Merge branch 'main' into patch-2

2025-12-22 03:16:52 -05:00 · 2021-03-16 11:34:23 -07:00
parent 836e2298ba 458cddd260
commit 32d38e781c
119 changed files with 1981 additions and 330 deletions
--- a/.devcontainer.json
+++ b/.devcontainer.json
@@ -2,13 +2,12 @@
 // For format details, see https://aka.ms/vscode-remote/devcontainer.json 
 {
    "name": "docs.github.com",
    "service": "container-doc",
    "settings": {
        "terminal.integrated.shell.linux": "/bin/bash",
        "cSpell.language": ",en"
    },
-    // Install pre-requisites, and start to serve docs.github.com locally
+    // Install pre-requisites and run a build to ensure we are ready to start serving docs.github.com locally (via `npm start`)
-    "postCreateCommand": "npm install && npm start",
+    "postCreateCommand": "npm ci && npm run build",
    "forwardPorts": [4000],
    // Visual Studio Code extensions which help authoring for docs.github.com.
    "extensions": [
--- a/.github/ISSUE_TEMPLATE/partner-contributed-documentation.md
+++ b/.github/ISSUE_TEMPLATE/partner-contributed-documentation.md
@@ -0,0 +1,45 @@
 ---
 name: Partner-owned product documentation
 about: Initiate a set of tasks to be completed by a GitHub partner wishing to document how their product works with GitHub
 title: ''
 labels:
 - partner
 assignees: ''
 ---
 <!--
 Thank you for your interest in contributing to the GitHub documentation.
 This issue template is only for use by GitHub's Technology Partners who wish to contribute documentation explaining how the partner's product works with GitHub, making it straightforward for our shared customers to adopt the product into their workflow.
 As a general guide, we estimate we have bandwidth for prioritizing and reviewing up to 3 partner contributions per quarter.
 Please be sure to complete all items in the checklists that follow, and feel free to comment with any questions. A member of the team will be glad to support you.
 -->
 ## Pre-requisites
 - [ ] Prior to submitting documentation, please apply to join the GitHub Technology Partner Program: [partner.github.com/apply](https://partner.github.com/apply?partnershipType=Technology+Partner). Please feel free to proceed once your application is approved.
 ## Tasks
 Please be sure to complete each of the following:
 **Third-party product documentation:**
 - [ ] MUST follow our [general contributing guidelines](CONTRIBUTING.md) for voice and markup format.
 - [ ] MUST emphasize how the third-party product works with GitHub.
 - [ ] MUST be written in Markdown format, using [one of the templates provided](contributing/github-partners/README.md#templates)
 - [ ] MUST include the name and URL of the GitHub technology partner responsible for maintenance of the documentation being contributed. This should be added via the `contributor.name` and `contributor.URL` properties in the template's YAML frontmatter.
 - [ ] MUST be proposed via a pull request to this repo following [the GitHub Flow](https://guides.github.com/introduction/flow/).
 - [ ] MUST be located in the root of [the `content` folder](content). Your filename MUST match the GitHub technology partner name, and use the `.md` file extension.
 **The `Pull Request`:**
 - [ ] MUST reference this issue, e.g. via `closes #<this issue number>`
 - [ ] MUST pass the automated CI checks
 - [ ] MUST include links to supporting material demonstrating the functionality being documented (this can be a link to a public GitHub repo, _or_ a video / screencast walkthrough)
 Once all tasks are completed, please mention `@github/docs-content` for next steps.
 /cc @github/partner-engineering for :eyes:
--- a/.github/ISSUE_TEMPLATE/production-config-change.md
+++ b/.github/ISSUE_TEMPLATE/production-config-change.md
@@ -0,0 +1,24 @@
 ---
 name: Change production configuration
 about: Track changes to the production docs.github.com site
 title: ''
 labels: engineering
 assignees: ''
 ---
 A configuration change would be something outside of our code that we change with our production environment, such as environment variables, virtual machine tier or quantity, or service providers.
 - _Primary person_:
 - _Second person_:
 - _When_:
 - _Zoom URL_:
 ### What is the configuration change?
 ### Why are we updating this configuration?
 ### What risks are there with this configuration change?
 ### If an issue happens, how do we roll back?
 Once the change is verified good, please close this issue.
--- a/.github/allowed-actions.js
+++ b/.github/allowed-actions.js
@@ -11,6 +11,8 @@ module.exports = [
  "actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e", //actions/setup-node@v2.1.4
  "ruby/setup-ruby@fdcfbcf14ec9672f6f615cb9589a1bc5dd69d262", //ruby/setup-ruby@vv1.64.1
  "actions/stale@9d6f46564a515a9ea11e7762ab3957ee58ca50da", //actions/stale@v3.0.16
  "alex-page/github-project-automation-plus@fdb7991b72040d611e1123d2b75ff10eda9372c9",
  "andymckay/labeler@22d5392de2b725cea4b284df5824125054049d84",
  "archive/github-actions-slack@d368c5a4ad757515a9344918f84c490b05777d94",
  "ashley-taylor/regex-property-action@93a24f845cd20790924208225cc72da8b4c6d46d",
  "crowdin/github-action@fd9429dd63d6c0f8a8cb4b93ad8076990bd6e688",
--- a/.github/workflows/autoupdate-branch.yml
+++ b/.github/workflows/autoupdate-branch.yml
@@ -17,8 +17,6 @@ on:
  push:
    branches:
      - main
  schedule:
    - cron: '*/30 * * * *' # every 30 minutes
 jobs:
  autoupdate:
--- a/.github/workflows/move-help-wanted-issues.yml
+++ b/.github/workflows/move-help-wanted-issues.yml
@@ -0,0 +1,17 @@
 name: Move help wanted issues
 on:
  issues:
    types:
      - labeled
 jobs:
  move_issues:
    if: github.repository == 'github/docs' && (github.event.label.name == 'help wanted' || github.event.label.name == 'good first issue')
    runs-on: ubuntu-latest
    steps:
      - uses: alex-page/github-project-automation-plus@fdb7991b72040d611e1123d2b75ff10eda9372c9
        with:
          project: Docs team reviews
          column: Help wanted
          repo-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
--- a/.github/workflows/move-ready-to-merge-issues.yaml
+++ b/.github/workflows/move-ready-to-merge-issues.yaml
@@ -0,0 +1,22 @@
 name: Move and unlabel ready to merge issues
 on:
  issues:
    types:
      - labeled
 jobs:
  unmark_for_review:
    if: github.repository == 'github/docs' && github.event.label.name == 'ready to merge'
    runs-on: ubuntu-latest
    steps:
      - name: move issue
        uses: alex-page/github-project-automation-plus@fdb7991b72040d611e1123d2b75ff10eda9372c9
        with:
          project: Docs team reviews
          column: Triage
          repo-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
      - name: remove label
        uses: andymckay/labeler@22d5392de2b725cea4b284df5824125054049d84
        with:
          remove-labels: 'waiting for review'
          repo-token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/remove-from-fr-board.yaml
+++ b/.github/workflows/remove-from-fr-board.yaml
@@ -2,7 +2,7 @@ name: Remove card from FR board
 on:
  repository_dispatch:
-    types: remove_from_FR_board
+    types: remove_from_docs_FR_board
 jobs:
  remove_from_FR_board:
--- a/.github/workflows/repo-sync.yml
+++ b/.github/workflows/repo-sync.yml
@@ -40,7 +40,7 @@ jobs:
          destination_branch: main
          pr_title: 'repo sync'
          pr_body: "This is an automated pull request to sync changes between the public and private repos.\n\n:robot: This pull request should be merged (not squashed) to preserve continuity across repos, so please let a bot do the merging!"
-          pr_label: autoupdate,automated-reposync-pr
+          pr_label: automerge,autoupdate,automated-reposync-pr
          github_token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
      - name: Find pull request
@@ -88,34 +88,6 @@ jobs:
              console.log(`Branch is already up-to-date`)
            }
      - name: Enable GitHub auto-merge
        if: ${{ steps.find-pull-request.outputs.number }}
        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const pull = await github.pulls.get({
              ...context.repo,
              pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
            })
            const pullNodeId = pull.data.node_id
            console.log(`Pull request GraphQL Node ID: ${pullNodeId}`)
            const mutation = `mutation ($id: ID!) {
              enablePullRequestAutoMerge(input: {
                pullRequestId: $id,
                mergeMethod: MERGE
              }) {
                clientMutationId
              }
            }`
            const variables = {
              id: pullNodeId
            }
            await github.graphql(mutation, variables)
            console.log('Auto-merge enabled!')
      - name: Send Slack notification if workflow fails
        uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
        if: failure()
--- a/assets/images/help/repository/code-scanning-branch-dropdown.png
+++ b/assets/images/help/repository/code-scanning-branch-dropdown.png
--- a/assets/images/help/repository/code-scanning-click-alert.png
+++ b/assets/images/help/repository/code-scanning-click-alert.png
--- a/content/README.md
+++ b/content/README.md
@@ -25,6 +25,7 @@ See the [contributing docs](/CONTRIBUTING.md) for general information about work
  - [`includeGuides`](#includeGuides)
  - [`type`](#type)
  - [`topics`](#topics)
  - [`contributor`](#contributor)
  - [Escaping single quotes](#escaping-single-quotes)
 - [Autogenerated mini TOCs](#autogenerated-mini-tocs)
 - [Versioning](#versioning)
@@ -231,6 +232,18 @@ includeGuides:
 - Type: `String`
 - Optional.
 ### `contributor`
 - Purpose: Indicate an article is contributed and maintained by a third-party organization, typically a GitHub Technology Partner.
 - Type: `Object`. Properties are `name` and `URL`.
 - Optional.
 Example:
 ```yml
 contributor:
  name: ACME, inc.
  URL: https://acme.example.com/
 ```
 ### Escaping single quotes
--- a/content/actions/learn-github-actions/finding-and-customizing-actions.md
+++ b/content/actions/learn-github-actions/finding-and-customizing-actions.md
@@ -114,6 +114,12 @@ outputs:
    description: "Path to results file"
 ```
 {% if currentVersion == "github-ae@latest" %}
 ### Using the actions included with {% data variables.product.prodname_ghe_managed %}
 By default, you can use most of the official {% data variables.product.prodname_dotcom %}-authored actions in {% data variables.product.prodname_ghe_managed %}. For more information, see "[Using actions in {% data variables.product.prodname_ghe_managed %}](/admin/github-actions/using-actions-in-github-ae)."
 {% endif %}
 ### Referencing an action in the same repository where a workflow file uses the action
 If an action is defined in the same repository where your workflow file uses the action, you can reference the action with either the ‌`{owner}/{repo}@{ref}` or `./path/to/dir` syntax in your workflow file.
--- a/content/actions/using-github-hosted-runners/about-ae-hosted-runners.md
+++ b/content/actions/using-github-hosted-runners/about-ae-hosted-runners.md
@@ -25,6 +25,13 @@ Each workflow job is executed in a fresh instance of the {% data variables.actio
 To add {% data variables.actions.hosted_runner %}s to your organization or enterprise, see ["Adding {% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/adding-ae-hosted-runners)."
 ### Pool assignments for {% data variables.actions.hosted_runner %}s
 Your {% data variables.actions.hosted_runner %}s are allocated to the same pool as your {% data variables.product.prodname_ghe_managed %} instance. No other customers have access to this pool, and as a result, {% data variables.actions.hosted_runner %}s are not shared with any other customers.
 ### Managing your {% data variables.actions.hosted_runner %}s
 During the {% data variables.actions.hosted_runner %} beta, you can manage your {% data variables.actions.hosted_runner %}s by contacting {% data variables.product.prodname_dotcom %} support. For example, {% data variables.product.prodname_dotcom %} support can assist you with adding a new {% data variables.actions.hosted_runner %}, assigning labels, or moving a {% data variables.actions.hosted_runner %} to a different group.
 ### Billing
--- a/content/admin/enterprise-management/upgrading-github-enterprise-server.md
+++ b/content/admin/enterprise-management/upgrading-github-enterprise-server.md
@@ -45,6 +45,12 @@ Increased requirements for {% data variables.product.prodname_ghe_server %} 3.0
 | 5,000 to 8000 | **16**<br/>_Up from 12_ | 96 GB | 750 GB | 200 GB |
 | 8,000 to 10,000+ | **20**<br/>_Up from 16_ | **160 GB**<br/>_Up from 128 GB_ | 1000 GB | 200 GB |
 {% if currentVersion ver_gt "enterprise-server@2.21" %}
 For more information about hardware requirements for {% data variables.product.prodname_actions %}, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)."
 {% endif %}
 {% data reusables.enterprise_installation.about-adjusting-resources %}
 {% endif %}
--- a/content/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server.md
+++ b/content/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server.md
@@ -31,9 +31,20 @@ This article explains how site administrators can configure {% data variables.pr
 {% endif %}
-{% data reusables.actions.enterprise-hardware-considerations %}
+The CPU and memory resources available to {% data variables.product.product_location %} determine the maximum job throughput for {% data variables.product.prodname_actions %}.
-For more information about resource requirements for {% data variables.product.prodname_ghe_server %}, see the hardware considerations for your instance's platform.
+Internal testing at {% data variables.product.company_short %} demonstrated the following maximum throughput for {% data variables.product.prodname_ghe_server %} instances with a range of CPU and memory configurations. You may see different throughput depending on the overall levels of activity on your instance.
 | vCPUs | Memory | Maximum job throughput |
 | :--- | :--- | :--- |
 | 4 | 32 GB | Demo or light testing |
 | 8 | 64 GB | 25 jobs |
 | 16 | 160 GB | 35 jobs |
 | 32 | 256 GB | 100 jobs |
 If you {% if currentVersion == "enterprise-server@2.22" %}enabled the beta of{% else %}plan to enable{% endif %} {% data variables.product.prodname_actions %} for the users of an existing instance, review the levels of activity for users and automations on the instance and ensure that you have provisioned adequate CPU and memory for your users. For more information about monitoring the capacity and performance of {% data variables.product.prodname_ghe_server %}, see "[Monitoring your appliance](/admin/enterprise-management/monitoring-your-appliance)."
 For more information about minimum hardware requirements for {% data variables.product.product_location %}, see the hardware considerations for your instance's platform.
 - [AWS](/admin/installation/installing-github-enterprise-server-on-aws#hardware-considerations)
 - [Azure](/admin/installation/installing-github-enterprise-server-on-azure#hardware-considerations)
--- a/content/admin/github-actions/index.md
+++ b/content/admin/github-actions/index.md
@@ -16,6 +16,7 @@ versions:
 {% topic_link_in_list /using-github-actions-in-github-ae %}
  {% link_in_list /getting-started-with-github-actions-for-github-ae %}
  {% link_in_list /using-actions-in-github-ae %}
 {% topic_link_in_list /enabling-github-actions-for-github-enterprise-server %}
  {% link_in_list /getting-started-with-github-actions-for-github-enterprise-server %}
--- a/content/admin/github-actions/using-actions-in-github-ae.md
+++ b/content/admin/github-actions/using-actions-in-github-ae.md
@@ -0,0 +1,20 @@
 ---
 title: Using actions in GitHub AE
 intro: '{% data variables.product.prodname_ghe_managed %} includes most of the {% data variables.product.prodname_dotcom %}-authored actions.'
 versions:
  github-ae: '*'
 ---
 {% data reusables.actions.ae-beta %}
 {% data variables.product.prodname_actions %} workflows can use _actions_, which are individual tasks that you can combine to create jobs and customize your workflow. You can create your own actions, or use and customize actions shared by the {% data variables.product.prodname_dotcom %} community.
 ### Official actions bundled with {% data variables.product.prodname_ghe_managed %}
 Most official {% data variables.product.prodname_dotcom %}-authored actions are automatically bundled with {% data variables.product.prodname_ghe_managed %}, and are captured at a point in time from {% data variables.product.prodname_marketplace %}. When your {% data variables.product.prodname_ghe_managed %} instance is updated, the bundled official actions are also updated.
 The bundled official actions include `actions/checkout`, `actions/upload-artifact`, `actions/download-artifact`, `actions/labeler`, and various `actions/setup-` actions, among others. To see which of the official actions are included, browse to the following organizations on your instance: 
 - <code>https://<em>HOSTNAME</em>/actions</code>
 - <code>https://<em>HOSTNAME</em>/github</code>
 Each action's files are kept in a repository in the `actions` and `github` organizations. Each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action.
