Codespaces: change 'encrypted secrets' to 'secrets' (#41416)

content/actions/automating-builds-and-tests/about-continuous-integration.md

@@ -50,8 +50,8 @@ For a definition of common terms, see "[AUTOTITLE](/actions/learn-github-actions
 
 Browse the complete list of CI starter workflow offered by {% data variables.product.company_short %} in the {% ifversion fpt or ghec %}[actions/starter-workflows](https://github.com/actions/starter-workflows/tree/main/ci) repository{% else %} `actions/starter-workflows` repository on {% data variables.location.product_location %}{% endif %}.
 
+{% ifversion fpt or ghec %}
 ## Further reading
 
-{% ifversion fpt or ghec %}
 - "[AUTOTITLE](/billing/managing-billing-for-github-actions)"
 {% endif %}

content/actions/automating-builds-and-tests/building-and-testing-nodejs.md

@@ -206,7 +206,7 @@ steps:
 
 {% data reusables.actions.setup-node-intro %}
 
-To authenticate to your private registry, you'll need to store your npm authentication token as a secret. For example, create a repository secret called `NPM_TOKEN`. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+To authenticate to your private registry, you'll need to store your npm authentication token as a secret. For example, create a repository secret called `NPM_TOKEN`. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 In the example below, the secret `NPM_TOKEN` stores the npm authentication token. The `setup-node` action configures the _.npmrc_ file to read the npm authentication token from the `NODE_AUTH_TOKEN` environment variable. When using the `setup-node` action to create an _.npmrc_ file, you must set the `NODE_AUTH_TOKEN` environment variable with the secret that contains your npm authentication token.
 

content/actions/automating-builds-and-tests/building-and-testing-powershell.md

@@ -227,7 +227,7 @@ The `always()` function configures the job to continue processing even if there
 
 ## Publishing to PowerShell Gallery
 
-You can configure your workflow to publish your PowerShell module to the PowerShell Gallery when your CI tests pass. You can use secrets to store any tokens or credentials needed to publish your package. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+You can configure your workflow to publish your PowerShell module to the PowerShell Gallery when your CI tests pass. You can use secrets to store any tokens or credentials needed to publish your package. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 The following example creates a package and uses `Publish-Module` to publish it to the PowerShell Gallery:
 

content/actions/automating-builds-and-tests/building-and-testing-python.md

@@ -377,7 +377,7 @@ jobs:
 
 You can configure your workflow to publish your Python package to a package registry once your CI tests pass. This section demonstrates how you can use {% data variables.product.prodname_actions %} to upload your package to PyPI each time you [publish a release](/repositories/releasing-projects-on-github/managing-releases-in-a-repository).
 
-For this example, you will need to create two [PyPI API tokens](https://pypi.org/help/#apitoken). You can use secrets to store the access tokens or credentials needed to publish your package. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+For this example, you will need to create two [PyPI API tokens](https://pypi.org/help/#apitoken). You can use secrets to store the access tokens or credentials needed to publish your package. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ```yaml copy
 {% data reusables.actions.actions-not-certified-by-github-comment %}

content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md

@@ -75,7 +75,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
 
 1. Create {% data variables.product.prodname_actions %} secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to store the values for your Amazon IAM access key.
 
-   For more information on creating secrets for {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository)."
+   For more information on creating secrets for {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)."
 
    See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials.
 

content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md

@@ -66,7 +66,7 @@ $ gcloud services enable \
 
 ### Configuring a service account and storing its credentials
 
-This procedure demonstrates how to create the service account for your GKE integration. It explains how to create the account, add roles to it, retrieve its keys, and store them as a base64-encoded encrypted repository secret named `GKE_SA_KEY`.
+This procedure demonstrates how to create the service account for your GKE integration. It explains how to create the account, add roles to it, retrieve its keys, and store them as a base64-encoded {% ifversion fpt or ghec %}encrypted {% endif %}repository secret named `GKE_SA_KEY`.
 
 1. Create a new service account:
 
@@ -112,11 +112,11 @@ This procedure demonstrates how to create the service account for your GKE integ
    export GKE_SA_KEY=$(cat key.json | base64)
    ```
 
-   For more information about how to store a secret, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about how to store a secret, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ### Storing your project name
 
-Store the name of your project as a secret named `GKE_PROJECT`. For more information about how to store a secret, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+Store the name of your project as a secret named `GKE_PROJECT`. For more information about how to store a secret, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ### (Optional) Configuring kustomize
 

content/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development.md

@@ -35,7 +35,7 @@ You should have an understanding of Xcode app building and signing. For more inf
 
 The signing process involves storing certificates and provisioning profiles, transferring them to the runner, importing them to the runner's keychain, and using them in your build.
 
-To use your certificate and provisioning profile on a runner, we strongly recommend that you use {% data variables.product.prodname_dotcom %} secrets. For more information on creating secrets and using them in a workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+To use your certificate and provisioning profile on a runner, we strongly recommend that you use {% data variables.product.prodname_dotcom %} secrets. For more information on creating secrets and using them in a workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 Create secrets in your repository or organization for the following items:
 

content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md

@@ -125,7 +125,7 @@ Once custom deployment protection rules have been created and installed on a rep
 
 ## Environment secrets
 
-Secrets stored in an environment are only available to workflow jobs that reference the environment. If the environment requires approval, a job cannot access environment secrets until one of the required reviewers approves it. For more information about secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+Secrets stored in an environment are only available to workflow jobs that reference the environment. If the environment requires approval, a job cannot access environment secrets until one of the required reviewers approves it. For more information about secrets, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 {% ifversion fpt %}
 {% note %}

content/actions/examples/using-the-github-cli-on-a-runner.md

@@ -76,7 +76,7 @@ jobs:
     if: github.repository == 'github/docs-internal'
     # Configures the job to run on an Ubuntu Linux runner. This means that the job will execute on a fresh virtual machine hosted by {% data variables.product.prodname_dotcom %}. For syntax examples using other runners, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on)."
     runs-on: ubuntu-latest
-    # Creates custom environment variables, and redefines the built-in `GITHUB_TOKEN` variable to use a custom [secret](/actions/security-guides/encrypted-secrets). These variables will be referenced later in the workflow.
+    # Creates custom environment variables, and redefines the built-in `GITHUB_TOKEN` variable to use a custom [secret](/actions/security-guides/using-secrets-in-github-actions). These variables will be referenced later in the workflow.
     env:
       GITHUB_TOKEN: {% raw %}${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}{% endraw %}
       FIRST_RESPONDER_PROJECT: Docs content first responder

content/actions/index.md

@@ -25,7 +25,7 @@ featuredLinks:
     - /actions/learn-github-actions/contexts
     - /actions/learn-github-actions/expressions
     - /actions/learn-github-actions/variables
-    - /actions/security-guides/encrypted-secrets
+    - /actions/security-guides/using-secrets-in-github-actions
 changelog:
   label: actions
 redirect_from:

content/actions/learn-github-actions/contexts.md

@@ -622,7 +622,7 @@ jobs:
 
 ## `secrets` context
 
-The `secrets` context contains the names and values of secrets that are available to a workflow run. The `secrets` context is not available for composite actions due to security reasons. If you want to pass a secret to a composite action, you need to do it explicitly as an input. For more information about secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+The `secrets` context contains the names and values of secrets that are available to a workflow run. The `secrets` context is not available for composite actions due to security reasons. If you want to pass a secret to a composite action, you need to do it explicitly as an input. For more information about secrets, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 `GITHUB_TOKEN` is a secret that is automatically created for every workflow run, and is always included in the `secrets` context. For more information, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)."
 

content/actions/learn-github-actions/variables.md

@@ -31,7 +31,7 @@ You can set a custom variable in two ways.
 
