Merge branch 'main' of https://github.com/github/docs into codeowners

.github/workflows/browser-test.yml

@@ -65,6 +65,11 @@ jobs:
           PUPPETEER_SKIP_CHROMIUM_DOWNLOAD: true
         run: npm ci --include=optional
 
+      - uses: ./.github/actions/get-docs-early-access
+        if: ${{ github.repository == 'github/docs-internal' }}
+        with:
+          token: ${{ secrets.DOCUBOT_REPO_PAT }}
+
       - name: Cache nextjs build
         uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
         with:

components/landing/CodeExamples.tsx

@@ -48,7 +48,7 @@ export const CodeExamples = () => {
           htmlFor="searchCodeExamples"
           id="searchCodeExamples"
         >
-          Search code examples:
+          {t('code_example.search_examples')}
         </Text>
         <input
           data-testid="code-examples-input"
@@ -61,7 +61,7 @@ export const CodeExamples = () => {
           value={typed}
         />
         <button data-testid="code-examples-search-btn" className="btn ml-2 py-2" type="submit">
-          Search
+          {t('code_example.search_button')}
         </button>
       </form>
 

components/landing/GuideCards.tsx

@@ -6,11 +6,13 @@ import { useMainContext } from 'components/context/MainContext'
 
 import { useProductLandingContext } from 'components/context/ProductLandingContext'
 import { GuideCard } from 'components/landing/GuideCard'
+import { useTranslation } from 'components/hooks/useTranslation'
 
 export const GuideCards = () => {
   const router = useRouter()
   const { currentCategory } = useMainContext()
   const { featuredLinks, hasGuidesPage } = useProductLandingContext()
+  const { t } = useTranslation('product_landing')
 
   const routePath = `/${router.locale}${router.asPath.split('?')[0]}` // remove query string
 
@@ -30,7 +32,7 @@ export const GuideCards = () => {
 
       {!currentCategory && hasGuidesPage && (
         <Link href={`${routePath}/guides`} className="btn btn-outline float-right">
-          Explore guides <ArrowRightIcon />
+          {t('explore_guides')} <ArrowRightIcon />
         </Link>
       )}
     </div>

components/landing/ProductLanding.tsx

@@ -77,7 +77,7 @@ export const ProductLanding = () => {
         )}
 
         <LandingSection
-          title={`All ${shortTitle || title} docs`}
+          title={t('all_docs').replace('{{ title }}', shortTitle || title)}
           sectionLink="all-docs"
           className="pt-9"
         >

components/page-header/RestBanner.tsx

@@ -111,17 +111,21 @@ export const RestBanner = () => {
       </React.Fragment>,
     ])
 
+    const noticeStringParts = t('rest.banner.redirect_repo').split('{{ newRestPagesLinks }}')
     noticeString = (
       <React.Fragment>
-        If you can't find what you're looking for, you might try the new {newRestPagesText} REST API
-        pages.
+        {noticeStringParts[0]}
+        {newRestPagesText}
+        {noticeStringParts[1] || null}
       </React.Fragment>
     )
   } else if (restEnterpriseDisplayPages.includes(restPage)) {
+    const noticeStringParts = t('rest.banner.redirect_enterprise').split('{{ actionsPageLink }}')
     noticeString = (
       <React.Fragment>
-        If you can't find what you're looking for, you might try the{' '}
-        <Link href={`/${router.locale}/rest/actions`}>Actions</Link> REST API page.
+        {noticeStringParts[0]}
+        <Link href={`/${router.locale}/rest/actions`}>{t('rest.banner.actions_api_title')}</Link>
+        {noticeStringParts[1] || null}
       </React.Fragment>
     )
   }
@@ -131,7 +135,9 @@ export const RestBanner = () => {
       <Flash variant="warning">
         <p>
           <b className="text-bold">
-            <span>We've recently moved some of the REST API documentation. {noticeString}</span>
+            <span>
+              {t('rest.banner.redirect_notice')} {noticeString}
+            </span>
           </b>{' '}
         </p>
       </Flash>

components/release-notes/PatchNotes.tsx

@@ -39,7 +39,7 @@ export function PatchNotes({ patch, withReleaseNoteLabel }: Props) {
             <div>
               <h3 className="pl-4" id={sectionSlug}>
                 <LinkIconHeading slug={sectionSlug} />
-                {SectionToLabelMap[key] || 'INVALID SECTION'}
+                {`${patch.version}: ${SectionToLabelMap[key]}` || 'INVALID SECTION'}
               </h3>
               <ul>
                 {sectionItems.map((item, i) => {

components/rest/RestCodeSamples.tsx

@@ -14,7 +14,8 @@ import useClipboard from 'components/hooks/useClipboard'
 import { getShellExample, getGHExample, getJSExample } from 'components/lib/get-rest-code-samples'
 import styles from './RestCodeSamples.module.scss'
 import { RestMethod } from './RestMethod'
-import type { Operation, ExampleT, LanguageOptionT } from './types'
+import type { Operation, ExampleT } from './types'
+import { ResponseKeys, CodeSampleKeys } from './types'
 import { useVersion } from 'components/hooks/useVersion'
 
 type Props = {
@@ -23,9 +24,7 @@ type Props = {
   heading: string
 }
 
-const GHCLIKEY = 'ghcli'
-const JSKEY = 'javascript'
-const CURLKEY = 'curl'
+const responseSelectOptions = Object.values(ResponseKeys)
 
 // Add as needed. It's pretty cheap to add but please don't use
 // highlight.js import that loads all and everything.
@@ -33,13 +32,8 @@ hljs.registerLanguage('json', json)
 hljs.registerLanguage('javascript', javascript)
 hljs.registerLanguage('curl', hljsCurl)
 
-const responseSelectOptions = [
-  { key: 'example', text: 'Example response' },
-  { key: 'schema', text: 'Response schema' },
-]
-
 function getLanguageHighlight(selectedLanguage: string) {
-  return selectedLanguage === JSKEY ? 'javascript' : 'curl'
+  return selectedLanguage === CodeSampleKeys.javascript ? 'javascript' : 'curl'
 }
 
 export function RestCodeSamples({ operation, slug, heading }: Props) {
@@ -63,16 +57,16 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
   }))
 
   // Menu options for the language selector
-  const languageSelectOptions: LanguageOptionT[] = [{ key: CURLKEY, text: 'cURL' }]
+  const languageSelectOptions: CodeSampleKeys[] = [CodeSampleKeys.curl]
 
   // Management Console operations are not supported by Octokit
   if (operation.subcategory !== 'management-console') {
-    languageSelectOptions.push({ key: JSKEY, text: 'JavaScript' })
+    languageSelectOptions.push(CodeSampleKeys.javascript)
 
     // Not all examples support the GH CLI language option. If any of
     // the examples don't support it, we don't show GH CLI as an option.
     if (!languageExamples.some((example) => example.ghcli === undefined)) {
-      languageSelectOptions.push({ key: GHCLIKEY, text: 'GitHub CLI' })
+      languageSelectOptions.push(CodeSampleKeys.ghcli)
     }
   }
 
@@ -95,11 +89,9 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
     languageIndex: index,
   }))
 
-  const [selectedLanguage, setSelectedLanguage] = useState<keyof ExampleT>(
-    languageSelectOptions[0].key
-  )
+  const [selectedLanguage, setSelectedLanguage] = useState(languageSelectOptions[0])
   const [selectedExample, setSelectedExample] = useState(exampleSelectOptions[0])
-  const [selectedResponse, setSelectedResponse] = useState(responseSelectOptions[0].key)
+  const [selectedResponse, setSelectedResponse] = useState(responseSelectOptions[0])
   const [responseMaxHeight, setResponseMaxHeight] = useState(0)
 
   const isSingleExample = languageExamples.length === 1
@@ -109,11 +101,11 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
     setSelectedExample(exampleSelectOptions[Number(event.currentTarget.value)])
   }
 
-  const handleResponseSelection = (responseKey: string) => {
+  const handleResponseSelection = (responseKey: ResponseKeys) => {
     setSelectedResponse(responseKey)
   }
 
-  const handleLanguageSelection = (languageKey: keyof ExampleT) => {
+  const handleLanguageSelection = (languageKey: CodeSampleKeys) => {
     setSelectedLanguage(languageKey)
     Cookies.set('codeSampleLanguagePreferred', languageKey, {
       sameSite: 'strict',
@@ -139,9 +131,9 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
     // If the user previously selected a language preference and the language
     // is available in this component set it as the selected language
     const cookieValue = Cookies.get('codeSampleLanguagePreferred')
-    const preferredCodeLanguage = languageSelectOptions.find((item) => item.key === cookieValue)
+    const preferredCodeLanguage = languageSelectOptions.find((item) => item === cookieValue)
     if (cookieValue && preferredCodeLanguage) {
-      setSelectedLanguage(cookieValue as keyof ExampleT)
+      setSelectedLanguage(cookieValue as CodeSampleKeys)
     }
   }, [])
 
@@ -256,19 +248,19 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
         <div className="border-top d-inline-flex flex-justify-between width-full flex-items-center">
           <div className="d-inline-flex ml-2">
             <UnderlineNav aria-label="Example language selector">
-              {languageSelectOptions.map((option) => (
+              {languageSelectOptions.map((optionKey) => (
                 <UnderlineNav.Link
-                  key={option.key}
+                  key={optionKey}
                   onClick={() => {
-                    handleLanguageSelection(option.key)
+                    handleLanguageSelection(optionKey)
                   }}
-                  selected={option.key === selectedLanguage}
+                  selected={optionKey === selectedLanguage}
                   className="pr-3 mr-0"
                   sx={{
                     cursor: 'pointer',
                   }}
                 >
-                  {option.text}
+                  {t(`rest.reference.code_sample_options.${optionKey}`)}
                 </UnderlineNav.Link>
               ))}
             </UnderlineNav>
@@ -310,22 +302,22 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
       <div className="border rounded-1">
         {displayedExample.response.schema ? (
           <UnderlineNav aria-label="Example response format selector">
-            {responseSelectOptions.map((option) => {
+            {responseSelectOptions.map((optionKey) => {
               if (!displayedExample.response.schema) return null
 
               return (
                 <UnderlineNav.Link
-                  key={option.key}
+                  key={optionKey}
                   onClick={() => {
-                    handleResponseSelection(option.key)
+                    handleResponseSelection(optionKey)
                   }}
-                  selected={option.key === selectedResponse}
+                  selected={optionKey === selectedResponse}
                   className="pr-3 mr-0 ml-2"
                   sx={{
                     cursor: 'pointer',
                   }}
                 >
-                  {option.text}
+                  {t(`rest.reference.response_options.${optionKey}`)}
                 </UnderlineNav.Link>
               )
             })}
@@ -351,7 +343,9 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
               style={{ maxHeight: responseMaxHeight }}
             >
               <code ref={responseCodeExample}>
-                {selectedResponse === 'example' ? displayedExampleResponse : displayedExampleSchema}
+                {selectedResponse === ResponseKeys.example
+                  ? displayedExampleResponse
+                  : displayedExampleSchema}
               </code>
             </div>
           )}

components/rest/types.ts

@@ -73,9 +73,9 @@ export interface ChildParameter {
 
 export type ExampleT = {
   description: string
-  curl: string
-  javascript: string
-  ghcli?: string
+  [CodeSampleKeys.curl]?: string
+  [CodeSampleKeys.javascript]?: string
+  [CodeSampleKeys.ghcli]?: string
   response: {
     statusCode: string
     contentType?: string
@@ -85,7 +85,13 @@ export type ExampleT = {
   }
 }
 
-export type LanguageOptionT = {
-  key: keyof ExampleT
-  text: string
+export enum ResponseKeys {
+  example = 'example',
+  schema = 'schema',
+}
+
+export enum CodeSampleKeys {
+  curl = 'curl',
+  javascript = 'javascript',
+  ghcli = 'ghcli',
 }

content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-profile.md

@@ -33,6 +33,7 @@ People who visit your profile can also see the following information.
 - Repositories you've starred{% ifversion fpt or ghec %} and organized into lists{% endif %}. For more information, see "[AUTOTITLE](/get-started/exploring-projects-on-github/saving-repositories-with-stars)."
 - An overview of your activity in organizations, repositories, and teams you're most active in. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-an-overview-of-your-activity-on-your-profile)."{% ifversion fpt or ghec %}
 - Badges and Achievements that highlight your activity and show if you use {% data variables.product.prodname_pro %} or participate in programs like the {% data variables.product.prodname_arctic_vault %}, {% data variables.product.prodname_sponsors %}, or the {% data variables.product.company_short %} Developer Program. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#displaying-badges-on-your-profile)."{% endif %}
+- Your pronouns if you've set them. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#adding-pronouns-to-your-profile).
 