--- a/content/developers/apps/setting-up-your-development-environment-to-create-a-github-app.md
+++ b/content/developers/apps/setting-up-your-development-environment-to-create-a-github-app.md
@@ -151,7 +151,7 @@ You need to add these variables to the `.env` file:
 Here is an example `.env` file:
 ```
-PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
+GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
 ...
 HkVN9...
 ...
@@ -402,7 +402,7 @@ Here are a few common problems and some suggested solutions. If you run into any
    **A:** You probably haven't set up your private key environment variable quite right. Your `GITHUB_PRIVATE_KEY` variable should look like this:
    ```
-    PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
+    GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
    ...
    HkVN9...
    ...
--- a/content/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository.md
+++ b/content/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository.md
@@ -12,9 +12,7 @@ versions:
 {% data reusables.discussions.about-discussions %} {% data reusables.discussions.about-categories-and-formats %}
-Each category must have a unique name and emoji pairing, and can be accompanied by a detailed description stating its purpose. Categories help maintainers organize how conversations are filed and are customizable to help distinguish categories that are Q&A or more open-ended conversations.{% data reusables.discussions.repository-category-limit %}
+Each category must have a unique name and emoji pairing, and can be accompanied by a detailed description stating its purpose. Categories help maintainers organize how conversations are filed and are customizable to help distinguish categories that are Q&A or more open-ended conversations. {% data reusables.discussions.repository-category-limit %} For more information, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions#about-categories-and-formats-for-discussions)."
 For more information, see "[About discussions](/discussions/collaborating-with-your-community-using-discussions/about-discussions#about-categories-and-formats-for-discussions)."
 ### Default categories
--- a/content/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository.md
+++ b/content/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository.md
@@ -24,7 +24,7 @@ To manage discussions in a repository, discussions must be enabled for the repos
 ### Changing the category for a discussion
-You can categorize discussions to help community members find related discussions. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)" article.
+You can categorize discussions to help community members find related discussions. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)."
 You can also move a discussion to a different category.
--- a/content/discussions/quickstart.md
+++ b/content/discussions/quickstart.md
@@ -16,7 +16,7 @@ Discussions give a space for more collaborative conversations by connecting and
 ### Enabling {% data variables.product.prodname_discussions %} on your repository
-Repository owners and people with write access can enable {% data variables.product.prodname_discussions %} for a community on their public repositories.
+Repository owners and people with write access can enable {% data variables.product.prodname_discussions %} for a community on their public and private repositories.
 When you first enable a {% data variables.product.prodname_discussions %}, you will be invited to configure a welcome post.
@@ -49,13 +49,13 @@ Anyone with access to a repository can create a discussion.
 ### Organizing discussions into relevant categories
-Repository owners and people with write access can create new categories to keep discussions organized. Collaborators participating and creating new discussions can group discussions into the most relevant existing categories. Discussions can also be recategorized after they are created. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)"
+Repository owners and people with write access can create new categories to keep discussions organized. Collaborators participating and creating new discussions can group discussions into the most relevant existing categories. Discussions can also be recategorized after they are created. For more information, see "[Managing categories for discussions in your repository](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)."
 ### Promoting healthy conversations
 People with write permissions for a repository can help surface important conversations by pinning discussions, deleting discussions that are no longer useful or are damaging to the community, and transferring discussions to more relevant repositories owned by the organization. For more information, see "[Managing discussions in your repository](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository)."
-People with triage permissions for a repository can help moderate a project's discussions by marking comments as answers, locking discussions that are not longer useful or are damaging to the community, and converting issues to discussions when an idea is still in the early stages of development. For more information, see "[Moderating discussions](/discussions/managing-discussions-for-your-community/moderating-discussions)."
+People with triage permissions for a repository can help moderate a project's discussions by marking comments as answers, locking discussions that are no longer useful or are damaging to the community, and converting issues to discussions when an idea is still in the early stages of development. For more information, see "[Moderating discussions](/discussions/managing-discussions-for-your-community/moderating-discussions)."
 ### Next steps
--- a/content/github/administering-a-repository/about-dependabot-version-updates.md
+++ b/content/github/administering-a-repository/about-dependabot-version-updates.md
@@ -22,6 +22,8 @@ When {% data variables.product.prodname_dependabot %} identifies an outdated dep
 If you enable security updates, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
 {% data reusables.dependabot.pull-request-security-vs-version-updates %}
 {% data reusables.dependabot.dependabot-tos %}
 ### Frequency of {% data variables.product.prodname_dependabot %} pull requests
--- a/content/github/administering-a-repository/configuration-options-for-dependency-updates.md
+++ b/content/github/administering-a-repository/configuration-options-for-dependency-updates.md
@@ -551,7 +551,7 @@ updates:
 ### `vendor`
-Use the `vendor` option to tell {% data variables.product.prodname_dependabot %} to vendor dependencies when updating them.
+Use the `vendor` option to tell {% data variables.product.prodname_dependabot %} to vendor dependencies when updating them. Don't use this option if you're using `gomod` as {% data variables.product.prodname_dependabot %} automatically detects vendoring for this tool.
 ```yaml
 # Configure version updates for both dependencies defined in manifests and vendored dependencies
--- a/content/github/administering-a-repository/viewing-branches-in-your-repository.md
+++ b/content/github/administering-a-repository/viewing-branches-in-your-repository.md
@@ -16,6 +16,8 @@ versions:
    - **Stale branches**: The **Stale** view shows all branches that no one has committed to in the last three months, ordered by the branches with the oldest commits first. Use this list to determine [which branches to delete](/articles/creating-and-deleting-branches-within-your-repository).
    - **All branches**: The **All** view shows the default branch, followed by all other branches ordered by the branches with the most recent commits first.
 4. Optionally, use the search field on the top right. It provides a simple, case-insensitive, sub-string search on the branch name. It does not support any additional query syntax.
 ![The branches page for the Atom repository](/assets/images/help/branches/branches-overview-atom.png)
 ### Further reading
--- a/content/github/authenticating-to-github/creating-a-strong-password.md
+++ b/content/github/authenticating-to-github/creating-a-strong-password.md
@@ -11,10 +11,10 @@ versions:
 You must choose or generate a password for your {% data variables.product.product_name %} account that is at least:
 - Eight characters long, if it includes a number and a lowercase letter, or
- 16 characters long with any combination of characters
+- 15 characters long with any combination of characters
 To keep your account secure, we recommend you follow these best practices:
- Use a password manager, such as [LastPass](https://lastpass.com/) or [1Password](https://1password.com/), to generate a password more than 16 characters.
+- Use a password manager, such as [LastPass](https://lastpass.com/) or [1Password](https://1password.com/), to generate a password of at least 15 characters.
 - Generate a unique password for {% data variables.product.product_name %}. If you use your {% data variables.product.product_name %} password elsewhere and that service is compromised, then attackers or other malicious actors could use that information to access your {% data variables.product.product_name %} account.
 - Configure two-factor authentication for your personal account. For more information, see "[About two-factor authentication](/articles/about-two-factor-authentication)."
 - Never share your password, even with a potential collaborator. Each person should use their own personal account on {% data variables.product.product_name %}. For more information on ways to collaborate, see: "[Inviting collaborators to a personal repository](/articles/inviting-collaborators-to-a-personal-repository)," "[About collaborative development models](/articles/about-collaborative-development-models/)," or "[Collaborating with groups in organizations](/articles/collaborating-with-groups-in-organizations/)."
--- a/content/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md
+++ b/content/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies.md
@@ -20,8 +20,7 @@ When your code depends on a package that has a security vulnerability, this vuln
 {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %} detects vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %}{% else %}{% data variables.product.product_name %} detects vulnerable dependencies and sends security alerts{% endif %} when:
 {% if currentVersion == "free-pro-team@latest" %}
- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)."
+- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)."{% else %}
 - New vulnerability data from [WhiteSource](https://www.whitesourcesoftware.com/vulnerability-database) is processed.{% else %}
 - New advisory data is synchronized to {% data variables.product.prodname_ghe_server %} each hour from {% data variables.product.prodname_dotcom_the_website %}. For more information about advisory data, see "<a href="/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database" class="dotcom-only">Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}</a>."{% endif %}
 - The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on{% if currentVersion == "free-pro-team@latest" %}, or when the code of one of the dependencies changes{% endif %}. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
--- a/content/github/managing-security-vulnerabilities/about-dependabot-security-updates.md
+++ b/content/github/managing-security-vulnerabilities/about-dependabot-security-updates.md
@@ -22,6 +22,10 @@ The {% data variables.product.prodname_dependabot_security_updates %} feature is
 {% endnote %}
 You can enable a related feature, {% data variables.product.prodname_dependabot_version_updates %}, so that {% data variables.product.prodname_dependabot %} raises pull requests to update the manifest to the latest version of the dependency, whenever it detects an outdated dependency. For more information, see "[About {% data variables.product.prodname_dependabot %} version updates](/github/administering-a-repository/about-dependabot-version-updates)."
 {% data reusables.dependabot.pull-request-security-vs-version-updates %}
 ### About pull requests for security updates
 Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_alerts %} for the repository.
--- a/content/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization.md
+++ b/content/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization.md
@@ -76,6 +76,8 @@ You can enable or disable features for all repositories. {% if currentVersion ==
   ![Button to enable feature for all the eligible repositories in the organization](/assets/images/enterprise/github-ae/organizations/security-and-analysis-enable-secret-scanning-existing-repos-ghae.png)
   {% endif %}
   {% data reusables.security.displayed-information %}
 ### Enabling or disabling a feature automatically when new repositories are added
 1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)."
--- a/content/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account.md
+++ b/content/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account.md
@@ -28,6 +28,8 @@ For an overview of repository-level security, see "[About securing your reposito
 7. Click **Disable FEATURE** or **Enable FEATURE** to disable or enable the feature for all the repositories you own.
  ![Button to disable or enable feature](/assets/images/help/settings/security-and-analysis-enable-dependency-graph.png)
 {% data reusables.security.displayed-information %}
 ### Enabling or disabling features for new repositories
 {% data reusables.user_settings.access_settings %}
--- a/content/github/site-policy/github-private-information-removal-policy.md
+++ b/content/github/site-policy/github-private-information-removal-policy.md
@@ -0,0 +1,88 @@
 ---
 title: GitHub Private Information Removal Policy
 redirect_from:
  - /articles/github-sensitive-data-removal-policy
  - /github/site-policy/github-sensitive-data-removal-policy
 versions:
  free-pro-team: '*'
 ---
 We offer this private information removal process as an exceptional service only for high-risk content that violates [GitHub's Terms of Service](/github/site-policy/github-acceptable-use-policies#3-conduct-restrictions), such as when your security is at risk from exposed access credentials. This guide describes the information GitHub needs from you in order to process a request to remove private information from a repository.
 ### What is Private Information?
 For the purposes of this document, “private information” refers to content that (i) should have been kept confidential, *and* (ii) whose public availability poses a specific or targeted security risk to you or your organization. 
 "Security risk" refers to a situation involving exposure to physical danger, identity theft, or increased likelihood of unauthorized access to physical or network facilities.
 #### Private information removal requests are appropriate for:
 - Access credentials, such as user names combined with passwords, access tokens, or other sensitive secrets that can grant access to your organization's server, network, or domain.
 - AWS tokens and other similar access credentials that grant access to a third party on your behalf. You must be able to show that the token does belong to you.
 - Documentation (such as network diagrams or architecture) that poses a specific security risk for an organization. 
 - [Information](/github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy) related to, and posing a security risk to, you as an individual (such as social security numbers or other government identification numbers).
 #### Private information removal requests are _not_ appropriate for:
 - Internal server names, IP addresses, and URLs, on their own. You must be able to show that their use in a particular file or piece of code poses a security threat.
 - Mere mentions of your company's identity, name, brand, domain name, or other references to your company in files on GitHub. You must be able to articulate why a use of your company's identity is a threat to your company's security posture.
 - Entire files or repositories that do not pose a specific security risk, but you believe are otherwise objectionable.
 - Requests to remove content that may infringe your or your organization's copyright rights. If you have questions about how GitHub handles copyright-related matters or would like to report potentially infringing content, please review our [DMCA Takedown Policy](/articles/dmca-takedown-policy/). The private information removal process is generally not intended for the removal of full files or repositories — only for the specific pieces of private information in those files. While there may be cases where files are filled entirely with private information, you must justify the security risk for the removal of such files, and this may increase the time required to process your request.
 - Trademark disputes. If you have questions about how GitHub handles trademark-related matters or would like to report content containing your organization's trade or service marks, please review our [Trademark Policy](/articles/github-trademark-policy/).
 - Privacy complaints. If you wish to access, transfer, change, or delete your personal information on GitHub, please contact us via [our Privacy contact form](https://github.com/contact/privacy). 
 - Content governed by our [Community Guidelines](/articles/github-community-guidelines/), such as malware or general-purpose tools. If you have questions about our Community Guidelines or believe that content on GitHub might violate our guidelines, you can use {% data variables.contact.report_content %} to contact us.
 ### Things to Know
 **Ask Nicely First.** A great first step before sending us a request to remove data is to try contacting the user directly. They may have listed contact information on their public profile page or in the repository's README or Support file, or you could get in touch by creating an issue or pull request in the repository. This is not strictly required, but it is appreciated.
 **No Bots.** You should have a trained professional evaluate the facts of every request you send. If you're outsourcing your efforts to a third party, make sure you know how they operate, and make sure they are not using automated bots to submit complaints in bulk. These complaints often include data that does not pose any security threats, and they do not include sufficient explanations, requiring additional back-and-forth and resulting in delays, even when the complaint is valid.
 **Send In The Correct Request.** As noted above, we offer this private information removal process as an exceptional service only for high-risk content. We are not able to use this process to remove other kinds of content, such as potentially infringing content, and we are not able to process any other kinds of removal requests simultaneously while processing private information removal requests. We will be able to help you more quickly if you send in your private information removal requests separately from any requests to remove potentially infringing content. If you are unsure whether your request involves only private information or also involves other legal matters, please consult legal counsel. 
 **Processing Time.** While we do process private information removal requests as quickly as possible, due to the volume of requests we process, it may take some time for your request to be reviewed. Additional requests, or multiple requests from additional points of contact, may result in delays.
 ### How Does This Actually Work?
 1. **Complainant Investigates.** It is up to the requesting party to conduct their own investigation and to provide us with the [details we require](#your-request-must-include) — most importantly, an explanation of how the data poses a security risk. GitHub is not in a position to search for or make initial determinations about private information on any individual's or organization's behalf.
 2. **Complainant Sends a Private Information Removal Request.** After conducting an investigation, the complainant prepares and [sends a private information removal request](#sending-a-private-information-removal-request) to GitHub. If the request is not sufficiently detailed to demonstrate the security risk and for GitHub to locate the data, we will reply and ask for more information.
 3. **GitHub Asks User to Make Changes.** In most cases, we will contact the user who created the repository and give them an opportunity to delete or modify the private information specified in the request or to dispute the claim.
 4. **User Notifies GitHub of Changes.** If the user chooses to make the specified changes, they must tell us so within the window of time they've been allowed. If they don't, we will disable the repository. If the user notifies us that they made changes, we will verify that the changes have been made and notify the complainant.
  OR
 5. **User May Dispute the Request.** If a user believes the content in question is not private information subject to this Policy, they may dispute it. If they do, we will generally leave it up to the complainant to contact the user and work things out with them directly, within reason.
 6. **Complainant Reviews Changes.** If the user makes changes, the complainant must review them. If the changes are insufficient, the complainant must provide GitHub with details explaining why. GitHub may disable the repository or give the user an additional chance to make the changes.
 7. **User May Request an Additional Window to Make Changes.** If the user missed their opportunity to remove the private information specified in the notice, we may allow them an additional window of approximately 1 business day, upon request, to make those changes. In that event, GitHub will notify the complainant.
 #### What About Forks? (or What's a Fork?)
 One of the best features of GitHub is the ability for users to "fork" one another's repositories. What does that mean? In essence, it means that users can make a copy of a project on GitHub into their own repositories. As the license or the law allows, users can then make changes to that fork to either push back to the main project or just keep as their own variation of a project. Each of these copies is a "[fork](/articles/github-glossary/#fork)" of the original repository, which in turn may also be called the "parent" of the fork.