 {% warning %}
 
-**Warning:** By default, variables render unmasked in your build outputs. If you need greater security for sensitive information, such as passwords, use encrypted secrets instead. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)".
+**Warning:** By default, variables render unmasked in your build outputs. If you need greater security for sensitive information, such as passwords, use secrets instead. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)".
 
 {% endwarning %}
 

content/actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards.md

@@ -57,7 +57,7 @@ In the tutorial, you will first make a workflow file that uses the [`alex-page/g
    - Change the value for `column` to the name of the column where you want issues to move when they are assigned.
    - Change the value for `repo-token`:
      1. Create a {% data variables.product.pat_v1 %} with the `repo` scope. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."
-     1. Store this {% data variables.product.pat_generic %} as a secret in your repository. For more information about storing secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+     1. Store this {% data variables.product.pat_generic %} as a secret in your repository. For more information about storing secrets, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
      1. In your workflow file, replace `PERSONAL_ACCESS_TOKEN` with the name of your secret.
 1. {% data reusables.actions.commit-workflow %}
 

content/actions/migrating-to-github-actions/automated-migrations/extending-github-actions-importer-with-custom-transformers.md

@@ -156,7 +156,7 @@ There are several ways you can set up custom transformers to map your environmen
   env "MONALISA", secret("OCTOCAT")
   ```
 
-  This will set up a reference to a secret named `OCTOCAT` in the transformed workflow. For the secret to work, you will need to create the secret in your GitHub repository. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository)."
+  This will set up a reference to a secret named `OCTOCAT` in the transformed workflow. For the secret to work, you will need to create the secret in your GitHub repository. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)."
 
 - You can also use regular expressions to update the values of multiple environment variables at once. For example, the following custom transformer removes all environment variables from the converted workflow:
 

content/actions/migrating-to-github-actions/manually-migrating-to-github-actions/migrating-from-circleci-to-github-actions.md

@@ -75,7 +75,7 @@ For more information about the tools and packages available on {% data variables
 
 CircleCI and {% data variables.product.prodname_actions %} support setting variables in the configuration file and creating secrets using the CircleCI or {% data variables.product.product_name %} UI.
 
-For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables)" and "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables)" and "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## Caching
 

content/actions/migrating-to-github-actions/manually-migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions.md

@@ -269,7 +269,7 @@ For more information, see "[AUTOTITLE](/actions/using-workflows/events-that-trig
 
 GitLab CI/CD and {% data variables.product.prodname_actions %} support setting variables in the pipeline or workflow configuration file, and creating secrets using the GitLab or {% data variables.product.product_name %} UI.
 
-For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables)" and "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables)" and "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## Caching
 

content/actions/migrating-to-github-actions/manually-migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md

@@ -168,7 +168,7 @@ When migrating from Travis CI, consider the following key features in {% data va
 
 ### Storing secrets
 
-{% data variables.product.prodname_actions %} allows you to store secrets and reference them in your jobs. {% data variables.product.prodname_actions %} organizations can limit which repositories can access organization secrets. Deployment protection rules can require manual approval for a workflow to access environment secrets. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+{% data variables.product.prodname_actions %} allows you to store secrets and reference them in your jobs. {% data variables.product.prodname_actions %} organizations can limit which repositories can access organization secrets. Deployment protection rules can require manual approval for a workflow to access environment secrets. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ### Sharing files between jobs and workflows
 

content/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging.md

@@ -19,7 +19,7 @@ These extra logs are enabled by setting secrets{% ifversion actions-configuratio
 - {% data reusables.actions.permissions-statement-secrets-environment %}
 - {% data reusables.actions.permissions-statement-secrets-and-variables-organization %}
 
-For more information on setting secrets{% ifversion actions-configuration-variables %} and variables, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)" and "[AUTOTITLE](/actions/learn-github-actions/variables)."{% else %}, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."{% endif %}
+For more information on setting secrets{% ifversion actions-configuration-variables %} and variables, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)" and "[AUTOTITLE](/actions/learn-github-actions/variables)."{% else %}, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."{% endif %}
 
 {% ifversion debug-reruns %}
 

content/actions/publishing-packages/publishing-docker-images.md

@@ -36,7 +36,7 @@ We recommend that you have a basic understanding of workflow configuration optio
 
 You might also find it helpful to have a basic understanding of the following:
 
-- "[AUTOTITLE](/actions/security-guides/encrypted-secrets)"
+- "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)"
 - "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)"{% ifversion fpt or ghec %}
 - "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-container-registry)"{% else %}
 - "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-docker-registry)"{% endif %}
@@ -64,7 +64,7 @@ In the example workflow below, we use the Docker `login-action` and `build-push-
 To push to Docker Hub, you will need to have a Docker Hub account, and have a Docker Hub repository created. For more information, see "[Pushing a Docker container image to Docker Hub](https://docs.docker.com/docker-hub/repos/#pushing-a-docker-container-image-to-docker-hub)" in the Docker documentation.
 
 The `login-action` options required for Docker Hub are:
-- `username` and `password`: This is your Docker Hub username and password. We recommend storing your Docker Hub username and password as secrets so they aren't exposed in your workflow file. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+- `username` and `password`: This is your Docker Hub username and password. We recommend storing your Docker Hub username and password as secrets so they aren't exposed in your workflow file. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 The `metadata-action` option required for Docker Hub is:
 - `images`: The namespace and name for the Docker image you are building/pushing to Docker Hub.

content/actions/publishing-packages/publishing-java-packages-with-gradle.md

@@ -34,7 +34,7 @@ You may also find it helpful to have a basic understanding of the following:
 
 - "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)"
 - "[AUTOTITLE](/actions/learn-github-actions/variables)"
-- "[AUTOTITLE](/actions/security-guides/encrypted-secrets)"
+- "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)"
 - "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)"
 
 ## About package configuration
@@ -75,7 +75,7 @@ publishing {
 
 {% endraw %}
 
-With this configuration, you can create a workflow that publishes your package to the Maven Central Repository by running the `gradle publish` command. In the deploy step, you’ll need to set environment variables for the username and password or token that you use to authenticate to the Maven repository. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+With this configuration, you can create a workflow that publishes your package to the Maven Central Repository by running the `gradle publish` command. In the deploy step, you’ll need to set environment variables for the username and password or token that you use to authenticate to the Maven repository. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ```yaml copy
 
@@ -111,7 +111,7 @@ jobs:
 {% data reusables.actions.gradle-workflow-steps %}
 1. Runs the [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) action with the `publish` argument to publish to the `OSSRH` Maven repository. The `MAVEN_USERNAME` environment variable will be set with the contents of your `OSSRH_USERNAME` secret, and the `MAVEN_PASSWORD` environment variable will be set with the contents of your `OSSRH_TOKEN` secret.
 
-   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## Publishing packages to {% data variables.product.prodname_registry %}
 
@@ -186,7 +186,7 @@ jobs:
 {% data reusables.actions.gradle-workflow-steps %}
 1. Runs the [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) action with the `publish` argument to publish to {% data variables.product.prodname_registry %}. The `GITHUB_TOKEN` environment variable will be set with the content of the `GITHUB_TOKEN` secret. The `permissions` key specifies the access that the `GITHUB_TOKEN` secret will allow.
 
