Merge pull request #41948 from github/repo-sync

Repo sync

content/actions/how-tos/manage-runners/use-proxy-servers.md

@@ -22,11 +22,7 @@ contentType: how-tos
 
 If your runner needs to communicate via a proxy server, you can configure proxy settings using environment variables or system-level configurations.
 
-| Variable      | Description                                                                                           | Example                                                                                     |
-| ------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
-| `https_proxy` | Proxy URL for HTTPS traffic. You can include basic authentication if required.                        | `http://proxy.local`<br>`http://192.168.1.1:8080`<br>`http://username:password@proxy.local` |
-| `http_proxy`  | Proxy URL for HTTP traffic. You can include basic authentication if required.                         | `http://proxy.local`<br>`http://192.168.1.1:8080`<br>`http://username:password@proxy.local` |
-| `no_proxy`    | A comma-separated list of hosts or IP addresses that should bypass the proxy. Some clients only honor IP addresses when connections are made directly to the IP rather than a hostname. | `example.com`<br>`example.com,myserver.local:443,example.org`                               |
+{% data reusables.actions.actions-proxy-environment-variables-table %}
 
 The proxy environment variables are read when the runner application starts, so you must set the environment variables before configuring or starting the runner application. If your proxy configuration changes, you must restart the runner application.
 

content/admin/data-residency/network-details-for-ghecom.md

@@ -12,14 +12,18 @@ redirect_from:
 
 To access your enterprise on {% data variables.enterprise.data_residency_site %}, client systems must:
 
-* Trust the following SSH key fingerprints
-* Have access to the following hostnames and IP addresses
+* Trust {% data variables.product.github %}'s SSH key fingerprints
+* Have access to {% data variables.product.github %}'s hostnames and IP addresses
 
 ## {% data variables.product.github %}'s SSH key fingerprints
 
-* `SHA256:PYES2CtancLX+w0+VvwWRQclfulUkqj6hpZmcKFAO3w` (RSA)
-* `SHA256:TKoEXigNsj5b6XaSOSf20L0y3cuNx41WWM+l4AAK9k4` (ECDSA)
-* `SHA256:LqPvjvQugr3MmzVYw9M3gT7won8/lUPZCSvmNydl7vU` (Ed25519)
+To find these details, use the `/meta` API endpoint for your instance. For example, using the {% data variables.product.prodname_cli %}:
+
+```shell
+gh api /meta --hostname octocorp.ghe.com
+```
+
+For more information, see [AUTOTITLE](/rest/meta/meta).
 
 ## {% data variables.product.github %}'s hostnames
 
@@ -36,8 +40,6 @@ To access your enterprise on {% data variables.enterprise.data_residency_site %}
 
 ### The EU
 
-These are {% data variables.product.company_short %}'s IP address ranges for enterprises hosted in the EU.
-
 | Ranges for egress traffic | Ranges for ingress traffic |
 |--------------------------|---------------------------|
 | 108.143.221.96/28        | 108.143.197.176/28        |
@@ -49,8 +51,6 @@ These are {% data variables.product.company_short %}'s IP address ranges for ent
 
 ### Australia
 
-These are {% data variables.product.company_short %}'s IP address ranges for enterprises hosted in Australia.
-
 | Ranges for egress traffic | Ranges for ingress traffic |
 |--------------------------|---------------------------|
 | 20.5.34.240/28           | 4.237.73.192/28           |
@@ -59,14 +59,20 @@ These are {% data variables.product.company_short %}'s IP address ranges for ent
 
 ### US
 
-These are {% data variables.product.company_short %}'s IP address ranges for enterprises hosted in the US.
-
 | Ranges for egress traffic | Ranges for ingress traffic |
 |--------------------------|---------------------------|
 | 20.221.76.128/28         | 74.249.180.192/28         |
 | 135.233.115.208/28       | 48.214.149.96/28          |
 | 20.118.27.192/28         | 172.202.123.176/28        |
 
+### Japan
+
+| Ranges for egress traffic | Ranges for ingress traffic |
+|--------------------------|-----------------------------|
+| 74.226.88.192/28         | 74.226.88.240/28            |
+| 40.81.180.112/28         | 40.81.176.224/28            |
+| 4.190.169.192/28         | 4.190.169.240/28            |
+
 ## Supported regions for Azure private networking
 
 If you use Azure private networking for {% data variables.product.company_short %}-hosted runners, the supported Azure regions on {% data variables.enterprise.data_residency_site %} differ from those on {% data variables.product.prodname_dotcom_the_website %}.
@@ -95,6 +101,14 @@ If you use Azure private networking for {% data variables.product.company_short
 | arm64 | `centralus`, `eastus2`, `westus3` |
 | GPU | `centralus`, `eastus2`, `westus3` |
 
+### Supported regions in Japan
+
+| Runner type | Supported regions |
+| ----------- | ----------------- |
+| x64 | `japaneast`, `japanwest` |
+| arm64 | `japaneast`, `japanwest` |
+| GPU | `japaneast` |
+
 ### IP ranges for Azure private networking
 
 #### EU
@@ -113,17 +127,30 @@ EU region:
 * 20.240.220.192/28
 * 20.240.211.208/28
 
-#### Austrailia
+#### Australia
 
 Actions IPs:
 * 4.147.140.77
 * 20.53.114.78
 
-Austraila region:
+Australia region:
 * 4.237.73.192/28
 * 20.5.226.112/28
 * 20.248.163.176/28
 
+#### Japan
+
+Actions IPs:
+
+* 20.63.233.164
+* 172.192.153.164
+
+Japan region:
+
+74.226.88.241
+40.81.176.225
+4.190.169.240
+
 #### Required for all regions
 
 * `Storage` service tag
@@ -160,35 +187,3 @@ Austraila region:
 ## IP ranges for {% data variables.product.prodname_importer_proper_name %}
 
 If you're running a migration to your enterprise with {% data variables.product.prodname_importer_proper_name %}, you may need to add certain ranges to an IP allow list. See [AUTOTITLE](/migrations/using-github-enterprise-importer/migrating-between-github-products/managing-access-for-a-migration-between-github-products#configuring-ip-allow-lists-for-migrations).
-
-### Required in the EU
-
-* 4.231.155.80/29
-* 4.225.9.96/29
-* 51.12.152.184/29
-* 20.199.6.80/29
-* 51.12.144.32/29
-* 20.199.1.232/29
-* 51.12.152.240/29
-* 20.19.101.136/29
-* 74.241.131.48/28
-* 51.12.252.16/28
-* 20.240.211.176/28
-* 108.143.221.96/28
-* 20.61.46.32/28
-* 20.224.62.160/28
-
-### Required in Australia
-
-* 20.213.241.72/29
-* 20.11.90.48/29
-* 20.5.34.240/28
-* 20.5.146.128/28
-* 68.218.155.16/28
-
-### Required in the US
-
-* 130.213.245.128/28
-* 20.171.204.144/28
-* 20.171.204.176/28
-* 4.150.167.192/28

content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md

@@ -69,7 +69,8 @@ When creating a security configuration, keep in mind that:
       > When both "{% data variables.product.prodname_code_security %}" and Dependency graph are enabled, this enables dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review).{%- ifversion maven-transitive-dependencies %}
    * **Automatic dependency submission**. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %}
    * **{% data variables.product.prodname_dependabot %} alerts**. To learn about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).
-   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
+   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion dependabot-delegated-alert-dismissal %}
+   * **Prevent direct alert dismissals**. To learn more, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal).{% endif %}{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
    * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
@@ -108,7 +109,8 @@ When creating a security configuration, keep in mind that:
       > When both "{% data variables.product.prodname_GHAS %}" and Dependency graph are enabled, this enables dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review).{%- ifversion maven-transitive-dependencies %}
    * **Automatic dependency submission**. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %}
    * **{% data variables.product.prodname_dependabot %} alerts**. To learn about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).
-   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
+   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion dependabot-delegated-alert-dismissal %}
+   * **Prevent direct alert dismissals**. To learn more, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal).{% endif %}{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
    * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.

