Enforce blank lines around code fences (#43042)

2025-12-19 18:10:59 -05:00 · 2023-09-22 09:56:27 -07:00
parent 6943ff16c9
commit 5b0d22783f
28 changed files with 102 additions and 9 deletions
--- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts.md
+++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts.md
@@ -74,6 +74,7 @@ Alternatively, if you want to use the HTTPS protocol for both accounts, you can
    ```shell copy
    echo "protocol=https`nhost=github.com" | git credential-manager erase
    ```
   - If the output is `wincred`, you're using the Windows Credential Manager. To clear the credentials, enter the following command.
     ```shell copy
--- a/content/actions/creating-actions/creating-a-docker-container-action.md
+++ b/content/actions/creating-actions/creating-a-docker-container-action.md
@@ -102,11 +102,12 @@ Next, the script gets the current time and sets it as an output variable that ac
   echo "Hello $1"
   time=$(date)
-{%- ifversion actions-save-state-set-output-envs %}
+   {%- ifversion actions-save-state-set-output-envs %}
   echo "time=$time" >> $GITHUB_OUTPUT
-{%- else %}
+   {%- else %}
   echo "::set-output name=time::$time"
-{%- endif %}
+   {%- endif %}
   ```
   If `entrypoint.sh` executes without any errors, the action's status is set to `success`. You can also explicitly set exit codes in your action's code to provide an action's status. For more information, see "[AUTOTITLE](/actions/creating-actions/setting-exit-codes-for-actions)."
@@ -114,8 +115,8 @@ Next, the script gets the current time and sets it as an output variable that ac
 1. Make your `entrypoint.sh` file executable. Git provides a way to explicitly change the permission mode of a file so that it doesn’t get reset every time there is a clone/fork.
   ```shell copy
-   $ git add entrypoint.sh
+   git add entrypoint.sh
-   $ git update-index --chmod=+x entrypoint.sh
+   git update-index --chmod=+x entrypoint.sh
   ```
 1. Optionally, to check the permission mode of the file in the git index, run the following command.
@@ -266,6 +267,7 @@ jobs:
          name: workspace_artifacts
          path: {% raw %}${{ github.workspace }}{% endraw %}
 ```
 For more information about uploading build output as an artifact, see "[AUTOTITLE](/actions/using-workflows/storing-workflow-data-as-artifacts)."
 ## Example Docker container actions on {% data variables.product.prodname_dotcom_the_website %}
--- a/content/actions/migrating-to-github-actions/automated-migrations/migrating-from-bitbucket-pipelines-with-github-actions-importer.md
+++ b/content/actions/migrating-to-github-actions/automated-migrations/migrating-from-bitbucket-pipelines-with-github-actions-importer.md
@@ -184,6 +184,7 @@ To perform a dry run of migrating a Bitbucket pipeline to {% data variables.prod
 ```bash
 gh actions-importer dry-run bitbucket --workspace :workspace --repository :repo --output-dir tmp/dry-run
 ```
 ### Inspecting the converted workflows
 You can view the logs of the dry run and the converted workflow files in the specified output directory.
@@ -205,6 +206,7 @@ To migrate a Bitbucket pipeline to {% data variables.product.prodname_actions %}
 ```bash
 gh actions-importer migrate bitbucket --workspace :workspace --repository :repo --target-url https://github.com/:owner/:repo --output-dir tmp/dry-run
 ```
 The command's output includes the URL of the pull request that adds the converted workflow to your repository. An example of a successful output is similar to the following:
 ```bash
--- a/content/admin/backing-up-and-restoring-your-instance/known-issues-with-backups-for-your-instance.md
+++ b/content/admin/backing-up-and-restoring-your-instance/known-issues-with-backups-for-your-instance.md
@@ -46,24 +46,28 @@ To ensure users can sign into the new target instance, ensure that your environm
   ```shell copy
   ssh -p 122 admin@HOSTNAME
   ```
 {%- ifversion ghes = 3.7 %}
 1. To display a list of encryption and decryption keys, run the following command.
   ```shell copy
   ghe-config secrets.github.encrypted-column-keying-material
   ```
 {%- elsif ghes = 3.8 or ghes = 3.9 %}
 1. To display a list of decryption keys, run the following command.
   ```shell copy
   ghe-config secrets.github.encrypted-column-keying-material
   ```
 1. Copy the output to a safe and temporary location.
 1. To display a list of encryption keys, run the following command.
   ```shell copy
   ghe-config secrets.github.encrypted-column-current-encryption-key
   ```
 1. Copy the output to a safe and temporary location.
 {%- endif %}
 1. SSH into the destination {% data variables.product.product_name %} instance where you restored the backup. Replace HOSTNAME with the actual hostname of your instance.
