Merge branch 'main' into copilot-ga-megabranch

2025-12-19 18:10:59 -05:00 · 2022-06-06 12:59:59 +02:00
parent b6798ee1ac 02f74653cd
commit 5417807edd
394 changed files with 118227 additions and 2368 deletions
--- a/.github/actions-scripts/content-changes-table-comment.js
+++ b/.github/actions-scripts/content-changes-table-comment.js
@@ -20,6 +20,11 @@ if (!APP_URL) {
  throw new Error(`APP_URL environment variable not set`)
 }

+// the max size of the comment (in bytes)
+// the action we use to post the comment caps out at about 144kb
+// see docs-engineering#1849 for more info
+const MAX_COMMENT_SIZE = 125000
+
 const PROD_URL = 'https://docs.github.com'
 const octokit = github.getOctokit(GITHUB_TOKEN)

@@ -131,5 +136,25 @@ const lines = await Promise.all(
    return `| ${contentCell} | ${previewCell} | ${prodCell} | ${note} |`
  })
 )
-markdownTable += lines.join('\n')
+
+// this section limits the size of the comment
+const cappedLines = []
+let underMax = true
+
+lines.reduce((previous, current, index, array) => {
+  if (underMax) {
+    if (previous + current.length > MAX_COMMENT_SIZE) {
+      underMax = false
+      cappedLines.push('**Note** There are more changes in this PR than we can show.')
+      return previous
+    }
+
+    cappedLines.push(array[index])
+    return previous + current.length
+  }
+  return previous
+}, markdownTable.length)
+
+markdownTable += cappedLines.join('\n')
+
 setOutput('changesTable', markdownTable)
--- a/.github/workflows/autoupdate-branch.yml
+++ b/.github/workflows/autoupdate-branch.yml
@@ -43,9 +43,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/azure-prod-build-deploy.yml
+++ b/.github/workflows/azure-prod-build-deploy.yml
@@ -60,9 +60,9 @@ jobs:
        run: git lfs checkout

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Clone docs-early-access
--- a/.github/workflows/azure-staging-build-deploy.yml
+++ b/.github/workflows/azure-staging-build-deploy.yml
@@ -78,9 +78,9 @@ jobs:
          echo "DOCKER_IMAGE=${{ secrets.NONPROD_REGISTRY_SERVER }}/${{ env.IMAGE_REPO }}:${{ env.COMMIT_REF }}-${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Clone docs-early-access
--- a/.github/workflows/browser-test.yml
+++ b/.github/workflows/browser-test.yml
@@ -40,9 +40,9 @@ jobs:
        run: git lfs checkout

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/check-all-english-links.yml
+++ b/.github/workflows/check-all-english-links.yml
@@ -28,9 +28,9 @@ jobs:
      - name: Check out repo's default branch
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/check-broken-links-github-github.yml
+++ b/.github/workflows/check-broken-links-github-github.yml
@@ -42,9 +42,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install Node.js dependencies
--- a/.github/workflows/code-lint.yml
+++ b/.github/workflows/code-lint.yml
@@ -37,9 +37,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/content-changes-table-comment.yml
+++ b/.github/workflows/content-changes-table-comment.yml
@@ -57,9 +57,9 @@ jobs:
        run: .github/actions-scripts/get-preview-app-info.sh

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install temporary dependencies
--- a/.github/workflows/create-translation-batch-pr.yml
+++ b/.github/workflows/create-translation-batch-pr.yml
@@ -116,9 +116,9 @@ jobs:
          git commit -m "Add crowdin translations" || echo "Nothing to commit"

      - name: 'Setup node'
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'

      - run: npm ci

--- a/.github/workflows/crowdin-cleanup.yml
+++ b/.github/workflows/crowdin-cleanup.yml
@@ -29,9 +29,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/docs-review-collect.yml
+++ b/.github/workflows/docs-review-collect.yml
@@ -23,9 +23,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/enterprise-dates.yml
+++ b/.github/workflows/enterprise-dates.yml
@@ -39,9 +39,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install Node.js dependencies
--- a/.github/workflows/enterprise-release-sync-search-index.yml
+++ b/.github/workflows/enterprise-release-sync-search-index.yml
@@ -50,9 +50,9 @@ jobs:
          token: ${{ secrets.DOCUBOT_REPO_PAT }}

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/link-check-all.yml
+++ b/.github/workflows/link-check-all.yml
@@ -30,9 +30,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install
--- a/.github/workflows/msft-create-translation-batch-pr.yml
+++ b/.github/workflows/msft-create-translation-batch-pr.yml
@@ -95,9 +95,9 @@ jobs:
          git commit -m "Add crowdin translations" || echo "Nothing to commit"

      - name: 'Setup node'
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'

      - run: npm ci

--- a/.github/workflows/open-enterprise-issue.yml
+++ b/.github/workflows/open-enterprise-issue.yml
@@ -22,9 +22,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/openapi-decorate.yml
+++ b/.github/workflows/openapi-decorate.yml
@@ -42,9 +42,9 @@ jobs:
          token: ${{ secrets.DOCUBOT_REPO_PAT }}

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/openapi-schema-check.yml
+++ b/.github/workflows/openapi-schema-check.yml
@@ -42,9 +42,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/orphaned-assets-check.yml
+++ b/.github/workflows/orphaned-assets-check.yml
@@ -25,9 +25,9 @@ jobs:
          token: ${{ secrets.DOCUBOT_REPO_PAT }}

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install
--- a/.github/workflows/os-ready-for-review.yml
+++ b/.github/workflows/os-ready-for-review.yml
@@ -47,9 +47,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/pa11y.yml
+++ b/.github/workflows/pa11y.yml
@@ -21,9 +21,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/package-lock-lint.yml
+++ b/.github/workflows/package-lock-lint.yml
@@ -27,9 +27,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'

      - name: Run check
        run: |
--- a/.github/workflows/ready-for-doc-review.yml
+++ b/.github/workflows/ready-for-doc-review.yml
@@ -23,9 +23,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/remove-unused-assets.yml
+++ b/.github/workflows/remove-unused-assets.yml
@@ -27,9 +27,9 @@ jobs:
      - name: Checkout
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm
      - name: npm ci
        run: npm ci
--- a/.github/workflows/repo-sync.yml
+++ b/.github/workflows/repo-sync.yml
@@ -102,9 +102,9 @@ jobs:

      # Set up npm and run npm ci to run husky to get githooks for LFS
      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm
      - name: Install dependencies
        run: npm ci
--- a/.github/workflows/sync-search-indices.yml
+++ b/.github/workflows/sync-search-indices.yml
@@ -56,9 +56,9 @@ jobs:
          token: ${{ secrets.DOCS_BOT_FR }}

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/sync-search-pr.yml
+++ b/.github/workflows/sync-search-pr.yml
@@ -29,9 +29,9 @@ jobs:
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -123,9 +123,9 @@ jobs:
          echo "${{ steps.get_diff_files.outputs.files }}" > get_diff_files.txt

      - name: Setup node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/triage-unallowed-internal-changes.yml
+++ b/.github/workflows/triage-unallowed-internal-changes.yml
@@ -59,9 +59,9 @@ jobs:
          token: ${{ secrets.DOCUBOT_REPO_PAT }}

      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm

      - name: Install dependencies
--- a/.github/workflows/update-graphql-files.yml
+++ b/.github/workflows/update-graphql-files.yml
@@ -34,9 +34,9 @@ jobs:
      - name: Checkout
        uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
      - name: Setup Node
-        uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
+        uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048
        with:
-          node-version: 16.15.x
+          node-version: '16.15.0'
          cache: npm
      - name: Install Node.js dependencies
        run: npm ci
--- a/assets/images/help/2fa/2fa-github-mobile-password-reset.png
+++ b/assets/images/help/2fa/2fa-github-mobile-password-reset.png
--- a/assets/images/help/2fa/2fa-mobile-challenge-password-reset.png
+++ b/assets/images/help/2fa/2fa-mobile-challenge-password-reset.png
--- a/assets/images/help/2fa/2fa-password-reset.png
+++ b/assets/images/help/2fa/2fa-password-reset.png
--- a/assets/images/help/desktop/local-config-email.png
+++ b/assets/images/help/desktop/local-config-email.png
--- a/assets/images/help/desktop/local-config-name.png
+++ b/assets/images/help/desktop/local-config-name.png
--- a/assets/images/help/desktop/mac-email-git-config.png
+++ b/assets/images/help/desktop/mac-email-git-config.png
--- a/assets/images/help/desktop/mac-name-git-config.png
+++ b/assets/images/help/desktop/mac-name-git-config.png
--- a/assets/images/help/desktop/mac-save-git-config.png
+++ b/assets/images/help/desktop/mac-save-git-config.png
--- a/assets/images/help/desktop/mac-select-default-branch-name.png
+++ b/assets/images/help/desktop/mac-select-default-branch-name.png
--- a/assets/images/help/desktop/repository-settings-git-config-save.png
+++ b/assets/images/help/desktop/repository-settings-git-config-save.png
--- a/assets/images/help/desktop/repository-settings-remote.png
+++ b/assets/images/help/desktop/repository-settings-remote.png
--- a/assets/images/help/desktop/repository-settings-save.png
+++ b/assets/images/help/desktop/repository-settings-save.png
--- a/assets/images/help/desktop/select-git-config.png
+++ b/assets/images/help/desktop/select-git-config.png
--- a/assets/images/help/desktop/use-local-git-config.png
+++ b/assets/images/help/desktop/use-local-git-config.png
--- a/assets/images/help/desktop/windows-email-git-config.png
+++ b/assets/images/help/desktop/windows-email-git-config.png
--- a/assets/images/help/desktop/windows-name-git-config.png
+++ b/assets/images/help/desktop/windows-name-git-config.png
--- a/assets/images/help/desktop/windows-save-git-config.png
+++ b/assets/images/help/desktop/windows-save-git-config.png
--- a/assets/images/help/desktop/windows-select-default-branch-name.png
+++ b/assets/images/help/desktop/windows-select-default-branch-name.png
--- a/assets/images/help/enterprises/audit-log-enable-source-ip-disclosure-checkbox.png
+++ b/assets/images/help/enterprises/audit-log-enable-source-ip-disclosure-checkbox.png
--- a/assets/images/help/enterprises/audit-log-source-ip-disclosure-tab.png
+++ b/assets/images/help/enterprises/audit-log-source-ip-disclosure-tab.png
--- a/assets/images/help/images/overview-github-hosted-runner.png
+++ b/assets/images/help/images/overview-github-hosted-runner.png
--- a/assets/images/help/issues/close-issue-select-reason.png
+++ b/assets/images/help/issues/close-issue-select-reason.png
--- a/assets/images/help/issues/close-issue-with-reason.png
+++ b/assets/images/help/issues/close-issue-with-reason.png
--- a/assets/images/help/issues/close-issue.png
+++ b/assets/images/help/issues/close-issue.png
--- a/assets/images/help/issues/close-project-button.png
+++ b/assets/images/help/issues/close-project-button.png
--- a/assets/images/help/issues/closed-projects-tab.png
+++ b/assets/images/help/issues/closed-projects-tab.png
--- a/assets/images/help/issues/delete-project-button.png
+++ b/assets/images/help/issues/delete-project-button.png
--- a/assets/images/help/issues/project-delete-confirm.png
+++ b/assets/images/help/issues/project-delete-confirm.png
--- a/assets/images/help/issues/projects-profile-tab.png
+++ b/assets/images/help/issues/projects-profile-tab.png
--- a/assets/images/help/issues/projects-select-template.png
+++ b/assets/images/help/issues/projects-select-template.png
--- a/assets/images/help/issues/reopen-project-button.png
+++ b/assets/images/help/issues/reopen-project-button.png
--- a/assets/images/help/repository/actions-runner-output.png
+++ b/assets/images/help/repository/actions-runner-output.png
--- a/assets/images/help/repository/code-scanning-pr-conversation-tab.png
+++ b/assets/images/help/repository/code-scanning-pr-conversation-tab.png
--- a/assets/images/help/repository/enable-dependabot-security-updates-button.png
+++ b/assets/images/help/repository/enable-dependabot-security-updates-button.png
--- a/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png
+++ b/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png
--- a/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-public.png
+++ b/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-public.png
--- a/assets/images/help/repository/security-and-analysis-disable-or-enable-ghec-private.png
+++ b/assets/images/help/repository/security-and-analysis-disable-or-enable-ghec-private.png
--- a/assets/images/help/repository/security-and-analysis-disable-or-enable-ghec-public.png
+++ b/assets/images/help/repository/security-and-analysis-disable-or-enable-ghec-public.png
--- a/assets/images/help/repository/security-and-analysis-disable-or-enable-public.png
+++ b/assets/images/help/repository/security-and-analysis-disable-or-enable-public.png
--- a/components/lib/wrap-code-terms.ts
+++ b/components/lib/wrap-code-terms.ts
@@ -12,12 +12,11 @@ export default function wrapCodeTerms() {
  if (!codeTerms) return

  codeTerms.forEach((node) => {
-    // Return early if a child node is an anchor element
-    const hasChildAnchor = Array.from(node.childNodes).some((child) => child.nodeName === 'A')
-    if (hasChildAnchor) return
-
-    // Do the wrapping on the inner text only
+    // Do the wrapping on the inner text only.  With anchor element children
+    // we'll only handle the case where the code term only has a single child
+    // and that child is an anchor element.
    const oldText = escape(node.textContent || '')
+    const anchorChild = node.querySelector('a')

    const newText = oldText.replace(wordsLongerThan18Chars, (str) => {
      return (
@@ -33,6 +32,10 @@ export default function wrapCodeTerms() {
      )
    })

