diff --git a/assets/images/help/copilot/copilot-chat-in-repository.png b/assets/images/help/copilot/copilot-chat-in-repository.png
new file mode 100644
index 0000000000..624bbd9e25
Binary files /dev/null and b/assets/images/help/copilot/copilot-chat-in-repository.png differ
diff --git a/content/code-security/secret-scanning/introduction/about-secret-scanning.md b/content/code-security/secret-scanning/introduction/about-secret-scanning.md
index e973b1fee5..ee1c7429d4 100644
--- a/content/code-security/secret-scanning/introduction/about-secret-scanning.md
+++ b/content/code-security/secret-scanning/introduction/about-secret-scanning.md
@@ -24,7 +24,11 @@ shortTitle: Secret scanning
{% data variables.product.prodname_secret_scanning_caps %} is a security feature that helps detect and prevent the accidental inclusion of sensitive information such as API keys, passwords, tokens, and other secrets in your repository. When enabled, {% data variables.product.prodname_secret_scanning %} scans commits in repositories for known types of secrets and alerts repository administrators upon detection.
-{% data variables.product.prodname_secret_scanning_caps %} scans your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repository for secrets{% ifversion ghec or ghes %}, even if the repository is archived{% endif %}. {% data variables.product.prodname_dotcom %} will also periodically run a full Git history scan for new secret types in existing content in {% ifversion fpt %}public{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} repositories where {% data variables.product.prodname_secret_scanning %} is enabled when new supported secret types are added.
+
+
+{% data variables.product.prodname_secret_scanning_caps %} scans your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repository for secrets{% ifversion ghec or ghes %}, even if the repository is archived{% endif %}. {% data variables.product.prodname_dotcom %} will also periodically run a full Git history scan for new secret types in existing content in {% ifversion fpt %}public repositories{% else %}repositories with {% data variables.product.prodname_GH_secret_protection %} enabled{% endif %} where {% data variables.product.prodname_secret_scanning %} is enabled when new supported secret types are added.
+
+
{% data reusables.secret-scanning.what-is-scanned %}
diff --git a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md
index 59d863278d..a65e41b04b 100644
--- a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md
+++ b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md
@@ -36,16 +36,16 @@ This table lists the secrets supported by {% data variables.product.prodname_sec
* **Provider:** Name of the token provider.{% ifversion fpt or ghec %}
* **Partner:** Token for which leaks are reported to the relevant token partner. Applies to public repositories only.
* **User:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %}
- * Applies to public repositories, and to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled.
+ * Applies to public repositories, and to private repositories where {% data variables.product.prodname_GH_secret_protection %} and {% data variables.product.prodname_secret_scanning %} are enabled.
* Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which usually have a higher ratio of false positives.
* For {% data variables.product.prodname_secret_scanning %} to scan for non-provider patterns, the detection of non-provider patterns must be enabled for the repository or the organization. For more information, see [AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository).
{% data reusables.secret-scanning.non-provider-patterns-beta %}{% endif %}{% endif %}{% ifversion ghes %}
* **{% data variables.product.prodname_secret_scanning_caps %} alert:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %}
- * Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled.
- * Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which often result in false positives.{% else %} Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled.{% endif %}{% endif %}
+ * Applies to private repositories where {% data variables.product.prodname_GH_secret_protection %} and {% data variables.product.prodname_secret_scanning %} are enabled.
+ * Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which often result in false positives.{% else %} Applies to private repositories where {% data variables.product.prodname_GH_secret_protection %} and {% data variables.product.prodname_secret_scanning %} enabled.{% endif %}{% endif %}
* **Push protection:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}. Applies to repositories with {% data variables.product.prodname_secret_scanning %} and push protection enabled.
-* **Validity check:** Token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see [{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security) in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see [AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets) in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %}
+* **Validity check:** Token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see [{% data variables.product.prodname_AS %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security) in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see [AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets) in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %}
{% ifversion secret-scanning-non-provider-patterns %}
diff --git a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
index 0367f56ff2..52a6b8b889 100644
--- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
+++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
@@ -33,7 +33,7 @@ By default, {% data variables.product.company_short %} checks the validity of {%
{% ifversion fpt %}
-Organizations using {% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_advanced_security %} can also enable validity checks for partner patterns. For more information, see [Checking a secret's validity](/enterprise-cloud@latest/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts#checking-a-secrets-validity) in the {% data variables.product.prodname_ghe_cloud %} documentation.
+Organizations using {% ifversion ghas-products-cloud %}{% data variables.product.prodname_team %} or {% endif %}{% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_secret_protection %} can also enable validity checks for partner patterns. For more information, see [Checking a secret's validity](/enterprise-cloud@latest/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts#checking-a-secrets-validity) in the {% data variables.product.prodname_ghe_cloud %} documentation.
{% endif %}
diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md
index b481672435..affc13054b 100644
--- a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md
+++ b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md
@@ -151,7 +151,7 @@ Before defining a custom pattern, you must ensure that you enable secret scannin
1. Optionally, to enable push protection for your custom pattern, click **Enable**. For more information, see [AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning).
