Merge branch 'main' into automatic-toc

.github/ISSUE_COMMENT_TEMPLATE/quick-status.yml

@@ -14,6 +14,8 @@ body:
           value: 'Status: YELLOW'
         - label: "RED \U0001F534 (BLOCKED)"
           value: 'Status: RED'
+        - label: "BLACK ⚫️ (We shipped it \U0001F389)"
+          value: 'Status: BLACK'
   - type: textarea
     attributes:
       label: Update Summary

.github/actions-scripts/enterprise-server-issue-templates/release-issue.md

@@ -34,12 +34,6 @@
     ```
     ☝️ This will run a workflow **on every push to the PR** that will sync **only** the English index for the new version to Algolia. This will make the GHES content searchable on staging throughout content creation, and will ensure the search updates go live at the same time the content is published. See [`contributing/search.md`](https://github.com/github/docs-internal/blob/main/contributing/search.md) for details.
 
-- [ ] Create an OpenAPI topic branch
-
-  This branch is used to avoid propagating the OpenAPI dev mode check CI test failure in all of the branches. All changes that affect the OpenAPI schema should branch off of this topic branch. The tests should all be passing before the OpenAPI topic branch is merged into the megabranch.
-
-  For more information about how OpenAPI changes are published to docs.github.com, see [Publishing REST API changes to docs.github.com](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/publishing-documentation/publishing-REST-api-docs.md#publishing-rest-api-changes-to-docsgithubcom).
-
 - [ ] In `github/github`, to create a new GHES release follow these steps:
   - [ ] Copy the previous release's root document to a new root document for this release `cp app/api/description/ghes-<LATEST RELEASE NUMBER>.yaml app/api/description/ghes-<NEXT RELEASE NUMBER>.yaml`.
   - [ ] Update the `externalDocs.url` property in that file to use the new GHES release number.
@@ -47,6 +41,14 @@
   - [ ] Update the `variables.externalDocsUrl`, `variables.ghesVersion`, and `patch.[].value.url` in that file to use the new GHES release number.
   - [ ] Update `published` in that file to `false`. **Note:** This is important to ensure that 3.1 OpenAPI changes are not made public until 3.1 is released.
 
+#### Troubleshooting
+
+If the `OpenAPI dev mode check / check-schema-versions` check fails on the release branch, in your local checkout of the mega branch:
+
+- run `git checkout origin/main lib/rest/static/*`
+- run `script/rest/update-files.js --decorate-only`
+- push the resulting changes
+
 ### Before shipping the release branch
 
 - [ ] Add the GHES release notes to `data/release-notes/` and update the versioning frontmatter in `content/admin/release-notes.md` to `enterprise-server: '<=<RELEASE>'`

.github/allowed-actions.js

@@ -4,13 +4,13 @@
 // can be added it this list.
 
 module.exports = [
-  "actions/cache@0781355a23dac32fd3bac414512f4b903437991a", //actions/cache@v2.1.3
+  "actions/cache@0781355a23dac32fd3bac414512f4b903437991a", // v2.1.3
-  "actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f", //actions/checkout@v2.3.4
+  "actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f", // v2.3.4
-  "actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9", //actions/script@v3.0.0
+  "actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9", // v3.0.0
-  "actions/labeler@5f867a63be70efff62b767459b009290364495eb", //actions/labeler@v2.2.0
+  "actions/labeler@5f867a63be70efff62b767459b009290364495eb", // v2.2.0
-  "actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e", //actions/setup-node@v2.1.4
+  "actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e", // v2.1.4
-  "ruby/setup-ruby@fdcfbcf14ec9672f6f615cb9589a1bc5dd69d262", //ruby/setup-ruby@vv1.64.1
+  "ruby/setup-ruby@fdcfbcf14ec9672f6f615cb9589a1bc5dd69d262", // v1.64.1
-  "actions/stale@9d6f46564a515a9ea11e7762ab3957ee58ca50da", //actions/stale@v3.0.16
+  "actions/stale@9d6f46564a515a9ea11e7762ab3957ee58ca50da", // v3.0.16
   "alex-page/github-project-automation-plus@fdb7991b72040d611e1123d2b75ff10eda9372c9",
   "andymckay/labeler@22d5392de2b725cea4b284df5824125054049d84",
   "archive/github-actions-slack@d368c5a4ad757515a9344918f84c490b05777d94",
@@ -20,14 +20,14 @@ module.exports = [
   "cschleiden/actions-linter@0ff16d6ac5103cca6c92e6cbc922b646baaea5be",
   "dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911",
   "docker://chinthakagodawita/autoupdate-action:v1",
-  "fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289",
   "github/codeql-action/analyze@v1",
   "github/codeql-action/init@v1",
   "juliangruber/approve-pull-request-action@c530832d4d346c597332e20e03605aa94fa150a8",
-  "juliangruber/find-pull-request-action@2fc55e82a6d5d36fe1e7f1848f7e64fd02d99de9",
+  "juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51", // v1.5.0
   "juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512",
   "lee-dohm/close-matching-issues@22002609b2555fe18f52b8e2e7c07cbf5529e8a8",
-  "pascalgn/automerge-action@c9bd1823770819dc8fb8a5db2d11a3a95fbe9b07", //pascalgn/automerge@0.12.0
+  "lee-dohm/no-response@9bb0a4b5e6a45046f00353d5de7d90fb8bd773bb",
+  "pascalgn/automerge-action@c9bd1823770819dc8fb8a5db2d11a3a95fbe9b07", // v0.12.0
   "peter-evans/create-issue-from-file@a04ce672e3acedb1f8e416b46716ddfd09905326",
   "peter-evans/create-or-update-comment@5221bf4aa615e5c6e95bb142f9673a9c791be2cd",
   "peter-evans/create-pull-request@8c603dbb04b917a9fc2dd991dc54fef54b640b43",

.github/workflows/browser-test.yml

@@ -12,44 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/browser-test.yml","assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ubuntu-latest
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Setup Node
-        name: Setup Node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Install
-        name: Install
         uses: rachmari/puppeteer-container@6d56d6e132a3df76cf60bc290a4282f7fbaed05e
         timeout-minutes: 5
         with:
           args: npm ci
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Test
-        name: Test
         timeout-minutes: 10
         uses: rachmari/puppeteer-container@6d56d6e132a3df76cf60bc290a4282f7fbaed05e
         with:

.github/workflows/close-external-repo-sync-prs.yml

@@ -1,65 +0,0 @@
-name: Check for External Repo Sync PR
-
-# **What it does**: If someone made a repo sync pull request other than Octomerger, close it.
-# **Why we have it**: Another form of spam in the open-source repository.
-# **Who does it impact**: Open-source contributors.
-
-on:
-  pull_request:
-    types:
-      - opened
-      - reopened
-    branches:
-      - main
-
-jobs:
-  invalid-repo-sync-check:
-    name: Close external Repo Sync PRs
-    if: ${{ github.repository == 'github/docs' && github.head_ref == 'repo-sync' }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
-        with:
-          github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
-          script: |
-
-            const prCreator = context.payload.sender.login
-
-            // If the PR creator is the expected account, stop now
-            if (prCreator === 'Octomerger') {
-              return
-            }
-
-            try {
-              await github.teams.getMembershipForUserInOrg({
-                org: 'github',
-                team_slug: 'employees',
-                username: prCreator
-              })
-
-              // If the PR creator is a GitHub employee, stop now
-              return
-            } catch (err) {
-              // An error will be thrown if the user is not a GitHub employee.
-              // That said, we still want to proceed anyway!
-            }
-
-            const pr = context.payload.pull_request
-            const { owner, repo } = context.repo
-
-            // Close the PR and add the invalid label
-            await github.issues.update({
-              owner: owner,
-              repo: repo,
-              issue_number: pr.number,
-              labels: ['invalid'],
-              state: 'closed'
-            })
-
-            // Comment on the PR
-            await github.issues.createComment({
-              owner: owner,
-              repo: repo,
-              issue_number: pr.number,
-              body: "Please leave this `repo-sync` branch to the robots!\n\nI'm going to close this pull request now, but feel free to open a new issue or ask any questions in [discussions](https://github.com/github/docs/discussions)!"
-            })

.github/workflows/confirm-internal-staff-work-in-docs.yml

@@ -17,7 +17,7 @@ jobs:
   check-team-membership:
     runs-on: ubuntu-latest
     continue-on-error: true
-    if: github.repository == 'github/docs'
+    if: github.repository == 'github/docs' && github.actor != 'docs-bot'
     steps:
       - id: membership_check
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9

.github/workflows/link-check-dotcom.yml

@@ -12,53 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/link-check-dotcom.yml", "assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Setup node
-        name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Install
-        name: Install
         run: npm ci
 
-      ## TODO
+      - name: Build
-      # - if: ${{ github.repository == 'github/docs-internal' &&  needs.see_if_should_skip.outputs.should_skip != 'true' }}
-      #   name: Clone early access
-      #   run: npm run heroku-postbuild
-      #   env:
-      #     DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
-      #     GIT_BRANCH: ${{ github.head_ref || github.ref }}
-
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Build
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: 'Link check: Dotcom'
-        name: 'Link check: Dotcom'
         env:
           DOCS_VERSION: 'dotcom'
         run: npm run link-check

.github/workflows/link-check-ghae.yml

@@ -12,53 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/link-check-ghae.yml", "assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Setup node
-        name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Install
-        name: Install
         run: npm ci
 
-      ## TODO
+      - name: Build
-      # - if: ${{ github.repository == 'github/docs-internal' &&  needs.see_if_should_skip.outputs.should_skip != 'true' }}
-      #   name: Clone early access
-      #   run: npm run heroku-postbuild
-      #   env:
-      #     DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
-      #     GIT_BRANCH: ${{ github.head_ref || github.ref }}
-
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Build
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: 'Link check: GitHub AE'
-        name: 'Link check: GitHub AE'
         env:
           DOCS_VERSION: 'github-ae'
         run: npm run link-check

