and-managing-packages/about-github-packages.md
@@ -85,7 +85,7 @@ For more information about the container support offered by {% data variables.pr
#### Support for package registries
{% if currentVersion == "free-pro-team@latest" %}
-Package registries use `PACKAGE-TYPE.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME` as the package host URL, replacing `PACKAGE-TYPE` with the Package namespace. For example, your Gemfile will be hosted at `rubygem.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`.
+Package registries use `PACKAGE-TYPE.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME` as the package host URL, replacing `PACKAGE-TYPE` with the Package namespace. For example, your Gemfile will be hosted at `rubygems.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`.
{% else %}
@@ -103,8 +103,8 @@ If {% data variables.product.product_location %} has subdomain isolation disable
| --- | --- | --- | --- | --- |
| JavaScript | Node package manager | `package.json` | `npm` | `npm.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`
| Ruby | RubyGems package manager | `Gemfile` | `gem` | `rubygems.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`
-| Java | Apache Maven project management and comprehension tool | `pom.xml` | `mvn` | `maven.HOSTNAME/OWNER/REPOSITORY/IMAGE-NAME`
-| Java | Gradle build automation tool for Java | `build.gradle` or `build.gradle.kts` | `gradle` | `maven.HOSTNAME/OWNER/REPOSITORY/IMAGE-NAME`
+| Java | Apache Maven project management and comprehension tool | `pom.xml` | `mvn` | `maven.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`
+| Java | Gradle build automation tool for Java | `build.gradle` or `build.gradle.kts` | `gradle` | `maven.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`
| .NET | NuGet package management for .NET | `nupkg` | `dotnet` CLI | `nuget.pkg.github.com/OWNER/REPOSITORY/IMAGE-NAME`
{% else %}
@@ -166,7 +166,7 @@ For more information, see "[Creating a personal access token](/github/authentica
To use or manage a package hosted by a package registry, you must use a token with the appropriate scope, and your user account must have appropriate permissions for that repository.
For example:
-- To download and install packages from a repository, your token must have the `read:packages` scope, and your user account must have read permissions for the repository. If the repository is private, your token must also have the `repo` scope.
+- To download and install packages from a repository, your token must have the `read:packages` scope, and your user account must have read permissions for the repository.
- To delete a specified version of a private package on {% data variables.product.product_name %}, your token must have the `delete:packages` and `repo` scope. Public packages cannot be deleted. For more information, see "[Deleting a package](/packages/publishing-and-managing-packages/deleting-a-package)."
| Scope | Description | Repository permissions |
@@ -174,7 +174,7 @@ For example:
|`read:packages`| Download and install packages from {% data variables.product.prodname_registry %} | read |
|`write:packages`| Upload and publish packages to {% data variables.product.prodname_registry %} | write |
| `delete:packages` | Delete specified versions of private packages from {% data variables.product.prodname_registry %} | admin |
-| `repo` | Install, upload, and delete certain packages in private repositories (along with `read:packages`, `write:packages`, or `delete:packages`) | read, write, or admin |
+| `repo` | Upload and delete packages (along with `write:packages`, or `delete:packages`) | write, or admin |
When you create a {% data variables.product.prodname_actions %} workflow, you can use the `GITHUB_TOKEN` to publish and install packages in {% data variables.product.prodname_registry %} without needing to store and manage a personal access token.
diff --git a/content/packages/publishing-and-managing-packages/publishing-a-package.md b/content/packages/publishing-and-managing-packages/publishing-a-package.md
index 93fbdbffb4..68d69b2a59 100644
--- a/content/packages/publishing-and-managing-packages/publishing-a-package.md
+++ b/content/packages/publishing-and-managing-packages/publishing-a-package.md
@@ -21,7 +21,7 @@ You can help people understand and use your package by providing a description a
{% data reusables.package_registry.package-immutability %}
{% if currentVersion == "free-pro-team@latest" %}
-If a new version of a package fixes a security vulnerability, you should publish a security advisory in your repository. {% data variables.product.prodname_dotcom %} reviews each published security advisory and may use it to send {% data variables.product.prodname_dependabot_short %} alerts to affected repositories. For more information, see "[About GitHub Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
+If a new version of a package fixes a security vulnerability, you should publish a security advisory in your repository. {% data variables.product.prodname_dotcom %} reviews each published security advisory and may use it to send {% data variables.product.prodname_dependabot_alerts %} to affected repositories. For more information, see "[About GitHub Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
{% endif %}
### Publishing a package
diff --git a/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-dotnet-cli-for-use-with-github-packages.md b/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-dotnet-cli-for-use-with-github-packages.md
index b85d347677..a5fa36cc7e 100644
--- a/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-dotnet-cli-for-use-with-github-packages.md
+++ b/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-dotnet-cli-for-use-with-github-packages.md
@@ -77,7 +77,7 @@ If your instance has subdomain isolation disabled:
### Publishing a package
-You can publish a package to {% data variables.product.prodname_registry %} by authenticating with a *nuget.config* file. When publishing, you need to use the same value for `OWNER` in your *csproj* file that you use in your *nuget.config* authentication file. Specify or increment the version number in your *.csproj* file, then use the `dotnet pack` command to create a *.nuspec* file for that version. For more information on creating your package, see "[Create and publish a package](https://docs.microsoft.com/en-us/nuget/quickstart/create-and-publish-a-package-using-the-dotnet-cli)" in the Microsoft documentation.
+You can publish a package to {% data variables.product.prodname_registry %} by authenticating with a *nuget.config* file. When publishing, you need to use the same value for `OWNER` in your *csproj* file that you use in your *nuget.config* authentication file. Specify or increment the version number in your *.csproj* file, then use the `dotnet pack` command to create a *.nuspec* file for that version. For more information on creating your package, see "[Create and publish a package](https://docs.microsoft.com/nuget/quickstart/create-and-publish-a-package-using-the-dotnet-cli)" in the Microsoft documentation.
{% data reusables.package_registry.viewing-packages %}
@@ -159,7 +159,7 @@ For example, the *OctodogApp* and *OctocatApp* projects will publish to the same
### Installing a package
-Using packages from {% data variables.product.prodname_dotcom %} in your project is similar to using packages from *nuget.org*. Add your package dependencies to your *.csproj* file, specifying the package name and version. For more information on using a *.csproj* file in your project, see "[Working with NuGet packages](https://docs.microsoft.com/en-us/nuget/consume-packages/overview-and-workflow)" in the Microsoft documentation.
+Using packages from {% data variables.product.prodname_dotcom %} in your project is similar to using packages from *nuget.org*. Add your package dependencies to your *.csproj* file, specifying the package name and version. For more information on using a *.csproj* file in your project, see "[Working with NuGet packages](https://docs.microsoft.com/nuget/consume-packages/overview-and-workflow)" in the Microsoft documentation.
{% data reusables.package_registry.authenticate-step %}
diff --git a/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-npm-for-use-with-github-packages.md b/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-npm-for-use-with-github-packages.md
index 77b4552fe5..c20f4464fa 100644
--- a/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-npm-for-use-with-github-packages.md
+++ b/content/packages/using-github-packages-with-your-projects-ecosystem/configuring-npm-for-use-with-github-packages.md
@@ -174,8 +174,8 @@ If your instance has subdomain isolation enabled:
```shell
registry=https://{% if currentVersion == "free-pro-team@latest" %}npm.pkg.github.com{% else %}npm.HOSTNAME{% endif %}/OWNER
-@OWNER:registry={% if currentVersion == "free-pro-team@latest" %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}
-@OWNER:registry={% if currentVersion == "free-pro-team@latest" %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}
+@OWNER:registry=https://{% if currentVersion == "free-pro-team@latest" %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}
+@OWNER:registry=https://{% if currentVersion == "free-pro-team@latest" %}npm.pkg.github.com{% else %}npm.HOSTNAME/{% endif %}
```
{% if enterpriseServerVersions contains currentVersion %}
@@ -183,8 +183,8 @@ If your instance has subdomain isolation disabled:
```shell
registry=https://HOSTNAME/_registry/npm/OWNER
-@OWNER:registry=HOSTNAME/_registry/npm/
-@OWNER:registry=HOSTNAME/_registry/npm/
+@OWNER:registry=https://HOSTNAME/_registry/npm/
+@OWNER:registry=https://HOSTNAME/_registry/npm/
```
{% endif %}
diff --git a/content/rest/overview/api-previews.md b/content/rest/overview/api-previews.md
index c6e88c13b7..9a4df5a0be 100644
--- a/content/rest/overview/api-previews.md
+++ b/content/rest/overview/api-previews.md
@@ -81,15 +81,6 @@ Manage [projects](/v3/projects/).
