Merge branch 'main' into dependabot/npm_and_yarn/minimist-1.2.6
This commit is contained in:
Kevin Heis
@@ -20,11 +20,13 @@ You may want to use a dark theme to reduce power consumption on certain devices,
|
||||
|
||||
{% ifversion fpt or ghes > 3.2 or ghae-issue-4618 or ghec %}If you have low vision, you may benefit from a high contrast theme, with greater contrast between foreground and background elements.{% endif %}{% ifversion fpt or ghae-issue-4619 or ghec %} If you have colorblindness, you may benefit from our light and dark colorblind themes.
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** The colorblind themes are currently in public beta. For more information on enabling features in public beta, see "[Exploring early access releases with feature preview](/get-started/using-github/exploring-early-access-releases-with-feature-preview)."
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -41,7 +43,7 @@ You may want to use a dark theme to reduce power consumption on certain devices,
|
||||
- If you chose to follow your system settings, click a day theme and a night theme.
|
||||
|
||||
{% ifversion fpt or ghes > 3.2 or ghae-issue-4618 or ghec %}{% else %}{% endif %}
|
||||
{% ifversion fpt or ghae-issue-4619 or ghec %}
|
||||
{% ifversion fpt or ghec %}
|
||||
- If you would like to choose a theme which is currently in public beta, you will first need to enable it with feature preview. For more information, see "[Exploring early access releases with feature preview](/get-started/using-github/exploring-early-access-releases-with-feature-preview)."{% endif %}
|
||||
|
||||
{% if command-palette %}
|
||||
|
||||
@@ -5,6 +5,7 @@ intro: "You can build security into your developers' workflow with features that
|
||||
versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
ghae: issue-4864
|
||||
topics:
|
||||
- Enterprise
|
||||
children:
|
||||
|
||||
@@ -13,7 +13,7 @@ topics:
|
||||
- Dependency graph
|
||||
---
|
||||
|
||||
You can allow users to identify their projects' dependencies by enabling the dependency graph for {% data variables.product.product_location %}. For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."
|
||||
You can allow users to identify their projects' dependencies by {% ifversion ghes %}enabling{% elsif ghae %}using{% endif %} the dependency graph for {% data variables.product.product_location %}. For more information, see "{% ifversion ghes %}[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise){% elsif ghae %}[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph){% endif %}."
|
||||
|
||||
You can also allow users on {% data variables.product.product_location %} to find and fix vulnerabilities in their code dependencies by enabling {% data variables.product.prodname_dependabot_alerts %}{% ifversion ghes > 3.2 %} and {% data variables.product.prodname_dependabot_updates %}{% endif %}. For more information, see "[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."
|
||||
|
||||
|
||||
@@ -45,8 +45,8 @@ By checking the dependency reviews in a pull request, and changing any dependenc
|
||||
|
||||
Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)."
|
||||
|
||||
{% ifversion ghec or ghes or ghae %}
|
||||
{% ifversion ghec or ghes %}
|
||||
## Enabling dependency review
|
||||
|
||||
The dependency review feature becomes available when you enable the dependency graph. {% ifversion ghec %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes or ghae %}For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."{% endif %}
|
||||
{% endif %}
|
||||
The dependency review feature becomes available when you enable the dependency graph. For more information, see "{% ifversion ghec %}[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph){% elsif ghes %}[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise){% endif %}."
|
||||
{% endif %}
|
||||
@@ -62,9 +62,9 @@ You can use the dependency graph to:
|
||||
|
||||
{% ifversion fpt or ghec %}To generate a dependency graph, {% data variables.product.product_name %} needs read-only access to the dependency manifest and lock files for a repository. The dependency graph is automatically generated for all public repositories and you can choose to enable it for private repositories. For information about enabling or disabling it for private repositories, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)."{% endif %}
|
||||
|
||||
{% ifversion ghes or ghae %}If the dependency graph is not available in your system, your enterprise owner can enable the dependency graph. For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."{% endif %}
|
||||
{% ifversion ghes %}If the dependency graph is not available in your system, your enterprise owner can enable the dependency graph. For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."{% endif %}
|
||||
|
||||
When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository{% ifversion fpt or ghec %} and every push to other repositories in the graph{% endif %}.
|
||||
{% ifversion fpt or ghec or ghes %}When the dependency graph is first enabled, {% endif %}{% data variables.product.product_name %} immediately parses manifest and lock files for supported ecosystems. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository{% ifversion fpt or ghec %} and every push to other repositories in the graph{% endif %}.