-    node.innerHTML = node.innerHTML.replace(oldText, newText)
+    if (anchorChild && node.childNodes.length === 1) {
+      anchorChild.innerHTML = anchorChild.innerHTML.replace(oldText, newText)
+    } else {
+      node.innerHTML = node.innerHTML.replace(oldText, newText)
+    }
  })
 }
--- a/components/release-notes/GHAEReleaseNotePatch.tsx
+++ b/components/release-notes/GHAEReleaseNotePatch.tsx
@@ -1,10 +1,13 @@
 import { useRef, useEffect } from 'react'
+import cx from 'classnames'

 import { useTranslation } from 'components/hooks/useTranslation'
 import { useOnScreen } from 'components/hooks/useOnScreen'
 import { PatchNotes } from './PatchNotes'
 import { ReleaseNotePatch } from './types'

+import styles from './PatchNotes.module.scss'
+
 type Props = { patch: ReleaseNotePatch; didEnterView: () => void }
 export function GHAEReleaseNotePatch({ patch, didEnterView }: Props) {
  const { t } = useTranslation('release_notes')
@@ -19,7 +22,11 @@ export function GHAEReleaseNotePatch({ patch, didEnterView }: Props) {
  const bannerText = t('banner_text')

  return (
-    <div ref={containerRef} className="mb-10 pb-6 border-bottom border-top" id={patch.date}>
+    <div
+      ref={containerRef}
+      className={cx(styles.sectionHeading, 'mb-10 pb-6 border-bottom border-top')}
+      id={patch.date}
+    >
      <header style={{ zIndex: 1 }} className="container-xl border-bottom px-3 pt-4 pb-2">
        <div className="d-flex flex-items-center">
          <h2 className="border-bottom-0 m-0 p-0">{patch.title}</h2>
--- a/components/release-notes/GHESReleaseNotePatch.tsx
+++ b/components/release-notes/GHESReleaseNotePatch.tsx
@@ -1,5 +1,6 @@
 import { useEffect, useRef } from 'react'
 import dayjs from 'dayjs'
+import cx from 'classnames'

 import { useTranslation } from 'components/hooks/useTranslation'
 import { PatchNotes } from './PatchNotes'
@@ -7,6 +8,8 @@ import { Link } from 'components/Link'
 import { CurrentVersion, ReleaseNotePatch, GHESMessage } from './types'
 import { useOnScreen } from 'components/hooks/useOnScreen'

+import styles from './PatchNotes.module.scss'
+
 type Props = {
  patch: ReleaseNotePatch
  currentVersion: CurrentVersion
@@ -33,7 +36,11 @@ export function GHESReleaseNotePatch({
  }, [onScreen])

  return (
-    <div ref={containerRef} className="mb-10 pb-6 border-bottom border-top" id={patch.version}>
+    <div
+      ref={containerRef}
+      className={cx(styles.sectionHeading, 'mb-10 pb-6 border-bottom border-top')}
+      id={patch.version}
+    >
      <header style={{ zIndex: 1 }} className="container-xl border-bottom px-3 pt-4 pb-2">
        <div className="d-flex flex-justify-between flex-wrap">
          <h2 className="border-bottom-0 m-0 p-0 mt-2">
--- a/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md
+++ b/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md
@@ -65,7 +65,14 @@ You can manage the runner service in the Windows **Services** application, or yo
   sudo ./svc.sh install
   ```

+1. Alternatively, the command takes an optional `user` argument to install the service as a different user.
+
+  ```shell
+  ./svc.sh install <em>USERNAME</em>
+  ```
+
 {% endlinux %}
+
 {% mac %}

 ## Installing the service
@@ -78,12 +85,6 @@ You can manage the runner service in the Windows **Services** application, or yo
   ```
 {% endmac %}

-The command takes an optional `user` argument to install the service as a different user.
-
-```shell
-./svc.sh install <em>USERNAME</em>
-```
-
 ## Starting the service

 Start the service with the following command:
--- a/content/actions/using-github-hosted-runners/about-github-hosted-runners.md
+++ b/content/actions/using-github-hosted-runners/about-github-hosted-runners.md
@@ -9,6 +9,7 @@ redirect_from:
  - /actions/reference/virtual-environments-for-github-hosted-runners
  - /actions/reference/software-installed-on-github-hosted-runners
  - /actions/reference/specifications-for-github-hosted-runners
+miniTocMaxHeadingLevel: 3
 versions:
  fpt: '*'
  ghes: '*'
@@ -19,36 +20,70 @@ shortTitle: GitHub-hosted runners
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}

-## About {% data variables.product.prodname_dotcom %}-hosted runners
+## Overview of {% data variables.product.prodname_dotcom %}-hosted runners

-A {% data variables.product.prodname_dotcom %}-hosted runner is a virtual machine hosted by {% data variables.product.prodname_dotcom %} with the {% data variables.product.prodname_actions %} runner application installed. {% data variables.product.prodname_dotcom %} offers runners with Linux, Windows, and macOS operating systems.
+Runners are the machines that execute jobs in a {% data variables.product.prodname_actions %} workflow. For example, a runner can clone your repository locally, install testing software, and then run commands that evaluate your code. 

-When you use a {% data variables.product.prodname_dotcom %}-hosted runner, machine maintenance and upgrades are taken care of for you. You can run workflows directly on the virtual machine or in a Docker container.
-
-You can specify the runner type for each job in a workflow. Each job in a workflow executes in a fresh instance of the virtual machine. All steps in the job execute in the same instance of the virtual machine, allowing the actions in that job to share information using the filesystem.
+{% data variables.product.prodname_dotcom %} provides runners that you can use to run your jobs, or you can [host your own runners](/actions/hosting-your-own-runners/about-self-hosted-runners). Each {% data variables.product.prodname_dotcom %}-hosted runner is a new virtual machine (VM) hosted by {% data variables.product.prodname_dotcom %} with the runner application and other tools preinstalled, and is available with Ubuntu Linux, Windows, or macOS operating systems. When you use a {% data variables.product.prodname_dotcom %}-hosted runner, machine maintenance and upgrades are taken care of for you.

 {% ifversion not ghes %}

+## Using a {% data variables.product.prodname_dotcom %}-hosted runner
+
+To use a {% data variables.product.prodname_dotcom %}-hosted runner, create a job and use `runs-on` to specify the type of runner that will process the job, such as `ubuntu-latest`, `windows-latest`, or `macos-latest`. For the full list of runner types, see "[Supported runners and hardware resources](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources)."
+
+When the job begins, {% data variables.product.prodname_dotcom %} automatically provisions a new VM for that job. All steps in the job execute on the VM, allowing the steps in that job to share information using the runner's filesystem. You can run workflows directly on the VM or in a Docker container. When the job has finished, the VM is automatically decommissioned.
+
+The following diagram demonstrates how two jobs in a workflow are executed on two different {% data variables.product.prodname_dotcom %}-hosted runners. 
+
+![Two runners processing separate jobs](/assets/images/help/images/overview-github-hosted-runner.png)
+
+The following example workflow has two jobs, named `Run-npm-on-Ubuntu` and `Run-PSScriptAnalyzer-on-Windows`. When this workflow is triggered, {% data variables.product.prodname_dotcom %} provisions a new virtual machine for each job. 
+
+- The job named `Run-npm-on-Ubuntu` is executed on a Linux VM, because the job's `runs-on:` specifies `ubuntu-latest`. 
+- The job named `Run-PSScriptAnalyzer-on-Windows` is executed on a Windows VM, because the job's `runs-on:` specifies `windows-latest`. 
+
+```yaml{:copy}
+name: Run commands on different operating systems
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  Run-npm-on-Ubuntu:
+    name: Run npm on Ubuntu
+    runs-on: ubuntu-latest
+    steps:
+      - uses: {% data reusables.actions.action-checkout %}
+      - uses: {% data reusables.actions.action-setup-node %}
+        with:
+          node-version: '14'
+      - run: npm help
+
+  Run-PSScriptAnalyzer-on-Windows:
+    name: Run PSScriptAnalyzer on Windows
+    runs-on: windows-latest
+    steps:
+      - uses: {% data reusables.actions.action-checkout %}
+      - name: Install PSScriptAnalyzer module
+        shell: pwsh
+        run: |
+          Set-PSRepository PSGallery -InstallationPolicy Trusted
+          Install-Module PSScriptAnalyzer -ErrorAction Stop
+      - name: Get list of rules
+        shell: pwsh
+        run: |
+          Get-ScriptAnalyzerRule
+```
+
+While the job runs, the logs and output can be viewed in the {% data variables.product.prodname_dotcom %} UI:
+
+![Job output in the Actions UI](/assets/images/help/repository/actions-runner-output.png)
+
 {% data reusables.actions.runner-app-open-source %}

-### Cloud hosts for {% data variables.product.prodname_dotcom %}-hosted runners
-
-{% data variables.product.prodname_dotcom %} hosts Linux and Windows runners on Standard_DS2_v2 virtual machines in Microsoft Azure with the {% data variables.product.prodname_actions %} runner application installed. The {% data variables.product.prodname_dotcom %}-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the Standard_DS2_v2 machine resources, see "[Dv2 and DSv2-series](https://docs.microsoft.com/azure/virtual-machines/dv2-dsv2-series#dsv2-series)" in the Microsoft Azure documentation.
-
-{% data variables.product.prodname_dotcom %} hosts macOS runners in {% data variables.product.prodname_dotcom %}'s own macOS Cloud.
-
-### Workflow continuity for {% data variables.product.prodname_dotcom %}-hosted runners
-
-{% data reusables.actions.runner-workflow-continuity %}
-
-In addition, if the workflow run has been successfully queued, but has not been processed by a {% data variables.product.prodname_dotcom %}-hosted runner within 45 minutes, then the queued workflow run is discarded.
-
-### Administrative privileges of {% data variables.product.prodname_dotcom %}-hosted runners
-
-The Linux and macOS virtual machines both run using passwordless `sudo`. When you need to execute commands or install tools that require more privileges than the current user, you can use `sudo` without needing to provide a password. For more information, see the "[Sudo Manual](https://www.sudo.ws/man/1.8.27/sudo.man.html)."
-
-Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "[How User Account Control works](https://docs.microsoft.com/windows/security/identity-protection/user-account-control/how-user-account-control-works)" in the Windows documentation.
-
 ## Supported runners and hardware resources

 Hardware specification for Windows and Linux virtual machines:
@@ -98,6 +133,24 @@ If there is a tool that you'd like to request, please open an issue at [actions/

 You can install additional software on {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see "[Customizing GitHub-hosted runners](/actions/using-github-hosted-runners/customizing-github-hosted-runners)".

