Merge branch 'main' of github.com:github/docs-internal

.github/CODEOWNERS

@@ -17,6 +17,7 @@ package-lock.json @github/docs-engineering
 package.json @github/docs-engineering
 
 # Localization
+/.github/actions-scripts/create-translation-batch-pr.js @github/docs-localization
 /.github/workflows/create-translation-batch-pr.yml @github/docs-localization
 /.github/workflows/crowdin.yml @github/docs-localization
 /crowdin*.yml @github/docs-engineering @github/docs-localization

.github/actions-scripts/create-translation-batch-pr.js

@@ -0,0 +1,142 @@
+#!/usr/bin/env node
+
+import fs from 'fs'
+import github from '@actions/github'
+
+const OPTIONS = Object.fromEntries(
+  ['BASE', 'BODY_FILE', 'GITHUB_TOKEN', 'HEAD', 'LANGUAGE', 'TITLE', 'GITHUB_REPOSITORY'].map(
+    (envVarName) => {
+      const envVarValue = process.env[envVarName]
+      if (!envVarValue) {
+        throw new Error(`You must supply a ${envVarName} environment variable`)
+      }
+      return [envVarName, envVarValue]
+    }
+  )
+)
+
+if (!process.env.GITHUB_REPOSITORY) {
+  throw new Error('GITHUB_REPOSITORY environment variable not set')
+}
+
+const RETRY_STATUSES = [
+  422, // Retry the operation if the PR already exists
+  502, // Retry the operation if the API responds with a `502 Bad Gateway` error.
+]
+const RETRY_ATTEMPTS = 3
+const {
+  // One of the default environment variables provided by Actions.
+  GITHUB_REPOSITORY,
+
+  // These are passed in from the step in the workflow file.
+  TITLE,
+  BASE,
+  HEAD,
+  LANGUAGE,
+  BODY_FILE,
+  GITHUB_TOKEN,
+} = OPTIONS
+const [OWNER, REPO] = GITHUB_REPOSITORY.split('/')
+
+const octokit = github.getOctokit(GITHUB_TOKEN)
+
+/**
+ * @param {object} config Configuration options for finding the PR.
+ * @returns {Promise<number | undefined>} The PR number.
+ */
+async function findPullRequestNumber(config) {
+  // Get a list of PRs and see if one already exists.
+  const { data: listOfPullRequests } = await octokit.rest.pulls.list({
+    owner: config.owner,
+    repo: config.repo,
+    head: `${config.owner}:${config.head}`,
+  })
+
+  return listOfPullRequests[0]?.number
+}
+
+/**
+ * When this file was first created, we only introduced support for creating a pull request for some translation batch.
+ * However, some of our first workflow runs failed during the pull request creation due to a timeout error.
+ * There have been cases where, despite the timeout error, the pull request gets created _anyway_.
+ * To accommodate this reality, we created this function to look for an existing pull request before a new one is created.
+ * Although the "find" check is redundant in the first "cycle", it's designed this way to recursively call the function again via its retry mechanism should that be necessary.
+ *
+ * @param {object} config Configuration options for creating the pull request.
+ * @returns {Promise<number>} The PR number.
+ */
+async function findOrCreatePullRequest(config) {
+  const found = await findPullRequestNumber(config)
+
+  if (found) {
+    return found
+  }
+
+  try {
+    const { data: pullRequest } = await octokit.rest.pulls.create({
+      owner: config.owner,
+      repo: config.repo,
+      base: config.base,
+      head: config.head,
+      title: config.title,
+      body: config.body,
+      draft: false,
+    })
+
+    return pullRequest.number
+  } catch (error) {
+    if (!error.response || !config.retryCount) {
+      throw error
+    }
+
+    if (!config.retryStatuses.includes(error.response.status)) {
+      throw error
+    }
+
+    console.error(`Error creating pull request: ${error.message}`)
+    console.warn(`Retrying in 5 seconds...`)
+    await new Promise((resolve) => setTimeout(resolve, 5000))
+
+    config.retryCount -= 1
+
+    return findOrCreatePullRequest(config)
+  }
+}
+
+/**
+ * @param {object} config Configuration options for labeling the PR
+ * @returns {Promise<undefined>}
+ */
+async function labelPullRequest(config) {
+  await octokit.rest.issues.update({
+    owner: config.owner,
+    repo: config.repo,
+    issue_number: config.issue_number,
+    labels: config.labels,
+  })
+}
+
+async function main() {
+  const options = {
+    title: TITLE,
+    base: BASE,
+    head: HEAD,
+    body: fs.readFileSync(BODY_FILE, 'utf8'),
+    labels: ['translation-batch', `translation-batch-${LANGUAGE}`],
+    owner: OWNER,
+    repo: REPO,
+    retryStatuses: RETRY_STATUSES,
+    retryCount: RETRY_ATTEMPTS,
+  }
+
+  options.issue_number = await findOrCreatePullRequest(options)
+  const pr = `${GITHUB_REPOSITORY}#${options.issue_number}`
+  console.log(`Created PR ${pr}`)
+
+  // metadata parameters aren't currently available in `github.rest.pulls.create`,
+  // but they are in `github.rest.issues.update`.
+  await labelPullRequest(options)
+  console.log(`Updated ${pr} with these labels: ${options.labels.join(', ')}`)
+}
+
+main()

.github/workflows/codespaces-prebuild.yml

@@ -0,0 +1,30 @@
+name: Prebuild Codespaces
+
+# **What it does**: Prebuild the Codespaces image using powerful machines.
+#   See https://github.com/github/codespaces-precache#readme for more details.
+#   IMPORTANT: Requires we set a `EXPERIMENTAL_CODESPACE_CACHE_TOKEN` Codespaces
+#   Secret (NOT an Actions Secret) in the repository.
+# **Why we have it**: Reduces startup time when booting Codespaces.
+# **Who does it impact**: Any Docs contributors who want to use Codespaces.
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+# Currently requires write, but in the future will only require read
+permissions:
+  contents: write
+
+jobs:
+  createPrebuild:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+      - uses: github/codespaces-precache@2ad40630d7e3e45e8725d6a74656cb6dd17363dc
+        with:
+          regions: WestUs2 EastUs WestEurope SouthEastAsia
+          sku_name: basicLinux32gb
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/create-translation-batch-pr.yml

@@ -166,26 +166,27 @@ jobs:
           script/i18n/report-reset-files.js --report-type=csv --language=${{ matrix.language }} --log-file=/tmp/batch.log > $csvFile
           git add -f $csvFile && git commit -m "Check in ${{ matrix.language }} CSV report" || echo "Nothing to commit"
 
+      - name: Write the reported files that were reset to /tmp/pr-body.txt
+        run: script/i18n/report-reset-files.js --report-type=pull-request-body --language=${{ matrix.language }} --log-file=/tmp/batch.log > /tmp/pr-body.txt
+
+      - name: Push filtered translations
+        run: git push origin ${{ steps.set-branch.outputs.BRANCH_NAME }}
+
       - name: Close existing stale batches
         uses: lee-dohm/close-matching-issues@e9e43aad2fa6f06a058cedfd8fb975fd93b56d8f
         with:
           token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
           query: 'type:pr label:translation-batch-${{ matrix.language }}'
 
-      - name: Create Pull Request
+      - name: Create translation batch pull request
         env:
           GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
-        # We'll try to create the pull request based on the changes we pushed up in the branch.
+          TITLE: 'New translation batch for ${{ matrix.language }}'
-        # If there are actually no differences between the branch and `main`, we'll delete it.
+          BASE: 'main'
-        run: |
+          HEAD: ${{ steps.set-branch.outputs.BRANCH_NAME }}
-          script/i18n/report-reset-files.js --report-type=pull-request-body --language=${{ matrix.language }} --log-file=/tmp/batch.log > /tmp/pr-body.txt
+          LANGUAGE: ${{ matrix.language }}
-          git push origin ${{ steps.set-branch.outputs.BRANCH_NAME }}
+          BODY_FILE: '/tmp/pr-body.txt'
-          gh pr create --title "New translation batch for ${{ matrix.language }}" \
+        run: .github/actions-scripts/create-translation-batch-pr.js
-            --base=main \
-            --head=${{ steps.set-branch.outputs.BRANCH_NAME }} \
-            --label "translation-batch-${{ matrix.language }}" \
-            --label "translation-batch" \
-            --body-file /tmp/pr-body.txt || git push origin :${{ steps.set-branch.outputs.BRANCH_NAME }}
 
       - name: Approve PR
         if: github.ref_name == 'main'

.github/workflows/link-check-all.yml

@@ -40,13 +40,23 @@ jobs:
       - name: Gather files changed
         uses: trilom/file-changes-action@a6ca26c14274c33b15e6499323aac178af06ad4b
         id: get_diff_files
+
+      # Necessary because trilom/file-changes-action can't escape each file
+      # name for using in bash. So, we do it ourselves.
+      # trilom/file-changes-action will, by default produce outputs
+      # in JSON format. We consume that and set a new output where each
+      # filename is wrapped in quotation marks.
+      # Perhaps some day we can rely on this directly based on;
+      # https://github.com/trilom/file-changes-action/issues/130
+      - name: Escape each diff file name
+        id: get_diff_files_escaped
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
-          # So that `steps.get_diff_files.outputs.files` becomes
+          github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
-          # a string like `foo.js path/bar.md`
+          script: |
-          output: ' '
+            const input = JSON.parse('${{ steps.get_diff_files.outputs.files }}')
-      - name: Insight into changed files
+            const files = input.map(filename => `"${filename}"`)
-        run: |
+            core.setOutput('files', files.join(' '))
-          echo "${{ steps.get_diff_files.outputs.files }}"
 