.github/workflows/link-check-ghes.yml

@@ -12,53 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/link-check-ghes.yml", "assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Setup node
-        name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Install
-        name: Install
         run: npm ci
 
-      ## TODO
+      - name: Build
-      # - if: ${{ github.repository == 'github/docs-internal' &&  needs.see_if_should_skip.outputs.should_skip != 'true' }}
-      #   name: Clone early access
-      #   run: npm run heroku-postbuild
-      #   env:
-      #     DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
-      #     GIT_BRANCH: ${{ github.head_ref || github.ref }}
-
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Build
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: 'Link check: Enterprise Server'
-        name: 'Link check: Enterprise Server'
         env:
           DOCS_VERSION: 'enterprise-server'
         run: npm run link-check

.github/workflows/move-reopened-issues-to-triage.yaml

@@ -0,0 +1,41 @@
+name: Move Reopened Issues to Triage
+
+# **What it does**: Moves issues that are reopened from the Done column to the Triage column.
+# **Why we have it**: To prevent having to do this manually.
+# **Who does it impact**: Open-source.
+
+on:
+  issues:
+    types:
+      - reopened
+
+jobs:
+  move-reopened-issue-to-triage:
+    if: github.repository == 'github/docs'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ github.token }}
+          script: |
+            const issueNumber = context.issue.number;
+            const doneColumnId = 11167427;
+            const triageColumnId = 11007039;
+
+            try {
+              const cards = await github.projects.listCards({
+                column_id: doneColumnId
+              });
+
+              for (const card of cards) {
+                if (card.content_url.endsWith(`/${issueNumber}`)) {
+                  await github.projects.moveCard({
+                    card_id: card.id,
+                    position: 'position',
+                    column_id: triageColumnId
+                  });
+                }
+              }
+            } catch(e) {
+              console.log(error);
+            }

.github/workflows/no-response.yaml

@@ -0,0 +1,30 @@
+name: No Response
+
+# **What it does**: Closes issues that don't have enough information to be
+#                   actionable.
+# **Why we have it**: To remove the need for maintainers to remember to check
+#                     back on issues periodically to see if contributors have
+#                     responded.
+# **Who does it impact**: Everyone that works on docs or docs-internal.
+
+on:
+  issue_comment:
+    types: created
+
+  schedule:
+    # Schedule for five minutes after the hour every hour
+    - cron: '5 * * * *'
+
+jobs:
+  noResponse:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: lee-dohm/no-response@9bb0a4b5e6a45046f00353d5de7d90fb8bd773bb
+        with:
+          token: ${{ github.token }}
+          closeComment: >
+            This issue has been automatically closed because there has been no response
+            to our request for more information from the original author. With only the
+            information that is currently in the issue, we don't have enough information
+            to take action. Please reach out if you have or find the answers we need so
+            that we can investigate further. See [this blog post on bug reports and the importance of repro steps](https://www.lee-dohm.com/2015/01/04/writing-good-bug-reports/) for more information about the kind of information that may be helpful.

.github/workflows/open-enterprise-issue.yml

@@ -1,5 +1,9 @@
 name: Open Enterprise release or deprecation issue
 
+# **What it does**: Checks if there is an Enterprise release or deprecation upcoming, and if so, opens an issue with the tasks to be completed.
+# **Why we have it**: GHES releases and deprecations run on a predictable schedule, so we can automate some of the project management aspects.
+# **Who does it impact**: Docs engineering, docs content.
+
 on:
   schedule:
     - cron: '49 14 * * *' # At 14:49 UTC daily

.github/workflows/repo-sync.yml

@@ -1,13 +1,18 @@
 # The docs.github.com project has two repositories: github/docs (public) and github/docs-internal (private)
 #
-# This GitHub Actions workflow keeps the main branch of those two repos in sync.
+# This GitHub Actions workflow keeps the `main` branch of those two repos in sync.
 #
 # For more details, see https://github.com/repo-sync/repo-sync#how-it-works
 
 name: Repo Sync
 
-# **What it does**: Syncs docs and docs-internal.
+# **What it does**:
-# **Why we have it**: To keep the open-source repository up-to-date, while still having an internal repository for sensitive work.
+#  - close-invalid-repo-sync: Close repo sync pull requests not created by Octomerger or a Hubber.
+#  - repo-sync: Syncs docs and docs-internal.
+# **Why we have it**:
+#  - close-invalid-repo-sync: Another form of spam prevention for the open-source repository.
+#  - repo-sync: To keep the open-source repository up-to-date, while still having an internal
+#    repository for sensitive work.
 # **Who does it impact**: Open-source.
 
 on:
@@ -16,7 +21,74 @@ on:
     - cron: '*/15 * * * *' # every 15 minutes
 
 jobs:
+  close-invalid-repo-sync:
+    name: Close invalid Repo Sync PRs
+    runs-on: ubuntu-latest
+    steps:
+      - name: Find pull request
+        if: ${{ github.repository == 'github/docs' }}
+        uses: juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51
+        id: find-pull-request
+        with:
+          github-token: ${{ secrets.DOCS_BOT_SPAM_VISION }}
+          branch: repo-sync
+          base: main
+          state: open
+
+      - name: Close pull request if unwanted
+        if: ${{ github.repository == 'github/docs' && steps.find-pull-request.outputs.number }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ secrets.DOCS_BOT_SPAM_VISION }}
+          script: |
+            const { owner, repo } = context.repo
+
+            const { data: pr } = await github.pulls.get({
+              owner,
+              repo,
+              pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
+            })
+
+            const prCreator = pr.user.login
+
+            // If the PR creator is the expected account, stop now
+            if (prCreator === 'Octomerger') {
+              return
+            }
+
+            try {
+              await github.teams.getMembershipForUserInOrg({
+                org: 'github',
+                team_slug: 'employees',
+                username: prCreator
+              })
+
+              // If the PR creator is a GitHub employee, stop now
+              return
+            } catch (err) {
+              // An error will be thrown if the user is not a GitHub employee.
+              // That said, we still want to proceed anyway!
+            }
+
+            // Close the PR and add the invalid label
+            await github.issues.update({
+              owner,
+              repo,
+              issue_number: pr.number,
+              labels: ['invalid'],
+              state: 'closed'
+            })
+
+            // Comment on the PR
+            await github.issues.createComment({
+              owner,
+              repo,
+              issue_number: pr.number,
+              body: "Please leave this `repo-sync` branch to the robots!\n\nI'm going to close this pull request now, but feel free to open a new issue or ask any questions in [discussions](https://github.com/github/docs/discussions)!"
+            })
+
   repo-sync:
+    needs: close-invalid-repo-sync
     if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
     name: Repo Sync
     runs-on: ubuntu-latest
@@ -44,17 +116,18 @@ jobs:
           destination_branch: main
           pr_title: 'repo sync'
           pr_body: "This is an automated pull request to sync changes between the public and private repos.\n\n:robot: This pull request should be merged (not squashed) to preserve continuity across repos, so please let a bot do the merging!"
-          pr_label: automerge,autoupdate,automated-reposync-pr
+          pr_label: autoupdate,automated-reposync-pr
           github_token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
 
       - name: Find pull request
-        uses: juliangruber/find-pull-request-action@2fc55e82a6d5d36fe1e7f1848f7e64fd02d99de9
+        uses: juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51
         id: find-pull-request
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch: repo-sync
           base: main
           author: Octomerger
+          state: open
 
       - name: Approve pull request
         if: ${{ steps.find-pull-request.outputs.number }}
@@ -68,7 +141,7 @@ jobs:
         if: ${{ steps.find-pull-request.outputs.number }}
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          github-token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
           script: |
             const mainHeadSha = await github.git.getRef({
               ...context.repo,
@@ -92,6 +165,41 @@ jobs:
               console.log(`Branch is already up-to-date`)
             }
 
+      - name: Enable GitHub auto-merge
+        if: ${{ steps.find-pull-request.outputs.number }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
+          script: |
+            const pull = await github.pulls.get({
+              ...context.repo,
+              pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
+            })
+
+            const pullNodeId = pull.data.node_id
+            console.log(`Pull request GraphQL Node ID: ${pullNodeId}`)
+
+            const mutation = `mutation ($id: ID!) {
+              enablePullRequestAutoMerge(input: {
+                pullRequestId: $id,
+                mergeMethod: MERGE
+              }) {
+                clientMutationId
+              }
+            }`
+            const variables = {
+              id: pullNodeId
+            }
+
+            const graph = await github.graphql(mutation, variables)
+            console.log('GraphQL mutation result:\n' + JSON.stringify(graph))
+
+            if (graph.errors && graph.errors.length > 0) {
+              console.error('ERROR! Failed to enable auto-merge:\n - ' + graph.errors.map(error => error.message).join('\n - '))
+            } else {
+              console.log('Auto-merge enabled!')
+            }
+
       - name: Send Slack notification if workflow fails
         uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
         if: failure()

.github/workflows/send-crowdin-prs-to-boards.yml

@@ -1,5 +1,9 @@
 name: Send Crowdin PRs to boards
 
+# **What it does**: Sends PRs opened on the crowdin branch to the ready for work column in this board: https://github.com/orgs/github/projects/1269#column-13447153
+# **Why we have it**: To make sure the first responder sees crowdin translations that need to be merged as they review the Task board.
+# **Who does it impact**: Docs localization and Docs Engineering
+
 on:
   pull_request:
     types:
@@ -14,7 +18,7 @@ jobs:
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
           script: |
-            var squadBoardColumnId = 13447153; // Add to the team backlog/squad board
+            var squadBoardColumnId = 13447153; // Add to the team task board
 
             try {
               await github.projects.createCard({
@@ -25,14 +29,3 @@ jobs:
             } catch (error) {
               console.log(error);
             }
-
-            var prBoardColumnId = 10095775; // Add to the pull requests board
-            try {
-              await github.projects.createCard({
-                column_id: prBoardColumnId,
-                content_id: context.payload.pull_request.id,
-                content_type: "PullRequest"
-              });
-            } catch (error) {
-              console.log(error);
-            }