|
||||
|
||||
## Supported package ecosystems
|
||||
|
||||
|
||||
@@ -33,7 +33,7 @@ The dependency graph shows the dependencies{% ifversion fpt or ghec %} and depen
|
||||
4. Optionally, under "Dependency graph", click **Dependents**.
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghes or ghae-issue-4864 %}
|
||||
{% ifversion ghes %}
|
||||
Enterprise owners can configure the dependency graph at an enterprise level. For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -20,9 +20,7 @@ To perform any actions on {% data variables.product.product_name %}, such as cre
|
||||
|
||||
Within an organization, you can assign roles at the organization, team, and repository level. For more information about the different levels of roles, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."
|
||||
|
||||
If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can have more granular control over the permissions you grant at the repository level by creating up to three custom repository roles. A custom repository role is a configurable set of permissions with a custom name you choose. After you create a custom role, anyone with admin access to a repository can assign the role to an individual or team. For more information, see "[Managing an individual's access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository)" and "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)"
|
||||
|
||||
{% data reusables.enterprise.link-to-ghec-trial %}
|
||||
You can have more granular control over the permissions you grant at the repository level by creating up to three custom repository roles. A custom repository role is a configurable set of permissions with a custom name you choose. After you create a custom role, anyone with admin access to a repository can assign the role to an individual or team. For more information, see "[Managing an individual's access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository)" and "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)"
|
||||
|
||||
## About the inherited role
|
||||
|
||||
@@ -112,6 +110,14 @@ To resolve conflicting access, you can adjust your organization's base permissio
|
||||
|
||||
To create a new repository role, you add permissions to an inherited role and give the custom role a name.
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Only organizations that use {% data variables.product.prodname_ghe_cloud %} can create custom repository roles. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.profile.access_profile %}
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.organizations.org_settings %}
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
{% data reusables.actions.actions-spending-limit-brief %}
|
||||
|
||||
If you have an unlimited spending limit or a spending limit set higher than $0 USD, you will be billed for any additional minutes or storage beyond the included amounts in your account, also called overages. {% data variables.product.prodname_dotcom %} charges usage to the account that owns the repository where a workflow is run. Any coupons on your account do not apply to {% data variables.product.prodname_actions %} overages.
|
||||
|
||||
{% data reusables.billing.overages-billed-monthly %}
|
||||
|
||||
1
data/reusables/billing/overages-billed-monthly.md
Normal file
1
data/reusables/billing/overages-billed-monthly.md
Normal file
@@ -0,0 +1 @@
|
||||
Overages are always billed monthly regardless of your billing term (even if your account is otherwise billed annually).
|
||||
@@ -5,3 +5,5 @@
|
||||
{% endnote %}
|
||||
|
||||
By default, your organization or enterprise will have a {% data variables.product.prodname_codespaces %} spending limit of $0, which prevents new codespaces from being created or existing codespaces from being opened. To allow your users to create codespaces in your organization, set the limit to a value higher than $0.
|
||||
|
||||
{% data reusables.billing.overages-billed-monthly %}
|
||||
@@ -1,3 +1,3 @@
|
||||
{% ifversion ghes or ghae-issue-4864 %}
|
||||
The dependency graph and {% data variables.product.prodname_dependabot_alerts %} are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."
|
||||
Enterprise owners can configure {% ifversion ghes %}the dependency graph and {% endif %}{% data variables.product.prodname_dependabot_alerts %} for an enterprise. For more information, see {% ifversion ghes %}"[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."
|
||||
{% endif %}
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
{% data reusables.package_registry.packages-spending-limit-brief %}
|
||||
|
||||
If you have an unlimited spending limit or a spending limit set higher than $0 USD, you will be billed for any additional storage or data transfer, also called overages, up to your spending limit. Any coupons on your account do not apply to {% data variables.product.prodname_registry %} overages.
