diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8818df1437..d1bf204f10 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,4 +9,4 @@ updates: - package-ecosystem: 'github-actions' directory: '/' schedule: - interval: weekly + interval: monthly diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 43f7a9e4be..486d910be2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -6,7 +6,7 @@ Read our [Code of Conduct](./CODE_OF_CONDUCT.md) to keep our community approacha In this guide you will get an overview of the contribution workflow from opening an issue, creating a PR, reviewing, and merging the PR. -Use the table of contents icon on the top left corner of the this document to get to a specific section of this guide quickly. +Use the table of contents icon on the top left corner of this document to get to a specific section of this guide quickly. ## New contributor guide diff --git a/README.md b/README.md index dd38f493f9..95b1fbe243 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ This repository contains the documentation website code and Markdown source file GitHub's Docs team works on pre-production content in a private repo that regularly syncs with this public repo. -Use the table of contents icon on the top left corner of the this document to get to a specific section of this guide quickly. +Use the table of contents icon on the top left corner of this document to get to a specific section of this guide quickly. ## Contributing @@ -60,4 +60,4 @@ When using the GitHub logos, be sure to follow the [GitHub logo guidelines](http ## Thanks :purple_heart: -Thanks for all your contributions and efforts towards improving the GitHub documentation. We thank you being part of our ✨ community ✨ ! +Thanks for all your contributions and efforts towards improving the GitHub documentation. We thank you being part of our :sparkles: community :sparkles: ! diff --git a/assets/images/enterprise/github-ae/organizations/security-and-analysis-disable-or-enable-all-ghae.png b/assets/images/enterprise/github-ae/organizations/security-and-analysis-disable-or-enable-all-ghae.png index 8dde5d07ff..c35ad52b2a 100644 Binary files a/assets/images/enterprise/github-ae/organizations/security-and-analysis-disable-or-enable-all-ghae.png and b/assets/images/enterprise/github-ae/organizations/security-and-analysis-disable-or-enable-all-ghae.png differ diff --git a/assets/images/help/pull_requests/compare-branch-example.png b/assets/images/help/pull_requests/compare-branch-example.png index 5bce7d268b..7fe08b3c2e 100644 Binary files a/assets/images/help/pull_requests/compare-branch-example.png and b/assets/images/help/pull_requests/compare-branch-example.png differ diff --git a/assets/images/help/repository/code-scanning-library-alert-index.png b/assets/images/help/repository/code-scanning-library-alert-index.png new file mode 100644 index 0000000000..0e668b80ab Binary files /dev/null and b/assets/images/help/repository/code-scanning-library-alert-index.png differ diff --git a/assets/images/help/repository/code-scanning-library-alert-show.png b/assets/images/help/repository/code-scanning-library-alert-show.png new file mode 100644 index 0000000000..ea3891af8d Binary files /dev/null and b/assets/images/help/repository/code-scanning-library-alert-show.png differ diff --git a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 5eb3dfcd6f..39495e3ac2 100644 --- a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -134,8 +134,8 @@ Email notifications from {% data variables.product.product_name %} contain the f | --- | --- | | `From` address | This address will always be {% ifversion fpt %}'`notifications@github.com`'{% else %}'the no-reply email address configured by your site administrator'{% endif %}. | | `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} | -| `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are: | -| `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes %} +| `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are: | +| `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 %} | `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} ## Choosing your notification settings @@ -144,7 +144,7 @@ Email notifications from {% data variables.product.product_name %} contain the f {% data reusables.notifications-v2.manage-notifications %} 3. On the notifications settings page, choose how you receive notifications when: - There are updates in repositories or team discussions you're watching or in a conversation you're participating in. For more information, see "[About participating and watching notifications](#about-participating-and-watching-notifications)." - - You gain access to a new repository or you've joined a new team. For more information, see "[Automatic watching](#automatic-watching)."{% ifversion fpt or ghes %} + - You gain access to a new repository or you've joined a new team. For more information, see "[Automatic watching](#automatic-watching)."{% ifversion fpt or ghes or ghae-issue-4864 %} - There are new {% data variables.product.prodname_dependabot_alerts %} in your repository. For more information, see "[{% data variables.product.prodname_dependabot_alerts %} notification options](#dependabot-alerts-notification-options)." {% endif %} {% ifversion fpt %} - There are workflow runs updates on repositories set up with {% data variables.product.prodname_actions %}. For more information, see "[{% data variables.product.prodname_actions %} notification options](#github-actions-notification-options)."{% endif %} @@ -161,14 +161,14 @@ If "Automatically watch repositories" is disabled, then you will not automatical You can choose whether to watch or unwatch an individual repository. You can also choose to only be notified of {% ifversion fpt or ghes > 3.0 or ghae-next %}certain event types such as {% data reusables.notifications-v2.custom-notification-types %} (if enabled for the repository) {% else %}new releases{% endif %}, or completely ignore an individual repository. {% data reusables.repositories.navigate-to-repo %} -2. In the upper-right corner, click the "Watch" drop-down menu to select a watch option. -{% ifversion fpt or ghes > 3.0 or ghae-next %} +2. In the upper-right corner, select the "Watch" drop-down menu to click a watch option. +{% ifversion fpt or ghes > 3.0 or ghae-issue-4910 %} ![Watch options in a drop-down menu for a repository](/assets/images/help/notifications-v2/watch-repository-options-custom.png) The **Custom** option allows you to further customize notifications so that you're only notified when specific events happen in the repository, in addition to participating and @mentions. {% else %} ![Watch options in a drop-down menu for a repository](/assets/images/help/notifications-v2/watch-repository-options.png){% endif %} -{% ifversion fpt or ghes > 3.0 or ghae-next %} +{% ifversion fpt or ghes > 3.0 or ghae-issue-4910 %} ![Custom watch options in a drop-down menu for a repository](/assets/images/help/notifications-v2/watch-repository-options-custom2-dotcom.png) If you select "Issues", you will be notified about, and subscribed to, updates on every issue (including those that existed prior to you selecting this option) in the repository. If you're @mentioned in a pull request in this repository, you'll receive notifications for that too, and you'll be subscribed to updates on that specific pull request, in addition to being notified about issues. {% endif %} @@ -198,12 +198,8 @@ If you are a member of more than one organization, you can configure each one to 5. Select one of your verified email addresses, then click **Save**. ![Switching your per-org email address](/assets/images/help/notifications/notifications_switching_org_email.gif) -{% ifversion not ghae %} -{% ifversion fpt or ghes %} +{% ifversion fpt or ghes or ghae-issue-4864 %} ## {% data variables.product.prodname_dependabot_alerts %} notification options -{% else %} -## Security alert notification options -{% endif %} {% data reusables.notifications.vulnerable-dependency-notification-enable %} {% data reusables.notifications.vulnerable-dependency-notification-delivery-method-customization2 %} diff --git a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md index cddd96305f..4df6d439ed 100644 --- a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md +++ b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md @@ -114,14 +114,14 @@ To filter notifications for specific activity on {% data variables.product.produ - `is:gist` - `is:issue-or-pull-request` - `is:release` -- `is:repository-invitation`{% ifversion not ghae %} -- `is:repository-vulnerability-alert` +- `is:repository-invitation`{% ifversion fpt or ghes or ghae-issue-4864 %} +- `is:repository-vulnerability-alert`{% endif %}{% ifversion fpt %} - `is:repository-advisory`{% endif %} - `is:team-discussion`{% ifversion fpt %} - `is:discussion`{% endif %} -{% ifversion not ghae %} -For information about reducing noise from notifications for {% ifversion fpt or ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %}, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies)." +{% ifversion fpt or ghes or ghae-issue-4864 %} +For information about reducing noise from notifications for {% data variables.product.prodname_dependabot_alerts %}, see "[Configuring notifications for vulnerable dependencies](/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies)." {% endif %} You can also use the `is:` query to describe how the notification was triaged. @@ -144,7 +144,7 @@ To filter notifications by why you've received an update, you can use the `reaso | `reason:invitation` | When you're invited to a team, organization, or repository. | `reason:manual` | When you click **Subscribe** on an issue or pull request you weren't already subscribed to. | `reason:mention` | You were directly @mentioned. -| `reason:review-requested` | You or a team you're on have been requested to review a pull request.{% ifversion not ghae %} +| `reason:review-requested` | You or a team you're on have been requested to review a pull request.{% ifversion fpt or ghes or ghae-issue-4864 %} | `reason:security-alert` | When a security alert is issued for a repository.