 GitHub will not automatically disable forks when disabling a parent repository. This is because forks belong to different users and may have been altered in significant ways. GitHub does not conduct any independent investigation into forks. We expect those sending private information removal requests to conduct that investigation and, if they believe that the forks also contain private information, expressly include forks in their request.
 If at the time that you submitted your notice, you identified all existing forks of that repository, we would process a valid claim against all forks in that network at the time we process the notice. We would do this given the likelihood that all newly created forks would contain the same content. In addition, if the reported network that contains the reported content is larger than one hundred (100) repositories and thus would be difficult to review in its entirety, we may consider disabling the entire network if you state in your notice that, based on the representative number of forks you have reviewed, you believe that all or most of the forks contain the content reported in the parent repository.
 ### Sending A Private Information Removal Request
 Due to the type of content GitHub hosts (mostly software code) and the way that content is managed (with Git), we need complaints to be as specific as possible. In order for us to verify that a user has removed reported private information completely, we need to know exactly where to look.
 These guidelines are designed to make the processing of requests to remove private information as straightforward as possible.
 #### Your Request Must Include:
 1. A working, clickable link to each file containing private information. (Note that we're not able to work from search results, examples, or screenshots.)
 2. Specific line numbers within each file containing the private information.
 3. A brief description of how each item you've identified poses a security risk to you or your organization. ***It is important that you provide an explanation of how the data poses a security risk beyond merely stating that it does.***
 4. If you are a third party acting as an agent for an organization facing a security risk, include a statement that you have a legal right to act on behalf of that organization.
 5. OPTIONAL: Let us know if your request is particularly urgent, and why. We respond to all private information removal requests as quickly as possible. However, if this request is especially time-sensitive, such as a very recent credential exposure, please explain why.
 ### How to Submit Your Request
 You can submit your request to remove private information via our [contact form](https://support.github.com/contact?tags=docs-private-information). Please include a plain-text version of your request in the body of your message. Sending your request in an attachment may result in processing delays.
 ### Disputes
 If you received a private information removal request from us, you can dispute it by replying to our email and letting us know — in as much detail as possible — why you think the content in question is not private information subject to this Policy.
--- a/content/github/site-policy/github-sensitive-data-removal-policy.md
+++ b/content/github/site-policy/github-sensitive-data-removal-policy.md
@@ -1,82 +0,0 @@
 ---
 title: GitHub Sensitive Data Removal Policy
 redirect_from:
  - /articles/github-sensitive-data-removal-policy
 versions:
  free-pro-team: '*'
 ---
 If you believe that content on GitHub infringes a valid copyright you own, please see our [DMCA Takedown Policy](/articles/dmca-takedown-policy/) and our [Guide to Submitting a DMCA Takedown Notice](/articles/guide-to-submitting-a-dmca-takedown-notice/). We rely on the DMCA notice and takedown process for the majority of our removal actions.
 However, we understand that sensitive, security-related content may get published on GitHub – whether accidentally or on purpose – from time to time. We provide our sensitive data removal process to remove this sensitive data in certain exceptional circumstances where the DMCA process would not be applicable, such as when your security is at risk from exposed passwords and you do not own the copyright to the specific content that you need removed, or the content is not protectable by copyright. This guide describes the information GitHub needs from you in order to process a request to remove sensitive data from a repository.
 ### What is Sensitive Data?
 For the purposes of this document, “sensitive data” refers to content that (i) should have been kept confidential, *and* (ii) whose public availability poses a specific or targeted security risk to you or your organization.
 #### Sensitive data removal requests are appropriate for:
 - Access credentials, such as user names combined with passwords, access tokens, or other sensitive secrets that can grant access to your organization's server, network, or domain.
 - AWS tokens and other similar access credentials that grant access to a third party on your behalf. You must be able to show that the token does belong to you.
 - Documentation (such as network diagrams) that poses a specific security risk for an organization. Internal server names, IP addresses, and URLs, on their own, are not sufficiently sensitive; you must be able to show that the internal server name's use in a particular file or piece of code poses a security threat.
 #### Sensitive data removal requests are _not_ appropriate for:
 -  Requests to remove content that may infringe your or your organization's copyright rights. If you have questions about how GitHub handles copyright-related matters or would like to report potentially infringing content, please review our [DMCA Takedown Policy](/articles/dmca-takedown-policy/). The sensitive data removal process is generally not intended for the removal of full files or repositories — only for the specific pieces of sensitive data in those files. While there may be cases where files are filled entirely with sensitive information, you must justify the security risk for the removal of such files, and this may increase the time required to process your request.
 - Trademark disputes. If you have questions about how GitHub handles trademark-related matters or would like to report content containing your organization's trade or service marks, please review our [Trademark Policy](/articles/github-trademark-policy/).
 - Mere mentions of your company's identity, name, brand, domain name, or other references to your company in files on GitHub. You must be able to articulate why a use of your company's identity is a threat to your company's security posture before we will take action under this policy.
 - Privacy complaints. If you have concerns about your own privacy or you are contacting us on behalf of your employees due to a privacy concern — for example, if there are private email addresses or other personal information posted — please contact us via [our Privacy contact form](https://github.com/contact/privacy).
 - Entire files or repositories that do not pose a specific security risk, but you believe are otherwise objectionable.
 - Content governed by our [Community Guidelines](/articles/github-community-guidelines/), such as malware or general-purpose tools. If you have questions about our Community Guidelines or believe that content on GitHub might violate our guidelines, you can use {% data variables.contact.report_content %} to contact us.
 ### Things to Know
 **Ask Nicely First.** A great first step before sending us a request to remove data is to try contacting the user directly. They may have listed contact information on their public profile page or in the repository's README or Support file, or you could get in touch by creating an issue or pull request in the repository. This is not strictly required, but it is appreciated.
 **No Bots.** You should have a trained professional evaluate the facts of every request you send. If you're outsourcing your efforts to a third party, make sure you know how they operate, and make sure they are not using automated bots to submit complaints in bulk. These complaints often include data that does not pose any security threats, and they do not include sufficient explanations, requiring additional back-and-forth and resulting in delays, even when the complaint is valid.
 **Send In The Correct Request.** We offer this sensitive data removal process as an exceptional service only for high-risk content. We are not able to use this process to remove other kinds of content, such as potentially infringing content, and we are not able to process any other kinds of removal requests simultaneously while processing sensitive removal requests. We will be able to help you more quickly if you send in your sensitive data removal requests separately from any requests to remove potentially infringing content. If you are unsure whether your request involves only sensitive data or also involves other legal matters, please consult legal counsel.
 **Processing Time.** While we do process sensitive data removal requests as quickly as possible, due to the volume of requests we process, it may take some time for your request to be reviewed. Additional requests, or multiple requests from additional points of contact, may result in delays.
 ### How Does This Actually Work?
 1. **Complainant Investigates.** It is up to the requesting party to conduct their own investigation and to provide us with the [details we require](#your-request-must-include) — most importantly, an explanation of how the data poses a security risk. GitHub is not in a position to search for or make initial determinations about sensitive data on any individual's or organization's behalf.
 2. **Complainant Sends a Sensitive Data Removal Request.** After conducting an investigation, the complainant prepares and [sends a sensitive data removal request](#sending-a-sensitive-data-removal-request) to GitHub. If the request is not sufficiently detailed to demonstrate the security risk and for GitHub to locate the data, we will reply and ask for more information.
 3. **GitHub Asks User to Make Changes.** In most cases, we will contact the user who created the repository and give them an opportunity to delete or modify the sensitive data specified in the request or to dispute the claim.
 4. **User Notifies GitHub of Changes.** If the user chooses to make the specified changes, they must tell us so within the window of time they've been allowed. If they don't, we will disable the repository. If the user notifies us that they made changes, we will verify that the changes have been made and notify the complainant.
  OR
 5. **User May Dispute the Request.** If a user believes the content in question is not sensitive data subject to this Policy, they may dispute it. If they do, we will generally leave it up to the complainant to contact the user and work things out with them directly, within reason.
 6. **Complainant Reviews Changes.** If the user makes changes, the complainant must review them. If the changes are insufficient, the complainant must provide GitHub with details explaining why. GitHub may disable the repository or give the user an additional chance to make the changes.
 7. **User May Request an Additional Window to Make Changes.** If the user missed their opportunity to remove the sensitive data specified in the notice, we may allow them an additional window of approximately 1 business day, upon request, to make those changes. In that event, GitHub will notify the complainant.
 #### What About Forks? (or What's a Fork?)
 One of the best features of GitHub is the ability for users to "fork" one another's repositories. What does that mean? In essence, it means that users can make a copy of a project on GitHub into their own repositories. As the license or the law allows, users can then make changes to that fork to either push back to the main project or just keep as their own variation of a project. Each of these copies is a "[fork](/articles/github-glossary/#fork)" of the original repository, which in turn may also be called the "parent" of the fork.
 GitHub will not automatically disable forks when disabling a parent repository. This is because forks belong to different users and may have been altered in significant ways. GitHub does not conduct any independent investigation into forks. We expect those sending sensitive data removal requests to conduct that investigation and, if they believe that the forks also contain sensitive data, expressly include forks in their request.
 ### Sending A Sensitive Data Removal Request
 Due to the type of content GitHub hosts (mostly software code) and the way that content is managed (with Git), we need complaints to be as specific as possible. In order for us to verify that a user has removed reported sensitive data completely, we need to know exactly where to look.
 These guidelines are designed to make the processing of requests to remove sensitive data as straightforward as possible.
 #### Your Request Must Include:
 1. A working, clickable link to each file containing sensitive data. (Note that we're not able to work from search results, examples, or screenshots.)
 2. Specific line numbers within each file containing the sensitive data.
 3. A brief description of how each item you've identified poses a security risk to you or your organization. ***It is important that you provide an explanation of how the data poses a security risk beyond merely stating that it does.***
 4. If you are a third party acting as an agent for an organization facing a security risk, include a statement that you have a legal right to act on behalf of that organization.
 5. OPTIONAL: Let us know if your request is particularly urgent, and why. We respond to all sensitive data removal requests as quickly as possible. However, if this request is especially time-sensitive, such as a very recent credential exposure, please explain why.
 ### How to Submit Your Request
 You can submit your request to remove sensitive data via our [contact form](https://support.github.com/contact?tags=docs-sensitive-data). Please include a plain-text version of your request in the body of your message. Sending your request in an attachment may result in processing delays.
 ### Disputes
 If you received a sensitive data removal request from us, you can dispute it by replying to our email and letting us know — in as much detail as possible — why you think the content in question is not sensitive data subject to this Policy.
--- a/content/github/site-policy/index.md
+++ b/content/github/site-policy/index.md
@@ -24,7 +24,7 @@ versions:
 {% link_in_list /guide-to-submitting-a-dmca-takedown-notice %}
 {% link_in_list /guide-to-submitting-a-dmca-counter-notice %}
 {% link_in_list /github-trademark-policy %}
-{% link_in_list /github-sensitive-data-removal-policy %}
+{% link_in_list /github-private-information-removal-policy %}
 {% link_in_list /github-subprocessors-and-cookies %}
 {% link_in_list /github-bug-bounty-program-legal-safe-harbor %}
 {% link_in_list /responsible-disclosure-of-security-vulnerabilities %}
--- a/content/github/site-policy/submitting-content-removal-requests.md
+++ b/content/github/site-policy/submitting-content-removal-requests.md
@@ -6,11 +6,11 @@ versions:
  free-pro-team: '*'
 ---
-We understand that copyrighted, trademarked, or sensitive content may get published on GitHub – either accidentally or on purpose – sometimes in repositories that you do not own. Because the nature of this content varies, and because of different applicable laws, each category has its own, distinct reporting requirements outlined in our policies.
+We understand that copyrighted, trademarked, or private content may get published on GitHub – either accidentally or on purpose – sometimes in repositories that you do not own. Because the nature of this content varies, and because of different applicable laws, each category has its own, distinct reporting requirements outlined in our policies.
 If you'd like to request that content be removed from GitHub, please take some time to acquaint yourself with each of these policies and their respective reporting requirements before submitting a report. If we receive an incomplete report, we'll need to ask for clarifications or revisions and you’ll need to re-submit a revised report.
-Please note that we're not able to help you determine which policy is appropriate for your specific situation. If you’ve reviewed the policies below and still have questions about whether or not content should be reported as copyright, trademark, or sensitive data, we recommend consulting with independent legal counsel.
+Please note that we're not able to help you determine which policy is appropriate for your specific situation. If you’ve reviewed the policies below and still have questions about whether or not content should be reported as copyright, trademark, or private information, we recommend consulting with independent legal counsel.
 ### [DMCA Takedown Policy](/articles/dmca-takedown-policy)
 The DMCA Takedown Policy can be used to report content that you believe infringes a copyright owned by you or your organization. Once you have reviewed the policy, you may also want to review our [Guide to Submitting a DMCA Takedown Notice](/articles/guide-to-submitting-a-dmca-takedown-notice/) before submitting a report.
@@ -18,5 +18,5 @@ The DMCA Takedown Policy can be used to report content that you believe infringe
 ### [GitHub Trademark Policy](/articles/github-trademark-policy)
 The GitHub Trademark Policy can be used to report content that appears to use your company or business name, logo, or other trademark-protected materials in a manner that may mislead or confuse others about brand or business affiliation.
-### [GitHub Sensitive Data Removal Policy](/articles/github-sensitive-data-removal-policy)
+### [GitHub Private Information Removal Policy](/github/site-policy/github-private-information-removal-policy)
-The GitHub Sensitive Data Removal Policy can be used to report data that is sensitive or confidential and poses a security risk, but that is not necessarily protected by copyright or trademark.
+The GitHub Private Information Removal Policy can be used to report data that is private (confidential and poses a security risk), but that is not necessarily protected by copyright or trademark.
--- a/content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md
+++ b/content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md
@@ -64,6 +64,9 @@ When the dependency graph is first enabled, any manifest and lock files for supp
 The recommended formats explicitly define which versions are used for all direct and all indirect dependencies. If you use these formats, your dependency graph is more accurate. It also reflects the current build set up and enables the dependency graph to report vulnerabilities in both direct and indirect dependencies.{% if currentVersion == "free-pro-team@latest" %} Indirect dependencies that are inferred from a manifest file (or equivalent) are excluded from the checks for vulnerable dependencies.{% endif %}
 {% if currentVersion == "free-pro-team@latest" %}The ecosystems listed below are supported for the dependency graph, {% data variables.product.prodname_dependabot_alerts %}, and {% data variables.product.prodname_dependabot_security_updates %}.{% endif %}
 {% if currentVersion ver_gt "enterprise-server@2.21" %}The ecosystems listed below are supported for the dependency graph and {% data variables.product.prodname_dependabot_alerts %}.{% endif %}
 | Package manager | Languages | Recommended formats | All supported formats |
 | --- | --- | --- | ---|
 | Composer             | PHP           | `composer.lock` | `composer.json`, `composer.lock` |
--- a/content/graphql/guides/managing-enterprise-accounts.md
+++ b/content/graphql/guides/managing-enterprise-accounts.md
@@ -66,7 +66,7 @@ For some example queries, see "[An example query using the Enterprise Accounts A
 We recommend you use GraphiQL or another standalone GraphQL client that lets you configure the base URL.
 You may also consider using these GraphQL clients:
-  - [Insomnia](https://insomnia.rest/graphql/)
+  - [Insomnia](https://support.insomnia.rest/article/176-graphql-queries)
  - [GraphiQL](https://www.gatsbyjs.org/docs/running-queries-with-graphiql/)
  - [Postman](https://learning.getpostman.com/docs/postman/sending_api_requests/graphql/)
--- a/content/rest/reference/activity.md
+++ b/content/rest/reference/activity.md
@@ -33,8 +33,6 @@ $    -H 'If-None-Match: "a18c3bded88eb5dbb5c849a489412bf3"'
 > X-Poll-Interval: 60
 ```
 Events support pagination, however the `per_page` option is unsupported. The fixed page size is 30 items. Fetching up to ten pages is supported, for a total of 300 events. For information, see "[Traversing with pagination](/rest/guides/traversing-with-pagination)."
 Only events created within the past 90 days will be included in timelines. Events older than 90 days will not be included (even if the total number of events in the timeline is less than 300).
 {% for operation in currentRestOperations %}
--- a/contributing/github-partners/README.md
+++ b/contributing/github-partners/README.md
@@ -0,0 +1,19 @@
 # GitHub Partners
 This folder contains templates to be used by GitHub's technology partners when contributing documentation, such as guides.