       - name: Link check (warnings, changed files)
         run: |
@@ -56,7 +66,7 @@ jobs:
             --check-anchors \
             --check-images \
             --verbose \
-            "${{ steps.get_diff_files.outputs.files }}"
+            ${{ steps.get_diff_files_escaped.outputs.files }}
 
       - name: Link check (critical, all files)
         run: |

.github/workflows/test-windows.yml

@@ -73,4 +73,4 @@ jobs:
         run: npm run build
 
       - name: Run tests
-        run: npm run test tests/${{ matrix.test-group }}/
+        run: npm test -- tests/${{ matrix.test-group }}/

.github/workflows/test.yml

@@ -93,4 +93,4 @@ jobs:
       - name: Run tests
         env:
           DIFF_FILE: get_diff_files.txt
-        run: npm run test tests/${{ matrix.test-group }}/
+        run: npm test -- tests/${{ matrix.test-group }}/

Dockerfile

@@ -22,9 +22,10 @@ COPY package*.json ./
 
 RUN npm ci
 
+# For Next.js v12+
 # This the appropriate necessary extra for node:16-alpine
 # Other options are https://www.npmjs.com/search?q=%40next%2Fswc
-RUN npm i @next/swc-linux-x64-musl --no-save
+# RUN npm i @next/swc-linux-x64-musl --no-save
 
 
 # ---------------

components/article/ArticlePage.tsx

@@ -1,4 +1,6 @@
+import { useState, useEffect } from 'react'
 import { useRouter } from 'next/router'
+import dynamic from 'next/dynamic'
 import cx from 'classnames'
 import { ActionList, Heading } from '@primer/components'
 
@@ -17,6 +19,10 @@ import { ArticleGridLayout } from './ArticleGridLayout'
 import { PlatformPicker } from 'components/article/PlatformPicker'
 import { ToolPicker } from 'components/article/ToolPicker'
 
+const ClientSideRedirectExceptions = dynamic(() => import('./ClientsideRedirectExceptions'), {
+  ssr: false,
+})
+
 // Mapping of a "normal" article to it's interactive counterpart
 const interactiveAlternatives: Record<string, { href: string }> = {
   '/actions/automating-builds-and-tests/building-and-testing-nodejs': {
@@ -79,8 +85,38 @@ export const ArticlePage = () => {
     )
   }
 
+  // We have some one-off redirects for rest api docs
+  // currently those are limited to the repos page, but
+  // that will grow soon as we restructure the rest api docs.
+  // This is a workaround to updating the hardcoded links
+  // directly in the REST API code in a separate repo, which
+  // requires many file changes and teams to sign off.
+  // While the organization is turbulent, we can do this.
+  // Once it's more settled, we can refactor the rest api code
+  // to leverage the OpenAPI urls rather than hardcoded urls.
+  // The code below determines if we should bother loading this redirecting
+  // component at all.
+  // The reason this isn't done at the server-level is because there you
+  // can't possibly access the URL hash. That's only known in client-side
+  // code.
+  const [loadClientsideRedirectExceptions, setLoadClientsideRedirectExceptions] = useState(false)
+  useEffect(() => {
+    const { hash, pathname } = window.location
+    // Today, Jan 2022, it's known explicitly what the pathname.
+    // In the future there might be more.
+    // Hopefully, we can some day delete all of this and no longer
+    // be dependent on the URL hash to do the redirect.
+    if (hash && pathname.endsWith('/rest/reference/repos')) {
+      setLoadClientsideRedirectExceptions(true)
+    }
+  }, [])
+
   return (
     <DefaultLayout>
+      {/* Doesn't matter *where* this is included because it will
+      never render anything. It always just return null. */}
+      {loadClientsideRedirectExceptions && <ClientSideRedirectExceptions />}
+
       <div className="container-xl px-3 px-md-6 my-4">
         <ArticleGridLayout
           topper={<ArticleTitle>{title}</ArticleTitle>}

components/article/ClientsideRedirectExceptions.tsx

@@ -0,0 +1,35 @@
+import { useEffect } from 'react'
+import { useRouter } from 'next/router'
+
+import overrides from '../../lib/redirects/static/rest-api-redirect-exceptions.json'
+const overrideRedirects: Record<string, string> = overrides
+
+export default function ClientSideRedirectExceptions() {
+  const router = useRouter()
+  useEffect(() => {
+    // We have some one-off redirects for rest api docs
+    // currently those are limited to the repos page, but
+    // that will grow soon as we restructure the rest api docs.
+    // This is a workaround to updating the hardcoded links
+    // directly in the REST API code in a separate repo, which
+    // requires many file changes and teams to sign off.
+    // While the organization is turbulent, we can do this.
+    // Once it's more settled, we can refactor the rest api code
+    // to leverage the OpenAPI urls rather than hardcoded urls.
+    const { hash, pathname } = window.location
+
+    // The `hash` will start with a `#` but all the keys in
+    // `overrideRedirects` do not. Hence, this slice.
+    const combined = pathname + hash
+    const overrideKey = combined
+      .replace(`/${router.locale}`, '')
+      .replace(`/${router.query.versionId || ''}`, '')
+    const redirectToName = overrideRedirects[overrideKey]
+    if (redirectToName) {
+      const newPathname = combined.replace(overrideKey, redirectToName)
+      router.replace(newPathname)
+    }
+  }, [])
+
+  return null
+}

components/context/ProductLandingContext.tsx

@@ -51,6 +51,7 @@ export type ProductLandingContextT = {
   featuredArticles: Array<{
     label: string // Guides
     viewAllHref?: string // If provided, adds a "View All ->" to the header
+    viewAllTitleText?: string // Adds 'title' attribute text for the "View All" href
     articles: Array<FeaturedLink>
   }>
   changelogUrl?: string

components/guides/ArticleCard.tsx

@@ -4,11 +4,16 @@ import { Label } from '@primer/components'
 type Props = {
   card: ArticleGuide
   typeLabel: string
+  tabIndex?: number
 }
 
-export const ArticleCard = ({ card, typeLabel }: Props) => {
+export const ArticleCard = ({ tabIndex, card, typeLabel }: Props) => {
   return (
-    <div data-testid="article-card" className="d-flex col-12 col-md-4 pr-0 pr-md-6 pr-lg-8">
+    <li
+      tabIndex={tabIndex}
+      data-testid="article-card"
+      className="d-flex col-12 col-md-4 pr-0 pr-md-6 pr-lg-8"
+    >
       <a className="no-underline d-flex flex-column py-3 border-bottom" href={card.href}>
         <h4 className="h4 color-fg-default mb-1" dangerouslySetInnerHTML={{ __html: card.title }} />
         <div className="h6 text-uppercase" data-testid="article-card-type">
@@ -33,6 +38,6 @@ export const ArticleCard = ({ card, typeLabel }: Props) => {
           </ul>
         )}
       </a>
-    </div>
+    </li>
   )
 }

components/guides/ArticleCards.tsx

@@ -1,4 +1,4 @@
-import React, { useEffect, useState } from 'react'
+import React, { useEffect, useRef, useState } from 'react'
 
 import { ArticleGuide, useProductGuidesContext } from 'components/context/ProductGuidesContext'
 import { useTranslation } from 'components/hooks/useTranslation'
@@ -15,6 +15,9 @@ export const ArticleCards = () => {
   const [typeFilter, setTypeFilter] = useState<ItemInput | undefined>()
   const [topicFilter, setTopicFilter] = useState<ItemInput | undefined>()
   const [filteredResults, setFilteredResults] = useState<Array<ArticleGuide>>([])
+  const typesRef = useRef<HTMLDivElement>(null)
+  const topicsRef = useRef<HTMLDivElement>(null)
+  const articleCardRef = useRef<HTMLUListElement>(null)
 
   useEffect(() => {
     setNumVisible(PAGE_SIZE)
@@ -27,6 +30,21 @@ export const ArticleCards = () => {
     )
   }, [typeFilter, topicFilter])
 
+  const clickDropdown = (e: React.RefObject<HTMLDivElement>) => {
+    if (e === typesRef && typesRef.current) typesRef.current.focus()
+    if (e === topicsRef && topicsRef.current) topicsRef.current.focus()
+  }
+
+  const loadMore = () => {
+    if (articleCardRef.current) {
+      const childListLength = articleCardRef.current.childElementCount
+      // Leading semi-colon due to prettier to prevent possible ASI failures
+      // Need to explicitly type assert as HTMLDivElement as focus property missing from dom type definitions for Element.
+      ;(articleCardRef.current.childNodes.item(childListLength - 1) as HTMLDivElement).focus()
+    }
+    setNumVisible(numVisible + PAGE_SIZE)
+  }
+
   const isUserFiltering = typeFilter !== undefined || topicFilter !== undefined
 
   const guides = isUserFiltering ? filteredResults : includeGuides || []
@@ -48,11 +66,18 @@ export const ArticleCards = () => {
       <label htmlFor="guide-filter-form">{t('filter_instructions')}</label>
       <form name="guide-filter-form" className="mt-2 mb-5 d-flex d-flex">
         <div data-testid="card-filter-types">
-          <label htmlFor="type" className="text-uppercase f6 color-fg-muted d-block">
+          <div
+            onClick={() => clickDropdown(typesRef)}
+            onKeyDown={() => clickDropdown(typesRef)}
+            role="button"
+            tabIndex={-1}
+            className="text-uppercase f6 color-fg-muted d-block"
+          >
             {t('filters.type')}
-          </label>
+          </div>
           <DropdownMenu
-            aria-label="guide types"
+            anchorRef={typesRef}
+            aria-label="types"
             data-testid="types-dropdown"
             placeholder={t('filters.all')}
             items={types}
@@ -62,11 +87,18 @@ export const ArticleCards = () => {
         </div>
 