{% indented_data_reference reusables.secret-scanning.push-protection-enterprise-note spaces=3 %}{% endif %}
-After your pattern is created, {% data variables.product.prodname_secret_scanning %} scans for any secrets in repositories within your enterprise's organizations with {% data variables.product.prodname_GH_advanced_security %} enabled, including their entire Git history on all branches. Organization owners and repository administrators will be alerted to any secrets found, and can review the alert in the repository where the secret is found. For more information on viewing {% data variables.secret-scanning.alerts %}, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning).
+After your pattern is created, {% data variables.product.prodname_secret_scanning %} scans for any secrets in repositories within your organizations with {% data variables.product.prodname_GH_secret_protection %} enabled, including their entire Git history on all branches. Organization owners and repository administrators will be alerted to any secrets found, and can review the alert in the repository where the secret is found. For more information on viewing {% data variables.secret-scanning.alerts %}, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning).
## Further reading
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-review-action.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-review-action.md
index 7608fba7c6..d5487ffc0d 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-review-action.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-review-action.md
@@ -38,7 +38,7 @@ Here is a list of common configuration options. For more information, and a full
| `deny-licenses` | {% octicon "x" aria-label="Optional" %} | Contains a list of prohibited licenses. You can find the possible values for this parameter in the [Licenses](/rest/licenses) page of the API documentation.The action will fail on pull requests that introduce dependencies with licenses that match the list.|
| {% endif %} |
| `fail-on-scopes` | {% octicon "x" aria-label="Optional" %} | Contains a list of strings representing the build environments you want to support (`development`, `runtime`, `unknown`). The action will fail on pull requests that introduce vulnerabilities in the scopes that match the list.|
-| `comment-summary-in-pr` | {% octicon "x" aria-label="Optional" %} | Enable or disable the reporting of the review summary as a comment in the pull request. If enabled, you must give the workflow or job the `pull-requests: write` permission. |
+| `comment-summary-in-pr` | {% octicon "x" aria-label="Optional" %} | Enable or disable the reporting of the review summary as a comment in the pull request. If enabled, you must give the workflow or job the `pull-requests: write` permission. With each execution, a new comment will overwrite the existing one.|
| `allow-ghsas` | {% octicon "x" aria-label="Optional" %} | Contains a list of {% data variables.product.prodname_advisory_database %} IDs that can be skipped during detection. You can find the possible values for this parameter in the [{% data variables.product.prodname_advisory_database %}](https://github.com/advisories). |
| `config-file` | {% octicon "x" aria-label="Optional" %} | Specifies a path to a configuration file. The configuration file can be local to the repository or a file located in an external repository.|
| `external-repo-token` | {% octicon "x" aria-label="Optional" %} | Specifies a token for fetching the configuration file, if the file resides in a private external repository. The token must have read access to the repository.|
diff --git a/content/copilot/using-github-copilot/copilot-chat/asking-github-copilot-questions-in-github.md b/content/copilot/using-github-copilot/copilot-chat/asking-github-copilot-questions-in-github.md
index 1fb457663f..789d4ed33f 100644
--- a/content/copilot/using-github-copilot/copilot-chat/asking-github-copilot-questions-in-github.md
+++ b/content/copilot/using-github-copilot/copilot-chat/asking-github-copilot-questions-in-github.md
@@ -146,11 +146,10 @@ To ask a question about a specific repository, you must be viewing the repositor
1. Navigate to a repository on {% data variables.product.github %}.
{% data reusables.copilot.open-chat-panel %}
-1. The heading at the top of the panel should read "Chatting about" followed by the name of the current repository.
- If the wrong repository name is displayed, because you were previously chatting about another repository, click All repositories then choose the repository you want to chat about.
+ {% data variables.product.prodname_copilot_chat_short %} will open a new conversation, with the repository you are viewing selected as the context for your question.
- 
+ 
1. At the bottom of the panel, in the "Ask {% data variables.product.prodname_copilot_short %}" box, type a question and press Enter.
@@ -189,33 +188,19 @@ Organization owners (with a {% data variables.product.prodname_copilot_enterpris
When you enter a query, {% data variables.product.prodname_copilot_short %} searches for relevant documentation snippets, synthesizes a summary of the relevant snippets to answer your question, and provides links to the source documentation for additional context.
-{% data reusables.copilot.open-chat-panel %}
-1. If the "Ask {% data variables.product.prodname_copilot_short %}" page is not displayed in the panel, click **All repositories**.
+1. At the top right of any page on {% data variables.product.github %}, click {% octicon "triangle-down" aria-label="The downwards triangle icon" %} beside the **{% octicon "copilot" aria-hidden="true" %}** icon and click **Immersive** in the dropdown menu.
- 
+ 
-1. Start a conversation with {% data variables.product.prodname_copilot_short %} by either selecting a repository or clicking **General purpose chat**.
-1. Click the "Attach knowledge" button (a book icon) at the bottom of the chat panel, to view a list of the knowledge bases that you have access to.