**Custom media type:** `cloak-preview`
**Announced:** [2017-01-05](https://developer.github.com/changes/2017-01-05-commit-search-api/)
-{% if currentVersion == "free-pro-team@latest" %}
-### Community profile metrics
-
-Retrieve [community profile metrics](/v3/repos/community/) (also known as community health) for any public repository.
-
-**Custom media type:** `black-panther-preview`
-**Announced:** [2017-02-09](https://developer.github.com/changes/2017-02-09-community-health/)
-{% endif %}
-
{% if currentVersion == "free-pro-team@latest" %}
### User blocking
@@ -235,17 +226,6 @@ You can now provide more information in GitHub for URLs that link to registered
**Custom media types:** `corsair-preview`
**Announced:** [2018-12-10](https://developer.github.com/changes/2018-12-10-content-attachments-api/)
-{% if currentVersion == "free-pro-team@latest" %}
-
-### Interaction restrictions for repositories and organizations
-
-Allows you to temporarily restrict interactions, such as commenting, opening issues, and creating pull requests, for {% data variables.product.product_name %} repositories or organizations. When enabled, only the specified group of {% data variables.product.product_name %} users will be able to participate in these interactions. See the [Repository interactions](/v3/interactions/repos/) and [Organization interactions](/v3/interactions/orgs/) APIs for more details.
-
-**Custom media type:** `sombra-preview`
-**Announced:** [2018-12-18](https://developer.github.com/changes/2018-12-18-interactions-preview/)
-
-{% endif %}
-
{% if enterpriseServerVersions contains currentVersion and currentVersion ver_lt "enterprise-server@2.21" %}
### Draft pull requests
diff --git a/content/rest/overview/libraries.md b/content/rest/overview/libraries.md
index 293c3a1632..a1f11fa03b 100644
--- a/content/rest/overview/libraries.md
+++ b/content/rest/overview/libraries.md
@@ -11,13 +11,12 @@ versions:
- Octokit comes in
+
-
+{% include scripts %}
diff --git a/includes/header.html b/includes/header.html
index 2752b31013..491c584044 100644
--- a/includes/header.html
+++ b/includes/header.html
@@ -104,7 +104,7 @@
{% if page.relativePath != 'index.md' and error != '404' %}
-
| +Travis CI + | ++{% data variables.product.prodname_actions %} + | +
|---|---|
| +{% raw %} +```yaml +matrix: + include: + - rvm: 2.5 + - rvm: 2.6.3 +``` +{% endraw %} + | ++{% raw %} +```yaml +jobs: + build: + strategy: + matrix: + ruby: [2.5, 2.6.3] +``` +{% endraw %} + | +
| +Travis CI + | ++{% data variables.product.prodname_actions %} + | +
|---|---|
| +{% raw %} +```yaml +branches: + only: + - main + - 'mona/octocat' +``` +{% endraw %} + | ++{% raw %} +```yaml +on: + push: + branches: + - main + - 'mona/octocat' +``` +{% endraw %} + | +
| +Travis CI + | ++{% data variables.product.prodname_actions %} + | +
|---|---|
| +{% raw %} +```yaml +git: + submodules: false +``` +{% endraw %} + | ++{% raw %} +```yaml + - uses: actions/checkout@v2 + with: + submodules: false +``` +{% endraw %} + | +
| +Travis CI + | ++{% data variables.product.prodname_actions %} + | +
|---|---|
| +{% raw %} +```yaml +language: python +python: + - "3.7" + +script: + - python script.py +``` +{% endraw %} + | ++{% raw %} +```yaml +jobs: + run_python: + runs-on: ubuntu-latest + steps: + - uses: actions/setup-python@v2 + with: + python-version: '3.7' + architecture: 'x64' + - run: python script.py +``` +{% endraw %} + | +
| +Travis CI + | ++GitHub Actions + | +
|---|---|
| +{% raw %} +```yaml +language: node_js +cache: npm +``` +{% endraw %} + | ++{% raw %} +```yaml +- name: Cache node modules + uses: actions/cache@v2 + with: + path: ~/.npm + key: v1-npm-deps-${{ hashFiles('**/package-lock.json') }} + restore-keys: v1-npm-deps- +``` +{% endraw %} + | +
| +Travis CI + | ++{% data variables.product.prodname_actions %} Workflow + | +
|---|---|
| + + ```yaml +env: + - MAVEN_PATH="/usr/local/maven" + ``` + + | ++ + ```yaml + jobs: + maven-build: + env: + MAVEN_PATH: '/usr/local/maven' + ``` + + | +
| +Travis CI + | ++{% data variables.product.prodname_actions %} Workflow + | +
|---|---|
| +{% raw %} + ```yaml +install: + - npm install +script: + - npm run build + - npm test + ``` +{% endraw %} + | ++{% raw %} + ```yaml +name: Node.js CI +on: [push] +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Use Node.js + uses: actions/setup-node@v1 + with: + node-version: '12.x' + - run: npm install + - run: npm run build + - run: npm test + ``` +{% endraw %} + | +
- Octokit comes in
- many flavors
+ Octokit comes in many flavors
Use the official Octokit library, or choose between any of the available third party libraries.