         <div data-testid="card-filter-topics" className="mx-4">
-          <label htmlFor="topic" className="text-uppercase f6 color-fg-muted d-block">
+          <div
+            onClick={() => clickDropdown(topicsRef)}
+            onKeyDown={() => clickDropdown(topicsRef)}
+            role="button"
+            tabIndex={-1}
+            className="text-uppercase f6 color-fg-muted d-block"
+          >
             {t('filters.topic')}
-          </label>
+          </div>
           <DropdownMenu
-            aria-label="guide topics"
+            anchorRef={topicsRef}
+            aria-label="topics"
             data-testid="topics-dropdown"
             placeholder={t('filters.all')}
             items={topics}
@@ -84,16 +116,23 @@ export const ArticleCards = () => {
           : t('guides_found.multiple').replace('{n}', guides.length)}
       </div>
 
-      <div className="d-flex flex-wrap mr-0 mr-md-n6 mr-lg-n8">
+      <ul ref={articleCardRef} className="d-flex flex-wrap mr-0 mr-md-n6 mr-lg-n8">
         {guides.slice(0, numVisible).map((card) => {
-          return <ArticleCard key={card.href} card={card} typeLabel={guideTypes[card.type]} />
+          return (
+            <ArticleCard
+              tabIndex={-1}
+              key={card.href}
+              card={card}
+              typeLabel={guideTypes[card.type]}
+            />
+          )
         })}
-      </div>
+      </ul>
 
       {guides.length > numVisible && (
         <button
           className="col-12 mt-5 text-center text-bold color-fg-accent btn-link"
-          onClick={() => setNumVisible(numVisible + PAGE_SIZE)}
+          onClick={loadMore}
         >
           {t('load_more')}
         </button>

components/guides/LearningTrack.tsx

@@ -2,7 +2,7 @@ import cx from 'classnames'
 import { useTranslation } from 'components/hooks/useTranslation'
 import { ArrowRightIcon } from '@primer/octicons-react'
 import { ActionList } from '@primer/components'
-import { useState } from 'react'
+import { useEffect, useRef, useState } from 'react'
 import { FeaturedTrack } from 'components/context/ProductGuidesContext'
 import { TruncateLines } from 'components/ui/TruncateLines'
 import slugger from 'github-slugger'
@@ -15,11 +15,16 @@ type Props = {
 const DEFAULT_VISIBLE_GUIDES = 4
 export const LearningTrack = ({ track }: Props) => {
   const [numVisible, setNumVisible] = useState(DEFAULT_VISIBLE_GUIDES)
+  const { t } = useTranslation('product_guides')
+  const slug = track?.title ? slugger.slug(track?.title) : ''
+  const listRef = useRef<HTMLLIElement>(null)
   const showAll = () => {
     setNumVisible(track?.guides?.length || 0)
   }
-  const { t } = useTranslation('product_guides')
+
-  const slug = track?.title ? slugger.slug(track?.title) : ''
+  useEffect(() => {
+    if (listRef.current) listRef.current.focus()
+  })
 
   return (
     <div data-testid="learning-track" className="my-3 px-4 col-12 col-md-6">
@@ -57,6 +62,7 @@ export const LearningTrack = ({ track }: Props) => {
                 return {
                   renderItem: () => (
                     <ActionList.Item
+                      ref={listRef}
                       as="li"
                       key={guide.href + track?.trackName}
                       sx={{

components/guides/ProductGuides.tsx

@@ -1,6 +1,6 @@
+import React from 'react'
 import { DefaultLayout } from 'components/DefaultLayout'
 import { useProductGuidesContext } from 'components/context/ProductGuidesContext'
-import React from 'react'
 import { LandingSection } from 'components/landing/LandingSection'
 import { GuidesHero } from 'components/guides/GuidesHero'
 import { LearningTracks } from 'components/guides/LearningTracks'

components/landing/ArticleList.tsx

@@ -11,17 +11,27 @@ import { BumpLink } from 'components/ui/BumpLink'
 export type ArticleListPropsT = {
   title?: string
   viewAllHref?: string
+  viewAllTitleText?: string
   articles: Array<FeaturedLink>
 }
 
-export const ArticleList = ({ title, viewAllHref, articles }: ArticleListPropsT) => {
+export const ArticleList = ({
+  title,
+  viewAllHref,
+  viewAllTitleText,
+  articles,
+}: ArticleListPropsT) => {
   return (
     <>
       {title && (
         <div className="mb-4 d-flex flex-items-baseline">
           <h3 className={cx('f4 text-semibold')}>{title}</h3>
           {viewAllHref && (
-            <Link href={viewAllHref} className="ml-4">
+            <Link
+              href={viewAllHref}
+              className="ml-4"
+              {...(viewAllTitleText ? { title: viewAllTitleText } : {})}
+            >
               View all <ArrowRightIcon size={14} className="v-align-middle" />
             </Link>
           )}

components/landing/FeaturedArticles.tsx

@@ -20,6 +20,7 @@ export const FeaturedArticles = () => {
             <ArticleList
               title={section.label}
               viewAllHref={section.viewAllHref}
+              {...(section.viewAllHref ? { viewAllTitleText: `All ${section.label}` } : {})}
               articles={section.articles}
             />
           </div>
@@ -31,6 +32,7 @@ export const FeaturedArticles = () => {
           <ArticleList
             title={t('whats_new')}
             viewAllHref={changelogUrl}
+            viewAllTitleText="All ChangeLog posts"
             articles={(whatsNewChangelog || []).map((link) => {
               return {
                 title: link.title,

components/landing/LandingSection.tsx

@@ -1,3 +1,4 @@
+import { LinkIcon } from '@primer/octicons-react'
 import cx from 'classnames'
 
 type Props = {
@@ -14,6 +15,7 @@ export const LandingSection = ({ title, children, className, sectionLink, descri
         <h2 className={cx('h1 color-fg-default', !description ? 'mb-3' : 'mb-4')}>
           {sectionLink ? (
             <a className="color-unset" href={`#${sectionLink}`}>
+              <LinkIcon size={24} className="m-1" />
               {title}
             </a>
           ) : (

components/landing/TableOfContents.tsx

@@ -32,7 +32,7 @@ export const TableOfContents = (props: Props) => {
                   renderItem: () => (
                     <ActionList.Item>
                       <li key={href} className="f4 d-list-item width-full list-style-none">
-                        <Link className="d-block width-full" href={href}>
+                        <Link className="d-block width-full text-underline" href={href}>
                           {title}
                         </Link>
                         {(childTocItems || []).length > 0 && (
@@ -49,7 +49,10 @@ export const TableOfContents = (props: Props) => {
                               }
                               return (
                                 <li key={childItem.fullPath} className="f4 d-block width-full m-2">
-                                  <Link className="d-block width-full" href={childItem.fullPath}>
+                                  <Link
+                                    className="d-block width-full text-underline"
+                                    href={childItem.fullPath}
+                                  >
                                     {childItem.title}
                                   </Link>
                                 </li>

components/page-footer/Survey.tsx

@@ -34,6 +34,10 @@ export const Survey = () => {
     }
   }
 
+  // Though we set `type="email"` on the email address input which gives us browser
+  // validation of the field, that has accessibility issues (e.g. some screen
+  // readers won't read the error message) so we need to do manual validation
+  // ourselves.
   function handleEmailInputChange() {
     const emailRegex = /[^@\s.][^@\s]*@\[?[a-z0-9.-]+\]?/i
     const surveyEmail = getFormData()?.get('survey-email')?.toString()

components/page-header/Breadcrumbs.tsx

@@ -29,10 +29,9 @@ export const Breadcrumbs = () => {
       aria-label="Breadcrumb"
     >
       <ul>
-        {Object.values(breadcrumbs).map((breadcrumb, i, arr) => {
+        {Object.values(breadcrumbs)
-          if (!breadcrumb) {
+          .filter(Boolean)
-            return null
+          .map((breadcrumb, i, arr) => {
-          }
             const title = `${breadcrumb.title}`
             return [
               !breadcrumb.href ? (
@@ -40,16 +39,17 @@ export const Breadcrumbs = () => {
                   {breadcrumb.title}
                 </span>
               ) : (
-              <li className="d-inline-block">
+                <li className="d-inline-block" key={title}>
                   <Link
-                  key={title}
                     data-testid="breadcrumb-link"
                     href={breadcrumb.href}
                     title={title}
                     className={cx(
                       'pr-3',
                       // Always show first and last, show middle on XL size
-                    i === 0 || i === arr.length - 1 ? 'd-inline-block' : 'd-none d-xl-inline-block',
+                      i === 0 || i === arr.length - 1
+                        ? 'd-inline-block'
+                        : 'd-none d-xl-inline-block',
                       pathWithLocale === breadcrumb.href && 'color-fg-muted'
                     )}
                   >

components/page-header/RestRepoBanner.tsx

@@ -11,7 +11,7 @@ const restDisplayPages = [
   '/rest/reference/pages',
   '/rest/reference/releases',
   '/rest/reference/repos',
-  '/rest/reference/repository-metrics',
+  '/rest/reference/metrics',
   '/rest/reference/webhooks',
 ]
 const restRepoCategoryExceptionsTitles = {
@@ -21,7 +21,7 @@ const restRepoCategoryExceptionsTitles = {
   deployments: 'Deployments',
   pages: 'GitHub Pages',
   releases: 'Releases',
-  'repository-metrics': 'Repository metrics',
+  metrics: 'Metrics',
   webhooks: 'Webhooks',
 }
 

content/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/managing-your-subscriptions.md

@@ -23,7 +23,7 @@ To help you understand your subscriptions and decide whether to unsubscribe, see
 
 ## Choosing how to unsubscribe
 
-To unwatch (or unsubscribe from) repositories quickly, go to the "Watched repositories" page, where you can see all repositories you're watching. For more information, see "[Unwatching repositories](#unwatching-repositories)."
+To unwatch (or unsubscribe from) repositories quickly, go to the "Watched repositories" page, where you can see all repositories you're watching. For more information, see "[Unwatch a repository](#unwatch-a-repository)."
 