.github/workflows/send-issues-to-how-how-we-work-boards.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
-      - if: contains(github.event.issue.labels.*.name, 'engineering') && !contains(github.event.issue.labels.*.name, 'feature') && !contains(github.event.issue.labels.*.name, 'epic')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.issue.labels.*.name, 'engineering') && !contains(github.event.issue.labels.*.name, 'feature') && !contains(github.event.issue.labels.*.name, 'epic')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
@@ -31,7 +31,7 @@ jobs:
             } catch (error) {
               console.log(error);
             }
-      - if: contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'feature')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'feature')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
@@ -46,7 +46,7 @@ jobs:
             } catch (error) {
               console.log(error);
             }
-      - if: contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'epic')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'epic')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}

.github/workflows/send-prs-to-how-how-we-work-boards.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
-      - if: (github.repository == 'github/docs-internal' || github.repository == 'github/docs') && contains(github.event.pull_request.labels.*.name, 'feature')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.pull_request.labels.*.name, 'feature')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
@@ -35,11 +35,15 @@ jobs:
 
             var column_id = 13445681;
             try {
-              github.projects.createCard({
+              await github.projects.createCard({
                 column_id: column_id,
                 content_id: context.payload.pull_request.id,
                 content_type: "PullRequest"
               });
             } catch (error) {
+              if (error.includes('Project already has the associated issue')) {
+                return
+              } else {
                 console.log(error);
               }
+            }

.github/workflows/sync-single-english-algolia-index.yml

@@ -47,4 +47,6 @@ jobs:
           ALGOLIA_APPLICATION_ID: ${{ secrets.ALGOLIA_APPLICATION_ID }}
           ALGOLIA_API_KEY: ${{ secrets.ALGOLIA_API_KEY }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: npm run sync-search
+        run: |
+          npm run build
+          npm run sync-search

.github/workflows/test.yml

@@ -17,22 +17,7 @@ env:
   CI: true
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/test.yml", ".node-version", ".npmrc", "app.json", "content/**", "data/**","lib/**", "Dockerfile", "feature-flags.json", "Gemfile", "Gemfile.lock", "middleware/**", "node_modules/**","package.json", "package-lock.json", "server.js", "tests/**", "translations/**", "Procfile", "webpack.config.js"]'
-
   test:
-    needs: see_if_should_skip
     # Run on self-hosted if the private repo or ubuntu-latest if the public repo
     # See pull # 17442 in the private repo for context
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
@@ -44,27 +29,23 @@ jobs:
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Check out repo
-        name: Check out repo
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
         with:
           # Enables cloning the Early Access repo later with the relevant PAT
           persist-credentials: 'false'
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Setup node
-        name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Get npm cache directory
-        name: Get npm cache directory
         id: npm-cache
         run: |
           echo "::set-output name=dir::$(npm config get cache)"
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Cache node modules
-        name: Cache node modules
         uses: actions/cache@0781355a23dac32fd3bac414512f4b903437991a
         with:
           path: ${{ steps.npm-cache.outputs.dir }}
@@ -72,23 +53,21 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-node-
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Install dependencies
-        name: Install dependencies
         run: npm ci
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' && github.repository == 'github/docs-internal' }}
+      - if: ${{ github.repository == 'github/docs-internal' }}
         name: Clone early access
         run: npm run heroku-postbuild
         env:
           DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
           GIT_BRANCH: ${{ github.head_ref || github.ref }}
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' && github.repository != 'github/docs-internal' }}
+      - if: ${{ github.repository != 'github/docs-internal' }}
         name: Run build script
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
+      - name: Run tests
-        name: Run tests
         run: npx jest tests/${{ matrix.test-group }}/
         env:
           NODE_OPTIONS: '--max_old_space_size=4096'

.github/workflows/translations.yml

@@ -21,13 +21,14 @@ jobs:
           echo 'The repo is currently frozen! Exiting this workflow.'
           exit 1 # prevents further steps from running
       - name: Find original Pull Request
-        uses: juliangruber/find-pull-request-action@2fc55e82a6d5d36fe1e7f1848f7e64fd02d99de9
+        uses: juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51
         id: pr
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch: translations
           base: main
           author: octoglot
+          state: open
       - if: ${{ steps.pr.outputs.number }}
         name: Check if already labeled
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9

.pa11yci

@@ -59,7 +59,7 @@
     "http://localhost:4001/en/packages",
     "http://localhost:4001/en/actions/configuring-and-managing-workflows/configuring-a-workflow",
     "http://localhost:4001/en/github/authenticating-to-github/managing-commit-signature-verification",
-    "http://localhost:4001/en/github/setting-up-and-managing-organizations-and-teams/about-oauth-app-access-restrictions",
+    "http://localhost:4001/en/organizations/restricting-access-to-your-organizations-data/about-oauth-app-access-restrictions",
     "http://localhost:4001/en/github/managing-files-in-a-repository/adding-a-file-to-a-repository-using-the-command-line",
     "http://localhost:4001/en/github/getting-started-with-github/access-permissions-on-github",
     "http://localhost:4001/en/github/getting-started-with-github/githubs-products",

CONTRIBUTING.md

@@ -9,7 +9,7 @@ Before you begin:
 
 ### Use the 'make a contribution' button
 
-![](./assets/images/make-contribution.gif)
+<img src="./assets/images/contribution_cta.png" width="400">
 
 Navigating a new codebase can be challenging, so we're making that a little easier. As you're using docs.github.com, you may come across an article that you want to make an update to. You can click on the **make a contribution** button right on that article, which will take you to the file in this repo where you'll make your changes.
 

Dockerfile.openapi_decorator

@@ -0,0 +1,19 @@
+FROM node:14-alpine
+
+RUN apk add --no-cache git python make g++
+
+WORKDIR /openapi-check
+
+RUN chown node:node /openapi-check -R
+
+USER node
+
+COPY --chown=node:node package.json /openapi-check
+COPY --chown=node:node package-lock.json /openapi-check
+ADD --chown=node:node script /openapi-check/script
+ADD --chown=node:node lib /openapi-check/lib
+ADD --chown=node:node content /openapi-check/content
+
+RUN npm ci -D
+
+ENTRYPOINT ["node", "/openapi-check/script/rest/openapi-check.js"]

Procfile

@@ -1,3 +1,3 @@
 web: NODE_ENV=production node server.js
 
-release: NODE_ENV=production node script/purge-redis-pages.js
+release: NODE_ENV=production script/release-heroku

app.json

@@ -12,7 +12,7 @@
   "formation": {
     "web": {
       "quantity": 1,
-      "size": "standard-1x"
+      "size": "standard-2x"
     }
   }
 }

content/README.md

@@ -184,8 +184,10 @@ featuredLinks:
 
 ### `changelog`
 
-- Purpose: Render a list of changelog items with timestamps on product pages (ex: `layouts/product-landing.html`)
+- Purpose: Render a list of items pulled from [GitHub Changelog](https://github.blog/changelog/) on product landing pages (ex: `layouts/product-landing.html`). The one exception is Education, which pulls from https://github.blog/category/community/education.
-- Type: `Array`, items are objects `{ href: string, title: string, date: 'YYYY-MM-DD' }`
+- Type: `Object`, properties:
+  - `label` -- must be present and corresponds to the labels used in the [GitHub Changelog](https://github.blog/changelog/)
+  - `prefix` -- optional string that starts each changelog title that should be omitted in the docs feed. For example, with the prefix `GitHub Actions: ` specified, changelog titles like `GitHub Actions: Some Title Here` will render as `Some Title Here` in the docs feed).
 - Optional.
 
 ### `defaultPlatform`

content/actions/creating-actions/metadata-syntax-for-github-actions.md

@@ -58,7 +58,7 @@ inputs:
 
 When you specify an input to an action in a workflow file or use a default input value, {% data variables.product.prodname_dotcom %} creates an environment variable for the input with the name `INPUT_<VARIABLE_NAME>`. The environment variable created converts input names to uppercase letters and replaces spaces with `_` characters.
 
-For example, if a workflow defined the numOctocats and octocatEyeColor inputs, the action code could read the values of the inputs using the `INPUT_NUMOCTOCATS` and `INPUT_OCTOCATEYECOLOR` environment variables.
+For example, if a workflow defined the `numOctocats` and `octocatEyeColor` inputs, the action code could read the values of the inputs using the `INPUT_NUMOCTOCATS` and `INPUT_OCTOCATEYECOLOR` environment variables.
 
 #### `inputs.<input_id>`
 
@@ -76,6 +76,10 @@ For example, if a workflow defined the numOctocats and octocatEyeColor inputs, t
 
 **Optional** A `string` representing the default value. The default value is used when an input parameter isn't specified in a workflow file.
 
+#### `inputs.<input_id>.deprecationMessage`
+
+**Optional** If the input parameter is used, this `string` is logged as a warning message. You can use this warning to notify users that the input is deprecated and mention any alternatives.
+
 ### `outputs`
 
 **Optional** Output parameters allow you to declare data that an action sets. Actions that run later in a workflow can use the output data set in previously run actions.  For example, if you had an action that performed the addition of two inputs (x + y = z), the action could output the sum (z) for other actions to use as an input.

content/actions/guides/building-and-testing-net.md

@@ -44,7 +44,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        dotnet-version: [ '2.2.103', '3.0', '3.1.x' ]
+        dotnet-version: ['3.0', '3.1.x', '5.0.x' ]
 
     steps:
     - uses: actions/checkout@v2
@@ -81,7 +81,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        dotnet: [ '2.2.103', '3.0', '3.1.x' ]
+        dotnet: [ '3.0', '3.1.x', '5.0.x' ]
 
     steps:
     - uses: actions/checkout@v2
@@ -201,7 +201,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        dotnet-version: [ '2.2.103', '3.0', '3.1.x' ]
+        dotnet-version: [ '3.0', '3.1.x', '5.0.x' ]
 
       steps:
       - uses: actions/checkout@v2

content/actions/guides/building-and-testing-nodejs.md

@@ -37,7 +37,7 @@ We recommend that you have a basic understanding of Node.js, YAML, workflow conf
 
 {% data variables.product.prodname_dotcom %} provides a Node.js workflow template that will work for most Node.js projects. This guide includes npm and Yarn examples that you can use to customize the template. For more information, see the [Node.js workflow template](https://github.com/actions/starter-workflows/blob/main/ci/node.js.yml).
 