@@ -71,6 +75,7 @@ To ensure users can sign into the new target instance, ensure that your environm
   ```shell copy
   ssh -p 122 admin@HOSTNAME
   ```
 1. Enable maintenance mode. For more information, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode#enabling-maintenance-mode-immediately-or-scheduling-a-maintenance-window-for-a-later-time)."
 1. To verify that the destination instance is ready for configuration, run the following {% ifversion ghes = 3.7 %}command{% elsif ghes = 3.8 or ghes = 3.9 %}commands{% endif %}. There should be no output displayed.
@@ -80,29 +85,34 @@ To ensure users can sign into the new target instance, ensure that your environm
   ghe-config secrets.github.encrypted-column-current-encryption-key
   {%- endif %}
   ```
 {%- ifversion ghes = 3.7 %}
 1. To update the list of keys on the destination instance, run the following command. Replace KEY-LIST with the output from step 1.
   ```shell copy
   ghe-config secrets.github.encrypted-column-keying-material "KEY-LIST"
   ```
 {%- elsif ghes = 3.8 or ghes = 3.9 %}
 1. To update the decryption keys on the destination instance, run the following command. Replace DECRYPTION-KEY-LIST with the output from step 1.
   ```shell copy
   ghe-config secrets.github.encrypted-column-keying-material "DECRYPTION-KEY-LIST"
   ```
 1. To update the encryption key on the destination instance, run the following command. Replace ENCRYPTION-KEY with the output from step 4.
   ```shell copy
   ghe-config secrets.github.encrypted-column-current-encryption-key "ENCRYPTION-KEY"
   ```
 {%- endif %}
 1. To apply the configuration, run the following command.
    ```shell copy
    ghe-config-apply
    ```
 1. Wait for the configuration run to complete.
 1. To ensure that the target instance's configuration contains the keys, run the following {% ifversion ghes = 3.7 %}command{% elsif ghes = 3.8 or ghes = 3.9 %}commands{% endif %} and verify that the output matches step 1{% ifversion ghes = 3.8 or ghes = 3.9 %} and step 4{% endif %}.
@@ -112,6 +122,7 @@ To ensure users can sign into the new target instance, ensure that your environm
   ghe-config secrets.github.encrypted-column-current-encryption-key
   {%- endif %}
   ```
 1. Have a user sign into the destination instance. If any issues arise, contact {% data variables.contact.enterprise_support %}. For more information, see "[AUTOTITLE](/support/contacting-github-support)."
 {% endif %}
--- a/content/admin/configuration/configuring-network-settings/configuring-built-in-firewall-rules.md
+++ b/content/admin/configuration/configuring-network-settings/configuring-built-in-firewall-rules.md
@@ -69,6 +69,7 @@ We do not recommend customizing UFW as it can complicate some troubleshooting is
 1. Configure a custom firewall rule.
 1. Check the status of each new rule with the `status numbered` command.
   ```shell
   sudo ufw status numbered
   ```
--- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/including-data-about-github-actions-in-server-statistics.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/including-data-about-github-actions-in-server-statistics.md
@@ -36,4 +36,5 @@ If you enable the collection of data about {% data variables.product.prodname_ac
   ```shell{:copy}
   ghe-config app.github.enable-actions-usage-stats true
   ```
 {% data reusables.enterprise.apply-configuration %}
--- a/content/admin/monitoring-managing-and-updating-your-instance/caching-repositories/configuring-a-repository-cache.md
+++ b/content/admin/monitoring-managing-and-updating-your-instance/caching-repositories/configuring-a-repository-cache.md
@@ -55,6 +55,7 @@ Then, when told to fetch `https://github.example.com/myorg/myrepo`, Git will ins
      ```
      ghe-repl-setup -a PRIMARY-IP
      ```
 1. To configure the repository cache, use the `ghe-repl-node` command and include the necessary parameters.
    - Set a `cache-location` for the repository cache, replacing _CACHE-LOCATION_ with an alphanumeric identifier, such as the region where the cache is deployed.  The _CACHE-LOCATION_ value must not be any of the subdomains reserved for use with subdomain isolation, such as `assets` or `media`.  For a list of reserved names, see "[AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation#about-subdomain-isolation)."