-   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## Publishing packages to the Maven Central Repository and {% data variables.product.prodname_registry %}
 
@@ -272,4 +272,4 @@ jobs:
 {% data reusables.actions.gradle-workflow-steps %}
 1. Runs the [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) action with the `publish` argument to publish to the `OSSRH` Maven repository and {% data variables.product.prodname_registry %}. The `MAVEN_USERNAME` environment variable will be set with the contents of your `OSSRH_USERNAME` secret, and the `MAVEN_PASSWORD` environment variable will be set with the contents of your `OSSRH_TOKEN` secret. The `GITHUB_TOKEN` environment variable will be set with the content of the `GITHUB_TOKEN` secret. The `permissions` key specifies the access that the `GITHUB_TOKEN` secret will allow.
 
-   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."

content/actions/publishing-packages/publishing-java-packages-with-maven.md

@@ -34,7 +34,7 @@ You may also find it helpful to have a basic understanding of the following:
 
 - "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)"
 - "[AUTOTITLE](/actions/learn-github-actions/variables)"
-- "[AUTOTITLE](/actions/security-guides/encrypted-secrets)"
+- "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)"
 - "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)"
 
 ## About package configuration
@@ -72,7 +72,7 @@ For example, if you were deploying to the Maven Central Repository through the O
 
 With this configuration, you can create a workflow that publishes your package to the Maven Central Repository by specifying the repository management `id` to the `setup-java` action. You’ll also need to provide environment variables that contain the username and password to authenticate to the repository.
 
-In the deploy step, you’ll need to set the environment variables to the username that you authenticate with to the repository, and to a secret that you’ve configured with the password or token to authenticate with.  For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+In the deploy step, you’ll need to set the environment variables to the username that you authenticate with to the repository, and to a secret that you’ve configured with the password or token to authenticate with.  For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ```yaml copy
 name: Publish package to the Maven Central Repository
@@ -105,7 +105,7 @@ This workflow performs the following steps:
 1. Sets up the Java JDK, and also configures the Maven _settings.xml_ file to add authentication for the `ossrh` repository using the `MAVEN_USERNAME` and `MAVEN_PASSWORD` environment variables.
 1. {% data reusables.actions.publish-to-maven-workflow-step %}
 
-   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## Publishing packages to {% data variables.product.prodname_registry %}
 
@@ -167,7 +167,7 @@ This workflow performs the following steps:
 1. Sets up the Java JDK, and also automatically configures the Maven _settings.xml_ file to add authentication for the `github` Maven repository to use the `GITHUB_TOKEN` environment variable.
 1. {% data reusables.actions.publish-to-packages-workflow-step %}
 
-   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## Publishing packages to the Maven Central Repository and {% data variables.product.prodname_registry %}
 
@@ -222,4 +222,4 @@ This workflow performs the following steps:
 1. Calls `setup-java` the second time. This automatically configures the Maven _settings.xml_ file for {% data variables.product.prodname_registry %}.
 1. {% data reusables.actions.publish-to-packages-workflow-step %}
 
-   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+   For more information about using secrets in your workflow, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."

content/actions/publishing-packages/publishing-nodejs-packages.md

@@ -35,7 +35,7 @@ You may also find it helpful to have a basic understanding of the following:
 
 - "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)"
 - "[AUTOTITLE](/actions/learn-github-actions/variables)"
-- "[AUTOTITLE](/actions/security-guides/encrypted-secrets)"
+- "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)"
 - "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)"
 
 ## About package configuration
@@ -52,7 +52,7 @@ If you add steps in your workflow to configure the `publishConfig` fields in you
 
 You can trigger a workflow to publish your package every time you publish a new release. The process in the following example is executed when the release event of type `published` is triggered. If the CI tests pass, the process uploads the package to the npm registry. For more information, see "[AUTOTITLE](/repositories/releasing-projects-on-github/managing-releases-in-a-repository#creating-a-release)."
 
-To perform authenticated operations against the npm registry in your workflow, you'll need to store your npm authentication token as a secret. For example, create a repository secret called `NPM_TOKEN`. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+To perform authenticated operations against the npm registry in your workflow, you'll need to store your npm authentication token as a secret. For example, create a repository secret called `NPM_TOKEN`. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 By default, npm uses the `name` field of the `package.json` file to determine the name of your published package. When publishing to a global namespace, you only need to include the package name. For example, you would publish a package named `my-package` to `https://www.npmjs.com/package/my-package`.
 
@@ -114,7 +114,7 @@ If you do provide the `repository` key in your `package.json` file, then the rep
 
 To perform authenticated operations against the {% data variables.product.prodname_registry %} registry in your workflow, you can use the `GITHUB_TOKEN`. {% data reusables.actions.github-token-permissions %}
 
-If you want to publish your package to a different repository, you must use a {% data variables.product.pat_v1 %} that has permission to write to packages in the destination repository. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+If you want to publish your package to a different repository, you must use a {% data variables.product.pat_v1 %} that has permission to write to packages in the destination repository. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ### Example workflow
 

content/actions/security-guides/automatic-token-authentication.md

@@ -127,7 +127,7 @@ The permissions for the `GITHUB_TOKEN` are initially set to the default setting
 
 ### Granting additional permissions
 
-If you need a token that requires permissions that aren't available in the `GITHUB_TOKEN`, you can create a {% data variables.product.prodname_github_app %} and generate an installation access token within your workflow. For more information, see "[AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow)." Alternatively, you can create a {% data variables.product.pat_generic %}, store it as a secret in your repository, and use the token in your workflow with the {%raw%}`${{ secrets.SECRET_NAME }}`{% endraw %} syntax. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+If you need a token that requires permissions that aren't available in the `GITHUB_TOKEN`, you can create a {% data variables.product.prodname_github_app %} and generate an installation access token within your workflow. For more information, see "[AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow)." Alternatively, you can create a {% data variables.product.pat_generic %}, store it as a secret in your repository, and use the token in your workflow with the {%raw%}`${{ secrets.SECRET_NAME }}`{% endraw %} syntax. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ### Further reading
 

content/actions/security-guides/index.md

@@ -9,7 +9,7 @@ versions:
   ghec: '*'
 children:
   - /security-hardening-for-github-actions
-  - /encrypted-secrets
+  - /using-secrets-in-github-actions
   - /automatic-token-authentication
 ---
 

content/actions/security-guides/security-hardening-for-github-actions.md

@@ -23,9 +23,11 @@ This guide explains how to configure security hardening for certain {% data vari
 
 ## Using secrets
 
-Sensitive values should never be stored as plaintext in workflow files, but rather as secrets. [Secrets](/actions/security-guides/encrypted-secrets) can be configured at the organization, repository, or environment level, and allow you to store sensitive information in {% data variables.product.product_name %}.
+Sensitive values should never be stored as plaintext in workflow files, but rather as secrets. [Secrets](/actions/security-guides/using-secrets-in-github-actions) can be configured at the organization, repository, or environment level, and allow you to store sensitive information in {% data variables.product.product_name %}.
 
-Secrets use [Libsodium sealed boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes), so that they are encrypted before reaching {% data variables.product.product_name %}. This occurs when the secret is submitted [using the UI](/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository) or through the [REST API](/rest/actions#secrets). This client-side encryption helps minimize the risks related to accidental logging (for example, exception logs and request logs, among others) within {% data variables.product.product_name %}'s infrastructure. Once the secret is uploaded, {% data variables.product.product_name %} is then able to decrypt it so that it can be injected into the workflow runtime.
+{% ifversion fpt or ghec %}