content/admin/overview/establishing-a-governance-framework-for-your-enterprise.md

@@ -122,7 +122,10 @@ You may want to set up an approval process for better control over who in your e
 
 Approval processes are available for:
 * Bypasses of push protection—You can choose who is allowed to bypass push protection, and add a review and approval cycle for pushes containing secrets from all other contributors. For more information about **delegated bypass for push protection**, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection).{% ifversion security-delegated-alert-dismissal %}
-* Dismissals of alerts for {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}—You can provide additional control and visibility over alert assessment by ensuring that only designated individuals can dismiss (or close) alerts. For more information about **delegated alert dismissal**, see [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning) and [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning).
+* Dismissals of alerts for {% data variables.product.prodname_code_scanning %}{% ifversion dependabot-delegated-alert-dismissal %}, {% data variables.product.prodname_dependabot %},{% endif %} and {% data variables.product.prodname_secret_scanning %}—You can provide additional control and visibility over alert assessment by ensuring that only designated individuals can dismiss (or close) alerts. For more information about **delegated alert dismissal**, see the following articles:
+  * [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning){% ifversion dependabot-delegated-alert-dismissal %}
+  * [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal){% endif %}
+  * [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning)
 
 {% endif %}
 

content/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses.md

@@ -19,13 +19,7 @@ topics:
 shortTitle: GitHub's IP addresses
 ---
 
-You can retrieve a list of the IP addresses for {% data variables.product.prodname_dotcom_the_website %} from the [meta](https://api.github.com/meta) API endpoint. For more information, see [AUTOTITLE](/rest/meta).
-
-{% ifversion ghec %}
-
-If you access {% data variables.product.github %} on a subdomain of {% data variables.enterprise.data_residency_site %}, the meta endpoint does not return IP ranges for your subdomain. See [AUTOTITLE](/admin/data-residency/network-details-for-ghecom#githubs-ip-addresses).
-
-{% endif %}
+You can retrieve a list of the IP addresses for your {% data variables.product.github %} environment from the [meta](https://api.github.com/meta) API endpoint. For more information, see [AUTOTITLE](/rest/meta).
 
 > [!NOTE]
 > The list of {% data variables.product.prodname_dotcom %} IP addresses returned by the Meta API is not intended to be an exhaustive list. For example, IP addresses for some {% data variables.product.prodname_dotcom %} services might not be listed, such as LFS or {% data variables.product.prodname_registry %}.

content/code-security/code-scanning/index.md

@@ -25,4 +25,5 @@ children:
   - /integrating-with-code-scanning
   - /troubleshooting-code-scanning
   - /troubleshooting-sarif-uploads
+  - /reference
 ---

content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md

@@ -127,7 +127,7 @@ Anyone with push access to a pull request can fix a {% data variables.product.pr
 When {% data variables.copilot.copilot_autofix_short %} is enabled for a repository, alerts are displayed in pull requests as normal and information from any alerts found by {% data variables.product.prodname_code_scanning %} is automatically sent to the LLM for processing. When LLM analysis is complete, any results are published as comments on relevant alerts. For more information, see [AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning).
 
 > [!NOTE]
-> * {% data variables.copilot.copilot_autofix_short %} supports a subset of {% data variables.product.prodname_codeql %} queries. For information about the availability of {% data variables.copilot.copilot_autofix_short %}, see the query tables linked from [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites#query-lists-for-the-default-query-suites).
+> * {% data variables.copilot.copilot_autofix_short %} supports a subset of {% data variables.product.prodname_codeql %} queries. For information about the availability of {% data variables.copilot.copilot_autofix_short %}, see the query tables linked from [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries).
 > * When analysis is complete, all relevant results are published to the pull request at once. If at least one alert in your pull request has an {% data variables.copilot.copilot_autofix_short %} suggestion, you should assume that the LLM has finished identifying potential fixes for your code.
 > * On alerts generated from queries that are not supported by {% data variables.copilot.copilot_autofix_short %}, you will see a note telling you that the query is not supported. If a suggestion for a supported query fails to generate, you will see a note on the alert prompting you to try pushing another commit or to contact support.
 > * {% data variables.copilot.copilot_autofix_short %} for {% data variables.product.prodname_code_scanning %} alerts won't be able to generate a fix for every alert in every situation. The feature operates on a best-effort basis and is not guaranteed to succeed 100% of the time. For information about the limitations of automatically generated fixes, see [Limitations of suggestions](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning#limitations-of-suggestions).

content/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites.md

@@ -1,7 +1,7 @@
 ---
 title: CodeQL query suites
 shortTitle: CodeQL query suites
-intro: 'You can choose from different built-in {% data variables.product.prodname_codeql %} query suites to use in your {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} setup.'
+intro: You can choose from different built-in {% data variables.product.prodname_codeql %} query suites to use in your {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} setup.
 product: '{% data reusables.gated-features.codeql %}'
 versions:
   fpt: '*'
@@ -14,6 +14,7 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+contentType: other
 ---
 
 ## About {% data variables.product.prodname_codeql %} query suites
@@ -43,11 +44,7 @@ The built-in {% data variables.product.prodname_codeql %} query suites, `default
 * Relative to the `default` query suite, the `security-extended` suite may return a greater number of false positive {% data variables.product.prodname_code_scanning %} results.
 * This query suite is available for use with default setup for {% data variables.product.prodname_code_scanning %}, and is referred to as the "Extended" query suite on {% data variables.product.prodname_dotcom %}.
 
-## Query lists for the default query suites
-
-For each language, the following article lists which queries are included in the `default` and the `security-extended` suites. {% ifversion code-scanning-autofix %}Where {% data variables.copilot.copilot_autofix_short %} is available for a language, details of which queries are supported are also included.{% endif %}
-
-{% data reusables.code-scanning.codeql-query-tables.links-to-all-tables %}
+For a complete list of queries included in each query suite for every language, see [AUTOTITLE](/code-security/code-scanning/reference).
 
 ## Further reading
 

content/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning.md

@@ -46,3 +46,7 @@ You must configure delegated dismissal for your enterprise using a custom securi
 1. Apply the security configuration to all (or selected) repositories in your enterprise. See [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise).
 