    - Set a `cache-domain` for the repository cache, replacing _EXTERNAL-CACHE-DOMAIN_ with the hostname Git clients will use to access the repository cache. If you do not specify a `cache-domain`, {% data variables.product.product_name %} will prepend the _CACHE-LOCATION_ value as a subdomain to the hostname configured for your instance. For more information, see "[AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-a-hostname)."
--- a/content/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/initiating-a-failover-to-your-replica-cluster.md
+++ b/content/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/initiating-a-failover-to-your-replica-cluster.md
@@ -32,9 +32,9 @@ To fail over to replica nodes, you must have configured high availability replic
 1. SSH into the primary MySQL node in the replica cluster. For more information, see "[AUTOTITLE](/enterprise/admin/configuration/accessing-the-administrative-shell-ssh#enabling-access-to-the-administrative-shell-via-ssh)."
 1. To begin the failover to the secondary cluster and configure the nodes to respond to requests, run the following command.
-    ```shell
+   ```shell
-  ghe-cluster-failover
+   ghe-cluster-failover
-  ```
+   ```
 {% data reusables.enterprise_clustering.configuration-finished %}
 1. Update the DNS record to point to the IP address of the load balancer for your replica cluster. After the TTL period expires, requests will be directed to the replica cluster.
--- a/content/admin/monitoring-managing-and-updating-your-instance/configuring-high-availability/creating-a-high-availability-replica.md
+++ b/content/admin/monitoring-managing-and-updating-your-instance/configuring-high-availability/creating-a-high-availability-replica.md
@@ -100,6 +100,7 @@ This example configuration uses a primary and two replicas, which are located in
   ```
 1. To apply the configuration, use the `ghe-config-apply` command on the primary.
   ```shell
   (primary)$ ghe-config-apply
   ```
--- a/content/admin/monitoring-managing-and-updating-your-instance/updating-the-virtual-machine-and-physical-resources/known-issues-with-upgrades-to-your-instance.md
+++ b/content/admin/monitoring-managing-and-updating-your-instance/updating-the-virtual-machine-and-physical-resources/known-issues-with-upgrades-to-your-instance.md
@@ -133,16 +133,19 @@ If you cannot upgrade {% data variables.location.product_location %}, then you c
   ```shell copy
   ghe-maintenance -s
   ```
 1. Update consul template for nomad:
   ```shell copy
   sudo sed -i.bak '/kill_signal/i \      kill_timeout = "10m"' /etc/consul-templates/etc/nomad-jobs/mysql/mysql.hcl.ctmpl
   ```
 1. Render consul template for nomad:
   ```shell copy
   sudo consul-template -once -template /etc/consul-templates/etc/nomad-jobs/mysql/mysql.hcl.ctmpl:/etc/nomad-jobs/mysql/mysql.hcl
   ```
 1. Verify current `kill_timeout` setting:
   ```shell copy
@@ -154,26 +157,31 @@ If you cannot upgrade {% data variables.location.product_location %}, then you c
   ```shell copy
   "KillTimeout": 5000000000
   ```
 1. Stop MySQL:
   ```shell copy
   nomad job stop mysql
   ```
 1. Run new MySQL job:
   ```shell copy
   nomad job run /etc/nomad-jobs/mysql/mysql.hcl
   ```
 1. Verify kill_timeout has been updated:
   ```shell copy
   nomad job inspect mysql | grep KillTimeout
   ```
   Expected response:
   ```shell copy
   "KillTimeout": 600000000000,
   ```
 1. Take instance out of maintenance mode:
   ```shell copy
--- a/content/apps/creating-github-apps/writing-code-for-a-github-app/building-ci-checks-with-a-github-app.md
+++ b/content/apps/creating-github-apps/writing-code-for-a-github-app/building-ci-checks-with-a-github-app.md
@@ -81,6 +81,7 @@ The following sections will lead you through setting up the following components
 1. Create a Ruby file named `server.rb`. This file will contain all the code for your app. You will add content to this file later.
 1. If the directory doesn't already include a `.gitignore` file, add a `.gitignore` file. You will add content to this file later. For more information about `.gitignore` files, see "[AUTOTITLE](/get-started/getting-started-with-git/ignoring-files)."