 You can also set a status on your profile to provide information about your availability. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status)."
 

content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md

@@ -96,6 +96,23 @@ For a longer-form and more prominent way of displaying customized information ab
 
 {% data reusables.profile.update-profile %}
 
+## Adding pronouns to your profile
+
+Add pronouns to your public user profile to share information about yourself with other {% data variables.product.product_name %} users. Your pronouns will only be visible to users that are signed in to {% data variables.product.product_name %}.
+
+{% note %}
+
+**Note:**
+  Your pronouns will be visible to {% data variables.product.product_name %} users, including in regions where local laws restrict using pronouns other than those assigned at birth.
+
+{% endnote %}
+
+{% data reusables.user-settings.access_settings %}
+1. Under **Pronouns**, add the pronouns that you want displayed on your profile. You may add custom pronouns.
+  ![Screenshot of selected pronouns showing "they/them" highlighted with a dark orange outline](/assets/images/help/profile/pronouns-field.png)
+
+{% data reusables.profile.update-profile %}
+
 {% ifversion profile-time-zone %}
 
 ## Setting your location and time zone

content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/setting-your-profile-to-private.md

@@ -26,6 +26,7 @@ When your profile is private, the following content is hidden from your profile
 - Follow and Sponsor buttons.
 - Organization memberships.
 - Stars, projects, packages, and sponsoring tabs.
+- Your pronouns.
 
 {% note %}
 

content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md

@@ -21,6 +21,8 @@ Environments are used to describe a general deployment target like `production`,
 
 You can configure environments with protection rules and secrets. When a workflow job references an environment, the job won't start until all of the environment's protection rules pass. A job also cannot access secrets that are defined in an environment until all the environment protection rules pass.
 
+{% ifversion actions-break-glass %}Optionally, you can bypass an environment's protection rules and force all pending jobs referencing the environment to proceed. For more information, see "[AUTOTITLE](/actions/managing-workflow-runs/reviewing-deployments#bypassing-environment-protection-rules)."{% endif %}
+
 {% ifversion fpt %}
 {% note %}
 
@@ -45,6 +47,12 @@ For more information on reviewing jobs that reference an environment with requir
 
 Use a wait timer to delay a job for a specific amount of time after the job is initially triggered. The time (in minutes) must be an integer between 0 and 43,200 (30 days).
 
+{% ifversion actions-break-glass %}
+### Do not let admins bypass protection rules
+
+Prevent admins from being able to bypass the configured environment protection rules.
+{% endif %}
+
 ### Deployment branches
 
 Use deployment branches to restrict which branches can deploy to the environment. Below are the options for deployment branches for an environment:
@@ -95,22 +103,28 @@ Variables stored in an environment are only available to workflow jobs that refe
    1. Select **Wait timer**.
    1. Enter the number of minutes to wait.
    1. Click **Save protection rules**.
-3. Optionally, specify what branches can deploy to this environment. For more information about the possible values, see "[Deployment branches](#deployment-branches)."
+{%- ifversion actions-break-glass %}
+3. Optionally, prevent admins from bypassing environment protection rules. For more information about bypassing environment protection rules, see "[AUTOTITLE](/actions/managing-workflow-runs/reviewing-deployments)."
+   1. Select **Do not let admins bypass protection rules**.
+   1. Click **Save protection rules**.
+{%- endif %}
+4. Optionally, specify what branches can deploy to this environment. For more information about the possible values, see "[Deployment branches](#deployment-branches)."
    1. Select the desired option in the **Deployment branches** dropdown.
    1. If you chose **Selected branches**, enter the branch name patterns that you want to allow.
-4. Optionally, add environment secrets. These secrets are only available to workflow jobs that use the environment. Additionally, workflow jobs that use this environment can only access these secrets after any configured rules (for example, required reviewers) pass. For more information about secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
+5. Optionally, add environment secrets. These secrets are only available to workflow jobs that use the environment. Additionally, workflow jobs that use this environment can only access these secrets after any configured rules (for example, required reviewers) pass. For more information about secrets, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets)."
    1. Under **Environment secrets**, click **Add Secret**.
    1. Enter the secret name.
    1. Enter the secret value.
    1. Click **Add secret**.
 {%- ifversion actions-configuration-variables %}
-5. Optionally, add environment variables. These variables are only available to workflow jobs that use the environment, and are only accessible using the [`vars`](/actions/learn-github-actions/contexts#vars-context) context. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables)."
+6. Optionally, add environment variables. These variables are only available to workflow jobs that use the environment, and are only accessible using the [`vars`](/actions/learn-github-actions/contexts#vars-context) context. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables)."
    1. Under **Environment variables**, click **Add Variable**.
    1. Enter the variable name.
    1. Enter the variable value.
    1. Click **Add variable**.
 {%- endif %}
 
+
 You can also create and configure environments through the REST API. For more information, see "[AUTOTITLE](/rest/deployments/environments)," "[AUTOTITLE](/rest/actions/secrets),"{% ifversion actions-configuration-variables %} "[AUTOTITLE](/rest/actions/variables),"{% endif %} and "[AUTOTITLE](/rest/deployments/branch-policies)."
 
 Running a workflow that references an environment that does not exist will create an environment with the referenced name. The newly created environment will not have any protection rules or secrets configured. Anyone that can edit workflows in the repository can create environments via a workflow file, but only repository admins can configure the environment.

content/actions/managing-workflow-runs/reviewing-deployments.md

@@ -25,3 +25,25 @@ For more information about environments and required approvals, see "[AUTOTITLE]
 4. Approve or reject:
    - To approve the job, click **Approve and deploy**. Once a job is approved (and any other environment protection rules have passed), the job will proceed. At this point, the job can access any secrets stored in the environment.
    - To reject the job, click **Reject**. If a job is rejected, the workflow will fail.
+
+{% ifversion actions-break-glass %}
+## Bypassing environment protection rules
+
+If you have configured environment protection rules that control whether software can be deployed to an environment, you can bypass these rules and force all pending jobs referencing the environment to proceed.
+
+{% note %}
+
+**Notes:**
+
+- You cannot bypass environment protection rules if the environment has been configured to prevent admins from bypassing configured protection rules. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment#creating-an-environment)."
+- You can only bypass environment protection rules during workflow execution when a job referencing the environment is in a "Pending" state.
+
+{% endnote %}
+
+1. Navigate to the workflow run. For more information about navigating to a workflow run, see "[AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history)."
+1. To the right of **Deployment protection rules**, click **Start all waiting jobs**.
+   ![Screenshot of the "Deployment protection rules" section with the "Start all waiting jobs" button outlined in orange](/assets/images/actions-bypass-env-protection-rules.png)
+1. In the pop-up window, select the environments for which you want to bypass environment protection rules.
+1. Under **Leave a comment**, enter a description for bypassing the environment protection rules.
+1. Click **I understand the consequences, start deploying**.
+{% endif %}

content/actions/migrating-to-github-actions/automated-migrations/automating-migration-with-github-actions-importer.md

@@ -1,6 +1,8 @@
 ---
 title: Automating migration with GitHub Actions Importer
 intro: 'Use {% data variables.product.prodname_actions_importer %} to plan and automate your migration to {% data variables.product.prodname_actions %}.'
+redirect_from:
+  - /actions/migrating-to-github-actions/automating-migration-with-github-actions-importer
 versions:
   fpt: '*'
   ghec: '*'
@@ -19,12 +21,6 @@ shortTitle: 'Automate migration with {% data variables.product.prodname_actions_
 
 [Legal notice](#legal-notice)
 
-{% note %}
-
-**Note**: {% data variables.product.prodname_actions_importer %} is currently available as a public preview. Visit the [sign up page](https://github.com/features/actions-importer/signup) to request access to the preview. Once you are granted access you'll be able to use the `gh-actions-importer` CLI extension
-
-{% endnote %}
-
 ## About {% data variables.product.prodname_actions_importer %}
 
 You can use {% data variables.product.prodname_actions_importer %} to plan and automatically migrate your CI/CD pipelines to {% data variables.product.prodname_actions %} from Azure DevOps, CircleCI, GitLab, Jenkins, and Travis CI.
@@ -43,13 +39,10 @@ You can use {% data variables.product.prodname_actions_importer %} to migrate fr
 - Jenkins
 - Travis CI
 
-Once you are granted access to the preview, you will be able to access further reference documentation for each of the supported platforms.
-
 ## Prerequisites
 
 {% data variables.product.prodname_actions_importer %} has the following requirements:
 
-- You must have been granted access to the public preview for the {% data variables.product.prodname_actions_importer %}.
 {%- ifversion ghes < 3.5 or ghae %}
 - Use a {% data variables.product.pat_generic %} with the `read:packages` scope enabled.
 {%- else %}
@@ -111,8 +104,6 @@ You must configure credentials that allow {% data variables.product.prodname_act
 $ gh actions-importer configure
 ```
 
-Once you are granted access to the preview, you will be able to access further reference documentation about using environment variables.
-
 ## Using the {% data variables.product.prodname_actions_importer %} CLI
 
 Use the subcommands of `gh actions-importer` to begin your migration to {% data variables.product.prodname_actions %}, including `audit`, `forecast`, `dry-run`, and `migrate`.
@@ -138,8 +129,6 @@ Commands:
   travis-ci     An audit will output a list of data used in a Travis CI instance.
 ```
 
-Once you are granted access to the preview, you will be able to access further reference documentation about running an audit.
-
 ### Forecasting usage
 
 The `forecast` subcommand reviews historical pipeline usage to create a forecast of {% data variables.product.prodname_actions %} usage.
@@ -162,8 +151,6 @@ Commands:
   github        Forecasts GitHub Actions usage from historical GitHub pipeline utilization.
 ```
 
-Once you are granted access to the preview, you will be able to access further reference documentation about running a forecast.
-
 ### Testing the migration process
 
 The `dry-run` subcommand can be used to convert a pipeline to its {% data variables.product.prodname_actions %} equivalent, and then write the workflow to your local filesystem.
@@ -185,8 +172,6 @@ Commands:
   travis-ci     Convert a Travis CI pipeline to a GitHub Actions workflow and output its yaml file.
 ```
 
-Once you are granted access to the preview, you will be able to access further reference documentation about performing a dry run.
-
 ### Migrating a pipeline to {% data variables.product.prodname_actions %}
 
