Add aria-labels to octicons (#55740)

2025-12-19 09:57:42 -05:00 · 2025-05-20 16:45:25 -07:00
parent e9730d4590
commit 39beae4778
494 changed files with 758 additions and 758 deletions
--- a/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md
+++ b/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md
@@ -44,7 +44,7 @@ If you use Gravatar, and your Gravatar image is associated with the email you us
 ### Resetting your profile picture to the identicon

 {% data reusables.user-settings.access_settings %}
-1. Under "Profile Picture", select **{% octicon "pencil" aria-hidden="true" %} Edit**, then click **Remove photo** to revert to your identicon.
+1. Under "Profile Picture", select **{% octicon "pencil" aria-hidden="true" aria-label="pencil" %} Edit**, then click **Remove photo** to revert to your identicon.

   If your email address is associated with a [Gravatar](https://en.gravatar.com/), you cannot revert to your identicon. Click **Revert to Gravatar** instead.

@@ -149,7 +149,7 @@ If you select the "Busy" option, when people @mention your username, assign you

 ![Screenshot of a draft comment. "@octocat" is written in the text field, and "The Octocat (busy)" is suggested.](/assets/images/help/profile/username-with-limited-availability-text.png)

-1. In the top right corner of {% data variables.product.prodname_dotcom %}, select your profile photo, then click **{% octicon "smiley" aria-hidden="true" %} Set status** or, if you already have a status set, click your current status.
+1. In the top right corner of {% data variables.product.prodname_dotcom %}, select your profile photo, then click **{% octicon "smiley" aria-hidden="true" aria-label="smiley" %} Set status** or, if you already have a status set, click your current status.

   ![Screenshot of the dropdown menu under @octocat's profile picture. A smiley icon and "Set status" are outlined in dark orange.](/assets/images/help/profile/set-status-on-profile-global-nav-update.png)

--- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md
+++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md
@@ -45,7 +45,7 @@ You can send an invitation to collaborate in your repository directly to someone
 1. Ask for the username of the person you're inviting as a collaborator.{% ifversion fpt or ghec %} If they don't have a username yet, they can sign up for {% data variables.product.prodname_dotcom %}. For more information, see [AUTOTITLE](/get-started/start-your-journey/creating-an-account-on-github).{% endif %}
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-1. In the "Access" section of the sidebar, click **{% octicon "people" aria-hidden="true" %} Collaborators**.
+1. In the "Access" section of the sidebar, click **{% octicon "people" aria-hidden="true" aria-label="people" %} Collaborators**.
 1. Click **Add people**.
 1. In the search field, start typing the name of person you want to invite, then click a name in the list of matches.
 1. Click **Add NAME to REPOSITORY**.
--- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md
+++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository.md
@@ -20,6 +20,6 @@ topics:
 shortTitle: Remove yourself
 ---
 {% data reusables.user-settings.access_settings %}
-1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "repo" aria-hidden="true" %} Repositories**.
+1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "repo" aria-hidden="true" aria-label="repo" %} Repositories**.
 1. Next to the repository you want to leave, click **Leave**.
 1. Read the warning carefully, then click **I understand, leave this repository.**
--- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/about-your-personal-dashboard.md
+++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/about-your-personal-dashboard.md
@@ -49,7 +49,7 @@ You can also find a list of your recently visited repositories, teams, and proje

 The feed is designed to help you discover relevant content from projects you follow, keep up with your friends and community members, and track recent activity in your communities.

-You can use the **{% octicon "filter" aria-hidden="true" %} Filter** dropdown in the upper right corner to filter the feed to show only the exact event types you'd like to see. For example, you'll see updates when someone you follow:
+You can use the **{% octicon "filter" aria-hidden="true" aria-label="filter" %} Filter** dropdown in the upper right corner to filter the feed to show only the exact event types you'd like to see. For example, you'll see updates when someone you follow:

 * Stars a repository
 * Follows another user
--- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-tab-size-rendering-preference.md
+++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-tab-size-rendering-preference.md
@@ -16,5 +16,5 @@ redirect_from:
 If you feel that tabbed indentation in code rendered on {% data variables.product.github %} takes up too much, or too little space, you can change this in your settings.

 {% data reusables.user-settings.access_settings %}
-1. In the left sidebar, click **{% octicon "paintbrush" aria-hidden="true" %} Appearance**.
+1. In the left sidebar, click **{% octicon "paintbrush" aria-hidden="true" aria-label="paintbrush" %} Appearance**.
 1. Scroll down to "Tab size preference" and use the dropdown menu to choose your preference.
--- a/content/actions/administering-github-actions/making-retired-namespaces-available-on-ghecom.md
+++ b/content/actions/administering-github-actions/making-retired-namespaces-available-on-ghecom.md
@@ -22,7 +22,7 @@ After using an action from {% data variables.product.prodname_dotcom_the_website

 {% data reusables.enterprise-accounts.access-enterprise-emu %}
 {% data reusables.enterprise-accounts.settings-tab %}
-1. Under **{% octicon "gear" aria-hidden="true" %} Settings**, click **Retired namespaces**.
+1. Under **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**, click **Retired namespaces**.
 1. To the right of the namespace that you want use in your enterprise, click **Unretire**.
 1. Go to the relevant organization and create a new repository.

--- a/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md
+++ b/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md
@@ -186,7 +186,7 @@ Variables stored in an environment are only available to workflow jobs that refe
 1. Optionally, specify what branches and tags can deploy to this environment. For more information, see [Deployment branches and tags](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#deployment-branches-and-tags).
   1. Select the desired option in the **Deployment branches** dropdown.
   1. If you chose **Selected branches and tags**, to add a new rule, click **Add deployment branch or tag rule**
-   1. In the "Ref type" dropdown menu, depending on what rule you want to apply, click **{% octicon "git-branch" aria-hidden="true" %} Branch** or **{% octicon "tag" aria-hidden="true" %} Tag**.
+   1. In the "Ref type" dropdown menu, depending on what rule you want to apply, click **{% octicon "git-branch" aria-hidden="true" aria-label="git-branch" %} Branch** or **{% octicon "tag" aria-hidden="true" aria-label="tag" %} Tag**.
   1. Enter the name pattern for the branch or tag that you want to allow.

      {% data reusables.actions.branch-and-tag-deployment-rules-configuration %}
--- a/content/actions/managing-workflow-runs-and-deployments/managing-deployments/viewing-deployment-history.md
+++ b/content/actions/managing-workflow-runs-and-deployments/managing-deployments/viewing-deployment-history.md
@@ -42,9 +42,9 @@ By default, the deployments page shows currently active deployments from select
   * **To view the URL for a deployment**, to the right of the commit message in the deployment history list, click {% octicon "link-external" aria-label="Navigate to deployment URL" %}.
   * **To navigate to the workflow run logs associated with a deployment**, to the right of the commit message in the deployment history list, click {% octicon "kebab-horizontal" aria-label="View logs" %}, then click **View logs**.{% ifversion deployment-dashboard-filter %}
 1. Optionally, to filter the deployment history list, create a filter.
-   1. Click on the **{% octicon "filter" aria-hidden="true" %} Filter** button.
-   1. Click **{% octicon "plus" aria-hidden="true" %} Add a filter**.
+   1. Click on the **{% octicon "filter" aria-hidden="true" aria-label="filter" %} Filter** button.
+   1. Click **{% octicon "plus" aria-hidden="true" aria-label="plus" %} Add a filter**.
   1. Choose a qualifier you would like to filter the deployment history by.
   1. Depending on the qualifier you chose, fill out information in the "Operator" and "Value" columns.
-   1. Optionally, click **{% octicon "plus" aria-hidden="true" %} Add a filter** to add another filter.
+   1. Optionally, click **{% octicon "plus" aria-hidden="true" aria-label="plus" %} Add a filter** to add another filter.
   1. Click **Apply**.{% endif %}
--- a/content/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/re-running-workflows-and-jobs.md
+++ b/content/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/re-running-workflows-and-jobs.md
@@ -28,7 +28,7 @@ Re-running a workflow or jobs in a workflow uses the same `GITHUB_SHA` (commit S
 {% data reusables.repositories.view-run %}
 1. In the upper-right corner of the workflow, re-run jobs.

-   * If any jobs failed, select the **{% octicon "sync" aria-hidden="true" %} Re-run jobs** dropdown menu and click **Re-run all jobs**.
+   * If any jobs failed, select the **{% octicon "sync" aria-hidden="true" aria-label="sync" %} Re-run jobs** dropdown menu and click **Re-run all jobs**.

   * If no jobs failed, click **Re-run all jobs**.

@@ -70,7 +70,7 @@ If any jobs in a workflow run failed, you can re-run just the jobs that failed.
 {% data reusables.repositories.actions-tab %}
 {% data reusables.repositories.navigate-to-workflow %}
 {% data reusables.repositories.view-run %}
-1. In the upper-right corner of the workflow, select the **{% octicon "sync" aria-hidden="true" %} Re-run jobs** dropdown menu, and click **Re-run failed jobs**.
+1. In the upper-right corner of the workflow, select the **{% octicon "sync" aria-hidden="true" aria-label="sync" %} Re-run jobs** dropdown menu, and click **Re-run failed jobs**.
 {% data reusables.actions.enable-debug-logging %}

 {% endwebui %}
--- a/content/actions/monitoring-and-troubleshooting-workflows/monitoring-workflows/adding-a-workflow-status-badge.md
+++ b/content/actions/monitoring-and-troubleshooting-workflows/monitoring-workflows/adding-a-workflow-status-badge.md
@@ -30,7 +30,7 @@ You can create a workflow status badge directly on the UI using the workflow fil
 1. On the right side of the page, next to the "Filter workflow runs" field, click {% octicon "kebab-horizontal" aria-label="Show workflow options" %} to display a dropdown menu and click **Create status badge**.
 1. Optionally, select a branch if you want to display the status badge for a branch different from the default branch.
 1. Optionally, select the event that will trigger the workflow.
-1. Click **{% octicon "copy" aria-hidden="true" %} Copy status badge Markdown**.
+1. Click **{% octicon "copy" aria-hidden="true" aria-label="copy" %} Copy status badge Markdown**.
 1. Copy the Markdown into your `README.md` file.

 ## Using the workflow file name
--- a/content/actions/monitoring-and-troubleshooting-workflows/monitoring-workflows/viewing-job-execution-time.md
+++ b/content/actions/monitoring-and-troubleshooting-workflows/monitoring-workflows/viewing-job-execution-time.md
@@ -19,7 +19,7 @@ Billable job execution minutes are only shown for jobs run on private repositori
 {% data reusables.repositories.navigate-to-workflow %}
 {% data reusables.repositories.view-run %}
 1. Under the job summary, you can view the job's execution time.
-1. To view details about the billable job execution time, in the left sidebar under "Run details", click **{% octicon "stopwatch" aria-hidden="true" %} Usage**.
+1. To view details about the billable job execution time, in the left sidebar under "Run details", click **{% octicon "stopwatch" aria-hidden="true" aria-label="stopwatch" %} Usage**.

   > [!NOTE]
   > The billable time shown does not include any minute multipliers. To view your total {% data variables.product.prodname_actions %} usage, including minute multipliers, see [AUTOTITLE](/billing/managing-billing-for-github-actions/viewing-your-github-actions-usage).
--- a/content/actions/monitoring-and-troubleshooting-workflows/troubleshooting-workflows/using-copilot-to-troubleshoot-workflows.md
+++ b/content/actions/monitoring-and-troubleshooting-workflows/troubleshooting-workflows/using-copilot-to-troubleshoot-workflows.md
@@ -11,8 +11,8 @@ If a workflow run fails, you can open a chat with {% data variables.product.prod

 To open a chat about a failed workflow run, you can either:

-* Next to the failed check in the merge box, click **{% octicon "kebab-horizontal" aria-hidden="true" %}**, then click **{% octicon "copilot" aria-hidden="true" %} Explain error**.
-* In the merge box, click on the failed check. At the top of the workflow run summary page, click **{% octicon "copilot" aria-hidden="true" %} Explain error**.
+* Next to the failed check in the merge box, click **{% octicon "kebab-horizontal" aria-hidden="true" aria-label="kebab-horizontal" %}**, then click **{% octicon "copilot" aria-hidden="true" aria-label="copilot" %} Explain error**.
+* In the merge box, click on the failed check. At the top of the workflow run summary page, click **{% octicon "copilot" aria-hidden="true" aria-label="copilot" %} Explain error**.

 This opens a chat window with {% data variables.product.prodname_copilot %}, where it will provide instructions to resolve the issue.

--- a/content/actions/writing-workflows/quickstart.md
+++ b/content/actions/writing-workflows/quickstart.md
@@ -41,7 +41,7 @@ This guide assumes that:
 * You have a repository on {% data variables.product.github %} where you can add files.
 * You have access to {% data variables.product.prodname_actions %}.

-  > [!NOTE] If the **{% octicon "play" aria-hidden="true" %} Actions** tab is not displayed under the name of your repository on {% data variables.product.prodname_dotcom %}, it may be because Actions is disabled for the repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository).
+  > [!NOTE] If the **{% octicon "play" aria-hidden="true" aria-label="play" %} Actions** tab is not displayed under the name of your repository on {% data variables.product.prodname_dotcom %}, it may be because Actions is disabled for the repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository).

 ## Creating your first workflow

--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-the-referrer-policy-for-your-enterprise.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-the-referrer-policy-for-your-enterprise.md
@@ -32,6 +32,6 @@ You can enable the `same-origin` referrer policy to instruct modern browsers to

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
-1. Under **{% octicon "gear" aria-hidden="true" %} Settings**, click **Authentication security**.
+1. Under **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**, click **Authentication security**.
 1. Under "User Agent Referrer Policy", select **Enable same origin referrer policy for all organizations**.
 1. Click **Save**.
--- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy.md
+++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-access-to-githubcom-using-a-corporate-proxy.md
@@ -41,7 +41,7 @@ An enterprise owner can identify the correct enterprise ID to use in the header

 {% data reusables.enterprise-accounts.access-enterprise-emu %}
 {% data reusables.enterprise-accounts.settings-tab %}
-1. Under {% octicon "gear" aria-hidden="true" %} **Settings**, click **Authentication security**.
+1. Under {% octicon "gear" aria-hidden="true" aria-label="gear" %} **Settings**, click **Authentication security**.
 1. In the "Enterprise access restrictions" section, find the header for your enterprise. This section is only visible for enterprises with the feature enabled.

 ## Using the header
--- a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md
+++ b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md
@@ -16,7 +16,7 @@ By default, {% data variables.product.company_short %} stores data for {% data v

 You can **get started with data residency** by setting up a trial of {% data variables.product.prodname_ghe_cloud %}.