 To unsubscribe from multiple notifications at the same time, you can unsubscribe using your inbox or on the subscriptions page. Both of these options offer more context about your subscriptions than the "Watched repositories" page.
 
@@ -46,46 +46,31 @@ When you unsubscribe from notifications in your inbox, they will automatically d
 {% data reusables.notifications.access_notifications %}
 1. From the notifications inbox, select the notifications you want to unsubscribe to.
 2. Click **Unsubscribe.**
-
   ![Unsubscribe option from main inbox](/assets/images/help/notifications-v2/unsubscribe-from-main-inbox.png)
 
 ## Unsubscribing from notifications on the subscriptions page
 
 {% data reusables.notifications.access_notifications %}
 1. In the left sidebar, under the list of repositories, use the "Manage notifications" drop-down to click **Subscriptions**.
-
   ![Manage notifications drop down menu options](/assets/images/help/notifications-v2/manage-notifications-options.png)
 
 2. Select the notifications you want to unsubscribe to. In the top right, click **Unsubscribe.**
-
   ![Subscriptions page](/assets/images/help/notifications-v2/unsubscribe-from-subscriptions-page.png)
 
-## Unwatching repositories
+## Unwatch a repository
 
 When you unwatch a repository, you unsubscribe from future updates from that repository unless you participate in a conversation or are @mentioned.
 
 {% data reusables.notifications.access_notifications %}
 1. In the left sidebar, under the list of repositories, use the "Manage notifications" drop-down to click **Watched repositories**.
-
   ![Manage notifications drop down menu options](/assets/images/help/notifications-v2/manage-notifications-options.png)
-
 2. On the watched repositories page, after you've evaluated the repositories you're watching, choose whether to:
-   {%- ifversion fpt or ghes > 3.0 or ghae or ghec %}
+  {% ifversion fpt or ghes > 3.0 or ghae or ghec %}
     - Unwatch a repository
     - Ignore all notifications for a repository
-   - If enabled, customize the types of event you receive notifications for ({% data reusables.notifications-v2.custom-notification-types %})
+    - Customize the types of event you receive notifications for ({% data reusables.notifications-v2.custom-notification-types %}, if enabled)
-   {%- else %}
+  {% else %}
     - Unwatch a repository
     - Only watch releases for a repository
     - Ignore all notifications for a repository
-   {%- endif %}
-{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5819 %}
-1. Optionally, to unsubscribe from all repositories owned by a given user or organization, select the **Unwatch all** dropdown and click the organization whose repositories you'd like to unsubscribe from. The button to unwatch all repositories is only available if you are watching all notifications, custom notifications or ignoring activity on over 25 repositories.
-
-   ![Unwatch All button](/assets/images/help/notifications-v2/unsubscribe-from-all-repos.png)
-
-   - Click **Unwatch** to confirm that you want to unwatch the repositories owned by the selected user or organization, or click **Cancel** to cancel.
-
-   ![Unwatch all confirmation](/assets/images/help/notifications-v2/unwatch-repo-dialog.png)
-
   {% endif %}

content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-accessibility-settings.md

@@ -2,8 +2,6 @@
 title: Managing accessibility settings
 intro: 'You can disable character key shortcuts on {% data variables.product.prodname_dotcom %} in your accessibility settings.'
 versions:
-  fpt: '*'
-  ghes: '>=3.4'
   feature: keyboard-shortcut-accessibility-setting
 ---
 
@@ -11,7 +9,7 @@ versions:
 
 {% data variables.product.product_name %} includes a variety of keyboard shortcuts so that you can perform actions across the site without using your mouse to navigate. While shortcuts are useful to save time, they can sometimes make {% data variables.product.prodname_dotcom %} harder to use and less accessible.
 
-All keyboard shortcuts are enabled by default on {% data variables.product.product_name %}, but you can choose to disable character key shortcuts in your accessibility settings. This setting does not affect keyboard shortcuts provided by your web browser or {% data variables.product.prodname_dotcom %} shortcuts that use a modifier key such as `control` or `command`.
+All keyboard shortcuts are enabled by default on {% data variables.product.product_name %}, but you can choose to disable character key shortcuts in your accessibility settings. This setting does not affect keyboard shortcuts provided by your web browser or {% data variables.product.prodname_dotcom %} shortcuts that use a modifier key such as <kbd>Control</kbd> or <kbd>Command</kbd>.
 
 ## Managing character key shortcuts
 

content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-your-membership-in-organizations/about-organization-membership.md

@@ -40,7 +40,7 @@ By default, your organization membership visibility is set to private. You can c
 
 {% ifversion fpt or ghec %}
 
-If your organization belongs to an enterprise account, you are automatically a member of the enterprise account and visible to enterprise account owners. For more information, see "[About enterprise accounts](/admin/overview/about-enterprise-accounts)."
+If your organization belongs to an enterprise account, you are automatically a member of the enterprise account and visible to enterprise account owners. For more information, see "[About enterprise accounts](/enterprise-cloud@latest/admin/overview/about-enterprise-accounts){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
 
 {% endif %}
 

content/actions/managing-workflow-runs/disabling-and-enabling-a-workflow.md

@@ -31,8 +31,6 @@ You can also disable and enable a workflow using the REST API. For more informat
 
 ## Disabling a workflow
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}
@@ -62,8 +60,6 @@ gh workflow disable <em>workflow</em>
 
 ## Enabling a workflow
 
-{% include tool-switcher %}
-
 {% webui %}
 
 You can re-enable a workflow that was previously disabled.

content/actions/managing-workflow-runs/downloading-workflow-artifacts.md

@@ -16,8 +16,6 @@ By default, {% data variables.product.product_name %} stores build logs and arti
 
 {% data reusables.repositories.permissions-statement-read %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}

content/actions/managing-workflow-runs/manually-running-a-workflow.md

@@ -20,8 +20,6 @@ To run a workflow manually, the workflow must be configured to run on the `workf
 
 ## Running a workflow
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}

content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md

@@ -19,8 +19,6 @@ versions:
 
 Re-running a workflow uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow for up to 30 days after the initial run.
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}

content/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history.md

@@ -16,8 +16,6 @@ shortTitle: View workflow run history
 
 {% data reusables.repositories.permissions-statement-read %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}

content/actions/security-guides/encrypted-secrets.md

@@ -79,8 +79,6 @@ When generating credentials, we recommend that you grant the minimum permissions
 
 {% data reusables.github-actions.permissions-statement-secrets-repository %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}
@@ -121,8 +119,6 @@ To list all secrets for the repository, use the `gh secret list` subcommand.
 
 {% data reusables.github-actions.permissions-statement-secrets-environment %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}
@@ -160,8 +156,6 @@ When creating a secret in an organization, you can use a policy to limit which r
 
 {% data reusables.github-actions.permissions-statement-secrets-organization %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 {% data reusables.organizations.navigate-to-org %}

content/admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md

@@ -1,7 +1,6 @@
 ---
 title: Configuring SAML single sign-on for your enterprise using Okta
 intro: 'You can use Security Assertion Markup Language (SAML) single sign-on (SSO) with Okta to automatically manage access to your enterprise account on {% data variables.product.product_name %}.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/configuring-single-sign-on-for-your-enterprise-account-using-okta
   - /github/setting-up-and-managing-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta

content/admin/authentication/managing-identity-and-access-for-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Managing team synchronization for organizations in your enterprise
 intro: 'You can enable team synchronization between an identity provider (IdP) and {% data variables.product.product_name %} to allow organizations owned by your enterprise account to manage team membership through IdP groups.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 permissions: Enterprise owners can manage team synchronization for an enterprise account.
 versions:
   ghec: '*'

content/admin/authentication/managing-identity-and-access-for-your-enterprise/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account.md

@@ -1,7 +1,6 @@
 ---
 title: Switching your SAML configuration from an organization to an enterprise account
 intro: Learn special considerations and best practices for replacing an organization-level SAML configuration with an enterprise-level SAML configuration.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 permissions: Enterprise owners can configure SAML single sign-on for an enterprise account.
 versions:
   ghec: '*'

content/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/configuring-scim-provisioning-for-enterprise-managed-users.md

@@ -14,7 +14,7 @@ topics:
 
 ## About provisioning for {% data variables.product.prodname_emus %}
 
-You can configure provisioning for {% data variables.product.prodname_emus %} to create, manage, and deactivate user accounts for your enterprise members. When you configure provisioning for {% data variables.product.prodname_emus %}, users assigned to the {% data variables.product.prodname_emu_idp_application %} application in your identity provider are provisioned as new user accounts on {% data variables.product.prodname_dotcom %} via SCIM, and the users are added to your enterprise. 
+You must configure provisioning for {% data variables.product.prodname_emus %} to create, manage, and deactivate user accounts for your enterprise members. When you configure provisioning for {% data variables.product.prodname_emus %}, users assigned to the {% data variables.product.prodname_emu_idp_application %} application in your identity provider are provisioned as new user accounts on {% data variables.product.prodname_dotcom %} via SCIM, and the users are added to your enterprise. 
 