 1. Create a file named `Gemfile`. This file will describe the gem dependencies that your Ruby code needs. Add the following contents to your `Gemfile`:
   ```ruby copy
   source 'http://rubygems.org'
@@ -92,7 +93,9 @@ The following sections will lead you through setting up the following components
   gem 'dotenv'
   gem 'git'
   ```
 1. Create a file named `config.ru`. This file will configure your Sinatra server to run. Add the following contents to your `config.ru` file:
   ```ruby copy
   require './server'
   run GHAapp
@@ -103,17 +106,22 @@ The following sections will lead you through setting up the following components
 In order to develop your app locally, you can use a webhook proxy URL to forward webhook events from {% data variables.product.company_short %} to your computer or codespace. This tutorial uses Smee.io to provide a webhook proxy URL and forward events.
 1. In a terminal, run the following command to install the Smee client:
   ```shell copy
   npm install --global smee-client
   ```
 1. In your browser, navigate to https://smee.io/.
 1. Click **Start a new channel**.
 1. Copy the full URL under "Webhook Proxy URL".
 1. In the terminal, run the following command to start the Smee client. Replace `YOUR_DOMAIN` with the Webhook Proxy URL you copied in the previous step.
   ```shell copy
   smee --url YOUR_DOMAIN --path /event_handler --port 3000
   ```
   You should see output like the following:
   ```shell
   Forwarding https://smee.io/YOUR_DOMAIN to http://127.0.0.1:3000/event_handler
   Connected https://smee.io/YOUR_DOMAIN
--- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md
+++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md
@@ -80,6 +80,7 @@ codeql database analyze <database> --format=<format> \
    --sarif-category=<language-specifier> --output=<output> \
    {% ifversion codeql-packs %}<packs,queries>{% else %}<queries>{% endif %}
 ```
 {% endnote %}
 You must specify `<database>`, `--format`, and `--output`. You can specify additional options depending on what analysis you want to do.
--- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli.md
+++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli.md
@@ -113,6 +113,7 @@ After you extract the {% data variables.product.prodname_codeql_cli %} bundle, y
 - `/<extraction-root>/codeql/codeql resolve qlpacks` otherwise.
 Extract from successful output:
 ```shell
 codeql/cpp-all (/<extraction-root>/qlpacks/codeql/cpp-all/<version>)
 codeql/cpp-examples (/<extraction-root>/qlpacks/codeql/cpp-examples/<version>)
--- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md
+++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md
@@ -34,6 +34,7 @@ default-suite-file: default-queries.qls # optional, a pointer to a query-suite i
 license: # optional, the license under which the pack is published
 dependencies: # map from CodeQL pack name to version range
 ```
 - `name:` must follow the `<scope>/<pack>` format, where `<scope>` is the {% data variables.product.prodname_dotcom %} organization that you will publish to and <pack> is the name for the pack.
 - A maximum of one of `default-suite` or `default-suite-file` is allowed. These are two different ways to define a default query suite to be run, the first by specifying queries directly in the qlpack.yml file and the second by specifying a query suite in the pack.
@@ -207,6 +208,7 @@ The following properties are supported in `qlpack.yml` files.
 - Required by all packs.
 - Defines the scope of the pack, where the {% data variables.product.prodname_codeql %} pack is published, and the name of the pack defined using alphanumeric characters and hyphens. It must be unique as {% data variables.product.prodname_codeql %} cannot differentiate between {% data variables.product.prodname_codeql %} packs with identical names. Use the pack name to specify queries to run using `database analyze` and to define dependencies between {% data variables.product.prodname_codeql %} packs (see examples below). For example:
  ```yaml
  name: octo-org/security-queries
  ```
@@ -215,6 +217,7 @@ The following properties are supported in `qlpack.yml` files.
 - Required by all packs that are published.
 - Defines a semantic version for this {% data variables.product.prodname_codeql %} pack that must adhere to the [SemVer v2.0.0 specification](https://semver.org/spec/v2.0.0.html). For example:
  ```yaml
  version: 0.0.0
  ```
@@ -230,6 +233,7 @@ The following properties are supported in `qlpack.yml` files.
 - Required by query and library packs that define {% data variables.product.prodname_codeql %} package dependencies on other packs. Model packs cannot define any dependencies and use `extensionTargets` instead.
 - Defines a map from pack references to the semantic version range that is compatible with this pack. Supported for {% data variables.product.prodname_codeql_cli %} versions v2.6.0 and later. For example:
  ```yaml
  dependencies:
    codeql/cpp-all: ^0.0.2
@@ -239,6 +243,7 @@ The following properties are supported in `qlpack.yml` files.
 - Required by packs that export a set of default queries to run.