 The `migrate` subcommand can be used to convert a pipeline to its GitHub Actions equivalent and then create a pull request with the contents.
@@ -208,32 +193,18 @@ Commands:
   travis-ci     Convert a Travis CI pipeline to a GitHub Actions workflow and and open a pull request with the changes.
 ```
 
-Once you are granted access to the preview, you will be able to access further reference documentation about running a migration.
+## Performing self-serve migrations using IssueOps
+
+You can use {% data variables.product.prodname_actions %} and {% data variables.product.prodname_github_issues %} to run CLI commands for {% data variables.product.prodname_actions_importer %}. This allows you to migrate your CI/CD workflows without installing software on your local machine. This approach is especially useful for organizations that want to enable self-service migrations to {% data variables.product.prodname_actions %}. Once IssueOps is configured, users can open an issue with the relevant template to migrate pipelines to {% data variables.product.prodname_actions %}.
+
+For more information about setting up self-serve migrations with IssueOps, see the [`actions/importer-issue-ops`](https://github.com/actions/importer-issue-ops) template repository.
+
+## Using the {% data variables.product.prodname_actions_importer %} labs repository
+
+The {% data variables.product.prodname_actions_importer %} labs repository contains platform-specific learning paths that teach you how to use {% data variables.product.prodname_actions_importer %} and how to approach migrations to {% data variables.product.prodname_actions %}. You can use this repository to learn how to use {% data variables.product.prodname_actions_importer %} to help plan, forecast, and automate your migration to {% data variables.product.prodname_actions %}. 
+
+To learn more, see the [GitHub Actions Importer labs repository](https://github.com/actions/importer-labs/tree/main#readme).
 
 ## Legal notice
 
-Portions have been adapted from https://github.com/github/gh-actions-importer/ under the MIT license:
-
-```
-MIT License
-
-Copyright (c) 2022 GitHub
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-```
+{% data reusables.actions.actions-importer-legal-notice %}

content/actions/migrating-to-github-actions/automated-migrations/extending-github-actions-importer-with-custom-transformers.md

@@ -0,0 +1,181 @@
+---
+title: Extending GitHub Actions Importer with custom transformers
+intro: '{% data variables.product.prodname_actions_importer %} offers the ability to extend its built-in mapping.'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: how_to
+topics:
+  - Migration
+  - CI
+  - CD
+shortTitle: 'Extending GitHub Actions Importer'
+---
+
+[Legal notice](#legal-notice)
+
+## About custom transformers
+
+{% data variables.product.prodname_actions_importer %} offers the ability to extend its built-in mapping by creating custom transformers. Custom transformers can be used to:
+
+- Convert items that {% data variables.product.prodname_actions_importer %} does not automatically convert, or modify how items are converted. For more information, see "[Creating custom transformers for items](#creating-custom-transformers-for-items)."
+- Convert references to runners to use different runner labels. For more information, see "[Creating custom transformers for runners](#creating-custom-transformers-for-runners)."
+- Convert environment variable values from your existing pipelines to {% data variables.product.prodname_actions %} workflows. For more information, see "[Creating custom transformers for environment variables](#creating-custom-transformers-for-environment-variables)."
+
+## Using custom transformers with {% data variables.product.prodname_actions_importer %}
+
+A custom transformer contains mapping logic that {% data variables.product.prodname_actions_importer %} can use to transform your plugins, tasks, runner labels, or environment variables to work with {% data variables.product.prodname_actions %}. Custom transformers are written with a domain-specific language (DSL) built on top of Ruby, and are defined within a file with the `.rb` file extension. 
+
+You can use the `--custom-transformers` CLI option to specify which custom transformer files to use with the `audit`, `dry-run`, and `migrate` commands.
+
+For example, if custom transformers are defined in a file named `transformers.rb`, you can use the following command to use them with {% data variables.product.prodname_actions_importer %}:
+
+```
+gh actions-importer ... --custom-transformers transformers.rb
+```
+
+Alternatively, you can use the glob pattern syntax to specify multiple custom transformer files. For example, if multiple custom transformer files are within a directory named `transformers`, you can provide them all to {% data variables.product.prodname_actions_importer %} with the following command:
+
+```
+gh actions-importer ... --custom-transformers transformers/*.rb
+```
+
+{% note %}
+
+**Note:** When you use custom transformers, the custom transformer files must reside in the same directory, or in subdirectores, from where the `gh actions-importer` command is run.
+
+{% endnote %}
+
+## Creating custom transformers for items
+
+You can create custom transformers that {% data variables.product.prodname_actions_importer %} will use when converting existing build steps or triggers to their equivalent in {% data variables.product.prodname_actions %}. This is especially useful when:
+
+- {% data variables.product.prodname_actions_importer %} doesn't automatically convert an item.
+- You want to change how an item is converted by {% data variables.product.prodname_actions_importer %}.
+- Your existing pipelines use custom or proprietary extensions, such as shared libraries in Jenkins, and you need to define how these steps should function in {% data variables.product.prodname_actions %}.
+
+{% data variables.product.prodname_actions_importer %} uses custom transformers that are defined using a DSL built on top of Ruby. In order to create custom transformers for build steps and triggers:
+
+- Each custom transformer file must contain at least one `transform` method.
+- Each `transform` method must return a `Hash`, an array of `Hash`'s, or `nil`. This returned value will correspond to an action defined in YAML. For more information about actions, see "[AUTOTITLE](/actions/learn-github-actions/understanding-github-actions)."
+
+### Example custom transformer for a build step
+
+The following example converts a build step that uses the "buildJavascriptApp" identifier to run various `npm` commands:
+
+```ruby{:copy}
+transform "buildJavascriptApp" do |item|
+  command = ["build", "package", "deploy"].map do |script|
+    "npm run #{script}"
+  end
+
+  {
+    name: "build javascript app",
+    run: command.join("\n")
+  }
+end
+```
+
+The above example results in the following {% data variables.product.prodname_actions %} workflow step. It is comprised of converted build steps that had a `buildJavascriptApp` identifier:
+
+```yaml
+- name: build javascript app
+  run: |
+    npm run build
+    npm run package
+    npm run deploy
+```
+
+The `transform` method uses the identifier of the build step from your source CI/CD instance in an argument. In this example, the identifier is `buildJavascriptLibrary`. You can also use comma-separated values to pass multiple identifiers to the `transform` method. For example, `transform "buildJavascriptApp", "buildTypescriptApp" { |item| ... }`.
+
+{% note %}
+
+**Note**: The data structure of `item` will be different depending on the CI/CD platform and the type of item being converted.
+
+{% endnote %}
+
+## Creating custom transformers for runners
+
+You can customize the mapping between runners in your source CI/CD instance and their equivalent {% data variables.product.prodname_actions %} runners.
+
+{% data variables.product.prodname_actions_importer %} uses custom transformers that are defined using a DSL built on top of Ruby. To create custom transformers for runners:
+
+- The custom transformer file must have at least one `runner` method.
+- The `runner` method accepts two parameters. The first parameter is the source CI/CD instance's runner label, and the second parameter is the corresponding {% data variables.product.prodname_actions %} runner label. {% ifversion not ghae %}For more information on {% data variables.product.prodname_actions %} runners, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources)."{% endif %}
+
+### Example custom transformers for runners
+
+The following example shows a `runner` method that converts one runner label to one {% data variables.product.prodname_actions %} runner label in the resulting workflow.
+
+```ruby{:copy}
+runner "linux", "ubuntu-latest"
+```
+
+You can also use the `runner` method to convert one runner label to multiple {% data variables.product.prodname_actions %} runner labels in the resulting workflow.
+
+```ruby{:copy}
+runner "big-agent", ["self-hosted", "xl", "linux"]
+```
+
+{% data variables.product.prodname_actions_importer %} attempts to map the runner label as best it can. In cases where it cannot do this, the `ubuntu-latest` runner label is used as a default. You can use a special keyword with the `runner` method to control this default value. For example, the following custom transformer instructs {% data variables.product.prodname_actions_importer %} to use `macos-latest` as the default runner instead of `ubuntu-latest`.
+
+```ruby{:copy}
+runner :default, "macos-latest"
+```
+
+## Creating custom transformers for environment variables
+
+You can customize the mapping between environment variables in your source CI/CD pipelines to their values in {% data variables.product.prodname_actions %}.
+
+{% data variables.product.prodname_actions_importer %} uses custom transformers that are defined using a DSL built on top of Ruby. To create custom transformers for environment variables:
+
+- The custom transformer file must have at least one `env` method.
+- The `env` method accepts two parameters. The first parameter is the name of the environment variable in the original pipeline, and the second parameter is the updated value for the environment variable for {% data variables.product.prodname_actions %}. For more information about {% data variables.product.prodname_actions %} environment variables, see "[AUTOTITLE](/actions/learn-github-actions/variables)."
+
+### Example custom transformers for environment variables
+
+There are several ways you can set up custom transformers to map your environment variables.
+
+- The following example sets the value of any existing environment variables named `OCTO`, to `CAT` when transforming a pipeline.
+
+  ```ruby{:copy}
+  env "OCTO", "CAT"
+  ```
+
+  You can also remove all instances of a specific environment variable so they are not transformed to an {% data variables.product.prodname_actions %} workflow. The following example removes all environment variables with the name `MONA_LISA`.
+
+  ```ruby{:copy}
+  env "MONA_LISA", nil
+  ```
+
+- You can also map your existing environment variables to secrets. For example, the following `env` method maps an environment variable named `MONALISA` to a secret named `OCTOCAT`.
+
+  ```ruby{:copy}
+  env "MONALISA", secret("OCTOCAT")
+  ```
+
+  This will set up a reference to a secret named `OCTOCAT` in the transformed workflow. For the secret to work, you will need to create the secret in your GitHub repository. For more information, see "[AUTOTITLE](/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository)."
+
+- You can also use regular expressions to update the values of multiple environment variables at once. For example, the following custom transformer removes all environment variables from the converted workflow:
+
+  ```ruby{:copy}
+  env /.*/, nil
+  ```
+
+  The following example uses a regular expression match group to transform environment variable values to dynamically generated secrets.
+
+  ```ruby{:copy}
+  env /^(.+)_SSH_KEY/, secret("%s_SSH_KEY)
+  ```
+
+  {% note %}
+
+  **Note**: The order in which `env` methods are defined matters when using regular expressions. The first `env` transformer that matches an environment variable name takes precedence over subsequent `env` methods. You should define your most specific environment variable transformers first.
+
+  {% endnote %}
+
+## Legal notice
+
+{% data reusables.actions.actions-importer-legal-notice %}

content/actions/migrating-to-github-actions/automated-migrations/index.md

@@ -0,0 +1,15 @@
+---
+title: 'Using {% data variables.product.prodname_actions_importer %} to automate migrations'
+shortTitle: Automated migrations
+intro: 'Learn how to use {% data variables.product.prodname_actions_importer %} to migrate your CI/CD workflows to {% data variables.product.prodname_actions %}.'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+children:
+  - /automating-migration-with-github-actions-importer
+  - /extending-github-actions-importer-with-custom-transformers
+  - /supplemental-arguments-and-settings
+---
+

content/actions/migrating-to-github-actions/automated-migrations/supplemental-arguments-and-settings.md

@@ -0,0 +1,148 @@
+---
+title: Supplemental arguments and settings
+intro: '{% data variables.product.prodname_actions_importer %} has several supplemental arguments and settings to tailor the migration process to your needs.'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: reference
+topics:
+  - Migration
+  - CI
+  - CD
+---
+
+[Legal notice](#legal-notice)
+
+This article provides general information for configuring {% data variables.product.prodname_actions_importer %}'s supplemental arguments and settings, such as optional parameters, path arguments, and network settings.
+
+## Optional parameters
+
+{% data variables.product.prodname_actions_importer %} has several optional parameters that you can use to customize the migration process.
+
+### Limiting allowed actions
+
+The following options can be used to limit which actions are allowed in converted workflows. When used in combination, these options expand the list of allowed actions. If none of these options are supplied, then all actions are allowed.
+
+- `--allowed-actions` specifies a list of actions to allow in converted workflows. Wildcards are supported. Any other actions other than those provided will be disallowed.
+
+  For example:
+
+  ```shell
+  --allowed-actions {% data reusables.actions.action-checkout %} actions/upload-artifact@* my-org/*
+  ```
+
+  You can provide an empty list to disallow all actions. For example, `--allowed-actions=`.
+
+- `--allow-verified-actions` specifies that all actions from verified creators are allowed.
+
+- `--allow-github-created-actions` specifies that actions published from the `github` or `actions` organizations are allowed.
+
+  For example, such actions include `github/super-linter` and `actions/checkout`.
+  
+  This option is equivalent to `--allowed-actions actions/* github/*`.
+
+### Using a credentials file for authentication
+
+The `--credentials-file` parameter specifies the path to a file containing credentials for different servers that {% data variables.product.prodname_actions_importer %} can authenticate to. This is useful when build scripts (such as `.travis.yml` or `jenkinsfile`) are stored in multiple {% data variables.product.prodname_ghe_server %} instances.
+
+A credentials file must be a YAML file containing a list of server and access token combinations. {% data variables.product.prodname_actions_importer %} uses the credentials for the URL that most closely matches the network request being made.
+
+For example:
+
+```yml
+- url: https://github.com
+  access_token: ghp_mygeneraltoken
+- url: https://github.com/specific_org/
+  access_token: ghp_myorgspecifictoken
+- url: https://jenkins.org
+  access_token: abc123
+  username: marty_mcfly
+```
+
+For the above credentials file, {% data variables.product.prodname_actions_importer %} uses the access token `ghp_mygeneraltoken` to authenticate all network requests to `https://github.com`, _unless_ the network request is for a repository in the `specific_org` organization. In that case, the `ghp_myorgspecifictoken` token is used to authenticate instead.
+
+#### Alternative source code providers
+
+{% data variables.product.prodname_actions_importer %} can automatically fetch source code from non-{% data variables.product.prodname_dotcom %} repositories. A credentials file can specify the `provider`, the provider URL, and the credentials needed to retrieve the source code.
+
+For example:
+
+```yml
+- url: https://gitlab.com
+  access_token: super_secret_token
+  provider: gitlab
+```
+
+For the above example, {% data variables.product.prodname_actions_importer %} uses the token `super_secret_token` to retrieve any source code that is hosted on `https://gitlab.com`.
+
+Supported values for `provider` are:
+
+- `github` (default)
+- `gitlab`
+- `bitbucket_server`
+- `azure_devops`
+
+### Restricting {% data variables.product.prodname_actions %} features to include in workflows
+
+You can use the `--features` option to limit the features used in workflows that {% data variables.product.prodname_actions_importer %} creates. This is useful for excluding newer {% data variables.product.prodname_actions %} syntax from workflows when migrating to an older {% data variables.product.prodname_ghe_server %} instance. When using the `--features` option, you must specify the version of {% data variables.product.prodname_ghe_server %} that you are migrating to.
+
+For example:
+
+```bash
+gh actions-importer dry-run ... --features ghes-3.3
+```
+
+The supported values for `--features` are:
+
+- `all` (default value)
+- `ghes-latest`
+- `ghes-<number>`, where `<number>` is the version of {% data variables.product.prodname_ghe_server %}, `3.0` or later. For example, `ghes-3.3`.
+
+### Disabling network response caching
+
+By default, {% data variables.product.prodname_actions_importer %} caches responses from network requests to reduce network load and reduce run time. You can use the `--no-http-cache` option to disable the network cache. For example:
+
+```bash
+gh actions-importer forecast ... --no-http-cache
+```
+
+## Path arguments
+
+When running {% data variables.product.prodname_actions_importer %}, path arguments are relative to the container's disk, so absolute paths relative to the container's host machine are not supported. When {% data variables.product.prodname_actions_importer %} is run, the container's `/data` directory is mounted to the directory where {% data variables.product.prodname_actions_importer %} is run.
+
+For example, the following command outputs the {% data variables.product.prodname_actions_importer %} audit summary to the `/Users/mona/out` directory:
+
+```console
+# Current directory: /Users/mona
+$ gh actions-importer audit --output-dir /data/out
+```
+
+## Using a proxy
+
+To access servers that are configured with a HTTP proxy, you must set the following environment variables with the proxy's URL:
+
+- `OCTOKIT_PROXY`: for any {% data variables.product.prodname_dotcom %} server.
+- `HTTP_PROXY` (or `HTTPS_PROXY`): for any other servers.
+
+For example:
+
+```sh
+export OCTOKIT_PROXY=https://proxy.example.com:8443
+export HTTPS_PROXY=$OCTOKIT_PROXY
+```
+
+If the proxy requires authentication, a username and password must be included in the proxy URL. For example, `https://username:password@proxy.url:port`.
+
+## Disabling SSL certificate verification
+
+By default, {% data variables.product.prodname_actions_importer %} verifies SSL certificates when making network requests. You can disable SSL certificate verification with the `--no-ssl-verify` option. For example:
+
+```bash
+gh actions-importer audit --output-dir ./output --no-ssl-verify
+```
+
+## Legal notice
+
+{% data reusables.actions.actions-importer-legal-notice %}

content/actions/migrating-to-github-actions/index.md

@@ -10,10 +10,6 @@ versions:
 redirect_from:
   - /articles/migrating-github-actions-from-hcl-syntax-to-yaml-syntax
 children:
-  - /automating-migration-with-github-actions-importer
-  - /migrating-from-azure-pipelines-to-github-actions
-  - /migrating-from-circleci-to-github-actions
-  - /migrating-from-gitlab-cicd-to-github-actions
-  - /migrating-from-jenkins-to-github-actions
-  - /migrating-from-travis-ci-to-github-actions
----
+  - /automated-migrations
+  - /manual-migrations
+---

content/actions/migrating-to-github-actions/manual-migrations/index.md

@@ -0,0 +1,17 @@
+---
+title: Manually migrating to GitHub Actions
+shortTitle: Manual migrations
+intro: 'Learn how to manually migrate your existing CI/CD workflows to {% data variables.product.prodname_actions %}.'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+children:
+  - /migrating-from-azure-pipelines-to-github-actions
+  - /migrating-from-circleci-to-github-actions
+  - /migrating-from-gitlab-cicd-to-github-actions
+  - /migrating-from-jenkins-to-github-actions
+  - /migrating-from-travis-ci-to-github-actions
+---
+

content/actions/migrating-to-github-actions/manual-migrations/migrating-from-azure-pipelines-to-github-actions.md

@@ -3,6 +3,7 @@ title: Migrating from Azure Pipelines to GitHub Actions
 intro: '{% data variables.product.prodname_actions %} and Azure Pipelines share several configuration similarities, which makes migrating to {% data variables.product.prodname_actions %} relatively straightforward.'
 redirect_from:
   - /actions/learn-github-actions/migrating-from-azure-pipelines-to-github-actions
+  - /actions/migrating-to-github-actions/migrating-from-azure-pipelines-to-github-actions
 versions:
   fpt: '*'
   ghes: '*'

content/actions/migrating-to-github-actions/manual-migrations/migrating-from-circleci-to-github-actions.md

@@ -3,6 +3,7 @@ title: Migrating from CircleCI to GitHub Actions
 intro: 'GitHub Actions and CircleCI share several similarities in configuration, which makes migration to GitHub Actions relatively straightforward.'
 redirect_from:
   - /actions/learn-github-actions/migrating-from-circleci-to-github-actions
+  - /actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions
 versions:
   fpt: '*'
   ghes: '*'

content/actions/migrating-to-github-actions/manual-migrations/migrating-from-gitlab-cicd-to-github-actions.md

@@ -3,6 +3,7 @@ title: Migrating from GitLab CI/CD to GitHub Actions
 intro: '{% data variables.product.prodname_actions %} and GitLab CI/CD share several configuration similarities, which makes migrating to {% data variables.product.prodname_actions %} relatively straightforward.'
 redirect_from:
   - /actions/learn-github-actions/migrating-from-gitlab-cicd-to-github-actions
+  - /actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions
 versions:
   fpt: '*'
   ghes: '*'

content/actions/migrating-to-github-actions/manual-migrations/migrating-from-jenkins-to-github-actions.md

@@ -3,6 +3,7 @@ title: Migrating from Jenkins to GitHub Actions
 intro: '{% data variables.product.prodname_actions %} and Jenkins share multiple similarities, which makes migration to {% data variables.product.prodname_actions %} relatively straightforward.'
 redirect_from:
   - /actions/learn-github-actions/migrating-from-jenkins-to-github-actions
+  - /actions/migrating-to-github-actions/migrating-from-jenkins-to-github-actions
 versions:
   fpt: '*'
   ghes: '*'

content/actions/migrating-to-github-actions/manual-migrations/migrating-from-travis-ci-to-github-actions.md

@@ -3,6 +3,7 @@ title: Migrating from Travis CI to GitHub Actions
 intro: '{% data variables.product.prodname_actions %} and Travis CI share multiple similarities, which helps make it relatively straightforward to migrate to {% data variables.product.prodname_actions %}.'
 redirect_from:
   - /actions/learn-github-actions/migrating-from-travis-ci-to-github-actions
+  - /actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions
 versions:
   fpt: '*'
   ghes: '*'

content/actions/using-workflows/events-that-trigger-workflows.md

@@ -19,11 +19,15 @@ shortTitle: Events that trigger workflows
 
 Workflow triggers are events that cause a workflow to run. For more information about how to use workflow triggers, see "[AUTOTITLE](/actions/using-workflows/triggering-a-workflow)."
 
-## Available events
+Some events have multiple activity types. For these events, you can specify which activity types will trigger a workflow run. For more information about what each activity type means, see "[AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads)."
 
-Some events have multiple activity types. For these events, you can specify which activity types will trigger a workflow run. For more information about what each activity type means, see "[AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads)." Note that not all webhook events trigger workflows.
+{% note %}
 
-### `branch_protection_rule`
+**Note:** Not all webhook events trigger workflows.
+
+{% endnote %}
+
+## `branch_protection_rule`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -47,7 +51,7 @@ on:
     types: [created, deleted]
 ```
 