 When you update information associated with a user's identity on your IdP, your IdP will update the user's account on GitHub.com. When you unassign the user from the {% data variables.product.prodname_emu_idp_application %} application or deactivate a user's account on your IdP, your IdP will communicate with {% data variables.product.prodname_dotcom %} to invalidate any SAML sessions and disable the member's account. The disabled account's information is maintained and their username is changed to a hash of their original username with the short code appended. If you reassign a user to the {% data variables.product.prodname_emu_idp_application %} application or reactivate their account on your IdP, the {% data variables.product.prodname_managed_user %} account on {% data variables.product.prodname_dotcom %} will be reactivated and username restored.
 

content/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account.md

@@ -1,6 +1,7 @@
 ---
 title: Enabling the dependency graph and Dependabot alerts on your enterprise account
 intro: 'You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_ghe_cloud %} and enable the dependency graph and  {% data variables.product.prodname_dependabot_alerts %} in repositories in your instance.'
+miniTocMaxHeadingLevel: 3
 shortTitle: Enable dependency analysis
 redirect_from:
   - /enterprise/admin/installation/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server
@@ -39,6 +40,11 @@ You can connect {% data variables.product.product_location %} to {% data variabl
 
 Only {% data variables.product.company_short %}-reviewed advisories are synchronized. {% data reusables.security-advisory.link-browsing-advisory-db %}
 
+### About scanning of repositories with synchronized data from the {% data variables.product.prodname_advisory_database %}
+
+For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to the instance, {% data variables.product.prodname_ghe_server %} scans all existing repositories in that instance and generates alerts for any repository that is vulnerable. For more information, see "[Detection of vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)."
+
+
 ### About generation of {% data variables.product.prodname_dependabot_alerts %}
 
 If you enable vulnerability detection, when {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in your instance that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}.

content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Enforcing policies for dependency insights in your enterprise
 intro: 'You can enforce policies for dependency insights within your enterprise''s organizations, or allow policies to be set in each organization.'
 permissions: Enterprise owners can enforce policies for dependency insights in an enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /articles/enforcing-a-policy-on-dependency-insights
   - /articles/enforcing-a-policy-on-dependency-insights-in-your-enterprise-account

content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Enforcing policies for security settings in your enterprise
 intro: 'You can enforce policies to manage security settings in your enterprise''s organizations, or allow policies to be set in each organization.'
 permissions: Enterprise owners can enforce policies for security settings in an enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 miniTocMaxHeadingLevel: 3
 redirect_from:
   - /articles/enforcing-security-settings-for-organizations-in-your-business-account

content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-project-board-policies-in-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Enforcing project board policies in your enterprise
 intro: 'You can enforce policies for projects within your enterprise''s organizations, or allow policies to be set in each organization.'
 permissions: Enterprise owners can enforce policies for project boards in an enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /articles/enforcing-project-board-settings-for-organizations-in-your-business-account
   - /articles/enforcing-project-board-policies-for-organizations-in-your-enterprise-account

content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Enforcing repository management policies in your enterprise
 intro: 'You can enforce policies for repository management within your enterprise''s organizations, or allow policies to be set in each organization.'
 permissions: Enterprise owners can enforce policies for repository management in an enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /enterprise/admin/installation/configuring-the-default-visibility-of-new-repositories-on-your-appliance
   - /enterprise/admin/guides/user-management/preventing-users-from-changing-a-repository-s-visibility

content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-team-policies-in-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Enforcing team policies in your enterprise
 intro: 'You can enforce policies for teams in your enterprise''s organizations, or allow policies to be set in each organization.'
 permissions: Enterprise owners can enforce policies for teams in an enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /articles/enforcing-team-settings-for-organizations-in-your-business-account
   - /articles/enforcing-team-policies-for-organizations-in-your-enterprise-account

content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Adding organizations to your enterprise
 intro: You can create new organizations or invite existing organizations to manage within your enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/adding-organizations-to-your-enterprise-account
   - /articles/adding-organizations-to-your-enterprise-account

content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Managing unowned organizations in your enterprise
 intro: You can become an owner of an organization in your enterprise account that currently has no owners.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 permissions: Enterprise owners can manage unowned organizations in an enterprise account.
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account

content/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account.md

@@ -1,7 +1,6 @@
 ---
 title: Streaming the audit logs for organizations in your enterprise account
 intro: 'You can stream audit and Git events data from {% data variables.product.prodname_dotcom %} to an external data management system.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 miniTocMaxHeadingLevel: 3
 versions:
   ghec: '*'

content/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Viewing the audit logs for organizations in your enterprise
 intro: Enterprise owners can view aggregated actions from all of the organizations owned by an enterprise account in its audit log.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account
   - /articles/viewing-the-audit-logs-for-organizations-in-your-business-account

content/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Inviting people to manage your enterprise
 intro: 'You can {% ifversion ghec %}invite people to become enterprise owners or billing managers for{% elsif ghes %}add enterprise owners to{% endif %} your enterprise account. You can also remove enterprise owners {% ifversion ghec %}or billing managers {% endif %}who no longer need access to the enterprise account.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 permissions: 'Enterprise owners can {% ifversion ghec %}invite other people to become{% elsif ghes %}add{% endif %} additional enterprise administrators.'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise

content/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Managing support entitlements for your enterprise
 intro: You can grant enterprise members the ability to manage support tickets for your enterprise account.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise
 versions:

content/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Roles in an enterprise
 intro: 'Everyone in an enterprise is a member of the enterprise. To control access to your enterprise''s settings and data, you can assign different roles to members of your enterprise.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/roles-in-an-enterprise
   - /github/setting-up-and-managing-your-enterprise-account/roles-for-an-enterprise-account

content/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Viewing and managing a user's SAML access to your enterprise
 intro: 'You can view and revoke an enterprise member''s linked identity, active sessions, and authorized credentials.'
 permissions: Enterprise owners can view and manage a member's SAML access to an organization.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise-account/viewing-and-managing-a-users-saml-access-to-your-enterprise-account

content/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Viewing people in your enterprise
 intro: 'To audit access to enterprise-owned resources or user license usage, enterprise owners can view every administrator and member of the enterprise.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise-account/viewing-people-in-your-enterprise-account
   - /articles/viewing-people-in-your-enterprise-account

content/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account.md

@@ -24,7 +24,6 @@ After adding a new SSH key to your account on {% ifversion ghae %}{% data variab
 
 {% mac %}
 
-{% include tool-switcher %}
 {% webui %}
 
 1. Copy the SSH public key to your clipboard.
@@ -59,8 +58,6 @@ After adding a new SSH key to your account on {% ifversion ghae %}{% data variab
 
 {% windows %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 1. Copy the SSH public key to your clipboard.
@@ -96,7 +93,6 @@ After adding a new SSH key to your account on {% ifversion ghae %}{% data variab
 
 {% linux %}
 
-{% include tool-switcher %}
 {% webui %}
 
 1. Copy the SSH public key to your clipboard.

content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md

@@ -124,7 +124,6 @@ An overview of some of the most common actions that are recorded as events in th
 
 | Action | Description
 |------------------|-------------------
-| `clear` | Triggered when [a payment method](/articles/removing-a-payment-method) on file is removed.
 | `create` | Triggered when a new payment method is added, such as a new credit card or PayPal account.
 | `update` | Triggered when an existing payment method is updated.
 

content/billing/index.md

@@ -28,7 +28,6 @@ featuredLinks:
     - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server{% endif %}'
     - '{% ifversion ghae %}/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise{% endif %}'
   guideCards:  
-    - /billing/managing-your-github-billing-settings/removing-a-payment-method
     - /billing/managing-billing-for-your-github-account/how-does-upgrading-or-downgrading-affect-the-billing-process
     - /billing/managing-billing-for-git-large-file-storage/upgrading-git-large-file-storage
     - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise{% endif %}'

content/billing/managing-billing-for-github-codespaces/about-billing-for-codespaces.md

@@ -48,6 +48,12 @@ For information on managing and changing your account's spending limit, see "[Ma
 
 {% data reusables.codespaces.exporting-changes %}
 
+## Limiting the choice of machine types
+
+The type of machine a user chooses when they create a codespace affects the per-minute charge for that codespace, as shown above. 
+
+Organization owners can create a policy to restrict the machine types that are available to users. For more information, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)."
+
 ## How billing is handled for forked repositories
 
 {% data variables.product.prodname_codespaces %} can only be used in organizations where a billable owner has been defined. To incur charges to the organization, the user must be a member or collaborator, otherwise they cannot create a codespace. 

content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces.md

@@ -57,3 +57,8 @@ Enterprise owners and billing managers can manage the spending limit for {% data
 Email notifications are sent to account owners and billing managers when spending reaches 50%, 75%, and 90% of your account's spending limit. 
 