-To get started quickly, add the template to the `.github/workflows` directory of your repository.
+To get started quickly, add the template to the `.github/workflows` directory of your repository. The workflow shown below assumes that the default branch for your repository is `main`.
 
 {% raw %}
 ```yaml{:copy}
@@ -45,9 +45,9 @@ name: Node.js CI
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   build:

content/actions/guides/building-and-testing-ruby.md

@@ -31,7 +31,7 @@ We recommend that you have a basic understanding of Ruby, YAML, workflow configu
 
 {% data variables.product.prodname_dotcom %} provides a Ruby workflow template that will work for most Ruby projects. For more information, see the [Ruby workflow template](https://github.com/actions/starter-workflows/blob/master/ci/ruby.yml).
 
-To get started quickly, add the template to the `.github/workflows` directory of your repository.
+To get started quickly, add the template to the `.github/workflows` directory of your repository. The workflow shown below assumes that the default branch for your repository is `main`.
 
 {% raw %}
 ```yaml
@@ -39,9 +39,9 @@ name: Ruby
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   test:
@@ -105,9 +105,9 @@ name: Ruby CI
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   test:
@@ -211,9 +211,9 @@ name: Matrix Testing
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   test:
@@ -272,11 +272,11 @@ name: Ruby Gem
 on:
   # Manually publish
   workflow_dispatch:
-  # Alternatively, publish whenever changes are merged to the default branch.
+  # Alternatively, publish whenever changes are merged to the `main` branch.
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   build:

content/actions/hosting-your-own-runners/about-self-hosted-runners.md

@@ -123,7 +123,7 @@ The self-hosted runner polls {% data variables.product.product_name %} to retrie
 You must ensure that the self-hosted runner has appropriate network access to communicate with the {% data variables.product.prodname_ghe_managed %} URL.
 For example, if your instance name is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.github.com`.
 
-If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)."
+If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)."
 {% endif %}
 