 To learn more about security configurations, see [AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale).
+
+## Next steps
+
+Now that you have enabled delegated alert dismissal for {% data variables.product.prodname_code_scanning %}, you should regularly review alert dismissal requests to maintain an accurate alert count and unblock your developers. See [AUTOTITLE](/code-security/security-overview/review-alert-dismissal-requests).

content/code-security/code-scanning/managing-your-code-scanning-configuration/github-actions-built-in-queries.md

@@ -1,23 +0,0 @@
----
-title: GitHub Actions queries for CodeQL analysis
-shortTitle: GitHub Actions queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze workflows used by {% data variables.product.prodname_actions %} when you select the `default` or the `security-extended` query suite.'
-product: '{% data reusables.gated-features.codeql %}'
-allowTitleToDifferFromFilename: true
-versions:
-  fpt: '*'
-  ghes: '*'
-  ghec: '*'
-type: reference
-topics:
-  - Code scanning
-  - CodeQL
----
-
-{% data variables.product.prodname_codeql %} includes many queries for analyzing workflows used by {% data variables.product.prodname_actions %}. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}
-
-## Built-in queries for workflow analysis
-
-{% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
-
-{% data reusables.code-scanning.codeql-query-tables.actions %}

content/code-security/code-scanning/managing-your-code-scanning-configuration/index.md

@@ -1,7 +1,7 @@
 ---
 title: Managing your code scanning configuration
 shortTitle: Manage code scanning
-intro: 'You can manage your existing {% data variables.product.prodname_code_scanning %} configuration with the help of metrics and logging outputs generated by your analysis.'
+intro: You can manage your existing {% data variables.product.prodname_code_scanning %} configuration with the help of metrics and logging outputs generated by your analysis.
 product: '{% data reusables.gated-features.code-scanning %}'
 versions:
   fpt: '*'
@@ -14,20 +14,10 @@ topics:
 children:
   - /about-the-tool-status-page
   - /editing-your-configuration-of-default-setup
+  - /codeql-query-suites
   - /set-code-scanning-merge-protection
   - /enabling-delegated-alert-dismissal-for-code-scanning
-  - /codeql-query-suites
   - /configuring-larger-runners-for-default-setup
   - /viewing-code-scanning-logs
-  - /actions-built-in-queries
-  - /c-cpp-built-in-queries
-  - /csharp-built-in-queries
-  - /github-actions-built-in-queries
-  - /go-built-in-queries
-  - /java-kotlin-built-in-queries
-  - /javascript-typescript-built-in-queries
-  - /python-built-in-queries
-  - /ruby-built-in-queries
-  - /rust-built-in-queries
-  - /swift-built-in-queries
 ---
+

content/code-security/code-scanning/reference/code-ql-built-in-queries/about-built-in-queries.md

@@ -0,0 +1,25 @@
+---
+title: About built-in CodeQL queries
+shortTitle: About built-in queries
+allowTitleToDifferFromFilename: true
+intro: Learn about the CodeQL queries that code scanning uses to analyze code.
+product: '{% data reusables.gated-features.code-scanning %}'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+type: overview
+topics:
+  - Code Security
+  - Code scanning
+  - CodeQL
+contentType: other
+---
+
+## About built-in queries for CodeQL analysis
+
+For each language, the following articles list which queries are included in the `default` and the `security-extended` suites. {% ifversion code-scanning-autofix %}Where {% data variables.copilot.copilot_autofix_short %} is available for a language, details of which queries are supported are also included.{% endif %}
+
+{% data reusables.code-scanning.codeql-query-tables.links-to-all-tables %}
+
+For more information about CodeQL query suites, see [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites).

content/code-security/code-scanning/reference/code-ql-built-in-queries/actions-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
-title: Actions queries for CodeQL analysis
-shortTitle: Actions CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in {% data variables.product.prodname_actions %} workflow files when you select the `default` or the `security-extended` query suite.'
+title: GitHub Actions queries for CodeQL analysis
+shortTitle: Actions queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in {% data variables.product.prodname_actions %} workflow files when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,10 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/actions-built-in-queries
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/github-actions-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing {% data variables.product.prodname_actions %} workflows. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/c-cpp-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: C and C++ queries for CodeQL analysis
-shortTitle: C and C++ CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in C or C++ when you select the `default` or the `security-extended` query suite.'
+shortTitle: C and C++ queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in C or C++ when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/c-cpp-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing C and C++ code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/csharp-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: C# queries for CodeQL analysis
-shortTitle: C# CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in C# when you select the `default` or the `security-extended` query suite.'
+shortTitle: C# queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in C# when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/csharp-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing C# code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/go-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: Go queries for CodeQL analysis
-shortTitle: Go CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Go (Golang) when you select the `default` or the `security-extended` query suite.'
+shortTitle: Go queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Go (Golang) when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/go-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Go code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/index.md

@@ -0,0 +1,27 @@
+---
+title: Queries for CodeQL analysis
+shortTitle: CodeQL queries
+intro: Explore the CodeQL queries that code scanning uses to analyze code.
+product: '{% data reusables.gated-features.code-scanning %}'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+topics:
+  - Code Security
+  - Code scanning
+  - CodeQL
+children:
+  - /about-built-in-queries
+  - /actions-built-in-queries
+  - /c-cpp-built-in-queries
+  - /csharp-built-in-queries
+  - /go-built-in-queries
+  - /java-kotlin-built-in-queries
+  - /javascript-typescript-built-in-queries
+  - /python-built-in-queries
+  - /ruby-built-in-queries
+  - /rust-built-in-queries
+  - /swift-built-in-queries
+---
+

content/code-security/code-scanning/reference/code-ql-built-in-queries/java-kotlin-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: Java and Kotlin queries for CodeQL analysis
-shortTitle: Java and Kotlin CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Java or Kotlin when you select the `default` or the `security-extended` query suite.'
+shortTitle: Java and Kotlin queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Java or Kotlin when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Java and Kotlin code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/javascript-typescript-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: JavaScript and TypeScript queries for CodeQL analysis
 shortTitle: JavaScript and TypeScript queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in JavaScript or TypeScript when you select the `default` or the `security-extended` query suite.'
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in JavaScript or TypeScript when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/javascript-typescript-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing JavaScript and TypeScript code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/python-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: Python queries for CodeQL analysis
-shortTitle: Python CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Python when you select the `default` or the `security-extended` query suite.'
+shortTitle: Python queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Python when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/python-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Python code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/ruby-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: Ruby queries for CodeQL analysis
-shortTitle: Ruby CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Ruby when you select the `default` or the `security-extended` query suite.'
+shortTitle: Ruby queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Ruby when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/ruby-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Ruby code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/rust-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: Rust queries for CodeQL analysis
-shortTitle: Rust CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Rust when you select the `default` or the `security-extended` query suite.'
+shortTitle: Rust queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Rust when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/rust-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Rust code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/code-ql-built-in-queries/swift-built-in-queries.md

@@ -1,7 +1,7 @@
 ---
 title: Swift queries for CodeQL analysis
-shortTitle: Swift CodeQL queries
-intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Swift when you select the `default` or the `security-extended` query suite.'
+shortTitle: Swift queries
+intro: Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Swift when you select the `default` or the `security-extended` query suite.
 product: '{% data reusables.gated-features.codeql %}'
 allowTitleToDifferFromFilename: true
 versions:
@@ -12,6 +12,9 @@ type: reference
 topics:
   - Code scanning
   - CodeQL
+redirect_from:
+  - /code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries
+contentType: other
 ---
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Swift code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

content/code-security/code-scanning/reference/index.md

@@ -0,0 +1,16 @@
+---
+title: Reference for code scanning
+shortTitle: Reference
+intro: Reference documentation for {% data variables.product.prodname_code_scanning %}.
+product: '{% data reusables.gated-features.code-scanning %}'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+topics:
+  - Code Security
+  - Code scanning
+  - CodeQL
+children:
+  - /code-ql-built-in-queries
+---

