From 7ec866faee058130c7f87430f70e22bac5aee8c8 Mon Sep 17 00:00:00 2001
From: Sophie <29382425+sophietheking@users.noreply.github.com>
Date: Thu, 29 Jun 2023 16:27:31 +0200
Subject: [PATCH 1/2] [2023-06-29]: Pausing Dependabot on inactive repos for
 GHEC & GHES - [GA] (#38312)

Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
---
 .../security-overview/assessing-adoption-code-security.md | 8 ++++++--
 .../dependabot-updates-paused-enterprise-orgs.yml         | 4 ++++
 data/features/dependabot-updates-paused.yml               | 5 ++---
 .../dependabot/automatically-pause-dependabot-updates.md  | 2 +-
 4 files changed, 13 insertions(+), 6 deletions(-)
 create mode 100644 data/features/dependabot-updates-paused-enterprise-orgs.yml

diff --git a/content/code-security/security-overview/assessing-adoption-code-security.md b/content/code-security/security-overview/assessing-adoption-code-security.md
index 07d68e7b90..d99e065269 100644
--- a/content/code-security/security-overview/assessing-adoption-code-security.md
+++ b/content/code-security/security-overview/assessing-adoption-code-security.md
@@ -6,7 +6,7 @@ intro: 'You can use security overview to see which teams and repositories have a
 permissions: '{% data reusables.security-overview.permissions %}'
 product: '{% data reusables.gated-features.security-overview %}'
 type: how_to
-topics: 
+topics:
   - Security overview
   - Advanced Security
   - 'Set up'
@@ -28,13 +28,17 @@ You can use security overview to see which repositories and teams have already e
 
 {% data reusables.security-overview.information-varies-GHAS %}
 
+{% ifversion dependabot-updates-paused-enterprise-orgs %}
+
+In the list of repositories, the "Paused" label under "{% data variables.product.prodname_dependabot %}" indicates repositories for which {% data variables.product.prodname_dependabot %} updates are paused. For information about inactivity criteria, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates#about-automatic-deactivation-of-dependabot-updates)" and "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates#about-automatic-deactivation-of-dependabot-updates)," for security and version updates, respectively.{% endif %}
+
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
 1. To display the "Security coverage" view, in the sidebar, click **{% octicon "meter" aria-hidden="true"  %} Coverage**.
 {% data reusables.code-scanning.using-security-overview-coverage %}
 
    ![Screenshot of the header section of the "Security coverage" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "enabled" and "not enabled" links, "Teams" selector, archived repositories, and search field.](/assets/images/help/security-overview/security-coverage-view-highlights.png)
-   
+
 1. Optionally, click **{% octicon "gear" aria-hidden="true" %} Security settings** to enable code security features for a repository and click **Save security settings** to confirm the changes. If a feature is not shown, it has more complex configuration requirements and you need to use the repository settings dialog. For more information, see "[AUTOTITLE](/code-security/getting-started/securing-your-repository)."
 {% ifversion code-security-multi-repo-enablement %}
 1. Optionally, select some or all of the repositories that match your current search and click **Security settings** in the table header to display a side panel where you can enable security features for the selected repositories. When you've finished, click **Apply changes** to confirm the changes. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
diff --git a/data/features/dependabot-updates-paused-enterprise-orgs.yml b/data/features/dependabot-updates-paused-enterprise-orgs.yml
new file mode 100644
index 0000000000..2b9d668a63
--- /dev/null
+++ b/data/features/dependabot-updates-paused-enterprise-orgs.yml
@@ -0,0 +1,4 @@
+# Reference: Issue #10199 - Dependabot: automatic, rolling opt-out for inactivity (Version updates, Security updates) - [GA]
+versions:
+  ghec: '*'
+  ghes: '>3.9'
diff --git a/data/features/dependabot-updates-paused.yml b/data/features/dependabot-updates-paused.yml
index a253f98973..4d82773e79 100644
--- a/data/features/dependabot-updates-paused.yml
+++ b/data/features/dependabot-updates-paused.yml
@@ -1,6 +1,5 @@
-# Reference: Issue #8300 - Dependabot: automatic, rolling opt-out for inactivity (Version updates, Security updates) - [GA]
+# Reference: Issue #10199 - Dependabot: automatic, rolling opt-out for inactivity (Version updates, Security updates) - [GA]
 versions:
   fpt: '*'
   ghec: '*'
-  ghes: '>3.8'
-  ghae: '>3.8'
+  ghes: '>3.9'
diff --git a/data/reusables/dependabot/automatically-pause-dependabot-updates.md b/data/reusables/dependabot/automatically-pause-dependabot-updates.md
index c4e3d0c2ca..4edd2e3e19 100644
--- a/data/reusables/dependabot/automatically-pause-dependabot-updates.md
+++ b/data/reusables/dependabot/automatically-pause-dependabot-updates.md
@@ -12,7 +12,7 @@ An active repository is a repository for which a user (not {% data variables.pro
 
 An inactive repository is a repository that has at least one {% data variables.product.prodname_dependabot %} pull request open for more than 90 days, has been enabled for the full period, and where none of the actions listed above has been taken by a user.
 