+Secrets use [Libsodium sealed boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes), so that they are encrypted before reaching {% data variables.product.product_name %}. This occurs when the secret is submitted [using the UI](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) or through the [REST API](/rest/actions#secrets). This client-side encryption helps minimize the risks related to accidental logging (for example, exception logs and request logs, among others) within {% data variables.product.product_name %}'s infrastructure. Once the secret is uploaded, {% data variables.product.product_name %} is then able to decrypt it so that it can be injected into the workflow runtime.
+{% endif %}
 
 To help prevent accidental disclosure, {% data variables.product.product_name %} uses a mechanism that attempts to redact any secrets that appear in run logs. This redaction looks for exact matches of any configured secrets, as well as common encodings of the values, such as Base64. However, because there are multiple ways a secret value can be transformed, this redaction is not guaranteed. As a result, there are certain proactive steps and good practices you should follow to help ensure secrets are redacted, and to limit other risks associated with secrets:
 
@@ -44,7 +46,7 @@ To help prevent accidental disclosure, {% data variables.product.product_name %}
   - Periodically review the registered secrets to confirm they are still required. Remove those that are no longer needed.
   - Rotate secrets periodically to reduce the window of time during which a compromised secret is valid.
 - **Consider requiring review for access to secrets**
-  - You can use required reviewers to protect environment secrets. A workflow job cannot access environment secrets until approval is granted by a reviewer. For more information about storing secrets in environments or requiring reviews for environments, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)" and "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment)."
+  - You can use required reviewers to protect environment secrets. A workflow job cannot access environment secrets until approval is granted by a reviewer. For more information about storing secrets in environments or requiring reviews for environments, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)" and "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment)."
 
 {% warning %}
 
@@ -267,7 +269,7 @@ Although {% data variables.product.prodname_actions %} scrubs secrets from memor
 
 ### Exfiltrating data from a runner
 
-An attacker can exfiltrate any stolen secrets or other data from the runner. To help prevent accidental secret disclosure, {% data variables.product.prodname_actions %} [automatically redact secrets printed to the log](/actions/security-guides/encrypted-secrets#accessing-your-secrets), but this is not a true security boundary because secrets can be intentionally sent to the log. For example, obfuscated secrets can be exfiltrated using `echo ${SOME_SECRET:0:4}; echo ${SOME_SECRET:4:200};`. In addition, since the attacker may run arbitrary commands, they could use HTTP requests to send secrets or other repository data to an external server.
+An attacker can exfiltrate any stolen secrets or other data from the runner. To help prevent accidental secret disclosure, {% data variables.product.prodname_actions %} [automatically redact secrets printed to the log](/actions/security-guides/using-secrets-in-github-actions#accessing-your-secrets), but this is not a true security boundary because secrets can be intentionally sent to the log. For example, obfuscated secrets can be exfiltrated using `echo ${SOME_SECRET:0:4}; echo ${SOME_SECRET:4:200};`. In addition, since the attacker may run arbitrary commands, they could use HTTP requests to send secrets or other repository data to an external server.
 
 ### Stealing the job's `GITHUB_TOKEN`
 

content/actions/security-guides/using-secrets-in-github-actions.md

@@ -1,6 +1,7 @@
 ---
-title: Encrypted secrets
+title: Using secrets in GitHub Actions
-intro: 'Encrypted secrets allow you to store sensitive information in your organization{% ifversion fpt or ghes or ghec %}, repository, or repository environments{% else %} or repository{% endif %}.'
+shortTitle: Using secrets
+intro: 'Secrets allow you to store sensitive information in your organization{% ifversion fpt or ghes or ghec %}, repository, or repository environments{% else %} or repository{% endif %}.'
 redirect_from:
   - /github/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets
   - /actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets
@@ -8,6 +9,7 @@ redirect_from:
   - /actions/configuring-and-managing-workflows/using-variables-and-secrets-in-a-workflow
   - /actions/reference/encrypted-secrets
   - /actions/managing-workflows/storing-secrets
+  - /actions/security-guides/encrypted-secrets
 versions:
   fpt: '*'
   ghes: '*'
@@ -17,7 +19,7 @@ versions:
  
 {% data reusables.actions.enterprise-github-hosted-runners %}
 
-## About encrypted secrets
+## About secrets
 
 Secrets are variables that you create in an organization, repository, or repository environment. The secrets that you create are available to use in {% data variables.product.prodname_actions %} workflows. {% data variables.product.prodname_actions %} can only read a secret if you explicitly include the secret in a workflow.
 
@@ -51,7 +53,7 @@ To help ensure that {% data variables.product.prodname_dotcom %} redacts your se
 
 To make a secret available to an action, you must set the secret as an input or environment variable in the workflow file. Review the action's README file to learn about which inputs and environment variables the action expects. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsenv)."
 
-You can use and read encrypted secrets in a workflow file if you have access to edit the file. For more information, see "[AUTOTITLE](/get-started/learning-about-github/access-permissions-on-github)."
+You can use and read secrets in a workflow file if you have access to edit the file. For more information, see "[AUTOTITLE](/get-started/learning-about-github/access-permissions-on-github)."
 
 {% data reusables.actions.secrets-redaction-warning %}
 
@@ -73,7 +75,7 @@ Instead of using a {% data variables.product.pat_generic %}, consider using a {%
 
 {% endnote %}
 
-## Creating encrypted secrets for a repository
+## Creating secrets for a repository
 
 {% data reusables.actions.permissions-statement-secrets-variables-repository %}
 
@@ -114,7 +116,7 @@ To list all secrets for the repository, use the `gh secret list` subcommand.
 
 {% endcli %}
 
-## Creating encrypted secrets for an environment
+## Creating secrets for an environment
 
 {% data reusables.actions.permissions-statement-secrets-environment %}
 
@@ -147,7 +149,7 @@ gh secret list --env ENV_NAME
 
 {% endcli %}
 
-## Creating encrypted secrets for an organization
+## Creating secrets for an organization
 
 {% data reusables.actions.actions-secrets-variables-repository-access %}
 
@@ -217,7 +219,7 @@ You can check which access policies are being applied to a secret in your organi
 {% data reusables.actions.sidebar-secrets-and-variables %}
 1. The list of secrets includes any configured permissions and policies. For more details about the configured permissions for each secret, click **Update**.
 
-## Using encrypted secrets in a workflow
+## Using secrets in a workflow
 
 {% note %}
 
@@ -311,7 +313,7 @@ Secrets are limited to 48 KB in size. To store larger secrets, see the "[Storing
 
 ### Storing large secrets
 
-To use secrets that are larger than 48 KB, you can use a workaround to store encrypted secrets in your repository and save the decryption passphrase as a secret on {% data variables.product.prodname_dotcom %}. For example, you can use `gpg` to encrypt a file containing your secret locally before checking the encrypted file in to your repository on {% data variables.product.prodname_dotcom %}. For more information, see the "[gpg manpage](https://www.gnupg.org/gph/de/manual/r1023.html)."
+To use secrets that are larger than 48 KB, you can use a workaround to store secrets in your repository and save the decryption passphrase as a secret on {% data variables.product.prodname_dotcom %}. For example, you can use `gpg` to encrypt a file containing your secret locally before checking the encrypted file in to your repository on {% data variables.product.prodname_dotcom %}. For more information, see the "[gpg manpage](https://www.gnupg.org/gph/de/manual/r1023.html)."
 
 {% warning %}
 
@@ -339,7 +341,7 @@ To use secrets that are larger than 48 KB, you can use a workaround to store enc
 
    ```shell
    git add my_secret.json.gpg
-   git commit -m "Add new encrypted secret JSON file"
+   git commit -m "Add new secret JSON file"
    ```
 
 1. Create a shell script in your repository to decrypt the secret file. In this example, the script is named `decrypt_secret.sh`.
@@ -390,7 +392,7 @@ To use secrets that are larger than 48 KB, you can use a workaround to store enc
 
 ## Storing Base64 binary blobs as secrets
 
-You can use Base64 encoding to store small binary blobs as secrets. You can then reference the secret in your workflow and decode it for use on the runner. For the size limits, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets#limits-for-secrets)."
+You can use Base64 encoding to store small binary blobs as secrets. You can then reference the secret in your workflow and decode it for use on the runner. For the size limits, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#limits-for-secrets)."
 
 {% note %}
 

content/actions/using-github-hosted-runners/connecting-to-a-private-network.md

@@ -92,7 +92,7 @@ jobs:
       - run: curl -vvv http://192.168.1.1
 ```
 