{% endif %} | `reason:state-change` | When the state of a pull request or issue is changed. For example, an issue is closed or a pull request is merged. | `reason:team-mention` | When a team you're a member of is @mentioned. @@ -163,7 +163,7 @@ For example, to see notifications from the octo-org organization, use `org:octo- {% endif %} -{% ifversion fpt or ghes %} +{% ifversion fpt or ghes or ghae-issue-4864 %} ## {% data variables.product.prodname_dependabot %} custom filters {% ifversion fpt %} @@ -175,8 +175,11 @@ If you use {% data variables.product.prodname_dependabot %} to keep your depende For more information about {% data variables.product.prodname_dependabot %}, see "[About managing vulnerable dependencies](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)." {% endif %} -{% ifversion ghes %} -If you use {% data variables.product.prodname_dependabot %} to keep your dependencies-up-to-date, you can use and save the `is:repository_vulnerability_alert` custom filter to show notifications for {% data variables.product.prodname_dependabot_alerts %}. +{% ifversion ghes or ghae-issue-4864 %} + +If you use {% data variables.product.prodname_dependabot %} to keep your dependencies-up-to-date, you can use and save these custom filters to show notifications for {% data variables.product.prodname_dependabot_alerts %}: +- `is:repository_vulnerability_alert` +- `reason:security_alert` For more information about {% data variables.product.prodname_dependabot %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} diff --git a/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md b/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md index 85dd3fd5d8..ba768003a5 100644 --- a/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md +++ b/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile.md @@ -14,7 +14,7 @@ topics: - Profiles shortTitle: Organization's profile --- -You can optionally choose to add a description, location, website, and email address for your organization, and pin important repositories. You can customize your organization's profile by adding a README.md file. For more information, see "[Customizing your organization's profile](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile)." +You can optionally choose to add a description, location, website, and email address for your organization, and pin important repositories.{% ifversion not ghes and not ghae %} You can customize your organization's profile by adding a README.md file. For more information, see "[Customizing your organization's profile](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile)."{% endif %} {% ifversion fpt %}To confirm your organization's identity and display a "Verified" badge on your organization profile page, you must verify your organization's domains with {% data variables.product.product_name %}. For more information, see "[Verifying or approving a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)."{% endif %} diff --git a/content/actions/deployment/about-continuous-deployment.md b/content/actions/deployment/about-continuous-deployment.md index 037226b131..c4bf8c6c1a 100644 --- a/content/actions/deployment/about-continuous-deployment.md +++ b/content/actions/deployment/about-continuous-deployment.md @@ -34,9 +34,12 @@ You can configure your CD workflow to run when a {% data variables.product.produ {% data reusables.actions.cd-templates-actions %} +{% ifversion fpt or ghae or ghes > 3.0 %} + ## Further reading - [Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions) - [Using environments for deployment](/actions/deployment/using-environments-for-deployment){% ifversion fpt %} -- "[Managing billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions)" +- "[Managing billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions)"{% endif %} + {% endif %} diff --git a/content/actions/deployment/deploying-to-amazon-elastic-container-service.md b/content/actions/deployment/deploying-to-amazon-elastic-container-service.md index decc02cb95..90f8d5dd6e 100644 --- a/content/actions/deployment/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/deployment/deploying-to-amazon-elastic-container-service.md @@ -21,9 +21,9 @@ shortTitle: Deploy to Amazon ECS ## Introduction -This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/) when a release is created. +This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/) when there is a push to the `main` branch. -On every new release in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS. +On every new push to `main` in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS. ## Prerequisites @@ -67,7 +67,9 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials. +{% ifversion fpt or ghes > 3.0 or ghae %} 5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %} +{% endif %} ## Creating the workflow @@ -85,8 +87,9 @@ Ensure that you provide your own values for all the variables in the `env` key o name: Deploy to Amazon ECS on: - release: - types: [ created ] + push: + branches: + - main env: AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 diff --git a/content/actions/deployment/deploying-to-azure-app-service.md b/content/actions/deployment/deploying-to-azure-app-service.md index 0ea72b7c23..e1fdc88f7e 100644 --- a/content/actions/deployment/deploying-to-azure-app-service.md +++ b/content/actions/deployment/deploying-to-azure-app-service.md @@ -69,13 +69,15 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you 4. For Linux apps, add an app setting called `WEBSITE_WEBDEPLOY_USE_SCM` and set it to true in your app. For more information, see "[Configure apps in the portal](https://docs.microsoft.com/en-us/azure/app-service/configure-common#configure-app-settings)" in the Azure documentation. +{% ifversion fpt or ghes > 3.0 or ghae %} 5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %} +{% endif %} ## Creating the workflow Once you've completed the prerequisites, you can proceed with creating the workflow. -The following example workflow demonstrates how to build, test, and deploy the Node.js project to Azure App Service when a release is created. +The following example workflow demonstrates how to build, test, and deploy the Node.js project to Azure App Service when there is a push to the `main` branch. Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of the web app you created. You can also change `AZURE_WEBAPP_PACKAGE_PATH` if the path to your project is not the repository root and `NODE_VERSION` if you want to use a node version other than `10.x`. @@ -85,8 +87,9 @@ Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of {% data reusables.actions.actions-not-certified-by-github-comment %} on: - release: - types: [created] + push: + branches: + - main env: AZURE_WEBAPP_NAME: MY_WEBAPP_NAME # set this to your application's name diff --git a/content/actions/deployment/deploying-to-google-kubernetes-engine.md b/content/actions/deployment/deploying-to-google-kubernetes-engine.md index 3affd5041c..044576808a 100644 --- a/content/actions/deployment/deploying-to-google-kubernetes-engine.md +++ b/content/actions/deployment/deploying-to-google-kubernetes-engine.md @@ -21,7 +21,7 @@ shortTitle: Deploy to Google Kubernetes Engine ## Introduction -This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to Google Container Registry (GCR), and deploy it to Google Kubernetes Engine (GKE) when a release is created. +This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to Google Container Registry (GCR), and deploy it to Google Kubernetes Engine (GKE) when there is a push to the `main` branch. GKE is a managed Kubernetes cluster service from Google Cloud that can host your containerized workloads in the cloud or in your own datacenter. For more information, see [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine). @@ -105,9 +105,11 @@ Store the name of your project as a secret named `GKE_PROJECT`. For more informa ### (Optional) Configuring kustomize Kustomize is an optional tool used for managing YAML specs. After creating a _kustomization_ file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. For more information, see [kustomize usage](https://github.com/kubernetes-sigs/kustomize#usage). +{% ifversion fpt or ghes > 3.0 or ghae %} ### (Optional) Configure a deployment environment {% data reusables.actions.about-environments %} +{% endif %} ## Creating the workflow @@ -125,8 +127,9 @@ Under the `env` key, change the value of `GKE_CLUSTER` to the name of your clust name: Build and Deploy to GKE on: - release: - types: [created] + push: + branches: + - main env: PROJECT_ID: {% raw %}${{ secrets.GKE_PROJECT }}{% endraw %} diff --git a/content/actions/deployment/deploying-with-github-actions.md b/content/actions/deployment/deploying-with-github-actions.md index 3816cb2cbf..46a008279c 100644 --- a/content/actions/deployment/deploying-with-github-actions.md +++ b/content/actions/deployment/deploying-with-github-actions.md @@ -31,13 +31,12 @@ You should be familiar with the syntax for {% data variables.product.prodname_ac ## Triggering your deployment -You can use a variety of events to trigger your deployment workflow. Some of the most common are: `pull_request`, `push`, `release`, and `workflow_dispatch`. +You can use a variety of events to trigger your deployment workflow. Some of the most common are: `pull_request`, `push`, and `workflow_dispatch`. For example, a workflow with the following triggers runs whenever: - There is a push to the `main` branch. - A pull request targeting the `main` branch is opened, synchronized, or reopened. -- A release is created. - Someone manually triggers it. ```yaml @@ -48,9 +47,6 @@ on: pull_request: branches: - main - release: - types: - - created workflow_dispatch: ``` diff --git a/content/actions/guides.md b/content/actions/guides.md new file mode 100644 index 0000000000..d02ed0b24c --- /dev/null +++ b/content/actions/guides.md @@ -0,0 +1,66 @@ +--- +title: Guides for GitHub Actions +intro: 'These guides for {% data variables.product.prodname_actions %} include specific use cases and examples to help you configure workflows.' +allowTitleToDifferFromFilename: true +layout: product-sublanding +versions: + fpt: '*' + ghes: '*' + ghae: '*' +learningTracks: + - getting_started + - continuous_integration + - continuous_deployment + - deploy_to_the_cloud + - hosting_your_own_runners + - create_actions +includeGuides: + - /actions/quickstart + - /actions/learn-github-actions/introduction-to-github-actions + - /actions/creating-actions/creating-a-docker-container-action + - /actions/learn-github-actions/using-workflow-templates + - /actions/automating-builds-and-tests/building-and-testing-python + - /actions/automating-builds-and-tests/building-and-testing-nodejs + - /actions/publishing-packages/about-packaging-with-github-actions + - /actions/publishing-packages/publishing-docker-images + - /actions/advanced-guides/caching-dependencies-to-speed-up-workflows + - /actions/automating-builds-and-tests/about-continuous-integration + - /actions/automating-builds-and-tests/building-and-testing-powershell + - /actions/automating-builds-and-tests/building-and-testing-ruby + - /actions/automating-builds-and-tests/building-and-testing-java-with-maven + - /actions/automating-builds-and-tests/building-and-testing-java-with-gradle + - /actions/automating-builds-and-tests/building-and-testing-java-with-ant + - /actions/automating-builds-and-tests/building-and-testing-swift + - /actions/deployment/installing-an-apple-certificate-on-macos-runners-for-xcode-development + - /actions/automating-builds-and-tests/building-and-testing-xamarin-applications + - /actions/publishing-packages/publishing-nodejs-packages + - /actions/publishing-packages/publishing-java-packages-with-maven + - /actions/publishing-packages/publishing-java-packages-with-gradle + - /actions/advanced-guides/storing-workflow-data-as-artifacts + - /actions/using-containerized-services/about-service-containers + - /actions/using-containerized-services/creating-redis-service-containers + - /actions/using-containerized-services/creating-postgresql-service-containers + - /actions/deployment/deploying-to-amazon-elastic-container-service + - /actions/deployment/deploying-to-azure-app-service + - /actions/deployment/deploying-to-google-kubernetes-engine + - /actions/learn-github-actions/essential-features-of-github-actions + - /actions/security-guides/security-hardening-for-github-actions + - /actions/creating-actions/about-custom-actions + - /actions/creating-actions/creating-a-javascript-action + - /actions/creating-actions/creating-a-composite-action + - /actions/migrating-to-github-actions/migrating-from-azure-pipelines-to-github-actions + - /actions/migrating-to-github-actions/migrating-from-circleci-to-github-actions + - /actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions + - /actions/migrating-to-github-actions/migrating-from-jenkins-to-github-actions + - /actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions + - /actions/managing-issues-and-pull-requests/using-github-actions-for-project-management + - /actions/managing-issues-and-pull-requests/closing-inactive-issues + - /actions/managing-issues-and-pull-requests/scheduling-issue-creation + - /actions/managing-issues-and-pull-requests/adding-labels-to-issues + - /actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added + - /actions/managing-issues-and-pull-requests/moving-assigned-issues-on-project-boards + - /actions/managing-issues-and-pull-requests/removing-a-label-when-a-card-is-added-to-a-project-board-column + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot +--- + diff --git a/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md b/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md index 3eae0166a9..8f950feafe 100644 --- a/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md @@ -34,7 +34,7 @@ For more information, see "[About self-hosted runners](/github/automating-your-w ## Adding a self-hosted runner to a repository -You can add self-hosted runners to a single repository. To add a self-hosted runner to a user repository, you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. +You can add self-hosted runners to a single repository. To add a self-hosted runner to a user repository, you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. For information about how to add a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)." {% ifversion fpt %} {% data reusables.repositories.navigate-to-repo %} @@ -55,7 +55,7 @@ You can add self-hosted runners to a single repository. To add a self-hosted run ## Adding a self-hosted runner to an organization -You can add self-hosted runners at the organization level, where they can be used to process jobs for multiple repositories in an organization. To add a self-hosted runner to an organization, you must be an organization owner. +You can add self-hosted runners at the organization level, where they can be used to process jobs for multiple repositories in an organization. To add a self-hosted runner to an organization, you must be an organization owner. For information about how to add a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)." {% ifversion fpt %} {% data reusables.organizations.navigate-to-org %} @@ -84,7 +84,7 @@ You can add self-hosted runners to an enterprise, where they can be assigned to New runners are assigned to the default group. You can modify the runner's group after you've registered the runner. For more information, see "[Managing access to self-hosted runners](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group)." {% ifversion fpt %} -To add a self-hosted runner to an enterprise account, you must be an enterprise owner. +To add a self-hosted runner to an enterprise account, you must be an enterprise owner. For information about how to add a self-hosted runner with the REST API, see the [Enterprise Administration GitHub Actions APIs](/rest/reference/enterprise-admin#github-actions). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} diff --git a/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md b/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md index 6e8c8cedca..4b008c7d9e 100644 --- a/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners.md @@ -15,6 +15,24 @@ type: 'overview' You can automatically increase or decrease the number of self-hosted runners in your environment in response to the webhook events you receive with a particular label. For example, you can create automation that adds a new self-hosted runner each time you receive a [`workflow_job`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) webhook event with the [`queued`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) activity, which notifies you that a new job is ready for processing. The webhook payload includes label data, so you can identify the type of runner the job is requesting. Once the job has finished, you can then create automation that removes the runner in response to the `workflow_job` [`completed`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) activity. +## Recommended autoscaling solutions + +{% data variables.product.prodname_dotcom %} recommends and partners closely with two open source projects that you can use for autoscaling your runners. One or both solutions may be suitable, based on your needs. + +The following repositories have detailed instructions for setting up these autoscalers: + +- [actions-runner-controller/actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller) - A Kubernetes controller for {% data variables.product.prodname_actions %} self-hosted runnners. +- [philips-labs/terraform-aws-github-runner](https://github.com/philips-labs/terraform-aws-github-runner) - A Terraform module for scalable {% data variables.product.prodname_actions %} runners on Amazon Web Services. + +Each solution has certain specifics that may be important to consider: + +| **Features** | **actions-runner-controller** | **terraform-aws-github-runner** | +| :--- | :--- | :--- | +| Runtime | Kubernetes | Linux and Windows VMs | +| Supported Clouds | Azure, Amazon Web Services, Google Cloud Platform, on-premises | Amazon Web Services | +| Where runners can be scaled | Enterprise, organization, and repository levels. By runner label and runner group. | Organization and repository levels. By runner label and runner group. | +| Pull-based autoscaling support | Yes | No | + ## Using ephemeral runners for autoscaling {% data variables.product.prodname_dotcom %} recommends implementing autoscaling with ephemeral self-hosted runners; autoscaling with persistent self-hosted runners is not recommended. In certain cases, {% data variables.product.prodname_dotcom %} cannot guarantee that jobs are not assigned to persistent runners while they are shut down. With ephemeral runners, this can be guaranteed because {% data variables.product.prodname_dotcom %} only assigns one job to a runner. @@ -44,7 +62,7 @@ You can create your own autoscaling environment by using payloads received from ## Authentication requirements -You can register and delete self-hosted runners using [the API](/rest/reference/actions#self-hosted-runners). To authenticate to the API, your autoscaling implementation can use an access token or a {% data variables.product.prodname_dotcom %} app. +You can register and delete repository and organization self-hosted runners using [the API](/rest/reference/actions#self-hosted-runners). To authenticate to the API, your autoscaling implementation can use an access token or a {% data variables.product.prodname_dotcom %} app. Your access token will require the following scope: @@ -53,22 +71,8 @@ Your access token will require the following scope: To authenticate using a {% data variables.product.prodname_dotcom %} App, it must be assigned the following permissions: - For repositories, assign the `administration` permission. -- for organizations, assign the `organization_self_hosted_runners` permission. +- For organizations, assign the `organization_self_hosted_runners` permission. -## Recommended autoscaling solutions +You can register and delete enterprise self-hosted runners using [the API](/rest/reference/enterprise-admin#github-actions). To authenticate to the API, your autoscaling implementation can use an access token. -{% data variables.product.prodname_dotcom %} recommends and partners closely with two open source projects that you can use for autoscaling your runners. One or both solutions may be suitable, based on your needs. - -The following repositories have detailed instructions for setting up these autoscalers: - -- [actions-runner-controller/actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller) - A Kubernetes controller for {% data variables.product.prodname_actions %} self-hosted runnners. -- [philips-labs/terraform-aws-github-runner](https://github.com/philips-labs/terraform-aws-github-runner) - A