 {% if currentVersion == "free-pro-team@latest" %}
@@ -143,7 +143,7 @@ pkg-containers.githubusercontent.com
 pkg-containers-az.githubusercontent.com
 ```
 
-If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)" or "[Enforcing security settings in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account#using-github-actions-with-an-ip-allow-list)".
+If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)" or "[Enforcing security settings in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account#using-github-actions-with-an-ip-allow-list)".
 
 {% else %}
 

content/actions/index.md

@@ -22,18 +22,9 @@ featuredLinks:
     - /actions/reference/environment-variables
     - /actions/reference/encrypted-secrets
 changelog:
-  - title: Environments, environment protection rules and environment secrets (beta)
+  label: 'actions'
-    date: '2020-12-15'
+  prefix: 'GitHub Actions: '
-    href: https://github.blog/changelog/2020-12-15-github-actions-environments-environment-protection-rules-and-environment-secrets-beta/
-  - title: Workflow visualization
-    date: '2020-12-08'
-    href: https://github.blog/changelog/2020-12-08-github-actions-workflow-visualization/
-  - title: Removing set-env and add-path commands on November 16
-    date: '2020-11-09'
-    href: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
-
 product_video: https://www.youtube-nocookie.com/embed/cP0I9w2coGU
-
 redirect_from:
   - /articles/automating-your-workflow-with-github-actions/
   - /articles/customizing-your-project-with-github-actions/
@@ -73,7 +64,7 @@ versions:
 
   <button class="js-filter-card-show-more btn btn-outline float-right" data-js-filter-card-max="6">Show more {% octicon "arrow-right" %}</button>
 
-  <div class="js-filter-card-no-results d-none py-4 text-center text-gray font-mktg">
+  <div class="js-filter-card-no-results d-none py-4 text-center color-text-secondary font-mktg">
     <div class="mb-3">{% octicon "search" width="24" %}</div>
     <h3 class="text-normal">Sorry, there is no result for <strong class="js-filter-card-value"></strong></h3>
     <p class="my-3 f4">It looks like we don't have an example that fits your filter.<br>Try another filter or add your code example</p>

content/actions/learn-github-actions/security-hardening-for-github-actions.md

@@ -121,7 +121,7 @@ For example, you can use the audit log to track the `org.update_actions_secret`
   ![Audit log entries](/assets/images/help/repository/audit-log-entries.png)
 
 The following tables describe the {% data variables.product.prodname_actions %} events that you can find in the audit log. For more information on using the audit log, see
-"[Reviewing the audit log for your organization](/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#searching-the-audit-log)."
+"[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#searching-the-audit-log)."
 
 {% if currentVersion == "free-pro-team@latest" %}
 #### Events for environments
@@ -157,7 +157,7 @@ The following tables describe the {% data variables.product.prodname_actions %}
 | `enterprise.register_self_hosted_runner` | Triggered when a new self-hosted runner is registered. For more information, see "[Adding a self-hosted runner to an enterprise](/actions/hosting-your-own-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-enterprise)."
 | `enterprise.remove_self_hosted_runner` | Triggered when a self-hosted runner is removed.
 | `enterprise.runner_group_runners_updated` | Triggered when a runner group's list of members is updated. For more information, see "[Set self-hosted runners in a group for an organization](/rest/reference/actions#set-self-hosted-runners-in-a-group-for-an-organization)."
-| `enterprise.self_hosted_runner_updated` | Triggered when the runner application is updated. Can be viewed using the REST API and the UI. This event is not included when you export the audit log as JSON data or a CSV file. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#about-self-hosted-runners)" and "[Reviewing the audit log for your organization](/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)."{% endif %}
+| `enterprise.self_hosted_runner_updated` | Triggered when the runner application is updated. Can be viewed using the REST API and the UI. This event is not included when you export the audit log as JSON data or a CSV file. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#about-self-hosted-runners)" and "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)."{% endif %}
 | `org.register_self_hosted_runner` | Triggered when a new self-hosted runner is registered. For more information, see "[Adding a self-hosted runner to an organization](/actions/hosting-your-own-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization)."
 | `org.remove_self_hosted_runner` | Triggered when a self-hosted runner is removed. For more information, see [Removing a runner from an organization](/actions/hosting-your-own-runners/removing-self-hosted-runners#removing-a-runner-from-an-organization).
 | `org.runner_group_runners_updated` | Triggered when a runner group's list of members is updated. For more information, see "[Set self-hosted runners in a group for an organization](/rest/reference/actions#set-self-hosted-runners-in-a-group-for-an-organization)."

content/actions/learn-github-actions/sharing-workflows-with-your-organization.md

@@ -21,13 +21,13 @@ If you need to share workflows and other {% data variables.product.prodname_acti
 
 ### Creating a workflow template
 
-Workflow templates can be created by users with write access to the organization's `.github` repository. The templates can then be used by organization members who have permission to create workflows. Workflow templates can be used to create new workflows in an organizations' public repositories; to use templates to create workflows in private repositories, the organization must be part of an enterprise or GitHub One plan.
+Workflow templates can be created by users with write access to the organization's `.github` repository. The templates can then be used by organization members who have permission to create workflows. Workflow templates can be used to create new workflows in an organizations' public repositories; to use templates to create workflows in private repositories, the organization must be part of an enterprise plan.
 
 This procedure demonstrates how to create a workflow template and metadata file. The metadata file describes how the template is presented to users when they are creating a new workflow.
 
 1. If it doesn't already exist, create a new public repository named `.github` in your organization.
-1. Create a directory named `workflow-templates`.
+2. Create a directory named `workflow-templates`.
-1. Create your new workflow file inside the `workflow-templates` directory.
+3. Create your new workflow file inside the `workflow-templates` directory.
 
    If you need to refer to a repository's default branch, you can use the `$default-branch` placeholder. When a workflow is created using your template, the placeholder will be automatically replaced with the name of the repository's default branch.
 
@@ -52,7 +52,7 @@ This procedure demonstrates how to create a workflow template and metadata file.
          - name: Run a one-line script
            run: echo Hello from Octo Organization
    ```
-1. Create a metadata file inside the `workflow-templates` directory. The metadata file must have the same name as the workflow file, but instead of the `.yml` extension, it must be appended with `.properties.json`. For example, this file named `octo-organization-ci.properties.json` contains the metadata for a workflow file named `octo-organization-ci.yml`:
+4. Create a metadata file inside the `workflow-templates` directory. The metadata file must have the same name as the workflow file, but instead of the `.yml` extension, it must be appended with `.properties.json`. For example, this file named `octo-organization-ci.properties.json` contains the metadata for a workflow file named `octo-organization-ci.yml`:
    ```yaml
    {
        "name": "Octo Organization Workflow",

content/actions/managing-workflow-runs/removing-workflow-artifacts.md

@@ -28,7 +28,7 @@ versions:
 {% data reusables.repositories.actions-tab %}
 {% data reusables.repositories.navigate-to-workflow %}
 {% data reusables.repositories.view-run %}
-1. Under **Artifacts**, click {% octicon "trashcan" aria-label="The trashcan icon" %} next to the artifact you want to remove.
+1. Under **Artifacts**, click {% octicon "trash" aria-label="The trash icon" %} next to the artifact you want to remove.
     {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" or currentVersion == "github-ae@latest" %}
     ![Delete artifact drop-down menu](/assets/images/help/repository/actions-delete-artifact-updated.png)
     {% else %}

content/actions/quickstart.md

@@ -1,6 +1,6 @@
 ---
 title: Quickstart for GitHub Actions
-intro: 'Add a {% data variables.product.prodname_actions %} workflow to an existing repository in 5 minutes or less.'
+intro: 'Try out the features of {% data variables.product.prodname_actions %} in 5 minutes or less.'
 allowTitleToDifferFromFilename: true
 redirect_from:
   - /actions/getting-started-with-github-actions/starting-with-preconfigured-workflow-templates
@@ -19,60 +19,60 @@ topics:
 
 ### Introduction
 
-You only need an existing {% data variables.product.prodname_dotcom %} repository to create and run a {% data variables.product.prodname_actions %} workflow. In this guide, you'll add a workflow that lints multiple coding languages using the [{% data variables.product.prodname_dotcom %} Super-Linter action](https://github.com/github/super-linter). The workflow uses Super-Linter to validate your source code every time a new commit is pushed to your repository.
+You only need a {% data variables.product.prodname_dotcom %} repository to create and run a {% data variables.product.prodname_actions %} workflow. In this guide, you'll add a workflow that demonstrates some of the essential features of {% data variables.product.prodname_actions %}. 
+
+The following example shows you how {% data variables.product.prodname_actions %} jobs can be automatically triggered, where they run, and how they can interact with the code in your repository.
 
 ### Creating your first workflow
 
-1. From your repository on {% data variables.product.prodname_dotcom %}, create a new file in the `.github/workflows` directory named `superlinter.yml`. For more information, see "[Creating new files](/github/managing-files-in-a-repository/creating-new-files)."
+1. From your repository on {% data variables.product.prodname_dotcom %}, create a new file in the `.github/workflows` directory named `github-actions-demo.yml`. For more information, see "[Creating new files](/github/managing-files-in-a-repository/creating-new-files)."
-2. Copy the following YAML contents into the `superlinter.yml` file. **Note:** If your default branch is not `main`, update the value of `DEFAULT_BRANCH` to match your repository's default branch name.
+2. Copy the following YAML contents into the `github-actions-demo.yml` file:
     {% raw %}
     ```yaml{:copy}
-    name: Super-Linter
+    name: GitHub Actions Demo
-
+    on: [push]
-    # Run this workflow every time a new commit pushed to your repository
-    on: push
-
     jobs:
-      # Set the job key. The key is displayed as the job name
+      Explore-GitHub-Actions:
-      # when a job name is not provided
-      super-lint:
-        # Name the Job
-        name: Lint code base
-        # Set the type of machine to run on
         runs-on: ubuntu-latest
-
         steps:
-          # Checks out a copy of your repository on the ubuntu-latest machine
+          - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
-          - name: Checkout code
+          - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
+          - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
+          - name: Check out repository code
             uses: actions/checkout@v2
+          - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
+          - run: echo "🖥️ The workflow is now ready to test your code on the runner."
+          - name: List files in the repository
+            run: |
+              ls ${{ github.workspace }}
+          - run: echo "🍏 This job's status is ${{ job.status }}."
 
-          # Runs the Super-Linter action
-          - name: Run Super-Linter
-            uses: github/super-linter@v3
-            env:
-              DEFAULT_BRANCH: main
-              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     ```
     {% endraw %}
-3. To run your workflow, scroll to the bottom of the page and select **Create a new branch for this commit and start a pull request**. Then, to create a pull request, click **Propose new file**.
+3. Scroll to the bottom of the page and select **Create a new branch for this commit and start a pull request**. Then, to create a pull request, click **Propose new file**.
-    ![Commit workflow file](/assets/images/commit-workflow-file.png)
+    ![Commit workflow file](/assets/images/help/repository/actions-quickstart-commit-new-file.png)
 
-Committing the workflow file in your repository triggers the `push` event and runs your workflow.
+Committing the workflow file to a branch in your repository triggers the `push` event and runs your workflow.
 
 ### Viewing your workflow results
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.actions-tab %}
-{% data reusables.repositories.navigate-to-workflow-superlinter %}
+1. In the left sidebar, click the workflow you want to see.
-{% data reusables.repositories.view-run-superlinter %}
+
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" or currentVersion == "github-ae@latest" %}
+   ![Workflow list in left sidebar](/assets/images/help/repository/actions-quickstart-workflow-sidebar.png)
-1. Under **Jobs** or in the visualization graph, click the **Lint code base** job.
+1. From the list of workflow runs, click the name of the run you want to see.
-   ![Lint code base job](/assets/images/help/repository/superlinter-lint-code-base-job-updated.png)
+
-{% else %}
+   ![Name of workflow run](/assets/images/help/repository/actions-quickstart-run-name.png)
-1. In the left sidebar, click the **Lint code base** job.
+1. Under **Jobs** , click the **Explore-GitHub-Actions** job.
-   ![Lint code base job](/assets/images/help/repository/superlinter-lint-code-base-job.png)
+
-{% endif %}
+   ![Locate job](/assets/images/help/repository/actions-quickstart-job.png)
-{% data reusables.repositories.view-failed-job-results-superlinter %}
+1. The log shows you how each of the steps was processed. Expand any of the steps to view its details.
+
+   ![Example workflow results](/assets/images/help/repository/actions-quickstart-logs.png)