- @@ -25,141 +24,118 @@ versions: ### Clojure -* [Tentacles][tentacles] - -[tentacles]: https://github.com/Raynes/tentacles +Library name | Repository +|---|---| +**Tentacles**| [Raynes/tentacles](https://github.com/Raynes/tentacles) ### Dart -* [github.dart][github.dart] - -[github.dart]: https://github.com/DirectMyFile/github.dart +Library name | Repository +|---|---| +**github.dart** | [DirectMyFile/github.dart](https://github.com/DirectMyFile/github.dart) ### Emacs Lisp -* [gh.el][gh.el] - -[gh.el]: https://github.com/sigma/gh.el +Library name | Repository +|---|---| +**gh.el** | [sigma/gh.el](https://github.com/sigma/gh.el) ### Erlang -* [octo.erl][octo-erl] - -[octo-erl]: https://github.com/sdepold/octo.erl +Library name | Repository +|---|---| +**octo-erl** | [sdepold/octo.erl](https://github.com/sdepold/octo.erl) ### Go -* [go-github][] - -[go-github]: https://github.com/google/go-github +Library name | Repository +|---|---| +**go-github**| [google/go-github](https://github.com/google/go-github) ### Haskell -* [github][haskell-github] - -[haskell-github]: https://github.com/fpco/GitHub +Library name | Repository +|---|---| +**haskell-github** | [fpco/Github](https://github.com/fpco/GitHub) ### Java -* The [GitHub Java API (org.eclipse.egit.github.core)](https://github.com/eclipse/egit-github/tree/master/org.eclipse.egit.github.core) library -is part of the [GitHub Mylyn Connector](https://github.com/eclipse/egit-github) and aims to support the entire -GitHub v3 API. Builds are available in [Maven Central](http://search.maven.org/#search%7Cga%7C1%7Ca%3A%22org.eclipse.egit.github.core%22). -* [GitHub API for Java (org.kohsuke.github)](http://github-api.kohsuke.org/) defines an object oriented representation of the GitHub API. -* [JCabi GitHub API](http://github.jcabi.com) is based on Java7 JSON API (JSR-353), simplifies tests with a runtime GitHub stub, and -covers the entire API. +Library name | Repository | More information +|---|---|---| +**GitHub Java API**| [org.eclipse.egit.github.core](https://github.com/eclipse/egit-github/tree/master/org.eclipse.egit.github.core) | Is part of the [GitHub Mylyn Connector](https://github.com/eclipse/egit-github) and aims to support the entire GitHub v3 API. Builds are available in [Maven Central](http://search.maven.org/#search%7Cga%7C1%7Ca%3A%22org.eclipse.egit.github.core%22). +**GitHub API for Java**| [org.kohsuke.github (From github-api)](http://github-api.kohsuke.org/)|defines an object oriented representation of the GitHub API. +**JCabi GitHub API**|[github.jcabi.com (Personal Website)](http://github.jcabi.com)|is based on Java7 JSON API (JSR-353), simplifies tests with a runtime GitHub stub, and covers the entire API. ### JavaScript -* [NodeJS GitHub library][octonode] -* [gh3 client-side API v3 wrapper][gh3] -* [GitHub.js wrapper around the GitHub API][github] -* [Promise-Based CoffeeScript library for the browser or NodeJS][github-client] - -[octonode]: https://github.com/pksunkara/octonode -[gh3]: https://github.com/k33g/gh3 -[github]: https://github.com/michael/github -[github-client]: https://github.com/philschatz/github-client +Library name | Repository | +|---|---| +**NodeJS GitHub library**| [pksunkara/octonode](https://github.com/pksunkara/octonode) +**gh3 client-side API v3 wrapper**| [k33g/gh3](https://github.com/k33g/gh3) +**Github.js wrapper around the GitHub API**|[michael/github](https://github.com/michael/github) +**Promise-Based CoffeeScript library for the Browser or NodeJS**|[philschatz/github-client](https://github.com/philschatz/github-client) ### Julia -* [GitHub.jl][github.jl] - -[github.jl]: https://github.com/WestleyArgentum/GitHub.jl +Library name | Repository | +|---|---| +**Github.jl**|[WestleyArgentum/Github.jl](https://github.com/WestleyArgentum/GitHub.jl) ### OCaml -* [ocaml-github][ocaml-github] - -[ocaml-github]: https://github.com/mirage/ocaml-github +Library name | Repository | +|---|---| +**ocaml-github**|[mirage/ocaml-github](https://github.com/mirage/ocaml-github) ### Perl -* [Pithub][pithub-github] ([CPAN][pithub-cpan]) -* [Net::GitHub][net-github-github] ([CPAN][net-github-cpan]) - -[net-github-github]: https://github.com/fayland/perl-net-github -[net-github-cpan]: https://metacpan.org/pod/Net::GitHub -[pithub-github]: https://github.com/plu/Pithub -[pithub-cpan]: http://metacpan.org/module/Pithub +Library name | Repository | metacpan Website for the Library +|---|---|---| +**Pithub**|[plu/Pithub](https://github.com/plu/Pithub)|[Pithub CPAN](http://metacpan.org/module/Pithub) +**Net::Github**|[fayland/perl-net-github](https://github.com/fayland/perl-net-github)|[Net:Github CPAN](https://metacpan.org/pod/Net::GitHub) ### PHP -* [GitHub PHP Client][github-php-client] -* [PHP GitHub API][php-github-api] -* [GitHub API][github-api] -* [GitHub Joomla! Package][joomla] -* [Github Nette Extension][kdyby-github] -* [GitHub API Easy Access][milo-github-api] -* [GitHub bridge for Laravel][github-laravel] -* [PHP5.6|PHP7 Client & WebHook wrapper][flexyproject-githubapi] - -[github-php-client]: https://github.com/tan-tan-kanarek/github-php-client -[php-github-api]: https://github.com/KnpLabs/php-github-api -[github-api]: https://github.com/yiiext/github-api -[joomla]: https://github.com/joomla-framework/github-api -[kdyby-github]: https://github.com/kdyby/github -[milo-github-api]: https://github.com/milo/github-api -[github-laravel]: https://github.com/GrahamCampbell/Laravel-GitHub -[flexyproject-githubapi]: https://github.com/FlexyProject/GitHubAPI +Library name | Repository +|---|---| +**GitHub PHP Client**|[tan-tan-kanarek/github-php-client](https://github.com/tan-tan-kanarek/github-php-client) +**PHP GitHub API**|[KnpLabs/php-github-api](https://github.com/KnpLabs/php-github-api) +**GitHub API**|[yiiext/github-api](https://github.com/yiiext/github-api) +**GitHub Joomla! Package**|[joomla-framework/github-api](https://github.com/joomla-framework/github-api) +**GitHub Nette Extension**|[kdyby/github](https://github.com/kdyby/github) +**GitHub API Easy Access**|[milo/github-api](https://github.com/milo/github-api) +**GitHub bridge for Laravel**|[GrahamCampbell/Laravel-Github](https://github.com/GrahamCampbell/Laravel-GitHub) +**PHP7 Client & WebHook wrapper**|[FlexyProject/GithubAPI](https://github.com/FlexyProject/GitHubAPI) ### Python -* [PyGithub][jacquev6_pygithub] -* [libsaas][libsaas] -* [github3.py][github3py] -* [sanction][sanction] -* [agithub][agithub] -* [octohub][octohub] -* [Github-Flask][github-flask] -* [torngithub][torngithub] - -[jacquev6_pygithub]: https://github.com/PyGithub/PyGithub -[libsaas]: https://github.com/ducksboard/libsaas -[github3py]: https://github.com/sigmavirus24/github3.py -[sanction]: https://github.com/demianbrecht/sanction -[agithub]: https://github.com/jpaugh/agithub "Agnostic GitHub" -[octohub]: https://github.com/turnkeylinux/octohub -[github-flask]: http://github-flask.readthedocs.org -[torngithub]: https://github.com/jkeylu/torngithub +Library name | Repository +|---|---| +**PyGithub**|[PyGithub/PyGithub](https://github.com/PyGithub/PyGithub) +**libsaas**|[duckboard/libsaas](https://github.com/ducksboard/libsaas) +**github3.py**|[sigmavirus24/github3.py](https://github.com/sigmavirus24/github3.py) +**sanction**|[demianbrecht/sanction](https://github.com/demianbrecht/sanction) +**agithub**|[jpaugh/agithub](https://github.com/jpaugh/agithub) +**octohub**|[turnkeylinux/octohub](https://github.com/turnkeylinux/octohub) +**github-flask**|[github-flask (Oficial Website)](http://github-flask.readthedocs.org) +**torngithub**|[jkeylu/torngithub](https://github.com/jkeylu/torngithub) ### Ruby -* [GitHub API Gem][ghapi] -* [Ghee][ghee] - -[ghapi]: https://github.com/peter-murach/github -[ghee]: https://github.com/rauhryan/ghee +Library name | Repository +|---|---| +**GitHub API Gem**|[peter-murach/github](https://github.com/peter-murach/github) +**Ghee**|[rauhryan/ghee](https://github.com/rauhryan/ghee) ### Scala -* [Hubcat][hubcat] -* [Github4s][github4s] - -[hubcat]: https://github.com/softprops/hubcat -[Github4s]: https://github.com/47deg/github4s +Library name | Repository +|---|---| +**Hubcat**|[softprops/hubcat](https://github.com/softprops/hubcat) +**Github4s**|[47deg/github4s](https://github.com/47deg/github4s) ### Shell -* [ok.sh][ok.sh] - -[ok.sh]: https://github.com/whiteinge/ok.sh +Library name | Repository +|---|---| +**ok.sh**|[whiteinge/ok.sh](https://github.com/whiteinge/ok.sh) diff --git a/content/rest/reference/permissions-required-for-github-apps.md b/content/rest/reference/permissions-required-for-github-apps.md index 0238c195e3..6e07570273 100644 --- a/content/rest/reference/permissions-required-for-github-apps.md +++ b/content/rest/reference/permissions-required-for-github-apps.md @@ -186,7 +186,7 @@ _Branches_ - [`POST /repos/:owner/:repo/branches/:branch/protection/required_signatures`](/v3/repos/branches/#create-commit-signature-protection) (:write) - [`DELETE /repos/:owner/:repo/branches/:branch/protection/required_signatures`](/v3/repos/branches/#delete-commit-signature-protection) (:write) - [`GET /repos/:owner/:repo/branches/:branch/protection/required_status_checks`](/v3/repos/branches/#get-status-checks-protection) (:read) -- [`PATCH /repos/:owner/:repo/branches/:branch/protection/required_status_checks`](/v3/repos/branches/#update-status-check-potection) (:write) +- [`PATCH /repos/:owner/:repo/branches/:branch/protection/required_status_checks`](/v3/repos/branches/#update-status-check-protection) (:write) - [`DELETE /repos/:owner/:repo/branches/:branch/protection/required_status_checks`](/v3/repos/branches/#remove-status-check-protection) (:write) - [`GET /repos/:owner/:repo/branches/:branch/protection/required_status_checks/contexts`](/v3/repos/branches/#get-all-status-check-contexts) (:read) - [`POST /repos/:owner/:repo/branches/:branch/protection/required_status_checks/contexts`](/v3/repos/branches/#add-status-check-contexts) (:write) diff --git a/contributing/content-style-guide.md b/contributing/content-style-guide.md index 470cb468d5..f103bf3dcb 100644 --- a/contributing/content-style-guide.md +++ b/contributing/content-style-guide.md @@ -2,7 +2,7 @@ Welcome to the content style guide for [GitHub Docs](https://docs.github.com/). -These guidelines are specific to GitHub’s documentation. For general style questions or guidance on topics not covered here, see the [GitHub Brand Guide](https://brand.github.com/content/) first, then the [Microsoft Style Guide](https://docs.microsoft.com/en-us/style-guide/welcome/). For markup specific to source content on docs.github.com, see our [markup reference guide](content-markup-reference.md). +These guidelines are specific to GitHub’s documentation. For general style questions or guidance on topics not covered here, see the [GitHub Brand Guide](https://brand.github.com/content/) first, then the [Microsoft Style Guide](https://docs.microsoft.com/style-guide/welcome/). For markup specific to source content on docs.github.com, see our [markup reference guide](content-markup-reference.md). ## Table of contents - [The GitHub Docs approach to style](#the-github-docs-approach-to-style) @@ -132,7 +132,7 @@ schedule: ## Headers Use H3 for headers, and H4 for subheaders. When referring to headers, surround the header name with quotation marks. -- **Use:** Under “User licences”, view your total licenses. +- **Use:** Under “User licenses”, view your total licenses. To orient readers and help them understand if the section is relevant to them, include introductory content after a header - don’t locate a subheader directly following a header. @@ -140,7 +140,7 @@ To orient readers and help them understand if the section is relevant to them, i ### Alt text -Every image must include an alt attribute that provides a complete description of the image for the user. For more information, see “[Images, image maps, and multimedia](https://docs.microsoft.com/en-us/style-guide/accessibility/graphics-design-media#images-image-maps-and-multimedia)” in Microsoft’s Style Guide. +Every image must include an alt attribute that provides a complete description of the image for the user. For more information, see “[Images, image maps, and multimedia](https://docs.microsoft.com/style-guide/accessibility/graphics-design-media#images-image-maps-and-multimedia)” in Microsoft’s Style Guide. ### Filenames @@ -170,9 +170,9 @@ GitHub Brand Guide: - [People and communities](https://brand.github.com/content/grammar#people-and-communities) The Microsoft Style Guide offers resources on bias-free communication, accessibility terms, and writing for all abilities: -- [Bias-free communication](https://docs.microsoft.com/en-us/style-guide/bias-free-communication) -- [Writing for all abilities](https://docs.microsoft.com/en-us/style-guide/accessibility/writing-all-abilities) -- [Accessibility terms](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/term-collections/accessibility-terms) +- [Bias-free communication](https://docs.microsoft.com/style-guide/bias-free-communication) +- [Writing for all abilities](https://docs.microsoft.com/style-guide/accessibility/writing-all-abilities) +- [Accessibility terms](https://docs.microsoft.com/style-guide/a-z-word-list-term-collections/term-collections/accessibility-terms) More resources for learning about inclusive and accessible language and style: - [18F Content Guide on Inclusive Language](https://content-guide.18f.gov/inclusive-language/) @@ -257,7 +257,7 @@ Take care to distinguish between product names and product elements. For more in ## Punctuation -Follow standard American English punctuation rules. For more guidance, see “[Punctuation](https://brand.github.com/content/grammar#punctuation)” in GitHub’s Brand Guide and “[Punctuation](https://docs.microsoft.com/en-us/style-guide/punctuation)” in the Microsoft Style Guide. +Follow standard American English punctuation rules. For more guidance, see “[Punctuation](https://brand.github.com/content/grammar#punctuation)” in GitHub’s Brand Guide and “[Punctuation](https://docs.microsoft.com/style-guide/punctuation)” in the Microsoft Style Guide. ## Reusables and variables Use reusable strings for individual nouns (e.g. product names) or for complete sentences or paragraphs. Sentence fragments and phrases should not be contained in reusable strings as they can cause problems when content is localized. For more information, see the data directory in the github/docs repository and the “Product names” section of this document. @@ -272,7 +272,7 @@ A table’s contents should be clear from the preceding content - avoid unneeded Use quotation marks around article titles, whether the article is hosted on GitHub Docs or elsewhere. Do not include quotation marks around the names of external sites. -For further guidance, see “[Formatting titles](https://docs.microsoft.com/en-us/style-guide/text-formatting/formatting-titles)” in Microsoft’s Style Guide. +For further guidance, see “[Formatting titles](https://docs.microsoft.com/style-guide/text-formatting/formatting-titles)” in Microsoft’s Style Guide. ## User interface elements @@ -338,15 +338,15 @@ GitHub Brand Guide: - [Referring to GitHub features and product elements](https://brand.github.com/content/terminology/#referring-to-github-features-and-product-elements) - [Page names and UI references](https://brand.github.com/content/grammar#page-names-and-ui-references) Microsoft Style Guide: -- [Formatting text in instructions](https://docs.microsoft.com/en-us/style-guide/procedures-instructions/formatting-text-in-instructions) +- [Formatting text in instructions](https://docs.microsoft.com/style-guide/procedures-instructions/formatting-text-in-instructions) ## Voice and tone -Use clear, simple language that’s approachable and accessible for a wide range of readers. For more information, see “[Voice](https://brand.github.com/content/voice/)” in GitHub’s Brand Guide. To learn more about writing approachable content, see “[Microsoft's brand voice: Above all, simple and human](https://docs.microsoft.com/en-us/style-guide/brand-voice-above-all-simple-human) and “[Top 10 tips for Microsoft style and voice](https://docs.microsoft.com/en-us/style-guide/top-10-tips-style-voice).” +Use clear, simple language that’s approachable and accessible for a wide range of readers. For more information, see “[Voice](https://brand.github.com/content/voice)” in GitHub’s Brand Guide. To learn more about writing approachable content, see “[Microsoft's brand voice: Above all, simple and