 To get started, please [open an issue using this link](https://github.com/github/docs/issues/new?template=partner-contributed-documentation.md).
 ## Templates
 ### Tutorial template
 Tutorials guide the reader through an entire workflow to complete a task.
 You should consider creating a tutorial when:
 - The user has a basic understanding of the product and is interested in extending their use and understanding to solve a specific problem.
 - The user is looking for expert advice and a detailed discussion on best practices related their problem.
 - The user may have implemented a similar solution in the past using a different product.
 - The user wants to validate whether the solution is appropriate for their needs.
 Get started with this template [here](tutorial.md).
--- a/contributing/github-partners/tutorial.md
+++ b/contributing/github-partners/tutorial.md
@@ -0,0 +1,56 @@
 ---
 title: Tutorial title
 intro: 'Article intro. See tips for a great intro below'
 product: '{{ optional product callout }}'
 productVersions:
 contributor:
   name:
   URL:
 ---
 <!-- Remember to add the tutorial title, intro, product version, contributor name, and contributor URL above -->
 <!-- Great intros clarify who the tutorial is intended for, state what the user will accomplish, state the technology(ies) that will be used.-->
 ### Introduction
 <!-- The tutorial introduction should include the following in a short paragraph:
 - Clarify audience
 - State prerequisites and prior knowledge needed
 - State what the user will accomplish or build and the user problem it solves
 - Link to an example of the project the user will complete -->
 ### Step 1: Action the user will take
 <!-- In one sentence, describe what the user will do in this step -->
 <!-- Steps should break down the tasks the user will complete in sequential order -->
 <!-- Avoid replicating conceptual information that is covered elsewhere, provide inline links instead. Only include conceptual information unique to this use case. -->
 #### Task chunk
 <!-- A step may require the user to perform several tasks - break those tasks down into chunks, allowing the user to scan quickly to find their place if they navigated away from this screen to perform the task. -->
 <!-- An example might be creating a PAT for the action to use and then storing it in secrets -->
 <!-- For UI based tasks, include the button or options the users should click -->
 <!-- If the task adds code, include the code in context (don't just show `needs: setup` show the entire `setup` and `dependent` jobs) -->
 #### Another task chunk
 <!-- remove all of these comments when you're done -->
 ### Step 2: Do the next thing
 <!-- Rinse and repeat, adding steps and tasks until the tutorial is complete
 <!-- remember to show code snippets in context -->
 ```yaml
 on:
  schedule:
    - cron:  "40 19 * * *"
 ```
 ### Further reading
 <!-- include a bulleted list of tutorials or articles the user can reference to extend the concepts taught in this tutorial -->
 - "[Article title](article-URL)"
--- a/data/graphql/ghae/schema.docs-ghae.graphql
+++ b/data/graphql/ghae/schema.docs-ghae.graphql
@@ -593,6 +593,41 @@ type AddStarPayload {
  starrable: Starrable
 }
 """
 Autogenerated input type of AddVerifiableDomain
 """
 input AddVerifiableDomainInput {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The URL of the domain
  """
  domain: URI!
  """
  The ID of the owner to add the domain to
  """
  ownerId: ID! @possibleTypes(concreteTypes: ["Enterprise", "Organization"], abstractType: "VerifiableDomainOwner")
 }
 """
 Autogenerated return type of AddVerifiableDomain
 """
 type AddVerifiableDomainPayload {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The verifiable domain that was added.
  """
  domain: VerifiableDomain
 }
 """
 Represents a 'added_to_project' event on a given issue or pull request.
 """
@@ -685,6 +720,36 @@ type App implements Node {
  url: URI!
 }
 """
 Autogenerated input type of ApproveVerifiableDomain
 """
 input ApproveVerifiableDomainInput {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The ID of the verifiable domain to approve.
  """
  id: ID! @possibleTypes(concreteTypes: ["VerifiableDomain"])
 }
 """
 Autogenerated return type of ApproveVerifiableDomain
 """
 type ApproveVerifiableDomainPayload {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The verifiable domain that was approved.
  """
  domain: VerifiableDomain
 }
 """
 Autogenerated input type of ArchiveRepository
 """
@@ -6536,6 +6601,36 @@ type DeleteTeamDiscussionPayload {
  clientMutationId: String
 }
 """
 Autogenerated input type of DeleteVerifiableDomain
 """
 input DeleteVerifiableDomainInput {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The ID of the verifiable domain to delete.
  """
  id: ID! @possibleTypes(concreteTypes: ["VerifiableDomain"])
 }
 """
 Autogenerated return type of DeleteVerifiableDomain
 """
 type DeleteVerifiableDomainPayload {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The owning account from which the domain was deleted.
  """
  owner: VerifiableDomainOwner
 }
 """
 Represents a 'demilestoned' event on a given issue or pull request.
 """
@@ -8255,6 +8350,41 @@ type EnterpriseOwnerInfo {
    value: DefaultRepositoryPermissionField!
  ): OrganizationConnection!
  """
  A list of domains owned by the enterprise.
  """
  domains(
    """
    Returns the elements in the list that come after the specified cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the specified cursor.
    """
    before: String
    """
    Returns the first _n_ elements from the list.
    """
    first: Int
    """
    Filter whether or not the domain is verified.
    """
    isVerified: Boolean = null
    """
    Returns the last _n_ elements from the list.
    """
    last: Int
    """
    Ordering options for verifiable domains returned.
    """
    orderBy: VerifiableDomainOrder = {field: DOMAIN, direction: ASC}
  ): VerifiableDomainConnection!
  """
  The setting value for whether the enterprise has an IP allow list enabled.
  """
@@ -14319,6 +14449,26 @@ type Mutation {
    input: AddStarInput!
  ): AddStarPayload
  """
  Adds a verifiable domain to an owning account.
  """
  addVerifiableDomain(
    """
    Parameters for AddVerifiableDomain
    """
    input: AddVerifiableDomainInput!
  ): AddVerifiableDomainPayload
  """
  Approve a verifiable domain for notification delivery.
  """
  approveVerifiableDomain(
    """
    Parameters for ApproveVerifiableDomain
    """
    input: ApproveVerifiableDomainInput!
  ): ApproveVerifiableDomainPayload
  """
  Marks a repository as archived.
  """
@@ -14699,6 +14849,16 @@ type Mutation {
    input: DeleteTeamDiscussionCommentInput!
  ): DeleteTeamDiscussionCommentPayload
  """
  Deletes a verifiable domain.
  """
  deleteVerifiableDomain(
    """
    Parameters for DeleteVerifiableDomain
    """
    input: DeleteVerifiableDomainInput!
  ): DeleteVerifiableDomainPayload
  """
  Disable auto merge on the given pull request
  """
@@ -14849,6 +15009,16 @@ type Mutation {
    input: PinIssueInput!
  ): PinIssuePayload
  """
  Regenerates a verifiable domain's verification token.
  """
  regenerateVerifiableDomainToken(
    """
    Parameters for RegenerateVerifiableDomainToken
    """
    input: RegenerateVerifiableDomainTokenInput!
  ): RegenerateVerifiableDomainTokenPayload
  """
  Removes assignees from an assignable object.
  """
@@ -15299,6 +15469,16 @@ type Mutation {
    input: UpdateLabelInput!
  ): UpdateLabelPayload @preview(toggledBy: "bane-preview")
  """
  Update the setting to restrict notifications to only verified domains available to an owner.
  """
  updateNotificationRestrictionSetting(
    """
    Parameters for UpdateNotificationRestrictionSetting
    """
    input: UpdateNotificationRestrictionSettingInput!
  ): UpdateNotificationRestrictionSettingPayload
  """
  Updates an existing project.
  """
@@ -15455,6 +15635,16 @@ type Mutation {
    """
    input: UpdateTopicsInput!
  ): UpdateTopicsPayload
  """
  Verify that a verifiable domain has the expected DNS record.
  """
  verifyVerifiableDomain(
    """
    Parameters for VerifyVerifiableDomain
    """
    input: VerifyVerifiableDomainInput!
  ): VerifyVerifiableDomainPayload
 }
 """
@@ -15467,6 +15657,21 @@ interface Node {
  id: ID!
 }
 """
 The possible values for the notification restriction setting.
 """
 enum NotificationRestrictionSettingValue {
  """
  The setting is disabled for the owner.
  """
  DISABLED
  """
  The setting is enabled for the owner.
  """
  ENABLED
 }
 """
 Metadata for an audit entry with action oauth_application.*
 """
@@ -18727,6 +18932,41 @@ type Organization implements Actor & MemberStatusable & Node & ProfileOwner & Pr
  """
  descriptionHTML: String
  """
  A list of domains owned by the organization.
  """
  domains(
    """
    Returns the elements in the list that come after the specified cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the specified cursor.
    """
    before: String
    """
    Returns the first _n_ elements from the list.
    """
    first: Int
    """
    Filter by if the domain is verified.
    """
    isVerified: Boolean = null
    """
    Returns the last _n_ elements from the list.
    """
    last: Int
    """
    Ordering options for verifiable domains returned.
    """
    orderBy: VerifiableDomainOrder = {field: DOMAIN, direction: ASC}
  ): VerifiableDomainConnection
  """
  The organization's public email.
  """
@@ -18769,7 +19009,7 @@ type Organization implements Actor & MemberStatusable & Node & ProfileOwner & Pr
  ): IpAllowListEntryConnection!
  """
-  Whether the organization has verified its profile email and website, always false on Enterprise.
+  Whether the organization has verified its profile email and website.
  """
  isVerified: Boolean!
@@ -18859,6 +19099,11 @@ type Organization implements Actor & MemberStatusable & Node & ProfileOwner & Pr
  """
  newTeamUrl: URI!
  """
  Indicates if email notification delivery for this organization is restricted to verified domains.
  """
  notificationDeliveryRestrictionEnabledSetting: NotificationRestrictionSettingValue!
  """
  The billing email for the organization.
  """
@@ -24753,6 +24998,36 @@ Any referencable object
 """
 union ReferencedSubject = Issue | PullRequest
 """
 Autogenerated input type of RegenerateVerifiableDomainToken
 """
 input RegenerateVerifiableDomainTokenInput {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The ID of the verifiable domain to regenerate the verification token of.
  """
  id: ID! @possibleTypes(concreteTypes: ["VerifiableDomain"])
 }
 """
 Autogenerated return type of RegenerateVerifiableDomainToken
 """
 type RegenerateVerifiableDomainTokenPayload {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The verification token that was generated.
  """
  verificationToken: String
 }
 """
 A release contains the content for a release.
 """
@@ -35762,6 +36037,41 @@ type UpdateLabelPayload @preview(toggledBy: "bane-preview") {
  label: Label
 }
 """
 Autogenerated input type of UpdateNotificationRestrictionSetting
 """
 input UpdateNotificationRestrictionSettingInput {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The ID of the owner on which to set the restrict notifications setting.
  """
  ownerId: ID! @possibleTypes(concreteTypes: ["Enterprise", "Organization"], abstractType: "VerifiableDomainOwner")
  """
  The value for the restrict notifications setting.
  """
  settingValue: NotificationRestrictionSettingValue!
 }
 """
 Autogenerated return type of UpdateNotificationRestrictionSetting
 """
 type UpdateNotificationRestrictionSettingPayload {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The owner on which the setting was updated.
  """
  owner: VerifiableDomainOwner
 }
 """
 Autogenerated input type of UpdateProjectCard
 """
@@ -37797,11 +38107,111 @@ type VerifiableDomain implements Node {
  verificationToken: String
 }
 """
 The connection type for VerifiableDomain.
 """
 type VerifiableDomainConnection {
  """
  A list of edges.
  """
  edges: [VerifiableDomainEdge]
  """
  A list of nodes.
  """
  nodes: [VerifiableDomain]
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
 }
 """
 An edge in a connection.
 """
 type VerifiableDomainEdge {
  """
  A cursor for use in pagination.
  """
  cursor: String!
  """
  The item at the end of the edge.
  """
  node: VerifiableDomain
 }
 """
 Ordering options for verifiable domain connections.
 """
 input VerifiableDomainOrder {
  """
  The ordering direction.
  """
  direction: OrderDirection!
  """
  The field to order verifiable domains by.
  """
  field: VerifiableDomainOrderField!
 }
 """
 Properties by which verifiable domain connections can be ordered.
 """
 enum VerifiableDomainOrderField {
  """
  Order verifiable domains by their creation date.
  """
  CREATED_AT
  """
  Order verifiable domains by the domain name.
  """
  DOMAIN
 }
 """
 Types that can own a verifiable domain.
 """
 union VerifiableDomainOwner = Enterprise | Organization
 """
 Autogenerated input type of VerifyVerifiableDomain
 """
 input VerifyVerifiableDomainInput {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The ID of the verifiable domain to verify.
  """
  id: ID! @possibleTypes(concreteTypes: ["VerifiableDomain"])
 }
 """
 Autogenerated return type of VerifyVerifiableDomain
 """
 type VerifyVerifiableDomainPayload {
  """
  A unique identifier for the client performing the mutation.
  """
  clientMutationId: String
  """
  The verifiable domain that was verified.
  """
  domain: VerifiableDomain
 }
 """
 A hovercard context with a message describing how the viewer is related.
 """
--- a/data/graphql/schema.docs.graphql
+++ b/data/graphql/schema.docs.graphql
@@ -20179,7 +20179,7 @@ type Organization implements Actor & MemberStatusable & Node & PackageOwner & Pr
  isSponsoringViewer: Boolean!
  """
-  Whether the organization has verified its profile email and website, always false on Enterprise.
+  Whether the organization has verified its profile email and website.
  """
  isVerified: Boolean!
--- a/data/release-notes/3-0/0.yml
+++ b/data/release-notes/3-0/0.yml
@@ -123,8 +123,12 @@ sections:
    - When GitHub Actions is enabled, use '`ghe-maintenance -u`' to unset maintenance mode.
    - 'Duplicated logging to `/var/log/messages`, `/var/log/syslog`, and `/var/log/user.log` results in increased root volume utilization.'
    - Users can dismiss a mandatory message without checking all checkboxes.
    - '[Pre-receive hook scripts](/admin/policies/enforcing-policy-with-pre-receive-hooks) cannot write temporary files, which may cause script execution to fail. Users who use pre-receive hooks should test in a staging environment to see if scripts require write access.'
    - Repository [deploy keys](/developers/overview/managing-deploy-keys) are unable to be used with repositories containing LFS objects.
    - Juypter Notebook rendering in the web UI may fail if the notebook includes non UTF-8 encoded characters.
    - Dependency graph fails to parse `setup.py` Python manifest files, resulting in HTTP 500 errors in logs. This, combined with the duplicated logging issue, results in increased root volume utilization.
    - A race condition can cause dependency graph database migrations to appear to fail.
    - Instances with a custom timezone that were upgraded from an earlier release of GitHub Enterprise Server may have incorrect timestamps in the web UI.
  deprecations:
    - heading: Deprecation of GitHub Enterprise Server 2.19
--- a/data/release-notes/3-0/1.yml
+++ b/data/release-notes/3-0/1.yml
@@ -24,6 +24,7 @@ sections:
    - 'The "Prevent repository admins from changing anonymous Git read access" checkbox available in the enterprise account settings could not be successfully enabled or disabled.'
    - 'The modal used to display a mandatory message contained no vertical scrollbar, meaning longer messages could not be viewed in full.'
    - 'Redis would sometimes fail to start after a hard reboot or application crash.'
    - 'Dependency graph fails to parse `setup.py` Python manifest files, resulting in HTTP 500 errors in logs. This, combined with the duplicated logging issue, results in increased root volume utilization.'
  changes:
    - 'Satisfy requests concurrently when multiple users are downloading the same archive, resulting in improved performance.'
  known_issues:
@@ -35,5 +36,8 @@ sections:
    - 'When maintenance mode is enabled, some services continue to be listed as "active processes". The services identified are expected to run during maintenance mode. If you experience this issue and are unsure, contact [GitHub Enterprise Support](https://enterprise.githubsupport.com/hc/en-us) or [GitHub Premium Support](https://premium.githubsupport.com/).'
    - 'Duplicated logging to `/var/log/messages`, `/var/log/syslog`, and `/var/log/user.log` results in increased root volume utilization.'