+1. To select a knowledge base for context, click {% octicon "paperclip" aria-label="Add attachments" %} at the bottom of the chat panel, then select "Knowledge base".
- 
+ 
-1. Click the knowledge base that you want to use as context.
-
- For example, you could choose a knowledge base containing your organization's internal developer documentation.
-
- You can search for a knowledge base if you don't see one you want to use.
-
- 
+1. In the "Search knowledge bases" box, type the name of the knowledge base you want to use as context, then click the knowledge base in the list of search results.
1. At the bottom of the page, in the "Ask {% data variables.product.prodname_copilot_short %}" box, type a question and press Enter.
-1. The response will typically contain numbered references to files that {% data variables.product.prodname_copilot_short %} uses to generate the answer, from the knowledge base you selected. To list the sources that were used, click **NUMBER references**.
-
- 
-
-1. To display information about a source reference, click its entry in the list.
-
- Alternatively, to open the complete file, click the ellipsis (**...**), then select **Open**.
+1. At the bottom of the response, {% data variables.product.prodname_copilot_short %} provides links to the source documentation for additional context.
1. Within a conversation thread, you can ask follow-up questions. Follow-up questions will continue to use the selected knowledge base as context until you explicitly detach the knowledge base or select a different one.
@@ -250,21 +235,18 @@ You can chat with {% data variables.product.prodname_copilot_short %} about a fi
{% data variables.product.prodname_copilot_short %} allows you to use natural language questions to ask about security alerts in repositories in your organization when these alerts are generated by {% data variables.product.prodname_GH_advanced_security %} features ({% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_secret_scanning %}, and {% data variables.product.prodname_dependabot_alerts %}).
-{% data reusables.copilot.open-chat-panel %}
-1. If the "Ask {% data variables.product.prodname_copilot_short %}" page is not displayed in the panel, click **All repositories**.
+1. At the top right of any page on {% data variables.product.github %}, click {% octicon "triangle-down" aria-label="The downwards triangle icon" %} beside the **{% octicon "copilot" aria-hidden="true" %}** icon and click **Immersive** in the dropdown menu.
- 
+ 
-1. On the "Ask {% data variables.product.prodname_copilot_short %}" page, select a repository to provide a context for your question.
+1. To select a repository for context, click {% octicon "paperclip" aria-label="Add attachments" %} at the bottom of the chat panel, then select "Repositories".
- For example, you could choose a repository with security alerts you want to understand better.
+ 
- You can search for a repository if you don't see one you want to use.
+1. In the "Search repositories" box, type the name of the repository you want to ask about, then click the repository in the list of search results.
1. In the "Ask {% data variables.product.prodname_copilot_short %}" box, type a question and press Enter.
- {% data variables.product.prodname_copilot_short %} replies in the chat panel.
-
> [!TIP]
diff --git a/data/release-notes/enterprise-server/3-16/0-rc1.yml b/data/release-notes/enterprise-server/3-16/0-rc1.yml
index 5a90413074..c9fc99d43b 100644
--- a/data/release-notes/enterprise-server/3-16/0-rc1.yml
+++ b/data/release-notes/enterprise-server/3-16/0-rc1.yml
@@ -24,6 +24,9 @@ sections:
# https://github.com/github/releases/issues/4576
- |
Organization owners can manage security responsibilities more flexibly with updates to the security manager role. The role can be assigned directly to individual users, in addition to teams, allowing more precise control over security responsibilities. Additionally, security manager assignments are managed under Settings - Organization roles, streamlining role configuration alongside other organizational roles. See [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization).
+ # https://github.com/github/releases/issues/4336
+ - |
+ `ghe-config-apply` applies configuration changes conditionally to the relevant, targeted and specific migrations only. As a result, you can expect less downtime and fewer errors while running `ghe-config-apply`. You can still choose to run `ghe-config-apply` unconditionally using this command: `ghe-config-apply -f`.
- heading: Authentication
notes:
@@ -186,9 +189,6 @@ sections:
changes:
- |
The 400GB root disk requirement introduced in [Enterprise Server 3.15.0](/enterprise-server@3.15/admin/release-notes#3.15.0-features) has been reverted in 3.15.2. The 400GB root disk size is no longer a requirement for new GHES installations and upgrades. Customers on standalone or standalone HA topologies are still recommended to upgrade their root disk size to 400GB.
- # https://github.com/github/releases/issues/4336
- - |
- `ghe-config-apply` applies configuration changes conditionally to the relevant, targeted and specific migrations only. As a result, you can expect less downtime and fewer errors while running `ghe-config-apply`. You can still choose to run `ghe-config-apply` unconditionally using this command: `ghe-config-apply -f`.
# https://github.com/github/releases/issues/4913
- |
When an enterprise requires two-factor authentication (2FA), members who do not use 2FA still retain membership even without 2FA, including occupying seats in the enterprise and organizations. However, these users won't be able to access the enterprise resources until they enable 2FA on their account. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/requiring-two-factor-authentication-for-an-organization).