 - Defines the path to a query suite file relative to the package root, containing all of the queries that are run by default when this pack is passed to the `codeql database analyze` command. Supported from CLI version v2.6.0 and onwards. Only one of `defaultSuiteFile` or `defaultSuite` can be defined. For example:
  ```yaml
  defaultSuiteFile: cpp-code-scanning.qls
  ```
@@ -247,6 +252,7 @@ The following properties are supported in `qlpack.yml` files.
 - Required by packs that export a set of default queries to run.
 - Defines an inlined query suite containing all of the queries that are run by default when this pack is passed to the `codeql database analyze` command. Supported from CLI version v2.6.0 and onwards. Only one of `defaultSuiteFile` or `defaultSuite` can be defined. For example:
  ```yaml
  defaultSuite:
    queries: .
@@ -283,6 +289,7 @@ The following properties are supported in `qlpack.yml` files.
 - Required by library packs.
 - Defines a boolean value that indicates whether or not this pack is a library pack. Library packs do not contain queries and are not compiled. Query packs can ignore this field or explicitly set it to `false`. For example:
  ```yaml
  library: true
  ```
@@ -291,6 +298,7 @@ The following properties are supported in `qlpack.yml` files.
 - Optional for packs that define query suites.
 - Defines the path to a directory in the pack that contains the query suites you want to make known to the {% data variables.product.prodname_codeql_cli %}, defined relative to the pack directory. {% data variables.product.prodname_codeql %} pack users can run "well-known" suites stored in this directory by specifying the pack name, without providing their full path. This is not supported for {% data variables.product.prodname_codeql %} packs downloaded from the Container registry. For more information about query suites, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-codeql-query-suites)." For example:
  ```yaml
  suites: octo-org-query-suites
  ```
@@ -298,6 +306,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `tests`
 - Optional for packs containing {% data variables.product.prodname_codeql %} tests. Ignored for packs without tests.
 - Defines the path to a directory within the pack that contains tests, defined relative to the pack directory. Use `.` to specify the whole pack. Any queries in this directory are run as tests when `test run` is run with the `--strict-test-discovery` option. These queries are ignored by query suite definitions that use `queries` or `qlpack` instructions to ask for all queries in a particular pack. If this property is missing, then `.` is assumed. For example:
  ```yaml
  tests: .
  ```
@@ -305,6 +314,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `extractor`
 - Required by all packs containing {% data variables.product.prodname_codeql %} tests.
 - Defines the {% data variables.product.prodname_codeql %} language extractor to use when running the {% data variables.product.prodname_codeql %} tests in the pack. For more information about testing queries, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/testing-custom-queries)." For example:
  ```yaml
  extractor: javascript
  ```
@@ -312,6 +322,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `authors`
 - Optional.
 - Defines metadata that will be displayed on the packaging search page in the packages section of the account that the {% data variables.product.prodname_codeql %} pack is published to. For example:
  ```yaml
  authors: author1@github.com,author2@github.com
  ```
@@ -319,6 +330,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `license`
 - Optional.
 - Defines metadata that will be displayed on the packaging search page in the packages section of the account that the {% data variables.product.prodname_codeql %} pack is published to. For a list of allowed licenses, see [SPDX License List](https://spdx.org/licenses/) in the SPDX Specification. For example:
  ```yaml
  license: MIT
  ```
@@ -326,6 +338,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `description`
 - Optional.
 - Defines metadata that will be displayed on the packaging search page in the packages section of the account that the {% data variables.product.prodname_codeql %} pack is published to. For example:
  ```yaml
  description: Human-readable description of the contents of the {% data variables.product.prodname_codeql %} pack.
  ```
@@ -333,6 +346,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `libraryPathDependencies`
 - Optional, deprecated. Use the `dependencies` property instead.
 - Previously used to define the names of any {% data variables.product.prodname_codeql %} packs that this {% data variables.product.prodname_codeql %} pack depends on, as an array. This gives the pack access to any libraries, database schema, and query suites defined in the dependency. For example:
  ```yaml
  libraryPathDependencies: codeql/javascript-all
  ```
@@ -340,12 +354,15 @@ The following properties are supported in `qlpack.yml` files.
 #### `dbscheme`
 - Required by core language packs only.
 - Defines the path to the [database schema](https://codeql.github.com/docs/codeql-overview/codeql-glossary/#codeql-database-schema) for all libraries and queries written for this {% data variables.product.prodname_codeql %} language (see example below). For example:
  ```yaml
  dbscheme: semmlecode.python.dbscheme
  ```
 #### `upgrades`
 - Required by core language packs only.