human](https://docs.microsoft.com/style-guide/brand-voice-above-all-simple-human) and “[Top 10 tips for Microsoft style and voice](https://docs.microsoft.com/style-guide/top-10-tips-style-voice).” ## Word choice and terminology -For general guidance and GitHub-specific terms, see “[Terminology](https://brand.github.com/content/terminology)” and “[Words that can be tricky](https://brand.github.com/content/grammar#words-that-can-be-tricky)” in GitHub’s Brand Guide. For more detailed guidance, see the “[A-Z word list](https://docs.microsoft.com/en-us/style-guide)” in Microsoft’s style guide. +For general guidance and GitHub-specific terms, see “[Terminology](https://brand.github.com/content/terminology)” and “[Words that can be tricky](https://brand.github.com/content/grammar#words-that-can-be-tricky)” in GitHub’s Brand Guide. For more detailed guidance, see the “[A-Z word list](https://docs.microsoft.com/style-guide)” in Microsoft’s style guide. ### Abbreviations diff --git a/contributing/development.md b/contributing/development.md index 5fa66a72a5..0b2f9682e4 100644 --- a/contributing/development.md +++ b/contributing/development.md @@ -8,7 +8,7 @@ This site is powered by Node.js! :sparkles: :turtle: :rocket: :sparkles: It runs on macOS, Windows, and Linux environments. -You'll need Node.js version 12 or 14 to run the site. To install Node.js, [download the "LTS" installer from nodejs.org](https://nodejs.org). If you're using [`nodenv`](https://github.com/nodenv/nodenv), read the [`nodenv` docs](#nodenv) for instructions on switching Node.js versions. +You'll need Node.js version 12 or 14 to run the site. To install Node.js, [download the "LTS" installer from nodejs.org](https://nodejs.org). If you're using [`nodenv`](https://github.com/nodenv/nodenv), read the [`nodenv` docs](#nodenv) for instructions on switching Node.js versions. Once you've installed Node.js (which includes the popular `npm` package manager), open Terminal and run the following: @@ -16,6 +16,7 @@ Once you've installed Node.js (which includes the popular `npm` package manager) git clone https://github.com/github/docs cd docs npm install +npm run build npm start ``` @@ -23,6 +24,8 @@ You should now have a running server! Visit [localhost:4000](http://localhost:40 When you're ready to stop your local server, type CTRLc in your terminal window. +Note that `npm run build` is a one-time step that create static assets. + ## Site structure This site was originally a Ruby on Rails web application. Some time later it was converted into a static site powered by [Jekyll](https://jekyllrb.com/). A few years after that it was migrated to [Nanoc](https://nanoc.ws/), another Ruby static site generator. diff --git a/contributing/node-versions.md b/contributing/node-versions.md index 9ab9c9a66a..934f751577 100644 --- a/contributing/node-versions.md +++ b/contributing/node-versions.md @@ -1,6 +1,6 @@ # Node Versions -In [development](contributing/development.md) enviroments this site will run on Node.js versions `12 - 14`. +In [development](contributing/development.md) environments this site will run on Node.js versions `12 - 14`. In [staging and production](contributing/deployments.md) environments this site runs on Node.js 14, the [Active LTS version](https://nodejs.org/en/about/releases/) from 2020-10-27 to 2021-10-26). diff --git a/contributing/troubleshooting.md b/contributing/troubleshooting.md index ffd3c30bb8..41ffd6e5c0 100644 --- a/contributing/troubleshooting.md +++ b/contributing/troubleshooting.md @@ -1,5 +1,6 @@ -# Troubleshooting status checks +# Troubleshooting +- [Troubleshooting server tests that fail locally but pass in CI](#troublshooting-server-tests-that-fail-locally-but-pass-in-ci) - [Troubleshooting stalled deployments and CI](#troubleshooting-stalled-deployments-and-ci) - [Staging deployment stalled](#staging-deployment-stalled) - [CI stalled or stuck](#ci-stalled-or-stuck) @@ -11,7 +12,13 @@ - [Check external links](#check-external-links) - [Debugging locally](#debugging-locally) -## Troubleshooting stalled deployments and CI +## Troubleshooting + +### Troubleshooting server tests that fail locally but pass in CI + +If you run the tests locally and get failures in `tests/rendering/server.js` around static assets, stylesheets, and/or the client-side JavaScript bundle, but **the same tests pass in CI** on a PR, you likely need to run `npm run build`. This is a one-time command that creates static assets locally. + +See [`development.md`](./development.md) for more info. ### Staging deployment stalled If a staging deployment is pending for more than 5-10min, try the following: @@ -83,7 +90,7 @@ Again, you should see more information about the error either in your browser or The `check internal links` test reports any broken links on the site, including images. The test reports the URL of the broken link, _not_ the file that includes that link, so you'll need to search the `docs` repository to find the file. -Broken images include `assets/images/` in the URL and are often caused by images being versioned for previous versions of GHES but not uploaded to the appropriate folder in S3. Search the `docs` repository for the file name (e.g., `assets/images/help/repository/security-tab.png`), then make sure the image is versioned correctly in each result. If the image is in a reusable, you'll also need to search for each occurence of that reusable. If the image is versioned correctly, upload the image to the appropriate folder(s) in S3. +Broken images include `assets/images/` in the URL and are often caused by images being versioned for previous versions of GHES but not uploaded to the appropriate folder in S3. Search the `docs` repository for the file name (e.g., `assets/images/help/repository/security-tab.png`), then make sure the image is versioned correctly in each result. If the image is in a reusable, you'll also need to search for each occurrence of that reusable. If the image is versioned correctly, upload the image to the appropriate folder(s) in S3. For broken links to articles on our site, find the file that contains the link by searching the `docs` repository for the file name (e.g., `incorporating-feedback-in-your-pull-request`). Try the following fixes: @@ -107,4 +114,4 @@ During development, you can visit any page on `http://localhost:4000` and add `? | `permalinks` | Shows all [permalinks](contributing/permalinks.md) that the site is generating for the page. | `redirect_from` | Shows the hardcoded redirects in the [`redirect_from` frontmatter](content#redirect_from). | `redirects` | Shows all redirects that the site is generating for the page. -| `includesPlatformSpecificContent` | Shows whether the site detects any [platform-specific content](#operating-system-tags) on the page. \ No newline at end of file +| `includesPlatformSpecificContent` | Shows whether the site detects any [platform-specific content](#operating-system-tags) on the page. diff --git a/data/graphql/ghae/graphql_upcoming_changes.public-ghae.yml b/data/graphql/ghae/graphql_upcoming_changes.public-ghae.yml index 0a97b1ac31..56e1ff90ea 100644 --- a/data/graphql/ghae/graphql_upcoming_changes.public-ghae.yml +++ b/data/graphql/ghae/graphql_upcoming_changes.public-ghae.yml @@ -66,18 +66,6 @@ upcoming_changes: date: '2020-10-01T00:00:00+00:00' criticality: breaking owner: mikesea -- location: RepositoryCollaboratorEdge.permission - description: Type for `permission` will change from `RepositoryPermission!` to `String`. - reason: This field may return additional values - date: '2020-10-01T00:00:00+00:00' - criticality: breaking - owner: oneill38 -- location: RepositoryInvitation.permission - description: Type for `permission` will change from `RepositoryPermission!` to `String`. - reason: This field may return additional values - date: '2020-10-01T00:00:00+00:00' - criticality: breaking - owner: oneill38 - location: RepositoryInvitationOrderField.INVITEE_LOGIN description: "`INVITEE_LOGIN` will be removed." reason: "`INVITEE_LOGIN` is no longer a valid field value. Repository invitations @@ -91,12 +79,6 @@ upcoming_changes: date: '2020-10-01T00:00:00+00:00' criticality: breaking owner: nholden -- location: TeamRepositoryEdge.permission - description: Type for `permission` will change from `RepositoryPermission!