+## Cloud hosts used by {% data variables.product.prodname_dotcom %}-hosted runners
+
+{% data variables.product.prodname_dotcom %} hosts Linux and Windows runners on `Standard_DS2_v2` virtual machines in Microsoft Azure with the {% data variables.product.prodname_actions %} runner application installed. The {% data variables.product.prodname_dotcom %}-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the `Standard_DS2_v2` resources, see "[Dv2 and DSv2-series](https://docs.microsoft.com/azure/virtual-machines/dv2-dsv2-series#dsv2-series)" in the Microsoft Azure documentation.
+
+{% data variables.product.prodname_dotcom %} hosts macOS runners in {% data variables.product.prodname_dotcom %}'s own macOS Cloud.
+
+## Workflow continuity
+
+{% data reusables.actions.runner-workflow-continuity %}
+
+In addition, if the workflow run has been successfully queued, but has not been processed by a {% data variables.product.prodname_dotcom %}-hosted runner within 45 minutes, then the queued workflow run is discarded.
+
+## Administrative privileges
+
+The Linux and macOS virtual machines both run using passwordless `sudo`. When you need to execute commands or install tools that require more privileges than the current user, you can use `sudo` without needing to provide a password. For more information, see the "[Sudo Manual](https://www.sudo.ws/man/1.8.27/sudo.man.html)."
+
+Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "[How User Account Control works](https://docs.microsoft.com/windows/security/identity-protection/user-account-control/how-user-account-control-works)" in the Windows documentation.
+
 ## IP addresses

 {% note %}
@@ -136,11 +189,8 @@ Actions that run in Docker containers have static directories under the `/github
 - `/github/workspace` - {% data reusables.repositories.action-root-user-required %}
 - `/github/workflow`

-{% ifversion fpt or ghec %}
-
 ## Further reading
 - "[Managing billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions)"
-
-{% endif %}
+- You can use a matrix strategy to run your jobs on multiple images. For more information, see "[Using a matrix for your jobs](/actions/using-jobs/using-a-matrix-for-your-jobs)."

 {% endif %}
--- a/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
+++ b/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
@@ -39,7 +39,7 @@ The usernames of your enterprise's {% data variables.product.prodname_managed_us

 {% data reusables.enterprise-accounts.emu-forks %}

-Enterprise owners can audit all of the {% data variables.product.prodname_managed_users %}' actions on {% data variables.product.prodname_dotcom %}.
+Enterprise owners can audit all of the {% data variables.product.prodname_managed_users %}' actions on {% data variables.product.prodname_dotcom %}. For more information, see "[Audit log events for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#about-audit-log-events-for-your-enterprise)."

 To use {% data variables.product.prodname_emus %}, you need a separate type of enterprise account with {% data variables.product.prodname_emus %} enabled. For more information about creating this account, see "[About enterprises with managed users](#about-enterprises-with-managed-users)."

--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md
@@ -36,6 +36,9 @@ In addition to viewing your audit log, you can monitor activity in your enterpri
 As an enterprise owner{% ifversion ghes %} or site administrator{% endif %}, you can interact with the audit log data for your enterprise in several ways:
 - You can view the audit log for your enterprise. For more information, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)."
 - You can search the audit log for specific events{% ifversion ghec %} and export audit log data{% endif %}. For more information, see "[Searching the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise)"{% ifversion ghec %} and "[Exporting the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise)"{% endif %}.
+{%- if enterprise-audit-log-ip-addresses %}
+- You can display the IP address associated with events in the audit log. For more information, see "[Displaying IP addresses in the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise)."
+{%- endif %}
 {%- ifversion ghec %}
 - You can stream audit and Git events data from {% data variables.product.prodname_dotcom %} to an external data management system. For more information, see "[Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise)."
 {%- else %}
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
@@ -22,8 +22,18 @@ topics:
  - Security
 ---

+{% ifversion ghec%}
+## About audit log events for your enterprise
+
+The scope of the events that appear in your enterprise's audit log depend on whether your enterprise uses {% data variables.product.prodname_emus %}. For more information about {% data variables.product.prodname_emus %}, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)."
+
+- If your enterprise does not use {% data variables.product.prodname_emus %}, the audit log only includes events related to the enterprise account and the organizations within the enterprise account, which are listed in this article.
+- If your enterprise uses {% data variables.product.prodname_emus %}, the audit log also includes user events for {% data variables.product.prodname_managed_users %}, such as each time the user logs in to {% data variables.product.product_name %}. For a list of these events, see "[Reviewing your security log](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log#security-log-actions)."
+{% endif %}
+
+
 {%- ifversion fpt or ghec %}
-### `account` category actions
+## `account` category actions

 | Action | Description
 |--------|-------------
@@ -34,7 +44,7 @@ topics:
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `advisory_credit` category actions
+## `advisory_credit` category actions

 | Action | Description
 |--------|-------------
@@ -44,14 +54,14 @@ topics:
 | `advisory_credit.destroy` | The administrator of a security advisory removed someone from the credit section.
 {%- endif %}

-### `artifact` category actions
+## `artifact` category actions

 | Action | Description
 |--------|-------------
 | `artifact.destroy`    | A workflow run artifact was manually deleted.

 {%- ifversion ghec %}
-### `audit_log_streaming` category actions
+## `audit_log_streaming` category actions

 | Action | Description
 |--------|-------------
@@ -62,7 +72,7 @@ topics:
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `billing` category actions
+## `billing` category actions

 | Action | Description
 |--------|-------------
@@ -70,7 +80,7 @@ topics:
 | `billing.change_email` | An organization's billing email address changed. For more information, see "[Setting your billing email](/billing/managing-your-github-billing-settings/setting-your-billing-email)."
 {%- endif %}

-### `business` category actions
+## `business` category actions

 | Action | Description
 |--------|-------------
@@ -148,7 +158,7 @@ topics:
 {%- endif %}

 {%- if secret-scanning-audit-log-custom-patterns %}
-### `business_secret_scanning_custom_pattern` category actions
+## `business_secret_scanning_custom_pattern` category actions

 Action                        | Description
 ----------------------------- | -----------------------------------------------
@@ -157,7 +167,7 @@ Action                        | Description
 | `business_secret_scanning_custom_pattern.update` | Changes to an enterprise-level custom pattern are saved for secret scanning.
 {%- endif %}

-### `checks` category actions
+## `checks` category actions

 | Action | Description
 |--------|-------------
@@ -168,7 +178,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `codespaces` category actions
+## `codespaces` category actions

 | Action | Description
 |--------|-------------
@@ -184,7 +194,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `commit_comment` category actions
+## `commit_comment` category actions

 | Action | Description
 |--------|-------------
@@ -193,7 +203,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghes %}
-### `config_entry` category actions
+## `config_entry` category actions

 | Action | Description
 |--------|-------------
@@ -203,21 +213,21 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec or ghes > 3.2 or ghae %}
-### `dependabot_alerts` category actions
+## `dependabot_alerts` category actions

 | Action | Description
 |--------|-------------
 | `dependabot_alerts.disable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} disabled {% data variables.product.prodname_dependabot_alerts %} for all existing {% ifversion fpt or ghec %}private {% endif %}repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 | `dependabot_alerts.enable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} enabled {% data variables.product.prodname_dependabot_alerts %} for all existing {% ifversion fpt or ghec %}private {% endif %}repositories.

-### `dependabot_alerts_new_repos` category actions
+## `dependabot_alerts_new_repos` category actions

 | Action | Description
 |--------|-------------
 | `dependabot_alerts_new_repos.disable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} disabled {% data variables.product.prodname_dependabot_alerts %} for all new {% ifversion fpt or ghec %}private {% endif %}repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 | `dependabot_alerts_new_repos.enable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} enabled {% data variables.product.prodname_dependabot_alerts %} for all new {% ifversion fpt or ghec %}private {% endif %}repositories.

-### `dependabot_repository_access`category actions
+## `dependabot_repository_access`category actions

 | Action | Description
 |--------|-------------
@@ -225,14 +235,14 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec or ghes > 3.2 %}
-### `dependabot_security_updates` category actions
+## `dependabot_security_updates` category actions

 | Action | Description
 |--------|-------------
 | `dependabot_security_updates.disable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} disabled {% data variables.product.prodname_dependabot_security_updates %} for all existing repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 | `dependabot_security_updates.enable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} enabled {% data variables.product.prodname_dependabot_security_updates %} for all existing repositories.

-### `dependabot_security_updates_new_repos` category actions
+## `dependabot_security_updates_new_repos` category actions

 | Action | Description
 |--------|-------------
@@ -241,14 +251,14 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec or ghes or ghae %}
-### `dependency_graph` category actions
+## `dependency_graph` category actions

 | Action | Description
 |--------|-------------
 | `dependency_graph.disable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} disabled the dependency graph for all existing repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)."
 | `dependency_graph.enable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} enabled the dependency graph for all existing repositories.

-### `dependency_graph_new_repos` category actions
+## `dependency_graph_new_repos` category actions

 | Action | Description
 |--------|-------------
@@ -257,27 +267,27 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `discussion` category actions
+## `discussion` category actions

 | Action | Description
 |--------|-------------
 | `discussion.destroy` | A team discussion was deleted.

-### `discussion_comment` category actions
+## `discussion_comment` category actions

 | Action | Description
 |--------|-------------
 | `discussion_comment.destroy` | A [comment on a team discussion post was deleted](/communities/moderating-comments-and-conversations/managing-disruptive-comments#deleting-a-comment).
 | `discussion_comment.update` | A [comment on a team discussion post was edited](/communities/moderating-comments-and-conversations/managing-disruptive-comments#editing-a-comment).

-### `discussion_post` category actions
+## `discussion_post` category actions

 | Action | Description
 |--------|-------------
 | `discussion_post.destroy` | A [team discussion post was deleted](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion).
 | `discussion_post.update` | A [team discussion post was edited](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion).

-### `discussion_post_reply` category actions
+## `discussion_post_reply` category actions

 | Action | Description
 |--------|-------------
@@ -286,7 +296,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec or ghes %}
-### `dotcom_connection` category actions
+## `dotcom_connection` category actions

 | Action | Description
 |--------|-------------
@@ -297,7 +307,7 @@ Action                        | Description
 | `dotcom_connection.upload_usage_metrics` | {% data variables.product.prodname_ghe_server %} usage metrics were uploaded to {% data variables.product.prodname_dotcom_the_website %}.
 {%- endif %}

-### `enterprise` category actions
+## `enterprise` category actions

 | Action | Description
 |--------|-------------
@@ -326,7 +336,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec %}
-### `enterprise_domain` category actions
+## `enterprise_domain` category actions

 | Action | Description
 |--------|-------------
@@ -335,7 +345,7 @@ Action                        | Description
 | `enterprise_domain.destroy` | An enterprise domain was removed from an enterprise. For more information, see "[Removing an approved or verified domain](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#removing-an-approved-or-verified-domain)."
 | `enterprise_domain.verify` | An enterprise domain was verified for an enterprise. For more information, see "[Verifying a domain for your enterprise account](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account)."

-### `enterprise_installation` category actions
+## `enterprise_installation` category actions

 | Action | Description
 |--------|-------------
@@ -345,7 +355,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `environment` category actions
+## `environment` category actions

 | Action | Description
 |--------|-------------
@@ -359,7 +369,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghae %}
-### `external_group` category actions
+## `external_group` category actions

 | Action | Description
 |--------|-------------
@@ -369,7 +379,7 @@ Action                        | Description
 | `external_group.unlink` | An Okta group was unmapped from a {% data variables.product.prodname_ghe_managed %} team. For more information, see "[Mapping Okta groups to teams](/admin/identity-and-access-management/configuring-authentication-and-provisioning-with-your-identity-provider/mapping-okta-groups-to-teams)."
 | `external_group.update` | An Okta group's settings were updated. For more information, see "[Mapping Okta groups to teams](/admin/identity-and-access-management/configuring-authentication-and-provisioning-with-your-identity-provider/mapping-okta-groups-to-teams)."