-### `check_run`
+## `check_run`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -71,7 +75,7 @@ on:
     types: [rerequested, completed]
 ```
 
-### `check_suite`
+## `check_suite`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -101,7 +105,7 @@ on:
     types: [completed]
 ```
 
-### `create`
+## `create`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -122,7 +126,7 @@ on:
   create
 ```
 
-### `delete`
+## `delete`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -145,7 +149,7 @@ on:
   delete
 ```
 
-### `deployment`
+## `deployment`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -160,7 +164,7 @@ on:
   deployment
 ```
 
-### `deployment_status`
+## `deployment_status`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -182,7 +186,7 @@ on:
 ```
 
 {% ifversion discussions %}
-### `discussion`
+## `discussion`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -208,7 +212,7 @@ on:
     types: [created, edited, answered]
 ```
 
-### `discussion_comment`
+## `discussion_comment`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -236,7 +240,7 @@ on:
 
 {% endif %}
 
-### `fork`
+## `fork`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -253,7 +257,7 @@ on:
   fork
 ```
 
-### `gollum`
+## `gollum`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -270,7 +274,7 @@ on:
   gollum
 ```
 
-### `issue_comment`
+## `issue_comment`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -294,7 +298,7 @@ on:
     types: [created, deleted]
 ```
 
-#### `issue_comment` on issues only or pull requests only
+### `issue_comment` on issues only or pull requests only
 
 The `issue_comment` event occurs for comments on both issues and pull requests. You can use the `github.event.issue.pull_request` property in a conditional to take different action depending on whether the triggering object was an issue or pull request.
 
@@ -327,7 +331,7 @@ jobs:
           NUMBER: {% raw %}${{ github.event.issue.number }}{% endraw %}
 ```
 
-### `issues`
+## `issues`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -351,7 +355,7 @@ on:
     types: [opened, edited, milestoned]
 ```
 
-### `label`
+## `label`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -379,7 +383,7 @@ on:
 
 {% ifversion fpt or ghec  %}
 
-### `merge_group`
+## `merge_group`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -405,7 +409,7 @@ on:
 ```
 
 {% endif %}
-### `milestone`
+## `milestone`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -431,7 +435,7 @@ on:
     types: [opened, deleted]
 ```
 
-### `page_build`
+## `page_build`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -448,7 +452,7 @@ on:
   page_build
 ```
 
-### `project`
+## `project`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -486,7 +490,7 @@ on:
     types: [created, deleted]
 ```
 
-### `project_card`
+## `project_card`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -524,7 +528,7 @@ on:
     types: [created, deleted]
 ```
 
-### `project_column`
+## `project_column`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -562,7 +566,7 @@ on:
     types: [created, deleted]
 ```
 
-### `public`
+## `public`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -579,7 +583,7 @@ on:
   public
 ```
 
-### `pull_request`
+## `pull_request`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -625,7 +629,7 @@ jobs:
       - run: echo 'A review from octo-team was requested'
 ```
 
-#### Running your `pull_request` workflow based on the head or base branch of a pull request
+### Running your `pull_request` workflow based on the head or base branch of a pull request
 
 You can use the `branches` or `branches-ignore` filter to configure your workflow to only run on pull requests that target specific branches. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore)."
 