-<a href="https://github.com/account/enterprises/new?ref_cta=GHEC+trial&ref_loc=about+ghec+with+data+residency&ref_page=docs" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Set up a trial of {% data variables.product.prodname_ghe_cloud %}</span> {% octicon "link-external" height:16 %}</a>
+<a href="https://github.com/account/enterprises/new?ref_cta=GHEC+trial&ref_loc=about+ghec+with+data+residency&ref_page=docs" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Set up a trial of {% data variables.product.prodname_ghe_cloud %}</span> {% octicon "link-external" height:16 aria-label="link-external" %}</a>

 ## What is {% data variables.product.prodname_ghe_cloud %}?

--- a/content/admin/data-residency/getting-started-with-data-residency-for-github-enterprise-cloud.md
+++ b/content/admin/data-residency/getting-started-with-data-residency-for-github-enterprise-cloud.md
@@ -41,7 +41,7 @@ To get started with {% data variables.enterprise.data_residency_short %}, you wi
 * Includes access to most {% data variables.product.prodname_enterprise %} features, though not the features listed in [Features not included in the trial](/admin/overview/setting-up-a-trial-of-github-enterprise-cloud#features-not-included-in-the-trial)
 * Allows you to create up to **three new organizations**

-<a href="https://github.com/account/enterprises/new?ref_cta=GHEC+trial&ref_loc=get+started+with+data+residency&ref_page=docs" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Set up a trial of {% data variables.product.prodname_ghe_cloud %}</span> {% octicon "link-external" height:16 %}</a>
+<a href="https://github.com/account/enterprises/new?ref_cta=GHEC+trial&ref_loc=get+started+with+data+residency&ref_page=docs" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Set up a trial of {% data variables.product.prodname_ghe_cloud %}</span> {% octicon "link-external" height:16 aria-label="link-external" %}</a>

 1. Visit the trial page by clicking the link above.
 1. Select **Get started with managed users**.
--- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-codespaces-in-your-enterprise.md
+++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-codespaces-in-your-enterprise.md
@@ -34,7 +34,7 @@ If you're an organization owner, you can enable {% data variables.product.prodna

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
-1. Under "{% octicon "law" aria-hidden="true" %} Policies," click **Codespaces**.
+1. Under "{% octicon "law" aria-hidden="true" aria-label="law" %} Policies," click **Codespaces**.
 1. On the {% data variables.product.prodname_github_codespaces %} policies page, under "Manage organization access to {% data variables.product.prodname_github_codespaces %}," select whether to enable {% data variables.product.prodname_github_codespaces %} in your organizations' private and internal repositories.

   You can enable for all organizations, enable for specific organizations, or disable for all organizations.
--- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-sponsors-in-your-enterprise.md
+++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-sponsors-in-your-enterprise.md
@@ -26,7 +26,7 @@ Organizations that belong to an enterprise that pays by invoice can either pay f

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
-1. Under {% octicon "law" aria-hidden="true" %} "Policies", click **Sponsors**.
+1. Under {% octicon "law" aria-hidden="true" aria-label="law" %} "Policies", click **Sponsors**.
 1. Under "Sponsors", click **Add organization**.
 1. Begin typing the name of the organization you'd like to enable sponsorships for, then click the name of the organization in the list.
 1. Click **Enable sponsorships**.
@@ -37,5 +37,5 @@ You can disallow the use of {% data variables.product.prodname_sponsors %} for a

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
-1. Under {% octicon "law" aria-hidden="true" %} "Policies", click **Sponsors**.
+1. Under {% octicon "law" aria-hidden="true" aria-label="law" %} "Policies", click **Sponsors**.
 1. Under "Sponsors", to the right of the organization's name, click **Disable**.
--- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md
+++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md
@@ -23,7 +23,7 @@ Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plur

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
-1. Under **{% octicon "law" aria-hidden="true" %} Policies**, click **{% data variables.product.pat_generic_caps_plural %}**. {% ifversion tabbed-pat-settings-ui %}
+1. Under **{% octicon "law" aria-hidden="true" aria-label="law" %} Policies**, click **{% data variables.product.pat_generic_caps_plural %}**. {% ifversion tabbed-pat-settings-ui %}
 1. Select either the **Fine-grained tokens** or **Tokens (classic)** tab to enforce this policy based on the token type. {% endif %}
 1. Under **{% data variables.product.pat_v2_caps_plural %}** or **Restrict {% data variables.product.pat_v1_plural %} from accessing your organizations**, select your access policy.
 1. Click **Save**.
@@ -47,7 +47,7 @@ When you set a policy, tokens with non-compliant lifetimes will be blocked from
 ### Setting a maximum lifetime policy

 {% data reusables.enterprise-accounts.access-enterprise %}
-{% data reusables.enterprise-accounts.policies-tab %}, then click **{% octicon "key" aria-hidden="true" %} {% data variables.product.pat_generic_caps %}s**.
+{% data reusables.enterprise-accounts.policies-tab %}, then click **{% octicon "key" aria-hidden="true" aria-label="key" %} {% data variables.product.pat_generic_caps %}s**.
 1. Select either the **Fine-grained tokens** or **Tokens (classic)** tab to enforce this policy based on the token type.
 1. Under **Set maximum lifetimes for {% data variables.product.pat_generic_plural %}**, set the maximum lifetime. Tokens must be created with a lifetime less than or equal to this many days.
 1. Optionally, to exempt your enterprise administrators from this policy, check the **Exempt administrators** checkbox. You should exempt them from this policy if you use SCIM for user provisioning or have automation that has not migrated to {% data variables.product.prodname_github_app %} yet.
@@ -70,7 +70,7 @@ By default, organizations require approval of {% data variables.product.pat_v2_p

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
-1. Under **{% octicon "law" aria-hidden="true" %} Policies**, click **{% data variables.product.pat_generic_caps_plural %}**. {% ifversion tabbed-pat-settings-ui %}
+1. Under **{% octicon "law" aria-hidden="true" aria-label="law" %} Policies**, click **{% data variables.product.pat_generic_caps_plural %}**. {% ifversion tabbed-pat-settings-ui %}
 1. Select the **Fine-grained tokens** tab. {% endif %}
 1. Under **Require approval of {% data variables.product.pat_v2_plural %}**, select your approval policy:
 1. Click **Save**.
--- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/managing-policies-for-code-governance.md
+++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/managing-policies-for-code-governance.md
@@ -42,7 +42,7 @@ You can edit a ruleset to change parts of the ruleset, such as the name, bypass

 {% data reusables.enterprise-accounts.access-enterprise %}
 1. In the left sidebar, in the "Policies" section, click **Code**, then click **Rulesets**.
-1. To the right of the ruleset's name, select {% octicon "kebab-horizontal" aria-label="Open additional options" %}, then click **{% octicon "trash" aria-hidden="true" %} Delete ruleset**.
+1. To the right of the ruleset's name, select {% octicon "kebab-horizontal" aria-label="Open additional options" %}, then click **{% octicon "trash" aria-hidden="true" aria-label="trash" %} Delete ruleset**.

 ## Using ruleset history

@@ -52,7 +52,7 @@ You can edit a ruleset to change parts of the ruleset, such as the name, bypass

 {% data reusables.enterprise-accounts.access-enterprise %}
 1. In the left sidebar, in the "Policies" section, click **Code**, then click **Rulesets**.
-1. To view the history of changes to the ruleset, select {% octicon "kebab-horizontal" aria-label="Open additional options" %} to the right of the ruleset's name, then click **{% octicon "history" aria-hidden="true" %} History**.
+1. To view the history of changes to the ruleset, select {% octicon "kebab-horizontal" aria-label="Open additional options" %} to the right of the ruleset's name, then click **{% octicon "history" aria-hidden="true" aria-label="history" %} History**.
 1. To the right of the specific iteration, select {% octicon "kebab-horizontal" aria-label="Open additional options" %}, then click **Compare changes**, **Restore**, or **Download**.

 ## Importing a ruleset
--- a/content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/managing-pre-receive-hooks-on-your-instance.md
+++ b/content/admin/enforcing-policies/enforcing-policy-with-pre-receive-hooks/managing-pre-receive-hooks-on-your-instance.md
@@ -61,5 +61,5 @@ A repository owner can only configure a hook if the site administrator selected
 {% data reusables.profile.enterprise_access_profile %}
 1. Navigate to the repository that you want to configure pre-receive hooks for.
 {% data reusables.repositories.sidebar-settings %}
-1. In the left sidebar, click **{% octicon "webhook" aria-hidden="true" %} Hooks**.
+1. In the left sidebar, click **{% octicon "webhook" aria-hidden="true" aria-label="webhook" %} Hooks**.
 1. Next to the pre-receive hook that you want to configure, select the **Hook permissions** dropdown menu, then click whether to enable or disable the pre-receive hook.
--- a/content/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/configuring-custom-footers.md
+++ b/content/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/configuring-custom-footers.md
@@ -22,7 +22,7 @@ You can configure the web UI for your enterprise to display a custom footer with

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
-1. Under **{% octicon "gear" aria-hidden="true" %} Settings**, click **Profile**.
+1. Under **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**, click **Profile**.
 1. At the top of the page, under the navigation bar, click **Custom footer**.

   ![Screenshot of the "Profile" page for an enterprise account. A tab, labeled "Custom footer", is outlined in dark orange.](/assets/images/enterprise/custom-footer/custom-footer-section.png)
--- a/content/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-requests-for-copilot-business-from-organizations-in-your-enterprise.md
+++ b/content/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-requests-for-copilot-business-from-organizations-in-your-enterprise.md
@@ -23,5 +23,5 @@ As an enterprise owner, you can view or dismiss these requests from your notific

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
-1. Under "{% octicon "law" aria-hidden="true" %} Policies", click **Copilot**.
+1. Under "{% octicon "law" aria-hidden="true" aria-label="law" %} Policies", click **Copilot**.
 1. In the "Access management" section, next to the organization you want to give access, select the dropdown menu and click **Enabled**.
--- a/content/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/restoring-a-deleted-repository.md
+++ b/content/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/restoring-a-deleted-repository.md
@@ -30,7 +30,7 @@ Restoring a repository will not restore release attachments or team permissions.
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.enterprise_site_admin_settings.search-user-or-org %}
 {% data reusables.enterprise_site_admin_settings.click-user-or-org %}
-1. In the **{% octicon "repo" aria-hidden="true" %} Repositories** section, click the **{% octicon "trash" aria-hidden="true" %} Deleted repositories** link.
+1. In the **{% octicon "repo" aria-hidden="true" aria-label="repo" %} Repositories** section, click the **{% octicon "trash" aria-hidden="true" aria-label="trash" %} Deleted repositories** link.
 1. Find the repository you want to restore in the deleted repositories list, then to the right of the repository name click **Restore**.
 1. To confirm you would like to restore the named repository, click **Restore**.

--- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/exporting-membership-information-for-your-enterprise.md
+++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/exporting-membership-information-for-your-enterprise.md
@@ -42,7 +42,7 @@ You can download a CSV file containing the membership information report for you

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.people-tab %}
-1. To the right of "Members", click **{% octicon "download" aria-hidden="true" %} CSV Report**.
+1. To the right of "Members", click **{% octicon "download" aria-hidden="true" aria-label="download" %} CSV Report**.

   * If your enterprise has less than 1,000 members, the report will download immediately.
   * If your enterprise has 1,000 or more members, you'll soon receive an email with a link to download the report.
--- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md
+++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md
@@ -56,7 +56,7 @@ Dormant users are not automatically suspended. Consider suspending dormant users
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.enterprise_site_admin_settings.search-user %}
 {% data reusables.enterprise_site_admin_settings.click-user %}
-1. In the **User info** section, view the status of the user's account. Any users labeled with "{% octicon "hourglass" aria-hidden="true" %} Dormant" are dormant, and users labeled with "{% octicon "hourglass" aria-hidden="true" %} "Active" are not.
+1. In the **User info** section, view the status of the user's account. Any users labeled with "{% octicon "hourglass" aria-hidden="true" aria-label="hourglass" %} Dormant" are dormant, and users labeled with "{% octicon "hourglass" aria-hidden="true" aria-label="hourglass" %} "Active" are not.

   ![Screenshot of the "User info" section for a user. The "User info" heading is outlined. Under the heading, the user is marked as active.](/assets/images/enterprise/stafftools/active-user.png)

@@ -79,5 +79,5 @@ Dormant users are not automatically suspended. Consider suspending dormant users
 {% data reusables.enterprise-accounts.enterprise-accounts-compliance-tab %}
 1. Scroll to "Reports".
 1. Optionally, to generate a new report, next to "Dormant Users", click **New report**.
-1. Under "Recent reports", next to the report you want to download, click **{% octicon "download" aria-hidden="true" %} Download**.
+1. Under "Recent reports", next to the report you want to download, click **{% octicon "download" aria-hidden="true" aria-label="download" %} Download**.
 {% endif %}
--- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-invitations-to-organizations-within-your-enterprise.md
+++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-invitations-to-organizations-within-your-enterprise.md
@@ -26,7 +26,7 @@ Invitations expire after 7 days. You can retry or cancel expired invitations, ei

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.people-tab %}
-1. Under "{% octicon "person" aria-hidden="true" %} People", click **Failed invitations**.
+1. Under "{% octicon "person" aria-hidden="true" aria-label="person" %} People", click **Failed invitations**.
 1. Optionally, retry or cancel a single invitation.
   * To the right of the invitation you want to cancel or retry, select the {% octicon "kebab-horizontal" aria-label="Show actions" %} dropdown menu and click **Retry invitation** or **Cancel invitation**.

--- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md
+++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md
@@ -181,7 +181,7 @@ You can view a list of all dormant users {% ifversion ghes %} who have not been
 {% data reusables.enterprise-accounts.access-enterprise %}
 1. Under "Organizations", in the search bar, begin typing the organization's name until it appears in the search results.
 1. Select the name of the organization.
-1. Above the organization name, select **{% octicon "person" aria-hidden="true" %} People**.
+1. Above the organization name, select **{% octicon "person" aria-hidden="true" aria-label="person" %} People**.

   ![Screenshot of the tabs above an organization name. The "People" tab is highlighted with an orange outline.](/assets/images/help/enterprises/emu-organization-people-tab.png)
 1. Above the list of members, select **Type**, then select the type of members you want to view.
@@ -219,7 +219,7 @@ You can view a list of members in your enterprise who don't have an email addres
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.verified-domains-tab %}
-1. Under "Notification preferences", select the **{% octicon "eye" aria-hidden="true" %} View enterprise members without an approved or verified domain email** link.
+1. Under "Notification preferences", select the **{% octicon "eye" aria-hidden="true" aria-label="eye" %} View enterprise members without an approved or verified domain email** link.

 ## Viewing whether members in your enterprise have 2FA enabled

--- a/content/admin/managing-code-security/managing-supply-chain-security-for-your-enterprise/viewing-the-vulnerability-data-for-your-enterprise.md
+++ b/content/admin/managing-code-security/managing-supply-chain-security-for-your-enterprise/viewing-the-vulnerability-data-for-your-enterprise.md
@@ -21,5 +21,5 @@ You can manually sync vulnerability data from {% data variables.product.prodname
 Before you can view vulnerability data, you must enable {% data variables.product.prodname_dependabot_alerts %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise).

 {% data reusables.enterprise_site_admin_settings.access-settings %}
-1. In the left sidebar, under **{% octicon "rocket" aria-hidden="true" %} Site admin**, click **Vulnerabilities**.
+1. In the left sidebar, under **{% octicon "rocket" aria-hidden="true" aria-label="rocket" %} Site admin**, click **Vulnerabilities**.
 1. To sync vulnerability data, click **Sync Vulnerabilities Now**.
--- a/content/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise.md
+++ b/content/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise.md
@@ -22,7 +22,7 @@ After you create a {% data variables.product.prodname_custom_security_configurat
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.advanced-security-tab %}
-1. To the right of the configuration you want to apply, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.
+1. To the right of the configuration you want to apply, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.
 {% data reusables.security-configurations.apply-configuration-by-default %}

 {% data reusables.security-configurations.apply-configuration %}
--- a/content/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise.md
+++ b/content/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise.md
@@ -24,7 +24,7 @@ The {% data variables.product.prodname_github_security_configuration %} includes
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.advanced-security-tab %}
-1. In the "{% data variables.product.github %} recommended" row of the configurations table for your enterprise, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.
+1. In the "{% data variables.product.github %} recommended" row of the configurations table for your enterprise, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.
 {% data reusables.security-configurations.apply-configuration-by-default %}

 {% data reusables.security-configurations.apply-configuration %}
--- a/content/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise.md
+++ b/content/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise.md
@@ -31,7 +31,7 @@ These additional settings apply only to repositories with {% data variables.prod

 To provide context for developers when {% data variables.product.prodname_secret_scanning %} blocks a commit, you can display a link with more information on why the commit was blocked.