+   
+   For example, you can see the list of files in your repository:
+   ![Example action detail](/assets/images/help/repository/actions-quickstart-log-detail.png)
    
 ### More workflow templates
 
@@ -80,74 +80,12 @@ Committing the workflow file in your repository triggers the `push` event and ru
 
 ### Next steps
 
-The super-linter workflow you just added runs each time code is pushed to your repository to help you spot errors and inconsistencies in your code. But this is only the beginning of what you can do with {% data variables.product.prodname_actions %}. Your repository can contain multiple workflows that trigger different jobs based on different events. {% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}:
+The example workflow you just added runs each time code is pushed to the branch, and shows you how {% data variables.product.prodname_actions %} can work with the contents of your repository. But this is only the beginning of what you can do with {% data variables.product.prodname_actions %}:
 
-- "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)" for an in-depth tutorial
+- Your repository can contain multiple workflows that trigger different jobs based on different events. 
-- "[Guides](/actions/guides)" for specific uses cases and examples
+- You can use a workflow to install software testing apps and have them automatically test your code on {% data variables.product.prodname_dotcom %}'s runners. 
-- [github/super-linter](https://github.com/github/super-linter) for more details about configuring the Super-Linter action
 
-<div id="quickstart-treatment" hidden>
+{% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}:
 
-### Introduction
+- "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)" for an in-depth tutorial.
-
+- "[Guides](/actions/guides)" for specific uses cases and examples.
-Printing "Hello, World!" is a great way to explore the basic set up and syntax of a new programming language. In this guide, you'll use GitHub Actions to print "Hello, World!" within your {% data variables.product.prodname_dotcom %} repository's workflow logs. All you need to get started is a {% data variables.product.prodname_dotcom %} repository where you feel comfortable creating and running a sample {% data variables.product.prodname_actions %} workflow. Feel free to create a new repository for this Quickstart to test this and future {% data variables.product.prodname_actions %} workflows.
-
-### Creating your first workflow
-
-1. From your repository on {% data variables.product.prodname_dotcom %}, create a new file in the `.github/workflows` directory named `hello-world.yml`. For more information, see "[Creating new files](/github/managing-files-in-a-repository/creating-new-files)."
-2. Copy the following YAML contents into the `hello-world.yml` file.
-    {% raw %}
-    ```yaml{:copy}
-    name: Say hello!
-
-    # GitHub Actions Workflows are automatically triggered by GitHub events
-    on:
-      # For this workflow, we're using the workflow_dispatch event which is triggered when the user clicks Run workflow in the GitHub Actions UI
-      workflow_dispatch:
-        # The workflow_dispatch event accepts optional inputs so you can customize the behavior of the workflow
-        inputs:
-          name:
-            description: 'Person to greet'
-            required: true
-            default: 'World'
-    # When the event is triggered, GitHub Actions will run the jobs indicated
-    jobs:
-      say_hello:
-        # Uses a ubuntu-latest runner to complete the requested steps
-        runs-on: ubuntu-latest
-        steps:
-        - run: |
-            echo "Hello ${{ github.event.inputs.name }}!"
-    ```
-    {% endraw %}
-3. Scroll to the bottom of the page and select **Create a new branch for this commit and start a pull request**. Then, to create a pull request, click **Propose new file**.
-    ![Commit workflow file](/assets/images/help/repository/commit-hello-world-file.png)
-4. Once the pull request has been merged, you'll be ready to move on to "Trigger your workflow".
-
-### Trigger your workflow
-
-{% data reusables.repositories.navigate-to-repo %}
-{% data reusables.repositories.actions-tab %}
-1. In the left sidebar, click the workflow you want to run.
-   ![Select say hello job](/assets/images/help/repository/say-hello-job.png)
-1. On the right, click the **Run workflow** drop-down and click **Run workflow**. Optionally, you can enter a custom message into the "Person to greet" input before running the workflow.
-   ![Trigger the manual workflow](/assets/images/help/repository/manual-workflow-trigger.png)
-1. The workflow run will appear at the top of the list of "Say hello!" workflow runs. Click "Say hello!" to see the result of the workflow run.
-   ![Workflow run result listing](/assets/images/help/repository/workflow-run-listing.png)
-1. In the left sidebar, click the "say_hello" job.
-   ![Workflow job listing](/assets/images/help/repository/workflow-job-listing.png)
-1. In the workflow logs, expand the 'Run echo "Hello World!"' section.
-   ![Workflow detail](/assets/images/help/repository/workflow-log-listing.png)
-
-### More workflow templates
-
-{% data reusables.actions.workflow-template-overview %}
-
-### Next steps
-
-The hello-world workflow you just added is a minimal example of a manually triggered workflow. This is only the beginning of what you can do with {% data variables.product.prodname_actions %}. Your repository can contain multiple workflows that trigger different jobs based on different events. {% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}:
-
-- "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)" for an in-depth tutorial
-- "[Guides](/actions/guides)" for specific uses cases and examples
-
-</div>

content/actions/reference/environments.md

@@ -80,7 +80,7 @@ Deleting an environment will delete all secrets and protection rules associated
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.github-actions.sidebar-environment %}
-1. Next the the environment that you want to delete, click {% octicon "trashcan" aria-label="The trashcan icon" %}.
+1. Next the the environment that you want to delete, click {% octicon "trash" aria-label="The trash icon" %}.
 2. Click **I understand, delete this environment**.
 
 {% if currentVersion == "free-pro-team@latest" or currentVersion == "github-ae@next" or currentVersion ver_gt "enterprise-server@3.1" %}You can also delete environments through the REST API. For more information, see "[Environments](/rest/reference/repos#environments)."{% endif %}

content/actions/reference/usage-limits-billing-and-administration.md

@@ -67,7 +67,7 @@ You can configure the artifact and log retention period for your repository, org
 For more information, see:
 
 - [Configuring the retention period for {% data variables.product.prodname_actions %} for artifacts and logs in your repository](/github/administering-a-repository/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository)
-- [Configuring the retention period for {% data variables.product.prodname_actions %} for artifacts and logs in your organization](/github/setting-up-and-managing-organizations-and-teams/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization)
+- [Configuring the retention period for {% data variables.product.prodname_actions %} for artifacts and logs in your organization](/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization)
 - [Configuring the retention period for {% data variables.product.prodname_actions %} for artifacts and logs in your enterprise](/github/setting-up-and-managing-your-enterprise/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-enterprise-account)
 {% endif %}
 
@@ -77,7 +77,7 @@ For more information, see:
 
 For more information, see:
 - "[Disabling or limiting {% data variables.product.prodname_actions %} for a repository](/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository)"
-- "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-or-limiting-github-actions-for-your-organization)"{% if currentVersion == "free-pro-team@latest" %}
+- "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization)"{% if currentVersion == "free-pro-team@latest" %}
 - "[Enforcing {% data variables.product.prodname_actions %} policies in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-github-actions-policies-in-your-enterprise-account)" for {% data variables.product.prodname_ghe_cloud %}{% endif %}
 
 {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}

content/admin/authentication/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md

@@ -21,7 +21,7 @@ After you enable SAML SSO and SCIM for {% data variables.product.prodname_ghe_ma
 * Assign the {% data variables.product.prodname_ghe_managed %} application to an IdP group on Azure AD to automatically create and grant access to user accounts on {% data variables.product.product_name %} for all members of the IdP group. In addition, the IdP group is available on {% data variables.product.prodname_ghe_managed %} for connection to a team and its parent organization.
 * Unassign the {% data variables.product.prodname_ghe_managed %} application from an IdP group to deactivate the {% data variables.product.product_name %} user accounts of all IdP users who had access only through that IdP group and remove the users from the parent organization. The IdP group will be disconnected from any teams on {% data variables.product.product_name %}.
 
-For more information about managing identity and access for your enterprise on {% data variables.product.product_location %}, see "[Managing identity and access for your enterprise](/admin/authentication/managing-identity-and-access-for-your-enterprise)." For more information about synchronizing teams with IdP groups, see "[Synchronizing a team with an identity provider group](/github/setting-up-and-managing-organizations-and-teams/synchronizing-a-team-with-an-identity-provider-group)."
+For more information about managing identity and access for your enterprise on {% data variables.product.product_location %}, see "[Managing identity and access for your enterprise](/admin/authentication/managing-identity-and-access-for-your-enterprise)." For more information about synchronizing teams with IdP groups, see "[Synchronizing a team with an identity provider group](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group)."
 
 ### Prerequisites
 

content/admin/authentication/configuring-user-provisioning-for-your-enterprise.md

@@ -28,7 +28,7 @@ The provisioning application on your IdP communicates with {% data variables.pro
 
 {% data reusables.scim.supported-idps %}
 
-When you set up user provisioning with a supported IdP, you can also assign or unassign the application for {% data variables.product.product_name %} to groups of users. These groups are then available to organization owners and team maintainers in {% data variables.product.product_location %} to map to {% data variables.product.product_name %} teams. For more information, see "[Synchronizing a team with an identity provider group](/github/setting-up-and-managing-organizations-and-teams/synchronizing-a-team-with-an-identity-provider-group)."
+When you set up user provisioning with a supported IdP, you can also assign or unassign the application for {% data variables.product.product_name %} to groups of users. These groups are then available to organization owners and team maintainers in {% data variables.product.product_location %} to map to {% data variables.product.product_name %} teams. For more information, see "[Synchronizing a team with an identity provider group](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group)."
 
 ### Prerequisites
 

content/admin/configuration/restricting-network-traffic-to-your-enterprise.md

@@ -13,7 +13,7 @@ By default, authorized users can access your enterprise from any IP address. Ent
 
 {% data reusables.identity-and-permissions.ip-allow-lists-enable %}
 
-You can also configure allowed IP addresses for an individual organization. For more information, see "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization)."
+You can also configure allowed IP addresses for an individual organization. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization)."
 
 By default, Azure network security group (NSG) rules leave all inbound traffic open on ports 22, 80, 443, and 25. Enterprise owners can contact {% data variables.contact.github_support %} to configure access restrictions for your instance.
 

content/admin/github-actions/manually-syncing-actions-from-githubcom.md

@@ -28,8 +28,21 @@ The `actions-sync` tool can only download actions from {% data variables.product
 
 ### Prerequisites
 
-* Before using the `actions-sync` tool, you must ensure that all destination organizations already exist on your enterprise instance. The following example demonstrates how to sync actions to an organization named `synced-actions` on an enterprise instance. For more information, see "[Creating a new organization from scratch](/github/setting-up-and-managing-organizations-and-teams/creating-a-new-organization-from-scratch)."
+* Before using the `actions-sync` tool, you must ensure that all destination organizations already exist on your enterprise instance. The following example demonstrates how to sync actions to an organization named `synced-actions` on an enterprise instance. For more information, see "[Creating a new organization from scratch](/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch)."
 * You must create a personal access token (PAT) on your enterprise instance that can create and write to repositories in the destination organizations. For more information, see "[Creating a personal access token](/github/authenticating-to-github/creating-a-personal-access-token)."
+* If you want to sync the bundled actions in the `actions` organization on {% data variables.product.product_location %}, you must be an owner of the `actions` organization.
+
+  {% note %}
+  
+  **Note:** By default, even site administrators are not owners of the bundled `actions` organization.
+  
+  {% endnote %}
+
+  Site administrators can use the `ghe-org-admin-promote` command in the administrative shell to promote a user to be an owner of the bundled `actions` organization. For more information, see "[Accessing the administrative shell (SSH)](/admin/configuration/accessing-the-administrative-shell-ssh)" and "[`ghe-org-admin-promote`](/admin/configuration/command-line-utilities#ghe-org-admin-promote)."
+
+  ```shell
+  ghe-org-admin-promote -u <em>USERNAME</em> -o actions
+  ```
 
 ### Example: Using the `actions-sync` tool
 

content/admin/overview/github-ae-release-notes.md