Terraform module for scalable {% data variables.product.prodname_actions %} runners on Amazon Web Services. - -Each solution has certain specifics that may be important to consider: - -| **Features** | **actions-runner-controller** | **terraform-aws-github-runner** | -| :--- | :--- | :--- | -| Runtime | Kubernetes | Linux and Windows VMs | -| Supported Clouds | Azure, Amazon Web Services, Google Cloud Platform, on-premises | Amazon Web Services | -| Where runners can be scaled | Enterprise, organization, and repository levels. By runner label and runner group. | Organization and repository levels. By runner label and runner group. | -| Pull-based autoscaling support | Yes | No | +Your access token will requite the `manage_runners:enterprise` scope. diff --git a/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md b/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md index f452d220b5..fab3383f9f 100644 --- a/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md +++ b/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md @@ -33,7 +33,7 @@ When new runners are created, they are automatically assigned to the default gro ## Creating a self-hosted runner group for an organization -All organizations have a single default self-hosted runner group. Organizations within an enterprise account can create additional self-hosted groups. Organization admins can allow individual repositories access to a runner group. +All organizations have a single default self-hosted runner group. Organizations within an enterprise account can create additional self-hosted groups. Organization admins can allow individual repositories access to a runner group. For information about how to create a self-hosted runner group with the REST API, see "[Self-hosted runner groups](/rest/reference/actions#self-hosted-runner-groups)." Self-hosted runners are automatically assigned to the default group when created, and can only be members of one group at a time. You can move a runner from the default group to any group you create. @@ -83,7 +83,7 @@ When creating a group, you must choose a policy that defines which repositories ## Creating a self-hosted runner group for an enterprise -Enterprises can add their self-hosted runners to groups for access management. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account. Organization admins can then assign additional granular repository access policies to the enterprise runner groups. +Enterprises can add their self-hosted runners to groups for access management. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account. Organization admins can then assign additional granular repository access policies to the enterprise runner groups. For information about how to create a self-hosted runner group with the REST API, see the [Enterprise Administration GitHub Actions APIs](/rest/reference/enterprise-admin#github-actions). Self-hosted runners are automatically assigned to the default group when created, and can only be members of one group at a time. You can assign the runner to a specific group during the registration process, or you can later move the runner from the default group to a custom group. diff --git a/content/actions/hosting-your-own-runners/removing-self-hosted-runners.md b/content/actions/hosting-your-own-runners/removing-self-hosted-runners.md index 3449230a0c..c6c1fd3d32 100644 --- a/content/actions/hosting-your-own-runners/removing-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/removing-self-hosted-runners.md @@ -26,7 +26,7 @@ shortTitle: Remove self-hosted runners {% endnote %} -To remove a self-hosted runner from a user repository you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. We recommend that you also have access to the self-hosted runner machine. +To remove a self-hosted runner from a user repository you must be the repository owner. For an organization repository, you must be an organization owner or have admin access to the repository. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)." {% data reusables.github-actions.self-hosted-runner-reusing %} {% ifversion fpt %} @@ -53,7 +53,7 @@ To remove a self-hosted runner from a user repository you must be the repository {% endnote %} -To remove a self-hosted runner from an organization, you must be an organization owner. We recommend that you also have access to the self-hosted runner machine. +To remove a self-hosted runner from an organization, you must be an organization owner. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see "[Self-hosted runners](/rest/reference/actions#self-hosted-runners)." {% data reusables.github-actions.self-hosted-runner-reusing %} {% ifversion fpt or ghes > 3.1 or ghae-next %} @@ -81,7 +81,7 @@ To remove a self-hosted runner from an organization, you must be an organization {% data reusables.github-actions.self-hosted-runner-reusing %} {% ifversion fpt %} -To remove a self-hosted runner from an enterprise account, you must be an enterprise owner. We recommend that you also have access to the self-hosted runner machine. +To remove a self-hosted runner from an enterprise account, you must be an enterprise owner. We recommend that you also have access to the self-hosted runner machine. For information about how to add a self-hosted runner with the REST API, see the [Enterprise Administration GitHub Actions APIs](/rest/reference/enterprise-admin#github-actions). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} diff --git a/content/actions/index.md b/content/actions/index.md index aea62f47ed..91e911ace5 100644 --- a/content/actions/index.md +++ b/content/actions/index.md @@ -59,4 +59,5 @@ children: - /using-github-hosted-runners - /hosting-your-own-runners - /migrating-to-github-actions + - /guides --- diff --git a/content/actions/learn-github-actions/essential-features-of-github-actions.md b/content/actions/learn-github-actions/essential-features-of-github-actions.md index c7e0e98f47..783af1c28e 100644 --- a/content/actions/learn-github-actions/essential-features-of-github-actions.md +++ b/content/actions/learn-github-actions/essential-features-of-github-actions.md @@ -92,6 +92,8 @@ jobs: name: output-log-file ``` +To download an artifact from the same workflow run, your download job should specify `needs: upload-job-name` so it doesn't start until the upload job finishes. + For more information about artifacts, see "[Persisting workflow data using artifacts](/actions/configuring-and-managing-workflows/persisting-workflow-data-using-artifacts)." ## Next steps diff --git a/content/actions/learn-github-actions/reusing-workflows.md b/content/actions/learn-github-actions/reusing-workflows.md index 69c5585ff2..69335e1298 100644 --- a/content/actions/learn-github-actions/reusing-workflows.md +++ b/content/actions/learn-github-actions/reusing-workflows.md @@ -48,7 +48,6 @@ A reusable workflow can be used by another workflow if any of the following is t * Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information about the `env` context, see "[Context and expression syntax for GitHub Actions](/actions/reference/context-and-expression-syntax-for-github-actions#env-context)." The following limitations will be removed when workflow reuse moves out of beta: -* Reusable workflows can't reference self-hosted runners. * You can't set the concurrency of a called workflow from the caller workflow. For more information about `jobs..concurrency`, see "[Workflow syntax for GitHub Actions](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idconcurrency)." * Outputs generated by a called workflow can't be accessed by the caller workflow. diff --git a/content/actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions.md b/content/actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions.md index f598b1f9a1..3d0e049a3b 100644 --- a/content/actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions.md +++ b/content/actions/migrating-to-github-actions/migrating-from-gitlab-cicd-to-github-actions.md @@ -358,7 +358,7 @@ jobs: -{% data variables.product.prodname_actions %} caching is only applicable to {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see "Caching dependencies to speed up workflows." +{% data variables.product.prodname_actions %} caching is only applicable for repositories hosted on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "Caching dependencies to speed up workflows." ## Artifacts diff --git a/content/actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md b/content/actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md index ed7d96f0fd..bf3fba1a92 100644 --- a/content/actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md +++ b/content/actions/migrating-to-github-actions/migrating-from-travis-ci-to-github-actions.md @@ -334,7 +334,7 @@ cache: npm -{% data variables.product.prodname_actions %} caching is only applicable to {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see "Caching dependencies to speed up workflows." +{% data variables.product.prodname_actions %} caching is only applicable for repositories hosted on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "Caching dependencies to speed up workflows." ## Examples of common tasks diff --git a/content/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise.md b/content/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise.md index 30c760de4a..0307e8dc5e 100644 --- a/content/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise.md +++ b/content/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise.md @@ -33,7 +33,7 @@ When you enable {% data variables.product.prodname_GH_advanced_security %} for y - {% data variables.product.prodname_code_scanning_capc %}, see "[Configuring {% data variables.product.prodname_code_scanning %} for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance#prerequisites-for-code-scanning)." - {% data variables.product.prodname_secret_scanning_caps %}, see "[Configuring {% data variables.product.prodname_secret_scanning %} for your appliance](/admin/advanced-security/configuring-secret-scanning-for-your-appliance#prerequisites-for-secret-scanning)."