` to `String`. - reason: This field may return additional values - date: '2020-10-01T00:00:00+00:00' - criticality: breaking - owner: oneill38 - location: EnterpriseMemberEdge.isUnlicensed description: "`isUnlicensed` will be removed." reason: All members consume a license diff --git a/data/graphql/ghae/schema.docs-ghae.graphql b/data/graphql/ghae/schema.docs-ghae.graphql index e2fbb7ee38..7bca3e6574 100644 --- a/data/graphql/ghae/schema.docs-ghae.graphql +++ b/data/graphql/ghae/schema.docs-ghae.graphql @@ -1180,6 +1180,16 @@ type Bot implements Actor & Node & UniformResourceLocatable { A branch protection rule. """ type BranchProtectionRule implements Node { + """ + Can this branch be deleted. + """ + allowsDeletions: Boolean! + + """ + Are force pushes allowed on this branch. + """ + allowsForcePushes: Boolean! + """ A list of conflicts matching branches protection rule and other branch protection rules """ @@ -1316,6 +1326,11 @@ type BranchProtectionRule implements Node { """ requiresCommitSignatures: Boolean! + """ + Are merge commits prohibited from being pushed to this branch. + """ + requiresLinearHistory: Boolean! + """ Are status checks required to update matching branches. """ @@ -27827,10 +27842,6 @@ type RepositoryCollaboratorEdge { """ The permission the user has on the repository. - - **Upcoming Change on 2020-10-01 UTC** - **Description:** Type for `permission` will change from `RepositoryPermission!` to `String`. - **Reason:** This field may return additional values """ permission: RepositoryPermission! @@ -28117,10 +28128,6 @@ type RepositoryInvitation implements Node { """ The permission granted on this repository by this invitation. - - **Upcoming Change on 2020-10-01 UTC** - **Description:** Type for `permission` will change from `RepositoryPermission!` to `String`. - **Reason:** This field may return additional values """ permission: RepositoryPermission! @@ -32583,10 +32590,6 @@ type TeamRepositoryEdge { """ The permission level the team has on the repository - - **Upcoming Change on 2020-10-01 UTC** - **Description:** Type for `permission` will change from `RepositoryPermission!` to `String`. - **Reason:** This field may return additional values """ permission: RepositoryPermission! } diff --git a/data/graphql/graphql_upcoming_changes.public.yml b/data/graphql/graphql_upcoming_changes.public.yml index 4489b44b0c..3af44bb542 100644 --- a/data/graphql/graphql_upcoming_changes.public.yml +++ b/data/graphql/graphql_upcoming_changes.public.yml @@ -73,18 +73,6 @@ upcoming_changes: date: '2020-10-01T00:00:00+00:00' criticality: breaking owner: mikesea -- location: RepositoryCollaboratorEdge.permission - description: Type for `permission` will change from `RepositoryPermission!` to `String`. - reason: This field may return additional values - date: '2020-10-01T00:00:00+00:00' - criticality: breaking - owner: oneill38 -- location: RepositoryInvitation.permission - description: Type for `permission` will change from `RepositoryPermission!` to `String`. - reason: This field may return additional values - date: '2020-10-01T00:00:00+00:00' - criticality: breaking - owner: oneill38 - location: RepositoryInvitationOrderField.INVITEE_LOGIN description: "`INVITEE_LOGIN` will be removed." reason: "`INVITEE_LOGIN` is no longer a valid field value. Repository invitations @@ -98,12 +86,6 @@ upcoming_changes: date: '2020-10-01T00:00:00+00:00' criticality: breaking owner: nholden -- location: TeamRepositoryEdge.permission - description: Type for `permission` will change from `RepositoryPermission!` to `String`. - reason: This field may return additional values - date: '2020-10-01T00:00:00+00:00' - criticality: breaking - owner: oneill38 - location: EnterpriseMemberEdge.isUnlicensed description: "`isUnlicensed` will be removed." reason: All members consume a license diff --git a/data/graphql/schema.docs.graphql b/data/graphql/schema.docs.graphql index b9978f831b..208d3b7aed 100644 --- a/data/graphql/schema.docs.graphql +++ b/data/graphql/schema.docs.graphql @@ -1200,6 +1200,16 @@ type Bot implements Actor & Node & UniformResourceLocatable { A branch protection rule. """ type BranchProtectionRule implements Node { + """ + Can this branch be deleted. + """ + allowsDeletions: Boolean! + + """ + Are force pushes allowed on this branch. + """ + allowsForcePushes: Boolean! + """ A list of conflicts matching branches protection rule and other branch protection rules """ @@ -1336,6 +1346,11 @@ type BranchProtectionRule implements Node { """ requiresCommitSignatures: Boolean! + """ + Are merge commits prohibited from being pushed to this branch. + """ + requiresLinearHistory: Boolean! + """ Are status checks required to update matching branches. """ @@ -29748,10 +29763,6 @@ type RepositoryCollaboratorEdge { """ The permission the user has on the repository. - - **Upcoming Change on 2020-10-01 UTC** - **Description:** Type for `permission` will change from `RepositoryPermission!` to `String`. - **Reason:** This field may return additional values """ permission: RepositoryPermission! @@ -30033,10 +30044,6 @@ type RepositoryInvitation implements Node { """ The permission granted on this repository by this invitation. - - **Upcoming Change on 2020-10-01 UTC** - **Description:** Type for `permission` will change from `RepositoryPermission!` to `String`. - **Reason:** This field may return additional values """ permission: RepositoryPermission! @@ -34897,10 +34904,6 @@ type TeamRepositoryEdge { """ The permission level the team has on the repository - - **Upcoming Change on 2020-10-01 UTC** - **Description:** Type for `permission` will change from `RepositoryPermission!` to `String`. - **Reason:** This field may return additional values """ permission: RepositoryPermission! } diff --git a/data/reusables/community/interaction-limits-duration.md b/data/reusables/community/interaction-limits-duration.md new file mode 100644 index 0000000000..fb858accd8 --- /dev/null +++ b/data/reusables/community/interaction-limits-duration.md @@ -0,0 +1 @@ +When you enable an interaction limit, you can choose a duration for the limit: 24 hours, 3 days, 1 week, 1 month, or 6 months. \ No newline at end of file diff --git a/data/reusables/community/interaction-limits-restrictions.md b/data/reusables/community/interaction-limits-restrictions.md new file mode 100644 index 0000000000..1be2648d16 --- /dev/null +++ b/data/reusables/community/interaction-limits-restrictions.md @@ -0,0 +1 @@ +Enabling an interaction limit for a repository restricts certain users from commenting, opening issues, creating pull requests, reacting with emojis, editing existing comments, and editing titles of issues and pull requests. \ No newline at end of file diff --git a/data/reusables/community/set-interaction-limit.md b/data/reusables/community/set-interaction-limit.md new file mode 100644 index 0000000000..468a068f70 --- /dev/null +++ b/data/reusables/community/set-interaction-limit.md @@ -0,0 +1 @@ +5. Under "Temporary interaction limits", to the right of the type of interaction limit you want to set, use the **Enable** drop-down menu, then click the duration you want for your interaction limit. \ No newline at end of file diff --git a/data/reusables/community/types-of-interaction-limits.md b/data/reusables/community/types-of-interaction-limits.md new file mode 100644 index 0000000000..67967a2fa2 --- /dev/null +++ b/data/reusables/community/types-of-interaction-limits.md @@ -0,0 +1,4 @@ +There are three types of interaction limits. + - **Limit to existing users**: Limits activity for users with accounts that are less than 24 hours old who do not have prior contributions and are not collaborators. + - **Limit to prior contributors**: Limits activity for users who have not previously contributed to the default branch of the repository and are not collaborators. + - **Limit to repository collaborators**: Limits activity for users who do not have write access to the repository. \ No newline at end of file diff --git a/data/reusables/dependabot/click-dependabot-tab.md b/data/reusables/dependabot/click-dependabot-tab.md index 787f987069..81f569ccc6 100644 --- a/data/reusables/dependabot/click-dependabot-tab.md +++ b/data/reusables/dependabot/click-dependabot-tab.md @@ -1,2 +1,2 @@ -4. Under "Dependency graph", click **{% data variables.product.prodname_dependabot_short %}**. -  +4. Under "Dependency graph", click **{% data variables.product.prodname_dependabot %}**. +  diff --git a/data/reusables/dependabot/default-labels.md b/data/reusables/dependabot/default-labels.md index 00fa428e67..9294fb86c1 100644 --- a/data/reusables/dependabot/default-labels.md +++ b/data/reusables/dependabot/default-labels.md @@ -1 +1 @@ -By default, {% data variables.product.prodname_dependabot %} raises all pull requests with the `dependencies` label. If more than one package manager is defined, {% data variables.product.prodname_dependabot_short %} includes an additional label on each pull request. This indicates which language or ecosystem the pull request will update, for example: `java` for Gradle updates and `submodules` for git submodule updates. {% data variables.product.prodname_dependabot %} creates these default labels automatically, as necessary in your repository. +By default, {% data variables.product.prodname_dependabot %} raises all pull requests with the `dependencies` label. If more than one package manager is defined, {% data variables.product.prodname_dependabot %} includes an additional label on each pull request. This indicates which language or ecosystem the pull request will update, for example: `java` for Gradle updates and `submodules` for git submodule updates. {% data variables.product.prodname_dependabot %} creates these default labels automatically, as necessary in your repository. diff --git a/data/reusables/dependabot/initial-updates.md b/data/reusables/dependabot/initial-updates.md index 869d31ff84..fe4154576b 100644 --- a/data/reusables/dependabot/initial-updates.md +++ b/data/reusables/dependabot/initial-updates.md @@ -1,3 +1,3 @@ When you first enable version updates, you may have many dependencies that are outdated and some may be many versions behind the latest version. {% data variables.product.prodname_dependabot %} checks for outdated dependencies as soon as it's enabled. You may see new pull requests for version updates within minutes of adding the configuration file, depending on the number of manifest files for which you configure updates. -To keep pull requests manageable and easy to review, {% data variables.product.prodname_dependabot_short %} raises a maximum of five pull requests to start bringing dependencies up to the latest version. If you merge some of these first pull requests before the next scheduled update, then further pull requests are opened up to a maximum of five (you can change this limit). +To keep pull requests manageable and easy to review, {% data variables.product.prodname_dependabot %} raises a maximum of five pull requests to start bringing dependencies up to the latest version. If you merge some of these first pull requests before the next scheduled update, then further pull requests are opened up to a maximum of five (you can change this limit). diff --git a/data/reusables/dependabot/private-dependencies.md b/data/reusables/dependabot/private-dependencies.md index dfcbae9c73..717f1dbb97 100644 --- a/data/reusables/dependabot/private-dependencies.md +++ b/data/reusables/dependabot/private-dependencies.md @@ -1 +1 @@ -Currently, {% data variables.product.prodname_dependabot_version_updates %} doesn't support manifest or lock files that contain any private git dependencies or private git registries. This is because, when running version updates, {% data variables.product.prodname_dependabot_short %} must be able to resolve all dependencies from their source to verify that version updates have been successful. +Currently, {% data variables.product.prodname_dependabot_version_updates %} doesn't support manifest or lock files that contain any private git dependencies or private git registries. This is because, when running version updates, {% data variables.product.prodname_dependabot %} must be able to resolve all dependencies from their source to verify that version updates have been successful. diff --git a/data/reusables/dependabot/pull-request-introduction.md b/data/reusables/dependabot/pull-request-introduction.md index 7494d21059..86b8dd0cf3 100644 --- a/data/reusables/dependabot/pull-request-introduction.md +++ b/data/reusables/dependabot/pull-request-introduction.md @@ -1 +1 @@ -{% data variables.product.prodname_dependabot %} raises pull requests to update dependencies. Depending on how your repository is configured, {% data variables.product.prodname_dependabot_short %} may raise pull requests for version updates and/or for security updates. You manage these pull requests in the same way as any other pull request, but there are also some extra commands available. For information about enabling {% data variables.product.prodname_dependabot %} dependency updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)" and "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)." \ No newline at end of file +{% data variables.product.prodname_dependabot %} raises pull requests to update dependencies. Depending on how your repository is configured, {% data variables.product.prodname_dependabot %} may raise pull requests for version updates and/or for security updates. You manage these pull requests in the same way as any other pull request, but there are also some extra commands available. For information about enabling {% data variables.product.prodname_dependabot %} dependency updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)" and "[Enabling and disabling version updates](/github/administering-a-repository/enabling-and-disabling-version-updates)." \ No newline at end of file diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md index c0152e0df7..9c62f5656f 100644 --- a/data/reusables/dependabot/supported-package-managers.md +++ b/data/reusables/dependabot/supported-package-managers.md @@ -18,12 +18,12 @@ Terraform: `terraform` | {% note %} -**Note**: {% data variables.product.prodname_dependabot_short %} also supports the following package managers: +**Note**: {% data variables.product.prodname_dependabot %} also supports the following package managers: -`yarn` (v1 only) (specify `npm`) -`pipenv`, `pip-compile`, and `poetry` (specify `pip`) -For example, if you use `poetry` to manage your Python dependencies and want {% data variables.product.prodname_dependabot_short %} to monitor your dependency manifest file for new versions, use `package-ecosystem: "pip"` in your *dependabot.yml* file. +For example, if you use `poetry` to manage your Python dependencies and want {% data variables.product.prodname_dependabot %} to monitor your dependency manifest file for new versions, use `package-ecosystem: "pip"` in your *dependabot.yml* file. {% endnote %} diff --git a/data/reusables/dependabot/version-updates-for-actions.md b/data/reusables/dependabot/version-updates-for-actions.md index 3b63e3586d..f00b76cfe2 100644 --- a/data/reusables/dependabot/version-updates-for-actions.md +++ b/data/reusables/dependabot/version-updates-for-actions.md @@ -1 +1 @@ -You can also enable {% data variables.product.prodname_dependabot_version_updates %} for the actions that you add to your workflow. For more information, see "[Keeping your actions up to date with {% data variables.product.prodname_dependabot %}](/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot)." +You can also enable {% data variables.product.prodname_dependabot_version_updates %} for the actions that you add to your workflow. For more information, see "[Keeping your actions up to date with {% data variables.product.prodname_dependabot %}](/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot)." diff --git a/data/reusables/github-insights/contributors-tab.md b/data/reusables/github-insights/contributors-tab.md index 4f00212343..7eafbff08c 100644 --- a/data/reusables/github-insights/contributors-tab.md +++ b/data/reusables/github-insights/contributors-tab.md @@ -1,2 +1,2 @@ -1. Under **{% octicon "gear" aria-label="The gear icon" %} Settings**, click **Contibutors**. +1. Under **{% octicon "gear" aria-label="The gear icon" %} Settings**, click **Contributors**.  