 You can disable these notifications anytime by navigating to the bottom of the **Spending Limit** page.
+
+## Further reading
+
+- "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)"
+- "[Managing billing for Codespaces in your organization](/codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization)"

content/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: About billing for your enterprise
 intro: You can view billing information for your enterprise.
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /admin/overview/managing-billing-for-your-enterprise
   - /enterprise/admin/installation/managing-billing-for-github-enterprise

content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise.md

@@ -1,7 +1,6 @@
 ---
 title: Connecting an Azure subscription to your enterprise
 intro: 'You can use your Microsoft Enterprise Agreement to enable and pay for {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %} usage beyond the included amounts for your enterprise.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-your-enterprise-account/connecting-an-azure-subscription-to-your-enterprise
   - /github/setting-up-and-managing-billing-and-payments-on-github/connecting-an-azure-subscription-to-your-enterprise

content/billing/managing-billing-for-your-github-account/downgrading-your-github-subscription.md

@@ -92,5 +92,4 @@ To reduce the number of paid seats your organization uses, you can remove member
 - "[{% data variables.product.prodname_dotcom %}'s products](/articles/github-s-products)"
 - "[How does upgrading or downgrading affect the billing process?](/articles/how-does-upgrading-or-downgrading-affect-the-billing-process)"
 - "[About billing on {% data variables.product.prodname_dotcom %}](/articles/about-billing-on-github)."
-- "[Removing a payment method](/articles/removing-a-payment-method)"
 - "[About per-user pricing](/articles/about-per-user-pricing)"

content/billing/managing-billing-for-your-github-account/managing-invoices-for-your-enterprise.md

@@ -2,7 +2,6 @@
 title: Managing invoices for your enterprise
 shortTitle: Manage invoices
 intro: 'You can view, pay, or download a current invoice for your enterprise, and you can view your payment history.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 versions:
   ghec: '*'
 type: how_to

content/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md

@@ -1,7 +1,6 @@
 ---
 title: Viewing the subscription and usage for your enterprise account
 intro: 'You can view the current {% ifversion ghec %}subscription, {% endif %}license usage{% ifversion ghec %}, invoices, payment history, and other billing information{% endif %} for {% ifversion ghec %}your enterprise account{% elsif ghes %}{% data variables.product.product_location_enterprise %}{% endif %}.'
-product: '{% data reusables.gated-features.enterprise-accounts %}'
 permissions: 'Enterprise owners {% ifversion ghec %}and billing managers {% endif %}can access and manage all billing settings for enterprise accounts.'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-your-enterprise-account/viewing-the-subscription-and-usage-for-your-enterprise-account

content/billing/managing-your-github-billing-settings/index.md

@@ -25,6 +25,5 @@ children:
   - /redeeming-a-coupon
   - /troubleshooting-a-declined-credit-card-charge
   - /unlocking-a-locked-account
-  - /removing-a-payment-method
 ---
 

content/billing/managing-your-github-billing-settings/removing-a-payment-method.md

@@ -1,45 +0,0 @@
----
-title: Removing a payment method
-intro: 'If you aren''t using your payment method for any paid subscriptions on {% data variables.product.prodname_dotcom %}, you can remove the payment method so it''s no longer stored in your account.'
-redirect_from:
-  - /github/setting-up-and-managing-billing-and-payments-on-github/removing-a-payment-method
-  - /articles/removing-a-credit-card-associated-with-your-user-account
-  - /articles/removing-a-payment-method-associated-with-your-user-account
-  - /articles/removing-a-credit-card-associated-with-your-organization
-  - /articles/removing-a-payment-method-associated-with-your-organization
-  - /articles/removing-a-payment-method
-  - /github/setting-up-and-managing-billing-and-payments-on-github/managing-your-github-billing-settings/removing-a-payment-method
-versions:
-  fpt: '*'
-  ghec: '*'
-type: how_to
-topics:
-  - Organizations
-  - User account
----
-If you're paying for your {% data variables.product.product_name %} subscription with a coupon, and you aren't using your payment method for any [other paid features or products](/articles/about-billing-on-github) on {% data variables.product.product_name %}, you can remove your credit card or PayPal information.
-
-{% data reusables.dotcom_billing.coupon-expires %}
-
-{% tip %}
-
-**Tip:** If you [downgrade your account to a free product](/articles/downgrading-your-github-subscription) and you don't have subscriptions for any other paid features or products, we'll automatically remove your payment information.
-
-{% endtip %}
-
-## Removing your personal account's payment method
-
-{% data reusables.user_settings.access_settings %}
-{% data reusables.user_settings.billing_plans %}
-{% data reusables.user_settings.payment-info-link %}
-{% data reusables.dotcom_billing.remove-payment-method %}
-{% data reusables.dotcom_billing.remove_payment_info %}
-
-## Removing your organization's payment method
-
-{% data reusables.dotcom_billing.org-billing-perms %}
-
-{% data reusables.organizations.billing-settings %}
-{% data reusables.user_settings.payment-info-link %}
-{% data reusables.dotcom_billing.remove-payment-method %}
-{% data reusables.dotcom_billing.remove_payment_info %}

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md

@@ -182,7 +182,7 @@ Analysis time is typically proportional to the amount of code being analyzed. Yo
 
 For compiled languages like Java, C, C++, and C#, {% data variables.product.prodname_codeql %} analyzes all of the code which was built during the workflow run. To limit the amount of code being analyzed, build only the code which you wish to analyze by specifying your own build steps in a `run` block. You can combine specifying your own build steps with using the `paths` or `paths-ignore` filters on the `pull_request` and `push` events to ensure that your workflow only runs when specific code is changed. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestpaths)."
 
-For interpreted languages like Go, JavaScript, Python, and TypeScript, that {% data variables.product.prodname_codeql %} analyzes without a specific build, you can specify additional configuration options to limit the amount of code to analyze. For more information, see "[Specifying directories to scan](/code-security/secure-coding/configuring-code-scanning#specifying-directories-to-scan)."
+For languages like Go, JavaScript, Python, and TypeScript, that {% data variables.product.prodname_codeql %} analyzes without compiling the source code, you can specify additional configuration options to limit the amount of code to analyze. For more information, see "[Specifying directories to scan](/code-security/secure-coding/configuring-code-scanning#specifying-directories-to-scan)."
 
 If you split your analysis into multiple workflows as described above, we still recommend that you have at least one workflow which runs on a `schedule` which analyzes all of the code in your repository. Because {% data variables.product.prodname_codeql %} analyzes data flows between components, some complex security behaviors may only be detected on a complete build. 
 

content/codespaces/codespaces-reference/understanding-billing-for-codespaces.md

@@ -54,3 +54,7 @@ Your codespace will be automatically deleted when you are removed from an organi
 ## Deleting your unused codespaces
 
 You can manually delete your codespaces in https://github.com/codespaces and from within {% data variables.product.prodname_vscode %}. To reduce the size of a codespace, you can manually delete files using the terminal or from within {% data variables.product.prodname_vscode %}.
+
+## Further reading
+
+- "[Managing billing for Codespaces in your organization](/codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization)"

content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md

@@ -23,10 +23,10 @@ The Command Palette is one of the focal features of {% data variables.product.pr
 
 You can access the {% data variables.product.prodname_vscode_command_palette %} in a number of ways.
 
-- `Shift + Command + P` (Mac) / `Ctrl + Shift + P` (Windows).
+- <kbd>Shift</kbd>+<kbd>Command</kbd>+<kbd>P</kbd> (Mac) / <kbd>Ctrl</kbd>+<kbd>Shift</kbd>+<kbd>P</kbd> (Windows/Linux).
 
   Note that this command is a reserved keyboard shortcut in Firefox.
-- `F1`
+- <kbd>F1</kbd>
 - From the Application Menu, click **View > Command Palette…**.
 
   ![The application menu](/assets/images/help/codespaces/codespaces-view-menu.png)

content/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace.md

@@ -24,8 +24,7 @@ topics:
 
 You can choose a machine type either when you create a codespace or you can change the machine type at any time after you've created a codespace. 
 
-For information on choosing a machine type when you create a codespace, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)." 
+For information on choosing a machine type when you create a codespace, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)." For information on changing the machine type within {% data variables.product.prodname_vscode %}, see "[Using {% data variables.product.prodname_codespaces %} in {% data variables.product.prodname_vscode %}](/codespaces/developing-in-codespaces/using-codespaces-in-visual-studio-code#changing-the-machine-type-in-visual-studio-code)."
-For information on changing the machine type within {% data variables.product.prodname_vscode %}, see "[Using {% data variables.product.prodname_codespaces %} in {% data variables.product.prodname_vscode %}](/codespaces/developing-in-codespaces/using-codespaces-in-visual-studio-code#changing-the-machine-type-in-visual-studio-code)."
 