@@ -672,7 +676,7 @@ jobs:
       - run: echo "The head of this PR starts with 'releases/'"
 ```
 
-#### Running your `pull_request` workflow based on files changed in a pull request
+### Running your `pull_request` workflow based on files changed in a pull request
 
 You can also configure your workflow to run when a pull request changes specific files. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
 
@@ -702,7 +706,7 @@ on:
 
 {% endnote %}
 
-#### Running your `pull_request` workflow when a pull request merges
+### Running your `pull_request` workflow when a pull request merges
 
 When a pull request merges, the pull request is automatically closed. To run a workflow when a pull request merges, use the `pull_request` `closed` event type along with a conditional that checks the `merged` value of the event. For example, the following workflow will run whenever a pull request closes. The `if_merged` job will only run if the pull request was also merged.
 
@@ -723,11 +727,11 @@ jobs:
 
 {% data reusables.developer-site.pull_request_forked_repos_link %}
 
-### `pull_request_comment` (use `issue_comment`)
+## `pull_request_comment` (use `issue_comment`)
 
 To run your workflow when a comment on a pull request (not on a pull request's diff) is created, edited, or deleted, use the [`issue_comment`](#issue_comment) event. For activity related to pull request reviews or pull request review comments, use the [`pull_request_review`](#pull_request_review) or [`pull_request_review_comment`](#pull_request_review_comment) events.
 
-### `pull_request_review`
+## `pull_request_review`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -749,7 +753,7 @@ on:
     types: [edited, dismissed]
 ```
 
-#### Running a workflow when a pull request is approved
+### Running a workflow when a pull request is approved
 
 To run your workflow when a pull request has been approved, you can trigger your workflow with the `submitted` type of `pull_request_review` event, then check the review state with the `github.event.review.state` property. For example, this workflow will run whenever a pull request review is submitted, but the `approved` job will only run if the submitted review is an approving review:
 
@@ -768,7 +772,7 @@ jobs:
 
 {% data reusables.developer-site.pull_request_forked_repos_link %}
 
-### `pull_request_review_comment`
+## `pull_request_review_comment`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -792,7 +796,7 @@ on:
 
 {% data reusables.developer-site.pull_request_forked_repos_link %}
 
-### `pull_request_target`
+## `pull_request_target`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -824,7 +828,7 @@ on:
     types: [assigned, opened, synchronize, reopened]
 ```
 
-#### Running your `pull_request_target` workflow based on the head or base branch of a pull request
+### Running your `pull_request_target` workflow based on the head or base branch of a pull request
 
 You can use the `branches` or `branches-ignore` filter to configure your workflow to only run on pull requests that target specific branches. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore)."
 
@@ -871,7 +875,7 @@ jobs:
       - run: echo "The head of this PR starts with 'releases/'"
 ```
 
-#### Running your `pull_request_target` workflow based on files changed in a pull request
+### Running your `pull_request_target` workflow based on files changed in a pull request
 
 You can use the `paths` or `paths-ignore` filter to configure your workflow to run when a pull request changes specific files. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
 
@@ -901,7 +905,7 @@ on:
 
 {% endnote %}
 
-#### Running your `pull_request_target` workflow when a pull request merges
+### Running your `pull_request_target` workflow when a pull request merges
 
 When a pull request merges, the pull request is automatically closed. To run a workflow when a pull request merges, use the `pull_request_target` `closed` event type along with a conditional that checks the `merged` value of the event. For example, the following workflow will run whenever a pull request closes. The `if_merged` job will only run if the pull request was also merged.
 
@@ -920,7 +924,7 @@ jobs:
         echo The PR was merged
 ```
 
-### `push`
+## `push`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -953,7 +957,7 @@ on:
 
 {% endnote %}
 
-#### Running your workflow only when a push to specific branches occurs
+### Running your workflow only when a push to specific branches occurs
 
 You can use the `branches` or `branches-ignore` filter to configure your workflow to only run when specific branches are pushed. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore)."
 
@@ -982,7 +986,7 @@ on:
 
 {% endnote %}
 
-#### Running your workflow only when a push of specific tags occurs
+### Running your workflow only when a push of specific tags occurs
 
 You can use the `tags` or `tags-ignore` filter to configure your workflow to only run when specific tags are pushed. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore)."
 
@@ -995,7 +999,7 @@ on:
       - v1.**
 ```
 
-#### Running your workflow only when a push affects specific files
+### Running your workflow only when a push affects specific files
 
 You can use the `paths` or `paths-ignore` filter to configure your workflow to run when a push to specific files occurs. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
 
@@ -1023,7 +1027,7 @@ on:
 
 {% endnote %}
 
-### `registry_package`
+## `registry_package`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -1047,7 +1051,7 @@ on:
     types: [published]
 ```
 
-### `release`
+## `release`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -1081,7 +1085,7 @@ on:
     types: [published]
 ```
 
-### `repository_dispatch`
+## `repository_dispatch`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | ------------------ | ------------ | ------------ | ------------------|
@@ -1134,7 +1138,7 @@ jobs:
         run: echo $MESSAGE
 ```
 
-### `schedule`
+## `schedule`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -1179,7 +1183,7 @@ You can use [crontab guru](https://crontab.guru/) to help generate your cron syn
 
 Notifications for scheduled workflows are sent to the user who last modified the cron syntax in the workflow file. For more information, see "[AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/notifications-for-workflow-runs)."
 
-### `status`
+## `status`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -1214,7 +1218,7 @@ jobs:
           echo The status is error or failed: $DESCRIPTION
 ```
 
-### `watch`
+## `watch`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -1238,7 +1242,7 @@ on:
     types: [started]
 ```
 
-### `workflow_call`
+## `workflow_call`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | ------------------ | ------------ | ------------ | ------------------|
@@ -1252,7 +1256,7 @@ The example below only runs the workflow when it's called from another workflow:
 on: workflow_call
 ```
 
-### `workflow_dispatch`
+## `workflow_dispatch`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | ------------------ | ------------ | ------------ | ------------------|
@@ -1264,7 +1268,7 @@ To manually trigger a workflow, use the `workflow_dispatch` event. You can manua
 on: workflow_dispatch
 ```
 
-#### Providing inputs
+### Providing inputs
 
 You can configure custom-defined input properties, default input values, and required inputs for the event directly in your workflow. When you trigger the event, you can provide the `ref` and any `inputs`. When the workflow runs, you can access the input values in the {% ifversion actions-unified-inputs %}`inputs`{% else %}`github.event.inputs`{% endif %} context. For more information, see "[AUTOTITLE](/actions/learn-github-actions/contexts)."
 
@@ -1320,7 +1324,7 @@ gh workflow run run-tests.yml -f logLevel=warning -f tags=false -f environment=s
 
 For more information, see the {% data variables.product.prodname_cli %} information in "[AUTOTITLE](/actions/managing-workflow-runs/manually-running-a-workflow)."
 
-### `workflow_run`
+## `workflow_run`
 
 | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
 | --------------------- | -------------- | ------------ | -------------|
@@ -1362,7 +1366,7 @@ on:
       - completed
 ```
 
-#### Running a workflow based on the conclusion of another workflow
+### Running a workflow based on the conclusion of another workflow
 
 A workflow run is triggered regardless of the conclusion of the previous workflow. If you want to run a job or step based on the result of the triggering workflow, you can use a conditional with the `github.event.workflow_run.conclusion` property. For example, this workflow will run whenever a workflow named "Build" completes, but the `on-success` job will only run if the "Build" workflow succeeded, and the `on-failure` job will only run if the "Build" workflow failed:
 
@@ -1385,7 +1389,7 @@ jobs:
       - run: echo 'The triggering workflow failed'
 ```
 
-#### Limiting your workflow to run based on branches
+### Limiting your workflow to run based on branches
 
 You can use the `branches` or `branches-ignore` filter to specify what branches the triggering workflow must run on in order to trigger your workflow. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_runbranchesbranches-ignore)." For example, a workflow with the following trigger will only run when the workflow named `Build` runs on a branch named `canary`.
 
@@ -1397,7 +1401,7 @@ on:
     branches: [canary]
 ```
 
-#### Using data from the triggering workflow
+### Using data from the triggering workflow
 
 You can access the [`workflow_run` event payload](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_run) that corresponds to the workflow that triggered your workflow. For example, if your triggering workflow generates artifacts, a workflow triggered with the `workflow_run` event can access these artifacts.
 

content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md

@@ -42,10 +42,11 @@ You can configure {% data variables.product.prodname_code_scanning %} to run {%
 
 - A VM or container for {% data variables.product.prodname_code_scanning %} analysis to run in.
 
-## Running {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_actions %}
+<!-- Anchor to maintain the CodeQL CLI manual pages link: https://aka.ms/code-scanning-docs/configuring-ghes -->
 
-<!--The CodeQL CLI man pages include a link to this section of the article. If you rename this section,
-make sure that you also update the MS short link: https://aka.ms/code-scanning-docs/configuring-ghes.-->
+<a name="running-code-scanning-using-github-actions"></a>
+
+## Running {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_actions %}
 
 ### Setting up a self-hosted runner
 

content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions.md

@@ -48,7 +48,7 @@ Identify the gates and checks in your existing system and verify that you can im
 
 ### Identifying and validating migration tools
 
-Automated migration tools can translate your enterprise's workflows from the existing system's syntax to the syntax required by {% data variables.product.prodname_actions %}. Identify third-party tooling or contact your dedicated representative or {% data variables.contact.contact_enterprise_sales %} to ask about tools that {% data variables.product.company_short %} can provide. For example, you can use the {% data variables.product.prodname_actions_importer %} to plan, scope, and migrate your CI pipelines to {% data variables.product.prodname_actions %} from various supported services. For more information, see "[AUTOTITLE](/actions/migrating-to-github-actions/automating-migration-with-github-actions-importer)."
+Automated migration tools can translate your enterprise's workflows from the existing system's syntax to the syntax required by {% data variables.product.prodname_actions %}. Identify third-party tooling or contact your dedicated representative or {% data variables.contact.contact_enterprise_sales %} to ask about tools that {% data variables.product.company_short %} can provide. For example, you can use the {% data variables.product.prodname_actions_importer %} to plan, scope, and migrate your CI pipelines to {% data variables.product.prodname_actions %} from various supported services. For more information, see "[AUTOTITLE](/actions/migrating-to-github-actions/automated-migrations/automating-migration-with-github-actions-importer)."
 
 After you've identified a tool to automate your migrations, validate the tool by running the tool on some test workflows and verifying that the results are as expected.
 

content/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise.md

@@ -137,6 +137,8 @@ If you use an external directory or identity provider (IdP) to centralize access
 - "[AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam)"
 - "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam)"
 
+{% data reusables.enterprise.saml-or-ldap %}
+
 If you choose to use external authentication, you can also configure fallback authentication for people who don't have an account on your external authentication provider. For example, you may want to grant access to a contractor or machine user. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/allowing-built-in-authentication-for-users-outside-your-provider)."
 