    - 'Users can dismiss a mandatory message without checking all checkboxes.'
    - '[Pre-receive hook scripts](/admin/policies/enforcing-policy-with-pre-receive-hooks) cannot write temporary files, which may cause script execution to fail. Users who use pre-receive hooks should test in a staging environment to see if scripts require write access.'
    - 'Repository [deploy keys](/developers/overview/managing-deploy-keys) are unable to be used with repositories containing LFS objects.'
    - 'Juypter Notebook rendering in the web UI may fail if the notebook includes non UTF-8 encoded characters.'
    - 'Dependency graph fails to parse `yarn.lock` Javascript manifest files, resulting in HTTP 500 errors in logs.'
    - 'Instances with a custom timezone that were upgraded from an earlier release of GitHub Enterprise Server may have incorrect timestamps in the web UI.'
--- a/data/reusables/actions/enterprise-hardware-considerations.md
+++ b/data/reusables/actions/enterprise-hardware-considerations.md
@@ -1 +0,0 @@
 If you {% if currentVersion == "enterprise-server@2.22" %} configured the beta of{% else %} configure{% endif %} {% data variables.product.prodname_actions %} for the users of your {% data variables.product.prodname_ghe_server %} instance, you may need to provision additional CPU and memory resources. The additional resources you need to provision depend on the number of workflows your users run concurrently, and the overall levels of activity for your instance. For more information about monitoring the capacity and performance of {% data variables.product.prodname_ghe_server %}, see "[Monitoring your appliance](/admin/enterprise-management/monitoring-your-appliance)."
--- a/data/reusables/dependabot/pull-request-security-vs-version-updates.md
+++ b/data/reusables/dependabot/pull-request-security-vs-version-updates.md
@@ -0,0 +1,4 @@
 When {% data variables.product.prodname_dependabot %} raises pull requests, these pull requests could be for _security_ or _version_ updates:
 - {% data variables.product.prodname_dependabot_security_updates %} are automated pull requests that help you update dependencies with known vulnerabilities. 
 - {% data variables.product.prodname_dependabot_version_updates %} are automated pull requests that keep your dependencies updated, even when they don’t have any vulnerabilities. To check the status of version updates, navigate to the Insights tab of your repository, then Dependency Graph, and {% data variables.product.prodname_dependabot %}.
--- a/data/reusables/enterprise_installation/hardware-considerations-all-platforms.md
+++ b/data/reusables/enterprise_installation/hardware-considerations-all-platforms.md
@@ -17,7 +17,7 @@ Your instance requires a persistent data disk separate from the root disk. For m
 {% if currentVersion ver_gt "enterprise-server@2.21" %}
-To configure{% if currentVersion == "enterprise-server@2.22" %} the beta of{% endif %} {% data variables.product.prodname_actions %}, you must provide external blob storage. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server)."
+To configure{% if currentVersion == "enterprise-server@2.22" %} the beta of{% endif %} {% data variables.product.prodname_actions %}, you must provide external blob storage. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server##external-storage-requirements)."
 {% endif %}
@@ -25,7 +25,13 @@ You can resize your instance's root disk by building a new instance or using an
 #### CPU and memory
-The CPU and memory resources that {% data variables.product.prodname_ghe_server %} requires depend on the levels of activity for users, automations, and integrations. {% if currentVersion ver_gt "enterprise-server@2.21" %}{% data reusables.actions.enterprise-hardware-considerations %}{% endif %}
+The CPU and memory resources that {% data variables.product.prodname_ghe_server %} requires depend on the levels of activity for users, automations, and integrations.
 {% if currentVersion ver_gt "enterprise-server@2.21" %}
 If you {% if currentVersion == "enterprise-server@2.22" %}enabled the beta of{% else %}plan to enable{% endif %} {% data variables.product.prodname_actions %} for the users of your {% data variables.product.prodname_ghe_server %} instance, you may need to provision additional CPU and memory resources for your instance. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)."
 {% endif %}
 {% data reusables.enterprise_installation.increasing-cpus-req %}
@@ -35,4 +41,6 @@ The CPU and memory resources that {% data variables.product.prodname_ghe_server
 {% endwarning %}
 For more information about monitoring the capacity and performance of {% data variables.product.prodname_ghe_server %}, see "[Monitoring your appliance](/admin/enterprise-management/monitoring-your-appliance)."
 You can increase your instance's CPU or memory resources. For more information, see "[Increasing CPU or memory resources](/enterprise/admin/installation/increasing-cpu-or-memory-resources)."
--- a/data/reusables/enterprise_installation/hardware-rec-table.md
+++ b/data/reusables/enterprise_installation/hardware-rec-table.md
@@ -30,20 +30,22 @@
 {% endif %}
 {% data reusables.enterprise_installation.about-adjusting-resources %}
 {% if currentVersion ver_gt "enterprise-server@2.22" %}
-If you plan to configure {% data variables.product.prodname_actions %} for your instance, you should provision additional resources. You must also configure at least one self-hosted runner to execute workflows. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server)."
+If you plan to enable {% data variables.product.prodname_actions %} for the users of your instance, review the requirements for hardware, external storage, and runners in "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server)."
 {% endif %}
 {% data reusables.enterprise_installation.about-adjusting-resources %}
 {% if currentVersion == "enterprise-server@2.22" %}
 #### Beta features in {% data variables.product.prodname_ghe_server %} 2.22
 {% data variables.product.prodname_ghe_server %} 2.22 offered features in beta, such as {% data variables.product.prodname_actions %}, {% data variables.product.prodname_registry %}, and {% data variables.product.prodname_code_scanning %}. For more information, see the [{% data variables.product.prodname_ghe_server %} 2.22 release notes](/enterprise-server@2.22/admin/release-notes#2.22.0).
-If you enabled beta features for {% data variables.product.prodname_ghe_server %} 2.22, your instance requires additional hardware resources. For more information, see "[Minimum requirements](#minimum-requirements)".
+If you enabled beta features for {% data variables.product.prodname_ghe_server %} 2.22, your instance requires additional hardware resources. For more information about minimum requirements, see "[Minimum requirements](#minimum-requirements)."
 For more information about the hardware requirements for {% data variables.product.prodname_actions %}, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)."
 {% endif %}
--- a/data/reusables/gated-features/discussions.md
+++ b/data/reusables/gated-features/discussions.md
@@ -1 +1 @@
-{% data variables.product.prodname_discussions %} is available in beta for public repositories on {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.gated-features.more-info-org-products %}
+{% data variables.product.prodname_discussions %} is available in beta for public and private repositories on {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.gated-features.more-info-org-products %}
--- a/data/reusables/secret-scanning/partner-secret-list-private-repo.md
+++ b/data/reusables/secret-scanning/partner-secret-list-private-repo.md
@@ -51,6 +51,7 @@ Proctorio | Proctorio Secret Key | proctorio_secret_key
 Pulumi | Pulumi Access Token | pulumi_access_token
 Samsara | Samsara API Token | samsara_api_token
 Samsara | Samsara OAuth Access Token | samsara_oauth_access_token
 SendGrid | SendGrid API Key | sendgrid_api_key
 Shopify | Shopify App Shared Secret | shopify_app_shared_secret
 Shopify | Shopify Access Token | shopify_access_token
 Shopify | Shopify Custom App Access Token | shopify_custom_app_access_token
--- a/data/reusables/security/displayed-information.md
+++ b/data/reusables/security/displayed-information.md
@@ -0,0 +1,7 @@
 When you enable one or more security and analysis features for existing repositories, you will see any results displayed on {% data variables.product.prodname_dotcom %} within minutes:
 - All the existing repositories will have the selected configuration.
 - New repositories will follow the selected configuration if you've enabled the checkbox for new repositories.{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
 - We use the permissions to scan for manifest files to apply the relevant services.
 - You'll see information on your dependency graph.
 - {% data variables.product.prodname_dotcom %} will generate {% data variables.product.prodname_dependabot_alerts %}{% endif %}{% if currentVersion == "free-pro-team@latest" %} and raise pull requests{% endif %}. 
--- a/data/ui.yml
+++ b/data/ui.yml
@@ -158,3 +158,4 @@ product_sublanding:
 learning_track_nav:
  prevGuide: Previous guide
  nextGuide: Next guide
 contributor_callout: This article is contributed and maintained by
--- a/includes/article.html
+++ b/includes/article.html
@@ -20,6 +20,12 @@
        </div>
      </div>
      {% if page.contributor %}
        <div class="contributor-callout border rounded-1 mb-4 p-3 border-blue bg-blue-light f5">
          <p><span class="mr-2">{% octicon "info" %}</span>{% data ui.contributor_callout %} <a href="{{ page.contributor.URL }}">{{ page.contributor.name }}</a>.</p>
        </div>
      {% endif %}
      {% if page.intro %}
        <div class="lead-mktg">{{ page.intro }}</div>
      {% endif %}
--- a/lib/enterprise-dates.json
+++ b/lib/enterprise-dates.json
@@ -81,7 +81,7 @@
  },
  "2.20": {
    "releaseDate": "2020-02-11",
-    "deprecationDate": "2021-02-11"
+    "deprecationDate": "2021-03-02"
  },
  "2.21": {
    "releaseDate": "2020-06-09",
--- a/lib/frontmatter.js
+++ b/lib/frontmatter.js
@@ -119,6 +119,14 @@ const schema = {
    defaultPlatform: {
      type: 'string',
      enum: ['mac', 'windows', 'linux']
    },
    // Documentation contributed by a third party, such as a GitHub Partner
    contributor: {
      type: 'object',
      properties: {
        name: { type: 'string' },
        URL: { type: 'string' }
      }
    }
  }
 }
--- a/lib/graphql/static/prerendered-objects.json
+++ b/lib/graphql/static/prerendered-objects.json
--- a/lib/graphql/static/schema-dotcom.json
+++ b/lib/graphql/static/schema-dotcom.json
@@ -29790,7 +29790,7 @@
        },
        {
          "name": "isVerified",
-          "description": "<p>Whether the organization has verified its profile email and website, always false on Enterprise.</p>",
+          "description": "<p>Whether the organization has verified its profile email and website.</p>",
          "type": "Boolean!",
          "id": "boolean",
          "kind": "scalars",
--- a/lib/graphql/static/schema-ghae.json
+++ b/lib/graphql/static/schema-ghae.json
@@ -1022,6 +1022,74 @@
        }
      ]
    },
    {
      "name": "addVerifiableDomain",
      "kind": "mutations",
      "id": "addverifiabledomain",
      "href": "/graphql/reference/mutations#addverifiabledomain",
      "description": "<p>Adds a verifiable domain to an owning account.</p>",
      "inputFields": [
        {
          "name": "input",
          "type": "AddVerifiableDomainInput!",
          "id": "addverifiabledomaininput",
          "kind": "input-objects",
          "href": "/graphql/reference/input-objects#addverifiabledomaininput"
        }
      ],
      "returnFields": [
        {
          "name": "clientMutationId",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>A unique identifier for the client performing the mutation.</p>"
        },
        {
          "name": "domain",
          "type": "VerifiableDomain",
          "id": "verifiabledomain",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomain",
          "description": "<p>The verifiable domain that was added.</p>"
        }
      ]
    },
    {
      "name": "approveVerifiableDomain",
      "kind": "mutations",
      "id": "approveverifiabledomain",
      "href": "/graphql/reference/mutations#approveverifiabledomain",
      "description": "<p>Approve a verifiable domain for notification delivery.</p>",
      "inputFields": [
        {
          "name": "input",
          "type": "ApproveVerifiableDomainInput!",
          "id": "approveverifiabledomaininput",
          "kind": "input-objects",
          "href": "/graphql/reference/input-objects#approveverifiabledomaininput"
        }
      ],
      "returnFields": [
        {
          "name": "clientMutationId",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>A unique identifier for the client performing the mutation.</p>"
        },
        {
          "name": "domain",
          "type": "VerifiableDomain",
          "id": "verifiabledomain",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomain",
          "description": "<p>The verifiable domain that was approved.</p>"
        }
      ]
    },
    {
      "name": "archiveRepository",
      "kind": "mutations",
@@ -2376,6 +2444,40 @@
        }
      ]
    },
    {
      "name": "deleteVerifiableDomain",
      "kind": "mutations",
      "id": "deleteverifiabledomain",
      "href": "/graphql/reference/mutations#deleteverifiabledomain",
      "description": "<p>Deletes a verifiable domain.</p>",
      "inputFields": [
        {
          "name": "input",
          "type": "DeleteVerifiableDomainInput!",
          "id": "deleteverifiabledomaininput",
          "kind": "input-objects",
          "href": "/graphql/reference/input-objects#deleteverifiabledomaininput"
        }
      ],
      "returnFields": [
        {
          "name": "clientMutationId",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>A unique identifier for the client performing the mutation.</p>"
        },
        {
          "name": "owner",
          "type": "VerifiableDomainOwner",
          "id": "verifiabledomainowner",
          "kind": "unions",
          "href": "/graphql/reference/unions#verifiabledomainowner",
          "description": "<p>The owning account from which the domain was deleted.</p>"
        }
      ]
    },
    {
      "name": "disablePullRequestAutoMerge",
      "kind": "mutations",
@@ -2940,6 +3042,40 @@
        }
      ]
    },
    {
      "name": "regenerateVerifiableDomainToken",
      "kind": "mutations",
      "id": "regenerateverifiabledomaintoken",
      "href": "/graphql/reference/mutations#regenerateverifiabledomaintoken",
      "description": "<p>Regenerates a verifiable domain's verification token.</p>",
      "inputFields": [
        {
          "name": "input",
          "type": "RegenerateVerifiableDomainTokenInput!",
          "id": "regenerateverifiabledomaintokeninput",
          "kind": "input-objects",
          "href": "/graphql/reference/input-objects#regenerateverifiabledomaintokeninput"
        }
      ],
      "returnFields": [
        {
          "name": "clientMutationId",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>A unique identifier for the client performing the mutation.</p>"
        },
        {
          "name": "verificationToken",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>The verification token that was generated.</p>"
        }
      ]
    },
    {
      "name": "removeAssigneesFromAssignable",
      "kind": "mutations",
@@ -4670,6 +4806,40 @@
        }
      ]
    },
    {
      "name": "updateNotificationRestrictionSetting",
      "kind": "mutations",
      "id": "updatenotificationrestrictionsetting",
      "href": "/graphql/reference/mutations#updatenotificationrestrictionsetting",
      "description": "<p>Update the setting to restrict notifications to only verified domains available to an owner.</p>",
      "inputFields": [
        {
          "name": "input",
          "type": "UpdateNotificationRestrictionSettingInput!",
          "id": "updatenotificationrestrictionsettinginput",
          "kind": "input-objects",
          "href": "/graphql/reference/input-objects#updatenotificationrestrictionsettinginput"
        }
      ],
      "returnFields": [
        {
          "name": "clientMutationId",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>A unique identifier for the client performing the mutation.</p>"
        },
        {
          "name": "owner",
          "type": "VerifiableDomainOwner",
          "id": "verifiabledomainowner",
          "kind": "unions",
          "href": "/graphql/reference/unions#verifiabledomainowner",
          "description": "<p>The owner on which the setting was updated.</p>"
        }
      ]
    },
    {
      "name": "updateProject",
      "kind": "mutations",
@@ -5188,6 +5358,40 @@
          "description": "<p>The updated repository.</p>"
        }
      ]
    },
    {
      "name": "verifyVerifiableDomain",
      "kind": "mutations",
      "id": "verifyverifiabledomain",
      "href": "/graphql/reference/mutations#verifyverifiabledomain",
      "description": "<p>Verify that a verifiable domain has the expected DNS record.</p>",
      "inputFields": [
        {
          "name": "input",
          "type": "VerifyVerifiableDomainInput!",
          "id": "verifyverifiabledomaininput",
          "kind": "input-objects",
          "href": "/graphql/reference/input-objects#verifyverifiabledomaininput"
        }
      ],
      "returnFields": [
        {
          "name": "clientMutationId",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string",