content/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal.md

@@ -0,0 +1,51 @@
+---
+title: Enabling delegated alert dismissal for Dependabot
+intro: 'Increase your governance over your {% data variables.product.prodname_dependabot_alerts %} with delegated alert dismissal.'
+permissions: '{% data reusables.permissions.delegated-alert-dismissal %}'
+shortTitle: Enable delegated alert dismissal
+versions:
+  feature: dependabot-delegated-alert-dismissal
+type: how_to
+topics:
+  - Dependabot
+  - Code Security
+  - Security updates
+  - Alerts
+  - Dependencies
+---
+
+## About enabling delegated alert dismissal
+
+{% data reusables.security.delegated-alert-dismissal-intro %}
+
+## Configuring delegated dismissal for a repository
+
+>[!NOTE] If an organization owner configures delegated alert dismissal via an enforced security configuration, the settings can't be changed at the repository level.
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-settings %}
+{% data reusables.repositories.navigate-to-code-security-and-analysis %}{% ifversion ghas-products %}{% else %}
+{% data reusables.repositories.navigate-to-ghas-settings %}{% endif %}
+1. In the "{% data variables.product.prodname_dependabot %}" section, next to "Prevent direct alert dismissals", click **Enable**.
+
+## Configuring delegated dismissal for an organization
+
+You must configure delegated dismissal for your organization using a custom security configuration. You can then apply the security configuration to all (or selected) repositories in your organization.
+
+1. Start creating or editing a custom security configuration. See [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration#creating-a-custom-security-configuration).
+1. In the "Dependency scanning" section of your security configuration, set "Prevent direct alert dismissals" to **Enabled**.
+1. Click **Save configuration**.
+1. Apply the security configuration to repositories in your organization. See [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-a-custom-security-configuration).
+
+## Configuring delegated dismissal for an enterprise
+
+You must configure delegated dismissal for your enterprise using a custom security configuration. You can then apply the security configuration to all (or selected) repositories in your enterprise.
+
+1. Start creating or editing a custom security configuration. See [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise).
+1. In the "Dependency scanning" section of your security configuration, set "Prevent direct alert dismissals" to **Enabled**.
+1. Click **Save configuration**.
+1. Apply the security configuration to repositories in your enterprise. See [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise).
+
+## Next steps
+
+Now that you have enabled delegated alert dismissal for {% data variables.product.prodname_dependabot %}, you should regularly review alert dismissal requests to maintain an accurate alert count and unblock your developers. See [AUTOTITLE](/code-security/security-overview/review-alert-dismissal-requests).

content/code-security/dependabot/dependabot-alerts/index.md

@@ -17,5 +17,6 @@ children:
   - /about-dependabot-alerts
   - /configuring-dependabot-alerts
   - /viewing-and-updating-dependabot-alerts
+  - /enable-delegated-alert-dismissal
   - /configuring-notifications-for-dependabot-alerts
 ---

content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning.md

@@ -51,3 +51,7 @@ To learn more about security configurations, see [AUTOTITLE](/code-security/secu
 1. Apply the security configuration to all (or selected) repositories in your enterprise. See [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise).
 
 {% endif %}
+
+## Next steps
+
+Now that you have enabled delegated alert dismissal for {% data variables.product.prodname_secret_scanning %}, you should regularly review alert dismissal requests to maintain an accurate alert count and unblock your developers. See [AUTOTITLE](/code-security/security-overview/review-alert-dismissal-requests).

content/code-security/securing-your-organization/enabling-security-features-in-your-organization/creating-a-custom-security-configuration.md

@@ -70,7 +70,8 @@ You can also choose whether or not you want to include {% data variables.product
       > When both "{% data variables.product.prodname_code_security %}" and Dependency graph are enabled, this enables dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review).{%- ifversion maven-transitive-dependencies %}
    * **Automatic dependency submission**. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %}
    * **{% data variables.product.prodname_dependabot %} alerts**. To learn about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).
-   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
+   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion dependabot-delegated-alert-dismissal %}
+   * **Prevent direct alert dismissals**. To learn more, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal).{% endif %}{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
    * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
@@ -110,7 +111,8 @@ You can also choose whether or not you want to include {% data variables.product
       > When both "{% data variables.product.prodname_GHAS %}" and Dependency graph are enabled, this enables dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review).{%- ifversion maven-transitive-dependencies %}
    * **Automatic dependency submission**. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %}
    * **{% data variables.product.prodname_dependabot %} alerts**. To learn about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).
-   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
+   * **Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion dependabot-delegated-alert-dismissal %}
+   * **Prevent direct alert dismissals**. To learn more, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal).{% endif %}{% ifversion fpt or ghec %}
 1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
 1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
    * **Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.

content/code-security/securing-your-organization/fixing-security-alerts-at-scale/creating-managing-security-campaigns.md

@@ -89,7 +89,7 @@ For more information about filtering alerts, see [AUTOTITLE](/code-security/secu
 
 In addition to the core filters, you will usually want to add a filter to limit results to a specific rule name, severity, or tag.
 
-* `is:open autofilter:true {% ifversion security-campaigns-autofix %}autofix:supported {% endif %}rule:java/log-injection` to show only alerts for log injection in Java code. See [Query lists for the default query suites](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites#query-lists-for-the-default-query-suites).
+* `is:open autofilter:true {% ifversion security-campaigns-autofix %}autofix:supported {% endif %}rule:java/log-injection` to show only alerts for log injection in Java code. See [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries).
 * `is:open autofilter:true {% ifversion security-campaigns-autofix %}autofix:supported {% endif %}tag:external/cwe/cwe-117` to show only alerts for "CWE 117: Improper Output Neutralization for Logs". This includes log injection in Java and other languages.
 * `is:open autofilter:true {% ifversion security-campaigns-autofix %}autofix:supported {% endif %}severity:critical` to show only alerts with a security severity of critical.
 

content/code-security/security-overview/index.md

@@ -24,4 +24,5 @@ children:
   - /viewing-metrics-for-secret-scanning-push-protection
   - /viewing-metrics-for-pull-request-alerts
   - /reviewing-requests-to-bypass-push-protection
+  - /review-alert-dismissal-requests
 ---

content/code-security/security-overview/review-alert-dismissal-requests.md

@@ -0,0 +1,43 @@
+---
+title: Reviewing alert dismissal requests
+shortTitle: Review alert dismissal requests
+intro: 'Triage and resolve security alerts in your organization or enterprise by regularly reviewing alert dismissal requests.'
+permissions: '{% data reusables.permissions.security-overview %}'
+product: 'Organizations or enterprises with {% data variables.product.prodname_GHAS_cs_or_sp %}'
+type: how_to
+topics:
+  - Security overview
+  - Organizations
+  - Teams
+  - Secret scanning
+  - Code scanning
+  - Dependabot
+  - Alerts
+versions:
+  feature: security-delegated-alert-dismissal
+---
+
+## Prerequisites
+
+To receive and manage alert dismissal requests, you need to enable delegated alert dismissal. For an introduction to delegated alert dismissal and enablement instructions for specific features, see:
+* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning)
+* [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning){% ifversion dependabot-delegated-alert-dismissal %}
+* [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal){% endif %}
+
+## Reviewing requests for an organization
+
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.security-overview %}
+{% data reusables.security-overview.choose-alert-dismissal-request-view %}
+1. Optionally, to filter requests by source repository, reviewer, requester, timeframe, or status, use the dropdown menus at the top of the list of requests.
+{% data reusables.security-overview.review-an-alert-dismissal-request %}
+
+## Reviewing requests across your enterprise
+
+> [!NOTE] To review an alert dismissal request at the enterprise level, you must be an organization owner or security manager for the source organization, or be granted the necessary permissions through a custom role.
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.code-scanning.click-code-security-enterprise %}
+{% data reusables.security-overview.choose-alert-dismissal-request-view %}
+1. Optionally, to filter requests by source organization, reviewer, requester, timeframe, or status, use the dropdown menus at the top of the list of requests.
+{% data reusables.security-overview.review-an-alert-dismissal-request %}

content/code-security/trialing-github-advanced-security/trial-advanced-security.md

@@ -23,10 +23,11 @@ contentType: how-tos
 
 To set up a trial of {% data variables.product.prodname_GHAS %} using this method, you must meet the following criteria:
 
-1. Be an owner of an enterprise account. See [AUTOTITLE](/enterprise-cloud@latest/admin/overview/about-enterprise-accounts).
-1. Pay by credit card or PayPal.
-1. Have not previously purchased or had a trial of {% data variables.product.prodname_GHAS %}.
+1. You are an owner of an enterprise account. See [AUTOTITLE](/enterprise-cloud@latest/admin/overview/about-enterprise-accounts).
+1. You pay by credit card or PayPal.
+1. You have not previously purchased {% data variables.product.prodname_GHAS %} (that is, you do not currently or in the past have a paid license for {% data variables.product.prodname_GHAS %}).
 1. You are not already using metered billing for {% data variables.product.prodname_GHAS %}.
+1. If you have had a previous {% data variables.product.prodname_GHAS %} trial, you are eligible only if you have had no more than one previous trial and it ended at least 180 days ago.
 