 {% ifversion scim-for-ghes %}

content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups.md

@@ -20,7 +20,7 @@ topics:
 
 ## About team management with {% data variables.product.prodname_emus %}
 
-With {% data variables.product.prodname_emus %}, you can manage team and organization membership within your enterprise through your IdP by connecting {% data variables.product.prodname_dotcom %} teams with IdP groups. When you connect a team in one of your enterprise's organizations to an IdP group, changes to membership from the IdP group are reflected in your enterprise automatically, reducing the need for manual updates and custom scripts. 
+With {% data variables.product.prodname_emus %}, you can manage team and organization membership within your enterprise through your IdP by connecting {% data variables.product.prodname_dotcom %} teams with IdP groups. When you connect a team in one of your enterprise's organizations to an IdP group, changes to membership from the IdP group are reflected in your enterprise automatically, reducing the need for manual updates and custom scripts.
 
 When a change to an IdP group or a new team connection results in a {% data variables.enterprise.prodname_managed_user %} joining a team in an organization they were not already a member of, the {% data variables.enterprise.prodname_managed_user %} will automatically be added to the organization. When you disconnect a group from a team, users who became members of the organization via team membership are removed from the organization if they are not assigned membership in the organization by any other means.
 
@@ -44,9 +44,11 @@ You can connect a team in your enterprise to one IdP group. You can assign the s
 
 If you are connecting an existing team to an IdP group, you must first remove any members that were added manually. After you connect a team in your enterprise to an IdP group, your IdP administrator must make team membership changes through the identity provider. You cannot manage team membership on {% data variables.product.prodname_dotcom_the_website %}.
 
+If you use Azure AD as your IdP, you can only connect a team to a security group. Nested group memberships and Microsoft 365 groups are not supported.
+
 ## Creating a new team connected to an IdP group
 
-Any member of an organization can create a new team and connect the team to an IdP group. 
+Any member of an organization can create a new team and connect the team to an IdP group.
 
 {% data reusables.profile.access_org %}
 {% data reusables.user-settings.access_org %}
@@ -73,7 +75,7 @@ Organization owners and team maintainers can manage the existing connection betw
 {% data reusables.profile.access_org %}
 {% data reusables.organizations.specific_team %}
 {% data reusables.organizations.team_settings %}
-1. Optionally, under "Identity Provider Group", to the right of the IdP group you want to disconnect, click {% octicon "x" aria-label="X symbol" %}. 
+1. Optionally, under "Identity Provider Group", to the right of the IdP group you want to disconnect, click {% octicon "x" aria-label="X symbol" %}.
     ![Unselect a connected IdP group from the GitHub team](/assets/images/enterprise/github-ae/teams/unselect-idp-group.png)
 1. To connect an IdP group, under "Identity Provider Group", select the drop-down menu, and click an identity provider group from the list.
     ![Drop-down menu to choose identity provider group](/assets/images/enterprise/github-ae/teams/choose-an-idp-group.png)
@@ -88,5 +90,5 @@ You can review a list of IdP groups, see any teams connected to an IdP group, an
     ![Screenshot showing "Identity provider" tab in enterprise sidebar](/assets/images/help/enterprises/enterprise-account-identity-provider-tab.png)
 2. To see the members and teams connected to an IdP group, click the group's name.
     ![Screenshot showing list of IdP groups, the group name is highlighted](/assets/images/help/enterprises/select-idp-group.png)
-4. To view the teams connected to the IdP group, click **Teams**. 
+4. To view the teams connected to the IdP group, click **Teams**.
     ![Screenshot showing the "Teams" button](/assets/images/help/enterprises/idp-groups-team-switcher.png)

content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc.md

@@ -32,13 +32,19 @@ If you're new to {% data variables.product.prodname_emus %} and haven't yet conf
 
 1. Before you begin the migration, sign in to Azure and disable provisioning in the existing {% data variables.product.prodname_emu_idp_application %} application.
 1. If you use [Conditional Access (CA) network location policies](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition) in Azure AD, and you're currently using an IP allow list with your enterprise account or any of the organizations owned by the enterprise account on {% data variables.product.prodname_dotcom_the_website %}, disable the IP allow lists. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)."
-1.  Sign into {% data variables.product.prodname_dotcom_the_website %} as the setup user for your enterprise with the username **@<em>SHORT-CODE</em>_admin**. 
+1.  Sign into {% data variables.product.prodname_dotcom_the_website %} as the setup user for your enterprise with the username **@<em>SHORT-CODE</em>_admin**.
 1. When prompted to continue to your identity provider, click **Use a recovery code** and sign in using one of your enterprise's recovery codes.
+
+   {% note %}
+
+   **Note:** You must use a recovery code for your enterprise, not your user account. For more information, see "[Downloading your enterprise account's single sign-on recovery codes](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes)."
+
+   {% endnote %}
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.security-tab %}
-1. At the bottom of the page, next to "Migrate to OpenID Connect single sign-on", click **Configure with Azure**.  
-   {% warning %} 
+1. At the bottom of the page, next to "Migrate to OpenID Connect single sign-on", click **Configure with Azure**.
+   {% warning %}
 
    **Warning:** The migration can take up to an hour, and it is important that no users are provisioned during the migration. You can confirm if the migration is still in progress by returning to your enterprise's security settings page; if "Require SAML authentication" is still checked, the migration is still in progress.
 
@@ -48,8 +54,8 @@ If you're new to {% data variables.product.prodname_emus %} and haven't yet conf
 1. Read both warnings and click to continue.
 {% data reusables.enterprise-accounts.emu-azure-admin-consent %}
 1. In a new tab or window, while signed in as the setup user on {% data variables.product.prodname_dotcom_the_website %}, create a {% data variables.product.pat_v1 %} with the **admin:enterprise** scope and **no expiration** and copy it to your clipboard. For more information about creating a new token, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users#creating-a-personal-access-token)."
-1. In the settings for the {% data variables.product.prodname_emu_idp_oidc_application %} application in Azure Portal, under "Tenant URL", type `https://api.github.com/scim/v2/enterprises/YOUR_ENTERPRISE`, replacing YOUR_ENTERPRISE with the name of your enterprise account.  
-   
+1. In the settings for the {% data variables.product.prodname_emu_idp_oidc_application %} application in Azure Portal, under "Tenant URL", type `https://api.github.com/scim/v2/enterprises/YOUR_ENTERPRISE`, replacing YOUR_ENTERPRISE with the name of your enterprise account.
+
    For example, if your enterprise account's URL is `https://github.com/enterprises/octo-corp`, the name of the enterprise account is `octo-corp`.
 1. Under "Secret token", paste the {% data variables.product.pat_v1 %} with the **admin:enterprise** scope that you created earlier.
 1. To test the configuration, click **Test Connection**.

content/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap.md

@@ -28,6 +28,8 @@ LDAP is a popular application protocol for access and maintenance of directory i
 
 If you use an LDAP directory for centralized authentication, you can configure LDAP authentication for the people who use {% data variables.location.product_location %}.
 
+{% data reusables.enterprise.saml-or-ldap %}
+
 {% data reusables.enterprise_user_management.built-in-authentication %}
 
 ## Supported LDAP services

content/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam.md

@@ -56,6 +56,8 @@ SAML SSO allows people to authenticate and access {% data variables.location.pro
 
 SAML is an XML-based standard for authentication and authorization. When you configure SAML for {% data variables.location.product_location %}, the external system for authentication is called an identity provider (IdP). Your instance acts as a SAML service provider (SP). For more information about the SAML standard, see [Security Assertion Markup Language](https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) on Wikipedia.
 
+{% data reusables.enterprise.saml-or-ldap %}
+
 {% elsif ghae %}
 
 {% data reusables.saml.ae-uses-saml-sso %} {% data reusables.saml.ae-enable-saml-sso-during-bootstrapping %}

content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md

@@ -446,14 +446,6 @@ Action                        | Description
 | `external_identity.update` | An Okta user's settings were updated. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/mapping-okta-groups-to-teams)."
 {%- endif %}
 
-## `gist` category actions
-
-| Action | Description
-|--------|-------------
-| `gist.create` | A gist is created.
-| `gist.destroy` | A gist is deleted.
-| `gist.visibility_change` | The visibility of a gist is changed.
-
 {% ifversion git-events-audit-log %}
 ## `git` category actions
 

content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md

@@ -56,7 +56,9 @@ Enterprise owners who create an organization owned by the enterprise account aut
 
 ## Inviting an organization to join your enterprise account
 
-Enterprise owners can invite existing organizations to join their enterprise account. If the organization you want to invite is already owned by another enterprise account, you must be an owner of both enterprise accounts, or the previous enterprise must give up ownership of the organization first. For more information, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/removing-organizations-from-your-enterprise)."
+Enterprise owners can invite existing organizations to join their enterprise account. 
+
+If the organization you want to invite is already owned by another enterprise account, you must be an owner of both enterprise accounts. If you're not, you can ask an owner of the enterprise account that currently owns the organization to transfer the organization to your enterprise account instead. For more information, see "[Transferring an organization between enterprise accounts](#transferring-an-organization-between-enterprise-accounts)."
 
 When you invite an organization to join your enterprise account, at least one owner needs to accept the invitation. Then, you must give a final approval for the transfer.
 

content/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise.md

@@ -91,7 +91,7 @@ Each time a user sees a mandatory message, an audit log event is created. The ev
 {% ifversion display-mandatory-message-again %} {% else %}
 {% note %}
 
-**Note:** If you change the mandatory message for {% data variables.location.product_location %}, users who have already acknowledged the message will not see the new message. 
+**Note:** If you change the mandatory message for {% data variables.location.product_location %}, users who have already acknowledged the message will not see the new message.
 
 {% endnote %}
 {% endif %}
@@ -103,7 +103,7 @@ Each time a user sees a mandatory message, an audit log event is created. The ev
   ![Add mandatory message button](/assets/images/enterprise/site-admin-settings/add-mandatory-message-button.png)
 1. Under "Mandatory message", in the text box, type your message.
   ![Screenshot of the mandatory message text box](/assets/images/enterprise/site-admin-settings/mandatory-message-text-box.png)
-{%- ifversion display-mandatory-message-again %} 
+{%- ifversion display-mandatory-message-again %}
 1. Optionally, select **Show updated message to all users even if they dismissed the previous one**.
 ![Screenshot of checkbox that when selected pushes mandatory messages to all users](/assets/images/enterprise/site-admin-settings/push-mandatory-message-checkbox.png)
    {% endif %}
@@ -132,12 +132,13 @@ You can also set an announcement banner{% ifversion ghes %} in the administrativ
 
    ![Screenshot of the text field to enter announcement](/assets/images/enterprise/site-admin-settings/announcement-text-field.png)
 2. Optionally, under "Expires on", select the calendar drop-down menu and click an expiration date.
-
+   {% ifversion ghe-announce-dismiss %}
    {% note %}
 
    **Note:** Announcements must either have an expiration date, be user dismissible, or both.
 
    {% endnote %}
+   {% endif %}
 
    ![Screenshot of the calendar drop-down menu to choose expiration date](/assets/images/enterprise/site-admin-settings/expiration-drop-down.png){% ifversion ghe-announce-dismiss %}
 3. Optionally, to allow each user to dismiss the announcement, select **User dismissible**.