{% endif %} - - {% data variables.product.prodname_dependabot %}, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)." + - {% data variables.product.prodname_dependabot %}, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)." ## Checking whether your license includes {% data variables.product.prodname_GH_advanced_security %} diff --git a/content/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account.md b/content/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account.md new file mode 100644 index 0000000000..ac0441f81a --- /dev/null +++ b/content/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account.md @@ -0,0 +1,114 @@ +--- +title: Enabling the dependency graph and Dependabot alerts on your enterprise account +intro: 'You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_ghe_cloud %} and enable the dependency graph and {% data variables.product.prodname_dependabot %} alerts in repositories in your instance.' +shortTitle: Enable dependency analysis +redirect_from: + - /enterprise/admin/installation/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server + - /enterprise/admin/configuration/enabling-security-alerts-for-vulnerable-dependencies-on-github-enterprise-server + - /enterprise/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server + - /admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server + - /admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server + - /admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server +permissions: 'Enterprise owners who are also owners of the connected {% data variables.product.prodname_ghe_cloud %} organization or enterprise account can enable the dependency graph and {% data variables.product.prodname_dependabot %} alerts on {% data variables.product.product_location %}.' +versions: + ghes: '*' + ghae: "issue-4864" +type: how_to +topics: + - Enterprise + - Security + - Dependency graph + - Dependabot +--- +## About alerts for vulnerable dependencies on {% data variables.product.product_location %} + +{% data reusables.dependabot.dependabot-alerts-beta %} + +{% data variables.product.prodname_dotcom %} identifies vulnerable dependencies in repositories and creates {% data variables.product.prodname_dependabot_alerts %} on {% data variables.product.product_location %}, using: + +- Data from the {% data variables.product.prodname_advisory_database %} +- The dependency graph service + +For more information about these features, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." + +### About synchronization of data from the {% data variables.product.prodname_advisory_database %} + +{% data reusables.repositories.tracks-vulnerabilities %} + +You can connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %} with {% data variables.product.prodname_github_connect %}. Once connected, vulnerability data is synced from the {% data variables.product.prodname_advisory_database %} to your instance once every hour. You can also choose to manually sync vulnerability data at any time. No code or information about code from {% data variables.product.product_location %} is uploaded to {% data variables.product.prodname_dotcom_the_website %}. + +### About generation of {% data variables.product.prodname_dependabot_alerts %} + +If you enable vulnerability detection, when {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in your instance that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}. + +## Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.product_location %} + +### Prerequisites + +For {% data variables.product.product_location %} to detect vulnerable dependencies and generate {% data variables.product.prodname_dependabot_alerts %}: +- You must connect {% data variables.product.product_location %} to {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghae %}This also enables the dependency graph service. {% endif %}{% ifversion ghes or ghae-next %}For more information, see "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)."{% endif %} +{% ifversion ghes %}- You must enable the dependency graph service.{% endif %} +- You must enable vulnerability scanning. + +{% ifversion ghes %} +{% ifversion ghes > 3.1 %} +You can enable the dependency graph via the {% data variables.enterprise.management_console %} or the administrative shell. We recommend you follow the {% data variables.enterprise.management_console %} route unless {% data variables.product.product_location %} uses clustering. + +### Enabling the dependency graph via the {% data variables.enterprise.management_console %} +{% data reusables.enterprise_site_admin_settings.sign-in %} +{% data reusables.enterprise_site_admin_settings.access-settings %} +{% data reusables.enterprise_site_admin_settings.management-console %} +{% data reusables.enterprise_management_console.advanced-security-tab %} +1. Under "Security," click **Dependency graph**. +![Checkbox to enable or disable the dependency graph](/assets/images/enterprise/3.2/management-console/enable-dependency-graph-checkbox.png) +{% data reusables.enterprise_management_console.save-settings %} +1. Click **Visit your instance**. + +### Enabling the dependency graph via the administrative shell +{% endif %}{% ifversion ghes < 3.2 %} +### Enabling the dependency graph +{% endif %} +{% data reusables.enterprise_site_admin_settings.sign-in %} +1. In the administrative shell, enable the dependency graph on {% data variables.product.product_location %}: + ``` shell + $ {% ifversion ghes > 3.1 %}ghe-config app.dependency-graph.enabled true{% else %}ghe-config app.github.dependency-graph-enabled true{% endif %} + ``` + {% note %} + + **Note**: For more information about enabling access to the administrative shell via SSH, see "[Accessing the administrative shell (SSH)](/enterprise/{{ currentVersion }}/admin/configuration/accessing-the-administrative-shell-ssh)." + + {% endnote %} +1. Apply the configuration. + ```shell + $ ghe-config-apply + ``` +1. Return to {% data variables.product.prodname_ghe_server %}. +{% endif %} + +### Enabling {% data variables.product.prodname_dependabot_alerts %} + +{% ifversion ghes %} +Before enabling {% data variables.product.prodname_dependabot_alerts %} for your instance, you need to enable the dependency graph. For more information, see above. +{% endif %} + +{% data reusables.enterprise-accounts.access-enterprise %} +{%- ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %} +{% data reusables.enterprise-accounts.github-connect-tab %} +1. Under "Repositories can be scanned for vulnerabilities", select the drop-down menu and click **Enabled without notifications**. Optionally, to enable alerts with notifications, click **Enabled with notifications**. + ![Drop-down menu to enable scanning repositories for vulnerabilities](/assets/images/enterprise/site-admin-settings/enable-vulnerability-scanning-in-repositories.png) + + {% tip %} + + **Tip**: We recommend configuring {% data variables.product.prodname_dependabot_alerts %} without notifications for the first few days to avoid an overload of emails. After a few days, you can enable notifications to receive {% data variables.product.prodname_dependabot_alerts %} as usual. + + {% endtip %} + +## Viewing vulnerable dependencies on {% data variables.product.product_location %} + +You can view all vulnerabilities in {% data variables.product.product_location %} and manually sync vulnerability data from {% data variables.product.prodname_dotcom_the_website %} to update the list. + +{% data reusables.enterprise_site_admin_settings.access-settings %} +2. In the left sidebar, click **Vulnerabilities**. + ![Vulnerabilities tab in the site admin sidebar](/assets/images/enterprise/business-accounts/vulnerabilities-tab.png) +3. To sync vulnerability data, click **Sync Vulnerabilities now**. + ![Sync vulnerabilities now button](/assets/images/enterprise/site-admin-settings/sync-vulnerabilities-button.png) diff --git a/content/admin/configuration/managing-connections-between-your-enterprise-accounts/index.md b/content/admin/configuration/managing-connections-between-your-enterprise-accounts/index.md index 936179700c..0c74dbfd23 100644 --- a/content/admin/configuration/managing-connections-between-your-enterprise-accounts/index.md +++ b/content/admin/configuration/managing-connections-between-your-enterprise-accounts/index.md @@ -18,7 +18,7 @@ children: - /connecting-your-enterprise-account-to-github-enterprise-cloud - /enabling-unified-search-between-your-enterprise-account-and-githubcom - /enabling-unified-contributions-between-your-enterprise-account-and-githubcom - - /enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server + - /enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account - /enabling-automatic-user-license-sync-between-github-enterprise-server-and-github-enterprise-cloud shortTitle: Connect enterprise accounts --- diff --git a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index 41b3f86bc2..ff7127a926 100644 --- a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -8,6 +8,7 @@ versions: fpt: '*' ghes: '>=3.0' ghae: '*' +miniTocMaxHeadingLevel: 3 redirect_from: - /github/managing-security-vulnerabilities/managing-alerts-from-automated-code-scanning - /github/finding-security-vulnerabilities-and-errors-in-your-code/managing-alerts-from-code-scanning @@ -58,6 +59,25 @@ To calculate the security severity of an alert, we use Common Vulnerability Scor By default, any code scanning results with a security severity of `Critical` or `High` will cause a check failure. You can specify which security severity level for code scanning results should cause a check failure. For more information, see "[Defining the severities causing pull request check failure](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)."