          "description": "<p>A unique identifier for the client performing the mutation.</p>"
        },
        {
          "name": "domain",
          "type": "VerifiableDomain",
          "id": "verifiabledomain",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomain",
          "description": "<p>The verifiable domain that was verified.</p>"
        }
      ]
    }
  ],
  "objects": [
@@ -13745,6 +13949,76 @@
            }
          ]
        },
        {
          "name": "domains",
          "description": "<p>A list of domains owned by the enterprise.</p>",
          "type": "VerifiableDomainConnection!",
          "id": "verifiabledomainconnection",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomainconnection",
          "arguments": [
            {
              "name": "after",
              "description": "<p>Returns the elements in the list that come after the specified cursor.</p>",
              "type": {
                "name": "String",
                "id": "string",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#string"
              }
            },
            {
              "name": "before",
              "description": "<p>Returns the elements in the list that come before the specified cursor.</p>",
              "type": {
                "name": "String",
                "id": "string",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#string"
              }
            },
            {
              "name": "first",
              "description": "<p>Returns the first <em>n</em> elements from the list.</p>",
              "type": {
                "name": "Int",
                "id": "int",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#int"
              }
            },
            {
              "name": "isVerified",
              "description": "<p>Filter whether or not the domain is verified.</p>",
              "type": {
                "name": "Boolean",
                "id": "boolean",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#boolean"
              }
            },
            {
              "name": "last",
              "description": "<p>Returns the last <em>n</em> elements from the list.</p>",
              "type": {
                "name": "Int",
                "id": "int",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#int"
              }
            },
            {
              "name": "orderBy",
              "description": "<p>Ordering options for verifiable domains returned.</p>",
              "type": {
                "name": "VerifiableDomainOrder",
                "id": "verifiabledomainorder",
                "kind": "input-objects",
                "href": "/graphql/reference/input-objects#verifiabledomainorder"
              }
            }
          ]
        },
        {
          "name": "ipAllowListEnabledSetting",
          "description": "<p>The setting value for whether the enterprise has an IP allow list enabled.</p>",
@@ -27208,6 +27482,76 @@
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "domains",
          "description": "<p>A list of domains owned by the organization.</p>",
          "type": "VerifiableDomainConnection",
          "id": "verifiabledomainconnection",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomainconnection",
          "arguments": [
            {
              "name": "after",
              "description": "<p>Returns the elements in the list that come after the specified cursor.</p>",
              "type": {
                "name": "String",
                "id": "string",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#string"
              }
            },
            {
              "name": "before",
              "description": "<p>Returns the elements in the list that come before the specified cursor.</p>",
              "type": {
                "name": "String",
                "id": "string",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#string"
              }
            },
            {
              "name": "first",
              "description": "<p>Returns the first <em>n</em> elements from the list.</p>",
              "type": {
                "name": "Int",
                "id": "int",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#int"
              }
            },
            {
              "name": "isVerified",
              "description": "<p>Filter by if the domain is verified.</p>",
              "type": {
                "name": "Boolean",
                "id": "boolean",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#boolean"
              }
            },
            {
              "name": "last",
              "description": "<p>Returns the last <em>n</em> elements from the list.</p>",
              "type": {
                "name": "Int",
                "id": "int",
                "kind": "scalars",
                "href": "/graphql/reference/scalars#int"
              }
            },
            {
              "name": "orderBy",
              "description": "<p>Ordering options for verifiable domains returned.</p>",
              "type": {
                "name": "VerifiableDomainOrder",
                "id": "verifiabledomainorder",
                "kind": "input-objects",
                "href": "/graphql/reference/input-objects#verifiabledomainorder"
              }
            }
          ]
        },
        {
          "name": "email",
          "description": "<p>The organization's public email.</p>",
@@ -27286,7 +27630,7 @@
        },
        {
          "name": "isVerified",
-          "description": "<p>Whether the organization has verified its profile email and website, always false on Enterprise.</p>",
+          "description": "<p>Whether the organization has verified its profile email and website.</p>",
          "type": "Boolean!",
          "id": "boolean",
          "kind": "scalars",
@@ -27450,6 +27794,14 @@
          "kind": "scalars",
          "href": "/graphql/reference/scalars#uri"
        },
        {
          "name": "notificationDeliveryRestrictionEnabledSetting",
          "description": "<p>Indicates if email notification delivery for this organization is restricted to verified domains.</p>",
          "type": "NotificationRestrictionSettingValue!",
          "id": "notificationrestrictionsettingvalue",
          "kind": "enums",
          "href": "/graphql/reference/enums#notificationrestrictionsettingvalue"
        },
        {
          "name": "organizationBillingEmail",
          "description": "<p>The billing email for the organization.</p>",
@@ -51833,6 +52185,72 @@
        }
      ]
    },
    {
      "name": "VerifiableDomainConnection",
      "kind": "objects",
      "id": "verifiabledomainconnection",
      "href": "/graphql/reference/objects#verifiabledomainconnection",
      "description": "<p>The connection type for VerifiableDomain.</p>",
      "fields": [
        {
          "name": "edges",
          "description": "<p>A list of edges.</p>",
          "type": "[VerifiableDomainEdge]",
          "id": "verifiabledomainedge",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomainedge"
        },
        {
          "name": "nodes",
          "description": "<p>A list of nodes.</p>",
          "type": "[VerifiableDomain]",
          "id": "verifiabledomain",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomain"
        },
        {
          "name": "pageInfo",
          "description": "<p>Information to aid in pagination.</p>",
          "type": "PageInfo!",
          "id": "pageinfo",
          "kind": "objects",
          "href": "/graphql/reference/objects#pageinfo"
        },
        {
          "name": "totalCount",
          "description": "<p>Identifies the total count of items in the connection.</p>",
          "type": "Int!",
          "id": "int",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#int"
        }
      ]
    },
    {
      "name": "VerifiableDomainEdge",
      "kind": "objects",
      "id": "verifiabledomainedge",
      "href": "/graphql/reference/objects#verifiabledomainedge",
      "description": "<p>An edge in a connection.</p>",
      "fields": [
        {
          "name": "cursor",
          "description": "<p>A cursor for use in pagination.</p>",
          "type": "String!",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "node",
          "description": "<p>The item at the end of the edge.</p>",
          "type": "VerifiableDomain",
          "id": "verifiabledomain",
          "kind": "objects",
          "href": "/graphql/reference/objects#verifiabledomain"
        }
      ]
    },
    {
      "name": "ViewerHovercardContext",
      "kind": "objects",
@@ -55341,6 +55759,23 @@
        }
      ]
    },
    {
      "name": "NotificationRestrictionSettingValue",
      "kind": "enums",
      "id": "notificationrestrictionsettingvalue",
      "href": "/graphql/reference/enums#notificationrestrictionsettingvalue",
      "description": "<p>The possible values for the notification restriction setting.</p>",
      "values": [
        {
          "name": "DISABLED",
          "description": "<p>The setting is disabled for the owner.</p>"
        },
        {
          "name": "ENABLED",
          "description": "<p>The setting is enabled for the owner.</p>"
        }
      ]
    },
    {
      "name": "OauthApplicationCreateAuditEntryState",
      "kind": "enums",
@@ -57252,6 +57687,23 @@
          "description": "<p>Order user statuses by when they were updated.</p>"
        }
      ]
    },
    {
      "name": "VerifiableDomainOrderField",
      "kind": "enums",
      "id": "verifiabledomainorderfield",
      "href": "/graphql/reference/enums#verifiabledomainorderfield",
      "description": "<p>Properties by which verifiable domain connections can be ordered.</p>",
      "values": [
        {
          "name": "CREATED_AT",
          "description": "<p>Order verifiable domains by their creation date.</p>"
        },
        {
          "name": "DOMAIN",
          "description": "<p>Order verifiable domains by the domain name.</p>"
        }
      ]
    }
  ],
  "unions": [
@@ -59269,6 +59721,66 @@
        }
      ]
    },
    {
      "name": "AddVerifiableDomainInput",
      "kind": "inputObjects",
      "id": "addverifiabledomaininput",
      "href": "/graphql/reference/input-objects#addverifiabledomaininput",
      "description": "<p>Autogenerated input type of AddVerifiableDomain.</p>",
      "inputFields": [
        {
          "name": "clientMutationId",
          "description": "<p>A unique identifier for the client performing the mutation.</p>",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "domain",
          "description": "<p>The URL of the domain.</p>",
          "type": "URI!",
          "id": "uri",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#uri"
        },
        {
          "name": "ownerId",
          "description": "<p>The ID of the owner to add the domain to.</p>",
          "type": "ID!",
          "id": "id",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#id",
          "isDeprecated": false
        }
      ]
    },
    {
      "name": "ApproveVerifiableDomainInput",
      "kind": "inputObjects",
      "id": "approveverifiabledomaininput",
      "href": "/graphql/reference/input-objects#approveverifiabledomaininput",
      "description": "<p>Autogenerated input type of ApproveVerifiableDomain.</p>",
      "inputFields": [
        {
          "name": "clientMutationId",
          "description": "<p>A unique identifier for the client performing the mutation.</p>",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "id",
          "description": "<p>The ID of the verifiable domain to approve.</p>",
          "type": "ID!",
          "id": "id",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#id",
          "isDeprecated": false
        }
      ]
    },
    {
      "name": "ArchiveRepositoryInput",
      "kind": "inputObjects",
@@ -61535,6 +62047,32 @@
        }
      ]
    },
    {
      "name": "DeleteVerifiableDomainInput",
      "kind": "inputObjects",
      "id": "deleteverifiabledomaininput",
      "href": "/graphql/reference/input-objects#deleteverifiabledomaininput",
      "description": "<p>Autogenerated input type of DeleteVerifiableDomain.</p>",
      "inputFields": [
        {
          "name": "clientMutationId",
          "description": "<p>A unique identifier for the client performing the mutation.</p>",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "id",
          "description": "<p>The ID of the verifiable domain to delete.</p>",
          "type": "ID!",
          "id": "id",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#id",
          "isDeprecated": false
        }
      ]
    },
    {
      "name": "DeploymentOrder",
      "kind": "inputObjects",
@@ -62848,6 +63386,32 @@
        }
      ]
    },
    {
      "name": "RegenerateVerifiableDomainTokenInput",
      "kind": "inputObjects",
      "id": "regenerateverifiabledomaintokeninput",
      "href": "/graphql/reference/input-objects#regenerateverifiabledomaintokeninput",
      "description": "<p>Autogenerated input type of RegenerateVerifiableDomainToken.</p>",
      "inputFields": [
        {
          "name": "clientMutationId",
          "description": "<p>A unique identifier for the client performing the mutation.</p>",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "id",
          "description": "<p>The ID of the verifiable domain to regenerate the verification token of.</p>",
          "type": "ID!",
          "id": "id",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#id",
          "isDeprecated": false
        }
      ]
    },
    {
      "name": "ReleaseOrder",
      "kind": "inputObjects",
@@ -64963,6 +65527,40 @@
        }
      ]
    },
    {
      "name": "UpdateNotificationRestrictionSettingInput",
      "kind": "inputObjects",
      "id": "updatenotificationrestrictionsettinginput",
      "href": "/graphql/reference/input-objects#updatenotificationrestrictionsettinginput",
      "description": "<p>Autogenerated input type of UpdateNotificationRestrictionSetting.</p>",
      "inputFields": [
        {
          "name": "clientMutationId",
          "description": "<p>A unique identifier for the client performing the mutation.</p>",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "ownerId",
          "description": "<p>The ID of the owner on which to set the restrict notifications setting.</p>",
          "type": "ID!",
          "id": "id",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#id",
          "isDeprecated": false
        },
        {
          "name": "settingValue",
          "description": "<p>The value for the restrict notifications setting.</p>",
          "type": "NotificationRestrictionSettingValue!",
          "id": "notificationrestrictionsettingvalue",
          "kind": "enums",
          "href": "/graphql/reference/enums#notificationrestrictionsettingvalue"
        }
      ]
    },
    {
      "name": "UpdateProjectCardInput",
      "kind": "inputObjects",
@@ -65718,6 +66316,57 @@
          "href": "/graphql/reference/enums#userstatusorderfield"
        }
      ]
    },
    {
      "name": "VerifiableDomainOrder",
      "kind": "inputObjects",
      "id": "verifiabledomainorder",
      "href": "/graphql/reference/input-objects#verifiabledomainorder",
      "description": "<p>Ordering options for verifiable domain connections.</p>",
      "inputFields": [
        {
          "name": "direction",
          "description": "<p>The ordering direction.</p>",
          "type": "OrderDirection!",
          "id": "orderdirection",
          "kind": "enums",
          "href": "/graphql/reference/enums#orderdirection"
        },
        {
          "name": "field",
          "description": "<p>The field to order verifiable domains by.</p>",
          "type": "VerifiableDomainOrderField!",
          "id": "verifiabledomainorderfield",
          "kind": "enums",
          "href": "/graphql/reference/enums#verifiabledomainorderfield"
        }
      ]
    },
    {
      "name": "VerifyVerifiableDomainInput",
      "kind": "inputObjects",
      "id": "verifyverifiabledomaininput",
      "href": "/graphql/reference/input-objects#verifyverifiabledomaininput",
      "description": "<p>Autogenerated input type of VerifyVerifiableDomain.</p>",
      "inputFields": [
        {
          "name": "clientMutationId",
          "description": "<p>A unique identifier for the client performing the mutation.</p>",
          "type": "String",
          "id": "string",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#string"
        },
        {
          "name": "id",
          "description": "<p>The ID of the verifiable domain to verify.</p>",
          "type": "ID!",
          "id": "id",
          "kind": "scalars",
          "href": "/graphql/reference/scalars#id",
          "isDeprecated": false
        }
      ]
    }
  ],
  "scalars": [
--- a/lib/liquid-tags/link.js
+++ b/lib/liquid-tags/link.js
@@ -1,6 +1,6 @@
 const fs = require('fs')
 const path = require('path')
 const assert = require('assert')
 const readFileAsync = require('../readfile-async')
 const findPage = require('../find-page')
 const { getPathWithoutLanguage, getPathWithoutVersion } = require('../path-utils')
 const getApplicableVersions = require('../get-applicable-versions')
@@ -30,7 +30,7 @@ module.exports = (name) => ({
  async getTemplate () {
    const pathToTemplate = path.join(__dirname, '../../includes/liquid-tags', `${name}.html`)
-    const template = await fs.promises.readFile(pathToTemplate, 'utf8')
+    const template = await readFileAsync(pathToTemplate, 'utf8')