|
||||
|
||||
{% data reusables.billing.overages-billed-monthly %}
|
||||
@@ -17,9 +17,9 @@ Amazon | Amazon OAuth Client ID | amazon_oauth_client_id{% endif %}
|
||||
Amazon | Amazon OAuth Client Secret | amazon_oauth_client_secret{% endif %}
|
||||
Amazon Web Services (AWS) | Amazon AWS Access Key ID | aws_access_key_id
|
||||
Amazon Web Services (AWS) | Amazon AWS Secret Access Key | aws_secret_access_key
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Amazon Web Services (AWS) | Amazon AWS Session Token | aws_session_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Amazon Web Services (AWS) | Amazon AWS Temporary Access Key ID | aws_temporary_access_key_id{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
Asana | Asana Personal Access Token | asana_personal_access_token{% endif %}
|
||||
@@ -37,7 +37,7 @@ Azure | Azure Service Management Certificate | azure_management_certificate
|
||||
{%- ifversion ghes < 3.4 or ghae or ghae-issue-5342 %}
|
||||
Azure | Azure SQL Connection String | azure_sql_connection_string{% endif %}
|
||||
Azure | Azure Storage Account Key | azure_storage_account_key
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Beamer | Beamer API Key | beamer_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key{% endif %}
|
||||
@@ -46,7 +46,7 @@ Checkout.com | Checkout.com Test Secret Key | checkout_test_secret_key{% endif %
|
||||
Clojars | Clojars Deploy Token | clojars_deploy_token
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Contentful | Contentful Personal Access Token | contentful_personal_access_token{% endif %}
|
||||
Databricks | Databricks Access Token | databricks_access_token
|
||||
Discord | Discord Bot Token | discord_bot_token
|
||||
@@ -77,7 +77,7 @@ Flutterwave | Flutterwave Live API Secret Key | flutterwave_live_api_secret_key{
|
||||
Flutterwave | Flutterwave Test API Secret Key | flutterwave_test_api_secret_key{% endif %}
|
||||
Frame.io | Frame.io JSON Web Token | frameio_jwt
|
||||
Frame.io| Frame.io Developer Token | frameio_developer_token
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
FullStory | FullStory API Key | fullstory_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
GitHub | GitHub Personal Access Token | github_personal_access_token{% endif %}
|
||||
@@ -92,15 +92,15 @@ GitHub | GitHub SSH Private Key | github_ssh_private_key
|
||||
GitLab | GitLab Access Token | gitlab_access_token{% endif %}
|
||||
GoCardless | GoCardless Live Access Token | gocardless_live_access_token
|
||||
GoCardless | GoCardless Sandbox Access Token | gocardless_sandbox_access_token
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Google | Firebase Cloud Messaging Server Key | firebase_cloud_messaging_server_key{% endif %}
|
||||
Google | Google API Key | google_api_key
|
||||
Google | Google Cloud Private Key ID | google_cloud_private_key_id
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Google | Google Cloud Storage Access Key Secret | google_cloud_storage_access_key_secret{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Google | Google Cloud Storage Service Account Access Key ID | google_cloud_storage_service_account_access_key_id{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Google | Google Cloud Storage User Access Key ID | google_cloud_storage_user_access_key_id{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.3 %}
|
||||
Google | Google OAuth Access Token | google_oauth_access_token{% endif %}
|
||||
@@ -124,9 +124,9 @@ Ionic | Ionic Personal Access Token | ionic_personal_access_token{% endif %}
|
||||
Ionic | Ionic Refresh Token | ionic_refresh_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.4 %}
|
||||
JD Cloud | JD Cloud Access Key | jd_cloud_access_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
JFrog | JFrog Platform Access Token | jfrog_platform_access_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
JFrog | JFrog Platform API Key | jfrog_platform_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
Linear | Linear API Key | linear_api_key{% endif %}
|
||||
@@ -148,13 +148,13 @@ Meta | Facebook Access Token | facebook_access_token{% endif %}
|
||||
Midtrans | Midtrans Production Server Key | midtrans_production_server_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.3 %}
|
||||
Midtrans | Midtrans Sandbox Server Key | midtrans_sandbox_server_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
New Relic | New Relic Personal API Key | new_relic_personal_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
New Relic | New Relic REST API Key | new_relic_rest_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
New Relic | New Relic Insights Query Key | new_relic_insights_query_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
New Relic | New Relic License Key | new_relic_license_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.3 %}
|
||||
Notion | Notion Integration Token | notion_integration_token{% endif %}
|
||||
@@ -171,15 +171,15 @@ Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
OpenAI | OpenAI API Key | openai_api_key{% endif %}
|
||||
Palantir | Palantir JSON Web Token | palantir_jwt
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
PlanetScale | PlanetScale Database Password | planetscale_database_password{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
PlanetScale | PlanetScale OAuth Token | planetscale_oauth_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
PlanetScale | PlanetScale Service Token | planetscale_service_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Plivo | Plivo Auth ID | plivo_auth_id{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Plivo | Plivo Auth Token | plivo_auth_token{% endif %}
|
||||
Postman | Postman API Key | postman_api_key
|
||||
Proctorio | Proctorio Consumer Key | proctorio_consumer_key
|
||||
@@ -197,9 +197,9 @@ Samsara | Samsara OAuth Access Token | samsara_oauth_access_token
|
||||
Segment | Segment Public API Token | segment_public_api_token{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
SendGrid | SendGrid API Key | sendgrid_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Sendinblue | Sendinblue API Key | sendinblue_api_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5844 %}
|
||||
Sendinblue | Sendinblue SMTP Key | sendinblue_smtp_key{% endif %}
|
||||
{%- ifversion fpt or ghec or ghes > 3.1 or ghae %}
|
||||
Shippo | Shippo Live API Token | shippo_live_api_token{% endif %}
|
||||
|
||||
Reference in New Issue
Block a user