-### `external_identity` category actions
+## `external_identity` category actions
 | Action | Description
 |--------|-------------
 | `external_identity.deprovision` | A user was removed from an Okta group and was subsequently deprovisioned from {% data variables.product.prodname_ghe_managed %}. For more information, see "[Mapping Okta groups to teams](/admin/identity-and-access-management/configuring-authentication-and-provisioning-with-your-identity-provider/mapping-okta-groups-to-teams)."
@@ -377,7 +387,7 @@ Action                        | Description
 | `external_identity.update` | An Okta user's settings were updated. For more information, see "[Mapping Okta groups to teams](/admin/identity-and-access-management/configuring-authentication-and-provisioning-with-your-identity-provider/mapping-okta-groups-to-teams)."
 {%- endif %}

-### `gist` category actions
+## `gist` category actions

 | Action | Description
 |--------|-------------
@@ -386,7 +396,7 @@ Action                        | Description
 | `gist.visibility_change` | The visibility of a gist is changed.

 {% ifversion ghec or ghes > 3.4 or ghae-issue-6724 %}
-### `git` category actions
+## `git` category actions

 | Action | Description
 |--------|-------------
@@ -395,7 +405,7 @@ Action                        | Description
 | `git.push`  | Changes were pushed to a repository.
 {% endif %}

-### `hook` category actions
+## `hook` category actions

 | Action | Description
 |--------|-------------
@@ -407,7 +417,7 @@ Action                        | Description
 | `hook.destroy`                    | A hook was deleted.
 | `hook.events_changed`             | A hook's configured events were changed.

-### `integration` category actions
+## `integration` category actions

 | Action | Description
 |--------|-------------
@@ -420,7 +430,7 @@ Action                        | Description
 | `integration.revoke_all_tokens` | All user tokens for an integration were requested to be revoked.
 | `integration.revoke_tokens` | Token(s) for an integration were revoked.

-### `integration_installation`category actions
+## `integration_installation`category actions

 | Action | Description
 |--------|-------------
@@ -435,7 +445,7 @@ Action                        | Description
 {%- endif %}
 | `integration_installation.version_updated` | Permissions for an integration were updated.

-### `integration_installation_request` category actions
+## `integration_installation_request` category actions

 | Action | Description
 |--------|-------------
@@ -443,7 +453,7 @@ Action                        | Description
 | `integration_installation_request.close` | A request to install an integration for use in an enterprise or organization was either approved or denied by an owner, or canceled by the member who opened the request.

 {%- ifversion ghec or ghae %}
-### `ip_allow_list` category actions
+## `ip_allow_list` category actions

 | Action | Description
 |--------|-------------
@@ -452,7 +462,7 @@ Action                        | Description
 | `ip_allow_list.disable`              | An IP allow list was disabled.
 | `ip_allow_list.disable_for_installed_apps` | An IP allow list was disabled for installed {% data variables.product.prodname_github_apps %}.

-### `ip_allow_list_entry` category actions
+## `ip_allow_list_entry` category actions

 | Action | Description
 |--------|-------------
@@ -461,7 +471,7 @@ Action                        | Description
 | `ip_allow_list_entry.destroy` | An IP address was deleted from an IP allow list.
 {%- endif %}

-### `issue` category actions
+## `issue` category actions

 | Action | Description
 |--------|-------------
@@ -470,7 +480,7 @@ Action                        | Description
 | `issue.transfer`                     | An issue was transferred to another repository. For more information, see "[Transferring an issue to another repository](/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository)."
 | `issue.unpinned`                     | An issue was unpinned from a repository. For more information, see "[Pinning an issue to your repository](/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository)."

-### `issue_comment` category actions
+## `issue_comment` category actions

 | Action | Description
 |--------|-------------
@@ -479,7 +489,7 @@ Action                        | Description
 | `issue_comment.unpinned` | A comment on an issue was unpinned from a repository.
 | `issue_comment.update`   | A comment on an issue (other than the initial one) changed.

-### `issues` category actions
+## `issues` category actions

 | Action | Description
 |--------|-------------
@@ -488,13 +498,13 @@ Action                        | Description
 | `issues.deletes_policy_cleared` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} cleared the policy setting for allowing members to delete issues in an enterprise. For more information, see "[Enforcing a policy for deleting issues](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues)."

 {%- ifversion fpt or ghec %}
-### `marketplace_agreement_signature` category actions
+## `marketplace_agreement_signature` category actions

 | Action | Description
 |--------|-------------
 | `marketplace_agreement_signature.create` | A user signed the {% data variables.product.prodname_marketplace %} Developer Agreement on behalf of an organization.

-### `marketplace_listing` category actions
+## `marketplace_listing` category actions

 | Action | Description
 |--------|-------------
@@ -506,21 +516,21 @@ Action                        | Description
 | `marketplace_listing.reject` | A listing was not accepted for inclusion in {% data variables.product.prodname_marketplace %}.
 {%- endif %}

-### `members_can_create_pages` category actions
+## `members_can_create_pages` category actions

 | Action | Description
 |--------|-------------
 | `members_can_create_pages.disable` | The ability for members to publish {% data variables.product.prodname_pages %} was disabled. Members cannot publish {% data variables.product.prodname_pages %} in an organization. For more information, see "[Managing the publication of GitHub Pages sites for your organization](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)."
 | `members_can_create_pages.enable` | The ability for members to publish {% data variables.product.prodname_pages %} was enabled. Members can publish {% data variables.product.prodname_pages %} in an organization. For more information, see "[Managing the publication of GitHub Pages sites for your organization](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)."

-### `members_can_create_private_pages` category actions
+## `members_can_create_private_pages` category actions

 | Action | Description
 |--------|-------------
 | `members_can_create_private_pages.disable` | The ability for members to publish private {% data variables.product.prodname_pages %} was disabled. Members cannot publish private {% data variables.product.prodname_pages %} in an organization. For more information, see "[Managing the publication of GitHub Pages sites for your organization](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)."
 | `members_can_create_private_pages.enable` |  The ability for members to publish private {% data variables.product.prodname_pages %} was enabled. Members can publish private {% data variables.product.prodname_pages %} in an organization. For more information, see "[Managing the publication of GitHub Pages sites for your organization](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)."

-### `members_can_create_public_pages` category actions
+## `members_can_create_public_pages` category actions

 | Action | Description
 |--------|-------------
@@ -528,7 +538,7 @@ Action                        | Description
 | `members_can_create_public_pages.enable` |  The ability for members to publish public {% data variables.product.prodname_pages %} was enabled. Members can publish public {% data variables.product.prodname_pages %} in an organization. For more information, see "[Managing the publication of GitHub Pages sites for your organization](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)."

 {%- ifversion ghec or ghes or ghae %}
-### `members_can_delete_repos` category actions
+## `members_can_delete_repos` category actions

 | Action | Description
 |--------|-------------
@@ -536,7 +546,7 @@ Action                        | Description
 | `members_can_delete_repos.disable` | The ability for enterprise members to delete repositories was disabled. Members cannot delete or transfer repositories in any organizations in an enterprise. For more information, see "[Enforcing a policy for repository deletion and transfer](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer)."
 | `members_can_delete_repos.enable` |  The ability for enterprise members to delete repositories was enabled. Members can delete or transfer repositories in any organizations in an enterprise. For more information, see "[Enforcing a policy for repository deletion and transfer](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer)."

-### `members_can_view_dependency_insights` category actions
+## `members_can_view_dependency_insights` category actions

 | Action | Description
 |--------|-------------
@@ -544,7 +554,7 @@ Action                        | Description
 | `members_can_view_dependency_insights.disable` | The ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise.{% ifversion ghec %} For more information, see "[Enforcing a policy for visibility of dependency insights](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise)."{% endif %}
 | `members_can_view_dependency_insights.enable` |  The ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise.{% ifversion ghec %} For more information, see "[Enforcing a policy for visibility of dependency insights](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise)."{% endif %}

-### `migration` category actions
+## `migration` category actions

 | Action | Description
 |--------|-------------
@@ -553,7 +563,7 @@ Action                        | Description
 |  `migration.download` | A migration file for transferring data from a *source* location (such as a {% data variables.product.prodname_dotcom_the_website %} organization or a {% data variables.product.prodname_ghe_server %} instance) to a *target* {% data variables.product.prodname_ghe_server %} instance was downloaded.
 {%- endif %}

-### `oauth_access` category actions
+## `oauth_access` category actions

 | Action | Description
 |--------|-------------
@@ -562,7 +572,7 @@ Action                        | Description

  [OAuth access token]: /developers/apps/building-oauth-apps/authorizing-oauth-apps

-### `oauth_application` category actions
+## `oauth_application` category actions

 | Action | Description
 |--------|-------------
@@ -585,7 +595,7 @@ Action                        | Description
  [OAuth application]: /guides/basics-of-authentication/#registering-your-app

 {%- ifversion fpt or ghec %}
-### `oauth_authorization` category actions
+## `oauth_authorization` category actions

 | Action | Description
 |--------|-------------
@@ -594,7 +604,7 @@ Action                        | Description
 | `oauth_authorization.update`          | An authorization for an OAuth application was updated. For more information, see "[Authorizing OAuth Apps](/authentication/keeping-your-account-and-data-secure/authorizing-oauth-apps)."
 {%- endif %}

-### `org` category actions
+## `org` category actions

 | Action | Description
 |--------|-------------
@@ -743,7 +753,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec or ghes or ghae %}
-### `org_credential_authorization` category actions
+## `org_credential_authorization` category actions

 | Action | Description
 |--------|-------------
@@ -753,7 +763,7 @@ Action                        | Description
 {%- endif %}

 {%- if secret-scanning-audit-log-custom-patterns %}
-### `org_secret_scanning_custom_pattern` category actions
+## `org_secret_scanning_custom_pattern` category actions

 | Action | Description
 |--------|---------------
@@ -762,7 +772,7 @@ Action                        | Description
 | `org_secret_scanning_custom_pattern.update` |Changes to a custom pattern are saved for secret scanning in an organization. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern)."
 {%- endif %}

-### `organization_default_label` category actions
+## `organization_default_label` category actions

 | Action | Description
 |--------|-------------
@@ -771,7 +781,7 @@ Action                        | Description
 | `organization_default_label.destroy` | A default label for repositories in an organization was deleted. For more information, see "[Deleting a default label](/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label)."

 {%- ifversion fpt or ghec or ghes > 3.1 %}
-### `organization_domain` category actions
+## `organization_domain` category actions

 | Action | Description
 |--------|-------------
@@ -780,7 +790,7 @@ Action                        | Description
 | `organization_domain.destroy` | An enterprise domain was removed from an organization. For more information, see "[Removing an approved or verified domain](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain)."
 | `organization_domain.verify` | An enterprise domain was verified for an organization. For more information, see "[Verifying a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization)."

-### `organization_projects_change` category actions
+## `organization_projects_change` category actions

 | Action | Description
 |--------|-------------
@@ -790,7 +800,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec or ghes > 3.0 or ghae %}
-### `packages` category actions
+## `packages` category actions

 | Action | Description
 |--------|-------------
@@ -808,7 +818,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `pages_protected_domain` category actions
+## `pages_protected_domain` category actions

 | Action | Description
 |--------|-------------
@@ -816,7 +826,7 @@ Action                        | Description
 | `pages_protected_domain.delete` | A {% data variables.product.prodname_pages %} verified domain was deleted from an organization or enterprise. For more information, see "[Verifying your custom domain for {% data variables.product.prodname_pages %}](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)."
 | `pages_protected_domain.verify`  | A {% data variables.product.prodname_pages %} domain was verified for an organization or enterprise. For more information, see "[Verifying your custom domain for {% data variables.product.prodname_pages %}](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)."

-### `payment_method` category actions
+## `payment_method` category actions

 | Action | Description
 |--------|-------------
@@ -824,7 +834,7 @@ Action                        | Description
 | `payment_method.remove` | A payment method was removed.
 | `payment_method.update` | An existing payment method was updated.