-For more information, see [WireGuard's Quick Start](https://www.wireguard.com/quickstart/), as well as "[AUTOTITLE](/actions/security-guides/encrypted-secrets)" for how to securely store keys.
+For more information, see [WireGuard's Quick Start](https://www.wireguard.com/quickstart/), as well as "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)" for how to securely store keys.
 
 ### Using Tailscale to create a network overlay
 
@@ -102,7 +102,7 @@ Its disadvantages are similar to WireGuard: The connection is one-to-one, so you
 
 However, there are some advantages over WireGuard: NAT traversal is built-in, so you don't need to expose a port to the public internet. It is by far the quickest of these options to get up and running, since Tailscale provides an {% data variables.product.prodname_actions %} workflow with a single step to connect to the overlay network.
 
-For more information, see the [Tailscale GitHub Action](https://github.com/tailscale/github-action), as well as "[AUTOTITLE](/actions/security-guides/encrypted-secrets)" for how to securely store keys.
+For more information, see the [Tailscale GitHub Action](https://github.com/tailscale/github-action), as well as "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)" for how to securely store keys.
 
 {% ifversion actions-private-networking-azure-vnet %}
 

content/actions/using-workflows/about-workflows.md

@@ -78,7 +78,7 @@ jobs:
 
 {% endraw %}
 
-For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ### Creating dependent jobs
 

content/actions/using-workflows/reusing-workflows.md

@@ -155,7 +155,7 @@ You can define inputs and secrets, which can be passed from the caller workflow
 
    {% note %}
 
-   **Note**: Environment secrets are encrypted strings that are stored in an environment that you've defined for a repository. Environment secrets are only available to workflow jobs that reference the appropriate environment. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets)."
+   **Note**: Environment secrets are {% ifversion fpt or ghec %}encrypted {% endif %}strings that are stored in an environment that you've defined for a repository. Environment secrets are only available to workflow jobs that reference the appropriate environment. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets)."
 
    {% endnote %}
 

content/actions/using-workflows/sharing-workflows-secrets-and-runners-with-your-organization.md

@@ -56,7 +56,7 @@ When creating a secret {% ifversion actions-configuration-variables %} or variab
 {%- ifversion actions-configuration-variables %}
 1. Click the **Secrets** or **Variables** tab, and create the secret or variable with your desired values and options.
 
-   For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-an-organization)" or "[AUTOTITLE](/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization)."
+   For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization)" or "[AUTOTITLE](/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization)."
 {%- else %}
 1. Click **New secret**.
 1. Type a name for your secret in the **Name** input box.

content/actions/using-workflows/triggering-a-workflow.md

@@ -36,7 +36,7 @@ The following steps occur to trigger a workflow run:
 
 If you do want to trigger a workflow from within a workflow run, you can use a {% data variables.product.prodname_github_app %} installation access token or a {% data variables.product.pat_generic %} instead of `GITHUB_TOKEN` to trigger events that require a token.
 
-If you use a {% data variables.product.prodname_github_app %}, you'll need to create a {% data variables.product.prodname_github_app %} and store the app ID and private key as secrets. For more information, see "[AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow)." If you use a {% data variables.product.pat_generic %}, you'll need to create a {% data variables.product.pat_generic %} and store it as a secret. For more information about creating a {% data variables.product.pat_generic %}, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)." For more information about storing secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+If you use a {% data variables.product.prodname_github_app %}, you'll need to create a {% data variables.product.prodname_github_app %} and store the app ID and private key as secrets. For more information, see "[AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow)." If you use a {% data variables.product.pat_generic %}, you'll need to create a {% data variables.product.pat_generic %} and store it as a secret. For more information about creating a {% data variables.product.pat_generic %}, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)." For more information about storing secrets, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 To minimize your {% data variables.product.prodname_actions %} usage costs, ensure that you don't create recursive or unintended workflow runs.
 

content/actions/using-workflows/using-starter-workflows.md

@@ -41,7 +41,7 @@ Anyone with write permission to a repository can set up {% data variables.produc
 1. If you already have a workflow in your repository, click **New workflow**.
 1. The "{% ifversion actions-starter-template-ui %}Choose a workflow{% else %}Choose a workflow template{% endif %}" page shows a selection of recommended starter workflows. Find the starter workflow that you want to use, then click {% ifversion actions-starter-template-ui %}**Configure**{% else %}**Set up this workflow**{% endif %}.{% ifversion actions-starter-template-ui %} To help you find the starter workflow that you want, you can search for keywords or filter by category.{% endif %}
 1. If the starter workflow contains comments detailing additional setup steps, follow these steps. Many of the starter workflow have corresponding guides. For more information, see the [{% data variables.product.prodname_actions %} guides](/actions/guides).
-1. Some starter workflows use secrets. For example, {% raw %}`${{ secrets.npm_token }}`{% endraw %}. If the starter workflow uses a secret, store the value described in the secret name as a secret in your repository. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+1. Some starter workflows use secrets. For example, {% raw %}`${{ secrets.npm_token }}`{% endraw %}. If the starter workflow uses a secret, store the value described in the secret name as a secret in your repository. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 1. Optionally, make additional changes. For example, you might want to change the value of `on` to change when the workflow runs.
 1. Click **Start commit**.
 1. Write a commit message and decide whether to commit directly to the default branch or to open a pull request.

content/actions/using-workflows/workflow-commands-for-github-actions.md

@@ -480,7 +480,7 @@ If you want to pass a masked secret between jobs or workflows, you should store
 #### Setup
 
 1. Set up a secret store to store the secret that you will generate during your workflow. For example, Vault.
-1. Generate a key for reading and writing to that secret store. Store the key as a repository secret. In the following example workflow, the secret name is `SECRET_STORE_CREDENTIALS`. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+1. Generate a key for reading and writing to that secret store. Store the key as a repository secret. In the following example workflow, the secret name is `SECRET_STORE_CREDENTIALS`. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 #### Workflow
 

content/actions/using-workflows/workflow-syntax-for-github-actions.md

@@ -441,7 +441,7 @@ jobs:
 
 {% endraw %}
 
-For more information, see "[AUTOTITLE](/actions/learn-github-actions/contexts#context-availability)" and "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+For more information, see "[AUTOTITLE](/actions/learn-github-actions/contexts#context-availability)" and "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 ## `jobs.<job_id>.steps[*].name`
 
@@ -570,7 +570,7 @@ jobs:
 
