diff --git a/.github/workflows/staging-build-pr-docker.yml b/.github/workflows/staging-build-pr-docker.yml
index 495df5ea23..c2ebc688e3 100644
--- a/.github/workflows/staging-build-pr-docker.yml
+++ b/.github/workflows/staging-build-pr-docker.yml
@@ -10,7 +10,6 @@ on:
       - opened
       - reopened
       - synchronize
-      - unlocked
 
 permissions:
   contents: read
diff --git a/.github/workflows/staging-build-pr.yml b/.github/workflows/staging-build-pr.yml
index 2d5dbbaa08..e469ab411d 100644
--- a/.github/workflows/staging-build-pr.yml
+++ b/.github/workflows/staging-build-pr.yml
@@ -10,7 +10,6 @@ on:
       - opened
       - reopened
       - synchronize
-      - unlocked
 
 permissions:
   contents: read
diff --git a/.github/workflows/staging-undeploy-pr.yml b/.github/workflows/staging-undeploy-pr.yml
index 529d8d2565..c14c18aa72 100644
--- a/.github/workflows/staging-undeploy-pr.yml
+++ b/.github/workflows/staging-undeploy-pr.yml
@@ -8,7 +8,6 @@ on:
   pull_request_target:
     types:
       - closed
-      - locked
 
 permissions:
   contents: read
diff --git a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md
index 8d991bc51e..3ab8b5dbdc 100644
--- a/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md
+++ b/content/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token.md
@@ -29,6 +29,8 @@ Personal access tokens (PATs) are an alternative to using passwords for authenti
 
 {% ifversion fpt %}{% data reusables.user_settings.removes-personal-access-tokens %}{% endif %}
 
+A token with no assigned scopes can only access public information. To use your token to access repositories from the command line, select `repo`. For more information, see “[Available scopes](/apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes)”.
+
 ## Creating a token
 
 {% ifversion fpt %}1. [Verify your email address](/github/getting-started-with-github/verifying-your-email-address), if it hasn't been verified yet.{% endif %}
diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md
index f359289ffc..d100fcbd64 100644
--- a/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md
+++ b/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md
@@ -106,7 +106,7 @@ If your instance has subdomain isolation disabled:
         </repository>
         <repository>
           <id>github</id>
-          <url>https://maven.pkg.github.com/OWNER/*</url>
+          <url>HOSTNAME/_registry/maven/OWNER/*</url>
           <snapshots>
             <enabled>true</enabled>
           </snapshots>
diff --git a/script/deployment/undeploy-from-staging.js b/script/deployment/undeploy-from-staging.js
index 6241115c22..184167bea8 100644
--- a/script/deployment/undeploy-from-staging.js
+++ b/script/deployment/undeploy-from-staging.js
@@ -60,20 +60,21 @@ export default async function undeployFromStaging({
     // that checks for stale PRs. This way, we aren't doing more cleaning than
     // necessary if someone intends to reopen the PR momentarily.
     if (wasMerged) {
-      // Get the latest deployment environment to signal its deactivation
-      const { data: deployments } = await octokit.repos.listDeployments({
+      // Get all of the Deployments to signal this environment's complete deactivation
+      for await (const response of octokit.paginate.iterator(octokit.repos.listDeployments, {
         owner,
         repo,
 
         // In the GitHub API, there can only be one active deployment per environment.
         // For our many staging apps, we must use the unique appName as the environment.
         environment: appName,
-      })
+      })) {
+        const { data: deployments } = response
 
-      if (deployments.length === 0) {
-        console.log('🚀 No deployments to deactivate!')
-      } else {
-        console.log(`Found ${deployments.length} GitHub Deployments`, deployments)
+        console.log(
+          `Found ${deployments.length} GitHub Deployments for Environment ${appName}`,
+          deployments
+        )
 
         // Deactivate ALL of the deployments
         for (const deployment of deployments) {
@@ -106,21 +107,12 @@ export default async function undeployFromStaging({
         }
       }
 
-      // Delete this Environment
-      try {
-        await octokit.repos.deleteAnEnvironment({
-          owner,
-          repo,
-          environment_name: appName,
-        })
-        console.log(`🚀 Environment (${appName}): deleted`)
-      } catch (error) {
-        if (error.status === 404) {
-          console.log(`🚀 Environment (${appName}): already deleted`)
-        } else {
-          throw error
-        }
-      }
+      // IMPORTANT:
+      // We will leave the Deployment Environment to be cleaned up later by the
+      // workflow that checks for stale PRs. This way, we are not doing more
+      // cleaning than necessary if someone intends to reopen the PR momentarily,
+      // and we do not need to use an admin PAT to run this script.
+      console.log(`🚀 Environment (${appName}) is ready to be removed (later...)`)
     }
 
     console.log(`Finished undeploying after ${Math.round((Date.now() - startTime) / 1000)} seconds`)