    return template.replace(/\r/g, '')
  },
--- a/lib/liquid-tags/liquid-tag.js
+++ b/lib/liquid-tags/liquid-tag.js
@@ -1,4 +1,4 @@
-const fs = require('fs')
+const readFileAsync = require('../readfile-async')
 const path = require('path')
 const Liquid = require('liquid')
 const { paramCase } = require('change-case')
@@ -19,7 +19,7 @@ module.exports = class LiquidTag extends Liquid.Tag {
  async getTemplate () {
    if (!this.template) {
-      this.template = await fs.promises.readFile(this.templatePath, 'utf8')
+      this.template = await readFileAsync(this.templatePath, 'utf8')
      this.template = this.template.replace(/\r/g, '')
    }
--- a/lib/read-file-contents.js
+++ b/lib/read-file-contents.js
@@ -1,4 +1,4 @@
-const fs = require('fs')
+const readFileAsync = require('./readfile-async')
 const encodeBracketedParentheses = require('./encode-bracketed-parentheses')
 const fm = require('./frontmatter')
@@ -6,7 +6,7 @@ const fm = require('./frontmatter')
 * Read only the frontmatter from  file
 */
 module.exports = async function fmfromf (filepath, languageCode) {
-  let fileContent = await fs.promises.readFile(filepath, 'utf8')
+  let fileContent = await readFileAsync(filepath, 'utf8')
  fileContent = encodeBracketedParentheses(fileContent)
--- a/lib/readfile-async.js
+++ b/lib/readfile-async.js
@@ -0,0 +1,6 @@
 const fs = require('fs')
 const util = require('util')
 // This is faster than using `fs.promises.readFile` for the time being
 // See: https://github.com/nodejs/node/issues/37583
 module.exports = util.promisify(fs.readFile)
--- a/lib/search/lunr-search.js
+++ b/lib/search/lunr-search.js
@@ -1,7 +1,7 @@
 const fs = require('fs').promises
 const path = require('path')
 const lunr = require('lunr')
 const { get } = require('lodash')
 const readFileAsync = require('../readfile-async')
 const { namePrefix } = require('./config')
 const { decompress } = require('./compress')
@@ -34,7 +34,7 @@ module.exports = async function loadLunrResults ({ version, language, query, lim
 async function loadLunrIndex (indexName) {
  const filePath = path.posix.join(__dirname, LUNR_DIR, `${indexName}.json.br`)
  // Do not set to 'utf8' on file reads
-  return fs.readFile(filePath)
+  return readFileAsync(filePath)
    .then(decompress)
    .then(JSON.parse)
    .then(lunr.Index.load)
@@ -43,7 +43,7 @@ async function loadLunrIndex (indexName) {
 async function loadLunrRecords (indexName) {
  const filePath = path.posix.join(__dirname, LUNR_DIR, `${indexName}-records.json.br`)
  // Do not set to 'utf8' on file reads
-  return fs.readFile(filePath)
+  return readFileAsync(filePath)
    .then(decompress)
    .then(JSON.parse)
 }
--- a/lib/webhooks/static/dotcom/code_scanning_alert.reopened.payload.json
+++ b/lib/webhooks/static/dotcom/code_scanning_alert.reopened.payload.json
@@ -7,7 +7,7 @@
    "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10",
    "instances": [
      {
-        "ref": "refs/heads/master",
+        "ref": "refs/heads/main",
        "analysis_key": ".github/workflows/workflow.yml:upload",
        "environment": "{}",
        "state": "open"
@@ -27,7 +27,7 @@
      "version": null
    }
  },
-  "ref": "refs/heads/master",
+  "ref": "refs/heads/main",
  "commit_oid": "d6e4c75c141dbacecc279b721b8b9393d5405795",
  "repository": {
    "id": 186853002,
@@ -121,7 +121,7 @@
    "forks": 0,
    "open_issues": 2,
    "watchers": 0,
-    "default_branch": "master"
+    "default_branch": "main"
  },
  "organization": {
    "login": "Octocoders",
--- a/lib/webhooks/static/dotcom/repository_vulnerability_alert.create.payload.json
+++ b/lib/webhooks/static/dotcom/repository_vulnerability_alert.create.payload.json
@@ -4,9 +4,11 @@
    "id": 91095730,
    "affected_range": ">= 2.0.4, < 2.0.6",
    "affected_package_name": "rack",
    "fixed_in": "2.0.6",
    "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-16470",
    "external_identifier": "CVE-2018-16470",
-    "fixed_in": "2.0.6"
+    "ghsa_id": "GHSA-hg78-4f6x-99wq",
    "created_at": "2021-03-01T01:23:45Z"
  },
  "repository": {
    "id": 186853002,
--- a/lib/webhooks/static/dotcom/repository_vulnerability_alert.dismiss.payload.json
+++ b/lib/webhooks/static/dotcom/repository_vulnerability_alert.dismiss.payload.json
@@ -4,9 +4,11 @@
    "id": 7649605,
    "affected_range": "0.2.0",
    "affected_package_name": "many_versioned_gem",
    "fixed_in": "0.2.5",
    "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-3728",
    "external_identifier": "CVE-2018-3728",
-    "fixed_in": "0.2.5",
+    "ghsa_id": "GHSA-jp4x-w63m-7wgm",
    "created_at": "2017-10-24T00:00:00Z",
    "dismisser": {
      "login":"octocat",
      "id":1,
@@ -28,6 +30,6 @@
      "site_admin":true
    },
    "dismiss_reason": "No bandwidth to fix this",
-    "dismissed_at": "2017-10-25T00:00:00+00:00"
+    "dismissed_at": "2017-10-25T00:00:00Z"
  }
 }
--- a/lib/webhooks/static/ghae/code_scanning_alert.reopened.payload.json
+++ b/lib/webhooks/static/ghae/code_scanning_alert.reopened.payload.json
@@ -7,7 +7,7 @@
    "html_url": "https://octocoders.github.io/Codertocat/Hello-World/security/code-scanning/10",
    "instances": [
      {
-        "ref": "refs/heads/master",
+        "ref": "refs/heads/main",
        "analysis_key": ".github/workflows/workflow.yml:upload",
        "environment": "{}",
        "state": "open"
@@ -27,7 +27,7 @@
      "version": null
    }
  },
-  "ref": "refs/heads/master",
+  "ref": "refs/heads/main",
  "commit_oid": "d6e4c75c141dbacecc279b721b8b9393d5405795",
  "repository": {
    "id": 186853002,
@@ -121,7 +121,7 @@
    "forks": 0,
    "open_issues": 2,
    "watchers": 0,
-    "default_branch": "master"
+    "default_branch": "main"
  },
  "organization": {
    "login": "Octocoders",
--- a/lib/webhooks/static/ghes-2.22/code_scanning_alert.reopened.payload.json
+++ b/lib/webhooks/static/ghes-2.22/code_scanning_alert.reopened.payload.json
@@ -7,7 +7,7 @@
    "html_url": "https://octocoders.github.io/Codertocat/Hello-World/security/code-scanning/10",
    "instances": [
      {
-        "ref": "refs/heads/master",
+        "ref": "refs/heads/main",
        "analysis_key": ".github/workflows/workflow.yml:upload",
        "environment": "{}",
        "state": "open"
@@ -27,7 +27,7 @@
      "version": null
    }
  },
-  "ref": "refs/heads/master",
+  "ref": "refs/heads/main",
  "commit_oid": "d6e4c75c141dbacecc279b721b8b9393d5405795",
  "repository": {
    "id": 186853002,
@@ -121,7 +121,7 @@
    "forks": 0,
    "open_issues": 2,
    "watchers": 0,
-    "default_branch": "master"
+    "default_branch": "main"
  },
  "organization": {
    "login": "Octocoders",
--- a/lib/webhooks/static/ghes-3.0/code_scanning_alert.reopened.payload.json
+++ b/lib/webhooks/static/ghes-3.0/code_scanning_alert.reopened.payload.json
@@ -7,7 +7,7 @@
    "html_url": "https://octocoders.github.io/Codertocat/Hello-World/security/code-scanning/10",
    "instances": [
      {
-        "ref": "refs/heads/master",
+        "ref": "refs/heads/main",
        "analysis_key": ".github/workflows/workflow.yml:upload",
        "environment": "{}",
        "state": "open"
@@ -27,7 +27,7 @@
      "version": null
    }
  },
-  "ref": "refs/heads/master",
+  "ref": "refs/heads/main",
  "commit_oid": "d6e4c75c141dbacecc279b721b8b9393d5405795",
  "repository": {
    "id": 186853002,
@@ -121,7 +121,7 @@
    "forks": 0,
    "open_issues": 2,
    "watchers": 0,
-    "default_branch": "master"
+    "default_branch": "main"
  },
  "organization": {
    "login": "Octocoders",
--- a/middleware/abort.js
+++ b/middleware/abort.js
@@ -0,0 +1,15 @@
 module.exports = function abort (req, res, next) {
  // If the client aborts the connection, send an error
  req.once('aborted', () => {
    // NOTE: Node.js will also automatically set `req.aborted = true`
    const abortError = new Error('Client closed request')
    abortError.statusCode = 499
    abortError.code = 'ECONNRESET'
    // Pass the error to the Express error handler
    return next(abortError)
  })
  return next()
 }
--- a/middleware/archived-enterprise-versions-assets.js
+++ b/middleware/archived-enterprise-versions-assets.js
@@ -11,7 +11,7 @@ const ONE_DAY = 24 * 60 * 60 // 1 day in seconds
 //
 // See also ./archived-enterprise-versions.js for non-CSS/JS paths
-module.exports = async (req, res, next) => {
+module.exports = async function archivedEnterpriseVersionsAssets (req, res, next) {
  const { isArchived, requestedVersion } = isArchivedVersion(req)
  if (!isArchived) return next()
--- a/middleware/archived-enterprise-versions.js
+++ b/middleware/archived-enterprise-versions.js
@@ -11,7 +11,7 @@ const archivedFrontmatterFallbacks = require('../lib/redirects/static/archived-f
 // This module handles requests for deprecated GitHub Enterprise versions
 // by routing them to static content in help-docs-archived-enterprise-versions
-module.exports = async (req, res, next) => {
+module.exports = async function archivedEnterpriseVersions (req, res, next) {
  const { isArchived, requestedVersion } = isArchivedVersion(req)
  if (!isArchived) return next()
--- a/middleware/block-robots.js
+++ b/middleware/block-robots.js
@@ -30,7 +30,7 @@ function blockIndex (path) {
  return pathRegExps.some(pathRe => pathRe.test(path))
 }
-const middleware = (req, res, next) => {
+const middleware = function blockRobots (req, res, next) {
  if (blockIndex(req.path)) res.set('x-robots-tag', 'noindex')
  return next()
 }
--- a/middleware/breadcrumbs.js
+++ b/middleware/breadcrumbs.js
@@ -3,7 +3,7 @@ const { getPathWithoutLanguage } = require('../lib/path-utils')
 const nonEnterpriseDefaultVersion = require('../lib/non-enterprise-default-version')
 const removeFPTFromPath = require('../lib/remove-fpt-from-path')
-module.exports = async (req, res, next) => {
+module.exports = async function breadcrumbs (req, res, next) {
  if (!req.context.page) return next()
  if (req.context.page.hidden) return next()
--- a/middleware/categories-for-support-team.js
+++ b/middleware/categories-for-support-team.js
@@ -2,13 +2,13 @@
 // to quickly search for Help articles by title and insert the link to
 // the article into a reply to a customer.
 const path = require('path')
 const fs = require('fs').promises
 const matter = require('gray-matter')
 const readFileAsync = require('../lib/readfile-async')
 const dotcomDir = path.join(__dirname, '../content/github')
 const dotcomIndex = path.join(dotcomDir, 'index.md')
 const linkRegex = /{% (?:topic_)?link_in_list ?\/(.*?) ?%}/g
-module.exports = async (req, res, next) => {
+module.exports = async function categoriesForSupportTeam (req, res, next) {
  if (req.path !== '/categories.json') return next()
  const categories = await generateCategories()
  return res.json(categories)
@@ -18,14 +18,14 @@ async function generateCategories () {
  // get links included in dotcom index page.
  // each link corresponds to a dotcom subdirectory
  // example: getting-started-with-github
-  const links = getLinks(await fs.readFile(dotcomIndex, 'utf8'))
+  const links = getLinks(await readFileAsync(dotcomIndex, 'utf8'))
  // get links included in each subdir's index page
  // these are links to articles
  const categories = await Promise.all(links.map(async link => {
    const category = {}
    const indexPath = getPath(link, 'index')
-    const indexContents = await fs.readFile(indexPath, 'utf8')
+    const indexContents = await readFileAsync(indexPath, 'utf8')
    const { data, content } = matter(indexContents)
    // get name from title frontmatter
@@ -37,7 +37,7 @@ async function generateCategories () {
    category.published_articles = (await Promise.all(articleLinks.map(async articleLink => {
      // get title from frontmatter
      const articlePath = getPath(link, articleLink)
-      const articleContents = await fs.readFile(articlePath, 'utf8')
+      const articleContents = await readFileAsync(articlePath, 'utf8')
      const { data } = matter(articleContents)
      // do not include map topics in list of published articles
--- a/middleware/contextualizers/enterprise-release-notes.js
+++ b/middleware/contextualizers/enterprise-release-notes.js
@@ -66,7 +66,7 @@ async function renderPatchNotes (patch, ctx) {
  return patch
 }
-module.exports = async (req, res, next) => {
+module.exports = async function enterpriseReleaseNotesContext (req, res, next) {
  // The `/release-notes` sub-path
  if (!req.path.endsWith('/release-notes')) return next()
--- a/middleware/contextualizers/graphql.js
+++ b/middleware/contextualizers/graphql.js
@@ -8,7 +8,7 @@ const explorerUrl = process.env.NODE_ENV === 'production'
  ? 'https://graphql.github.com/explorer'
  : 'http://localhost:3000'
-module.exports = async (req, res, next) => {
+module.exports = function graphqlContext (req, res, next) {
  const currentVersionObj = allVersions[req.context.currentVersion]
  // ignore requests to non-GraphQL reference paths
  // and to versions that don't exist
--- a/middleware/contextualizers/rest.js
+++ b/middleware/contextualizers/rest.js
@@ -2,7 +2,7 @@ const path = require('path')
 const rest = require('../../lib/rest')
 const removeFPTFromPath = require('../../lib/remove-fpt-from-path')
-module.exports = async function (req, res, next) {
+module.exports = function restContext (req, res, next) {
  req.context.rest = rest
  // link to include in `Works with GitHub Apps` notes
--- a/middleware/contextualizers/webhooks.js
+++ b/middleware/contextualizers/webhooks.js
@@ -4,7 +4,7 @@ const webhookPayloads = require(path.join(process.cwd(), 'lib/webhooks'))
 const nonEnterpriseDefaultVersion = require('../../lib/non-enterprise-default-version')
 const allVersions = require('../../lib/all-versions')
-module.exports = async (req, res, next) => {
+module.exports = function webhooksContext (req, res, next) {
  const currentVersionObj = allVersions[req.context.currentVersion]
  // ignore requests to non-webhook reference paths
  // and to versions that don't exist
--- a/middleware/csp.js
+++ b/middleware/csp.js
@@ -7,7 +7,7 @@ const versionSatisfiesRange = require('../lib/version-satisfies-range')
 const AZURE_STORAGE_URL = 'githubdocs.azureedge.net'
 // module.exports = contentSecurityPolicy({
-module.exports = async (req, res, next) => {
+module.exports = function csp (req, res, next) {
  const csp = {
    directives: {
      defaultSrc: ["'none'"],
--- a/middleware/detect-language.js
+++ b/middleware/detect-language.js
@@ -1,7 +1,7 @@
 const languageCodes = Object.keys(require('../lib/languages'))
 // determine language code from first part of URL, or default to English
-module.exports = async function detectLanguage (req, res, next) {
+module.exports = function detectLanguage (req, res, next) {
  // /en/articles/foo
  //  ^^
  const firstPartOfPath = req.path.split('/')[1]
--- a/middleware/dev-toc.js
+++ b/middleware/dev-toc.js
@@ -1,7 +1,7 @@
 const { liquid } = require('../lib/render-content')
 const layouts = require('../lib/layouts')
-module.exports = async (req, res, next) => {
+module.exports = async function devToc (req, res, next) {
  if (process.env.NODE_ENV !== 'development') return next()
  if (!req.path.endsWith('/dev-toc')) return next()
--- a/middleware/disable-caching-on-safari.js
+++ b/middleware/disable-caching-on-safari.js
@@ -1,4 +1,4 @@
-module.exports = (req, res, next) => {
+module.exports = function disableCachingOnSafari (req, res, next) {
  const isSafari = /^((?!chrome|android).)*safari/i.test(req.headers['user-agent'])
  if (isSafari) {
    res.header('Last-Modified', (new Date()).toUTCString())
--- a/middleware/early-access-breadcrumbs.js
+++ b/middleware/early-access-breadcrumbs.js
@@ -5,7 +5,7 @@ const removeFPTFromPath = require('../lib/remove-fpt-from-path')
 // Early Access content doesn't conform to the same structure as other products, so we
 // can't derive breadcrumbs from the siteTree in the same way. Hence, this separate middleware.
-module.exports = async (req, res, next) => {
+module.exports = async function earlyAccessBreadcrumbs (req, res, next) {
  if (!req.context.page) return next()
  if (!req.context.page.hidden) return next()
--- a/middleware/enterprise-server-releases.js
+++ b/middleware/enterprise-server-releases.js
@@ -2,7 +2,7 @@ const { liquid } = require('../lib/render-content')
 const layouts = require('../lib/layouts')
 const getMiniTocItems = require('../lib/get-mini-toc-items')
-module.exports = async (req, res, next) => {
+module.exports = async function enterpriseServerReleases (req, res, next) {
  if (!req.path.endsWith('/enterprise-server-releases')) return next()
  const html = await liquid.parseAndRender(layouts['enterprise-server-releases'], req.context)
--- a/middleware/events.js
+++ b/middleware/events.js
@@ -10,7 +10,7 @@ const ajv = new Ajv()
 const router = express.Router()
-router.post('/', async (req, res, next) => {
+router.post('/', async function postEvents (req, res, next) {
  const isDev = process.env.NODE_ENV === 'development'
  const fields = omit(req.body, '_csrf')
--- a/middleware/featured-links.js
+++ b/middleware/featured-links.js
@@ -1,7 +1,7 @@
 const getLinkData = require('../lib/get-link-data')
 // this middleware adds properties to the context object
-module.exports = async (req, res, next) => {
+module.exports = async function featuredLinks (req, res, next) {
  if (!req.context.page) return next()
  if (!(req.context.page.relativePath.endsWith('index.md') || req.context.page.layout === 'product-landing')) return next()
--- a/middleware/halt-on-dropped-connection.js
+++ b/middleware/halt-on-dropped-connection.js
@@ -0,0 +1,18 @@
 function isConnectionDropped (req, res) {
  // Have the flags been set for:
  //  - a global request timeout (via the express-timeout-handler middleware)?