-1. Under "Additional settings", to the right of "Resource link for push protection", click **{% octicon "pencil" aria-hidden="true" %}**.
+1. Under "Additional settings", to the right of "Resource link for push protection", click **{% octicon "pencil" aria-hidden="true" aria-label="pencil" %}**.
 1. In the text box, type the link to the desired resource, then click **{% octicon "check" aria-label="Save" %}**.

 ### Controlling features for new repositories created in a user namespace
--- a/content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md
+++ b/content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md
@@ -71,7 +71,7 @@ When creating a security configuration, keep in mind that:
   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
-   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
+   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
        {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
   * **Enforce configuration**. Block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Select **Enforce** from the dropdown menu.

@@ -109,7 +109,7 @@ When creating a security configuration, keep in mind that:
   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
-   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
+   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
        {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
   * **Enforce configuration**. Block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Select **Enforce** from the dropdown menu.

@@ -141,7 +141,7 @@ When creating a security configuration, keep in mind that:
    * **Alerts**. To learn about {% data variables.secret-scanning.alerts %}, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning).{% ifversion org-npp-enablement-security-configurations %}
    * **Non-provider patterns**. To learn more about scanning for non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns) and [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts).{% endif %}
    * **Push protection**. To learn about push protection, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection).
-1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, or **Private and internal**, or **All repositories**.
+1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, or **Private and internal**, or **All repositories**.

 1. Optionally, in the "Policy" section, you can enforce the configuration and block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Next to "Enforce configuration", select **Enforce** from the dropdown menu.

--- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md
+++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md
@@ -89,7 +89,7 @@ You can create a runner group to manage access to the runner that you added to y
 1. Click the "Runners" tab.
 1. In the list of runners, click the runner that you deployed in the previous section.
 1. Click **Edit**.
-1. Click **Runner groups {% octicon "gear" aria-hidden="true" %}**.
+1. Click **Runner groups {% octicon "gear" aria-hidden="true" aria-label="gear" %}**.
 1. In the list of runner groups, click the name of the group that you previously created.
 1. Click **Save** to move the runner to the group.

--- a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions.md
+++ b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions.md
@@ -31,7 +31,7 @@ Once {% data variables.product.prodname_github_connect %} is configured, you can

 1. From an enterprise owner account on {% data variables.product.prodname_ghe_server %}, navigate to the repository you want to delete from the _actions_ organization (in this example `checkout`).
 1. By default, site administrators are not owners of the bundled _actions_ organization. To get the access required to delete the `checkout` repository, you must use the site admin tools. Click {% octicon "rocket" aria-label="Site admin" %} in the upper-right corner of any page in that repository.
-1. Click **{% octicon "shield-lock" aria-hidden="true" %} Security** to see an overview of the security for the repository.
+1. Click **{% octicon "shield-lock" aria-hidden="true" aria-label="shield-lock" %} Security** to see an overview of the security for the repository.

   ![Screenshot of the site admin details for a repository. The "Security" link is highlighted with an orange outline.](/assets/images/enterprise/site-admin-settings/access-repo-security-info.png)
 1. Under "Privileged access", click **Unlock**.
--- a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md
+++ b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md
@@ -54,7 +54,7 @@ The following changes also apply to single organizations that are automatically
 * **Enterprise account name:** During the upgrade, the new enterprise account name will match your organization name or be as close as possible if taken. You can rename it after the upgrade.
 * **SAML SSO:** Existing SAML SSO will stay at the organization level after being added to the new enterprise account. You can configure SSO at the enterprise level post-upgrade, which will override the organization level. Existing PATs and SAML-authorized tokens will remain unchanged.
 * **Policies:** The new enterprise account starts with no policies, so existing organization policies won't be overridden.
-* **Spending limits:** Existing organization spending limits transfer to the new enterprise account. Post-upgrade, billing is handled at the enterprise level. To adjust spending limits, at the top of the page, click {% octicon "credit-card" aria-hidden="true" %} **Billing & Licensing**.
+* **Spending limits:** Existing organization spending limits transfer to the new enterprise account. Post-upgrade, billing is handled at the enterprise level. To adjust spending limits, at the top of the page, click {% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} **Billing & Licensing**.
 * **Coupons:** Existing coupons will carry over to the new enterprise account with no interruptions.
 * **Workflow permissions:** The new enterprise account will inherit your organization's workflow permissions. If the organization has a permissive setting ("Read and write"), the enterprise account will also default to permissive. Otherwise, it defaults to restrictive ("Read repository contents and packages"). For workflows with the id-token permission, the default changes to read-only due to a February 2023 update. Add an explicit permissions block in these workflows to grant the required permissions.

--- a/content/admin/managing-your-enterprise-account/deleting-an-enterprise-account.md
+++ b/content/admin/managing-your-enterprise-account/deleting-an-enterprise-account.md
@@ -37,7 +37,7 @@ You must remove, transfer, or delete all organizations in the enterprise before
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 1. If you are not trialing {% data variables.product.prodname_ghe_cloud %}, delete your enterprise account:
-   1. Under **{% octicon "gear" aria-hidden="true" %} Settings**, click **Profile**.
+   1. Under **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**, click **Profile**.
   1. In the "Danger Zone" section, click **Delete this enterprise**.
   1. In the text box, type the enterprise slug to confirm the deletion, then click **Delete this enterprise**.
 1. If you are trialing {% data variables.product.prodname_ghe_cloud %}, cancel your trial, or delete the expired trial:
--- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md
@@ -24,7 +24,7 @@ To learn more about {% data variables.product.prodname_github_connect %}, see [A

 {% data reusables.enterprise-accounts.access-enterprise %}

-1. {% ifversion horizontal-nav %}At the top of the page, in the enterprise account sidebar, click {% octicon "plug" aria-hidden="true" %} **GitHub Connect**.{% else %}On the left side of the page, in the enterprise account sidebar, click {% octicon "plug" aria-hidden="true" %} **GitHub Connect**.{% endif %}
+1. {% ifversion horizontal-nav %}At the top of the page, in the enterprise account sidebar, click {% octicon "plug" aria-hidden="true" aria-label="plug" %} **GitHub Connect**.{% else %}On the left side of the page, in the enterprise account sidebar, click {% octicon "plug" aria-hidden="true" aria-label="plug" %} **GitHub Connect**.{% endif %}

 {% data reusables.server-statistics.csv-download %}

--- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md
@@ -28,10 +28,10 @@ The Activity dashboard provides weekly, monthly, and yearly graphs of the number

 ## Accessing the Activity dashboard

-1. In the top-left corner of any page, select {% octicon "three-bars" aria-label="Open global navigation menu" %}, then click **{% octicon "telescope" aria-hidden="true" %} Explore**.
+1. In the top-left corner of any page, select {% octicon "three-bars" aria-label="Open global navigation menu" %}, then click **{% octicon "telescope" aria-hidden="true" aria-label="telescope" %} Explore**.

   ![Screenshot of the navigation bar on {% data variables.product.github %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png)
-1. In the upper-right corner of the page, click **{% octicon "pulse" aria-hidden="true" %} Activity**.
+1. In the upper-right corner of the page, click **{% octicon "pulse" aria-hidden="true" aria-label="pulse" %} Activity**.
 1. To view activity over different periods, click **This week**, **This month**, or **This year**.

   ![Screenshot of the activity dashboard. A line graph compares the number of pull requests merged over this week and the previous week.](/assets/images/help/enterprises/activity-dashboard.png)
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md
@@ -32,7 +32,7 @@ As an alternative to exporting log events, you can use the API to retrieve audit
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.audit-log-tab %}
 1. Optionally, to only export filtered results, search by one or more supported qualifiers or log filters.
-1. Select the **{% octicon "download" aria-hidden="true" %} Export** dropdown menu, and click a file format.
+1. Select the **{% octicon "download" aria-hidden="true" aria-label="download" %} Export** dropdown menu, and click a file format.

 ## Exporting Git events data

@@ -41,8 +41,8 @@ You can also export Git events data by date range. The data is exported as a com
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.audit-log-tab %}
-1. Select the **{% octicon "download" aria-hidden="true" %} Export Git Events** dropdown menu and choose a date range to export log events for.
-1. Click **{% octicon "file-zip" aria-hidden="true" %} Download Results**.
+1. Select the **{% octicon "download" aria-hidden="true" aria-label="download" %} Export Git Events** dropdown menu and choose a date range to export log events for.
+1. Click **{% octicon "file-zip" aria-hidden="true" aria-label="file-zip" %} Download Results**.
 1. To extract the JSON data, uncompress the file using an archive utility client or command. For example:

    ```shell
--- a/content/admin/overview/accessing-compliance-reports-for-your-enterprise.md
+++ b/content/admin/overview/accessing-compliance-reports-for-your-enterprise.md
@@ -22,7 +22,7 @@ You can access {% data variables.product.company_short %}'s compliance reports i

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.enterprise-accounts-compliance-tab %}
-1. Under "Resources", to the right of the report you want to access, click **{% octicon "download" aria-hidden="true" %} Download** or **{% octicon "link-external" aria-hidden="true" %} View**.
+1. Under "Resources", to the right of the report you want to access, click **{% octicon "download" aria-hidden="true" aria-label="download" %} Download** or **{% octicon "link-external" aria-hidden="true" aria-label="link-external" %} View**.

   {% data reusables.security.compliance-report-screenshot %}

--- a/content/admin/overview/setting-up-a-trial-of-github-enterprise-cloud.md
+++ b/content/admin/overview/setting-up-a-trial-of-github-enterprise-cloud.md
@@ -18,7 +18,7 @@ shortTitle: Enterprise Cloud trial

 To set up a trial, you must be signed in to a personal account. If you don't have a personal account, see [AUTOTITLE](/free-pro-team@latest/get-started/start-your-journey/creating-an-account-on-github).

-<a href="https://github.com/account/enterprises/new?ref_cta=GHEC+trial&ref_loc=setting+up+a+trial+of+github+enterprise+cloud&ref_page=docs" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Set up a trial of {% data variables.product.prodname_ghe_cloud %}</span> {% octicon "link-external" height:16 %}</a>
+<a href="https://github.com/account/enterprises/new?ref_cta=GHEC+trial&ref_loc=setting+up+a+trial+of+github+enterprise+cloud&ref_page=docs" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Set up a trial of {% data variables.product.prodname_ghe_cloud %}</span> {% octicon "link-external" height:16 aria-label="link-external" %}</a>

 {% data reusables.enterprise.enterprise-types %}

@@ -111,7 +111,7 @@ You can cancel a trial at any time. Once the trial has expired, you can delete t

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
-1. Under **{% octicon "gear" aria-hidden="true" %} Settings**, click **Profile**.
+1. Under **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**, click **Profile**.
 1. At the bottom of the page, in the "Danger zone" section, click **Cancel trial** or **Delete trial**.

 ## Further reading
--- a/content/apps/using-github-apps/reviewing-and-modifying-installed-github-apps.md
+++ b/content/apps/using-github-apps/reviewing-and-modifying-installed-github-apps.md
@@ -38,7 +38,7 @@ In addition to reviewing {% data variables.product.prodname_github_apps %} that
   > In the following steps, you will be taken to the account settings for the organization or personal account where the {% data variables.product.prodname_github_app %} is installed. The settings will affect all repositories where the app is installed under that account, not just the repository where you navigated from.

   1. Navigate to the main page of the organization or repository.
-   1. Click **{% octicon "gear" aria-hidden="true" %} Settings**.
+   1. Click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
   1. Under "Integrations," click **GitHub Apps**. A list of the {% data variables.product.prodname_github_apps %} that have been granted access to your repository will be displayed.

   1. Next to the {% data variables.product.prodname_github_app %} you want to review or modify, click **Configure**.
--- a/content/authentication/authenticating-with-a-passkey/signing-in-with-a-passkey.md
+++ b/content/authentication/authenticating-with-a-passkey/signing-in-with-a-passkey.md
@@ -21,13 +21,13 @@ Some authenticators allow passkeys to be used with nearby devices. For example,
 ## Signing in with a passkey linked to your primary device

 1. Navigate to the login page for {% data variables.product.prodname_dotcom %} at {% ifversion fpt or ghec %}[https://github.com/login?passkey=true](https://github.com/login?passkey=true){% else %}`https://HOSTNAME/login?passkey=true`{% endif %}.
-1. Click **{% octicon "passkey-fill" aria-hidden="true" %} Sign in with a passkey**.
+1. Click **{% octicon "passkey-fill" aria-hidden="true" aria-label="passkey-fill" %} Sign in with a passkey**.
 1. Follow the prompts on your browser or platform to select a passkey that is accessible from the device you are using, and complete the authentication process. For example, when prompted, you might touch a fingerprint sensor or enter your PIN.

 ## Signing in with a passkey using a nearby device

 1. Navigate to the login page for {% data variables.product.prodname_dotcom %} at {% ifversion fpt or ghec %}[https://github.com/login?passkey=true](https://github.com/login?passkey=true){% else %}`https://HOSTNAME/login?passkey=true`{% endif %}.
-1. Click **{% octicon "passkey-fill" aria-hidden="true" %} Sign in with a passkey**.
+1. Click **{% octicon "passkey-fill" aria-hidden="true" aria-label="passkey-fill" %} Sign in with a passkey**.
 1. Follow the prompts on your browser or platform to select a passkey that is accessible as a nearby device (such as a phone or a tablet).
 1. Continue to follow the prompts to start the authentication process. For example, you might choose to scan a QR code, or trigger a push notification to the nearby device.
 1. On your nearby device, follow the prompts to complete the authentication process. For example, if you are using an iPhone, you might perform Face ID or enter your passcode.
--- a/content/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md
+++ b/content/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md
@@ -101,7 +101,7 @@ For more information about best practices, see [AUTOTITLE](/rest/overview/keepin
 {% ifversion fpt or ghec %}1. [Verify your email address](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address), if it hasn't been verified yet.{% endif %}
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.developer_settings %}
-1. In the left sidebar, under **{% octicon "key" aria-hidden="true" %} {% data variables.product.pat_generic_caps %}s**, click **Fine-grained tokens**.
+1. In the left sidebar, under **{% octicon "key" aria-hidden="true" aria-label="key" %} {% data variables.product.pat_generic_caps %}s**, click **Fine-grained tokens**.
 1. Click **Generate new token**.
 1. Under **Token name**, enter a name for the token.
 1. Under **Expiration**, select an expiration for the token. Infinite lifetimes are allowed but may be blocked by a maximum lifetime policy set by your organization or enterprise owner. For more information, See [Enforcing a maximum lifetime policy for {% data variables.product.pat_generic_plural %}](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization#enforcing-a-maximum-lifetime-policy-for-personal-access-tokens).
@@ -129,7 +129,7 @@ If you selected an organization as the resource owner and the organization requi
 {% ifversion fpt or ghec %}1. [Verify your email address](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address), if it hasn't been verified yet.{% endif %}
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.developer_settings %}
-1. In the left sidebar, under **{% octicon "key" aria-hidden="true" %} {% data variables.product.pat_generic_caps %}s**, click **Tokens (classic)**.
+1. In the left sidebar, under **{% octicon "key" aria-hidden="true" aria-label="key" %} {% data variables.product.pat_generic_caps %}s**, click **Tokens (classic)**.
 1. Select **Generate new token**, then click **Generate new token (classic)**.
 1. In the "Note" field, give your token a descriptive name.
 1. To give your token an expiration, select **Expiration**, then choose a default option or click **Custom** to enter a date.
@@ -146,7 +146,7 @@ You should delete a {% data variables.product.pat_generic %} if it is no longer

 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.developer_settings %}
-1. In the left sidebar, under **{% octicon "key" aria-hidden="true" %} {% data variables.product.pat_generic_caps %}s**, click either **Fine-grained tokens** or **Tokens (classic)**, depending on which type of {% data variables.product.pat_generic %} you'd like to delete.
+1. In the left sidebar, under **{% octicon "key" aria-hidden="true" aria-label="key" %} {% data variables.product.pat_generic_caps %}s**, click either **Fine-grained tokens** or **Tokens (classic)**, depending on which type of {% data variables.product.pat_generic %} you'd like to delete.
 1. To the right of the {% data variables.product.pat_generic %} you want to delete, click **Delete**.