content/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app.md

@@ -0,0 +1,67 @@
+---
+title: Authenticating as a GitHub App
+intro: You can authenticate as a {% data variables.product.prodname_github_app %} in order to generate an installation access token or manage your app.
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+topics:
+  - GitHub Apps
+shortTitle: Authenticate as an app
+---
+
+## About authentication as a {% data variables.product.prodname_github_app %}
+
+You must authenticate as a {% data variables.product.prodname_github_app %} in order to make REST API requests as the application. For example, if you want to use the API to generate an installation access token for accessing organization resources, list installations across organizations for your app, or suspend an app installation, you must authenticate as an app.
+
+If a REST API endpoint requires you to authenticate as an app, the documentation for that endpoint will indicate that you must use a JWT to access the endpoint. The GraphQL API does not support any queries or mutations that require you to authenticate as an app.
+
+## Using a JSON Web Token (JWT) to authenticate as a {% data variables.product.prodname_github_app %}
+
+1. Generate a JSON Web Token (JWT) for your app. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app)."
+1. Include the JWT in the `Authorization` header of your request. In the following example, replace `YOUR_JWT` with your JWT.
+
+   ```shell
+   curl --request POST \
+   --url "{% data variables.product.api_url_pre %}/app/installations" \
+   --header "Accept: application/vnd.github+json" \
+   --header "Authorization: Bearer YOUR_JWT"{% ifversion api-date-versioning %}\
+   --header "X-GitHub-Api-Version: {{ allVersions[currentVersion].latestApiVersion }}"{% endif %}
+   ```
+
+## Using the Octokit.js SDK to authenticate as a {% data variables.product.prodname_github_app %}
+
+You can use {% data variables.product.company_short %}'s Octokit.js SDK to authenticate as a {% data variables.product.prodname_github_app %}. One advantage of using the SDK to authenticate is that you do not need to generate a JSON web token (JWT) yourself. Additionally, the SDK will take care of regenerating the JWT when it expires.
+
+{% note %}
+
+**Note**: You must install and import `octokit` in order to use the Octokit.js library. The following example uses import statements in accordance with ES6. For more information about different installation and import methods, see [Usage](https://github.com/octokit/octokit.js/#usage) in the octokit/octokit repository.
+
+{% endnote %}
+
+1. On the settings page for your app, get the app's ID.
+   - For user-owned apps, the settings page is `https://github.com/settings/apps/APP-SLUG`. 
+   - For organization-owned apps, the settings page is `https://github.com/organizations/ORGANIZATION/settings/apps/APP-SLUG`. 
+   
+   Replace `APP-SLUG` with the sluggified name of your app and `ORGANIZATION` with the sluggified name of your organization. For example, `https://github.com/organizations/octo-org/settings/apps/octo-app`.
+1. Generate a private key. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/managing-private-keys-for-github-apps)."
+1. Import `App` from `octokit`.
+
+   ```javascript{:copy}
+   import { App } from "octokit";
+   ```
+1. Create a new instance of `App`. In the following example, replace `APP_ID` with a reference to your app's ID. Replace `PRIVATE_KEY` with a reference to the value of your app's private key.
+
+   ```javascript{:copy}
+    const app = new App({
+     appId: APP_ID,
+     privateKey: PRIVATE_KEY,
+   });
+   ```
+
+1. Use an `octokit` method to make a request to a REST API endpoint that requires a JWT. For example:
+
+   ```javascript{:copy}
+   await app.octokit.request("/app")
+   ```

content/apps/creating-github-apps/authenticating-with-a-github-app/index.md

@@ -9,9 +9,10 @@ versions:
 topics:
   - GitHub Apps
 children:
-  - /generating-a-json-web-token-jwt-for-a-github-app
   - /authenticating-with-github-apps
   - /identifying-and-authorizing-users-for-github-apps
   - /refreshing-user-to-server-access-tokens
+  - /authenticating-as-a-github-app
   - /managing-private-keys-for-github-apps
+  - /generating-a-json-web-token-jwt-for-a-github-app
 ---

content/apps/maintaining-github-apps/modifying-a-github-app.md

@@ -18,6 +18,6 @@ topics:
 {% data reusables.user-settings.developer_settings %}
 {% data reusables.user-settings.github_apps %}
 {% data reusables.user-settings.modify_github_app %}
-5. In "Basic information", modify the GitHub App information that you'd like to change.{% ifversion device-flow-is-opt-in %}
+1. In "Basic information", modify the GitHub App information that you'd like to change.{% ifversion device-flow-is-opt-in %}
 1. If your GitHub App will use the device flow to identify and authorize users, click **Enable device flow**. For more information about the device flow, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#device-flow)."{% endif %}
-6. Click **Save changes**.
+1. Click **Save changes**.

content/apps/oauth-apps/building-oauth-apps/creating-a-custom-badge-for-your-oauth-app.md

@@ -36,11 +36,8 @@ To create a custom badge:
 {% data reusables.user-settings.oauth_apps %}
 {% data reusables.user-settings.modify_oauth_app %}
 1. In "Application logo", drag-and-drop an image from a local folder or click **Upload new logo** to select an image from your computer.
-![Upload a logo](/assets/images/oauth-apps/oauth_apps_upload_logo.png)
-6. Crop your picture. When you're done, click **Set new application logo**.
-![Crop and set logo](/assets/images/oauth-apps/oauth_apps_crop_and_set_logo.png)
-7. In "Badge background color", type the [hexadecimal color code](http://www.color-hex.com/) of the background color for your badge. {% ifversion fpt or ghec %}**Note:** The "Badge background color" input field will be visible after an application logo has been uploaded.{% endif %}
-![Badge background color](/assets/images/oauth-apps/oauth_apps_badge_background_color.png)
+1. Crop your picture. When you're done, click **Set new application logo**.
+1. In "Badge background color", type the [hexadecimal color code](http://www.color-hex.com/) of the background color for your badge. {% ifversion fpt or ghec %}**Note:** The "Badge background color" input field will be visible after an application logo has been uploaded.{% endif %}
 {% data reusables.user-settings.update_oauth_app %}
 
 {% ifversion fpt or ghec %}

content/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app.md

@@ -25,16 +25,14 @@ topics:
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.developer_settings %}
 {% data reusables.user-settings.oauth_apps %}
-4. Click **New OAuth App**.
-![Button to create a new OAuth app](/assets/images/oauth-apps/oauth_apps_new_app.png)
+1. Click **New OAuth App**.
 
   {% note %}
 
   **Note:** If you haven't created an app before, this button will say, **Register a new application**.
 
   {% endnote %}
-6. In "Application name", type the name of your app.
-![Field for the name of your app](/assets/images/oauth-apps/oauth_apps_application_name.png)
+1. In "Application name", type the name of your app.
 
   {% warning %}
 
@@ -42,12 +40,9 @@ topics:
 
   {% endwarning %}
 
-7. In "Homepage URL", type the full URL to your app's website.
-![Field for the homepage URL of your app](/assets/images/oauth-apps/oauth_apps_homepage_url.png)
-8. Optionally, in "Application description", type a description of your app that users will see.
-![Field for a description of your app](/assets/images/oauth-apps/oauth_apps_application_description.png)
-9. In "Authorization callback URL", type the callback URL of your app.
-![Field for the authorization callback URL of your app](/assets/images/oauth-apps/oauth_apps_authorization_callback_url.png)
+1. In "Homepage URL", type the full URL to your app's website.
+1. Optionally, in "Application description", type a description of your app that users will see.
+1. In "Authorization callback URL", type the callback URL of your app.
 {% ifversion fpt or ghes or ghec %}
    {% note %}
 
@@ -56,5 +51,4 @@ topics:
    {% endnote %}
 {% endif %}{% ifversion device-flow-is-opt-in %}
 1. If your OAuth App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#device-flow)."{% endif %}
-2.  Click **Register application**.
-![Button to register an application](/assets/images/oauth-apps/oauth_apps_register_application.png)
+1. Click **Register application**.

content/apps/oauth-apps/maintaining-oauth-apps/deleting-an-oauth-app.md

@@ -18,10 +18,6 @@ topics:
 {% data reusables.user-settings.developer_settings %}
 {% data reusables.user-settings.oauth_apps %}
 4. Select the {% data variables.product.prodname_oauth_app %} you want to modify.
-![App selection](/assets/images/oauth-apps/oauth_apps_choose_app_post2dot12.png)
 5. In the left sidebar, click **Advanced**.
-![App selection](/assets/images/oauth-apps/oauth_apps_sidebar_advanced.png)
 6. Click **Delete application**.
-![Button to delete the application](/assets/images/oauth-apps/oauth_apps_delete_application.png)
 7. Click **Delete this OAuth Application**.
-![Button to confirm the deletion](/assets/images/oauth-apps/oauth_apps_delete_confirm.png)

content/apps/oauth-apps/maintaining-oauth-apps/transferring-ownership-of-an-oauth-app.md

@@ -19,12 +19,7 @@ shortTitle: Transfer ownership
 {% data reusables.user-settings.developer_settings %}
 {% data reusables.user-settings.oauth_apps %}
 4. Select the {% data variables.product.prodname_oauth_app %} you want to modify.
-![App selection](/assets/images/oauth-apps/oauth_apps_choose_app_post2dot12.png)
 5. Click **Transfer ownership**.
-![Button to transfer ownership](/assets/images/oauth-apps/oauth_apps_transfer_ownership.png)
-6. Type the name of the {% data variables.product.prodname_oauth_app %} you want to transfer.
-![Field to enter the name of the app to transfer](/assets/images/oauth-apps/oauth_apps_transfer_oauth_name.png)
-7. Type the name of the user or organization you want to transfer the {% data variables.product.prodname_oauth_app %} to.
-![Field to enter the user or org to transfer to](/assets/images/oauth-apps/oauth_apps_transfer_new_owner.png)
+6. To confirm the transfer, in the text field, type the name of the {% data variables.product.prodname_oauth_app %} you want to transfer.
+7. Under "New owner's {% data variables.product.prodname_dotcom %} username or organization name," type the name of the user or organization you want to transfer the {% data variables.product.prodname_oauth_app %} to.
 8. Click **Transfer this application**.
-![Button to transfer the application](/assets/images/oauth-apps/oauth_apps_transfer_application.png)

content/apps/using-github-apps/installing-an-app-in-your-organization.md

@@ -28,8 +28,7 @@ If you choose a paid plan, you'll pay for your app subscription on your organiza
 {% data reusables.marketplace.confirm-install-account-org %}
 {% data reusables.marketplace.add-payment-method-org %}
 {% data reusables.marketplace.complete-order-begin-installation %}
-8. If the app requires access to repositories, decide whether to give the app access to all of your repositories or to certain repositories, then select **All repositories** or **Only select repositories**.
-  ![Radio buttons with options to install an app on all of your repositories or certain repositories](/assets/images/help/marketplace/marketplace-choose-repo-install-option.png)
+1. If the app requires access to repositories, select **All repositories** or **Only select repositories**.
 {% data reusables.marketplace.select-installation-repos %}
 {% data reusables.marketplace.review-app-perms-install %}
 

content/apps/using-github-apps/installing-an-app-in-your-personal-account.md

@@ -27,7 +27,6 @@ If you choose a paid plan, you'll pay for your app subscription on your personal
 {% data reusables.marketplace.add-payment-method-personal %}
 {% data reusables.marketplace.complete-order-begin-installation %}
 8. Decide whether to give the app access to all of your repositories, or to certain repositories, then select **All repositories** or **Only select repositories**.
-  ![Radio buttons with options to install an app on all of your repositories or certain repositories](/assets/images/help/marketplace/marketplace-choose-repo-install-option.png)
 {% data reusables.marketplace.select-installation-repos %}
 {% data reusables.marketplace.review-app-perms-install %}
 

content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md

@@ -23,7 +23,7 @@ shortTitle: Advanced Security billing
 
 {% ifversion fpt %}
 
-If you want to use {% data variables.product.prodname_GH_advanced_security %} features on any repository apart from a public repository on {% data variables.product.prodname_dotcom_the_website %}, you will need a {% data variables.product.prodname_GH_advanced_security %} license, available with {% data variables.product.prodname_ghe_cloud %} or {% data variables.product.prodname_ghe_server %}. 
+If you want to use {% data variables.product.prodname_GH_advanced_security %} features on any repository apart from a public repository on {% data variables.product.prodname_dotcom_the_website %}, you will need a {% data variables.product.prodname_GH_advanced_security %} license, available with {% data variables.product.prodname_ghe_cloud %} or {% data variables.product.prodname_ghe_server %}.
 
 For information about billing for {% data variables.product.prodname_GH_advanced_security %}, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security).
 