 > [!TIP]
 > * **No enterprise account?** Start a trial of {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GHAS %}. See [AUTOTITLE](/enterprise-cloud@latest/admin/overview/setting-up-a-trial-of-github-enterprise-cloud).

content/copilot/concepts/agents/about-agent-skills.md

@@ -0,0 +1,75 @@
+---
+title: About Agent Skills
+shortTitle: Agent Skills
+intro: 'Agent Skills enhance the ability of {% data variables.copilot.copilot_coding_agent %}, the {% data variables.copilot.copilot_cli %} and {% data variables.product.prodname_vscode %} Insiders to perform specialized tasks.'
+product: '{% data reusables.gated-features.copilot-coding-agent %}<br><br>{% data reusables.gated-features.copilot-cli %}<br><a href="https://github.com/features/copilot/plans?ref_product=copilot&ref_type=purchase&ref_style=button" target="_blank" class="btn btn-primary mt-3 mr-3 no-underline"><span>Sign up for {% data variables.product.prodname_copilot_short %}</span> {% octicon "link-external" height:16 %}</a>'
+versions:
+  feature: copilot
+topics:
+  - Copilot
+---
+
+## About Agent Skills
+
+Agent Skills are folders of instructions, scripts, and resources that {% data variables.product.prodname_copilot_short %} can load when relevant to improve its performance in specialized tasks. Agent Skills is an [open standard](https://github.com/agentskills/agentskills), used by a range of different agents.
+
+Agent Skills work with {% data variables.copilot.copilot_coding_agent %}, the {% data variables.copilot.copilot_cli %} and agent mode in {% data variables.product.prodname_vscode %} Insiders. Support in the stable version of {% data variables.product.prodname_vscode_shortname %} is coming soon.
+
+You can create your own skills to teach {% data variables.product.prodname_copilot_short %} to perform tasks in a specific, repeatable way—or use skills shared online, for example in the [`anthropics/skills`](https://github.com/anthropics/skills) repository or {% data variables.product.company_short %}'s community created [`github/awesome-copilot`](https://github.com/github/awesome-copilot) collection.
+
+Currently, skills can only be created at the repository level. Support for organization-level and enterprise-level skills is coming soon.
+
+You can use both skills and custom instructions to teach {% data variables.product.prodname_copilot_short %} how to work in your repository and how to perform specific tasks. We recommend using custom instructions for simple instructions relevant to almost every task (for example information about your repository's coding standards), and skills for more detailed instructions that {% data variables.product.prodname_copilot_short %} should access when relevant. To learn more about repository custom instructions, see [AUTOTITLE](/copilot/how-tos/configure-custom-instructions/add-repository-instructions).
+
+> [!NOTE]
+> {% data reusables.cli.preview-note-cli-body %}
+
+
+## Adding skills to your repository
+
+1. Create a `.github/skills` directory to store your skills.
+
+    > [!NOTE]
+    > Skills stored in the `.claude/skills` directory are also supported.
+
+1. Create a subdirectory for your new skill. Each skill should have its own directory (for example, `.github/skills/webapp-testing`). Skill directory names should be lowercase, use hyphens for spaces, and typically match the `name` in the `SKILL.md` frontmatter.
+
+1. Create a `SKILL.md` file with your skill's instructions.
+
+   > [!NOTE]
+   > Skill files must be named `SKILL.md`.
+
+    `SKILL.md` files are Markdown files with YAML frontmatter. In their simplest form, they include:
+
+    * YAML frontmatter
+      * **name** (required): A unique identifier for the skill. This must be lowercase, using hyphens for spaces.
+      * **description** (required): A description of what the skill does, and when {% data variables.product.prodname_copilot_short %} should use it.
+      * **license** (optional): A description of the license that applies to this skill.
+    * A Markdown body, with the instructions, examples and guidelines for {% data variables.product.prodname_copilot_short %} to follow.
+
+1. Optionally, add scripts, examples or other resources to your skill's directory. For example, if you were writing a skill for converting images between different formats, you might include a script for converting SVG images to PNG.
+
+### Example `SKILL.md` file
+
+This file would be located in the `.github/skills/github-actions-failure-debugging` directory.
+
+```markdown copy
+---
+name: github-actions-failure-debugging
+description: Guide for debugging failing GitHub Actions workflows. Use this when asked to debug failing GitHub Actions workflows.
+---
+
+To debug failing GitHub Actions workflows in a pull request, follow this process, using tools provided from the GitHub MCP Server:
+
+1. Use the `list_workflow_runs` tool to look up recent workflow runs for the pull request and their status
+2. Use the `summarize_job_log_failures` tool to get an AI summary of the logs for failed jobs, to understand what went wrong without filling your context windows with thousands of lines of logs
+3. If you still need more information, use the `get_job_logs` or `get_workflow_run_logs` tool to get the full, detailed failure logs
+4. Try to reproduce the failure yourself in your own environment.
+5. Fix the failing build. If you were able to reproduce the failure yourself, make sure it is fixed before committing your changes.
+```
+
+## How {% data variables.product.prodname_copilot_short %} uses skills
+
+When performing tasks, {% data variables.product.prodname_copilot_short %} will decide when to use your skills based on your prompt and the skill's description.
+
+When {% data variables.product.prodname_copilot_short %} chooses to use a skill, the `SKILL.md` file will be injected in the agent's context, giving the agent access to your instructions. It can then follow those instructions, and use any scripts or examples you may have included in the skill's directory.

content/copilot/concepts/agents/about-copilot-cli.md

@@ -142,6 +142,15 @@ The following sections provide examples of tasks you can complete with {% data v
 
   `Branch off from main and create a {% data variables.product.prodname_actions %} workflow that will run on pull requests, or can be run manually. The workflow should run eslint to check for problems in the changes made in the PR. If warnings or errors are found these should be shown as messages in the diff view of the PR. I want to prevent code with errors from being merged into main so, if any errors are found, the workflow should cause the PR check to fail. Push the new branch and create a pull request.`
 
+## Customizing {% data variables.copilot.copilot_cli %}
+
+You can customize {% data variables.copilot.copilot_cli %} in a number of ways:
+
+* **Custom instructions**: Custom instructions allow you to give {% data variables.product.prodname_copilot_short %} additional context on your project and how to build, test and validate its changes. For more information, see [AUTOTITLE](/copilot/how-tos/use-copilot-agents/use-copilot-cli#use-custom-instructions).
+* **Model Context Protocol (MCP) servers**: MCP servers allow you to give {% data variables.product.prodname_copilot_short %} access to different data sources and tools. For more information, see [AUTOTITLE](/copilot/how-tos/use-copilot-agents/use-copilot-cli#add-an-mcp-server).
+* **{% data variables.copilot.custom_agents_caps_short %}**: {% data variables.copilot.custom_agents_caps_short %} allow you to create different specialized versions of {% data variables.product.prodname_copilot_short %} for different tasks. For example, you could customize {% data variables.product.prodname_copilot_short %} to be an expert frontend engineer following your team's guidelines. For more information, see [AUTOTITLE](/copilot/how-tos/use-copilot-agents/use-copilot-cli#use-custom-agents).
+* **Skills**: Skills allow you to enhance the ability of {% data variables.product.prodname_copilot_short %} to perform specialized tasks with instructions, scripts, and resources. For more information, see [AUTOTITLE](/copilot/concepts/agents/about-agent-skills).
+
 ## Security considerations
 
 When you use {% data variables.copilot.copilot_cli_short %}, {% data variables.product.prodname_copilot_short %} can perform tasks on your behalf, such as executing or modifying files, or running shell commands.

content/copilot/concepts/agents/coding-agent/about-coding-agent.md

@@ -43,9 +43,7 @@ To delegate tasks to {% data variables.copilot.copilot_coding_agent %}, you can:
 
 While working on a coding task, {% data variables.copilot.copilot_coding_agent %} has access to its own ephemeral development environment, powered by {% data variables.product.prodname_actions %}, where it can explore your code, make changes, execute automated tests and linters and more.
 