-When {% data variables.product.prodname_dependabot %} is paused, {% data variables.product.prodname_dotcom %} adds a notice to the body of all open {% data variables.product.prodname_dependabot %} pull requests, and assigns a `dependabot-paused` label to these pull requests. You'll also see a banner notice in the UI of the **Settings** tab of the repository (under **Code security and analysis**, then **{% data variables.product.prodname_dependabot %}**), as well in the list of {% data variables.product.prodname_dependabot_alerts %} (if {% data variables.product.prodname_dependabot_security_updates %} are affected).
+When {% data variables.product.prodname_dependabot %} is paused, {% data variables.product.prodname_dotcom %} adds a notice to the body of all open {% data variables.product.prodname_dependabot %} pull requests, and assigns a `dependabot-paused` label to these pull requests. You'll also see a banner notice in the UI of the **Settings** tab of the repository (under **Code security and analysis**, then **{% data variables.product.prodname_dependabot %}**), as well in the list of {% data variables.product.prodname_dependabot_alerts %} (if {% data variables.product.prodname_dependabot_security_updates %} are affected).{% ifversion dependabot-updates-paused-enterprise-orgs %} Additionally, you will be able to see whether {% data variables.product.prodname_dependabot %} is paused at the organization-level in the security overview. The `paused` status will also be visible via the API. For more information, see "[AUTOTITLE](/rest/repos#enable-automated-security-fixes)" in the REST API documentation.{% endif %}
 
 As soon as a maintainer interacts with a {% data variables.product.prodname_dependabot %} pull request again, {% data variables.product.prodname_dependabot %} will unpause itself:
 - Security updates are automatically resumed for {% data variables.product.prodname_dependabot_alerts %}.

From 54cdee5b9dbc12e866e6e87b4724254957d55535 Mon Sep 17 00:00:00 2001
From: Riley Broughten <101840513+rileybroughten@users.noreply.github.com>
Date: Thu, 29 Jun 2023 07:28:04 -0700
Subject: [PATCH 2/2] Update using-the-built-in-automations.md (#38702)

Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
---
 .../automating-your-project/adding-items-automatically.md  | 5 +++++
 .../archiving-items-automatically.md                       | 7 +++++++
 .../using-the-built-in-automations.md                      | 7 ++++---
 data/reusables/projects/enable_enterprise_workflows.md     | 5 +++++
 4 files changed, 21 insertions(+), 3 deletions(-)
 create mode 100644 data/reusables/projects/enable_enterprise_workflows.md

diff --git a/content/issues/planning-and-tracking-with-projects/automating-your-project/adding-items-automatically.md b/content/issues/planning-and-tracking-with-projects/automating-your-project/adding-items-automatically.md
index d010300fd3..75c939f446 100644
--- a/content/issues/planning-and-tracking-with-projects/automating-your-project/adding-items-automatically.md
+++ b/content/issues/planning-and-tracking-with-projects/automating-your-project/adding-items-automatically.md
@@ -7,6 +7,11 @@ type: tutorial
 topics:
   - Projects
 ---
+{% ifversion ghes > 3.8 %}
+
+{% data reusables.projects.enable_enterprise_workflows %}
+
+{% endif %}
 
 ## About automatically adding items
 
diff --git a/content/issues/planning-and-tracking-with-projects/automating-your-project/archiving-items-automatically.md b/content/issues/planning-and-tracking-with-projects/automating-your-project/archiving-items-automatically.md
index 34db9b579e..f946203703 100644
--- a/content/issues/planning-and-tracking-with-projects/automating-your-project/archiving-items-automatically.md
+++ b/content/issues/planning-and-tracking-with-projects/automating-your-project/archiving-items-automatically.md
@@ -9,6 +9,13 @@ topics:
   - Projects
 ---
 
+{% ifversion ghes > 3.8 %}
+
+{% data reusables.projects.enable_enterprise_workflows %}
+
+{% endif %}
+
+
 ## About automatically archiving items
 
 You can configure your project's built-in workflows to automatically archive items. Archiving items will help you stay below the limit of {% data variables.projects.item_limit %} items in each project.
diff --git a/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-built-in-automations.md b/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-built-in-automations.md
index d04cae099d..6fca4ee40a 100644
--- a/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-built-in-automations.md
+++ b/content/issues/planning-and-tracking-with-projects/automating-your-project/using-the-built-in-automations.md
@@ -9,11 +9,12 @@ topics:
   - Projects
 ---
 
-{% note %}
 
-**Note:** Built-in workflows are available as part of a limited beta.
+{% ifversion ghes > 3.8 %}
 
-{% endnote %}
+{% data reusables.projects.enable_enterprise_workflows %}
+
+{% endif %}
 
 {% data variables.product.prodname_projects_v2 %} includes built-in workflows that you can use to update the **Status** of items based on certain events. For example, you can automatically set the status to **Todo** when an item is added to your project or set the status to **Done** when an issue is closed.
 
diff --git a/data/reusables/projects/enable_enterprise_workflows.md b/data/reusables/projects/enable_enterprise_workflows.md
new file mode 100644
index 0000000000..8979496622
--- /dev/null
+++ b/data/reusables/projects/enable_enterprise_workflows.md
@@ -0,0 +1,5 @@
+{% note %}
+
+**Note:** Project workflow automations must be enabled by an enterprise owner in the enterprise settings page for policies for projects. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise)."
+
+{% endnote %}