 - Defines the path to a directory within the pack that contains database upgrade scripts, defined relative to the pack directory. Database upgrades are used internally to ensure that a database created with a different version of the {% data variables.product.prodname_codeql_cli %} is compatible with the current version of the CLI. For example:
  ```yaml
  upgrades: .
  ```
@@ -353,6 +370,7 @@ The following properties are supported in `qlpack.yml` files.
 #### `warnOnImplicitThis`
 - Optional. Defaults to `false` if the `warnOnImplicitThis` property is not defined.
 - Defines a boolean that specifies whether or not the compiler should emit warnings about member predicate calls with implicit `this` call receivers, that is, without an explicit receiver. Supported from {% data variables.product.prodname_codeql_cli %} version 2.13.2 and onwards. For example:
  ```yaml
  warnOnImplicitThis: true
  ```
--- a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md
+++ b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md
@@ -277,6 +277,7 @@ npm can be configured to use the private registry's URL in lockfiles with `repla
 ```shell
 npm config set replace-registry-host "never"
 ```
 {% endraw %}
 If you use `replace-registry-host`, you must locally run `npm install` in order to regenerate the lockfile to use the private registry URL. {% data variables.product.prodname_dependabot %} will use the same URL when providing updates.
@@ -377,6 +378,7 @@ registries:
    username: octocat@example.com
    password: ${{secrets.MY_AZURE_DEVOPS_TOKEN}}
 ```
 {% endraw %}
 {% raw %}
@@ -387,6 +389,7 @@ registries:
    url: https://pypi.fury.io/my_org
    token: ${{secrets.MY_GEMFURY_TOKEN}}
 ```
 {% endraw %}
 #### Notes
@@ -407,6 +410,7 @@ registries:
    url: https://npm.pkg.github.com/<org-name>
    token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}}
 ```
 {% endraw %}
 - For private registries, you have to check in a `.yarnrc.yml` file (for Yarn 3) or a `.yarnrc` file (for Yarn Classic).
--- a/content/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories.md
+++ b/content/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories.md
@@ -89,6 +89,7 @@ You can configure a _secret_scanning.yml_ file to exclude directories from {% da
 {% data reusables.files.add-file %}
 1. In the file name field, type _.github/secret_scanning.yml_.
 1. Under **Edit new file**, type `paths-ignore:` followed by the paths you want to exclude from {% data variables.product.prodname_secret_scanning %}.
    ``` yaml
    paths-ignore:
      - "foo/bar/*.js"
--- a/content/contributing/syntax-and-versioning-for-github-docs/using-markdown-and-liquid-in-github-docs.md
+++ b/content/contributing/syntax-and-versioning-for-github-docs/using-markdown-and-liquid-in-github-docs.md
@@ -357,14 +357,19 @@ For example, if you include the following link in a content file:
 ```
 /github/writing-on-github/creating-a-saved-reply
 ```
 When viewed on {% data variables.product.prodname_dotcom_the_website %} docs, the link gets rendered with the language code:
 ```
 /en/github/writing-on-github/creating-a-saved-reply
 ```
 and when viewed on {% data variables.product.prodname_ghe_server %} docs, the version is included as well:
 ```
 /en/enterprise-server@2.20/github/writing-on-github/creating-a-saved-reply
 ```
 For more information about links, see "[AUTOTITLE](/contributing/writing-for-github-docs/style-guide#links)."
 ### Permalinks
--- a/content/contributing/writing-for-github-docs/content-model.md
+++ b/content/contributing/writing-for-github-docs/content-model.md
@@ -573,6 +573,7 @@ Further reading sections highlight additional targeted articles that aren’t al
 - Use further reading sections sparingly and when they provide high value - see style guide for guidelines on linking.
 #### Title and format for further reading sections
 ```
 ### Further reading
 - "[Article title](article-URL)”
--- a/content/contributing/writing-for-github-docs/style-guide.md
+++ b/content/contributing/writing-for-github-docs/style-guide.md
@@ -471,6 +471,7 @@ For more information, see "[AUTOTITLE](PATH-TO-ARTICLE#HEADER-TITLE)."
 ```
 To link to two or more specific headers in a different article, use this format:
 ```
 For more information, see "[HEADER-TITLE-1](PATH-TO-ARTICLE#SECTION-LINK-1)" and "[HEADER-TITLE-2](PATH-TO-ARTICLE#SECTION-LINK-2)" in "ARTICLE-TITLE."