{% endif %} +### About labels for alerts that are not found in application code + +{% data variables.product.product_name %} assigns a category label to alerts that are not found in application code. The label relates to the location of the alert. + +- **Generated**: Code generated by the build process +- **Test**: Test code +- **Library**: Library or third-party code +- **Documentation**: Documentation + +{% data variables.product.prodname_code_scanning_capc %} categorizes files by file path. You cannot manually categorize source files. + +Here is an example from the {% data variables.product.prodname_code_scanning %} alert list of an alert marked as occuring in library code. + +![Code scanning library alert in list](/assets/images/help/repository/code-scanning-library-alert-index.png) + +On the alert page, you can see that the filepath is marked as library code (`Library` label). + +![Code scanning library alert details](/assets/images/help/repository/code-scanning-library-alert-show.png) + ## Viewing the alerts for a repository Anyone with read permission for a repository can see {% data variables.product.prodname_code_scanning %} annotations on pull requests. For more information, see "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests)." @@ -112,14 +132,7 @@ If you enter multiple filters, the view will show alerts matching _all_ these fi ### Restricting results to application code only -You can use the "Only alerts in application code" filter or `autofilter:true` keyword and value to restrict results to alerts in application code. Application code excludes the following. - -- Code generated by the build process -- Test code -- Library or third-party code -- Documentation - -{% data variables.product.prodname_code_scanning_capc %} categorizes files by file path. At this time, you cannot manually categorize source files. +You can use the "Only alerts in application code" filter or `autofilter:true` keyword and value to restrict results to alerts in application code. See "[About labels for alerts not in application code](#about-labels-for-alerts-that-are-not-found-in-application-code)" above for more information about the types of code that are not application code. {% ifversion fpt or ghes > 3.1 %} diff --git a/content/code-security/getting-started/github-security-features.md b/content/code-security/getting-started/github-security-features.md index d996978f5a..21524f7ca5 100644 --- a/content/code-security/getting-started/github-security-features.md +++ b/content/code-security/getting-started/github-security-features.md @@ -19,9 +19,9 @@ topics: The {% data variables.product.prodname_advisory_database %} contains a curated list of security vulnerabilities that you can view, search, and filter. {% data reusables.security-advisory.link-browsing-advisory-db %} -{% ifversion fpt or ghes > 2.22 %} +{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %} ## Available for all repositories - +{% endif %} {% ifversion fpt or ghes > 3.0 or ghae-next %} ### Security policy @@ -39,9 +39,11 @@ View alerts about dependencies that are known to contain security vulnerabilitie and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." {% endif %} -{% ifversion ghes > 2.22 %} +{% ifversion ghes > 2.22 or ghae-issue-4864 %} ### {% data variables.product.prodname_dependabot_alerts %} +{% data reusables.dependabot.dependabot-alerts-beta %} + View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} @@ -51,6 +53,7 @@ View alerts about dependencies that are known to contain security vulnerabilitie Use {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. This helps reduce your exposure to older versions of dependencies. Using newer versions makes it easier to apply patches if security vulnerabilities are discovered, and also makes it easier for {% data variables.product.prodname_dependabot_security_updates %} to successfully raise pull requests to upgrade vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)." {% endif %} +{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %} ### Dependency graph The dependency graph allows you to explore the ecosystems and packages that your repository depends on and the repositories and packages that depend on your repository. @@ -75,7 +78,7 @@ Automatically detect security vulnerabilities and coding errors in new or modifi {% endif %} -{% ifversion fpt or ghes > 3.1 %} +{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %} ### Dependency review Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." diff --git a/content/code-security/getting-started/securing-your-repository.md b/content/code-security/getting-started/securing-your-repository.md index 6c5db69453..0cd76f6db9 100644 --- a/content/code-security/getting-started/securing-your-repository.md +++ b/content/code-security/getting-started/securing-your-repository.md @@ -46,36 +46,47 @@ For more information, see "[Adding a security policy to your repository](/code-s {% endif %} -{% ifversion fpt or ghes > 2.22 %} +{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %} ## Managing the dependency graph -Once you have [enabled the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph), it is automatically generated for {% ifversion fpt or ghes > 2.22 %} all public repositories, and you can choose to enable it for private repositories.{% else %} all repositories.{% endif %} +{% ifversion fpt %} +Once you have [enabled the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph), it is automatically generated for all public repositories, and you can choose to enable it for private repositories. 1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %} Settings**. 2. Click **Security & analysis**. 3. Next to Dependency graph, click **Enable** or **Disable**. +{% endif %} + +{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." {% endif %} -{% ifversion fpt or ghes > 2.22 %} +{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %} ## Managing {% data variables.product.prodname_dependabot_alerts %} -By default, {% data variables.product.prodname_dotcom %} detects vulnerabilities in public repositories and generates {% data variables.product.prodname_dependabot_alerts %}. {% data variables.product.prodname_dependabot_alerts %} can also be enabled for private repositories. +{% ifversion fpt %}By default, {% data variables.product.prodname_dotcom %} detects vulnerabilities in public repositories and generates {% data variables.product.prodname_dependabot_alerts %}. {% data variables.product.prodname_dependabot_alerts %} can also be enabled for private repositories. 1. Click your profile photo, then click **Settings**. 2. Click **Security & analysis**. 3. Click **Enable all** next to {% data variables.product.prodname_dependabot_alerts %}. +{% endif %} + +{% data reusables.dependabot.dependabot-alerts-beta %} +{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." {% endif %} -{% ifversion fpt or ghes > 3.1 %} +{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %} ## Managing dependency review -Dependency review lets you visualize dependency changes in pull requests before they are merged into your repository. Dependency review is available in all public repositories and in repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license that have the dependency graph enabled. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." +Dependency review lets you visualize dependency changes in pull requests before they are merged into your repositories. +{%- ifversion fpt %}Dependency review is available in all public repositories. For private and internal repositories you require a license for {% data variables.product.prodname_advanced_security %}. To enable dependency review for a repository, enable the dependency graph and enable {% data variables.product.prodname_advanced_security %}. +{%- elsif ghes or ghae %}Dependency review is available when dependency graph is enabled for {% data variables.product.product_location %} and you enable {% data variables.product.prodname_advanced_security %} for the repository (see below).{% endif %} +For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." {% endif %} diff --git a/content/code-security/supply-chain-security/index.md b/content/code-security/supply-chain-security/index.md index 35d491cbc0..7c5b9896dc 100644 --- a/content/code-security/supply-chain-security/index.md +++ b/content/code-security/supply-chain-security/index.md @@ -8,6 +8,7 @@ redirect_from: versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" topics: - Dependabot - Dependencies diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md index bf8cfaf46b..617cbaf274 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md +++ b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md @@ -1,12 +1,13 @@ --- title: About managing vulnerable dependencies -intro: '{% data variables.product.prodname_dotcom %} helps you to avoid using third-party software that contains known vulnerabilities.' +intro: '{% data variables.product.product_name %} helps you to avoid using third-party software that contains known vulnerabilities.' redirect_from: - /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies - /code-security/supply-chain-security/about-managing-vulnerable-dependencies versions: fpt: '*' ghes: '>=3.2' + ghae: "issue-4864" type: overview topics: - Dependabot @@ -20,7 +21,7 @@ shortTitle: Vulnerable dependencies --- -{% data variables.product.prodname_dotcom %} provides the following tools for removing and avoiding vulnerable dependencies. +{% data variables.product.product_name %} provides the following tools for removing and avoiding vulnerable dependencies. ## Dependency graph The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). The information in the dependency graph is used by dependency review and {% data variables.product.prodname_dependabot %}. @@ -33,13 +34,12 @@ For more information, see "[About the dependency graph](/github/visualizing-repo By checking the dependency reviews on pull requests you can avoid introducing vulnerabilities from dependencies into your codebase. If the pull requests adds a vulnerable dependency, or changes a dependency to a vulnerable version, this is highlighted in the dependency review. You can change the dependency to a patched version before merging the pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." ## {% data variables.product.prodname_dependabot_alerts %} -{% data variables.product.prodname_dotcom %} can create {% data variables.product.prodname_dependabot_alerts %} when it detects vulnerable dependencies in your repository. The alert is displayed on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.prodname_dotcom %} also notifies the maintainers of the repository, according to their notification preferences. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +{% data variables.product.product_name %}} can create {% data variables.product.prodname_dependabot_alerts %} when it detects vulnerable dependencies in your repository. The alert is displayed on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of the repository, according to their notification preferences. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% ifversion fpt %} ## {% data variables.product.prodname_dependabot_security_updates %} -When {% data variables.product.prodname_dotcom %} generates a {% data variables.product.prodname_dependabot %} alert for a vulnerable dependency in your repository, {% data variables.product.prodname_dependabot %} can automatically try to fix it for you. {% data variables.product.prodname_dependabot_security_updates %} are automatically generated pull requests that update a vulnerable dependency to a fixed version. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +When {% data variables.product.product_name %} generates a {% data variables.product.prodname_dependabot %} alert for a vulnerable dependency in your repository, {% data variables.product.prodname_dependabot %} can automatically try to fix it for you. {% data variables.product.prodname_dependabot_security_updates %} are automatically generated pull requests that update a vulnerable dependency to a fixed version. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." ## {% data variables.product.prodname_dependabot_version_updates %} Enabling {% data variables.product.prodname_dependabot_version_updates %} takes the effort out of maintaining your dependencies. With {% data variables.product.prodname_dependabot_version_updates %}, whenever {% data variables.product.prodname_dotcom %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. By contrast, {% data variables.product.prodname_dependabot_security_updates %} only raises pull requests to fix vulnerable dependencies. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates)." - {% endif %} diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md index af52aab171..c77f640f10 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md @@ -8,6 +8,7 @@ redirect_from: versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" type: how_to topics: - Dependabot @@ -27,10 +28,11 @@ When {% data variables.product.prodname_dependabot %} detects vulnerable depende {% ifversion fpt %}If you're an organization owner, you can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories in your organization with one click. You can also set whether the detection of vulnerable dependencies will be enabled or disabled for newly-created repositories. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-new-repositories-when-they-are-added)." {% endif %} -{% ifversion ghes %} -By default, if your site administrator has configured email for notifications on your enterprise, you will receive {% data variables.product.prodname_dependabot_alerts %} by email.{% endif %} +{% ifversion ghes or ghae-issue-4864 %} +By default, if your enterprise owner has configured email for notifications on your enterprise, you will receive {% data variables.product.prodname_dependabot_alerts %} by email. -{% ifversion ghes %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server#enabling-dependabot-alerts)."{% endif %} +Enterprise owners can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)." +{% endif %} ## Configuring notifications for {% data variables.product.prodname_dependabot_alerts %} diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md index 7b11941310..5ccafe24ed 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md +++ b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md @@ -10,6 +10,7 @@ redirect_from: versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" topics: - Repositories - Dependabot diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md index 3a2b5d8728..eedd2c9707 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -8,6 +8,7 @@ redirect_from: versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" type: how_to topics: - Dependabot @@ -33,7 +34,7 @@ The results of dependency detection reported by {% data variables.product.produc * {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." * {% ifversion fpt %}{% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." - {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes > 2.22 %} and synchronized to {% data variables.product.prodname_ghe_server %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes > 2.22 or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." ## Why don't I get vulnerability alerts for some ecosystems? diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md index 269b999909..834f3f8200 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md @@ -6,10 +6,11 @@ redirect_from: - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository permissions: Repository administrators and organization owners can view and update dependencies. -shortTitle: Fix vulnerable dependencies +shortTitle: View vulnerable dependencies versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" type: how_to topics: - Dependabot @@ -19,7 +20,7 @@ topics: - Pull requests - Repositories --- -Your repository's {% data variables.product.prodname_dependabot %} alerts tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can sort the list of alerts using the drop-down menu, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +Your repository's {% data variables.product.prodname_dependabot %} alerts tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can sort the list of alerts by selecting the drop-down menu, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% ifversion fpt %} You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." @@ -43,17 +44,17 @@ You can enable automatic security updates for any repository that uses {% data v 1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**. ![Create {% data variables.product.prodname_dependabot %} security update button](/assets/images/help/repository/create-dependabot-security-update-button.png) 1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." -1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, use the "Dismiss" drop-down, and click a reason for dismissing the alert. +1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" drop-down, and click a reason for dismissing the alert. ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/help/repository/dependabot-alert-dismiss-drop-down.png) -{% elsif ghes > 3.0 %} +{% elsif ghes > 3.0 or ghae-issue-4864 %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-dependabot-alerts %} 1. Click the alert you'd like to view. ![Alert selected in list of alerts](/assets/images/enterprise/graphs/click-alert-in-alerts-list.png) 1. Review the details of the vulnerability and determine whether or not you need to update the dependency. -1. When you merge a pull request that updates the manifest or lock file to a secure version of the dependency, this will resolve the alert. Alternatively, if you decide not to update the dependency, click the **Dismiss** drop-down, and select a reason for dismissing the alert. +1. When you merge a pull request that updates the manifest or lock file to a secure version of the dependency, this will resolve the alert. Alternatively, if you decide not to update the dependency, select the **Dismiss** drop-down, and click a reason for dismissing the alert. ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/enterprise/repository/dependabot-alert-dismiss-drop-down.png) {% else %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index 5ee2dcae9c..bc28ed03cc 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -6,6 +6,7 @@ shortTitle: Dependency review versions: fpt: '*' ghes: '>= 3.2' + ghae: "issue-4864" type: overview topics: - Advanced Security @@ -25,10 +26,14 @@ redirect_from: If a pull request targets your repository's default branch and contains changes to package manifests or lock files, you can display a dependency review to see what has changed. The dependency review includes details of changes to indirect dependencies in lock files, and it tells you if any of the added or updated dependencies contain known vulnerabilities. +{% ifversion fpt %} Dependency review is available in: * All public repositories. * Private repositories owned by organizations with an {% data variables.product.prodname_advanced_security %} license that have the dependency graph enabled. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% elsif ghes or ghae %} +Dependency review is available when dependency graph is enabled for {% data variables.product.product_location %} and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. +{% endif %} Sometimes you might just want to update the version of one dependency in a manifest and generate a pull request. However, if the updated version of this direct dependency also has updated dependencies, your pull request may have more changes than you expected. The dependency review for each manifest and lock file provides an easy way to see what has changed, and whether any of the new dependency versions contain known vulnerabilities. @@ -40,4 +45,4 @@ Dependency review supports the same languages and package management ecosystems ## Enabling dependency review -The dependency review feature becomes available when you enable the dependency graph. {% ifversion fpt %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes > 3.1 %}For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %} +The dependency review feature becomes available when you enable the dependency graph. {% ifversion fpt %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes or ghae %}For more information, see "[Enabling the dependency graph and Dependabot alerts on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index dbefc9a770..89cbde2016 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -7,6 +7,7 @@ redirect_from: versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" type: overview topics: - Dependency graph @@ -19,18 +20,20 @@ shortTitle: Dependency graph ## Dependency graph availability -The dependency graph is available for every{% ifversion fpt %} public{% endif %} repository that defines dependencies in a supported package ecosystem using a supported file format.{% ifversion fpt %} Repository administrators can also set up the dependency graph for private repositories.{% endif %} +{% ifversion fpt %}The dependency graph is available for every public repository that defines dependencies in a supported package ecosystem using a supported file format. Repository administrators can also set up the dependency graph for private repositories.