 ### Example: Using an action inside a different private repository than the workflow
 
-Your workflow must checkout the private repository and reference the action locally. Generate a {% data variables.product.pat_generic %} and add the token as an encrypted secret. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+Your workflow must checkout the private repository and reference the action locally. Generate a {% data variables.product.pat_generic %} and add the token as a secret. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 Replace `PERSONAL_ACCESS_TOKEN` in the example with the name of your secret.
 

content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-registry.md

@@ -61,7 +61,7 @@ You can define secrets to allow {% data variables.product.prodname_github_codesp
 - `<*>_CONTAINER_REGISTRY_USER`
 - `<*>_CONTAINER_REGISTRY_PASSWORD`
 
-You can store secrets at the user, repository, or organization-level, allowing you to share them securely between different codespaces. When you create a set of secrets for a private image registry, you need to replace the "<*>" in the name with a consistent identifier. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)" and "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)."
+You can store secrets at the user, repository, or organization-level, allowing you to share them securely between different codespaces. When you create a set of secrets for a private image registry, you need to replace the "<*>" in the name with a consistent identifier. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)" and "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces)."
 
 If you are setting the secrets at the user or organization level, make sure to assign those secrets to the repository you'll be creating the codespace in by choosing an access policy from the dropdown list.
 

content/codespaces/codespaces-reference/security-in-github-codespaces.md

@@ -78,15 +78,15 @@ Codespaces are designed to be security hardened by default. To help maintain thi
 
 ### Using secrets to access sensitive information
 
-Always use encrypted secrets when you want to use sensitive information (such as access tokens) in a codespace. You can access your secrets as environment variables in the codespace, including from the terminal. For example, you can launch a terminal within your codespace and use `echo $SECRET_NAME` to see the value of a secret.
+Always use secrets when you want to use sensitive information (such as access tokens) in a codespace. You can access your secrets as environment variables in the codespace, including from the terminal. For example, you can launch a terminal within your codespace and use `echo $SECRET_NAME` to see the value of a secret.
 
 The secret values are copied to environment variables whenever the codespace is resumed or created and are also synced when they are changed.
 
 Secrets are not copied into the environment if you don't have write access to the codespace's repository.
 
 For more information on secrets, see:
-- "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)"
+- "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)"
-- "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)"
+- "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces)"
 
 ### Working with other people's contributions and repositories
 
@@ -94,7 +94,7 @@ When you create a codespace from a PR branch from a fork, the token in the codes
 - For a private repository, the codespace is granted access to both the fork and parent.
 - For a public repository, the codespace will only have access to the fork and opening PRs on the parent.
 
-We also further protect you in these scenarios by not injecting any of your [codespace secrets](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces) into the environment.
+We also further protect you in these scenarios by not injecting any of your [codespace secrets](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces) into the environment.
 
 {% note %}
 

content/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository.md

@@ -126,7 +126,7 @@ If you enter a value for a recommended secret, the secret will available in the
 
 If the name of a secret is shown with a checkbox that is unavailable for selection, and no input box, this is because you already have a secret of this name configured in your personal settings for {% data variables.product.prodname_codespaces %}, and you have associated it with this repository. If you've created a secret of this name but have not associated it with this repository, the checkbox will be available to select and by doing so you can update your settings to add the association.
 
-If you want to change the value of a preselected secret you can do so from your personal settings for {% data variables.product.prodname_codespaces %} at [github.com/settings/codespaces](https://github.com/settings/codespaces). For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
+If you want to change the value of a preselected secret you can do so from your personal settings for {% data variables.product.prodname_codespaces %} at [github.com/settings/codespaces](https://github.com/settings/codespaces). For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)."
 
 {% endwebui %}
 

content/codespaces/developing-in-codespaces/creating-a-codespace-from-a-template.md

@@ -81,7 +81,7 @@ When a codespace is published, you have access to a greater range of options to
 
 - Change the machine type of your codespace to make sure you're using resources appropriate for the work you're doing (see "[AUTOTITLE](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace)").
 - Allow {% data variables.product.prodname_dotcom %} to automatically use GPG to sign commits you make in your codespace (see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)").
-- Share encrypted secrets with your codespace (see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)").
+- Share secrets with your codespace (see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)").
 
 ### Publishing from {% data variables.product.prodname_dotcom_the_website %}
 

content/codespaces/developing-in-codespaces/persisting-environment-variables-and-temporary-files.md

@@ -30,7 +30,7 @@ There are three ways that you can set persistent custom environment variables fo
 
 - You can edit the `devcontainer.json` configuration file for the repository
 - You can use a custom Dockerfile
-- You can use encrypted secrets
+- You can use secrets
 