 ```
--- a/content/copilot/configuring-github-copilot/configuring-github-copilot-in-your-environment.md
+++ b/content/copilot/configuring-github-copilot/configuring-github-copilot-in-your-environment.md
@@ -119,6 +119,7 @@ Alternatively, you can create the file manually and save it in the location for
    ```xml copy
    <entry key="*" value="false" />
    ```
 1. Save the changes to the `github-copilot.xml` file.
 1. Restart your JetBrains IDE for the changes to take effect.
@@ -151,6 +152,7 @@ To deactivate {% data variables.product.prodname_copilot %} for all languages, t
  </component>
 </application>
 ```
 To specify languages individually, add an entry for each language you want to activate or deactivate {% data variables.product.prodname_copilot %} for. Specific language settings will override the wildcard. For example, to activate {% data variables.product.prodname_copilot %} for Python and YAML, and deactivate {% data variables.product.prodname_copilot %} for all other languages, add the following entries:
 ```xml copy
--- a/content/copilot/troubleshooting-github-copilot/viewing-logs-for-github-copilot-in-your-environment.md
+++ b/content/copilot/troubleshooting-github-copilot/viewing-logs-for-github-copilot-in-your-environment.md
@@ -60,6 +60,7 @@ If you find the log file doesn't contain enough information to resolve an issue,
   ```text copy
   #com.github.copilot:trace
   ```
 1. Keep using your IDE until you encounter the issue again, then collect the log file as described in "[Collecting log files](#collecting-log-files)."
 1. When you have the information you need, disable debug mode by removing `#com.github.copilot:trace` from the "Custom Debug Log Configuration" window.
@@ -131,6 +132,7 @@ If you find the log file doesn't contain enough information to resolve an issue,
      }
   },
   ```
 1. Keep using your IDE until you encounter the issue again, then collect the log file as described in "[Viewing and collecting log files](#viewing-and-collecting-log-files)."
 1. When you have the information you need, disable debug mode by removing the content you added to your settings.
--- a/content/issues/managing-your-tasks-with-tasklists/quickstart-for-tasklists.md
+++ b/content/issues/managing-your-tasks-with-tasklists/quickstart-for-tasklists.md
@@ -106,6 +106,7 @@ You can create multiple tasklists in a single issue. Each tasklist has its own t
   - [ ] Draft task
   ```
   ````
 1. To change the title of this tasklist, type a new title after `### `. For example, change `### Tasks` to `### Backend changes`.
 In the next two sections, we will make further changes to the Markdown before saving the comment.
--- a/content/migrations/using-github-enterprise-importer/completing-your-migration-with-github-enterprise-importer/reclaiming-mannequins-for-github-enterprise-importer.md
+++ b/content/migrations/using-github-enterprise-importer/completing-your-migration-with-github-enterprise-importer/reclaiming-mannequins-for-github-enterprise-importer.md
@@ -73,6 +73,7 @@ If your migration source is a {% data variables.product.prodname_dotcom %} produ
     ```shell copy
     gh gei generate-mannequin-csv --github-target-org DESTINATION --output FILENAME.csv
     ```
   {% data reusables.enterprise-migration-tool.edit-csv %}
 1. To reclaim mannequins, use the `gh gei reclaim-mannequin` command.
@@ -105,6 +106,7 @@ If your migration source is Azure DevOps, you can reclaim mannequins with the {%
     ```shell copy
     gh ado2gh generate-mannequin-csv --github-org DESTINATION --output FILENAME.csv
     ```
   {% data reusables.enterprise-migration-tool.edit-csv %}
 1. To reclaim mannequins, use the `gh ado2gh reclaim-mannequin` command.
--- a/content/packages/quickstart.md
+++ b/content/packages/quickstart.md
@@ -27,10 +27,13 @@ In this guide, you'll create a {% data variables.product.prodname_actions %} wor
    ```
 1. Create an `index.js` file and add a basic alert to say "Hello world!"
    ```javascript copy
    console.log("Hello, World!");
    ```
 1. Initialize an npm package with `npm init`. In the package initialization wizard, enter your package with the name: _`@YOUR-USERNAME/YOUR-REPOSITORY`_, and set the test script to `exit 0`. This will generate a `package.json` file with information about your package.
    ```shell
    $ npm init
      ...
@@ -39,6 +42,7 @@ In this guide, you'll create a {% data variables.product.prodname_actions %} wor
      test command: exit 0
      ...    
    ```
 1. Run `npm install` to generate the `package-lock.json` file, then commit and push your changes to {% data variables.product.prodname_dotcom %}.