-You can also create {% data variables.copilot.custom_agents_short %} to tailor {% data variables.product.prodname_copilot_short %}'s behavior for specific workflows, coding conventions, or specialized tasks. {% data variables.copilot.custom_agents_caps_short %} allow you to define multiple specialized versions of the coding agent—such as a frontend reviewer, test generator, or security auditor—each with their own prompts, tools, and capabilities. For more information, see [AUTOTITLE](/copilot/concepts/agents/coding-agent/about-custom-agents).
-
-## Benefits over traditional AI workflows
+### Benefits over traditional AI workflows
 
 When used effectively, {% data variables.copilot.copilot_coding_agent %} offers productivity benefits over traditional AI assistants in IDEs:
 
@@ -101,6 +99,15 @@ Within your monthly usage allowance for {% data variables.product.prodname_actio
 
 For more information, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-copilot/about-billing-for-github-copilot#allowance-usage-for-copilot-coding-agent).
 
+## Customizing {% data variables.copilot.copilot_coding_agent %}
+
+You can customize {% data variables.copilot.copilot_coding_agent %} in a number of ways:
+
+* **Custom instructions**: Custom instructions allow you to give {% data variables.product.prodname_copilot_short %} additional context on your project and how to build, test and validate its changes. For more information, see [AUTOTITLE](/copilot/how-tos/configure-custom-instructions/add-repository-instructions).
+* **Model Context Protocol (MCP) servers**: MCP servers allow you to give {% data variables.product.prodname_copilot_short %} access to different data sources and tools. For more information, see [AUTOTITLE](/copilot/how-tos/use-copilot-agents/coding-agent/extend-coding-agent-with-mcp).
+* **{% data variables.copilot.custom_agents_caps_short %}**: {% data variables.copilot.custom_agents_caps_short %} allow you to create different specialized versions of {% data variables.product.prodname_copilot_short %} for different tasks. For example, you could customize {% data variables.product.prodname_copilot_short %} to be an expert frontend engineer following your team's guidelines. For more information, see [AUTOTITLE](/copilot/concepts/agents/coding-agent/about-custom-agents).
+* **Skills**: Skills allow you to enhance the ability of {% data variables.product.prodname_copilot_short %} to perform specialized tasks with instructions, scripts, and resources. For more information, see [AUTOTITLE](/copilot/concepts/agents/about-agent-skills).
+
 ## Built-in security protections
 
 Security is a fundamental consideration when you enable {% data variables.copilot.copilot_coding_agent %}, as with any other AI agent. {% data variables.copilot.copilot_coding_agent %} has a strong base of built-in security protections that you can supplement by following best practice guidance.

content/copilot/concepts/agents/index.md

@@ -12,6 +12,7 @@ children:
   - /code-review
   - /about-copilot-cli
   - /openai-codex
+  - /about-agent-skills
   - /enterprise-management
 contentType: concepts
 ---

content/copilot/how-tos/use-copilot-agents/coding-agent/customize-the-agent-environment.md

@@ -26,6 +26,7 @@ You can customize {% data variables.product.prodname_copilot_short %}'s environm
 * [Preinstall tools or dependencies in {% data variables.product.prodname_copilot_short %}'s environment](#preinstalling-tools-or-dependencies-in-copilots-environment)
 * [Set environment variables in {% data variables.product.prodname_copilot_short %}'s environment](#setting-environment-variables-in-copilots-environment)
 * [Upgrade from standard {% data variables.product.github %}-hosted {% data variables.product.prodname_actions %} runners to larger runners](#upgrading-to-larger-github-hosted-github-actions-runners)
+* [Run on your ARC-based {% data variables.product.prodname_actions %} self-hosted runners](#using-self-hosted-github-actions-runners-with-arc)
 * [Enable Git Large File Storage (LFS)](#enabling-git-large-file-storage-lfs)
 * [Disable or customize the agent's firewall](/copilot/customizing-copilot/customizing-or-disabling-the-firewall-for-copilot-coding-agent).
 
@@ -140,20 +141,26 @@ jobs:
 
 > [!NOTE]
 > * {% data variables.copilot.copilot_coding_agent %} is only compatible with Ubuntu x64 Linux runners. Runners with Windows, macOS or other operating systems are not supported.
-> * Self-hosted {% data variables.product.prodname_actions %} runners are not supported.
 
 ## Using self-hosted {% data variables.product.prodname_actions %} runners with ARC
 
-You can use ARC (Actions Runner Controller) to run {% data variables.copilot.copilot_coding_agent %} on self-hosted runners. You must first set up ARC-managed scale sets in your environment. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-actions-runner-controller).
+You can run {% data variables.copilot.copilot_coding_agent %} on self-hosted runners powered by ARC (Actions Runner Controller). You must first set up ARC-managed scale sets in your environment. For more information on ARC, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-actions-runner-controller).
 
 > [!WARNING]
-> Persistent runners are not recommended for autoscaling scenarios with {% data variables.copilot.copilot_coding_agent %}.
+> ARC is the only officially supported solution for self-hosting {% data variables.copilot.copilot_coding_agent %}. For security reasons, we do not recommend using non-ARC self-hosted runners with {% data variables.copilot.copilot_coding_agent %}.
 
 > [!NOTE]
-> * ARC is the only officially supported solution for self-hosting {% data variables.copilot.copilot_coding_agent %}.
-> * {% data variables.copilot.copilot_coding_agent %} is only compatible with Ubuntu x64 Linux runners. Runners with Windows, macOS or other operating systems are not supported.
-> * For more information about ARC, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller).
+> {% data variables.copilot.copilot_coding_agent %} is only compatible with Ubuntu x64 Linux runners. Runners with Windows, macOS or other operating systems are not supported.
 