-### `prebuild_configuration` category actions
+## `prebuild_configuration` category actions

 | Action | Description
 |--------|-------------
@@ -835,7 +845,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghes %}
-### `pre_receive_environment` category actions
+## `pre_receive_environment` category actions

 | Action | Description
 | ------ | -----------
@@ -844,7 +854,7 @@ Action                        | Description
 | `pre_receive_environment.download` | A pre-receive hook environment was downloaded. For more information, see "[Creating a pre-receive hook environment](/admin/policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-environment)."
 | `pre_receive_environment.update` | A pre-receive hook environment was updated. For more information, see "[Creating a pre-receive hook environment](/admin/policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-environment)."

-### `pre_receive_hook` category actions
+## `pre_receive_hook` category actions

 | Action | Description
 |--------|-------------
@@ -856,7 +866,7 @@ Action                        | Description
 | `pre_receive_hook.warned_push` | A pre-receive hook warned about a push.
 {%- endif %}

-### `private_repository_forking` category actions
+## `private_repository_forking` category actions

 | Action | Description
 |--------|-------------
@@ -865,14 +875,14 @@ Action                        | Description
 | `private_repository_forking.enable` | An enterprise owner{% ifversion ghes %} or site administrator{% endif %} enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked. For more information, see "[Managing the forking policy for your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-forking-policy-for-your-repository), "[Managing the forking policy for your organization](/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization) and for enterprises "[Enforcing a policy for forking private or internal repositories](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-forking-private-or-internal-repositories)."

 {%- ifversion fpt or ghec %}
-### `profile_picture` category actions
+## `profile_picture` category actions

 | Action | Description
 |--------|-------------
 | `profile_picture.update` | A profile picture was updated.
 {%- endif %}

-### `project` category actions
+## `project` category actions

 | Action | Description
 |--------|-------------
@@ -889,14 +899,14 @@ Action                        | Description
 | `project.update_user_permission` | An organization member or outside collaborator was added to or removed from a project board or had their permission level changed. For more information, see "[Managing an individual’s access to an organization project board](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board)."

 {%- ifversion fpt or ghec %}
-### `project_field` category actions
+## `project_field` category actions

 | Action | Description
 |--------|-------------
 | `project_field.create` | A field was created in a project board. For more information, see "[Creating a project (beta)](/issues/trying-out-the-new-projects-experience/creating-a-project#adding-fields)."
 | `project_field.delete` | A field was deleted in a project board. For more information, see "[Creating a project (beta)](/issues/trying-out-the-new-projects-experience/creating-a-project#adding-fields)."

-### `project_view` category actions
+## `project_view` category actions

 | Action | Description
 |--------|-------------
@@ -904,7 +914,7 @@ Action                        | Description
 | `project_view.delete` | A view was deleted in a project board. For more information, see "[Customizing your project (beta) views](/issues/trying-out-the-new-projects-experience/customizing-your-project-views#deleting-a-saved-view)."
 {%- endif %}

-### `protected_branch` category actions
+## `protected_branch` category actions

 | Action | Description
 |--------|-------------
@@ -933,7 +943,7 @@ Action                        | Description
 | `protected_branch.update_strict_required_status_checks_policy` | Enforcement of required status checks was updated on a branch.
 | `protected_branch.update_name` | A branch name pattern was updated for a branch.

-### `public_key` category actions
+## `public_key` category actions

 | Action | Description
 |--------|-------------
@@ -949,7 +959,7 @@ Action                        | Description
  [deploy key]: /developers/overview/managing-deploy-keys#deploy-keys

 {%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
-### `pull_request` category actions
+## `pull_request` category actions

 | Action | Description
 |--------|-------------
@@ -967,7 +977,7 @@ Action                        | Description
 | `pull_request_review.dismiss` | A review on a pull request was dismissed. For more information, see "[Dismissing a pull request review](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)."
 | `pull_request_review.submit` | A review was submitted for a pull request. For more information, see "[About pull request reviews](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)."

-### `pull_request_review` category actions
+## `pull_request_review` category actions

 | Action | Description
 |--------|-------------
@@ -975,7 +985,7 @@ Action                        | Description
 | `pull_request_review.dismiss` | A review on a pull request was dismissed. For more information, see "[Dismissing a pull request review](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)."
 | `pull_request_review.submit` | A review on a pull request was submitted. For more information, see "[Submitting your review](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review)."

-### `pull_request_review_comment` category actions
+## `pull_request_review_comment` category actions

 | Action | Description
 |--------|-------------
@@ -984,7 +994,7 @@ Action                        | Description
 | `pull_request_review_comment.update` | A review comment on a pull request was changed.
 {%- endif %}

-### `repo` category actions
+## `repo` category actions

 | Action | Description
 |--------|-------------
@@ -1060,7 +1070,7 @@ Action                        | Description
 | `repo.update_member` | A user's permission to a repository was changed.

 {%- ifversion fpt or ghec %}
-### `repository_advisory` category actions
+## `repository_advisory` category actions

 | Action | Description
 |--------|-------------
@@ -1073,14 +1083,14 @@ Action                        | Description
 | `repository_advisory.reopen` | Someone reopened as draft security advisory.
 | `repository_advisory.update` | Someone edited a draft or published security advisory.

-### `repository_content_analysis` category actions
+## `repository_content_analysis` category actions

 | Action | Description
 |--------|-------------
 | `repository_content_analysis.enable` | An organization owner or repository administrator [enabled data use settings for a private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository).
 | `repository_content_analysis.disable` | An organization owner or repository administrator [disabled data use settings for a private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository).

-### `repository_dependency_graph` category actions
+## `repository_dependency_graph` category actions

 | Action | Description
 |--------|-------------
@@ -1088,14 +1098,14 @@ Action                        | Description
 | `repository_dependency_graph.enable` | A repository owner or administrator enabled the dependency graph for a private repository.
 {%- endif %}

-### `repository_image` category actions
+## `repository_image` category actions

 | Action | Description
 |--------|-------------
 | `repository_image.create` | An image to represent a repository was uploaded.
 | `repository_image.destroy` | An image to represent a repository was deleted.

-### `repository_invitation` category actions
+## `repository_invitation` category actions

 | Action | Description
 |--------|-------------
@@ -1103,7 +1113,7 @@ Action                        | Description
 | `repository_invitation.create` | An invitation to join a repository was sent.
 | `repository_invitation.reject` | An invitation to join a repository was canceled.

-### `repository_projects_change` category actions
+## `repository_projects_change` category actions

 | Action | Description
 |--------|-------------
@@ -1112,7 +1122,7 @@ Action                        | Description
 | `repository_projects_change.enable` | Repository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise.

 {%- ifversion ghec or ghes or ghae %}
-### `repository_secret_scanning` category actions
+## `repository_secret_scanning` category actions

 | Action | Description
 |--------|-------------
@@ -1122,7 +1132,7 @@ Action                        | Description

 {%- if secret-scanning-audit-log-custom-patterns %}

-### `repository_secret_scanning_custom_pattern` category actions
+## `repository_secret_scanning_custom_pattern` category actions

 | Action | Description
 |------------------|-------------------
@@ -1130,14 +1140,14 @@ Action                        | Description
 | `repository_secret_scanning_custom_pattern.delete` | A custom pattern is removed from secret scanning in a repository. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern)."
 | `repository_secret_scanning_custom_pattern.update` | Changes to a custom pattern are saved for secret scanning in a repository. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern)."

-### `repository_secret_scanning_push_protection` category actions
+## `repository_secret_scanning_push_protection` category actions

 | Action | Description
 |------------------|-------------------
 | `repository_secret_scanning_push_protection.disable` | A repository owner or administrator  disabled secret scanning for a repository. For more information, see "[Protecting pushes with secret scanning](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)."
 | `repository_secret_scanning_push_protection.enable` | A repository owner or administrator  enabled secret scanning for a repository. For more information, see "[Protecting pushes with secret scanning](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)."
 {%- endif %}
-### `repository_visibility_change` category actions
+## `repository_visibility_change` category actions

 | Action | Description
 |--------|-------------
@@ -1146,7 +1156,7 @@ Action                        | Description
 | `repository_visibility_change.enable` | The ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise.

 {%- ifversion fpt or ghec or ghes or ghae %}
-### `repository_vulnerability_alert` category actions
+## `repository_vulnerability_alert` category actions

 | Action | Description
 |--------|-------------
@@ -1156,7 +1166,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `repository_vulnerability_alerts` category actions
+## `repository_vulnerability_alerts` category actions

 | Action | Description
 |--------|-------------
@@ -1165,7 +1175,7 @@ Action                        | Description
 | `repository_vulnerability_alerts.enable` | A repository owner or repository administrator enabled {% data variables.product.prodname_dependabot_alerts %}.
 {%- endif %}

-### `required_status_check` category actions
+## `required_status_check` category actions

 | Action | Description
 |--------|-------------
@@ -1173,7 +1183,7 @@ Action                        | Description
 | `required_status_check.destroy` | A status check was no longer marked as required for a protected branch. For more information, see "[Require status checks before merging](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)."

 {%- ifversion ghec or ghes > 3.1 %}
-### `restrict_notification_delivery` category actions
+## `restrict_notification_delivery` category actions

 | Action | Description
 |--------|-------------
@@ -1182,7 +1192,7 @@ Action                        | Description
 {%- endif %}

 {%- if custom-repository-roles %}
-### `role` category actions
+## `role` category actions

 | Action | Description
 |--------|-------------
@@ -1192,7 +1202,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec or ghes or ghae %}
-### `secret_scanning` category actions
+## `secret_scanning` category actions

 | Action | Description
 |--------|-------------
@@ -1200,7 +1210,7 @@ Action                        | Description
 | `secret_scanning.enable` | An organization owner enabled secret scanning for all existing{% ifversion ghec %} private or internal{% endif %} repositories.

 {% if secret-scanning-alert-audit-log %}
-### `secret_scanning_alert` category actions
+## `secret_scanning_alert` category actions

 | Action | Description
 |------------------|-------------------
@@ -1209,7 +1219,7 @@ Action                        | Description
 | `secret_scanning_alert.resolve` | A user resolved a {% data variables.product.prodname_secret_scanning %} alert.
 {% endif %}

-### `secret_scanning_new_repos` category actions
+## `secret_scanning_new_repos` category actions

 | Action | Description
 |--------|-------------
@@ -1218,7 +1228,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec or ghes or ghae %}
-### `security_key` category actions
+## `security_key` category actions

 | Action | Description
 |--------|-------------
@@ -1227,7 +1237,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghec %}
-### `sponsors` category actions
+## `sponsors` category actions

 | Action | Description
 |--------|-------------
@@ -1253,14 +1263,14 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec or ghes or ghae %}
-### `ssh_certificate_authority` category actions
+## `ssh_certificate_authority` category actions

 | Action | Description
 |--------|-------------
 | `ssh_certificate_authority.create` | An SSH certificate authority for an organization or enterprise was created. For more information, see "[Managing your organization's SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)" and "[Managing SSH certificate authorities for your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)."
 | `ssh_certificate_authority.destroy` | An SSH certificate authority for an organization or enterprise was deleted. For more information, see "[Managing your organization's SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)" and "[Managing SSH certificate authorities for your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)."

-### `ssh_certificate_requirement` category actions
+## `ssh_certificate_requirement` category actions

 | Action | Description
 |--------|-------------
@@ -1268,7 +1278,7 @@ Action                        | Description
 | `ssh_certificate_requirement.disable` | The requirement for members to use SSH certificates to access an organization resources was disabled. For more information, see "[Managing your organization's SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)" and "[Managing SSH certificate authorities for your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)."
 {%- endif %}

-### `staff` category actions
+## `staff` category actions

 | Action | Description
 |--------|-------------
@@ -1293,7 +1303,7 @@ Action                        | Description
 | `staff.view_audit_log` | A site administrator viewed the site admin audit log.
 {%- endif %}

-### `team` category actions
+## `team` category actions

 | Action | Description
 |--------|-------------
@@ -1314,7 +1324,7 @@ Action                        | Description
 | `team.update_permission` | A team's access was changed.
 | `team.update_repository_permission` | A team's permission to a repository was changed.

-### `team_discussions` category actions
+## `team_discussions` category actions

 | Action | Description
 |--------|-------------
@@ -1323,7 +1333,7 @@ Action                        | Description
 | `team_discussions.enable` | An organization owner enabled team discussions for an organization.