 {% ifversion ghec or fpt %}> [!NOTE] If you find a leaked {% data variables.product.pat_generic %} belonging to someone else, you can submit a revocation request through the REST API. See [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization#mitigate-data-leaks).
--- a/content/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys.md
+++ b/content/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys.md
@@ -16,7 +16,7 @@ shortTitle: Deploy keys
 ---
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
-1. In the "Security" section of the sidebar, click **{% octicon "key" aria-hidden="true" %} Deploy keys**.
+1. In the "Security" section of the sidebar, click **{% octicon "key" aria-hidden="true" aria-label="key" %} Deploy keys**.
 1. On the "Deploy keys" page, take note of the deploy keys associated with your account. For those that you don't recognize, or that are out of date, click **Delete**. If there are valid deploy keys you'd like to keep, click **Approve**.

 For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/managing-deploy-keys).
--- a/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md
+++ b/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md
@@ -20,7 +20,7 @@ shortTitle: Review security log
 The security log lists all actions performed within the last 90 days.

 {% data reusables.user-settings.access_settings %}
-1. In the "Archives" section of the sidebar, click **{% octicon "log" aria-hidden="true" %} Security log**.
+1. In the "Archives" section of the sidebar, click **{% octicon "log" aria-hidden="true" aria-label="log" %} Security log**.

 ## Searching your security log

--- a/content/authentication/keeping-your-account-and-data-secure/switching-between-accounts.md
+++ b/content/authentication/keeping-your-account-and-data-secure/switching-between-accounts.md
@@ -23,8 +23,8 @@ Your SSO sessions will persist when you switch away from an account and return.
 When you add a new account to the account switcher, both the account you are currently signed in to and the account you have added will become available in the account switcher. You will be signed in to the new account immediately.

 1. In the upper-right corner of any page, click your profile photo to open the menu.
-1. If you have previously added an account to the account switcher, click **{% octicon "arrow-switch" aria-hidden="true" %} Switch account** to open the menu.
-1. In the menu, click **{% octicon "person-add" aria-hidden="true" %} Add account**.
+1. If you have previously added an account to the account switcher, click **{% octicon "arrow-switch" aria-hidden="true" aria-label="arrow-switch" %} Switch account** to open the menu.
+1. In the menu, click **{% octicon "person-add" aria-hidden="true" aria-label="person-add" %} Add account**.
 1. Sign in to the account you want to add to the account switcher.

 ## Switching between accounts
@@ -32,10 +32,10 @@ When you add a new account to the account switcher, both the account you are cur
 When you have added accounts to the account switcher, you can quickly change between them without always needing to reauthenticate.

 > [!NOTE]
-> The "{% octicon "arrow-switch" aria-hidden="true" %} Switch account" option will not be available if all sessions have expired. You can instead click on **{% octicon "arrow-switch" aria-hidden="true" %} See all accounts** in the menu to reauthenticate.
+> The "{% octicon "arrow-switch" aria-hidden="true" aria-label="arrow-switch" %} Switch account" option will not be available if all sessions have expired. You can instead click on **{% octicon "arrow-switch" aria-hidden="true" aria-label="arrow-switch" %} See all accounts** in the menu to reauthenticate.

 1. In the upper-right corner of any page, click your profile photo to open the menu.
-1. In the menu, click **{% octicon "arrow-switch" aria-hidden="true" %} Switch account**.
+1. In the menu, click **{% octicon "arrow-switch" aria-hidden="true" aria-label="arrow-switch" %} Switch account**.
 1. In the submenu, click on the account that you want to switch to.

      ![Screenshot of the "Switch account" menu with three options, "octocat", "hubot", and "Add account".](/assets/images/help/profile/switch-accounts.png)
--- a/content/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md
+++ b/content/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md
@@ -119,10 +119,10 @@ You can download a CSV report of license usage through the {% data variables.pro

 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
-1. In the "Access" section of the sidebar click **{% octicon "credit-card" aria-hidden="true" %} Billing & licensing** and then **Usage**.
+1. In the "Access" section of the sidebar click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & licensing** and then **Usage**.
 1. Filter the metered usage to show `product:ghas` and choose "Group: SKU".
 1. Optionally, use the "Time Frame" field to set the period to report on.
-1. Click **{% octicon "download" aria-hidden="true" %}Get usage report** to download the report.
+1. Click **{% octicon "download" aria-hidden="true" aria-label="download" %}Get usage report** to download the report.

 {% endif %}

@@ -131,22 +131,22 @@ You can download a CSV report of license usage through the {% data variables.pro
 #### For an enterprise

 {% data reusables.enterprise-accounts.access-enterprise %}
-1. Click **{% octicon "credit-card" aria-hidden="true" %} Billing & licensing** to display an overview.
+1. Click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & licensing** to display an overview.

   **License consumption:**
-   1. Click **{% octicon "law" aria-hidden="true" %} Licensing**.
-   1. Under "{% data variables.product.prodname_GHAS %}," click the **Download report** dropdown and then click either **{% octicon "download" aria-hidden="true" %} {% data variables.product.prodname_code_security %}** or **{% octicon "download" aria-hidden="true" %} {% data variables.product.prodname_secret_protection %}**.
+   1. Click **{% octicon "law" aria-hidden="true" aria-label="law" %} Licensing**.
+   1. Under "{% data variables.product.prodname_GHAS %}," click the **Download report** dropdown and then click either **{% octicon "download" aria-hidden="true" aria-label="download" %} {% data variables.product.prodname_code_security %}** or **{% octicon "download" aria-hidden="true" aria-label="download" %} {% data variables.product.prodname_secret_protection %}**.

   **Metered usage:**
   1. Scroll to the tabbed usage information at the bottom of the "Overview" page and click **{% data variables.product.prodname_AS %}** to show usage.
   1. In the summary box, click "View details" to show metered usage for {% data variables.product.prodname_AS %} grouped by SKU.
-   1. Select a time frame and click **{% octicon "download" aria-hidden="true" %}Get usage report** to download a detailed report.
+   1. Select a time frame and click **{% octicon "download" aria-hidden="true" aria-label="download" %}Get usage report** to download a detailed report.

 {% elsif ghes %}

 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.license-tab %}
-1. Under "{% data variables.product.prodname_GHAS %}," click **{% octicon "download" aria-hidden="true" %} CSV report**.
+1. Under "{% data variables.product.prodname_GHAS %}," click **{% octicon "download" aria-hidden="true" aria-label="download" %} CSV report**.

   ![Screenshot of the licensing screen. The "CSV Report" button is highlighted with an orange outline.](/assets/images/enterprise/ghas/download-csv-report-ghes-3.9.png)

--- a/content/billing/managing-billing-for-your-products/managing-billing-for-github-sponsors/downgrading-a-sponsorship.md
+++ b/content/billing/managing-billing-for-your-products/managing-billing-for-github-sponsors/downgrading-a-sponsorship.md
@@ -42,6 +42,6 @@ Organizations that pay for {% data variables.product.prodname_sponsors %} by inv

 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
-1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing and plans**.
+1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**.
 1. Under "{% data variables.product.prodname_sponsors %}", in the yellow banner with the start date, click **Undo**.
 1. Review the alert about undoing the activation of the sponsorship, then click **OK**.
--- a/content/billing/managing-the-plan-for-your-github-account/connecting-an-azure-subscription.md
+++ b/content/billing/managing-the-plan-for-your-github-account/connecting-an-azure-subscription.md
@@ -92,7 +92,7 @@ To connect your Azure subscription, you must have owner permissions to the Azure
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}

-1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing and plans**.
+1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**.
 1. Under "Billing Management", to the right of "Metered billing via Azure", click **Add Azure Subscription**.
 1. To sign in to your Microsoft account, follow the prompts.
 1. Review the "Permissions requested" prompt. If you agree with the terms, click **Accept**.
@@ -135,7 +135,7 @@ After you disconnect your Azure subscription from your organization account, you
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}

-1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing and plans**.
+1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**.
 1. Under "Billing Management", then under "Metered billing via Azure", to the right of the subscription ID you want to disconnect, click **{% octicon "trash" aria-label="The trash icon" %}**.
 1. Review the prompt, then click **Remove**.

--- a/content/billing/managing-the-plan-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md
+++ b/content/billing/managing-the-plan-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md
@@ -54,7 +54,7 @@ You can view the subscription and usage for your enterprise and download a file
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.license-tab %}
 1. Under "User licenses", view your total licenses, number of consumed licenses, and your subscription expiration date.
-1. Optionally, to view details for license usage or download a {% ifversion ghec %}CSV{% elsif ghes %}JSON{% endif %} file with license details{% ifversion ghec %}, to the right of "User Licenses"{% endif %}, click **View {% ifversion ghec %}details{% elsif ghes %}users{% endif %}** or {% ifversion ghec %}**{% octicon "download" aria-hidden="true" %} CSV report**{% elsif ghes %}**Export license usage**{% endif %}.
+1. Optionally, to view details for license usage or download a {% ifversion ghec %}CSV{% elsif ghes %}JSON{% endif %} file with license details{% ifversion ghec %}, to the right of "User Licenses"{% endif %}, click **View {% ifversion ghec %}details{% elsif ghes %}users{% endif %}** or {% ifversion ghec %}**{% octicon "download" aria-hidden="true" aria-label="download" %} CSV report**{% elsif ghes %}**Export license usage**{% endif %}.
 {%- ifversion ghec %}
 1. Optionally, to view usage details for other features, in the left sidebar, click **Billing**.
 {% endif %}
--- a/content/billing/managing-your-billing/about-billing-for-your-enterprise.md
+++ b/content/billing/managing-your-billing/about-billing-for-your-enterprise.md
@@ -59,7 +59,7 @@ Administrators for your enterprise account on {% data variables.product.prodname
 To access the billing platform for your enterprise:

 {% data reusables.enterprise-accounts.access-enterprise %}
-1. {% ifversion horizontal-nav %}At the top of the page,{% else %}In the enterprise account sidebar,{% endif %} click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
+1. {% ifversion horizontal-nav %}At the top of the page,{% else %}In the enterprise account sidebar,{% endif %} click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.

 ## Further reading

--- a/content/billing/managing-your-billing/about-billing-on-github.md
+++ b/content/billing/managing-your-billing/about-billing-on-github.md
@@ -139,4 +139,4 @@ If you're an organization or enterprise owner, you can switch between settings f

   ![Screenshot of the "Public profile" settings for The Octocat. Next to "Your personal profile," a "Switch settings context" link is outlined in orange.](/assets/images/help/settings/context-switcher-button.png)
 1. Start typing the name of the account you want to switch to, then click the name of the account.
-1. In the left sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing and plans**.
+1. In the left sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**.
--- a/content/billing/managing-your-billing/about-the-new-billing-platform.md
+++ b/content/billing/managing-your-billing/about-the-new-billing-platform.md
@@ -86,7 +86,7 @@ With the new billing platform, you can:
 {% elsif ghec %}

 {% data reusables.enterprise-accounts.access-enterprise %}
-1. {% ifversion horizontal-nav %}At the top of the page,{% else %}In the enterprise account sidebar,{% endif %} click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
+1. {% ifversion horizontal-nav %}At the top of the page,{% else %}In the enterprise account sidebar,{% endif %} click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.

 {% endif %}

--- a/content/billing/managing-your-billing/estimating-spending.md
+++ b/content/billing/managing-your-billing/estimating-spending.md
@@ -23,7 +23,7 @@ The new billing platform provides a high-level view of your spending trends base
 ## Viewing your spending for your personal account

 {% data reusables.user-settings.access_settings %}
-1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
+1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.

 On this page, you can view your usage in the following categories:

--- a/content/billing/managing-your-billing/gathering-insights-on-your-spending.md
+++ b/content/billing/managing-your-billing/gathering-insights-on-your-spending.md
@@ -28,7 +28,7 @@ The new billing platform provides you with the tools to:
 You can view the usage of your personal account and download the usage data for further analysis.

 {% data reusables.user-settings.access_settings %}
-1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
+1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.
 1. Click **Usage**.
 1. To search or filter the graph, click the search bar. Then click the filter you want to use.
 1. To further filter the graph, use the dropdown menus.
@@ -112,7 +112,7 @@ You can also view your active {% data variables.product.prodname_enterprise %} i
 {% endif %}

 1. Click **Licensing**.
-1. To download a CSV report of the license usage, click {% octicon "kebab-horizontal" aria-label="Licensing dropdown" %} to the right of the usage you want to download, then click **{% octicon "download" aria-hidden="true" %} CSV report**.
+1. To download a CSV report of the license usage, click {% octicon "kebab-horizontal" aria-label="Licensing dropdown" %} to the right of the usage you want to download, then click **{% octicon "download" aria-hidden="true" aria-label="download" %} CSV report**.

 ## Further reading

--- a/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md
+++ b/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md
@@ -80,8 +80,8 @@ You can view and edit your billing information and update your payment method.

 1. In the upper-right corner of any page on {% data variables.product.prodname_dotcom %}, select your profile photo.

-   * For **personal accounts**, click **Settings**, then in the **Access** section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
-   * For **organizations**, click **Your organizations**, then next to the organization, click **Settings**. In the organization sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
+   * For **personal accounts**, click **Settings**, then in the **Access** section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.
+   * For **organizations**, click **Your organizations**, then next to the organization, click **Settings**. In the organization sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.

 {% elsif ghec %}

--- a/content/billing/managing-your-billing/preventing-overspending.md
+++ b/content/billing/managing-your-billing/preventing-overspending.md
@@ -35,7 +35,7 @@ For license-based products such as {% data variables.product.prodname_copilot %}
 You can set spending limits and receive alerts when your usage reaches 75%, 90%, or 100% of your defined budget. Budgets can be scoped at the repository or product level, depending on the product.

