repo sync

content/github/authenticating-to-github/about-commit-signature-verification.md

@@ -23,7 +23,9 @@ Repository administrators can enforce required commit signing on a branch to blo
 
 You can check the verification status of your signed commits or tags on {% data variables.product.product_name %} and view why your commit signatures might be unverified. For more information, see "[Checking your commit and tag signature verification status](/articles/checking-your-commit-and-tag-signature-verification-status)."
 
-{% if currentVersion == "free-pro-team@latest" %} {% data variables.product.product_name %} will automatically use GPG to sign commits you make using the {% data variables.product.product_name %} web interface, except for when you squash and merge a pull request that you are not the author of. Commits signed by {% data variables.product.product_name %} will have a verified status on {% data variables.product.product_name %}. You can verify the signature locally using the public key available at https://github.com/web-flow.gpg.{% endif %}
+{% if currentVersion == "free-pro-team@latest" %}
+{% data variables.product.product_name %} will automatically use GPG to sign commits you make using the {% data variables.product.product_name %} web interface, except for when you squash and merge a pull request that you are not the author of. You can optionally choose to have {% data variables.product.product_name %} sign commits you make in {% data variables.product.prodname_codespaces %}. Commits signed by {% data variables.product.product_name %} will have a verified status on {% data variables.product.product_name %}. You can verify the signature locally using the public key available at https://github.com/web-flow.gpg. For more information about enabling GPG verification for your codespaces, see "[Managing GPG verification for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-gpg-verification-for-codespaces)."
+{% endif %}
 
 ### GPG commit signature verification
 

content/github/authenticating-to-github/reviewing-your-security-log.md

@@ -42,6 +42,7 @@ The events listed in your security log are triggered by your actions. Actions ar
 |------------------|-------------------{% if currentVersion == "free-pro-team@latest" %}
 | [`account_recovery_token`](#account_recovery_token-category-actions) | Contains all activities related to [adding a recovery token](/articles/configuring-two-factor-authentication-recovery-methods).
 | [`billing`](#billing-category-actions) | Contains all activities related to your billing information.
+| [`codespaces`](#codespaces-category-actions) | Contains all activities related to {% data variables.product.prodname_codespaces %}. For more information, see "[About {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/about-codespaces)."
 | [`marketplace_agreement_signature`](#marketplace_agreement_signature-category-actions) | Contains all activities related to signing the {% data variables.product.prodname_marketplace %} Developer Agreement.
 | [`marketplace_listing`](#marketplace_listing-category-actions) | Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}
 | [`oauth_access`](#oauth_access-category-actions) | Contains all activities related to [{% data variables.product.prodname_oauth_app %}s](/articles/authorizing-oauth-apps) you've connected with.{% if currentVersion == "free-pro-team@latest" %}
@@ -85,6 +86,12 @@ An overview of some of the most common actions that are recorded as events in th
 | `change_billing_type` | Triggered when you [change how you pay](/articles/adding-or-editing-a-payment-method) for {% data variables.product.prodname_dotcom %}.
 | `change_email` | Triggered when you [change your email address](/articles/changing-your-primary-email-address).
 
+#### `codespaces` category actions
+
+| Action | Description
+|------------------|-------------------
+| `trusted_repositories_access_update` | Triggered when you change your user account's [access and security setting for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
+
 #### `marketplace_agreement_signature` category actions
 
 | Action | Description
@@ -232,7 +239,9 @@ An overview of some of the most common actions that are recorded as events in th
 
 | Action | Description
 |--------------------|---------------------
-| `add_email` | Triggered when you {% if currentVersion != "github-ae@latest" %}[add a new email address](/articles/changing-your-primary-email-address){% else %}add a new email address{% endif %}.
+| `add_email` | Triggered when you {% if currentVersion != "github-ae@latest" %}[add a new email address](/articles/changing-your-primary-email-address){% else %}add a new email address{% endif %}.{% if currentVersion == "free-pro-team@latest" %}
+| `codespaces_trusted_repo_access_granted` | Triggered when you [allow the codespaces you create for a repository to access other repositories owned by your user account](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces.
+| `codespaces_trusted_repo_access_revoked` | Triggered when you [disallow the codespaces you create for a repository to access other repositories owned by your user account](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces. {% endif %}
 | `create` | Triggered when you create a new user account.{% if currentVersion != "github-ae@latest" %}
 | `change_password` | Triggered when you change your password.
 | `forgot_password` | Triggered when you ask for [a password reset](/articles/how-can-i-reset-my-password).{% endif %}
@@ -252,4 +261,3 @@ An overview of some of the most common actions that are recorded as events in th
 | `update` | Triggered when you set or change the status on your profile. For more information, see "[Setting a status](/articles/personalizing-your-profile/#setting-a-status)."
 | `destroy` | Triggered when you clear the status on your profile.
 