 {%- ifversion ghec %}
-### `team_sync_tenant` category actions
+## `team_sync_tenant` category actions

 | Action | Description
 |--------|-------------
@@ -1333,7 +1343,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion fpt or ghes %}
-### `two_factor_authentication` category actions
+## `two_factor_authentication` category actions

 | Action | Description
 |--------|-------------
@@ -1348,7 +1358,7 @@ Action                        | Description
  [2fa]: /authentication/securing-your-account-with-two-factor-authentication-2fa/about-two-factor-authentication

 {%- ifversion fpt or ghes or ghae %}
-### `user` category actions
+## `user` category actions

 | Action | Description
 |--------|-------------
@@ -1400,7 +1410,7 @@ Action                        | Description
 {%- endif %}

 {%- ifversion ghec or ghes %}
-### `user_license` category actions
+## `user_license` category actions

 | Action | Description
 |--------|-------------
@@ -1410,7 +1420,7 @@ Action                        | Description
 {%- endif %}

 {% ifversion fpt or ghec or ghes > 3.1 or ghae %}
-### `workflows` category actions
+## `workflows` category actions

 {% data reusables.audit_log.audit-log-events-workflows %}
 {%- endif %}
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md
@@ -0,0 +1,58 @@
+---
+title: Displaying IP addresses in the audit log for your enterprise
+intro: You can display the source IP address for events in your enterprise's audit log.
+shortTitle: IP addresses in audit log
+permissions: Enterprise owners can display IP addresses in the audit log for an enterprise.
+versions:
+  feature: enterprise-audit-log-ip-addresses
+type: how_to
+topics:
+  - Auditing
+  - Enterprise
+  - Logging
+  - Networking
+  - Security
+---
+
+{% note %}
+
+**Note:** Display of IP addresses in the enterprise audit log is currently in public beta and is subject to change.
+
+{% endnote %}
+
+## About display of IP addresses in the audit log
+
+By default, {% data variables.product.product_name %} does not display the source IP address for events in your enterprise's audit log. Optionally, to ensure compliance and respond to threats, you can display the full IP address associated with the actor responsible for each event. Actors are typically users, but can also be apps or integrations.
+
+You are responsible for meeting any legal obligations that accompany the viewing or storage of IP addresses displayed within your enterprise's audit log.
+
+If you choose to display IP addresses, the IP addresses only appear in your enterprise's audit log. IP addresses will not appear for events in the audit logs for individual organizations owned by your enterprise. For more information about organization audit logs, see "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)."
+
+You can display IP addresses in the audit log regardless of which authentication method you use for your enterprise on {% data variables.product.product_location %}. For more information, see "[About authentication for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise)."
+
+When anyone creates an account on {% data variables.product.product_location %}, the person agrees to {% data variables.product.company_short %}'s collection of basic information about connections to {% data variables.product.company_short %}'s services, including source IP address. For more information, see "[GitHub Privacy Statement](/free-pro-team@latest/site-policy/privacy-policies/github-privacy-statement#usage-information)."
+
+## Events that display IP addresses in the audit log
+
+{% data variables.product.product_name %} displays an IP address in the audit log when a member of the enterprise interacts with a resource owned by your enterprise or an organization in your enterprise. For example, you will see an IP address for audited events involving an internal or private repository owned by an organization in your enterprise, or resources associated with those repositories, such as an issue, pull request, action, or project.
+
+If members of your enterprise access {% data variables.product.product_location %} with personal accounts that they manage, because you do not use {% data variables.product.prodname_emus %}, {% data variables.product.product_name %} does not display an event or IP address in the audit log for the following actions.
+  
+- Authentication to {% data variables.product.product_location %}
+- Interactions with a resource owned by the personal account, including a repository, gist, or project
+- Interactions with a public repository owned by an organization in your enterprise
+
+## Enabling display of IP addresses in the audit log
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.audit-log-tab %}
+1. Under "Audit log", click **Source IP disclosure**.
+
+   ![Screenshot of "Source IP disclosure" tab](/assets/images/help/enterprises/audit-log-source-ip-disclosure-tab.png)
+1. Under "Disclose actor IP addresses in audit logs", select **Enable source IP disclosure**.
+
+   ![Screenshot of checkbox to enable display of IP addresses in audit logs](/assets/images/help/enterprises/audit-log-enable-source-ip-disclosure-checkbox.png)
+1. Click **Save**.
+
+After you enable the feature, you can access the audit log to view events that include IP addresses. For more information, see "[Accessing the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise)."
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/index.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/index.md
@@ -11,6 +11,7 @@ topics:
 children:
  - /about-the-audit-log-for-your-enterprise
  - /accessing-the-audit-log-for-your-enterprise
+  - /displaying-ip-addresses-in-the-audit-log-for-your-enterprise
  - /searching-the-audit-log-for-your-enterprise
  - /exporting-audit-log-activity-for-your-enterprise
  - /streaming-the-audit-log-for-your-enterprise
--- a/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md
+++ b/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md
@@ -24,8 +24,15 @@ shortTitle: Update access credentials
 2. Enter the email address associated with your account on {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}, then click **Send password reset email.** The email will be sent to the backup email address if you have one configured.
  ![Password reset email request dialog](/assets/images/help/settings/password-recovery-email-request.png)
 3. We'll email you a link that will allow you to reset your password. You must click on this link within 3 hours of receiving the email. If you didn't receive an email from us, make sure to check your spam folder.
-4. If you have enabled two-factor authentication, you will be prompted for your 2FA credentials. Type your authentication code or one of your recovery codes and click **Verify**. If you have added a security key to your account, you can insert the key and click **Use security key** instead of typing an authentication code.
-  ![Two-factor authentication prompt](/assets/images/help/2fa/2fa-password-reset.png)
+4. If you have enabled two-factor authentication, you will be prompted for your 2FA credentials:
+   * If you have {% data variables.product.prodname_mobile %}, you will be sent a push notification to verify your identity. Open the push notification or the {% data variables.product.prodname_mobile %} app and enter the two-digit code shown to you on the password reset page in your browser.
+   ![Two-factor {% data variables.product.prodname_mobile %} authentication prompt](/assets/images/help/2fa/2fa-mobile-challenge-password-reset.png)
+      * To skip using GitHub Mobile to verify, click **Enter two-factor authentication or recovery code**.
+      ![Two-factor GitHub Mobile authentication prompt on {% data variables.product.product_name %} with "Enter two-factor authentication or recovery code" highlighted](/assets/images/help/2fa/2fa-github-mobile-password-reset.png)
+   * Type your authentication code or one of your recovery codes and click **Verify**.
+      ![Two-factor authentication prompt](/assets/images/help/2fa/2fa-password-reset.png)
+     * If you have added a security key to your account, click **Use security key** instead of typing an authentication code.
+     * If you have set up [{% data variables.product.prodname_mobile %}](https://github.com/mobile), click **Authenticate with GitHub Mobile** instead.
 5. Type a new password, confirm your new password, and click **Change password**. For help creating a strong password, see "[Creating a strong password](/articles/creating-a-strong-password)."
  {% ifversion fpt or ghec %}![Password recovery box](/assets/images/help/settings/password-recovery-page.png){% else %}
  ![Password recovery box](/assets/images/enterprise/settings/password-recovery-page.png){% endif %}
--- a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md
+++ b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md
@@ -27,7 +27,16 @@ topics:

 ## About {% data variables.product.prodname_code_scanning %} results on pull requests

-In repositories where {% data variables.product.prodname_code_scanning %} is configured as a pull request check, {% data variables.product.prodname_code_scanning %} checks the code in the pull request. By default, this is limited to pull requests that target the default branch, but you can change this configuration within {% data variables.product.prodname_actions %} or in a third-party CI/CD system. If merging the changes would introduce new {% data variables.product.prodname_code_scanning %} alerts to the target branch, these are reported as check results in the pull request. The alerts are also shown as annotations in the **Files changed** tab of the pull request. If you have write permission for the repository, you can see any existing {% data variables.product.prodname_code_scanning %} alerts on the **Security** tab. For information about repository alerts, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)."
+In repositories where {% data variables.product.prodname_code_scanning %} is configured as a pull request check, {% data variables.product.prodname_code_scanning %} checks the code in the pull request. By default, this is limited to pull requests that target the default branch, but you can change this configuration within {% data variables.product.prodname_actions %} or in a third-party CI/CD system. If merging the changes would introduce new {% data variables.product.prodname_code_scanning %} alerts to the target branch, the alerts are reported in multiple places.
+
+- Check results in the pull request {% if code-scanning-pr-conversations-tab %}
+- The **Conversation** tab of the pull request, as part of a pull request review {% endif %} 
+- The **Files changed** tab of the pull request
+
+{% if code-scanning-pr-conversations-tab %} {% endif %} 
+
+If you have write permission for the repository, you can see any existing {% data variables.product.prodname_code_scanning %} alerts on the **Security** tab. For information about repository alerts, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)."
+
 {% ifversion fpt or ghes > 3.2 or ghae or ghec %}
 In repositories where {% data variables.product.prodname_code_scanning %} is configured to scan each time code is pushed, {% data variables.product.prodname_code_scanning %} will also map the results to any open pull requests and add the alerts as annotations in the same places as other pull request checks. For more information, see "[Scanning on push](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#scanning-on-push)."
 {% endif %}
@@ -66,9 +75,18 @@ As with other pull request checks, you can see full details of the check failure

 ## Viewing an alert on your pull request

+{% if code-scanning-pr-conversations-tab %}
+You can see any {% data variables.product.prodname_code_scanning %} alerts introduced in a pull request by viewing the **Conversation** tab. {% data variables.product.prodname_code_scanning_capc %} posts a pull request review that shows each alert as an annotation on the lines of code that triggered the alert. You can comment on the alerts, dismiss the alerts, and view paths for the alerts, directly from the annotations. You can view the full details of an alert by clicking the "Show more details" link, which will take you to the alert details page.
+
+![Alert annotation within a pull request Conversations tab](/assets/images/help/repository/code-scanning-pr-conversation-tab.png)
+
+You can also view all {% data variables.product.prodname_code_scanning %} alerts in the **Files changed** tab of the pull request. Existing {% data variables.product.prodname_code_scanning %} alerts on a file that are outside the diff of the changes introduced in the pull request will only appear in the **Files changed** tab.
+
+{% else %} 
 You can see any {% data variables.product.prodname_code_scanning %} alerts introduced in a pull request by displaying the **Files changed** tab. Each alert is shown as an annotation on the lines of code that triggered the alert. The severity of the alert is displayed in the annotation. 

 ![Alert annotation within a pull request diff](/assets/images/help/repository/code-scanning-pr-annotation.png)
+{% endif %}

 If you have write permission for the repository, some annotations contain links with extra context for the alert. In the example above, from {% data variables.product.prodname_codeql %} analysis, you can click **user-provided value** to see where the untrusted data enters the data flow (this is referred to as the source). In this case you can also view the full path from the source to the code that uses the data (the sink) by clicking **Show paths**. This makes it easy to check whether the data is untrusted or if the analysis failed to recognize a data sanitization step between the source and the sink. For information about analyzing data flow using {% data variables.product.prodname_codeql %}, see "[About data flow analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)."