diff --git a/data/reusables/marketplace/downgrade-marketplace-only.md b/data/reusables/marketplace/downgrade-marketplace-only.md index fe5ba60c5c..aac9c98294 100644 --- a/data/reusables/marketplace/downgrade-marketplace-only.md +++ b/data/reusables/marketplace/downgrade-marketplace-only.md @@ -1 +1 @@ -Canceling an app or downgrading an app to free does not affect your [other paid subcriptions](/articles/about-billing-on-github) on {% data variables.product.prodname_dotcom %}. If you want to cease all of your paid subscriptions on {% data variables.product.prodname_dotcom %}, you must downgrade each paid subscription separately. +Canceling an app or downgrading an app to free does not affect your [other paid subscriptions](/articles/about-billing-on-github) on {% data variables.product.prodname_dotcom %}. If you want to cease all of your paid subscriptions on {% data variables.product.prodname_dotcom %}, you must downgrade each paid subscription separately. diff --git a/data/reusables/project-management/resync-automation.md b/data/reusables/project-management/resync-automation.md index a5281a26ff..38b2f7a9e8 100644 --- a/data/reusables/project-management/resync-automation.md +++ b/data/reusables/project-management/resync-automation.md @@ -1 +1 @@ -When you close a project board, any workflow automation configured for the project board will pause. If you reopen a project board, you have the option to sync automation, which updates the positon of the cards on the board according to the automation settings configured for the board. For more information, see "[Reopening a closed project board](/articles/reopening-a-closed-project-board)" or "[Closing a project board](/articles/closing-a-project-board)." +When you close a project board, any workflow automation configured for the project board will pause. If you reopen a project board, you have the option to sync automation, which updates the position of the cards on the board according to the automation settings configured for the board. For more information, see "[Reopening a closed project board](/articles/reopening-a-closed-project-board)" or "[Closing a project board](/articles/closing-a-project-board)." diff --git a/data/reusables/pull_requests/re-request-review.md b/data/reusables/pull_requests/re-request-review.md new file mode 100644 index 0000000000..5776451f77 --- /dev/null +++ b/data/reusables/pull_requests/re-request-review.md @@ -0,0 +1,2 @@ +You can re-request a review, for example, after you've made substantial changes to your pull request. +To request a fresh review from a reviewer, in the sidebar of the **Conversation** tab, click the {% octicon "sync" aria-label="The sync icon" %} icon. diff --git a/data/reusables/repositories/enable-security-alerts.md b/data/reusables/repositories/enable-security-alerts.md index e4f329be8d..1f1c4cd5fc 100644 --- a/data/reusables/repositories/enable-security-alerts.md +++ b/data/reusables/repositories/enable-security-alerts.md @@ -1,3 +1,3 @@ {% if enterpriseServerVersions contains currentVersion %} -Your site administrator must enable {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot_short %}{% else %}security{% endif %} alerts for vulnerable dependencies for {% data variables.product.product_location %} before you can use this feature. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)." +Your site administrator must enable {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts for vulnerable dependencies for {% data variables.product.product_location %} before you can use this feature. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)." {% endif %} diff --git a/data/reusables/repositories/sidebar-dependabot-alerts.md b/data/reusables/repositories/sidebar-dependabot-alerts.md index b5e860b43e..30ce19c2e0 100644 --- a/data/reusables/repositories/sidebar-dependabot-alerts.md +++ b/data/reusables/repositories/sidebar-dependabot-alerts.md @@ -1,2 +1,2 @@ -1. In the security sidebar, click **{% data variables.product.prodname_dependabot_short %} alerts**. - +1. In the security sidebar, click **{% data variables.product.prodname_dependabot_alerts %}**. + diff --git a/data/reusables/webhooks/installation_properties.md b/data/reusables/webhooks/installation_properties.md index 0f8ae4af38..8580d9fc2d 100644 --- a/data/reusables/webhooks/installation_properties.md +++ b/data/reusables/webhooks/installation_properties.md @@ -1,4 +1,4 @@ Key | Type | Description ----|------|------------ `action` | `string` | The action that was performed. Can be one of:- `created` - Someone installs a {% data variables.product.prodname_github_app %}.
- `deleted` - Someone uninstalls a {% data variables.product.prodname_github_app %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}
- `suspend` - Someone suspends a {% data variables.product.prodname_github_app %} installation.
- `unsuspend` - Someone unsuspends a {% data variables.product.prodname_github_app %} installation. {% endif %}
- `new_permissions_accepted` - Someone accepts new permissions for a {% data variables.product.prodname_github_app %} installation. When a {% data variables.product.prodname_github_app %} owner requests new permissions, the person who installed the {% data variables.product.prodname_github_app %} must accept the new permissions request.
- `added` - A user accepts an invitation to a repository.
- `removed` - A user is removed as a collaborator in a repository.
- `edited` - A user's collaborator permissios have changed.
- `added` - A user accepts an invitation to a repository.
- `removed` - A user is removed as a collaborator in a repository.
- `edited` - A user's collaborator permissions have changed.
{% data ui.footer.platform.heading %}
+
{% include search-form %}
diff --git a/includes/rest_operation.html b/includes/rest_operation.html
index afe3e801ba..dc30f725ca 100644
--- a/includes/rest_operation.html
+++ b/includes/rest_operation.html
@@ -122,9 +122,7 @@
Works with GitHub Apps
{% endif %}
{% for note in operation.notes %}
- {% unless note == 'Works with GitHub Apps' %}
- {{ note }}
- {% endunless %}
+ {{ note }}
{% endfor %}
{% endif %}
diff --git a/includes/scripts.html b/includes/scripts.html
new file mode 100644
index 0000000000..7c489813d5
--- /dev/null
+++ b/includes/scripts.html
@@ -0,0 +1 @@
+
diff --git a/includes/small-footer.html b/includes/small-footer.html
new file mode 100644
index 0000000000..e12574749b
--- /dev/null
+++ b/includes/small-footer.html
@@ -0,0 +1,23 @@
+
+
+{% include scripts %}
diff --git a/javascripts/search.js b/javascripts/search.js
index de27b03f00..c363b4bc02 100644
--- a/javascripts/search.js
+++ b/javascripts/search.js
@@ -5,8 +5,9 @@ const algoliasearch = require('algoliasearch')
const searchWithYourKeyboard = require('search-with-your-keyboard')
const querystring = require('querystring')
const truncate = require('html-truncate')
-const patterns = require('../lib/patterns')
const languages = require('../lib/languages')
+const allVersions = require('../lib/all-versions')
+const nonEnterpriseDefaultVersion = require('../lib/non-enterprise-default-version')
const languageCodes = Object.keys(languages)
const maxContentLength = 300
@@ -272,11 +273,15 @@ function deriveLanguageCodeFromPath () {
return languageCode
}
-// TODO use the new versions once we update the index names
-// note we can't use the old-versions-utils or path-utils
-// to derive these values because they require modules that use fs :/
function deriveVersionFromPath () {
- const enterpriseRegex = patterns.getEnterpriseServerNumber
- const enterprise = location.pathname.match(enterpriseRegex)
- return enterprise ? enterprise[1] : 'dotcom'
+ // fall back to the non-enterprise default version (FPT currently) on the homepage, 404 page, etc.
+ const version = location.pathname.split('/')[2] || nonEnterpriseDefaultVersion
+ const versionObject = allVersions[version] || allVersions[nonEnterpriseDefaultVersion]
+
+ // if GHES, returns the release number like 2.21, 2.22, etc.
+ // if FPT, returns 'dotcom'
+ // if GHAE, returns 'ghae'
+ return versionObject.plan === 'enterprise-server'
+ ? versionObject.currentRelease
+ : versionObject.miscBaseName
}
diff --git a/layouts/default.html b/layouts/default.html
index cbb745a516..59179cf802 100644
--- a/layouts/default.html
+++ b/layouts/default.html
@@ -14,7 +14,7 @@
{% include article %}
{% endif %}
{% include support %}
- {% include footer %}
+ {% include small-footer %}