 #### Edit the `devcontainer.json` configuration file for the repository
 
@@ -44,7 +44,7 @@ Edit the `devcontainer.json` configuration file for the repository, and use the
 }
 ```
 
-Only use this method for values that you are happy to commit to your repository as plaintext. For sensitive values such as access tokens, use encrypted secrets.
+Only use this method for values that you are happy to commit to your repository as plaintext. For sensitive values such as access tokens, use secrets.
 
 The environment variable will be set within your editor's remote server process, and will be available for sub-processes of that remote server process, such as terminals and debugging sessions. However, the variable will not be available more broadly inside the container. This method is useful if you don't need the environment variable to be set for other background processes that run at startup, and if you are using a premade image and don't have or want a custom Dockerfile.
 
@@ -58,9 +58,9 @@ This method is useful if you already have a Dockerfile and want to set a variabl
 
 This setting will take effect when you rebuild your container or create a new codespace after pushing this change to the repository. For more information about applying configuration changes to a codespace, see "[AUTOTITLE](/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers)."
 
-#### Use encrypted secrets
+#### Use secrets
 
-You can use encrypted secrets for {% data variables.product.prodname_github_codespaces %} to set custom variables for codespaces created for the repository. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
+You can use secrets for {% data variables.product.prodname_github_codespaces %} to set custom variables for codespaces created for the repository. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)."
 
 You should use this method for environment variable values that you do not want to commit to the repository as plaintext.
 

content/codespaces/guides.md

@@ -43,14 +43,14 @@ includeGuides:
   - /codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces
   - /codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces
   - /codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces
-  - /codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces
+  - /codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces
   - /codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces
   - /codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces
   - /codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces
   - /codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces
   - /codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization
   - /codespaces/managing-codespaces-for-your-organization/managing-the-cost-of-github-codespaces-in-your-organization
-  - /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces
+  - /codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces
   - /codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types
   - /codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces
   - /codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period

content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md

@@ -60,7 +60,7 @@ If your organization owns a codespace, your organization has control over that c
 
 If a user owns a codespace, your organization does not have any of these options for managing the codespace, even if the codespace was created from one of your organization's repositories.
 
-When a user creates a codespace, they're told who will pay for it, and therefore who owns it. From a user's point of view, apart from the policies your organization can use to set constraints on codespaces, the experience with {% data variables.product.prodname_github_codespaces %} will be similar regardless of who owns a codespace. For example, most of a user's personal settings for {% data variables.product.prodname_github_codespaces %}, such as dotfiles, encrypted secrets, and GPG verification, apply regardless of who owns the codespace.
+When a user creates a codespace, they're told who will pay for it, and therefore who owns it. From a user's point of view, apart from the policies your organization can use to set constraints on codespaces, the experience with {% data variables.product.prodname_github_codespaces %} will be similar regardless of who owns a codespace. For example, most of a user's personal settings for {% data variables.product.prodname_github_codespaces %}, such as dotfiles, secrets, and GPG verification, apply regardless of who owns the codespace.
 
 ## About changing your settings
 

content/codespaces/managing-codespaces-for-your-organization/index.md

@@ -13,7 +13,7 @@ children:
   - /choosing-who-owns-and-pays-for-codespaces-in-your-organization
   - /listing-the-codespaces-in-your-organization
   - /managing-the-cost-of-github-codespaces-in-your-organization
-  - /managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces
+  - /managing-secrets-for-your-repository-and-organization-for-github-codespaces
   - /managing-repository-access-for-your-organizations-codespaces
   - /reviewing-your-organizations-audit-logs-for-github-codespaces
   - /restricting-access-to-machine-types

content/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces.md

@@ -1,7 +1,7 @@
 ---
-title: Managing encrypted secrets for your repository and organization for GitHub Codespaces
+title: Managing secrets for your repository and organization for GitHub Codespaces
-shortTitle: Encrypted secrets
+shortTitle: Manage secrets
-intro: 'Encrypted secrets allow you to store sensitive information in your organization or repository for use with {% data variables.product.prodname_github_codespaces %}.'
+intro: 'Secrets allow you to store sensitive information in your organization or repository for use with {% data variables.product.prodname_github_codespaces %}.'
 permissions: 'To manage secrets for {% data variables.product.prodname_github_codespaces %} for an organization, you must be an organization owner.'
 versions:
   fpt: '*'
@@ -12,16 +12,17 @@ topics:
   - Security
 redirect_from:
   - /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces
-product: 'Encrypted secrets are available in all public repositories, in private repositories owned by personal accounts, and in private repositories owned by organizations on {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %} plans. For more information, see "[AUTOTITLE](/get-started/learning-about-github/githubs-plans)."'
+  - /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces
+product: 'Secrets are available in all public repositories, in private repositories owned by personal accounts, and in private repositories owned by organizations on {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %} plans. For more information, see "[AUTOTITLE](/get-started/learning-about-github/githubs-plans)."'
 ---
 
 ## About secrets
 
-Secrets are encrypted environment variables that you create in the {% data variables.product.prodname_github_codespaces %} settings for an organization, a repository, or a personal account. For information on creating user-specific secrets, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
+Secrets are {% ifversion fpt or ghec %}encrypted {% endif %}environment variables that you create in the {% data variables.product.prodname_github_codespaces %} settings for an organization, a repository, or a personal account. For information on creating user-specific secrets, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)."
 
-The secrets that you create are available to use in {% data variables.product.prodname_github_codespaces %}. {% data variables.product.prodname_dotcom %} uses a [libsodium sealed box](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes) to encrypt secrets before they reach {% data variables.product.prodname_dotcom %} and only decrypts them when you use them in a codespace.
+The secrets that you create are available to use in {% data variables.product.prodname_github_codespaces %}. {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %} uses a [libsodium sealed box](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes) to encrypt secrets before they reach {% data variables.product.prodname_dotcom %} and only decrypts them when you use them in a codespace.
 
-Organization-level secrets let you share secrets between multiple repositories, which reduces the need to create duplicate secrets. You can use access policies to control which repositories can use organization secrets.
+{% endif %}Organization-level secrets let you share secrets between multiple repositories, which reduces the need to create duplicate secrets. You can use access policies to control which repositories can use organization secrets.
 
 {% data reusables.codespaces.secrets-on-start %}
 
@@ -86,4 +87,4 @@ You can check which access policies are applied to a secret in your organization
 
 ## Further reading
 
-- "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)"
+- "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)"

content/codespaces/managing-your-codespaces/index.md

@@ -9,7 +9,7 @@ topics:
 redirect_from:
   - /codespaces/working-with-your-codespace
 children:
-  - /managing-encrypted-secrets-for-your-codespaces
+  - /managing-secrets-for-your-codespaces
   - /managing-repository-access-for-your-codespaces
   - /reviewing-your-security-logs-for-github-codespaces
   - /managing-gpg-verification-for-github-codespaces

content/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces.md

@@ -1,5 +1,6 @@
 ---
-title: Managing encrypted secrets for your codespaces
+title: Managing secrets for your codespaces
+shortTitle: Codespace secrets
 intro: 'You can store sensitive information, like tokens, that you want to access in your codespaces via environment variables.'
 versions:
   fpt: '*'
@@ -7,18 +8,18 @@ versions:
 redirect_from:
   - /github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces
   - /codespaces/working-with-your-codespace/managing-encrypted-secrets-for-codespaces
+  - /codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces
 type: how_to
 topics:
   - Codespaces
   - Developer
   - Security
   - Secret store
-shortTitle: Encrypted secrets
 ---
 
-## About encrypted secrets for {% data variables.product.prodname_github_codespaces %}
+## About secrets for {% data variables.product.prodname_github_codespaces %}
 
-You can add encrypted secrets to your personal account that you want to use in your codespaces. For example, you may want to store and access the following sensitive information as encrypted secrets.
+You can add secrets to your personal account that you want to use in your codespaces. For example, you may want to store and access the following sensitive information as secrets.
 
 - Access tokens to cloud services
 - Service principals
@@ -95,5 +96,5 @@ Codespace secrets cannot be used:
 
 ## Further reading
 
-- "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)"
+- "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces)"
 - "[AUTOTITLE](/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository#recommended-secrets)"

content/codespaces/prebuilding-your-codespaces/allowing-a-prebuild-to-access-other-repositories.md

@@ -54,7 +54,7 @@ You will need to create a new personal account and then use this account to crea
 {% endif %}
 1. Copy the token string. You will assign this to a {% data variables.product.prodname_codespaces %} repository secret.
 1. Sign back into the account that has admin access to the repository.
-1. In the repository for which you want to create {% data variables.product.prodname_github_codespaces %} prebuilds, create a new {% data variables.product.prodname_codespaces %} repository secret called `CODESPACES_PREBUILD_TOKEN`, giving it the value of the token you created and copied. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository)."
+1. In the repository for which you want to create {% data variables.product.prodname_github_codespaces %} prebuilds, create a new {% data variables.product.prodname_codespaces %} repository secret called `CODESPACES_PREBUILD_TOKEN`, giving it the value of the token you created and copied. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository)."
 
 The {% data variables.product.pat_generic %} will be used for all subsequent prebuilds created for your repository. Unlike other {% data variables.product.prodname_codespaces %} repository secrets, the `CODESPACES_PREBUILD_TOKEN` secret is only used for prebuilding and will not be available to use in codespaces created from your repository.
 

content/codespaces/prebuilding-your-codespaces/configuring-prebuilds.md

@@ -127,7 +127,7 @@ For information about editing and deleting prebuild configurations, see "[AUTOTI
 
 ## Configuring environment variables
 
-To allow the prebuild process to access environment variables required to create your development environment, you can set these either as {% data variables.product.prodname_codespaces %} repository secrets or as {% data variables.product.prodname_codespaces %} organization secrets. Secrets that you create in this way will be accessible by anyone who creates a codespace from this repository. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository)" and "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-an-organization)."
+To allow the prebuild process to access environment variables required to create your development environment, you can set these either as {% data variables.product.prodname_codespaces %} repository secrets or as {% data variables.product.prodname_codespaces %} organization secrets. Secrets that you create in this way will be accessible by anyone who creates a codespace from this repository. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository)" and "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-an-organization)."
 
 Prebuilds cannot use any user-level secrets while building your environment, because these are not available until after the codespace has been created.
 

content/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/specifying-recommended-secrets-for-a-repository.md

@@ -40,7 +40,7 @@ Each recommended secret is displayed in one of three ways:
 
 You should use recommended secrets for secrets that the user who creates the codespace, rather than the owner of the repository or organization, must provide. For example, if you have a public project, and users must provide a personal API key to run the application in your project, you can specify a recommended secret so that users will be prompted to provide the key as the value of the secret when they use the advanced options page to create a codespace.
 
-Alternatively, for secrets that the owner of the repository or organization can provide, such as API keys shared across a team, you can set secrets at the level of the repository or organization. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)."
+Alternatively, for secrets that the owner of the repository or organization can provide, such as API keys shared across a team, you can set secrets at the level of the repository or organization. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/managing-secrets-for-your-repository-and-organization-for-github-codespaces)."
 
 ## Specifying recommended secrets in the dev container configuration
 

content/codespaces/troubleshooting/troubleshooting-authentication-to-a-repository.md

@@ -45,14 +45,14 @@ We do not recommend manually updating the value of the `GITHUB_TOKEN` in a codes
 
 If you need access to another repository in an existing codespace, or if the permissions you need are specific to you and don't apply to other contributors, you can create a {% data variables.product.pat_generic %} with access to the repository and add the token to your codespace. We recommend you limit the token's access by using a {% data variables.product.pat_v2 %}, selecting only the repositories to which you need access, and giving the required access to the **Contents** permission only. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#creating-a-fine-grained-personal-access-token)."
 
-You can then add the token as an environment variable in a codespace, or as an encrypted secret for {% data variables.product.prodname_github_codespaces %}. If you create an encrypted secret, you should only allow certain trusted repositories to access the secret. When you add a new encrypted secret, you will be prompted to reload your existing codespace to pull in the new secret. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
+You can then add the token as an environment variable in a codespace, or as a secret for {% data variables.product.prodname_github_codespaces %}. If you create a secret, you should only allow certain trusted repositories to access the secret. When you add a new secret, you will be prompted to reload your existing codespace to pull in the new secret. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)."
 
 To use the token to authenticate in your codespace, you have the following options.
 
-- When you create the environment variable or encrypted secret, you can use the name `GH_TOKEN`. The `GH_TOKEN` variable is used by default in {% data variables.product.prodname_cli %} operations, so you can clone the repository using the command `gh repo clone OWNER/REPO`.
+- When you create the environment variable or secret, you can use the name `GH_TOKEN`. The `GH_TOKEN` variable is used by default in {% data variables.product.prodname_cli %} operations, so you can clone the repository using the command `gh repo clone OWNER/REPO`.
 
   However, if you then try to push to the repository using `git push`, Git's credential helper will try to use the existing `GITHUB_TOKEN` to authenticate, and authentication will fail. You can override the helper, but this may introduce friction when you try to interact with the original repository from which you created the codespace.
-- You can clone the repository with a URL that includes the access token. Replace `YOUR-VARIABLE` with the name of the environment variable or encrypted secret you created.
+- You can clone the repository with a URL that includes the access token. Replace `YOUR-VARIABLE` with the name of the environment variable or secret you created.
 
   ```shell
   git clone https://PAT:$YOUR-VARIABLE@github.com/OWNER/REPO`