@@ -85,6 +103,14 @@ In the detailed view for an alert, some {% data variables.product.prodname_code_
 {% else %}
 ![Alert description and link to show more information](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png)
 {% endif %}
+
+{% if code-scanning-pr-conversations-tab %}
+## Commenting on an alert in a pull request
+
+You can comment on any {% data variables.product.prodname_code_scanning %} alert introduced by the changes in a pull request. Alerts appear as annotations in the **Conversation** tab of a pull request, as part of a  pull request review, and also are shown in the **Files changed** tab. You can only comment on alerts introduced by the changes in a pull request. Existing {% data variables.product.prodname_code_scanning %} alerts, on files that are outside the changes introduced in the pull request, will appear in the **Files changed** tab but cannot be commented on.
+
+You can choose to require all conversations in a pull request, including those on {% data variables.product.prodname_code_scanning %} alerts, to be resolved before a pull request can be merged. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-conversation-resolution-before-merging)."
+{% endif %}
 ## Fixing an alert on your pull request

 Anyone with push access to a pull request can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on that pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed.
--- a/content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md
+++ b/content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md
@@ -72,9 +72,9 @@ By default, we notify people with admin permissions in the affected repositories
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
-1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Disable** or **Enable**. 
-  ![Screenshot of "Configure security and analysis" features with the "Disable" button emphasized for Dependabot alerts](/assets/images/help/dependabot/dependabot-alerts-disable-or-enable-fpt-private.png)
- {% endif %}{% ifversion ghes or ghae %}
+1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Enable** to enable alerts or **Disable** to disable alerts. 
+  ![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png)
+{% endif %}{% ifversion ghes or ghae %}

 {% data variables.product.prodname_dependabot_alerts %} for your repository can be enabled or disabled by your enterprise owner. For more information, see "[Enabling Dependabot for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."
 {% endif %}
--- a/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md
+++ b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md
@@ -71,7 +71,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
 1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %}
-  {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %}
+  {% ifversion fpt or ghec %}![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/security-and-analysis-disable-or-enable-fpt-private.png){% elsif ghes > 3.6 or ghae-issue-7044 %}<!--Insert screenshot for GHES 3.7 when available--> {% else %}![Screenshot of "Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %}

 ## Overriding the default behavior with a configuration file

--- a/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md
@@ -34,7 +34,16 @@ You enable {% data variables.product.prodname_dependabot_version_updates %} by c

 ## Enabling {% data variables.product.prodname_dependabot_version_updates %}

-{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)."
+You enable {% data variables.product.prodname_dependabot_version_updates %} by commiting a *dependabot.yml* configuration file to your repository. 
+{% if dependabot-settings-update-37 %}If you enable the feature in your settings page, GitHub creates a basic file which you can edit, otherwise you can create the file using any file editor.
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-settings %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}
+1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot_version_updates %}", click **Enable** to open a basic *dependabot.yml* configuration file in the `.github` directory of your repository.
+{% else %}
+1. Create a *dependabot.yml* configuration file in the `.github` directory of your repository. 
+{% endif %}
 1. Add a `version`. 
 1. Optionally, if you have dependencies in a private registry, add a `registries` section containing authentication details. 
 1. Add an `updates` section, with an entry for each package manager you want {% data variables.product.prodname_dependabot %} to monitor.
@@ -44,6 +53,8 @@ You enable {% data variables.product.prodname_dependabot_version_updates %} by c
    - `schedule.interval` to specify how often to check for new versions.
 {% data reusables.dependabot.check-in-dependabot-yml %}

+For information about all the configuration options, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)."
+
 ### Example *dependabot.yml* file

 The example *dependabot.yml* file below configures version updates for two package managers: npm and Docker. When this file is checked in, {% data variables.product.prodname_dependabot %} checks the manifest files on the default branch for outdated dependencies. If it finds outdated dependencies, it will raise pull requests against the default branch to update the dependencies.
--- a/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md
+++ b/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md
@@ -31,7 +31,9 @@ Actions are often updated with bug fixes and new features to make automated proc

 ## Enabling {% data variables.product.prodname_dependabot_version_updates %} for actions

-{% data reusables.dependabot.create-dependabot-yml %} If you have already enabled {% data variables.product.prodname_dependabot_version_updates %} for other ecosystems or package managers, simply open the existing *dependabot.yml* file.
+You can configure {% data variables.product.prodname_dependabot_version_updates %} to maintain your actions as well as the libraries and packages you depend on. 
+
+1. If you have already enabled {% data variables.product.prodname_dependabot_version_updates %} for other ecosystems or package managers, simply open the existing *dependabot.yml* file. Otherwise, create a *dependabot.yml* configuration file in the `.github` directory of your repository. For more information, see "[Configuring Dependabot version updates](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates)."
 1. Specify `"github-actions"` as a `package-ecosystem` to monitor.
 1. Set the `directory` to `"/"` to check for workflow files in `.github/workflows`.
 1. Set a `schedule.interval` to specify how often to check for new versions.
--- a/content/code-security/getting-started/securing-your-repository.md
+++ b/content/code-security/getting-started/securing-your-repository.md
@@ -111,7 +111,15 @@ For more information, see "[About {% data variables.product.prodname_dependabot_

 You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)."

+{% if dependabot-settings-update-37 %}
+1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %} Settings**.
+2. Click **Security & analysis**.
+3. Next to {% data variables.product.prodname_dependabot_version_updates %}, click **Enable** to create a basic *dependabot.yml* configuration file.
+4. Specify the dependencies to update and commit the file to the repository. For more information, see "[Configuring Dependabot version updates](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates)."
+
+{% else %}
 To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)."
+{% endif %}

 {% endif %}

--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
@@ -7,6 +7,7 @@ versions:
  fpt: '*'
  ghec: '*'
  ghes: '*'
+  ghae: '*'
 type: overview
 topics:
  - Organizations
--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md
@@ -5,6 +5,7 @@ versions:
  fpt: '*'
  ghec: '*'
  ghes: '*'
+  ghae: '*'
 topics:
  - Security overview
  - Organizations
--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md
@@ -7,6 +7,7 @@ versions:
  fpt: '*'
  ghec: '*'
  ghes: '*'
+  ghae: '*'
 type: overview
 topics:
  - Organizations
@@ -117,9 +118,9 @@ If you're an organization owner, you can see which users don't have 2FA enabled,

 ## Connect to {% data variables.product.product_name %} using SSH keys

-There are other ways to interact with {% data variables.product.product_name %} beyond signing into the website. Many people authorize the code they push to {% data variables.product.prodname_dotcom %} with an SSH private key. For more information, see "[About SSH](/authentication/connecting-to-github-with-ssh/about-ssh)."
+There are other ways to interact with {% data variables.product.product_name %} beyond signing into the website{% ifversion ghae %} via your IdP{% endif %}. Many people authorize the code they push to {% data variables.product.prodname_dotcom %} with an SSH private key. For more information, see "[About SSH](/authentication/connecting-to-github-with-ssh/about-ssh)."

-Just like your account password, if an attacker were able to get your SSH private key, they could impersonate you and push malicious code to any repository you have write access for. If you store your SSH private key on a disk drive, it's a good idea to protect it with a passphrase. For more information, see "[Working with SSH key passphrases](/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases)."
+Just like {% ifversion ghae %}the password for your IdP account{% else %}your account password{% endif %}, if an attacker were able to get your SSH private key, they could impersonate you and push malicious code to any repository you have write access for. If you store your SSH private key on a disk drive, it's a good idea to protect it with a passphrase. For more information, see "[Working with SSH key passphrases](/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases)."

 Another option is to generate SSH keys on a hardware security key. You could use the same key you're using for 2FA. Hardware security keys are very difficult to compromise remotely, because the private SSH key remains on the hardware, and is not directly accessible from software. For more information, see "[Generating a new SSH key for a hardware security key](/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)."

--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md
@@ -7,6 +7,7 @@ versions:
  fpt: '*'
  ghec: '*'
  ghes: '*'
+  ghae: '*'
 type: overview
 topics:
  - Fundamentals
--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md
@@ -7,6 +7,7 @@ versions:
  fpt: '*'
  ghec: '*'
  ghes: '*'
+  ghae: '*'
 type: overview
 topics:
  - Dependabot
@@ -80,7 +81,7 @@ If your organization uses {% data variables.product.prodname_GH_advanced_securit
 You can configure {% data variables.product.prodname_secret_scanning %} to check for secrets issued by many service providers and to notify you when any are detected. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning)" and "[Secret scanning patterns](/code-security/secret-scanning/secret-scanning-patterns)."
 {% endif %}

-{% ifversion fpt or ghec or ghes > 3.2 %}
+{% ifversion fpt or ghec or ghes > 3.2 or ghae %}
 ### Secure storage of secrets you use in {% data variables.product.product_name %}
 {% endif %}

@@ -88,8 +89,8 @@ You can configure {% data variables.product.prodname_secret_scanning %} to check
 Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows, {% data variables.product.prodname_dependabot %}, or your {% data variables.product.prodname_codespaces %} development environment to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)," "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)," and "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
 {% endif %}

-{% ifversion ghes > 3.2 %}
-Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows or {% data variables.product.prodname_dependabot %} to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)", and "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)."
+{% ifversion ghes > 3.2 or ghae %}
+Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows{% ifversion ghes %} or {% data variables.product.prodname_dependabot %}{% endif %} to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets){% ifversion ghes %}" and "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)."{% else %}."{% endif %}
 {% endif %}

 ## Keep vulnerable coding patterns out of your repository
--- a/content/desktop/contributing-and-collaborating-using-github-desktop/working-with-your-remote-repository-on-github-or-github-enterprise/changing-a-remotes-url-from-github-desktop.md
+++ b/content/desktop/contributing-and-collaborating-using-github-desktop/working-with-your-remote-repository-on-github-or-github-enterprise/changing-a-remotes-url-from-github-desktop.md
@@ -11,22 +11,18 @@ shortTitle: Change a remote's URL
 ---
 {% mac %}

-1. In the **Repository** menu, click **Repository Settings...**.
-![Repository Settings menu option](/assets/images/help/desktop/repository-settings-mac.png)
-2. In the **Primary remote repository** field, type the desired URL.
-![Primary remote repository field](/assets/images/help/desktop/repository-settings-remote-mac.png)
-3. Click **Save**.
-![The Save button](/assets/images/help/desktop/repository-settings-save-mac.png)
+{% data reusables.desktop.mac-repository-settings-menu %}
+2. Click **Remote**, and, under **Primary remote repository**, type the desired URL.
+![Primary remote repository field](/assets/images/help/desktop/repository-settings-remote.png)
+{% data reusables.desktop.repository-settings-save %}

 {% endmac %}

 {% windows %}

-1. In the **Repository** menu, click **Repository settings...**.
-![Repository settings menu option](/assets/images/help/desktop/repository-settings-win.png)
-2. In the **Primary remote repository** field, type the desired URL.
-![Primary remote repository field](/assets/images/help/desktop/repository-settings-remote-win.png)
-3. Click **Save**.
-![The Save button](/assets/images/help/desktop/repository-settings-save-win.png)
+{% data reusables.desktop.windows-repository-settings-menu %}
+2. Click **Remote**, and, under **Primary remote repository**, type the desired URL.
+![Primary remote repository field](/assets/images/help/desktop/repository-settings-remote.png)
+{% data reusables.desktop.repository-settings-save %}

 {% endwindows %}
--- a/content/desktop/installing-and-configuring-github-desktop/configuring-and-customizing-github-desktop/configuring-git-for-github-desktop.md
+++ b/content/desktop/installing-and-configuring-github-desktop/configuring-and-customizing-github-desktop/configuring-git-for-github-desktop.md
@@ -1,16 +1,22 @@
 ---
 title: Configuring Git for GitHub Desktop
 shortTitle: Configuring Git
-intro: 'If you don''t already have Git installed, you must configure it before using GitHub Desktop.'
+intro: 'You can manage Git configuration settings for your local repositories with {% data variables.product.prodname_desktop %}.'
 redirect_from:
  - /desktop/getting-started-with-github-desktop/configuring-git-for-github-desktop
  - /desktop/installing-and-configuring-github-desktop/configuring-git-for-github-desktop
 versions:
  fpt: '*'
 ---
-{% data variables.product.prodname_desktop %} uses the email address you set in your local Git configuration to connect commits with your account on {% data variables.product.product_name %}.
+## About Git configuration for {% data variables.product.prodname_desktop %}

-{% data reusables.desktop.update-email-address %}
+{% data variables.product.prodname_desktop %} uses your local Git configuration settings and provides the option to configure some of these settings, such as the global author information and the default branch that is used when creating a new repository.
+
+{% data variables.product.prodname_desktop %} allows you to set the name and email address you would like associated with the commits you make in your repositories. If your name and email address have already been set in the global Git configuration for your computer, {% data variables.product.prodname_desktop %} will detect and use those values. {% data variables.product.prodname_desktop %} also allows you to set a different name and email address for an individual repository. This is useful when you need to use a separate work email address for a specific repository.
+
+If the email address that has been set in your Git configuration does not match an email address associated with the {% data variables.product.product_name %} account you are currently logged in to, {% data variables.product.prodname_desktop %} will show a warning prior to committing.
+
+{% data variables.product.prodname_desktop %} also allows you to change the default branch name that you would like to use when creating new repositories. By default, {% data variables.product.prodname_desktop %} uses `main` as the default branch name in any new repositories you create.