-

content/github/developing-online-with-codespaces/about-codespaces.md

@@ -38,6 +38,8 @@ Each developer can create one or more codespace for any public repository, or fo
 
 {% data reusables.codespaces.about-personalization %} For more information, see "[Personalizing {% data variables.product.prodname_codespaces %} for your account](/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account)."
 
+You can configure settings to add encrypted secrets, enable GPG verification, and allow codespaces to access other repositories. For more information, see "[Managing encrypted secrets for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces)", "[Managing GPG verification for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-gpg-verification-for-codespaces)", and "[Managing access and security for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces)."
+
 {% data reusables.codespaces.you-can-see-all-your-codespaces %}
 
 {% data reusables.codespaces.beta-functionality-limited %}

content/github/developing-online-with-codespaces/index.md

@@ -19,6 +19,9 @@ versions:
 {% link_in_list /creating-a-codespace %}
 {% link_in_list /developing-in-a-codespace %}
 {% link_in_list /personalizing-codespaces-for-your-account %}
+{% link_in_list /managing-encrypted-secrets-for-codespaces %}
+{% link_in_list /managing-access-and-security-for-codespaces %}
+{% link_in_list /managing-gpg-verification-for-codespaces %}
 {% link_in_list /deleting-a-codespace %}
 {% link_in_list /troubleshooting-your-codespace %}
 {% link_in_list /using-codespaces-in-visual-studio-code %}

content/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces.md

@@ -0,0 +1,41 @@
+---
+title: Managing access and security for Codespaces
+intro: You can manage the repositories that codespaces can access.
+product: '{% data reusables.gated-features.codespaces %}'
+versions:
+  free-pro-team: '*'
+---
+
+{% note %}
+
+**Note:** Access and security for {% data variables.product.prodname_codespaces %} is currently in beta and subject to change.
+
+{% endnote %}
+
+### Managing security and access for your user account
+
+When you enable access and security for a repository owned by your user account, any codespaces you create for that repository will have read and write permissions to all other repositories you own. You can enable access and security for none of your repositories, all of your repositories, or specific repositories. You should only enable access and security for repositories you trust.
+
+{% data reusables.user_settings.access_settings %}
+{% data reusables.user_settings.codespaces-tab %}
+1. Under "Access and security", select the setting you want for your user account.
+  ![Radio buttons to manage trusted repositories](/assets/images/help/settings/codespaces-access-and-security-radio-buttons.png)
+1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories you own. Repeat for all repositories whose codespaces you want to access other repositories you own.
+  !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
+
+### Managing security and access for your organization
+
+Organization owners can manage security and access for {% data variables.product.prodname_codespaces %}.
+
+When you enable access and security for a repository owned by your organization, any codespaces that are created for that repository will have read and write permissions to all other repositories the organization owns. You can enable access and security for none of your organization's repositories, all of your organization's repositories, or specific repositories. You should only enable access and security for repositories you trust.
+
+{% data reusables.profile.access_profile %}
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.organizations.click-codespaces %}
+5. To approve of the [pre-release program terms of service](/github/site-policy/github-pre-release-program) on behalf of your organization and enable {% data variables.product.prodname_codespaces %}, under "User permissions", select **Selected users**, then type the username for each person to grant access to. Repeat for all users who you want to have access to your organization's codespaces.  
+  ![Radio button for "Selected users"](/assets/images/help/organizations/select-selected-users-radio-button.png)
+1. Under "Access and security", select the setting you want for your organization.
+  ![Radio buttons to manage trusted repositories](/assets/images/help/settings/codespaces-access-and-security-radio-buttons.png)
+1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories owned by your organization. Repeat for all repositories whose codespaces you want to access other repositories.
+    !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)