content/rest/actions/secrets.md

@@ -17,6 +17,6 @@ autogenerated: rest
 
 ## About secrets in {% data variables.product.prodname_actions %}
 
-You can use the REST API to create, update, delete, and retrieve information about encrypted secrets that can be used in workflows in {% data variables.product.prodname_actions %}. {% data reusables.actions.about-secrets %} For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+You can use the REST API to create, update, delete, and retrieve information about secrets that can be used in workflows in {% data variables.product.prodname_actions %}. {% data reusables.actions.about-secrets %} For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 
 <!-- Content after this section is automatically generated -->

content/rest/codespaces/repository-secrets.md

@@ -18,6 +18,6 @@ autogenerated: rest
 
 ## About {% data variables.product.prodname_codespaces %} repository secrets
 
-You can create, list, and delete secrets (such as access tokens for cloud services) for repositories that the user has access to. These secrets are made available to the codespace at runtime. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
+You can create, list, and delete secrets (such as access tokens for cloud services) for repositories that the user has access to. These secrets are made available to the codespace at runtime. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)."
 
 <!-- Content after this section is automatically generated -->

content/rest/codespaces/secrets.md

@@ -13,6 +13,6 @@ autogenerated: rest
 
 ## About {% data variables.product.prodname_codespaces %} user secrets
 
-You can create, list, and delete secrets (such as access tokens for cloud services) as well as assign secrets to repositories that the user has access to. These secrets are made available to the codespace at runtime. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."
+You can create, list, and delete secrets (such as access tokens for cloud services) as well as assign secrets to repositories that the user has access to. These secrets are made available to the codespace at runtime. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)."
 
 <!-- Content after this section is automatically generated -->

data/reusables/actions/about-secrets.md

@@ -1 +1 @@
-Encrypted secrets allow you to store sensitive information, such as access tokens, in your repository, repository environments, or organization.
+Secrets allow you to store sensitive information, such as access tokens, in your repository, repository environments, or organization.

data/reusables/actions/create-azure-publish-profile.md

@@ -2,4 +2,4 @@
 
    Generate your Azure deployment credentials using a publish profile. For more information, see "[Generate deployment credentials](https://docs.microsoft.com/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials)" in the Azure documentation.
 
-   In your {% data variables.product.prodname_dotcom %} repository, create a secret named `AZURE_WEBAPP_PUBLISH_PROFILE` that contains the contents of the publish profile. For more information on creating secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository)."
+   In your {% data variables.product.prodname_dotcom %} repository, create a secret named `AZURE_WEBAPP_PUBLISH_PROFILE` that contains the contents of the publish profile. For more information on creating secrets, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)."

data/reusables/actions/gai-inspect-audit.md

@@ -37,7 +37,7 @@ The "Manual tasks" section contains an overview of tasks that {% data variables.
 
 Listed below are some key terms that can appear in the "Manual tasks" section:
 
-- A **secret** is a repository or organization-level secret that is used in the converted pipelines. These secrets must be created manually in {% data variables.product.prodname_actions %} for these pipelines to function properly. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+- A **secret** is a repository or organization-level secret that is used in the converted pipelines. These secrets must be created manually in {% data variables.product.prodname_actions %} for these pipelines to function properly. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)."
 - A **self-hosted runner** refers to a label of a runner that is referenced in a converted pipeline that is not a {% data variables.product.prodname_dotcom %}-hosted runner. You will need to manually define these runners for these pipelines to function properly.
 
 #### Files

data/reusables/actions/secrets-table-entry.md

@@ -1 +1 @@
-| Referencing secrets in a workflow | [Secrets](/actions/security-guides/encrypted-secrets)|
+| Referencing secrets in a workflow | [Secrets](/actions/security-guides/using-secrets-in-github-actions)|

data/reusables/codespaces/next-steps-adding-devcontainer.md

@@ -1,6 +1,6 @@
 Here are some additional resources for more advanced scenarios.
 
 - "[AUTOTITLE](/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/adding-features-to-a-devcontainer-file?tool=webui)"
-- "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)"
+- "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-secrets-for-your-codespaces)"
 - "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)"
 - "[AUTOTITLE](/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace)"