    ```shell
@@ -89,15 +93,19 @@ In this guide, you'll create a {% data variables.product.prodname_actions %} wor
 1. Tell npm which scope and registry to publish packages to using one of the following methods:
   - Add an npm configuration file for the repository by creating a `.npmrc` file in the root directory with the contents:
      ```shell
      @YOUR-USERNAME:registry=https://npm.pkg.github.com
      ```
   - Edit the `package.json` file and specify the `publishConfig` key:
      ```shell
      "publishConfig": {
        "@YOUR-USERNAME:registry": "https://npm.pkg.github.com"
      }
      ```
 1. Commit and push your changes to {% data variables.product.prodname_dotcom %}.
    ```shell
--- a/content/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site.md
+++ b/content/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site.md
@@ -85,13 +85,16 @@ To set up an apex domain, such as `example.com`, you must configure a custom dom
 1. Navigate to your DNS provider and create either an `ALIAS`, `ANAME`, or `A` record. You can also create `AAAA` records for IPv6 support. If you're implementing IPv6 support, we highly recommend using an `A` record in addition to your `AAAA` record, due to slow adoption of IPv6 globally. {% data reusables.pages.contact-dns-provider %}
    - To create an `ALIAS` or `ANAME` record, point your apex domain to the default domain for your site. {% data reusables.pages.default-domain-information %}
    - To create `A` records, point your apex domain to the IP addresses for {% data variables.product.prodname_pages %}.
      ```shell
      185.199.108.153
      185.199.109.153
      185.199.110.153
      185.199.111.153
      ```
    - To create `AAAA` records, point your apex domain to the IP addresses for {% data variables.product.prodname_pages %}.
      ```shell
      2606:50c0:8000::153
      2606:50c0:8001::153
@@ -103,6 +106,7 @@ To set up an apex domain, such as `example.com`, you must configure a custom dom
 {% data reusables.command_line.open_the_multi_os_terminal %}
 1. To confirm that your DNS record configured correctly, use the `dig` command, replacing _EXAMPLE.COM_ with your apex domain. Confirm that the results match the IP addresses for {% data variables.product.prodname_pages %} above.
   - For `A` records:
     ```shell
     $ dig EXAMPLE.COM +noall +answer -t A
     > EXAMPLE.COM    3600    IN A     185.199.108.153
@@ -110,7 +114,9 @@ To set up an apex domain, such as `example.com`, you must configure a custom dom
     > EXAMPLE.COM    3600    IN A     185.199.110.153
     > EXAMPLE.COM    3600    IN A     185.199.111.153
     ```
   - For `AAAA` records:
     ```shell
     $ dig EXAMPLE.COM +noall +answer -t AAAA
     > EXAMPLE.COM     3600    IN AAAA     2606:50c0:8000::153
--- a/content/pages/getting-started-with-github-pages/using-custom-workflows-with-github-pages.md
+++ b/content/pages/getting-started-with-github-pages/using-custom-workflows-with-github-pages.md
@@ -51,6 +51,7 @@ The `deploy-pages` action handles the necessary setup for deploying artifacts. T
 For more information, see the [`deploy-pages`](https://github.com/marketplace/actions/deploy-github-pages-site) action.
 {% raw %}
 ```yaml
 ...
@@ -71,6 +72,7 @@ jobs:
        uses: actions/deploy-pages@v1
 ...
 ```
 {% endraw %}
 ## Linking separate build and deploy jobs
--- a/data/reusables/code-scanning/max-paths-setting.md
+++ b/data/reusables/code-scanning/max-paths-setting.md
@@ -1,10 +1,12 @@
 - {% data variables.product.prodname_codeql %} advanced setup for {% data variables.product.prodname_code_scanning %}: update the `analyze` step to limit the number of paths to a maximum of one or zero.
  ```yaml
  - name: Perform CodeQL Analysis
    uses: {% data reusables.actions.action-codeql-action-analyze %}
    env: 
      CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths", 1]}}'
  ```
 - {% data variables.product.prodname_codeql_cli %} `database analyze`: update the database analysis command to include the `--max-paths=1` flag. For more information, see "[AUTOTITLE](/code-security/codeql-cli/codeql-cli-manual/database-analyze#--max-pathsmaxpaths)."
 {% note %}
--- a/src/content-linter/style/base.js
+++ b/src/content-linter/style/base.js
@@ -83,7 +83,7 @@ export const baseConfig = {
  },
  'blanks-around-fences': {
    // MD031
-    severity: 'warning',
+    severity: 'error',
    'partial-markdown-files': true,
  },
  'no-space-in-emphasis': {