content/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces.md

@@ -0,0 +1,60 @@
+---
+title: Managing encrypted secrets for Codespaces
+intro: You can store sensitive information, like tokens, that you want to access in your codespaces via environment variables.
+product: '{% data reusables.gated-features.codespaces %}'
+versions:
+  free-pro-team: '*'
+---
+
+{% note %}
+
+**Note:** Encrypted secrets for {% data variables.product.prodname_codespaces %} is currently in beta and subject to change.
+
+{% endnote %}
+
+### About encrypted secrets for {% data variables.product.prodname_codespaces %}
+
+You can add encrypted secrets to your user account that you want to use in your codespaces. For example, you may want to store and access the following sensitive information as encrypted secrets.
+
+- Personal access tokens to cloud services
+- Service principals
+- Subscription identifiers
+
+You can choose which repositories should have access to each secret. Then, you can use the secret in any codespace you create for a repository that has access to the secret.
+
+### Adding a secret
+
+{% data reusables.user_settings.access_settings %}
+{% data reusables.user_settings.codespaces-tab %}
+1. To the right of "Codespaces secrets", click **New secret**.
+  !["New secret" button](/assets/images/help/settings/codespaces-new-secret-button.png)
+1. Under "Name", type a name for your secret.
+  !["Name" textbox](/assets/images/help/settings/codespaces-secret-name-field.png)
+{% data reusables.user_settings.codespaces-secret-value %}
+{% data reusables.user_settings.codespaces-secret-repository-access %}
+1. Click **Add secret**.
+
+### Editing a secret
+
+You can update the value of an existing secret, and you can change which repositories can access a secret.
+
+{% data reusables.user_settings.access_settings %}
+{% data reusables.user_settings.codespaces-tab %}
+1. Under "Codespaces secrets", to the right of the secret you want to edit, click **Update**.
+  !["Update" button](/assets/images/help/settings/codespaces-secret-update-button.png)
+1. Under "Value", click **enter a new value**.
+  !["enter a new value" link](/assets/images/help/settings/codespaces-secret-update-value-text.png)
+{% data reusables.user_settings.codespaces-secret-value %}
+{% data reusables.user_settings.codespaces-secret-repository-access %}
+1. Optionally, to remove the secret's access to a repository, deselect the repository.
+  ![Checkboxes to remove access to repositories](/assets/images/help/settings/codespaces-secret-repository-checkboxes.png)
+1. Click **Save changes**.
+
+### Deleting a secret
+
+{% data reusables.user_settings.access_settings %}
+{% data reusables.user_settings.codespaces-tab %}
+1. Under "Codespaces secrets", to the right of the secret you want to delete, click **Delete**.
+  !["Delete" button](/assets/images/help/settings/codespaces-secret-delete-button.png)
+1. Read the warning, then click **OK**.
+  ![Confirmation to delete secret](/assets/images/help/settings/codespaces-secret-delete-warning.png)

content/github/developing-online-with-codespaces/managing-gpg-verification-for-codespaces.md

@@ -0,0 +1,22 @@
+---
+title: Managing GPG verification for Codespaces
+intro: You can allow {% data variables.product.company_short %} to automatically use GPG to sign commits you make in your codespaces, so other people can be confident that the changes come from a trusted source.
+product: '{% data reusables.gated-features.codespaces %}'
+versions:
+  free-pro-team: '*'
+---
+
+{% note %}
+
+**Note:** GPG verification for {% data variables.product.prodname_codespaces %} is currently in beta and subject to change.
+
+{% endnote %}
+
+After you enable GPG verification, {% data variables.product.company_short %} will automatically sign commits you make in {% data variables.product.prodname_codespaces %}, and the commits will have a verified status on {% data variables.product.product_name %}. By default, GPG verification is disabled for codespaces you create. You can choose to allow GPG verification for all repositories or specific repositories. Only enable GPG verification for repositories that you trust. For more information about {% data variables.product.product_name %}-signed commits, see "[About commit signature verification](/github/authenticating-to-github/about-commit-signature-verification)."
+
+{% data reusables.user_settings.access_settings %}
+{% data reusables.user_settings.codespaces-tab %}
+1. Under "GPG verification", select the setting you want for GPG verification.
+  ![Radio buttons to manage GPG verification](/assets/images/help/settings/codespaces-gpg-verification-radio-buttons.png) 
+1. If you chose "Selected repositories", select the drop-down menu, then click a repository you want enable GPG verification for. Repeat for all repositories you want to enable GPG verification for.
+  !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-gpg-verification-repository-drop-down.png) 

content/github/developing-online-with-codespaces/personalizing-codespaces-for-your-account.md

@@ -40,6 +40,7 @@ For more information, see [Personalizing](https://docs.microsoft.com/visualstudi
 
 {% endnote %}
 
+You can also configure settings for your user account to add encrypted secrets, enable GPG verification, and allow your codespaces to access other repositories. For more information, see "[Managing encrypted secrets for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces)", "[Managing GPG verification for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-gpg-verification-for-codespaces)", and "[Managing access and security for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces)."
 
 ### Further reading
 

data/reusables/organizations/click-codespaces.md

@@ -0,0 +1,2 @@
+1. In the left sidebar, click **Codespaces**.
+!["Codespaces" tab in left sidebar](/assets/images/help/organizations/codespaces-sidebar-tab.png)

data/reusables/user_settings/codespaces-secret-repository-access.md

@@ -0,0 +1,2 @@
+1. Select the "Repository access" drop-down menu, then click a repository you want to have access to the secret. Repeat for every repository you want to have access to the secret. 
+  !["Repository access" drop-down menu](/assets/images/help/settings/codespaces-secret-repository-access-drop-down.png)

data/reusables/user_settings/codespaces-secret-value.md

@@ -0,0 +1,2 @@
+1. Under "Value", type the value of your secret.
+  !["Value" textbox](/assets/images/help/settings/codespaces-secret-value-field.png)

data/reusables/user_settings/codespaces-tab.md

@@ -0,0 +1,2 @@
+1. In the left sidebar, click **Codespaces**.
+![Codespaces tab in the user settings sidebar](/assets/images/help/settings/codespaces-tab.png)