 {% data reusables.user-settings.access_settings %}
-1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing & Licensing**.
+1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing & Licensing**.
 1. Click **Budgets and alerts**.
 1. To create a new budget, click **New budget**.
 1. Under "Budget Type" select either **Product-level budget** or **SKU-level budget**.
@@ -149,5 +149,5 @@ You can edit or delete a budget at any time, but you cannot change the budget sc
 {% endif %}

 1. Click **Budgets and alerts**.
-1. To edit a budget, in the list of budgets, click {% octicon "kebab-horizontal" aria-label="View actions" %} next to the budget you want to edit, and click **{% octicon "pencil" aria-hidden="true" %} Edit** or **{% octicon "trash" aria-hidden="true" %} Delete**.
+1. To edit a budget, in the list of budgets, click {% octicon "kebab-horizontal" aria-label="View actions" %} next to the budget you want to edit, and click **{% octicon "pencil" aria-hidden="true" aria-label="pencil" %} Edit** or **{% octicon "trash" aria-hidden="true" aria-label="trash" %} Delete**.
 1. Follow the prompts.
--- a/content/billing/managing-your-billing/roles-for-the-new-billing-platform.md
+++ b/content/billing/managing-your-billing/roles-for-the-new-billing-platform.md
@@ -60,11 +60,11 @@ You can:
 The invited person will receive an invitation email asking them to become a billing manager for your {% ifversion ghec %}enterprise{% endif %}{% ifversion fpt %} organization{% endif %}. Once the invited person clicks the accept link in their invitation email, they will automatically be added to the {% ifversion ghec %}enterprise{% endif %}{% ifversion fpt %} organization{% endif %} as a billing manager. If they don't already have a {% data variables.product.prodname_dotcom %} account, they will be directed to sign up for one, and they will be automatically added to the {% ifversion ghec %}enterprise{% endif %}{% ifversion fpt %} organization{% endif %} as a billing manager after they create an account.

 {% data reusables.user-settings.access_settings %}
-1. In the "Access" section of the sidebar, click **{% octicon "organization" aria-hidden="true" %} Organizations**.
+1. In the "Access" section of the sidebar, click **{% octicon "organization" aria-hidden="true" aria-label="organization" %} Organizations**.
 {% data reusables.profile.org_settings %}
-1. If you are an organization owner, in the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" %} Billing and plans**.
+1. If you are an organization owner, in the "Access" section of the sidebar, click **{% octicon "credit-card" aria-hidden="true" aria-label="credit-card" %} Billing and plans**.
 1. Click the link in the text box, **Enterprise account billing settings**, which will direct you to your organizations billing settings page.
-1. {% ifversion horizontal-nav %}At the top of the page, click {% octicon "person" aria-hidden="true" %} **People**{% else %}On the left side of the page, in the enterprise account sidebar, click {% octicon "person" aria-hidden="true" %} **People**{% endif %}.
+1. {% ifversion horizontal-nav %}At the top of the page, click {% octicon "person" aria-hidden="true" aria-label="person" %} **People**{% else %}On the left side of the page, in the enterprise account sidebar, click {% octicon "person" aria-hidden="true" aria-label="person" %} **People**{% endif %}.
 1. Under "People", click **Administrators**.
 1. Above the list of administrators, click **Invite admin**.
 1. Type the username, full name, or email address of the person you want to invite, then select the appropriate person from the results.
--- a/content/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise.md
+++ b/content/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise.md
@@ -34,6 +34,6 @@ If you have any questions about downloading your license, contact {% data variab
 {% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.license-tab %}
-1. Under "Enterprise Server licenses", next to the license you want to download, click **{% octicon "download" aria-hidden="true" %} Download**.
+1. Under "Enterprise Server licenses", next to the license you want to download, click **{% octicon "download" aria-hidden="true" aria-label="download" %} Download**.

 After you download your license file, you can upload the file to {% data variables.location.product_location_enterprise %} to validate your application. For more information, see {% ifversion ghec %}[AUTOTITLE](/enterprise-server@latest/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server) in the {% data variables.product.prodname_ghe_server %} documentation.{% elsif ghes %}[AUTOTITLE](/enterprise-server@latest/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server).{% endif %}
--- a/content/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud.md
+++ b/content/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud.md
@@ -40,7 +40,7 @@ After you enable {% data variables.product.prodname_github_connect %}, license d
 {% data reusables.enterprise-accounts.access-enterprise-ghes %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.license-tab %}
-1. Under "License sync", click **{% octicon "sync" aria-hidden="true" %} Sync now**.
+1. Under "License sync", click **{% octicon "sync" aria-hidden="true" aria-label="sync" %} Sync now**.

 ## Manually uploading GitHub Enterprise Server license usage

--- a/content/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise.md
+++ b/content/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise.md
@@ -53,7 +53,7 @@ You can view the license usage for your enterprise and download a file with lice

   * If you purchased {% data variables.product.prodname_AS %}, you can review your total license usage. To learn about the information displayed, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage).

-1. To download a CSV report of the license usage, click {% octicon "kebab-horizontal" aria-label="Licensing dropdown" %} to the right of the usage you want to download, then click **{% octicon "download" aria-hidden="true" %} CSV report**.
+1. To download a CSV report of the license usage, click {% octicon "kebab-horizontal" aria-label="Licensing dropdown" %} to the right of the usage you want to download, then click **{% octicon "download" aria-hidden="true" aria-label="download" %} CSV report**.

 {% elsif ghes %}

--- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md
+++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md
@@ -63,10 +63,10 @@ You can customize your {% data variables.product.prodname_codeql %} analysis by
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
-1. Scroll down to "{% data variables.product.UI_code_security_scanning %}", in the "{% data variables.product.prodname_codeql %} analysis" row select **Set up** {% octicon "triangle-down" aria-hidden="true" %}, then click **Advanced**.
+1. Scroll down to "{% data variables.product.UI_code_security_scanning %}", in the "{% data variables.product.prodname_codeql %} analysis" row select **Set up** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %}, then click **Advanced**.

   > [!NOTE]
-   > If you are switching from default setup to advanced setup, in the "{% data variables.product.prodname_codeql %} analysis" row, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "workflow" aria-hidden="true" %} Switch to advanced**. In the pop-up window that appears, click **Disable {% data variables.product.prodname_codeql %}**.
+   > If you are switching from default setup to advanced setup, in the "{% data variables.product.prodname_codeql %} analysis" row, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "workflow" aria-hidden="true" aria-label="workflow" %} Switch to advanced**. In the pop-up window that appears, click **Disable {% data variables.product.prodname_codeql %}**.

   {% ifversion ghas-products %}

--- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md
+++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md
@@ -38,7 +38,7 @@ You can run {% data variables.product.prodname_code_scanning %} on {% data varia

 With advanced setup for {% data variables.product.prodname_code_scanning %}, you can customize a {% data variables.product.prodname_code_scanning %} workflow for granular control over your configuration. For more information, see [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning).

-{% data variables.product.prodname_codeql %} analysis is just one type of {% data variables.product.prodname_code_scanning %} you can do in {% data variables.product.prodname_dotcom %}. {% data variables.product.prodname_marketplace %}{% ifversion ghes %} on {% data variables.product.prodname_dotcom_the_website %}{% endif %} contains other {% data variables.product.prodname_code_scanning %} workflows you can use. {% ifversion fpt or ghec %}You can find a selection of these on the "Get started with {% data variables.product.prodname_code_scanning %}" page, which you can access from the **{% octicon "shield" aria-hidden="true" %} Security** tab.{% endif %} The specific examples given in this article relate to the {% data variables.code-scanning.codeql_workflow %} file.
+{% data variables.product.prodname_codeql %} analysis is just one type of {% data variables.product.prodname_code_scanning %} you can do in {% data variables.product.prodname_dotcom %}. {% data variables.product.prodname_marketplace %}{% ifversion ghes %} on {% data variables.product.prodname_dotcom_the_website %}{% endif %} contains other {% data variables.product.prodname_code_scanning %} workflows you can use. {% ifversion fpt or ghec %}You can find a selection of these on the "Get started with {% data variables.product.prodname_code_scanning %}" page, which you can access from the **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security** tab.{% endif %} The specific examples given in this article relate to the {% data variables.code-scanning.codeql_workflow %} file.

 ## Editing a {% data variables.product.prodname_code_scanning %} workflow

--- a/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale.md
+++ b/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale.md
@@ -154,7 +154,7 @@ You can select all of the displayed repositories, or a subset of them, and enabl

  ![Screenshot of the "Security coverage" view with the side panel open. The "Apply changes" button is highlighted in a dark orange outline.](/assets/images/help/security-overview/security-coverage-view-multi-repo-side-panel.png)

-  If you're blocked from enabling {% data variables.product.prodname_code_scanning %} due to an enterprise policy, you will still be able to see the affected repository in the "Security Coverage" view and access the side panel from the **{% octicon "gear" aria-hidden="true" %} Security settings** button. However, you will see a message in the side panel indicating that you cannot enable {% data variables.product.prodname_code_scanning %} for the selected repositories. For more information about enterprise policies, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise).
+  If you're blocked from enabling {% data variables.product.prodname_code_scanning %} due to an enterprise policy, you will still be able to see the affected repository in the "Security Coverage" view and access the side panel from the **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Security settings** button. However, you will see a message in the side panel indicating that you cannot enable {% data variables.product.prodname_code_scanning %} for the selected repositories. For more information about enterprise policies, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise).

 {% endif %}

--- a/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md
+++ b/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md
@@ -70,7 +70,7 @@ Compiled languages are not automatically included in default setup configuration
 {% data reusables.repositories.navigate-to-repo %}

   > [!NOTE]
-   > If you are configuring default setup on a fork, you must first enable {% data variables.product.prodname_actions %}. To enable {% data variables.product.prodname_actions %}, under your repository name, click **{% octicon "play" aria-hidden="true" %} Actions**, then click **I understand my workflows, go ahead and enable them**. Be aware that this will enable all existing workflows on your fork.
+   > If you are configuring default setup on a fork, you must first enable {% data variables.product.prodname_actions %}. To enable {% data variables.product.prodname_actions %}, under your repository name, click **{% octicon "play" aria-hidden="true" aria-label="play" %} Actions**, then click **I understand my workflows, go ahead and enable them**. Be aware that this will enable all existing workflows on your fork.

 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
@@ -91,7 +91,7 @@ Compiled languages are not automatically included in default setup configuration
   > [!NOTE]
   > If your repository contains _only_ compiled {% data variables.product.prodname_codeql %}-supported languages (for example, Java), you will be taken to the settings page to select the languages you want to add to your default setup configuration.

-1. Optionally, to customize your {% data variables.product.prodname_code_scanning %} setup, click **{% octicon "pencil" aria-hidden="true" %} Edit**.
+1. Optionally, to customize your {% data variables.product.prodname_code_scanning %} setup, click **{% octicon "pencil" aria-hidden="true" aria-label="pencil" %} Edit**.
   * To add or remove a language from the analysis performed by default setup, select or deselect that language in the "Languages" section. If you would like to analyze a {% data variables.product.prodname_codeql %}-supported compiled language with default setup, select that language here.
   * To specify the {% data variables.product.prodname_codeql %} query suite you would like to use, select your preferred query suite in the "Query suites" section.

@@ -100,7 +100,7 @@ Compiled languages are not automatically included in default setup configuration
   > [!NOTE]
   > If you are switching to default setup from advanced setup, you will see a warning informing you that default setup will override existing {% data variables.product.prodname_code_scanning %} configurations. This warning means default setup will disable the existing workflow file and block any {% data variables.product.prodname_codeql %} analysis API uploads.

-1. Optionally, to view your default setup configuration after enablement, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "gear" aria-hidden="true" %} View {% data variables.product.prodname_codeql %} configuration**.
+1. Optionally, to view your default setup configuration after enablement, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} View {% data variables.product.prodname_codeql %} configuration**.

 ## Assigning labels to runners

--- a/content/code-security/code-scanning/managing-code-scanning-alerts/best-practices-for-participating-in-a-security-campaign.md
+++ b/content/code-security/code-scanning/managing-code-scanning-alerts/best-practices-for-participating-in-a-security-campaign.md
@@ -92,7 +92,7 @@ When fixing security alerts as part of a campaign, it may be helpful to group an

 You can ask {% data variables.product.prodname_copilot_chat_short %} for help in understanding the vulnerability, the suggested fix, and how to test that the fix is comprehensive. To access {% data variables.product.prodname_copilot_chat_short %}, navigate to https://github.com/copilot.

-Alternatively, when viewing a specific alert, in the top right corner of the page, click the {% data variables.product.prodname_copilot_chat_short %} icon ({% octicon "copilot" aria-hidden="true" %}) to open a chat window, and ask {% data variables.product.prodname_copilot_short %} questions about the alert.
+Alternatively, when viewing a specific alert, in the top right corner of the page, click the {% data variables.product.prodname_copilot_chat_short %} icon ({% octicon "copilot" aria-hidden="true" aria-label="copilot" %}) to open a chat window, and ask {% data variables.product.prodname_copilot_short %} questions about the alert.

 For example:

@@ -114,7 +114,7 @@ To find the contact URL:

 1. Open the **Security** tab for your repository.
 1. On the left sidebar, click the name of the campaign you are participating in.
-1. On the campaign tracking page, to the right of the campaign manager's name, click **{% octicon "comment" aria-hidden="true" %}**.
+1. On the campaign tracking page, to the right of the campaign manager's name, click **{% octicon "comment" aria-hidden="true" aria-label="comment" %}**.

 ## Next steps

--- a/content/code-security/code-scanning/managing-code-scanning-alerts/fixing-alerts-in-security-campaign.md
+++ b/content/code-security/code-scanning/managing-code-scanning-alerts/fixing-alerts-in-security-campaign.md
@@ -32,7 +32,7 @@ This view shows the alerts in the current repository for a campaign called "SQL
 If you want to see the code that triggered the security alert and the suggested fix, click on the alert name to show the alert view.

 1. When you are ready to work on one or more security alerts, check that no one else is working on those alerts already. In the campaign view, git icons are displayed on alerts where a fix may already be in progress. Click an icon to display the linked work:
-   * {% octicon "git-pull-request-draft" aria-hidden="Draft pull request" %} an open draft pull request may fix this alert.
+   * {% octicon "git-pull-request-draft" aria-hidden="Draft pull request" aria-label="git-pull-request-draft" %} an open draft pull request may fix this alert.
   * {% octicon "git-pull-request" aria-label="Pull request" %} an open pull request may fix this alert.
   * {% octicon "git-branch" aria-label="Branch" %} a branch may contain changes to fix this alert.

--- a/content/code-security/code-scanning/managing-code-scanning-alerts/resolving-code-scanning-alerts.md
+++ b/content/code-security/code-scanning/managing-code-scanning-alerts/resolving-code-scanning-alerts.md
@@ -44,7 +44,7 @@ With a {% data variables.product.prodname_copilot_enterprise %} license, you can
 {% data reusables.repositories.sidebar-security %}
 {% data reusables.repositories.sidebar-code-scanning-alerts %}
 1. Click the name of an alert.
-1. If {% data variables.product.prodname_copilot_autofix_short %} can suggest a fix, at the top of the page, click **{% octicon "shield-check" aria-hidden="true" %} Generate fix**.
+1. If {% data variables.product.prodname_copilot_autofix_short %} can suggest a fix, at the top of the page, click **{% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} Generate fix**.
 1. Once the suggested fix has been generated, at the bottom of the page, you can click **Create PR with fix** to automatically generate a pull request with the suggested fix.
 A new branch is created from the default branch, the generated fix is committed and a draft pull request is created. You can test and edit the suggested fix as you would with any other fix.

--- a/content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md
+++ b/content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md
@@ -145,7 +145,7 @@ Each {% data variables.product.prodname_copilot_autofix_short %} suggestion demo

    {% data reusables.rai.code-scanning.copilot-workspaces-prs-autofix-note %}

-1. Optionally, if you prefer to apply the fix on a local repository or branch, select the {% octicon "copy" aria-hidden="true" %} dropdown menu on the suggestion.
+1. Optionally, if you prefer to apply the fix on a local repository or branch, select the {% octicon "copy" aria-hidden="true" aria-label="copy" %} dropdown menu on the suggestion.
   * Select **View autofix patch** to display instructions for applying the suggested fix to any local repository or branch.
   * Select **Copy modified line LINE_NUMBER** to copy a specific line of the suggestion.
 1. Test and modify the suggested fix as needed.
--- a/content/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page.md
+++ b/content/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page.md
@@ -89,13 +89,13 @@ You can download the list of rules that {% data variables.product.prodname_code_
 * The SARIF identifier.
 * How many alerts were found.