 ## Changing the machine type in {% data variables.product.prodname_dotcom %}
 
@@ -40,7 +39,11 @@ For information on changing the machine type within {% data variables.product.pr
 
    !['Change machine type' menu option](/assets/images/help/codespaces/change-machine-type-menu-option.png)
 
-1. Choose the required machine type.
+1. If multiple machine types are available for your codespace, choose the type of machine you want to use.
+
+   ![Dialog box showing available machine types to choose](/assets/images/help/codespaces/change-machine-type-choice.png)
+
+   {% data reusables.codespaces.codespaces-machine-type-availability %}
 
 2. Click **Update codespace**. 
 

content/codespaces/customizing-your-codespace/setting-your-timeout-period-for-codespaces.md

@@ -18,8 +18,6 @@ A codespace will stop running after a period of inactivity. You can specify the
 
 {% endwarning %}
 
-{% include tool-switcher %}
-
 {% webui %}
 
 ## Setting your default timeout

content/codespaces/developing-in-codespaces/creating-a-codespace.md

@@ -67,8 +67,6 @@ If you would like to create a codespace for a repository owned by your personal
 
 ## Creating a codespace
 
-{% include tool-switcher %}
-   
 {% webui %}
 
 {% data reusables.repositories.navigate-to-repo %}
@@ -80,9 +78,12 @@ If you would like to create a codespace for a repository owned by your personal
 
    ![New codespace button](/assets/images/help/codespaces/new-codespace-button.png)
 
-   If you are a member of an organization and are creating a codespace on a repository owned by that organization, you can select the option of a different machine type. From the dialog, choose a machine type and then click **Create codespace**.
+   If you are a member of an organization and are creating a codespace on a repository owned by that organization, you can select the option of a different machine type. From the dialog box, choose a machine type and then click **Create codespace**.
+
    ![Machine type choice](/assets/images/help/codespaces/choose-custom-machine-type.png)
 
+   {% data reusables.codespaces.codespaces-machine-type-availability %}
+
 {% endwebui %}
    
 {% vscode %}

content/codespaces/developing-in-codespaces/deleting-a-codespace.md

@@ -26,7 +26,6 @@ shortTitle: Delete a codespace
 
 {% endnote %}
 
-{% include tool-switcher %}
 
 {% webui %}
 

content/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace.md

@@ -29,8 +29,6 @@ You can also forward a port manually, label forwarded ports, share forwarded por
 
 You can manually forward a port that wasn't forwarded automatically.
 
-{% include tool-switcher %}
-   
 {% webui %}
 
 {% data reusables.codespaces.navigate-to-ports-tab %}
@@ -93,8 +91,6 @@ To see details of forwarded ports enter `gh codespace ports` and then choose a c
 
 If you want to share a forwarded port with others, you can either make the port private to your organization or make the port public. After you make a port private to your organization, anyone in the organization with the port's URL can view the running application. After you make a port public, anyone who knows the URL and port number can view the running application without needing to authenticate.
 
-{% include tool-switcher %}
-   
 {% webui %}
 
 {% data reusables.codespaces.navigate-to-ports-tab %}

content/codespaces/developing-in-codespaces/using-codespaces-in-visual-studio-code.md

@@ -36,28 +36,28 @@ Use the {% data variables.product.prodname_vs %} Marketplace to install the [{%
 {% mac %}
 
 {% data reusables.codespaces.click-remote-explorer-icon-vscode %}
-2. Click **Sign in to view {% data variables.product.prodname_dotcom %}...**.
+1. Click **Sign in to view {% data variables.product.prodname_dotcom %}...**.
 
    ![Signing in to view {% data variables.product.prodname_codespaces %}](/assets/images/help/codespaces/sign-in-to-view-codespaces-vscode-mac.png)
 
-3. To authorize {% data variables.product.prodname_vscode %} to access your account on {% data variables.product.product_name %}, click **Allow**.
+1. To authorize {% data variables.product.prodname_vscode %} to access your account on {% data variables.product.product_name %}, click **Allow**.
-4. Sign in to {% data variables.product.product_name %} to approve the extension.
+1. Sign in to {% data variables.product.product_name %} to approve the extension.
 
 {% endmac %}
 
 {% windows %}
 
 {% data reusables.codespaces.click-remote-explorer-icon-vscode %}
-2. Use the "REMOTE EXPLORER" drop-down, then click **{% data variables.product.prodname_github_codespaces %}**.
+1. Use the "REMOTE EXPLORER" drop-down, then click **{% data variables.product.prodname_github_codespaces %}**.
 
    ![The {% data variables.product.prodname_codespaces %} header](/assets/images/help/codespaces/codespaces-header-vscode.png)
 
-3. Click **Sign in to view {% data variables.product.prodname_codespaces %}...**.
+1. Click **Sign in to view {% data variables.product.prodname_codespaces %}...**.
 
    ![Signing in to view {% data variables.product.prodname_codespaces %}](/assets/images/help/codespaces/sign-in-to-view-codespaces-vscode.png)
 
-4. To authorize {% data variables.product.prodname_vscode %} to access your account on {% data variables.product.product_name %}, click **Allow**.
+1. To authorize {% data variables.product.prodname_vscode %} to access your account on {% data variables.product.product_name %}, click **Allow**.
-5. Sign in to {% data variables.product.product_name %} to approve the extension.
+1. Sign in to {% data variables.product.product_name %} to approve the extension.
 
 {% endwindows %}
 
@@ -68,8 +68,8 @@ Use the {% data variables.product.prodname_vs %} Marketplace to install the [{%
 ## Opening a codespace in {% data variables.product.prodname_vscode %}
 
 {% data reusables.codespaces.click-remote-explorer-icon-vscode %}
-2. Under "Codespaces", click the codespace you want to develop in.
+1. Under "Codespaces", click the codespace you want to develop in.
-3. Click the Connect to Codespace icon.
+1. Click the Connect to Codespace icon.
 
    ![The Connect to Codespace icon in {% data variables.product.prodname_vscode %}](/assets/images/help/codespaces/click-connect-to-codespace-icon-vscode.png)
 
@@ -80,17 +80,23 @@ Use the {% data variables.product.prodname_vs %} Marketplace to install the [{%
 You can change the machine type of your codespace at any time.
 
 1. In {% data variables.product.prodname_vscode %}, open the Command Palette (`shift command P` / `shift control P`).
-2. Search for and select "Codespaces: Change Machine Type."
+1. Search for and select "Codespaces: Change Machine Type."
 
    ![Searching for a branch to create a new {% data variables.product.prodname_codespaces %}](/assets/images/help/codespaces/vscode-change-machine-type-option.png)
 
-3. Click the codespace that you want to change.
+1. Click the codespace that you want to change.
 
    ![Searching for a branch to create a new {% data variables.product.prodname_codespaces %}](/assets/images/help/codespaces/vscode-change-machine-choose-repo.png)
 
-4. Choose the machine type you want to use. 
+1. Choose the machine type you want to use. 
 
-If the codespace is currently running, a message is displayed asking if you would like to restart and reconnect to your codespace now. Click **Yes** if you want to change the machine type used for this codespace immediately. If you click **No**, or if the codespace is not currently running, the change will take effect the next time the codespace restarts.
+   {% data reusables.codespaces.codespaces-machine-type-availability %}
+
+1. If the codespace is currently running, a message is displayed asking if you would like to restart and reconnect to your codespace now.
+
+   Click **Yes** if you want to change the machine type used for this codespace immediately.
+   
+   If you click **No**, or if the codespace is not currently running, the change will take effect the next time the codespace restarts.
 
 ## Deleting a codespace in {% data variables.product.prodname_vscode %}
 

content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md

@@ -24,7 +24,7 @@ Organization owners can control which users in your organization can create and
 To use codespaces in your organization, you must do the following:
 
 - Ensure that users have [at least write access](/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization) to the repositories where they want to use a codespace. 
-- [Enable {% data variables.product.prodname_codespaces %} for users in your organization](#configuring-which-users-in-your-organization-can-use-codespaces). You can choose allow {% data variables.product.prodname_codespaces %} for selected users or only for specific users.
+- [Enable {% data variables.product.prodname_codespaces %} for users in your organization](#enable-codespaces-for-users-in-your-organization). You can choose allow {% data variables.product.prodname_codespaces %} for selected users or only for specific users.
 - [Set a spending limit](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces)
 - Ensure that your organization does not have an IP address allow list enabled. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization)."
 

content/codespaces/managing-codespaces-for-your-organization/index.md

@@ -13,6 +13,7 @@ children:
   - /managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces
   - /managing-repository-access-for-your-organizations-codespaces
   - /reviewing-your-organizations-audit-logs-for-codespaces
+  - /restricting-access-to-machine-types
 shortTitle: Managing your organization
 ---
  

content/codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization.md

@@ -37,6 +37,8 @@ You can disable the use of {% data variables.product.prodname_codespaces %} in y
 
 You can also limit the individual users who can use {% data variables.product.prodname_codespaces %}. For more information, see "[Managing user permissions for your organization](/codespaces/managing-codespaces-for-your-organization/managing-user-permissions-for-your-organization)."
 
+You can limit the choice of machine types that are available for repositories owned by your organization. This allows you to prevent people using overly resourced machines for their codespaces. For more information, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)."
+
 ## Deleting unused codespaces
 
 Your users can delete their codespaces in https://github.com/codespaces and from within Visual Studio Code. To reduce the size of a codespace, users can manually delete files using the terminal or from within Visual Studio Code. 

content/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces.md

@@ -78,6 +78,6 @@ You can check which access policies are applied to a secret in your organization
 ![Secrets list](/assets/images/help/settings/actions-org-secrets-list.png)
 1. For more details on the configured permissions for each secret, click **Update**.
 