+1. Configure network security controls for your {% data variables.product.prodname_actions %} runners to ensure that {% data variables.copilot.copilot_coding_agent %} does not have open access to your network or the public internet. 
+
+    You must configure your firewall to allow connections to the [standard hosts required for {% data variables.product.prodname_actions %} self-hosted runners](/actions/reference/runners/self-hosted-runners#accessible-domains-by-function), plus the following hosts:
+
+    * `api.githubcopilot.com`
+    * `uploads.github.com`
+    * `user-images.githubusercontent.com`
+
+1. Disable {% data variables.copilot.copilot_coding_agent %}'s integrated firewall in your repository settings. The firewall is not compatible with self-hosted runners. Unless this is disabled, use of {% data variables.copilot.copilot_coding_agent %} will be blocked. For more information, see [AUTOTITLE](/copilot/customizing-copilot/customizing-or-disabling-the-firewall-for-copilot-coding-agent).
 1. In your `copilot-setup-steps.yml` file, set the `runs-on` attribute to your ARC-managed scale set name:
 
    ```yaml
@@ -165,10 +172,13 @@ You can use ARC (Actions Runner Controller) to run {% data variables.copilot.cop
        # ...
    ```
 
-1. Disable {% data variables.copilot.copilot_coding_agent %}'s integrated firewall in your repository settings, as it is not compatible with self-hosted runners. Without disabling the firewall, runners will not be able to connect to {% data variables.product.prodname_copilot_short %}. You must configure your own network security controls before disabling the built-in firewall. For more information, see [AUTOTITLE](/copilot/customizing-copilot/customizing-or-disabling-the-firewall-for-copilot-coding-agent).
-    
-    > [!WARNING]
-    > Disabling the firewall reduces isolation between {% data variables.product.prodname_copilot_short %} and your self-hosted environment. You must implement alternative network security controls to protect your environment.
+1. If you want to configure a proxy server for {% data variables.copilot.copilot_coding_agent %}'s connections to the internet, configure the following environment variables as appropriate:
+
+    {% data reusables.actions.actions-proxy-environment-variables-table %}
+    | `ssl_cert_file`    | The path to the SSL certificate presented by your proxy server. You will need to configure this if your proxy intercepts SSL connections. | `/path/to/key.pem`                               |
+    | `node_extra_ca_certs`    | The path to the SSL certificate presented by your proxy server. You will need to configure this if your proxy intercepts SSL connections. | `/path/to/key.pem`                               |
+
+    You can set these environment variables by following the [instructions above](#setting-environment-variables-in-copilots-environment), or by baking the environment variables into your custom runner image. For more information on building a custom image, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller#creating-your-own-runner-image).
 
 ### Security considerations for self-hosted runners
 

content/copilot/how-tos/use-copilot-agents/use-copilot-cli.md

@@ -180,6 +180,12 @@ In the case of naming conflicts, a system-level agent overrides a repository-lev
 
 For more information, see [AUTOTITLE](/copilot/how-tos/use-copilot-agents/coding-agent/create-custom-agents).
 
+### Use skills
+
+You can create skills to enhance the ability of {% data variables.product.prodname_copilot_short %} to perform specialized tasks with instructions, scripts, and resources.
+
+For more information, see [AUTOTITLE](/copilot/concepts/agents/about-agent-skills).
+
 ### Add an MCP server
 
 {% data variables.copilot.copilot_cli_short %} comes with the {% data variables.product.github %} MCP server already configured. This MCP server allows you to interact with resources on {% data variables.product.prodname_dotcom_the_website %}—for example, allowing you to merge pull requests from the CLI.

content/copilot/reference/copilot-usage-metrics/copilot-usage-metrics.md

@@ -63,7 +63,7 @@ These metrics appear in the code generation dashboard and provide a breakdown of
 
 ## API and export fields
 
-These fields appear in the exported NDJSON reports and in the {% data variables.product.prodname_copilot_short %} usage metrics APIs. They provide granular daily records for each user included in the requested enterprise or organization scope.
+These fields appear in the exported NDJSON reports and in the {% data variables.product.prodname_copilot_short %} usage metrics APIs. They provide daily records at the enterprise, organization, or user scope, depending on the metric.
 
 | Field | Description |
 |:--|:--|
@@ -85,3 +85,14 @@ These fields appear in the exported NDJSON reports and in the {% data variables.
 | `totals_by_language_feature` | Breakdown combining language and feature dimensions. |
 | `totals_by_model_feature` / `totals_by_language_model` | Model-specific breakdowns for chat activity (not completions). |
 | `last_known_ide_version` / `last_known_plugin_version` | The most recent IDE and {% data variables.copilot.copilot_chat_short %} extension version detected for each user. |
+
+### Pull request activity fields (API only)
+
+These fields capture daily pull request creation and review activity across the enterprise, including activity performed by {% data variables.product.prodname_copilot_short %}.
+
+| Field | Description |
+|:--|:--|
+| `pull_requests.total_created` | Total number of pull requests created across the enterprise on this specific day. <br/><br/>Creation is a one-time event. Each pull request is counted only on the day it is created. |
+| `pull_requests.total_reviewed` | Total number of pull requests reviewed across the enterprise on this specific day. <br/><br/>The same pull request may be counted on multiple days if it receives reviews on multiple days. Within a single day, each pull request is counted once, even if multiple review actions occur. |
+| `pull_requests.total_created_by_copilot` | Number of pull requests created by {% data variables.product.prodname_copilot_short %} across the enterprise on this specific day. |
+| `pull_requests.total_reviewed_by_copilot` | Number of pull requests reviewed by {% data variables.product.prodname_copilot_short %} across the enterprise on this specific day. <br/><br/>A pull request may be counted on multiple days if {% data variables.product.prodname_copilot_short %} reviews it on multiple days. |

content/migrations/using-github-enterprise-importer/migrating-between-github-products/managing-access-for-a-migration-between-github-products.md

@@ -142,7 +142,9 @@ If the source of your migration is {% data variables.product.prodname_ghe_server
 
 ### IP ranges for {% data variables.enterprise.data_residency_site %}
 
-{% data reusables.enterprise-migration-tool.ip-ranges-ghecom %}
+You can get an up-to-date list of IP ranges used by {% data variables.product.prodname_importer_proper_name %} at any time with the "Get {% data variables.product.github %} meta information" endpoint of the REST API.
+
+The `github_enterprise_importer` key in the response contains a list of IP ranges used for migrations.
 
 In addition, if you are migrating from {% data variables.product.prodname_ghe_server %} and using a blob storage account with firewall rules:
 

content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md

@@ -205,6 +205,10 @@ Some of the features listed below are limited to organizations using {% data var
 | {% ifversion security-delegated-alert-dismissal %} |
 | Review and manage {% data variables.product.prodname_code_scanning %} dismissal requests (see [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning)) | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | {% endif %} |
+| {% ifversion dependabot-delegated-alert-dismissal %} |
+| Review {% data variables.product.prodname_dependabot %} alert dismissal requests (see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal)) | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| Bypass {% data variables.product.prodname_dependabot %} alert dismissal requests (see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal)) | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% endif %} |
 
 {% endrowheaders %}
 
@@ -242,6 +246,10 @@ Some of the features listed below are limited to organizations using {% data var
 | {% ifversion security-delegated-alert-dismissal %} |
 | Review and manage {% data variables.product.prodname_code_scanning %} dismissal requests | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | {% endif %} |
+| {% ifversion dependabot-delegated-alert-dismissal %} |
+| Review {% data variables.product.prodname_dependabot %} alert dismissal requests | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| Bypass {% data variables.product.prodname_dependabot %} alert dismissal requests | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
+| {% endif %} |
 | Manage {% data variables.product.prodname_dependabot_security_updates %} (see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)) | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> |
 | Manage an organization's SSH certificate authorities (see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)) | <span role="img" class="octicon-bg-check" aria-label="Yes">✓</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> | <span role="img" class="octicon-bg-x" aria-label="No">✗</span> |
 | {% ifversion projects-v1 %} |

data/features/dependabot-delegated-alert-dismissal.yml

@@ -0,0 +1,6 @@
+# Reference: #20482
+# Delegated alert dismissal for Dependabot
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '> 3.20'

data/reusables/actions/actions-proxy-environment-variables-table.md

@@ -0,0 +1,5 @@
+| Variable      | Description                                                                                           | Example                                                                                     |
+| ------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
+| `https_proxy` | Proxy URL for HTTPS traffic. You can include basic authentication if required.                        | `http://proxy.local`<br>`http://192.168.1.1:8080`<br>`http://username:password@proxy.local` |
+| `http_proxy`  | Proxy URL for HTTP traffic. You can include basic authentication if required.                         | `http://proxy.local`<br>`http://192.168.1.1:8080`<br>`http://username:password@proxy.local` |
+| `no_proxy`    | A comma-separated list of hosts or IP addresses that should bypass the proxy. Some clients only honor IP addresses when connections are made directly to the IP rather than a hostname. | `example.com`<br>`example.com,myserver.local:443,example.org`                               |

data/reusables/cli/preview-note-cli-body.md

@@ -0,0 +1 @@
+{% data variables.copilot.copilot_cli %} is in {% data variables.release-phases.public_preview_dpa %} and subject to change.