@@ -56,7 +56,11 @@ You can determine how many licenses you'll need for {% data variables.product.pr
 {% endif %}
 
 {% ifversion ghec %}
-Enterprise account customers on GitHub Enterprise Cloud who pay with a credit card can purchase a GitHub Advanced Security license from their enterprise account settings. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security)." For customers who pay by invoice, contact {% data variables.contact.contact_enterprise_sales %} to discuss licensing {% data variables.product.prodname_GH_advanced_security %} for your enterprise.
+If you use {% data variables.product.prodname_ghe_cloud %} with an enterprise account and pay with a credit card, you can purchase a {% data variables.product.prodname_GH_advanced_security %} license from your enterprise account settings. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security)."
+
+If you pay by invoice, contact {% data variables.contact.contact_enterprise_sales %} to discuss licensing {% data variables.product.prodname_GH_advanced_security %} for your enterprise.
+
+For other billing-related questions, contact {% data variables.contact.github_support %}.
 {% endif %}
 
 ## About committer numbers for {% data variables.product.prodname_GH_advanced_security %}
@@ -88,7 +92,7 @@ As soon as you free up some {% ifversion ghas-billing-UI-update %}licenses{% els
 You can enforce policies to allow or disallow the use of {% data variables.product.prodname_advanced_security %} by organizations owned by your enterprise account. For more information, see "[Enforcing policies for {% data variables.product.prodname_advanced_security %} in your enterprise]({% ifversion fpt %}/enterprise-cloud@latest/{% endif %}/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-advanced-security-in-your-enterprise){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
 
 {% ifversion fpt or ghes or ghec %}
-For more information on viewing license usage, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage)." 
+For more information on viewing license usage, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage)."
 {% endif %}
 
 {% ifversion ghec %}
@@ -99,12 +103,12 @@ For more information on managing the number of committers, see "[AUTOTITLE](/bil
 
 The following example timeline demonstrates how active committer count for {% data variables.product.prodname_GH_advanced_security %} could change over time in an enterprise. For each month, you will find events, along with the resulting committer count.
 
-| Date | Events during the month | Total committers | 
-| :- | :- | -: | 
-| <nobr>April 15</nobr> | A member of your enterprise enables {% data variables.product.prodname_GH_advanced_security %} for repository **X**. Repository **X** has 50 committers over the past 90 days. | **50** | 
+| Date | Events during the month | Total committers |
+| :- | :- | -: |
+| <nobr>April 15</nobr> | A member of your enterprise enables {% data variables.product.prodname_GH_advanced_security %} for repository **X**. Repository **X** has 50 committers over the past 90 days. | **50** |
 | <nobr>May 1</nobr> | Developer **A** leaves the team working on repository **X**. Developer **A**'s contributions continue to count for 90 days. | **50** | **50** |
-| <nobr>August 1</nobr> | Developer **A**'s contributions no longer count towards the licenses required, because 90 days have passed. | <sub>_50 - 1_</sub></br>**49** | 
-| <nobr>August 15</nobr> | A member of your enterprise enables {% data variables.product.prodname_GH_advanced_security %} for a second repository, repository **Y**. In the last 90 days, a total of 20 developers contributed to that repository. Of those 20 developers, 10 also recently worked on repo **X** and do not require additional licenses. | <sub>_49 + 10_</sub><br/>**59** | 
+| <nobr>August 1</nobr> | Developer **A**'s contributions no longer count towards the licenses required, because 90 days have passed. | <sub>_50 - 1_</sub></br>**49** |
+| <nobr>August 15</nobr> | A member of your enterprise enables {% data variables.product.prodname_GH_advanced_security %} for a second repository, repository **Y**. In the last 90 days, a total of 20 developers contributed to that repository. Of those 20 developers, 10 also recently worked on repo **X** and do not require additional licenses. | <sub>_49 + 10_</sub><br/>**59** |
 | <nobr>August 16</nobr> | A member of your enterprise disables {% data variables.product.prodname_GH_advanced_security %} for repository **X**. Of the 49 developers who were working on repository **X**, 10 still also work on repository **Y**, which has a total of 20 developers contributing in the last 90 days. | <sub>_49 - 29_</sub><br/>**20** |
 
 {% note %}

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning.md

@@ -402,12 +402,14 @@ In the following example, the `+` symbol ensures that the specified additional {
     packs: +scope/pack1,scope/pack2@1.2.3,scope/pack3@4.5.6:path/to/queries
     {%- endif %}
 ```
+<!-- Anchor to maintain the current CodeQL CLI manual pages link: https://aka.ms/code-scanning-docs/config-file -->
+<a name="using-a-custom-configuration-file"></a>
+
+<!-- Anchor to maintain the old CodeQL CLI manual pages link: https://aka.ms/docs-config-file -->
+<a name="example-configuration-files"></a>
 
 ## Using a custom configuration file
 
-<!--The CodeQL CLI man pages include a link to this section of the article. If you rename this section,
-make sure that you also update the MS short link: https://aka.ms/code-scanning-docs/config-file.-->
-
 A custom configuration file is an alternative way to specify additional {% ifversion codeql-packs %}packs and {% endif %}queries to run. You can also use the file to disable the default queries{% ifversion code-scanning-exclude-queries-from-analysis %}, exclude or include specific queries,{% endif %} and to specify which directories to scan during analysis.
 
 In the workflow file, use the `config-file` parameter of the `init` action to specify the path to the configuration file you want to use. This example loads the configuration file _./.github/codeql/codeql-config.yml_.
@@ -554,9 +556,6 @@ You can quickly analyze small portions of a monorepo when you modify code in spe
 
 ### Example configuration files
 
-<!-- Note that the CodeQL CLI manual pages link to this heading: https://aka.ms/docs-config-file.
-If you edit this heading, update the short link too.-->
-
 {% data reusables.code-scanning.example-configuration-files %}
 
 ## Configuring {% data variables.product.prodname_code_scanning %} for compiled languages

content/code-security/codeql-cli/using-the-codeql-cli/creating-codeql-databases.md

@@ -241,10 +241,11 @@ The following examples are designed to give you an idea of some of the build com
 
 This command runs a custom script that contains all of the commands required to build the project.
 
-### Using indirect build tracing
+<!-- Anchor to maintain the CodeQL CLI manual pages link: https://aka.ms/codeql-docs/indirect-tracing -->
 
-<!--The CodeQL CLI man pages include a link to this section of the article. If you rename this section,
-make sure that you also update the MS short link: https://aka.ms/codeql-docs/indirect-tracing.-->
+<a name="using-indirect-build-tracing"></a>
+
+### Using indirect build tracing
 
 If the {% data variables.product.prodname_codeql_cli %} autobuilders for compiled languages do not work with your CI workflow and you cannot wrap invocations of build commands with `codeql database trace-command`, you can use indirect build tracing to create a {% data variables.product.prodname_codeql %} database. To use indirect build tracing, your CI system must be able to set custom environment variables for each build action.
 

content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md

@@ -16,7 +16,6 @@ topics:
   - Repositories
 shortTitle: Dependency graph
 ---
-<!--For this article in earlier GHES versions, see /content/github/visualizing-repository-data-with-graphs-->
 <!--Marketing-LINK: From /features/security and /features/security/software-supply-chain pages "How GitHub's dependency graph is generated".-->
 
 ## About the dependency graph

content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md

@@ -21,7 +21,6 @@ topics:
   - Repositories
 shortTitle: Explore dependencies
 ---
-<!--For this article in earlier GHES versions, see /content/github/visualizing-repository-data-with-graphs-->
 
 ## Viewing the dependency graph
 

content/codespaces/guides.md

@@ -50,7 +50,7 @@ includeGuides:
   - /codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization
   - /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces
   - /codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types
-  - /codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces.md
+  - /codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces
   - /codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period
   - /codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces
   - /codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports

content/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam.md

@@ -32,32 +32,33 @@ Users in India can contact GitHub's Grievance Officer for India [here](https://s
 ## Reporting an issue or pull request
 
 1. Navigate to the issue or pull request you'd like to report.
-2. In the upper-right corner of the issue or pull request, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab octicon" %}, then click **Report content**.
+1. In the upper-right corner of the issue or pull request, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab octicon" %}, then click **Report content**.
   ![Button to report a comment](/assets/images/help/repository/menu-report-issue-or-pr.png)
 {% data reusables.community.report-content %}
 
 ## Reporting a comment
 
 1. Navigate to the comment you'd like to report.
-2. In the upper-right corner of the comment, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab octicon" %}, then click **Report content**.
+1. In the upper-right corner of the comment, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab octicon" %}, then click **Report content**.
 ![Kebab menu with option to report a comment](/assets/images/help/repository/menu-report-comment.png)
 {% data reusables.community.report-content %}
 
 ## Reporting an app in {% data variables.product.prodname_marketplace %}
 
 {% data reusables.marketplace.visit-marketplace %}
-2. Browse to the app you'd like to report.
-3. In the left sidebar, under the "Developer links" section, click {% octicon "report" aria-label="The report symbol" %} **Report abuse**.
-  ![Button to report an app in {% data variables.product.prodname_marketplace %}](/assets/images/help/marketplace/marketplace-report-app.png)
-4. Complete the contact form to tell {% data variables.contact.contact_support %} about the app's behavior, then click **Send request**.
+1. Browse to the app you'd like to report.
+1. In the left sidebar, under the "Developer links" section, click **Report abuse**.
+
+   ![Screenshot of the sidebar of a {% data variables.product.prodname_marketplace %} app. A link, labeled "Report abuse", is outlined in dark orange.](/assets/images/help/marketplace/marketplace-report-app.png)
+1. Complete the contact form to tell {% data variables.contact.contact_support %} about the app's behavior, then click **Send request**.
 
 ## Reporting contact link abuse in the template chooser
 
 1. Navigate to the repository that contains the contact link you'd like to report.
-2. Under the repository name, click {% octicon "issue-opened" aria-label="The issues icon" %} **Issues**.
-3. In the lower-right corner of the template chooser, click **Report abuse**.
+1. Under the repository name, click {% octicon "issue-opened" aria-label="The issues icon" %} **Issues**.
+1. In the lower-right corner of the template chooser, click **Report abuse**.
   ![Link to report an abuse](/assets/images/help/repository/template-chooser-report-abuse.png)
-4. Complete the contact form to tell {% data variables.contact.contact_support %} about the contact link's behavior, then click **Send request**.
+1. Complete the contact form to tell {% data variables.contact.contact_support %} about the contact link's behavior, then click **Send request**.
 
 ## Further reading
 

content/discussions/index.md

@@ -24,7 +24,6 @@ featuredLinks:
 changelog:
   label: discussions
 examples_source: data/product-examples/discussions/community-examples.yml
-product_video: 'https://www.youtube-nocookie.com/embed/IpBw2SJkFyk'
 layout: product-landing
 versions:
   feature: discussions
@@ -37,4 +36,3 @@ children:
   - /collaborating-with-your-community-using-discussions
   - /managing-discussions-for-your-community
 ---
-

content/get-started/quickstart/git-and-github-learning-resources.md

@@ -36,10 +36,6 @@ Become better acquainted with {% data variables.product.product_name %} through
 
 Learn about [Git branching](http://learngitbranching.js.org/) using an interactive tool. Read about [forks](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) and [pull requests](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests) as well as [how we use pull requests](https://github.com/blog/1124-how-we-use-pull-requests-to-build-github) at {% data variables.product.prodname_dotcom %}. Access references about using {% data variables.product.prodname_dotcom %} from the [command line](https://cli.github.com/).
 
-### Tune in
-
-Our {% data variables.product.prodname_dotcom %} [YouTube Training and Guides channel](https://youtube.com/githubguides) offers tutorials about [pull requests](https://www.youtube.com/watch?v=d5wpJ5VimSU&list=PLg7s6cbtAD15G8lNyoaYDuKZSKyJrgwB-&index=19), [forking](https://www.youtube.com/watch?v=5oJHRbqEofs), [rebase](https://www.youtube.com/watch?v=SxzjZtJwOgo&list=PLg7s6cbtAD15G8lNyoaYDuKZSKyJrgwB-&index=22), and [reset](https://www.youtube.com/watch?v=BKPjPMVB81g) functions. Each topic is covered in 5 minutes or less.
-
 ## Training
 
 ### Free courses