  //  - an aborted request connection (via Node.js core's HTTP IncomingMessage)?
  return Boolean(res.globalTimeout || req.aborted)
 }
 function haltOnDroppedConnection (req, res, next) {
  // Only proceed if the flag has not been set for the express-timeout-handler middleware
  if (!isConnectionDropped(req, res)) {
    return next()
  }
 }
 // Export this logic, too
 haltOnDroppedConnection.isConnectionDropped = isConnectionDropped
 module.exports = haltOnDroppedConnection
--- a/middleware/handle-csrf-errors.js
+++ b/middleware/handle-csrf-errors.js
@@ -1,4 +1,4 @@
-module.exports = async function handleCSRFError (error, req, res, next) {
+module.exports = function handleCSRFError (error, req, res, next) {
  // If the CSRF token is bad
  if (error.code === 'EBADCSRFTOKEN') {
    return res.sendStatus(403)
--- a/middleware/handle-errors.js
+++ b/middleware/handle-errors.js
@@ -6,7 +6,9 @@ const loadSiteData = require('../lib/site-data')
 function shouldLogException (error) {
  const IGNORED_ERRORS = [
    // avoid sending CSRF token errors (from bad-actor POST requests)
-    'EBADCSRFTOKEN'
+    'EBADCSRFTOKEN',
    // Client connected aborted
    'ECONNRESET'
  ]
  if (IGNORED_ERRORS.includes(error.code)) {
@@ -26,8 +28,9 @@ async function logException (error, req) {
 }
 module.exports = async function handleError (error, req, res, next) {
-  // If the headers have already been sent...
+  try {
-  if (res.headersSent) {
+    // If the headers have already been sent or the request was aborted...
    if (res.headersSent || req.aborted) {
      // Report to Failbot
      await logException(error, req)
@@ -69,4 +72,8 @@ module.exports = async function handleError (error, req, res, next) {
    // Report to Failbot AFTER responding to the user
    await logException(error, req)
  } catch (error) {
    console.error('An error occurred in the error handling middleware!', error)
    return next(error)
  }
 }
--- a/middleware/handle-invalid-paths.js
+++ b/middleware/handle-invalid-paths.js
@@ -1,6 +1,6 @@
 const patterns = require('../lib/patterns')
-module.exports = (req, res, next) => {
+module.exports = function handleInvalidPaths (req, res, next) {
  // prevent open redirect vulnerability
  if (req.path.match(patterns.multipleSlashes)) {
    return next(404)
@@ -10,12 +10,33 @@ module.exports = (req, res, next) => {
  // for paths like /%7B%
  try {
    decodeURIComponent(req.path)
    return next()
  } catch (err) {
    if (process.env.NODE_ENV !== 'test') {
-      console.log('unable to decode path', req.path, err)
+      console.error('unable to decode path', req.path, err)
    }
    return res.sendStatus(400)
  }
  // Prevent spammy request URLs from getting through by checking how they
  // handle being normalized twice in a row
  try {
    const origin = 'https://docs.github.com'
    const normalizedPath = new URL(req.path, origin).pathname
    // This may also throw an error with code `ERR_INVALID_URL`
    const reNormalizedPath = new URL(normalizedPath, origin).pathname
    if (reNormalizedPath !== normalizedPath) {
      throw new Error('URI keeps changing')
    }
  } catch (err) {
    if (process.env.NODE_ENV !== 'test') {
      console.error('unable to normalize path', req.path, err)
    }
    return res.sendStatus(400)
  }
  return next()
 }
--- a/middleware/index.js
+++ b/middleware/index.js
@@ -1,7 +1,10 @@
 const express = require('express')
 const instrument = require('../lib/instrument-middleware')
 const haltOnDroppedConnection = require('./halt-on-dropped-connection')
-const isDevelopment = process.env.NODE_ENV === 'development'
+const { NODE_ENV } = process.env
 const isDevelopment = NODE_ENV === 'development'
 const isTest = NODE_ENV === 'test' || process.env.GITHUB_ACTIONS === 'true'
 // Catch unhandled promise rejections and passing them to Express's error handler
 // https://medium.com/@Abazhenov/using-async-await-in-express-with-node-8-b8af872c0016
@@ -11,6 +14,10 @@ const asyncMiddleware = fn =>
  }
 module.exports = function (app) {
  // *** Request connection management ***
  if (!isTest) app.use(require('./timeout'))
  app.use(require('./abort'))
  // *** Development tools ***
  app.use(require('morgan')('dev', { skip: (req, res) => !isDevelopment }))
  if (isDevelopment) app.use(require('./webpack'))
@@ -57,12 +64,15 @@ module.exports = function (app) {
  app.use(instrument('./redirects/handle-redirects')) // Must come before contextualizers
  // *** Config and context for rendering ***
-  app.use(instrument('./find-page')) // Must come before archived-enterprise-versions, breadcrumbs, featured-links, products, render-page
+  app.use(asyncMiddleware(instrument('./find-page'))) // Must come before archived-enterprise-versions, breadcrumbs, featured-links, products, render-page
  app.use(instrument('./block-robots'))
  // Check for a dropped connection before proceeding
  app.use(haltOnDroppedConnection)
  // *** Rendering, 2xx responses ***
  // I largely ordered these by use frequency
-  app.use(instrument('./archived-enterprise-versions-assets')) // Must come before static/assets
+  app.use(asyncMiddleware(instrument('./archived-enterprise-versions-assets'))) // Must come before static/assets
  app.use('/dist', express.static('dist', {
    index: false,
    etag: false,
@@ -82,31 +92,39 @@ module.exports = function (app) {
    lastModified: false,
    maxAge: '7 days' // A bit longer since releases are more sparse
  }))
-  app.use('/events', instrument('./events'))
+  app.use('/events', asyncMiddleware(instrument('./events')))
-  app.use('/search', instrument('./search'))
+  app.use('/search', asyncMiddleware(instrument('./search')))
-  app.use(instrument('./archived-enterprise-versions'))
+  app.use(asyncMiddleware(instrument('./archived-enterprise-versions')))
  app.use(instrument('./robots'))
  app.use(/(\/.*)?\/early-access$/, instrument('./contextualizers/early-access-links'))
-  app.use(instrument('./categories-for-support-team'))
+  app.use(asyncMiddleware(instrument('./categories-for-support-team')))
  app.use(instrument('./loaderio-verification'))
  app.get('/_500', asyncMiddleware(instrument('./trigger-error')))
  // Check for a dropped connection before proceeding (again)
  app.use(haltOnDroppedConnection)
  // *** Preparation for render-page ***
  app.use(asyncMiddleware(instrument('./contextualizers/enterprise-release-notes')))
  app.use(instrument('./contextualizers/graphql'))
  app.use(instrument('./contextualizers/rest'))
  app.use(instrument('./contextualizers/webhooks'))
-  app.use(instrument('./breadcrumbs'))
+  app.use(asyncMiddleware(instrument('./breadcrumbs')))
-  app.use(instrument('./early-access-breadcrumbs'))
+  app.use(asyncMiddleware(instrument('./early-access-breadcrumbs')))
-  app.use(instrument('./enterprise-server-releases'))
+  app.use(asyncMiddleware(instrument('./enterprise-server-releases')))
-  app.use(instrument('./dev-toc'))
+  app.use(asyncMiddleware(instrument('./dev-toc')))
-  app.use(instrument('./featured-links'))
+  app.use(asyncMiddleware(instrument('./featured-links')))
-  app.use(instrument('./learning-track'))
+  app.use(asyncMiddleware(instrument('./learning-track')))
  // *** Headers for pages only ***
  app.use(require('./set-fastly-cache-headers'))
-  // *** Rendering, must go last ***
+  // Check for a dropped connection before proceeding (again)
  app.use(haltOnDroppedConnection)
  // *** Rendering, must go almost last ***
  app.get('/*', asyncMiddleware(instrument('./render-page')))
  // *** Error handling, must go last ***
  app.use(require('./handle-errors'))
 }
--- a/middleware/learning-track.js
+++ b/middleware/learning-track.js
@@ -1,7 +1,7 @@
 const { getPathWithoutLanguage, getPathWithoutVersion } = require('../lib/path-utils')
 const getLinkData = require('../lib/get-link-data')
-module.exports = async (req, res, next) => {
+module.exports = async function learningTrack (req, res, next) {
  const noTrack = () => {
    req.context.currentLearningTrack = {}
    return next()
--- a/middleware/loaderio-verification.js
+++ b/middleware/loaderio-verification.js
@@ -1,6 +1,6 @@
 // prove to loader.io that we own this site
 // by responding to requests like `/loaderio-12345/` with `loaderio-12345`
-module.exports = (req, res, next) => {
+module.exports = function loaderIoVerification (req, res, next) {
  if (!req.path.startsWith('/loaderio-')) return next()
  return res.send(req.path.replace(/\//g, ''))
 }
--- a/middleware/record-redirect.js
+++ b/middleware/record-redirect.js
@@ -1,6 +1,6 @@
 const { v4: uuidv4 } = require('uuid')
-module.exports = function (req, res, next) {
+module.exports = function recordRedirects (req, res, next) {
  if (!req.hydro.maySend()) return next()
  res.on('finish', async function recordRedirect () {
--- a/middleware/redirects/external.js
+++ b/middleware/redirects/external.js
@@ -1,7 +1,7 @@
 const externalSites = require('../../lib/redirects/external-sites')
 // blanket redirects to external websites
-module.exports = async function externalRedirects (req, res, next) {
+module.exports = function externalRedirects (req, res, next) {
  if (req.path in externalSites) {
    return res.redirect(301, externalSites[req.path])
  } else {
--- a/middleware/redirects/handle-redirects.js
+++ b/middleware/redirects/handle-redirects.js
@@ -1,7 +1,7 @@
 const patterns = require('../../lib/patterns')
 const { URL } = require('url')
-module.exports = async function handleRedirects (req, res, next) {
+module.exports = function handleRedirects (req, res, next) {
  // never redirect assets
  if (patterns.assetPaths.test(req.path)) return next()
--- a/middleware/redirects/help-to-docs.js
+++ b/middleware/redirects/help-to-docs.js
@@ -3,7 +3,7 @@ const patterns = require('../../lib/patterns')
 // redirect help.github.com requests to docs.github.com
-module.exports = async (req, res, next) => {
+module.exports = function helpToDocs (req, res, next) {
  if (req.hostname === 'help.github.com') {
    // prevent open redirect security vulnerability
    const path = req.originalUrl.replace(patterns.multipleSlashes, '/')
--- a/middleware/redirects/language-code-redirects.js
+++ b/middleware/redirects/language-code-redirects.js
@@ -5,7 +5,7 @@ const languages = require('../../lib/languages')
 // Examples:
 // /jp*    -> /ja*
 // /zh-TW* -> /cn*
-module.exports = async function languageCodeRedirects (req, res, next) {
+module.exports = function languageCodeRedirects (req, res, next) {
  for (const code in languages) {
    const language = languages[code]
    const redirectPatterns = language.redirectPatterns || []
--- a/middleware/render-page.js
+++ b/middleware/render-page.js
@@ -6,6 +6,7 @@ const getMiniTocItems = require('../lib/get-mini-toc-items')
 const Page = require('../lib/page')
 const statsd = require('../lib/statsd')
 const RedisAccessor = require('../lib/redis-accessor')
 const { isConnectionDropped } = require('./halt-on-dropped-connection')
 const { HEROKU_RELEASE_VERSION } = process.env
 const pageCacheDatabaseNumber = 1
@@ -28,31 +29,6 @@ function addCsrf (req, text) {
 module.exports = async function renderPage (req, res, next) {
  const page = req.context.page
  // Remove any query string (?...) and/or fragment identifier (#...)
  const { pathname, searchParams } = new URL(req.originalUrl, 'https://docs.github.com')
  for (const queryKey in req.query) {
    if (!cacheableQueries.includes(queryKey)) {
      searchParams.delete(queryKey)
    }
  }
  const originalUrl = pathname + ([...searchParams].length > 0 ? `?${searchParams}` : '')
  // Serve from the cache if possible (skip during tests)
  const isCacheable = !process.env.CI && process.env.NODE_ENV !== 'test' && req.method === 'GET'
  // Is the request for JSON debugging info?
  const isRequestingJsonForDebugging = 'json' in req.query && process.env.NODE_ENV !== 'production'
  if (isCacheable && !isRequestingJsonForDebugging) {
    const cachedHtml = await pageCache.get(originalUrl)
    if (cachedHtml) {
      console.log(`Serving from cached version of ${originalUrl}`)
      statsd.increment('page.sent_from_cache')
      return res.send(addCsrf(req, cachedHtml))
    }
  }
  // render a 404 page
  if (!page) {
    if (process.env.NODE_ENV !== 'test' && req.context.redirectNotFound) {
@@ -70,15 +46,52 @@ module.exports = async function renderPage (req, res, next) {
    return res.status(200).end()
  }
  // Remove any query string (?...) and/or fragment identifier (#...)
  const { pathname, searchParams } = new URL(req.originalUrl, 'https://docs.github.com')
  for (const queryKey in req.query) {
    if (!cacheableQueries.includes(queryKey)) {
      searchParams.delete(queryKey)
    }
  }
  const originalUrl = pathname + ([...searchParams].length > 0 ? `?${searchParams}` : '')
  // Serve from the cache if possible (skip during tests)
  const isCacheable = !process.env.CI && process.env.NODE_ENV !== 'test' && req.method === 'GET'
  // Is the request for JSON debugging info?
  const isRequestingJsonForDebugging = 'json' in req.query && process.env.NODE_ENV !== 'production'
  if (isCacheable && !isRequestingJsonForDebugging) {
    // Stop processing if the connection was already dropped
    if (isConnectionDropped(req, res)) return
    const cachedHtml = await pageCache.get(originalUrl)
    if (cachedHtml) {
      // Stop processing if the connection was already dropped
      if (isConnectionDropped(req, res)) return
      console.log(`Serving from cached version of ${originalUrl}`)
      statsd.increment('page.sent_from_cache')
      return res.send(addCsrf(req, cachedHtml))
    }
  }
  // add page context
  const context = Object.assign({}, req.context, { page })
  // collect URLs for variants of this page in all languages
  context.page.languageVariants = Page.getLanguageVariants(req.path)
  // Stop processing if the connection was already dropped
  if (isConnectionDropped(req, res)) return
  // render page
  context.renderedPage = await page.render(context)
  // Stop processing if the connection was already dropped
  if (isConnectionDropped(req, res)) return
  // get mini TOC items on articles
  if (page.showMiniToc) {
    context.miniTocItems = getMiniTocItems(context.renderedPage, page.miniTocMaxHeadingLevel)
--- a/middleware/req-utils.js
+++ b/middleware/req-utils.js
@@ -1,6 +1,6 @@
 const Hydro = require('../lib/hydro')
-module.exports = (req, res, next) => {
+module.exports = function reqUtils (req, res, next) {
  req.hydro = new Hydro()
  return next()
 }
--- a/Show More
+++ b/Show More
		`@@ -1 +0,0 @@`
			If you {% if currentVersion == "enterprise-server@2.22" %} configured the beta of{% else %} configure{% endif %} {% data variables.product.prodname_actions %} for the users of your {% data variables.product.prodname_ghe_server %} instance, you may need to provision additional CPU and memory resources. The additional resources you need to provision depend on the number of workflows your users run concurrently, and the overall levels of activity for your instance. For more information about monitoring the capacity and performance of {% data variables.product.prodname_ghe_server %}, see "[Monitoring your appliance](/admin/enterprise-management/monitoring-your-appliance)."
`@@ -1 +1 @@`
	`{% data variables.product.prodname_discussions %} is available in beta for public repositories on {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.gated-features.more-info-org-products %}`	`{% data variables.product.prodname_discussions %} is available in beta for public and private repositories on {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.gated-features.more-info-org-products %}`