-To download a report, select a configuration you're interested in. Then click **{% octicon "kebab-horizontal" aria-label="Configuration menu" %}** on the top right of the page, and select **{% octicon "download" aria-hidden="true" %} Download list of rules used**.
+To download a report, select a configuration you're interested in. Then click **{% octicon "kebab-horizontal" aria-label="Configuration menu" %}** on the top right of the page, and select **{% octicon "download" aria-hidden="true" aria-label="download" %} Download list of rules used**.

 ### Removing configurations

 You can remove stale, duplicate, or unwanted configurations for the default branch of your repository.

-To remove a configuration, select the configuration you want to delete. Then click **{% octicon "kebab-horizontal" aria-label="Configuration menu" %}** on the top right of the page, and select **{% octicon "trash" aria-hidden="true" %} Delete configuration**. Once you have read the warning about alerts, to confirm the deletion, click the **Delete** button.
+To remove a configuration, select the configuration you want to delete. Then click **{% octicon "kebab-horizontal" aria-label="Configuration menu" %}** on the top right of the page, and select **{% octicon "trash" aria-hidden="true" aria-label="trash" %} Delete configuration**. Once you have read the warning about alerts, to confirm the deletion, click the **Delete** button.

 > [!NOTE]
 > You can only use the {% data variables.code-scanning.tool_status_page %} to remove configurations for the default branch of a repository. For information about removing configurations from non-default branches, see [AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/resolving-code-scanning-alerts#removing-stale-configurations-and-alerts-from-a-branch).
--- a/content/code-security/code-scanning/managing-your-code-scanning-configuration/editing-your-configuration-of-default-setup.md
+++ b/content/code-security/code-scanning/managing-your-code-scanning-configuration/editing-your-configuration-of-default-setup.md
@@ -29,14 +29,14 @@ If you need to change any other aspects of your {% data variables.product.prodna
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
-1. In the "{% data variables.product.prodname_codeql %} analysis" row of the "{% data variables.product.UI_code_security_scanning %}" section, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "gear" aria-hidden="true" %} View {% data variables.product.prodname_codeql %} configuration**.
-1. In the "{% data variables.product.prodname_codeql %} default configuration" window, click **{% octicon "pencil" aria-hidden="true" %} Edit**.
+1. In the "{% data variables.product.prodname_codeql %} analysis" row of the "{% data variables.product.UI_code_security_scanning %}" section, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} View {% data variables.product.prodname_codeql %} configuration**.
+1. In the "{% data variables.product.prodname_codeql %} default configuration" window, click **{% octicon "pencil" aria-hidden="true" aria-label="pencil" %} Edit**.
 1. Optionally, in the "Languages" section, select or deselect languages for analysis.
 1. Optionally, in the "Query suite" row of the "Scan settings" section, select a different query suite to run against your code.

 {% ifversion code-scanning-default-setup-customize-labels %}

-1. Optionally, to use labeled runners, in the "Runner type" section of the "{% data variables.product.prodname_codeql %} default configuration" modal dialog, select **Standard {% data variables.product.company_short %} runner** {% octicon "triangle-down" aria-hidden="true" %} to open a dropdown menu, then select **Labeled runner**. Then, next to "Runner label", enter the label of an existing self-hosted or {% data variables.product.company_short %}-hosted runner. For more information, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#assigning-labels-to-runners).
+1. Optionally, to use labeled runners, in the "Runner type" section of the "{% data variables.product.prodname_codeql %} default configuration" modal dialog, select **Standard {% data variables.product.company_short %} runner** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} to open a dropdown menu, then select **Labeled runner**. Then, next to "Runner label", enter the label of an existing self-hosted or {% data variables.product.company_short %}-hosted runner. For more information, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#assigning-labels-to-runners).

 {% endif %}

--- a/content/code-security/code-scanning/troubleshooting-code-scanning/advanced-security-must-be-enabled.md
+++ b/content/code-security/code-scanning/troubleshooting-code-scanning/advanced-security-must-be-enabled.md
@@ -37,7 +37,7 @@ If you are on a **{% data variables.product.prodname_free_team %}** or **{% data
 1. On the settings page, scroll down to "{% data variables.product.prodname_code_security %}."
 1. If there is an associated and active **Enable** button, {% data variables.product.prodname_GH_code_security %} is available for this repository but not yet enabled.
 {% ifversion ghas-products %}
-1. If use of {% data variables.product.prodname_GH_code_security %} is blocked by a policy, "{% octicon "shield" aria-hidden="true" %} Disabled" is shown in place of the **Enable** button.
+1. If use of {% data variables.product.prodname_GH_code_security %} is blocked by a policy, "{% octicon "shield" aria-hidden="true" aria-label="shield" %} Disabled" is shown in place of the **Enable** button.

   !["Screenshot of the {% data variables.product.prodname_AS %}" setting. The disabled option is highlighted in dark orange.](/assets/images/help/repository/ghas-enterprise-policy-block.png)
 {% else %}
--- a/content/code-security/code-scanning/troubleshooting-code-scanning/cannot-enable-codeql-in-a-private-repository.md
+++ b/content/code-security/code-scanning/troubleshooting-code-scanning/cannot-enable-codeql-in-a-private-repository.md
@@ -26,7 +26,7 @@ If you are on a **{% data variables.product.prodname_free_team %}** or **{% data
 1. If there is an associated and active **Enable** button, {% data variables.product.prodname_code_security %} is available for this repository but not yet enabled.

 {% ifversion ghas-products %}
-1. If use of {% data variables.product.prodname_GH_code_security %} is blocked by a policy, "{% octicon "shield" aria-hidden="true" %} Disabled" is shown in place of the **Enable** button.
+1. If use of {% data variables.product.prodname_GH_code_security %} is blocked by a policy, "{% octicon "shield" aria-hidden="true" aria-label="shield" %} Disabled" is shown in place of the **Enable** button.

   !["Screenshot of the {% data variables.product.prodname_AS %}" setting. The disabled option is highlighted in dark orange.](/assets/images/help/repository/ghas-enterprise-policy-block.png)
 {% else %}
--- a/content/code-security/code-scanning/troubleshooting-code-scanning/enabling-default-setup-takes-too-long.md
+++ b/content/code-security/code-scanning/troubleshooting-code-scanning/enabling-default-setup-takes-too-long.md
@@ -13,4 +13,4 @@ When you enable default setup, a workflow is triggered with the automatically ge

 You can check on the progress of the test run for default setup on the **Actions** tab. If the run is taking too long, try canceling the workflow run and restarting the configuration process.

-To restart your configuration, navigate to the main page of your repository, then click **{% octicon "play" aria-hidden="true" %} Actions**. Click the **{% data variables.product.prodname_codeql %}** workflow run that's in progress, then click **Cancel workflow**. Once {% octicon "stop" aria-label="cancelled" %} appears beside the workflow run name, navigate back to the **{% data variables.product.UI_advanced_security %}** settings and re-enable default setup. If default setup continues to stall, please contact {% data variables.contact.contact_support %} or try enabling advanced setup. For more information, see [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning).
+To restart your configuration, navigate to the main page of your repository, then click **{% octicon "play" aria-hidden="true" aria-label="play" %} Actions**. Click the **{% data variables.product.prodname_codeql %}** workflow run that's in progress, then click **Cancel workflow**. Once {% octicon "stop" aria-label="cancelled" %} appears beside the workflow run name, navigate back to the **{% data variables.product.UI_advanced_security %}** settings and re-enable default setup. If default setup continues to stall, please contact {% data variables.contact.contact_support %} or try enabling advanced setup. For more information, see [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning).
--- a/content/code-security/code-scanning/troubleshooting-code-scanning/results-different-than-expected.md
+++ b/content/code-security/code-scanning/troubleshooting-code-scanning/results-different-than-expected.md
@@ -13,8 +13,8 @@ redirect_from:

 If your {% data variables.product.prodname_code_scanning %} results are different than you expected, you may have both default and advanced setup configured for your repository. When you enable default setup, this disables the existing {% data variables.product.prodname_codeql %} workflow file and blocks any {% data variables.product.prodname_codeql %} API analysis from uploading results.

-To check if default setup is enabled, navigate to the main page of the repository, then click **{% octicon "gear" aria-hidden="true" %} Settings**. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" %} {% data variables.product.UI_advanced_security %}**. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis", click {% octicon "kebab-horizontal" aria-label="Menu" %}. If there is a **{% octicon "workflow" aria-hidden="true" %} Switch to advanced** option, you are currently using default setup.
+To check if default setup is enabled, navigate to the main page of the repository, then click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" aria-label="codescan" %} {% data variables.product.UI_advanced_security %}**. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis", click {% octicon "kebab-horizontal" aria-label="Menu" %}. If there is a **{% octicon "workflow" aria-hidden="true" aria-label="workflow" %} Switch to advanced** option, you are currently using default setup.

-If you want to return to using advanced setup and get {% data variables.product.prodname_code_scanning %} results from your custom workflow file, click **{% octicon "stop" aria-hidden="true" %} Disable {% data variables.product.prodname_codeql %}** to disable default setup. Then you should re-enable your pre-existing workflows to start triggering and uploading results from advanced setup. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) and [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning).
+If you want to return to using advanced setup and get {% data variables.product.prodname_code_scanning %} results from your custom workflow file, click **{% octicon "stop" aria-hidden="true" aria-label="stop" %} Disable {% data variables.product.prodname_codeql %}** to disable default setup. Then you should re-enable your pre-existing workflows to start triggering and uploading results from advanced setup. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) and [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning).

 {% data reusables.code-scanning.troubleshooting-multiple-configurations %}
--- a/content/code-security/code-scanning/troubleshooting-sarif-uploads/default-setup-enabled.md
+++ b/content/code-security/code-scanning/troubleshooting-sarif-uploads/default-setup-enabled.md
@@ -33,7 +33,7 @@ You will only see this error for SARIF files that contain results created using
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
 1. In the "{% data variables.product.UI_code_security_scanning %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis," click {% octicon "kebab-horizontal" aria-label="Menu" %}.
-1. If there is a **{% octicon "workflow" aria-hidden="true" %} Switch to advanced** option, default setup is enabled for the repository.
+1. If there is a **{% octicon "workflow" aria-hidden="true" aria-label="workflow" %} Switch to advanced** option, default setup is enabled for the repository.

 ## Fixing the problem

@@ -46,5 +46,5 @@ Before you can fix the problem, you need to decide whether {% data variables.pro

 ### Disabling default setup to unblock SARIF upload

-1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis," from the {% octicon "kebab-horizontal" aria-label="Menu" %} menu select **{% octicon "stop" aria-hidden="true" %} Disable {% data variables.product.prodname_codeql %}**.
+1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis," from the {% octicon "kebab-horizontal" aria-label="Menu" %} menu select **{% octicon "stop" aria-hidden="true" aria-label="stop" %} Disable {% data variables.product.prodname_codeql %}**.
 {% data reusables.code-scanning.sarif-upload-retry %}
--- a/content/code-security/dependabot/dependabot-auto-triage-rules/managing-automatically-dismissed-alerts.md
+++ b/content/code-security/dependabot/dependabot-auto-triage-rules/managing-automatically-dismissed-alerts.md
@@ -26,7 +26,7 @@ redirect_from:

 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}
-1. To filter to see all closed alerts, click **{% octicon "check" aria-hidden="true" %} Closed**. Alternatively, use the `is:closed` filter query in the search bar.
+1. To filter to see all closed alerts, click **{% octicon "check" aria-hidden="true" aria-label="check" %} Closed**. Alternatively, use the `is:closed` filter query in the search bar.

   ![Screenshot of the "Dependabot Alerts" page. A button, labelled "Closed" is highlighted with an orange outline.](/assets/images/help/repository/dependabot-alerts-closed-tab.png)

--- a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md
+++ b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md
@@ -119,7 +119,7 @@ To re-run a {% data variables.product.prodname_dependabot_version_updates %} or
 ### Re-running a {% data variables.product.prodname_dependabot_security_updates %} job

 {% data reusables.repositories.navigate-to-repo %}
-1. Under your repository name, click **{% octicon "shield-lock" aria-hidden="true" %} Security**.
+1. Under your repository name, click **{% octicon "shield-lock" aria-hidden="true" aria-label="shield-lock" %} Security**.
 1. In the left sidebar, under "Vulnerability alerts", click **{% data variables.product.prodname_dependabot %}**.
 1. Under "{% data variables.product.prodname_dependabot %}", click the alert you want to view.
 1. In the section displaying the error details for the alert, click **Try again** to re-run the {% data variables.product.prodname_dependabot_security_updates %} job.
--- a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
+++ b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
@@ -77,8 +77,8 @@ Use to define exactly which dependencies to maintain for a package ecosystem. Of

 {% data variables.product.prodname_dependabot %} default behavior:

-* {% octicon "versions" aria-hidden="true" %} All dependencies explicitly defined in a manifest are kept up to date by version updates.
-* {% octicon "shield-check" aria-hidden="true" %} All dependencies defined in lock files with vulnerable dependencies are updated by security updates.
+* {% octicon "versions" aria-hidden="true" aria-label="versions" %} All dependencies explicitly defined in a manifest are kept up to date by version updates.
+* {% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} All dependencies defined in lock files with vulnerable dependencies are updated by security updates.

 When `allow` is specified {% data variables.product.prodname_dependabot %} uses the following process:

@@ -121,8 +121,8 @@ Specify individual assignees for all pull requests raised for a package ecosyste

 When `assignees` is defined:

-* {% octicon "versions" aria-hidden="true" %} All pull requests for version updates are created with the chosen assignees.
-* {% octicon "shield-check" aria-hidden="true" %} All pull requests for security updates are created with the chosen assignees, unless `target-branch` defines updates to a non-default branch.
+* {% octicon "versions" aria-hidden="true" aria-label="versions" %} All pull requests for version updates are created with the chosen assignees.
+* {% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} All pull requests for security updates are created with the chosen assignees, unless `target-branch` defines updates to a non-default branch.

 Assignees must have write access to the repository. For organization-owned repositories, organization members with read access are also valid assignees.

@@ -136,8 +136,8 @@ Define the format for commit messages. Since the titles of pull requests are wri

 When `commit-message` is defined:

-* {% octicon "versions" aria-hidden="true" %} All commit messages follow the defined pattern.
-* {% octicon "shield-check" aria-hidden="true" %} All commit messages follow the defined pattern, unless `target-branch` defines updates to a non-default branch.
+* {% octicon "versions" aria-hidden="true" aria-label="versions" %} All commit messages follow the defined pattern.
+* {% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} All commit messages follow the defined pattern, unless `target-branch` defines updates to a non-default branch.

 | Parameters | Purpose |
 |------------|---------|
@@ -245,8 +245,8 @@ Use with the [`allow`](#allow--) option to define exactly which dependencies to

 {% data variables.product.prodname_dependabot %} default behavior:

-* {% octicon "versions" aria-hidden="true" %} All dependencies explicitly defined in a manifest are kept up to date by version updates.
-* {% octicon "shield-check" aria-hidden="true" %} All dependencies defined in lock files with vulnerable dependencies are updated by security updates.
+* {% octicon "versions" aria-hidden="true" aria-label="versions" %} All dependencies explicitly defined in a manifest are kept up to date by version updates.
+* {% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} All dependencies defined in lock files with vulnerable dependencies are updated by security updates.