@@ -29,7 +29,7 @@ During this beta, {% data variables.product.prodname_advanced_security %} featur
 
 #### Manage teams from your identity provider (IdP)
 
-Customers using SCIM (System for Cross-domain Identity Management) can now sync security groups in Azure Active Directory with {% data variables.product.company_short %} teams. Once a team has been linked to a security group, membership will be automatically updated in {% data variables.product.product_name %} when a user is added or removed from their assigned security group. For more information, see "[Synchronizing a team with an identity provider group](/github/setting-up-and-managing-organizations-and-teams/synchronizing-a-team-with-an-identity-provider-group)."
+Customers using SCIM (System for Cross-domain Identity Management) can now sync security groups in Azure Active Directory with {% data variables.product.company_short %} teams. Once a team has been linked to a security group, membership will be automatically updated in {% data variables.product.product_name %} when a user is added or removed from their assigned security group. For more information, see "[Synchronizing a team with an identity provider group](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group)."
 
 #### IP allow lists beta
 
@@ -37,7 +37,7 @@ Enterprise and organization owners can now use IP allow lists to restrict traffi
 
 This functionality is provided in addition to the ability to request network security group changes that filter traffic to the entirety of the {% data variables.product.product_name %} tenant.
 
-For more information, see "[Restricting network traffic to your enterprise](/admin/configuration/restricting-network-traffic-to-your-enterprise)" and "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization)."
+For more information, see "[Restricting network traffic to your enterprise](/admin/configuration/restricting-network-traffic-to-your-enterprise)" and "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization)."
 
 #### Pull request auto-merge
 
@@ -47,7 +47,7 @@ With auto-merge, pull requests can be set to merge automatically when all merge
 
 #### Developer changes
 
-- [Organization owners can now disable publication](/github/setting-up-and-managing-organizations-and-teams/managing-the-publication-of-github-pages-sites-for-your-organization) of {% data variables.product.prodname_pages %} sites from repositories in the organization. This will not unpublish existing sites.
+- [Organization owners can now disable publication](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization) of {% data variables.product.prodname_pages %} sites from repositories in the organization. This will not unpublish existing sites.
 - Repositories that use {% data variables.product.prodname_pages %} can now [build and deploy from any branch](/pages/getting-started-with-github-pages/about-github-pages#publishing-sources-for-github-pages-sites).
 - When writing an issue or pull request, the list syntax for bullets, numbers, and tasks will now be autocompleted after you press `return` or `enter`.
 - You can now delete a directory in a repository from the repository page. When navigating to a directory, a new kebab button next to the "Add file" button gives the option to delete the directory.
@@ -65,7 +65,7 @@ With auto-merge, pull requests can be set to merge automatically when all merge
 
 ##### Default branch renaming
 
-Enterprise and organization owners can now set the default branch name for new repositories. Enterprise owners can also enforce their choice of default branch name across all organizations or allow individual organizations to choose their own. For more information, see "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-on-the-default-branch-name)" and "[Managing the default branch name for repositories in your organization](/github/setting-up-and-managing-organizations-and-teams/managing-the-default-branch-name-for-repositories-in-your-organization)."
+Enterprise and organization owners can now set the default branch name for new repositories. Enterprise owners can also enforce their choice of default branch name across all organizations or allow individual organizations to choose their own. For more information, see "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-on-the-default-branch-name)" and "[Managing the default branch name for repositories in your organization](/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization)."
 
 Existing repositories are unaffected by these settings, and their default branch name will not be changed.
 

content/admin/user-management/managing-projects-using-jira.md

@@ -1,6 +1,6 @@
 ---
-title: Managing projects using JIRA
+title: Managing projects using Jira
-intro: 'You can integrate JIRA with {% data variables.product.prodname_enterprise %} for project management.'
+intro: 'You can integrate Jira with {% data variables.product.prodname_enterprise %} for project management.'
 redirect_from:
   - /enterprise/admin/guides/installation/project-management-using-jira/
   - /enterprise/admin/articles/project-management-using-jira/
@@ -13,34 +13,54 @@ topics:
   - enterprise
 ---
 
-### Connecting JIRA to a {% data variables.product.prodname_enterprise %} organization
+### Connecting Jira to a {% data variables.product.prodname_enterprise %} organization
 
-1. Sign into your {% data variables.product.prodname_enterprise %} account at http[s]://[hostname]/login.
+1. Sign into your {% data variables.product.prodname_enterprise %} account at http[s]://[hostname]/login. If already signed in, click on the {% data variables.product.prodname_dotcom %} logo in the top left corner.
-1. In the upper right corner of any page, click the account settings (gear) icon.
+2. Click on your profile icon under the {% data variables.product.prodname_dotcom %} logo and select the organization you would like to connect with Jira.
-1. In the left sidebar, click the name of your organization.
-1. In the left sidebar, click **Applications**.
-1. In the upper right corner of the **Organization applications** box, click **Register new application**.
-1. Fill in the application settings:
-    - In the **Application name** field, type "JIRA".
-    - In the **Homepage URL** field, type the full URL of your JIRA instance.
-    - In the **Authorization callback URL** field, type the full URL of your JIRA instance.
-1. Click **Register application**.
-1. At the top of the page, note the **Client ID** and **Client Secret**. You will need these for configuring your JIRA instance.
 
-### JIRA instance configuration
+  ![Select an organization](/assets/images/enterprise/orgs-and-teams/profile-select-organization.png)
 
-1. On your JIRA instance, log into an account with administrative access.
+3. Click on the **Edit _organization name_ settings** link.
-1. At the top of the page, click the settings (gear) icon.
+
-1. In the settings dropdown, choose **Add-ons**.
+  ![Edit organization settings](/assets/images/enterprise/orgs-and-teams/edit-organization-settings.png)
-1. In the left sidebar, under **Source control**, click **DVCS accounts**.
+
-1. Click **Link Bitbucket or GitHub account**.
+4. In the left sidebar, under **Developer settings**, click **OAuth Apps**.
-1. In the **Add New Account** modal, fill in your {% data variables.product.prodname_enterprise %} settings:
+
-    - From the **Host** dropdown menu, choose **GitHub Enterprise**.
+  ![Select OAuth Apps](/assets/images/enterprise/orgs-and-teams/organization-dev-settings-oauth-apps.png)
+
+5. Click on the **Register new application** button.
+
+  ![Register new application button](/assets/images/enterprise/orgs-and-teams/register-oauth-application-button.png)
+
+6. Fill in the application settings:
+    - In the **Application name** field, type "Jira" or any name you would like to use to identify the Jira instance.
+    - In the **Homepage URL** field, type the full URL of your Jira instance.
+    - In the **Authorization callback URL** field, type the full URL of your Jira instance.
+7. Click **Register application**.
+8. At the top of the page, note the **Client ID** and **Client Secret**. You will need these for configuring your Jira instance.
+
+### Jira instance configuration
+
+1. On your Jira instance, log into an account with administrative access.
+2. At the top of the page, click the settings (gear) icon and choose **Applications**.
+
+  ![Select Applications on Jira settings](/assets/images/enterprise/orgs-and-teams/jira/jira-applications.png)
+
+3. In the left sidebar, under **Integrations**, click **DVCS accounts**.
+
+  ![Jira Integrations menu - DVCS accounts](/assets/images/enterprise/orgs-and-teams/jira/jira-integrations-dvcs.png)
+
+4. Click **Link Bitbucket Cloud or {% data variables.product.prodname_dotcom %} account**.
+
+  ![Link GitHub account to Jira](/assets/images/enterprise/orgs-and-teams/jira/jira-link-github-account.png)
+
+5. In the **Add New Account** modal, fill in your {% data variables.product.prodname_enterprise %} settings:
+    - From the **Host** dropdown menu, choose **{% data variables.product.prodname_enterprise %}**.
     - In the **Team or User Account** field, type the name of your {% data variables.product.prodname_enterprise %} organization or personal account.
     - In the **OAuth Key** field, type the Client ID of your {% data variables.product.prodname_enterprise %} developer application.
     - In the **OAuth Secret** field, type the Client Secret for your {% data variables.product.prodname_enterprise %} developer application.
-    - If you don't want to link new repositories owned by your {% data variables.product.prodname_enterprise %} organization or personal account, unselect **Auto Link New Repositories**.
+    - If you don't want to link new repositories owned by your {% data variables.product.prodname_enterprise %} organization or personal account, deselect **Auto Link New Repositories**.
-    - If you don't want to enable smart commits, unselect **Enable Smart Commits**.
+    - If you don't want to enable smart commits, deselect **Enable Smart Commits**.
     - Click **Add**.
-1. Review the permissions you are granting to your {% data variables.product.prodname_enterprise %} account and click **Authorize application**.
+6. Review the permissions you are granting to your {% data variables.product.prodname_enterprise %} account and click **Authorize application**.
-1. If necessary, type your password to continue.
+7. If necessary, type your password to continue.

content/code-security/secret-security/about-secret-scanning.md

@@ -45,7 +45,7 @@ When {% data variables.product.prodname_secret_scanning %} detects a set of cred
 {% data variables.product.prodname_secret_scanning_caps %} is available on all organization-owned repositories as part of {% data variables.product.prodname_GH_advanced_security %}. It is not available on user-owned repositories.
 {% endif %}
 
-If you're a repository administrator or an organization owner, you can enable {% data variables.product.prodname_secret_scanning %} for {% if currentVersion == "free-pro-team@latest" %} private{% endif %} repositories that are owned by organizations. You can enable  {% data variables.product.prodname_secret_scanning %} for all your repositories, or for all new repositories within your organization.{% if currentVersion == "free-pro-team@latest" %} {% data variables.product.prodname_secret_scanning_caps %} is not available for user-owned private repositories.{% endif %} For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" and "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)."
+If you're a repository administrator or an organization owner, you can enable {% data variables.product.prodname_secret_scanning %} for {% if currentVersion == "free-pro-team@latest" %} private{% endif %} repositories that are owned by organizations. You can enable  {% data variables.product.prodname_secret_scanning %} for all your repositories, or for all new repositories within your organization.{% if currentVersion == "free-pro-team@latest" %} {% data variables.product.prodname_secret_scanning_caps %} is not available for user-owned private repositories.{% endif %} For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 
 When you push commits to a{% if currentVersion == "free-pro-team@latest" %} private{% endif %} repository with {% data variables.product.prodname_secret_scanning %} enabled, {% data variables.product.prodname_dotcom %} scans the contents of the commits for secrets.
 

content/code-security/secret-security/configuring-secret-scanning-for-your-repositories.md

@@ -77,4 +77,4 @@ You can also ignore individual alerts from {% data variables.product.prodname_se
 
 ### Further reading
 
-- "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)"
+- "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)"

content/code-security/secure-coding/index.md

@@ -1,7 +1,7 @@
 ---
 title: Finding security vulnerabilities and errors in your code
 shortTitle: Secure coding
-intro: 'Keep your code secure by using secret scanning to identify and fix potential security vulnerabilities and other errors in your code.'
+intro: 'Keep your code secure by using {% data variables.product.prodname_code_scanning %} to identify and fix potential security vulnerabilities and other errors in your code.'
 product: '{% data reusables.gated-features.code-scanning %}'
 redirect_from:
   - /github/managing-security-vulnerabilities/finding-security-vulnerabilities-in-your-projects-code

content/code-security/secure-coding/setting-up-code-scanning-for-a-repository.md

@@ -32,7 +32,7 @@ You decide how to generate {% data variables.product.prodname_code_scanning %} a
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-security %}
-3. To the right of "{% data variables.product.prodname_code_scanning_capc %} alerts", click **Set up {% data variables.product.prodname_code_scanning %}**. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}If {% data variables.product.prodname_code_scanning %} is missing, you need to ask an organization owner or repository administrator to enable {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)" or "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)."{% endif %}
+3. To the right of "{% data variables.product.prodname_code_scanning_capc %} alerts", click **Set up {% data variables.product.prodname_code_scanning %}**. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}If {% data variables.product.prodname_code_scanning %} is missing, you need to ask an organization owner or repository administrator to enable {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" or "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)."{% endif %}