-## Further Reading
+## Further reading
 
 - "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)"

content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md

@@ -30,6 +30,6 @@ To manage which users in your organization can use {% data variables.product.pro
 1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories owned by your organization. Repeat for all repositories whose codespaces you want to access other repositories.
     !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
 
-## Further Reading
+## Further reading
 
 - "[Managing repository access for your codespaces](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces)"

content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md

@@ -0,0 +1,94 @@
+---
+title: Restricting access to machine types
+shortTitle: Machine type access
+intro: 'You can set constraints on the types of machines users can choose when they create codespaces in your organization.'
+product: '{% data reusables.gated-features.codespaces %}'
+permissions: 'To manage access to machine types for the repositories in an organization, you must be an organization owner.'
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Codespaces
+---
+
+## Overview
+
+Typically, when you create a codespace you are offered a choice of specifications for the machine that will run your codespace. You can choose the machine type that best suits your needs. For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)." If you pay for using {% data variables.product.prodname_github_codespaces %} then your choice of machine type will affect how much your are billed. For more information about pricing, see "[About billing for Codespaces](/billing/managing-billing-for-github-codespaces/about-billing-for-codespaces)."
+
+As an organization owner, you may want to configure constraints on the types of machine that are available. For example, if the work in your organization doesn't require significant compute power or storage space, you can remove the highly resourced machines from the list of options that people can choose from. You do this by defining one or more policies in the {% data variables.product.prodname_codespaces %} settings for your organization.
+
+### Behavior when you set a machine type constraint
+
+If there are existing codespaces that no longer conform to a policy you have defined, these codespaces will continue to operate until they time out. When the user attempts to resume the codespace they are shown a message telling them that the currenly selected machine type is no longer allowed for this organization and prompting them to choose an alternative machine type.
+
+If you remove higher specification machine types that are required by the {% data variables.product.prodname_codespaces %} configuration for an individual repository in your organization, then it won't be possible to create a codespace for that repository. When someone attempts to create a codespace they will see a message telling them that there are no valid machine types available that meet the requirements of the repository's {% data variables.product.prodname_codespaces %} configuration.
+
+{% note %}
+
+**Note**: Anyone who can edit the `devcontainer.json` configuration file in a repository can set a minimum specification for machines that can be used for codespaces for that repository. For more information, see "[Setting a minimum specification for codespace machines](/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines)."
+
+{% endnote %}
+
+If setting a policy for machine types prevents people from using {% data variables.product.prodname_codespaces %} for a particular repository there are two options:
+
+* You can adjust your policies to specifically remove the restrictions from the affected repository.
+* Anyone who has a codespace that they can no longer access, because of the new policy, can export their codespace to a branch. This branch will contain all of their changes from the codespace. They can then open a new codespace on this branch with a compliant machine type or work on this branch locally. For more information, see "[Exporting changes to a branch](/codespaces/troubleshooting/exporting-changes-to-a-branch)."
+
+### Setting organization-wide and repository-specific policies
+
+When you create a policy you choose whether it applies to all repositories in your organization, or only to specified repositories. If you set an organization-wide policy then any policies you set for individual repositories must fall within the restriction set at the organization level. Adding policies makes the choice of machine more, not less, restrictive.
+
+For example, you could create an organization-wide policy that restricts the machine types to either 2 or 4 cores. You can then set a policy for Repository A that restricts it to just 2-core machines. Setting a policy for Repository A that restricted it to machines with 2, 4, or 8 cores would result in a choice of 2-core and 4-core machines only, because the organization-wide policy prevents access to 8-core machines.
+
+If you add an organization-wide policy, you should set it to the largest choice of machine types that will be available for any repository in your organization. You can then add repository-specific policies to further restrict the choice.
+
+## Adding a policy to limit the available machine types
+
+{% data reusables.profile.access_org %}
+{% data reusables.profile.org_settings %}
+{% data reusables.organizations.click-codespaces %}
+1. Under "Codespaces", click **Policy**.
+
+   !["Policy" tab in left sidebar](/assets/images/help/organizations/codespaces-policy-sidebar.png)
+
+1. On the "Codespace policies" page, click **Create Policy**.
+1. Enter a name for your new policy.
+1. Click **Add constraint** and choose **Machine types**.
+
+   ![Add a constraint for machine types](/assets/images/help/codespaces/add-constraint-dropdown.png)
+
+1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the constraint, then clear the selection of any machine types that you don't want to be available.
+
+   ![Edit the machine type constraint](/assets/images/help/codespaces/edit-machine-constraint.png)
+
+1. In the "Change policy target" area, click the dropdown button.
+1. Choose either **All repositories** or **Selected repositories** to determine which repositories this policy will apply to.
+1. If you chose **Selected repositories**:
+   1. Click {% octicon "gear" aria-label="The settings icon" %}.
+
+      ![Edit the settings for the policy](/assets/images/help/codespaces/policy-edit.png)
+
+   1. Select the repositories you want this policy to apply to.
+   1. At the bottom of the repository list, click **Select repositories**.
+
+      ![Select repositories for this policy](/assets/images/help/codespaces/policy-select-repos.png)
+
+1. Click **Save**.
+
+## Editing a policy
+
+1. Display the "Codespace policies" page. For more information, see "[Adding a policy to limit the available machine types](#adding-a-policy-to-limit-the-available-machine-types)."
+1. Click the name of the policy you want to edit.
+1. Make the required changes then click **Save**.
+
+## Deleting a policy 
+
+1. Display the "Codespace policies" page. For more information, see "[Adding a policy to limit the available machine types](#adding-a-policy-to-limit-the-available-machine-types)."
+1. Click the delete button to the right of the policy you want to delete.
+
+   ![The delete button for a policy](/assets/images/help/codespaces/policy-delete.png)
+
+## Further reading
+
+- "[Managing spending limits for Codespaces](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces)"

content/codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-codespaces.md

@@ -21,6 +21,6 @@ When any member of your organization performs an action related to {% data varia
 
 The audit log includes details such as who performed the action, what the action was, and when the action was performed. For information on {% data variables.product.prodname_codespaces %} actions, see "[{% data variables.product.prodname_codespaces %} category actions](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#codespaces-category-actions)."
 
-## Further Reading
+## Further reading
 
 - "[Reviewing your security logs for {% data variables.product.prodname_codespaces %}](/codespaces/managing-your-codespaces/reviewing-your-security-logs-for-codespaces)"

content/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces.md

@@ -82,6 +82,6 @@ You can update the value of an existing secret, and you can change which reposit
 1. Read the warning, then click **OK**.
   ![Confirmation to delete secret](/assets/images/help/settings/codespaces-secret-delete-warning.png)
 
-## Further Reading
+## Further reading
 
 - "[Managing encrypted secrets for your repository and organization for {% data variables.product.prodname_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces)"

content/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces.md

@@ -24,6 +24,6 @@ When you enable access and security for a repository owned by your user account,
 1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories you own. Repeat for all repositories whose codespaces you want to access other repositories you own.
   !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
 
-## Further Reading
+## Further reading
 
 - "[Managing repository access for your organization's codespaces](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces)"

content/codespaces/managing-your-codespaces/reviewing-your-security-logs-for-codespaces.md

@@ -22,6 +22,6 @@ When you perform an action related to {% data variables.product.prodname_codespa
 
 The security log includes details on what action occurred and when you performed it. For information about {% data variables.product.prodname_codespaces %} actions, see "[{% data variables.product.prodname_codespaces %} category actions](/github/authenticating-to-github/reviewing-your-security-log#codespaces-category-actions)".
 
-## Further Reading
+## Further reading
 
 - "[Reviewing your organization's audit logs for {% data variables.product.prodname_codespaces %}](/codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-codespaces)"

content/codespaces/setting-up-your-project-for-codespaces/index.md

@@ -15,5 +15,6 @@ children:
   - /setting-up-your-dotnet-project-for-codespaces
   - /setting-up-your-java-project-for-codespaces
   - /setting-up-your-python-project-for-codespaces
+  - /setting-a-minimum-specification-for-codespace-machines
 ---
 

content/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines.md

@@ -0,0 +1,53 @@
+---
+title: Setting a minimum specification for codespace machines
+shortTitle: Setting a minimum machine spec
+intro: 'You can avoid under-resourced machine types being used for {% data variables.product.prodname_codespaces %} for your repository.'
+permissions: People with write permissions to a repository can create or edit the codespace configuration.
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Codespaces
+  - Set up
+product: '{% data reusables.gated-features.codespaces %}'
+---
+
+## Overview
+
+When you create a codespace for a repository you are typically offered a choice of available machine types. Each machine type has a different level of resources. For more information, see "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)."
+
+If your project needs a certain level of compute power, you can configure {% data variables.product.prodname_github_codespaces %} so that only machine types that meet these requirements are available for people to select. You configure this in the `devcontainer.json` file.
+
+{% note %}
+
+**Important:** Access to some machine types may be restricted at the organization level. Typically this is done to prevent people choosing higher resourced machines that are billed at a higher rate. If your repository is affected by an organization-level policy for machine types you should make sure you don't set a minimum specification that would leave no available machine types for people to choose. For more information, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)."
+
+{% endnote %}
+
+## Setting a minimum machine specification
+
+1. {% data variables.product.prodname_codespaces %} for your repository are configured in the `devcontainer.json` file. If your repository does not already contain a `devcontainer.json` file, add one now. See "[Add a dev container to your project](/free-pro-team@latest/codespaces/setting-up-your-project-for-codespaces/setting-up-your-project-for-codespaces)."
+1. Edit the `devcontainer.json` file, adding a `hostRequirements` property such as this:
+
+   ```json{:copy}
+   "hostRequirements": {
+      "cpus": 8,
+      "memory": "8gb",
+      "storage": "32gb" 
+   }
+   ```
+
+   You can specify any or all of the options: `cpus`, `memory`, and `storage`.
+   
+   To check the specifications of the {% data variables.product.prodname_codespaces %} machine types that are currently available for your repository, step through the process of creating a codespace until you see the choice of machine types. For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)."
+   
+1. Save the file and commit your changes to the required branch of the repository.
+
+   Now when you create a codespace for that branch of the repository you will only be able to select machine types that match or exceed the resources you've specified.
+
+   ![Dialog box showing a limited choice of machine types](/assets/images/help/codespaces/machine-types-limited-choice.png)
+
+## Further reading
+
+- "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/configuring-codespaces-for-your-project)"