 When `ignore` is used {% data variables.product.prodname_dependabot %} uses the following process:

@@ -466,8 +466,8 @@ Specify individual reviewers, or teams of reviewers, for all pull requests raise

 When `reviewers` is defined:

-* {% octicon "versions" aria-hidden="true" %} All pull requests for version updates are created with the chosen reviewers.
-* {% octicon "shield-check" aria-hidden="true" %} All pull requests for security updates are created with the chosen reviewers, unless `target-branch` defines updates to a non-default branch.
+* {% octicon "versions" aria-hidden="true" aria-label="versions" %} All pull requests for version updates are created with the chosen reviewers.
+* {% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} All pull requests for security updates are created with the chosen reviewers, unless `target-branch` defines updates to a non-default branch.

 Reviewers must have at least read access to the repository.

--- a/content/code-security/getting-started/adding-a-security-policy-to-your-repository.md
+++ b/content/code-security/getting-started/adding-a-security-policy-to-your-repository.md
@@ -43,7 +43,7 @@ For an example of a real `SECURITY.md` file, see [https://github.com/electron/el

 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}
-1. In the left sidebar, under "Reporting", click **{% octicon "law" aria-hidden="true" %} Policy**.
+1. In the left sidebar, under "Reporting", click **{% octicon "law" aria-hidden="true" aria-label="law" %} Policy**.
 1. Click **Start setup**.
 1. In the new `SECURITY.md` file, add information about supported versions of your project and how to report a vulnerability.
 {% data reusables.files.write_commit_message %}
--- a/content/code-security/getting-started/dependabot-quickstart-guide.md
+++ b/content/code-security/getting-started/dependabot-quickstart-guide.md
@@ -33,7 +33,7 @@ For the purpose of this guide, we're going to use a demo repository to illustrat
 You need to start by forking the demo repository.

 1. Navigate to [https://github.com/dependabot/demo](https://github.com/dependabot/demo).
-1. At the top of the page, on the right, click **{% octicon "repo-forked" aria-hidden="true" %} Fork**.
+1. At the top of the page, on the right, click **{% octicon "repo-forked" aria-hidden="true" aria-label="repo-forked" %} Fork**.
 1. Select an owner (you can select your {% data variables.product.prodname_dotcom %} personal account) and type a repository name. For more information about forking repositories, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo#forking-a-repository).
 1. Click **Create fork**.

--- a/content/code-security/getting-started/quickstart-for-securing-your-organization.md
+++ b/content/code-security/getting-started/quickstart-for-securing-your-organization.md
@@ -67,7 +67,7 @@ When you're ready to proceed, follow these steps to enable a feature for all rep
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.org_settings %}

-1. In the left sidebar, click **{% octicon "codescan" aria-hidden="true" %} Code security and analysis**.
+1. In the left sidebar, click **{% octicon "codescan" aria-hidden="true" aria-label="codescan" %} Code security and analysis**.
 1. Locate the feature that you want to enable and use any associated check boxes to fine-tune the options.
 1. When you are ready to enable the feature for all repositories in your organization where the feature is supported, next to the name of the feature, click **Enable all**.

@@ -84,7 +84,7 @@ You can use the "Security coverage" view to identify repositories that require a
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}

-1. In the sidebar, click **{% octicon "meter" aria-hidden="true" %} Coverage**.
+1. In the sidebar, click **{% octicon "meter" aria-hidden="true" aria-label="meter" %} Coverage**.

 On this view, you can use checkboxes to select specific repositories, or you can use the search bar to find the repositories where you want to enable a feature. For example, you can use filters to identify repositories where a certain team has write or admin access, or exclude repositories that don't require the same level of protection, such as test repositories or repositories for internal documentation. Then you can enable features for all selected repositories at once. For more information, see [AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories).

@@ -99,7 +99,7 @@ You can choose to enable a security feature automatically in all new repositorie
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.org_settings %}

-1. In the left sidebar, click **{% octicon "codescan" aria-hidden="true" %} Code security and analysis**.
+1. In the left sidebar, click **{% octicon "codescan" aria-hidden="true" aria-label="codescan" %} Code security and analysis**.
 1. Below the name of the feature, select the option for automatically enabling the feature in applicable future repositories.

   ![Screenshot of "Code security and analysis" page. Below "Dependabot alerts", the checkbox to enable alerts in new repositories is outlined in orange.](/assets/images/help/security/enable-for-new-repos.png)
--- a/content/code-security/getting-started/quickstart-for-securing-your-repository.md
+++ b/content/code-security/getting-started/quickstart-for-securing-your-repository.md
@@ -32,7 +32,7 @@ Your security needs are unique to your repository, so you may not need to enable

 The first step to securing a repository is to establish who can see and modify your code. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features).

-From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**, then scroll down to the "Danger Zone."
+From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**, then scroll down to the "Danger Zone."

 * To change who can view your repository, click **Change visibility**. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility).
 * To change who can access your repository and adjust permissions, click **Manage access**. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository).
@@ -42,7 +42,7 @@ From the main page of your repository, click **{% octicon "gear" aria-hidden="tr
 {% ifversion fpt or ghec %}
 {% data reusables.dependency-graph.feature-availability %} The dependency graph interprets manifest and lock files in a repository to identify dependencies.

-1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**.
+1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
 1. Click **{% data variables.product.UI_advanced_security %}**.
 1. Next to Dependency graph, click **Enable** or **Disable**.
 {% endif %}
@@ -79,7 +79,7 @@ Dependency review is a {% data variables.product.prodname_GH_code_security %} fe

 To enable dependency review for a repository, ensure that the dependency graph is enabled and enable {% data variables.product.prodname_GH_code_security %}.

-1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**.
+1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
 1. Click **{% data variables.product.UI_advanced_security %}**.{% ifversion fpt or ghec %}
 1. To the right of {% data variables.product.prodname_code_security %}, click **Enable**.
 1. Under {% data variables.product.prodname_code_security %}, check that dependency graph is enabled for the repository. {% elsif ghes %}
@@ -89,7 +89,7 @@ To enable dependency review for a repository, ensure that the dependency graph i

 For any repository that uses {% data variables.product.prodname_dependabot_alerts %}, you can enable {% data variables.product.prodname_dependabot_security_updates %} to raise pull requests with security updates when vulnerabilities are detected.

-1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**.
+1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
 1. Click **{% data variables.product.UI_advanced_security %}**.
 1. Next to {% data variables.product.prodname_dependabot_security_updates %}, click **Enable**.

@@ -100,7 +100,7 @@ For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-secur
 You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates).

 {% ifversion dependabot-settings-update-37 %}
-1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**.
+1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
 1. Click **{% data variables.product.UI_advanced_security %}**.
 1. Next to {% data variables.product.prodname_dependabot_version_updates %}, click **Enable** to create a basic `dependabot.yml` configuration file.
 1. Specify the dependencies to update and any associated configuration options, then commit the file to the repository. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates).
@@ -120,11 +120,11 @@ To enable {% data variables.product.prodname_dependabot_version_updates %}, you

 You can configure {% data variables.product.prodname_code_scanning %} to automatically identify vulnerabilities and errors in the code stored in your repository by using a {% data variables.code-scanning.codeql_workflow %} or third-party tool. Depending on the programming languages in your repository, you can configure {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %} using default setup, in which {% data variables.product.github %} automatically determines the languages to scan, query suites to run, and events that will trigger a new scan. For more information, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning).

-1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**.
-1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-hidden="true" %} {% data variables.product.UI_advanced_security %}**.{% ifversion ghas-products %}
+1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
+1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-hidden="true" aria-label="shield-lock" %} {% data variables.product.UI_advanced_security %}**.{% ifversion ghas-products %}
 1. If "{% data variables.product.prodname_code_security %}" or "{% data variables.product.prodname_GHAS %}" is not already enabled, click **Enable**.
-1. To the right of "CodeQL analysis", select **Set up** {% octicon "triangle-down" aria-hidden="true" %}, then click **Default**.{% else %}
-1. In the "{% data variables.product.prodname_code_scanning_caps %}" section, select **Set up** {% octicon "triangle-down" aria-hidden="true" %}, then click **Default**.{% endif %}
+1. To the right of "CodeQL analysis", select **Set up** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %}, then click **Default**.{% else %}
+1. In the "{% data variables.product.prodname_code_scanning_caps %}" section, select **Set up** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %}, then click **Default**.{% endif %}
 1. In the pop-up window that appears, review the default configuration settings for your repository, then click **Enable {% data variables.product.prodname_codeql %}**.{% ifversion code-scanning-autofix %}
 1. Choose whether you want to enable addition features, such as {% data variables.product.prodname_copilot_autofix_short %}.{% endif %}

@@ -139,7 +139,7 @@ As an alternative to default setup, you can use advanced setup, which generates

 {% ifversion ghas-products %}{% data variables.product.prodname_GH_secret_protection %} includes {% data variables.product.prodname_secret_scanning %} and push protection, as well as other features that help you detect and prevent secret leaks in your repository.{% endif %}

-1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**.
+1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Settings**.
 1. Click **{% data variables.product.UI_advanced_security %}**.
 1. If "{% data variables.product.prodname_secret_protection %}" or "{% data variables.product.prodname_GHAS %}" is not already enabled, click **Enable**.
 1. If the option "{% data variables.product.prodname_secret_scanning_caps %}" is shown, click **Enable**.{% ifversion ghas-products %}
@@ -149,8 +149,8 @@ As an alternative to default setup, you can use advanced setup, which generates

 If you are a repository maintainer, it's good practice to specify a security policy for your repository by creating a file named `SECURITY.md` in the repository. This file instructs users about how to best contact you and collaborate with you when they want to report security vulnerabilities in your repository. You can view the security policy of a repository from the repository’s **Security** tab.

-1. From the main page of your repository, click **{% octicon "shield" aria-hidden="true" %} Security**.
-1. In the left sidebar, under "Reporting", click **{% octicon "law" aria-hidden="true" %} Policy**.
+1. From the main page of your repository, click **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security**.
+1. In the left sidebar, under "Reporting", click **{% octicon "law" aria-hidden="true" aria-label="law" %} Policy**.
 1. Click **Start setup**.
 1. Add information about supported versions of your project and how to report vulnerabilities.

--- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
+++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
@@ -57,7 +57,7 @@ With a {% data variables.product.prodname_copilot_enterprise %} license, you can

 ## Performing an on-demand validity check

-Once you have enabled validity checks for partner patterns for your repository, you can perform an "on-demand" validity check for any supported secret by clicking **{% octicon "sync" aria-hidden="true" %} Verify secret** in the alert view. {% data variables.product.company_short %} will send the pattern to the relevant partner and display the validation status of the secret in the alert view.
+Once you have enabled validity checks for partner patterns for your repository, you can perform an "on-demand" validity check for any supported secret by clicking **{% octicon "sync" aria-hidden="true" aria-label="sync" %} Verify secret** in the alert view. {% data variables.product.company_short %} will send the pattern to the relevant partner and display the validation status of the secret in the alert view.

 ![Screenshot of the UI showing a {% data variables.product.prodname_secret_scanning %} alert. A button, labeled "Verify secret" is highlighted with an orange outline.](/assets/images/help/security/secret-scanning-verify-secret.png)

--- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/monitoring-alerts.md
+++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/monitoring-alerts.md
@@ -25,7 +25,7 @@ In addition to displaying an alert in the **Security** tab of the repository, {%
 {% data reusables.secret-scanning.secret-scanning-configure-notifications %}

 {% data reusables.repositories.navigate-to-repo %}
-1. To start watching the repository, select **{% octicon "eye" aria-hidden="true" %} Watch**.
+1. To start watching the repository, select **{% octicon "eye" aria-hidden="true" aria-label="eye" %} Watch**.

   ![Screenshot of the repository's main page. A dropdown menu, titled "Watch", is highlighted with an orange outline.](/assets/images/help/repository/repository-watch-dropdown.png)

--- a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md
+++ b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md
@@ -35,7 +35,7 @@ You can specify custom patterns for {% data variables.product.prodname_secret_sc

 ### Regular expression syntax for manually defining custom patterns {% endif %}

-The **More options {% octicon "chevron-down" aria-hidden="true" %}** section in the UI helps you write regular expressions manually.
+The **More options {% octicon "chevron-down" aria-hidden="true" aria-label="chevron-down" %}** section in the UI helps you write regular expressions manually.

 * **Secret format:** an expression that describes the format of the secret itself.
 * **Before secret:** an expression that describes the characters that come before the secret. By default, this is set to `\A|[^0-9A-Za-z]` which means that the secret must be at the start of a line or be preceded by a non-alphanumeric character.
--- a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-a-custom-security-configuration.md
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-a-custom-security-configuration.md
@@ -25,7 +25,7 @@ After you create a {% data variables.product.prodname_custom_security_configurat
 {% data reusables.security-configurations.view-configurations-page %}
 1. Optionally, in the "Apply configurations" section, filter for specific repositories you would like to apply your {% data variables.product.prodname_custom_security_configuration %} to. To learn how to filter the repository table, see [AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table).
 {% data reusables.security-configurations.select-repos %}
-1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **YOUR-CONFIGURATION-NAME**.
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **YOUR-CONFIGURATION-NAME**.

    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}

--- a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization.md
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization.md
@@ -24,7 +24,7 @@ The {% data variables.product.prodname_github_security_configuration %} is a col
 {% data reusables.profile.access_org %}
 {% data reusables.organizations.org_settings %}
 {% data reusables.security-configurations.view-configurations-page %}
-1. In the "{% data variables.product.company_short %} recommended" row of the configurations table for your organization, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.
+1. In the "{% data variables.product.company_short %} recommended" row of the configurations table for your organization, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.

    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}

@@ -37,7 +37,7 @@ The {% data variables.product.prodname_github_security_configuration %} is a col
 {% data reusables.security-configurations.view-configurations-page %}
 1. Optionally, in the "Apply configurations" section, filter the view to find the repositories you would like to apply the {% data variables.product.prodname_github_security_configuration %} to. To learn how to filter the repository table, see [AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table).
 {% data reusables.security-configurations.select-repos %}
-1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **{% data variables.product.company_short %} recommended**.
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **{% data variables.product.company_short %} recommended**.

    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}

--- a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration.md
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration.md
@@ -72,7 +72,7 @@ You can also choose whether or not you want to include {% data variables.product
   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
-   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
+   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
        {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
   * **Enforce configuration**. Block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Select **Enforce** from the dropdown menu.

@@ -111,7 +111,7 @@ You can also choose whether or not you want to include {% data variables.product
   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
-   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
+   * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
        {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
   * **Enforce configuration**. Block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Select **Enforce** from the dropdown menu.

@@ -145,7 +145,7 @@ You can also choose whether or not you want to include {% data variables.product
 {% ifversion push-protection-delegated-bypass-configurations %}
 1. Optionally, under "Push protection", choose whether you want to assign bypass privileges to selected actors in your organization. By assigning bypass privileges, selected organization members can bypass push protection, and there is a review and approval process for all other contributors. For further guidance on how to configure this setting, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/enabling-delegated-bypass-for-push-protection#configuring-delegated-bypass-for-an-organization).
 {% endif %}
-1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, or **Private and internal**, or **All repositories**.
+1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, or **Private and internal**, or **All repositories**.