  !["Set up {% data variables.product.prodname_code_scanning %}" button to the right of "{% data variables.product.prodname_code_scanning_capc %}" in the Security Overview](/assets/images/help/security/overview-set-up-code-scanning.png)
 4. Under "Get started with {% data variables.product.prodname_code_scanning %}", click **Set up this workflow** on the {% data variables.product.prodname_codeql_workflow %} or on a third-party workflow. 
  !["Set up this workflow" button under "Get started with {% data variables.product.prodname_code_scanning %}" heading](/assets/images/help/repository/code-scanning-set-up-this-workflow.png){% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}Workflows are only displayed if they are relevant for the programming languages detected in the repository. The {% data variables.product.prodname_codeql_workflow %} is always displayed, but the "Set up this workflow" button is only enabled if {% data variables.product.prodname_codeql %} analysis supports the languages present in the repository.{% endif %}

content/code-security/security-advisories/editing-a-security-advisory.md

@@ -17,6 +17,8 @@ You can credit people who helped discover, report, or fix a security vulnerabili
 
 If someone accepts credit, the person's username appears in the "Credits" section of the security advisory. Anyone with read access to the repository can see the advisory and the people who accepted credit for it.
 
+If you believe you should be credited for a security advisory, please contact the person who created the advisory and ask them to edit the advisory to include your credit. Only the creator of the advisory can credit you, so please don't contact GitHub Support about credits for security advisories.
+
 ### Editing a security advisory
 
 {% data reusables.repositories.navigate-to-repo %}

content/code-security/security-overview/exploring-security-alerts.md

@@ -11,7 +11,7 @@ versions:
 
 ### About the security overview
 
-You can use the security overview for a high-level view of the security status of your organization or to identify problematic repositories that require intervention. At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/github/setting-up-and-managing-organizations-and-teams/managing-team-access-to-an-organization-repository)."
+You can use the security overview for a high-level view of the security status of your organization or to identify problematic repositories that require intervention. At the organization-level, the security overview displays aggregate and repository-specific security information for repositories owned by your organization. At the team-level, the security overview displays repository-specific security information for repositories that the team has admin privileges for. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)."
 
 The security overview indicates whether {% data variables.product.prodname_GH_advanced_security %} features are enabled for repositories owned by your organization and consolidates alerts from {% data variables.product.prodname_advanced_security %} features, including {% data variables.product.prodname_code_scanning %} alerts, {% data variables.product.prodname_dependabot_alerts %}, and {% data variables.product.prodname_secret_scanning %} alerts. For more information, see "[About securing your repository](/code-security/getting-started/about-securing-your-repository)."
 

content/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies.md

@@ -24,9 +24,9 @@ When your code depends on a package that has a security vulnerability, this vuln
  {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %} detects vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %}{% else %}{% data variables.product.product_name %} detects vulnerable dependencies and sends security alerts{% endif %} when:
 
 {% if currentVersion == "free-pro-team@latest" %}
-- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)."{% else %}
+- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)" and "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)."{% else %}
-- New advisory data is synchronized to {% data variables.product.prodname_ghe_server %} each hour from {% data variables.product.prodname_dotcom_the_website %}. For more information about advisory data, see "<a href="/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database" class="dotcom-only">Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}</a>."{% endif %}
+- New advisory data is synchronized to {% data variables.product.prodname_ghe_server %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %}
-- The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on{% if currentVersion == "free-pro-team@latest" %}, or when the code of one of the dependencies changes{% endif %}. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."
+- The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on{% if currentVersion == "free-pro-team@latest" %}, or when the code of one of the dependencies changes{% endif %}. For more information, see "[About the dependency graph](/code-security/supply-chain-security/about-the-dependency-graph)."
 
 {% data reusables.repositories.dependency-review %}
 
@@ -38,7 +38,7 @@ For a list of the ecosystems that {% data variables.product.product_name %} can
 
 {% endnote %}
 
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" % %}
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
 ### {% data variables.product.prodname_dependabot %} alerts for vulnerable dependencies
 {% else %}
 ### Security alerts for vulnerable dependencies
@@ -48,9 +48,9 @@ For a list of the ecosystems that {% data variables.product.product_name %} can
 
 {% if currentVersion == "free-pro-team@latest" %}{% data variables.product.prodname_dotcom %} detects vulnerable dependencies in _public_ repositories and generates {% data variables.product.prodname_dependabot_alerts %} by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories.
 
-You can also enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)."
+You can also enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 
-For information about permission requirements for actions related to {% data variables.product.prodname_dependabot_alerts %}, see "[Repository permission levels for an organization](/github/setting-up-and-managing-organizations-and-teams/repository-permission-levels-for-an-organization#permission-requirements-for-security-features)."
+For information about permission requirements for actions related to {% data variables.product.prodname_dependabot_alerts %}, see "[Repository permission levels for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization#permission-requirements-for-security-features)."
 
 {% data variables.product.product_name %} starts generating the dependency graph immediately and generates alerts for any vulnerable dependencies as soon as they are identified. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. For more information, see "[Managing data use settings for your private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository)."
 {% endif %}
@@ -75,7 +75,7 @@ When {% data variables.product.product_name %} identifies a vulnerable dependenc
 
 ### Access to {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}{% data variables.product.prodname_dependabot %}{% else %}security{% endif %} alerts
 
-You can see all of the alerts that affect a particular project{% if currentVersion == "free-pro-team@latest" %} on the repository's Security tab or{% endif %} in the repository's dependency graph.{% if currentVersion == "free-pro-team@latest" %} For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)."{% endif %}
+You can see all of the alerts that affect a particular project{% if currentVersion == "free-pro-team@latest" %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)."
 
 {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
 By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_alerts %}.{% endif %} {% if currentVersion == "free-pro-team@latest" %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_alerts %} visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)."
@@ -87,9 +87,7 @@ We send security alerts to people with admin permissions in the affected reposit
 
 {% data reusables.notifications.vulnerable-dependency-notification-delivery-method-customization %}{% if enterpriseServerVersions contains currentVersion and currentVersion ver_lt "enterprise-server@2.21" %} For more information, see "[Choosing the delivery method for your notifications](/github/receiving-notifications-about-activity-on-github/choosing-the-delivery-method-for-your-notifications)."{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" %} For more information, see "[Configuring notifications for vulnerable dependencies](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)."{% endif %}
 
-{% if currentVersion == "free-pro-team@latest" %} 
+You can also see all the {% data variables.product.prodname_dependabot_alerts %} that correspond to a particular vulnerability in the {% data variables.product.prodname_advisory_database %}. {% data reusables.security-advisory.link-browsing-advisory-db %}
-You can also see all the {% data variables.product.prodname_dependabot_alerts %} that correspond to a particular vulnerability in the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database#viewing-your-vulnerable-repositories)."
-{% endif %}
 
 {% if currentVersion == "free-pro-team@latest" %}
 ### Further reading

content/code-security/supply-chain-security/about-the-dependency-graph.md

@@ -89,6 +89,6 @@ The recommended formats explicitly define which versions are used for all direct
 
 - "[Dependency graph](https://en.wikipedia.org/wiki/Dependency_graph)" on Wikipedia
 - "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)"{% if currentVersion == "free-pro-team@latest" %}
-- "[Viewing insights for your organization](/github/setting-up-and-managing-organizations-and-teams/viewing-insights-for-your-organization)"
+- "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"
 - "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"
 - "[Troubleshooting the detection of vulnerable dependencies](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)"{% endif %}

content/code-security/supply-chain-security/configuration-options-for-dependency-updates.md

@@ -321,7 +321,7 @@ updates:
 
 {% note %}
 
-**Note**: {% data variables.product.prodname_dependabot %} can only run version updates on manifest or lock files if it can access all of the dependencies in the file, even if you add inaccessible dependencies to the `ignore` option of your configuration file. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors#dependabot-cant-resolve-your-dependency-files)."
+**Note**: {% data variables.product.prodname_dependabot %} can only run version updates on manifest or lock files if it can access all of the dependencies in the file, even if you add inaccessible dependencies to the `ignore` option of your configuration file. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors#dependabot-cant-resolve-your-dependency-files)."
 
 
 {% endnote %}

content/code-security/supply-chain-security/configuring-dependabot-security-updates.md

@@ -48,7 +48,7 @@ If security updates are not enabled for your repository and you don't know why,
 
 You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository (see below).
 
-You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)." 
+You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." 
 
 {% data variables.product.prodname_dependabot_security_updates %} require specific repository settings. For more information, see "[Supported repositories](#supported-repositories)."
 

content/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies.md

@@ -16,7 +16,7 @@ topics:
 {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}When {% data variables.product.prodname_dependabot %} detects vulnerable dependencies in your repositories, we generate a {% data variables.product.prodname_dependabot %} alert and display it on the Security tab for the repository. {% data variables.product.product_name %} notifies the maintainers of affected repositories about the new alert according to their notification preferences.{% else %}When {% data variables.product.product_name %} detects vulnerable dependencies in your repositories, it sends security alerts.{% endif %}{% if currentVersion == "free-pro-team@latest" %} {% data variables.product.prodname_dependabot %} is enabled by default on all public repositories. For {% data variables.product.prodname_dependabot_alerts %}, by default, you will receive {% data variables.product.prodname_dependabot_alerts %} by email, grouped by the specific vulnerability.
 {% endif %} 
 
-{% if currentVersion == "free-pro-team@latest" %}If you're an organization owner, you can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories in your organization with one click. You can also set whether the detection of vulnerable dependencies will be enabled or disabled for newly-created repositories. For more information, see "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-new-repositories-when-they-are-added)."
+{% if currentVersion == "free-pro-team@latest" %}If you're an organization owner, you can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories in your organization with one click. You can also set whether the detection of vulnerable dependencies will be enabled or disabled for newly-created repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-new-repositories-when-they-are-added)."
 {% endif %}
 
 {% if enterpriseServerVersions contains currentVersion and currentVersion == "enterprise-server@2.21" %}

content/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository.md

@@ -75,7 +75,7 @@ For public repositories, the dependents view shows how the repository is used by
 
 Repository administrators can enable or disable the dependency graph for private repositories.
 
-You can also enable or disable the dependency graph for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-security-and-analysis-settings-for-your-organization)."
+You can also enable or disable the dependency graph for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
@@ -117,7 +117,7 @@ If a manifest or lock file is not processed, its dependencies are omitted from t
 ### Further reading
 
 - "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"{% if currentVersion == "free-pro-team@latest" %}
-- "[Viewing insights for your organization](/github/setting-up-and-managing-organizations-and-teams/viewing-insights-for-your-organization)"
+- "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"
 - "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"
 - "[Understanding how {% data variables.product.product_name %} uses and protects your data](/github/understanding-how-github-uses-and-protects-your-data)"
 {% endif %}