data/reusables/cli/preview-note-cli.md

@@ -1,2 +1,2 @@
 > [!NOTE]
-> {% data variables.copilot.copilot_cli %} is in {% data variables.release-phases.public_preview_dpa %} and subject to change.
+> {% data reusables.cli.preview-note-cli-body %}

data/reusables/code-scanning/codeql-query-tables/links-to-all-tables.md

@@ -1,13 +1,12 @@
 {% ifversion code-scanning-actions-language %}
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/actions-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/actions-built-in-queries)
 {% endif %}
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/c-cpp-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/csharp-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/github-actions-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/go-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/javascript-typescript-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/python-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/ruby-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/rust-built-in-queries)
-* [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/c-cpp-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/csharp-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/go-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/java-kotlin-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/javascript-typescript-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/python-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/ruby-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/rust-built-in-queries)
+* [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries/swift-built-in-queries)

data/reusables/data-residency/when-you-adopt-data-residency.md

@@ -7,5 +7,6 @@ The available regions are:
 * EU
 * Australia
 * US
+* Japan
 
 In the future, {% data variables.product.github %} plans to offer {% data variables.enterprise.data_residency_short %} in more regions.

data/reusables/gated-features/copilot-cli.md

@@ -1,3 +1 @@
-{% data variables.copilot.copilot_cli %} is available with the {% data variables.copilot.copilot_pro %}, {% data variables.copilot.copilot_pro_plus %}, {% data variables.copilot.copilot_for_business %} and {% data variables.copilot.copilot_enterprise %} plans.
-
-If you receive {% data variables.product.prodname_copilot_short %} from an organization, the {% data variables.copilot.copilot_cli_short %} policy must be enabled in the organization's settings.
+{% data variables.copilot.copilot_cli %} is available with the {% data variables.copilot.copilot_pro %}, {% data variables.copilot.copilot_pro_plus %}, {% data variables.copilot.copilot_for_business %} and {% data variables.copilot.copilot_enterprise %} plans. If you receive {% data variables.product.prodname_copilot_short %} from an organization, the {% data variables.copilot.copilot_cli_short %} policy must be enabled in the organization's settings.

data/reusables/security-overview/choose-alert-dismissal-request-view.md

@@ -0,0 +1,4 @@
+1. In the "Requests" section of the sidebar, click any of the following options to review alert dismissal requests for the relevant feature:
+    * {% octicon "key" aria-hidden="true" aria-label="key" %} **{% data variables.product.prodname_secret_scanning_caps %} alert dismissal**
+    * {% octicon "codescan" aria-hidden="true" aria-label="codescan" %} **{% data variables.product.prodname_code_scanning_caps %} alert dismissal**{% ifversion dependabot-delegated-alert-dismissal %}
+    * {% octicon "dependabot" aria-hidden="true" aria-label="dependabot" %} **{% data variables.product.prodname_dependabot %} alert dismissal**{% endif %}

data/reusables/security-overview/review-an-alert-dismissal-request.md

@@ -0,0 +1,5 @@
+1. Click the request you want to review.
+1. Read the contents of the alert, as well as the requester's reasoning for the dismissal request.
+1. Next to the dismissal request in the alert timeline, click **Review request**.
+1. Provide any comments for the requester in the text box, then select either **Deny request** or **Approve request**.
+1. Click **Submit review**.

data/reusables/security/delegated-alert-dismissal-intro.md

@@ -1,23 +1,13 @@
-Delegated alert dismissal lets you restrict which users can directly dismiss an alert. When the feature is enabled, users attempting to dismiss an alert will instead create a request for dismissal.
+Delegated alert dismissal lets you restrict which users can directly dismiss an alert. When the feature is enabled:
+* Users with write access to a repository must request to dismiss alerts in that repository.
+* Organization owners and security managers can approve or deny dismissal requests, as well as dismiss alerts directly themselves.
 
-Enabling the feature automatically assigns organization owners and security managers with the permission to approve or deny dismissal requests for alerts. This permission is:
+You can also use custom roles with the following permissions to let other team members manage requests and dismiss alerts directly:
 
-* "Review and manage {% data variables.product.prodname_code_scanning %} alert dismissal requests" permission for {% data variables.product.prodname_code_scanning %}.
+* For {% data variables.product.prodname_code_scanning %}: "Review {% data variables.product.prodname_code_scanning %} alert dismissal requests" and "Bypass {% data variables.product.prodname_code_scanning %} alert dismissal requests"
+* For {% data variables.product.prodname_secret_scanning %}: "Review and manage {% data variables.product.prodname_secret_scanning %} alert dismissal requests"
+* For {% data variables.product.prodname_dependabot %}: "Review {% data variables.product.prodname_dependabot %} alert dismissal requests" and "Bypass {% data variables.product.prodname_dependabot %} alert dismissal requests"
 
-* "Review and manage {% data variables.product.prodname_secret_scanning %} alert dismissal requests" permission for {% data variables.product.prodname_secret_scanning %}. This permission can also be applied to custom roles. Individuals in these custom roles must also have the following permissions, which grant access to alerts in all repositories:
+Reviewers are notified of dismissal requests via email, and can either approve the request to dismiss the alert, or deny the request to leave the alert open. After a request is reviewed, the requester is notified of the outcome via email.
 
-   * "View {% data variables.product.prodname_secret_scanning %} alerts"
-   * "Dismiss or reopen {% data variables.product.prodname_secret_scanning %} alerts"
-  
-For more information about these permissions, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-roles).
-
-To learn more about the security manager role, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization).
-
->[!NOTE] The implementation of this approval process can potentially cause some friction, so it's important to ensure that the team of security managers has adequate coverage before proceeding.
-
-Reviewers (security managers and organization owners):
-
-* Get an email notification for requests. These users need to ensure that they can review these lists periodically, so that there is no backlog and that the process is smooth.
-* Can process requests in a dedicated view in the "Security" tab of the organization. An alert will only be dismissed if the dismissal request is approved; otherwise, the alert will remain open.
-
-Requesters will get an email notification with the decision as to whether the alert can be dismissed or not.
+>[!NOTE] The implementation of this approval process can potentially cause some friction, so it's important to ensure that the team of security managers has adequate coverage to review dismissal requests regularly before proceeding.

src/secret-scanning/data/pattern-docs/fpt/public-docs.yml

@@ -2490,6 +2490,15 @@
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
+- provider: Limbar
+  supportedSecret: Limbar Token
+  secretType: limbar_token
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  base64Supported: false
+  isduplicate: false
 - provider: Linear
   supportedSecret: Linear API Key
   secretType: linear_api_key

src/secret-scanning/data/pattern-docs/ghec/public-docs.yml

@@ -2490,6 +2490,15 @@
   hasValidityCheck: false
   base64Supported: false
   isduplicate: false
+- provider: Limbar
+  supportedSecret: Limbar Token
+  secretType: limbar_token
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  base64Supported: false
+  isduplicate: false
 - provider: Linear
   supportedSecret: Linear API Key
   secretType: linear_api_key