    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
 1. Optionally, in the "Policy" section, you can enforce the configuration and block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Next to "Enforce configuration", select **Enforce** from the dropdown menu.
--- a/content/code-security/securing-your-organization/fixing-security-alerts-at-scale/creating-managing-security-campaigns.md
+++ b/content/code-security/securing-your-organization/fixing-security-alerts-at-scale/creating-managing-security-campaigns.md
@@ -32,13 +32,13 @@ You choose the alerts that you want to include in the campaign by using either:
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
 {% data reusables.code-scanning.campaigns-click %}
-1. Click **Create campaign {% octicon "triangle-down" aria-hidden="true" %}**, then select one of the following options:
+1. Click **Create campaign {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %}**, then select one of the following options:
   * Click **From template**, then select a pre-defined campaign template from the list.
   * Click **From code scanning filters**, then add filters to define a subset of alerts for your campaign. See [Examples of useful filters](#examples-of-useful-filters).
 1. Review the set of alerts to be included in the campaign, and adjust the filters as necessary. Make sure you have chosen 1000 alerts or fewer.
 1. When you are satisfied with the scope of the campaign, click **Save as**, then choose whether you want to create a draft campaign, or move straight ahead to finalizing the details of the campaign before publishing it:
-   * If you plan to review the scope and details of the campaign prior to launch, or seek feedback on the implementation of the campaign, click **{% octicon "issue-draft" aria-hidden="true" %} Draft campaign**.
-   * If you intend to publish the campaign, and don't need a review phase, click **{% octicon "goal" aria-hidden="true" %} Publish campaign**.
+   * If you plan to review the scope and details of the campaign prior to launch, or seek feedback on the implementation of the campaign, click **{% octicon "issue-draft" aria-hidden="true" aria-label="issue-draft" %} Draft campaign**.
+   * If you intend to publish the campaign, and don't need a review phase, click **{% octicon "goal" aria-hidden="true" aria-label="goal" %} Publish campaign**.
 1. Optionally, if you have chosen to create a draft campaign, edit, save, and review the details of the campaign:
   * Edit the "Campaign name" and "Short description" to match your campaign needs and to link to any resources that support the campaign.
   * Define a "Campaign due date" and select one or more "Campaign managers" as the primary contacts for the campaign. Campaign managers must be users or teams that are owners or security managers in the organization.
@@ -110,7 +110,7 @@ You can edit the name, description, due date, and manager for a campaign.
 {% data reusables.organizations.security-overview %}
 {% data reusables.code-scanning.campaigns-click %}
 1. From the list of campaigns, click the name of the campaign to display the campaign tracking view.
-1. In the campaign title row, click {% octicon "kebab-horizontal" aria-label="Campaign options" %} and select **{% octicon "pencil" aria-hidden="true" %} Edit campaign**.
+1. In the campaign title row, click {% octicon "kebab-horizontal" aria-label="Campaign options" %} and select **{% octicon "pencil" aria-hidden="true" aria-label="pencil" %} Edit campaign**.
 1. In the "Edit campaign" dialog make your changes and then click **Save changes**.

 The changes are made immediately.
@@ -126,7 +126,7 @@ If you don't need to retain the campaign or its data, you can delete it.
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
 {% data reusables.code-scanning.campaigns-click %}
-1. To the right of the campaign you want to close, click {% octicon "kebab-horizontal" aria-label="Campaign options" %}, then select **{% octicon "archive" aria-hidden="true" %} Close campaign**.
+1. To the right of the campaign you want to close, click {% octicon "kebab-horizontal" aria-label="Campaign options" %}, then select **{% octicon "archive" aria-hidden="true" aria-label="archive" %} Close campaign**.

 ### Reopen a closed campaign

@@ -134,14 +134,14 @@ If you don't need to retain the campaign or its data, you can delete it.
 {% data reusables.organizations.security-overview %}
 {% data reusables.code-scanning.campaigns-click %}
 1. Above the list of campaigns, click **Closed** to view the list of closed campaigns.
-1. To the right of the campaign you want to reopen, click {% octicon "kebab-horizontal" aria-label="Campaign options" %}, then select **{% octicon "play" aria-hidden="true" %} Reopen campaign**.
+1. To the right of the campaign you want to reopen, click {% octicon "kebab-horizontal" aria-label="Campaign options" %}, then select **{% octicon "play" aria-hidden="true" aria-label="play" %} Reopen campaign**.

 ### Delete a campaign

 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
 {% data reusables.code-scanning.campaigns-click %}
-1. To the right of the campaign you want to delete, click {% octicon "kebab-horizontal" aria-label="Campaign options" %}, then select **{% octicon "trash" aria-hidden="true" %} Delete campaign**.
+1. To the right of the campaign you want to delete, click {% octicon "kebab-horizontal" aria-label="Campaign options" %}, then select **{% octicon "trash" aria-hidden="true" aria-label="trash" %} Delete campaign**.

 ## Next steps

--- a/content/code-security/securing-your-organization/fixing-security-alerts-at-scale/tracking-security-campaigns.md
+++ b/content/code-security/securing-your-organization/fixing-security-alerts-at-scale/tracking-security-campaigns.md
@@ -18,7 +18,7 @@ topics:

 The tracking view provides an overview of data for all open and closed campaigns. It helps you understand the impact of the campaigns, track progress through campaigns and measure success towards achieving your organization's goals.

-To display the campaign tracking view, navigate to the **Security** tab for the organization, then in the left sidebar click **{% octicon "goal" aria-hidden="true" %} Campaigns**.
+To display the campaign tracking view, navigate to the **Security** tab for the organization, then in the left sidebar click **{% octicon "goal" aria-hidden="true" aria-label="goal" %} Campaigns**.

 ![Screenshot of the security campaigns overview page.](/assets/images/help/security/security-campaigns-tracking-overview.png)

@@ -38,7 +38,7 @@ For both open and closed campaigns, the view breaks down the total alert count i

 You can similarly track how a single campaign is progressing by viewing the campaign's own tracking page.

-To display the tracking page, navigate to the **Security** tab for the organization, click **{% octicon "goal" aria-hidden="true" %} Campaigns** in the left sidebar, and then select the campaign you want to view from the list of campaigns.
+To display the tracking page, navigate to the **Security** tab for the organization, click **{% octicon "goal" aria-hidden="true" aria-label="goal" %} Campaigns** in the left sidebar, and then select the campaign you want to view from the list of campaigns.

 ![Screenshot of campaign tracking view for "Testing Campaigns for CodeQL". The campaign progress is outlined in dark orange.](/assets/images/help/security/driver-sec-campaign-view.png)

--- a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/detaching-repositories-from-their-security-configurations.md
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/detaching-repositories-from-their-security-configurations.md
@@ -25,5 +25,5 @@ Alternatively, if you want to apply a {% data variables.product.prodname_securit
 {% data reusables.security-configurations.view-configurations-page %}
 1. Optionally, in the "Apply configurations" section, filter for specific repositories you would like to detach from their configurations. To learn more, see [AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table).
 {% data reusables.security-configurations.select-repos %}
-1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **No configuration**.
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **No configuration**.
 1. To finish detaching your repositories from their linked {% data variables.product.prodname_security_configurations %}, in the "No configuration?" window, click **No configuration**.
--- a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table.md
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table.md
@@ -30,7 +30,7 @@ By default, when managing {% data variables.product.prodname_security_configurat
 {% data reusables.profile.access_org %}
 {% data reusables.organizations.org_settings %}
 {% data reusables.security-configurations.view-configurations-page %}
-1. To open the advanced filter dialog, in the "Apply configurations" section, click **{% octicon "filter" aria-hidden="true" %} Filter**.
-1. In the "Advanced filters" window, select the **{% octicon "plus" aria-hidden="true" %} Add a filter** dropdown menu, then click a filter.
+1. To open the advanced filter dialog, in the "Apply configurations" section, click **{% octicon "filter" aria-hidden="true" aria-label="filter" %} Filter**.
+1. In the "Advanced filters" window, select the **{% octicon "plus" aria-hidden="true" aria-label="plus" %} Add a filter** dropdown menu, then click a filter.
 1. To search for repositories matching the selected filter, fill out the available fields for that filter, then click **Apply**. You can repeat this process to add as many filters as you would like to your search.
-1. Optionally, to remove a filter from your search, click **{% octicon "filter" aria-hidden="true" %} Filter**. In the row of the filter you want to remove, click {% octicon "x" aria-label="Delete FILTER-NUMBER: FILTER-PROPERTIES" %}, then click **Apply**.
+1. Optionally, to remove a filter from your search, click **{% octicon "filter" aria-hidden="true" aria-label="filter" %} Filter**. In the row of the filter you want to remove, click {% octicon "x" aria-label="Delete FILTER-NUMBER: FILTER-PROPERTIES" %}, then click **Apply**.
--- a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/finding-repositories-with-attachment-failures.md
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/finding-repositories-with-attachment-failures.md
@@ -29,7 +29,7 @@ Click the link in the banner display, or alternatively, filter the list of repos
 {% data reusables.organizations.org_settings %}
 {% data reusables.security-configurations.view-configurations-page %}
 1. In the "Apply configurations" section, filter by `config-status:failed`.
-1. From the results list, for the repository you're interested in, click **{% octicon "alert" aria-hidden="true" %} Failed REASON**.
+1. From the results list, for the repository you're interested in, click **{% octicon "alert" aria-hidden="true" aria-label="alert" %} Failed REASON**.
 1. In the dialog box, review the information and follow the remediation guidance.

 ## Further reading
--- a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings.md
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings.md
@@ -40,7 +40,7 @@ To best secure your organization, you should encourage contributors to review an
 * {% data variables.secret-scanning.user_alerts_caps %}, which appear on {% data variables.product.github %} and can be resolved

 {% endif %}
-You can view {% data variables.product.prodname_secret_scanning %} alerts for an organization by navigating to the main page of that organization, clicking the **{% octicon "shield" aria-hidden="true" %} Security** tab, then clicking **{% octicon "key" aria-hidden="true" %} {% data variables.product.prodname_secret_scanning_caps %}** in the "Metrics" or "Alerts" section.
+You can view {% data variables.product.prodname_secret_scanning %} alerts for an organization by navigating to the main page of that organization, clicking the **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security** tab, then clicking **{% octicon "key" aria-hidden="true" aria-label="key" %} {% data variables.product.prodname_secret_scanning_caps %}** in the "Metrics" or "Alerts" section.

 * **Metrics**. To see detailed information on push protection events, see [AUTOTITLE](/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection).
 * **Alerts**. To see detailed information on **Default** and **Generic** alerts for exposed secrets in the organization.
@@ -53,7 +53,7 @@ To learn how to evaluate {% data variables.product.prodname_secret_scanning %} a

 {% data reusables.code-scanning.about-code-scanning %} These problems are raised as {% data variables.product.prodname_code_scanning %} alerts, which contain detailed information on the vulnerability or error detected.

-You can view the {% data variables.product.prodname_code_scanning %} alerts for an organization by navigating to the main page of that organization, clicking the **{% octicon "shield" aria-hidden="true" %} Security** tab, then clicking:
+You can view the {% data variables.product.prodname_code_scanning %} alerts for an organization by navigating to the main page of that organization, clicking the **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security** tab, then clicking:

 * **{% data variables.product.prodname_codeql %} pull request alerts**. To see information on {% data variables.product.prodname_code_scanning %} alerts found and remediated in pull requests.
 * **{% data variables.product.prodname_code_scanning_caps %}**. To see detailed information on alerts for potentially vulnerable code in the organization, see [AUTOTITLE](/code-security/security-overview/viewing-metrics-for-pull-request-alerts).
@@ -64,7 +64,7 @@ To learn how to interpret and resolve {% data variables.product.prodname_code_sc

 ## Interpreting {% data variables.product.prodname_dependabot_alerts %}

-{% data variables.product.prodname_dependabot_alerts %} inform you about vulnerabilities in the dependencies that you use in repositories in your organization. You can view {% data variables.product.prodname_dependabot_alerts %} for an organization by navigating to the main page of that organization, clicking the **{% octicon "shield" aria-hidden="true" %} Security** tab, then clicking **{% octicon "dependabot" aria-hidden="true" %} {% data variables.product.prodname_dependabot %}**.
+{% data variables.product.prodname_dependabot_alerts %} inform you about vulnerabilities in the dependencies that you use in repositories in your organization. You can view {% data variables.product.prodname_dependabot_alerts %} for an organization by navigating to the main page of that organization, clicking the **{% octicon "shield" aria-hidden="true" aria-label="shield" %} Security** tab, then clicking **{% octicon "dependabot" aria-hidden="true" aria-label="dependabot" %} {% data variables.product.prodname_dependabot %}**.

 For an introduction to {% data variables.product.prodname_dependabot_alerts %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).

--- a/content/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository.md
+++ b/content/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository.md
@@ -47,7 +47,7 @@ Notifications depend on the user's notification preferences. You will receive an
 * In your notification settings, under "Subscriptions", then under "Watching", you have selected to receive notifications by email.

 {% data reusables.repositories.navigate-to-repo %}
-1. To start watching the repository, select **{% octicon "eye" aria-hidden="true" %} Watch**.
+1. To start watching the repository, select **{% octicon "eye" aria-hidden="true" aria-label="eye" %} Watch**.

   ![Screenshot of the repository's main page. A dropdown menu, titled "Watch", is highlighted with an orange outline.](/assets/images/help/repository/repository-watch-dropdown.png)

--- a/content/code-security/security-overview/assessing-adoption-code-security.md
+++ b/content/code-security/security-overview/assessing-adoption-code-security.md
@@ -44,11 +44,11 @@ You can view data to assess the enablement of features for secure coding across

 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
-1. To display the "Security coverage" view, in the sidebar, click **{% octicon "meter" aria-hidden="true" %} Coverage**.
+1. To display the "Security coverage" view, in the sidebar, click **{% octicon "meter" aria-hidden="true" aria-label="meter" %} Coverage**.
 {% data reusables.code-scanning.using-security-overview-coverage %}

 {% ifversion pre-security-configurations %}
-1. Optionally, click **{% octicon "gear" aria-hidden="true" %} Security settings** to enable security features for a repository and click **Save security settings** to confirm the changes. If a feature is not shown, it has more complex configuration requirements and you need to use the repository settings dialog. For more information, see [AUTOTITLE](/code-security/getting-started/securing-your-repository).
+1. Optionally, click **{% octicon "gear" aria-hidden="true" aria-label="gear" %} Security settings** to enable security features for a repository and click **Save security settings** to confirm the changes. If a feature is not shown, it has more complex configuration requirements and you need to use the repository settings dialog. For more information, see [AUTOTITLE](/code-security/getting-started/securing-your-repository).
 1. Optionally, select some or all of the repositories that match your current search and click **Security settings** in the table header to display a side panel where you can enable security features for the selected repositories. When you've finished, click **Apply changes** to confirm the changes. For more information, see [AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories).

 {% data reusables.security-overview.settings-limitations %}
@@ -86,7 +86,7 @@ You can view data to assess the enablement status and enablement status trends o

 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
-1. In the sidebar, under "Metrics", click **{% octicon "meter" aria-hidden="true" %} Enablement trends**.
+1. In the sidebar, under "Metrics", click **{% octicon "meter" aria-hidden="true" aria-label="meter" %} Enablement trends**.
 1. Click on one of the tabs for "{% data variables.product.prodname_dependabot %}", "{% data variables.product.prodname_code_scanning_caps %}", or "{% data variables.product.prodname_secret_scanning_caps %}" to view enablement trends and the percentage of repositories in your organization with that feature enabled. This data is displayed as a graph and a detailed table.
 1. Optionally, use the options at the top of the "Enablement trends" view page to filter the group of repositories you want to see enablement trends for.
    * Use the date picker to set the time range that you want to view enablement trends for.
--- a/Show More
+++ b/Show More