 {% tip %}

@@ -18,20 +24,19 @@ versions:

 {% endtip %}

+## Configuring your global author information
+
+Configuring your global author information in {% data variables.product.prodname_desktop %} will update the name and email address in your global Git configuration. This will be the default name and email address for all new local repositories you create in {% data variables.product.prodname_desktop %}.
+
 {% mac %}

-{% data reusables.desktop.sign-in-choose-product %}
-{% data reusables.user-settings.access_settings %}
-{% data reusables.user-settings.emails %}
-{% data reusables.desktop.copy-email-git-config %}
-{% data reusables.desktop.return-to-desktop %}
 {% data reusables.desktop.mac-select-desktop-menu %}
 7. In the Preferences window, click **Git**.
  ![The Git Pane in the Preferences menu](/assets/images/help/desktop/mac-select-git-pane.png)
 {% data reusables.desktop.name-field-git-config %}
  ![The name field of the Git configuration](/assets/images/help/desktop/mac-name-git-config.png)
-{% data reusables.desktop.paste-email-git-config %}
-  ![Pasted email address in Git configuration field](/assets/images/help/desktop/mac-email-git-config.png)
+{% data reusables.desktop.select-email-git-config %}
+  ![Select email address in Git configuration field](/assets/images/help/desktop/mac-email-git-config.png)
 {% data reusables.desktop.click-save-git-config %}
  ![Save button in Git configuration field](/assets/images/help/desktop/mac-save-git-config.png)

@@ -39,24 +44,75 @@ versions:

 {% windows %}

-{% data reusables.desktop.sign-in-choose-product %}
-{% data reusables.user-settings.access_settings %}
-{% data reusables.user-settings.emails %}
-{% data reusables.desktop.copy-email-git-config %}
-{% data reusables.desktop.return-to-desktop %}
 {% data reusables.desktop.windows-choose-options %}
 8. In the Options window, click **Git**.
 ![The Git Pane in the Options menu](/assets/images/help/desktop/windows-select-git-pane.png)
 {% data reusables.desktop.name-field-git-config %}
  ![The name field of the Git configuration](/assets/images/help/desktop/windows-name-git-config.png)
-{% data reusables.desktop.paste-email-git-config %}
-  ![Pasted email address in Git configuration field](/assets/images/help/desktop/windows-email-git-config.png)
+{% data reusables.desktop.select-email-git-config %}
+  ![Select email address in Git configuration field](/assets/images/help/desktop/windows-email-git-config.png)
 {% data reusables.desktop.click-save-git-config %}
  ![Save button in Git configuration field](/assets/images/help/desktop/windows-save-git-config.png)

 {% endwindows %}

+## Configuring different author information for an individual repository
+
+You can change the name and email address used to author commits in a specific repository. This local Git configuration will override your global Git configuration settings for this one repository only.
+
+{% mac %}
+
+{% data reusables.desktop.mac-repository-settings-menu %}
+{% data reusables.desktop.select-git-config %}
+{% data reusables.desktop.use-local-git-config %}
+{% data reusables.desktop.local-config-name %}
+{% data reusables.desktop.local-config-email %}
+{% data reusables.desktop.repository-settings-save %}
+
+{% endmac %}
+
+{% windows %}
+
+{% data reusables.desktop.windows-repository-settings-menu %}
+{% data reusables.desktop.select-git-config %}
+{% data reusables.desktop.use-local-git-config %}
+{% data reusables.desktop.local-config-name %}
+{% data reusables.desktop.local-config-email %}
+{% data reusables.desktop.repository-settings-save %}
+
+{% endwindows %}
+
+
+## Configuring your default branch for new repositories
+
+You can configure the default branch that will be used when you create a new repository in {% data variables.product.prodname_desktop %}. For more information about the default branch, see "[About the default branch](/github/collaborating-with-issues-and-pull-requests/about-branches#about-the-default-branch)."
+
+{% mac %}
+
+{% data reusables.desktop.mac-select-desktop-menu %}
+1. In the Preferences window, click **Git**.
+  ![The Git Pane in the Preferences menu](/assets/images/help/desktop/mac-select-git-pane.png)
+1. Under "Default branch name for new repositories", select the default branch name you would like to use, or, to enter a custom name, select "Other...".
+  ![Default branch name selection options](/assets/images/help/desktop/mac-select-default-branch-name.png)
+{% data reusables.desktop.click-save-git-config %}
+  ![Save button in Git configuration field](/assets/images/help/desktop/repository-settings-git-config-save.png)
+
+{% endmac %}
+
+{% windows %}
+
+{% data reusables.desktop.windows-choose-options %}
+1. In the Options window, click **Git**.
+  ![The Git Pane in the Options menu](/assets/images/help/desktop/windows-select-git-pane.png)
+1. Under "Default branch name for new repositories", select the default branch name you would like to use, or select "Other..." to enter a custom name.
+  ![Default branch name selection options](/assets/images/help/desktop/windows-select-default-branch-name.png)
+{% data reusables.desktop.click-save-git-config %}
+  ![Save button in Git configuration field](/assets/images/help/desktop/repository-settings-git-config-save.png)
+
+{% endwindows %}
+
 ## Further reading

 - "[Adding an email address to your GitHub account](/articles/adding-an-email-address-to-your-github-account/)"
 - "[Setting your commit email address](/articles/setting-your-commit-email-address/)"
+- "[About branches](/github/collaborating-with-issues-and-pull-requests/about-branches)"
--- a/content/developers/apps/getting-started-with-apps/differences-between-github-apps-and-oauth-apps.md
+++ b/content/developers/apps/getting-started-with-apps/differences-between-github-apps-and-oauth-apps.md
@@ -92,6 +92,7 @@ Unlike OAuth apps, GitHub Apps have targeted permissions that allow them to requ
 | ----- | ----------- |
 | By default, GitHub Apps have a single webhook that receives the events they are configured to receive for every repository they have access to. | OAuth Apps request the webhook scope to create a repository webhook for each repository they need to receive events from. |
 | GitHub Apps receive certain organization-level events with the organization member's permission. | OAuth Apps request the organization webhook scope to create an organization webhook for each organization they need to receive organization-level events from. |
+| Webhooks are automatically disabled when the GitHub App is uninstalled. | Webhooks are not automatically disabled if an OAuth App's access token is deleted, and there is no way to clean them up automatically. You will have to ask users to do this manually.|

 ## Git access

--- a/content/developers/overview/managing-deploy-keys.md
+++ b/content/developers/overview/managing-deploy-keys.md
@@ -4,6 +4,9 @@ intro: Learn different ways to manage SSH keys on your servers when you automate
 redirect_from:
  - /guides/managing-deploy-keys
  - /v3/guides/managing-deploy-keys
+  - /deploy-keys
+  - /articles/managing-deploy-keys
+  - /multiple-keys
 versions:
  fpt: '*'
  ghes: '*'
@@ -79,7 +82,7 @@ See [our guide on creating a personal access token](/authentication/keeping-your

 #### Setup

-1. [Run the `ssh-keygen` procedure][generating-ssh-keys] on your server, and remember where you save the generated public and private rsa key pair key pair.
+1. [Run the `ssh-keygen` procedure][generating-ssh-keys] on your server, and remember where you save the generated public and private rsa key pair.
 2. In the upper-right corner of any {% data variables.product.product_name %} page, click your profile photo, then click **Your profile**. ![Navigation to profile](/assets/images/profile-page.png)
 3. On your profile page, click **Repositories**, then click the name of your repository. ![Repositories link](/assets/images/repos.png)
 4. From your repository, click **Settings**. ![Repository settings](/assets/images/repo-settings.png)
--- a/content/developers/overview/using-ssh-agent-forwarding.md
+++ b/content/developers/overview/using-ssh-agent-forwarding.md
@@ -4,6 +4,7 @@ intro: 'To simplify deploying to a server, you can set up SSH agent forwarding t
 redirect_from:
  - /guides/using-ssh-agent-forwarding
  - /v3/guides/using-ssh-agent-forwarding
+  - /articles/using-ssh-agent-forwarding
 versions:
  fpt: '*'
  ghes: '*'
--- a/content/developers/webhooks-and-events/events/github-event-types.md
+++ b/content/developers/webhooks-and-events/events/github-event-types.md
@@ -38,6 +38,14 @@ The event objects returned from the Events API endpoints have the same structure
 | `repo.name` | The name of the repository, which includes the owner and repository name. For example, `octocat/hello-world` is the name of the `hello-world` repository owned by the `octocat` personal account. |
 | `repo.url` | The REST API URL used to retrieve the repository object, which includes additional repository information. |
 | `payload` | The event payload object is unique to the event type. See the event type below for the event API `payload` object. |
+| `public` | Whether the event is visible to all users. |
+| `created_at` | The date and time when the event was triggered. It is formatted according to ISO 8601. |
+| `org` | The organization that was chosen by the actor to perform action that triggers the event.<br />_The property appears in the event object only if it is applicable._ |
+| `org.id` | The unique identifier for the organization. |
+| `org.login` | The name of the organization. |
+| `org.gravatar_id` | The unique identifier of the Gravatar profile for the organization. |
+| `org.url` | The REST API URL used to retrieve the organization object, which includes additional organization information. |
+| `org.avatar_url` | The URL of the organization's profile image. |

 ### Example WatchEvent event object

--- a/content/developers/webhooks-and-events/webhooks/testing-webhooks.md
+++ b/content/developers/webhooks-and-events/webhooks/testing-webhooks.md
@@ -4,6 +4,7 @@ intro: 'Review your webhook deliveries on {% data variables.product.prodname_dot
 redirect_from:
  - /webhooks/testing
  - /developers/webhooks-and-events/testing-webhooks
+  - /articles/testing-webhooks
 versions:
  fpt: '*'
  ghes: '*'
--- a/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md
+++ b/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md
@@ -965,6 +965,40 @@ Key | Type | Description

 {{ webhookPayloadsForCurrentVersion.project_column.created }}

+{% if project-beta-webhooks %}
+
+## projects_v2_item
+
+{% note %}
+
+**Note:** Webhook events for Projects (beta) are currently in beta and subject to change. To share feedback about Projects (beta) webhooks with {% data variables.product.product_name %}, see the [Projects (beta) webhook feedback discussion](https://github.com/github/feedback/discussions/17405).
+
+{% endnote %}
+
+Activity related to items in a Projects (beta) project. {% data reusables.webhooks.action_type_desc %} For more information, see "[About projects (beta)](/issues/trying-out-the-new-projects-experience/about-projects)."
+
+### Availability
+
+- Organization webhooks
+- {% data variables.product.prodname_github_apps %} with the `organization_projects` permission
+
+### Webhook payload object
+
+Key | Type | Description
+----|------|-------------
+`action`|`string` | The action that was performed on the project item. Can be one of `archived`, `converted`, `created`, `edited`, `restored`, `deleted`, or `reordered`.
+`projects_v2_item`|`object` | The project item itself. To find more information about the project item, you can use `node_id` (the node ID of the project item) and `project_node_id` (the node ID of the project) to query information in the GraphQL API. For more information, see "[Using the API to manage projects (beta)](/issues/trying-out-the-new-projects-experience/using-the-api-to-manage-projects)."
+`changes`|`object` | The changes to the project item.
+{% data reusables.webhooks.org_desc %}
+{% data reusables.webhooks.app_desc %}
+{% data reusables.webhooks.sender_desc %}
+
+### Webhook payload example
+
+{{ webhookPayloadsForCurrentVersion.projects_v2_item.created }}
+
+{% endif %}
+
 ## public

 {% data reusables.webhooks.public_short_desc %}
--- a/Show More
+++ b/Show More