{% endif %} + +{% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} ## About the dependency graph The dependency graph is a summary of the manifest and lock files stored in a repository. For each repository, it shows{% ifversion fpt %}: - Dependencies, the ecosystems and packages it depends on -- Dependents, the repositories and packages that depend on it{% else %} dependencies, that is, the ecosystems and packages it depends on. {% data variables.product.prodname_ghe_server %} does not calculate information about dependents, the repositories and packages that depend on a repository.{% endif %} +- Dependents, the repositories and packages that depend on it{% else %} dependencies, that is, the ecosystems and packages it depends on. {% data variables.product.product_name %} does not calculate information about dependents, the repositories and packages that depend on a repository.{% endif %} When you push a commit to {% data variables.product.product_name %} that changes or adds a supported manifest or lock file to the default branch, the dependency graph is automatically updated.{% ifversion fpt %} In addition, the graph is updated when anyone pushes a change to the repository of one of your dependencies.{% endif %} For information on the supported ecosystems and manifest files, see "[Supported package ecosystems](#supported-package-ecosystems)" below. -{% ifversion fpt or ghes > 3.1 %} +{% ifversion fpt or ghes > 3.1 or ghae %} When you create a pull request containing changes to dependencies that targets the default branch, {% data variables.product.prodname_dotcom %} uses the dependency graph to add dependency reviews to the pull request. These indicate whether the dependencies contain vulnerabilities and, if so, the version of the dependency in which the vulnerability was fixed. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." {% endif %} @@ -61,7 +64,7 @@ You can use the dependency graph to: {% ifversion fpt %}To generate a dependency graph, {% data variables.product.product_name %} needs read-only access to the dependency manifest and lock files for a repository. The dependency graph is automatically generated for all public repositories and you can choose to enable it for private repositories. For information about enabling or disabling it for private repositories, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)."{% endif %} -{% ifversion ghes %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %} +{% ifversion ghes or ghae %}If the dependency graph is not available in your system, your enterprise owner can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %} When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository{% ifversion fpt %} and every push to other repositories in the graph{% endif %}. @@ -73,7 +76,7 @@ The recommended formats explicitly define which versions are used for all direct | --- | --- | --- | ---| | Composer | PHP | `composer.lock` | `composer.json`, `composer.lock` | | `dotnet` CLI | .NET languages (C#, C++, F#, VB) | `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj` | `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj`, `packages.config` | -{%- ifversion fpt or ghes > 3.2 %} +{%- ifversion fpt or ghes > 3.2 or ghae %} | Go modules | Go | `go.sum` | `go.mod`, `go.sum` | {%- elsif ghes = 3.2 %} | Go modules | Go | `go.mod` | `go.mod` | diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md index 32328b16b9..ff7c1313e9 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md @@ -12,6 +12,7 @@ redirect_from: versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" type: how_to topics: - Dependency graph @@ -23,8 +24,6 @@ shortTitle: Explore dependencies ## Viewing the dependency graph -{% data reusables.repositories.enable-security-alerts %} - The dependency graph shows the dependencies{% ifversion fpt %} and dependents{% endif %} of your repository. For information about the detection of dependencies and which ecosystems are supported, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." {% data reusables.repositories.navigate-to-repo %} @@ -33,6 +32,10 @@ The dependency graph shows the dependencies{% ifversion fpt %} and dependents{% 4. Optionally, under "Dependency graph", click **Dependents**. ![Dependents tab on the dependency graph page](/assets/images/help/graphs/dependency-graph-dependents-tab.png){% endif %} +{% ifversion ghes or ghae-issue-4864 %} +Enterprise owners can configure the dependency graph at an enterprise level. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)." +{% endif %} + ### Dependencies view {% ifversion fpt %} @@ -44,14 +47,14 @@ If vulnerabilities have been detected in the repository, these are shown at the {% endif %} -{% ifversion ghes %} +{% ifversion ghes or ghae %} Any direct and indirect dependencies that are specified in the repository's manifest or lock files are listed, grouped by ecosystem. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to {% data variables.product.prodname_dependabot_alerts %}. ![Dependencies graph](/assets/images/help/graphs/dependencies_graph_server.png) {% note %} -**Note:** {% data variables.product.prodname_ghe_server %} does not populate the **Dependents** view. +**Note:** {% data variables.product.product_name %} does not populate the **Dependents** view. {% endnote %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index 248a09ef3a..1abe7ab3e4 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -3,6 +3,7 @@ title: Understanding your software supply chain versions: fpt: '*' ghes: '>=3.0' + ghae: "issue-4864" topics: - Dependency graph - Dependencies diff --git a/content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md b/content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md index ce94a9c86b..4c45a1c172 100644 --- a/content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md +++ b/content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md @@ -17,7 +17,7 @@ redirect_from: - /codespaces/working-with-your-codespace/managing-access-and-security-for-codespaces --- -By default, a codespace can only access the repository where it was created. When you enable access and security for a repository owned by your organization, any codespaces that are created for that repository will also have read and write permissions to all other repositories the organization owns and the codespace creator has permissions to access. If you want to restrict the repositories a codespace can access, you can limit to it to either the repository where the codespace was created, or to specific repositories. You should only enable access and security for repositories you trust. +By default, a codespace can only access the repository where it was created. When you enable access and security for a repository owned by your organization, any codespaces that are created for that repository will also have read and write permissions to all other repositories the organization owns and the codespace creator has permissions to access. If you want to restrict the repositories a codespace can access, you can limit it to either the repository where the codespace was created, or to specific repositories. You should only enable access and security for repositories you trust. To manage which users in your organization can use {% data variables.product.prodname_codespaces %}, see "[Managing user permissions for your organization](/codespaces/managing-codespaces-for-your-organization/managing-user-permissions-for-your-organization)." diff --git a/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md b/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md index aed13b8a56..b4359aaaa2 100644 --- a/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md +++ b/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md @@ -97,7 +97,7 @@ Permission | Description [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Grants access to the [Contents API](/rest/reference/repos#contents). Can be one of: `none`, `read`, or `write`. [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Grants access to the [Starring API](/rest/reference/activity#starring). Can be one of: `none`, `read`, or `write`. [`statuses`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Grants access to the [Statuses API](/rest/reference/repos#statuses). Can be one of: `none`, `read`, or `write`. -[`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Grants access to the [Team Discussions API](/rest/reference/teams#discussions) and the [Team Discussion Comments API](/rest/reference/teams#discussion-comments). Can be one of: `none`, `read`, or `write`.{% ifversion fpt or ghes %} +[`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Grants access to the [Team Discussions API](/rest/reference/teams#discussions) and the [Team Discussion Comments API](/rest/reference/teams#discussion-comments). Can be one of: `none`, `read`, or `write`.{% ifversion fpt or ghes or ghae-issue-4864 %} `vulnerability_alerts`| Grants access to receive security alerts for vulnerable dependencies in a repository. See "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" to learn more. Can be one of: `none` or `read`.{% endif %} `watching` | Grants access to list and change repositories a user is subscribed to. Can be one of: `none`, `read`, or `write`. diff --git a/content/get-started/using-git/pushing-commits-to-a-remote-repository.md b/content/get-started/using-git/pushing-commits-to-a-remote-repository.md index f0673fcf58..2ab5e3afee 100644 --- a/content/get-started/using-git/pushing-commits-to-a-remote-repository.md +++ b/content/get-started/using-git/pushing-commits-to-a-remote-repository.md @@ -112,7 +112,7 @@ For more information on working with forks, see "[Syncing a fork](/articles/sync ## Further reading - [The "Remotes" chapter from the "Pro Git" book](https://git-scm.com/book/ch5-2.html) -- [`git remote` man page](https://git-scm.com/docs/git-remote.html) +- [`git remote` main page](https://git-scm.com/docs/git-remote.html) - "[Git cheatsheet](/articles/git-cheatsheet)" - "[Git workflows](/github/getting-started-with-github/git-workflows)" - "[Git Handbook](https://guides.github.com/introduction/git-handbook/)" diff --git a/content/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md b/content/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md index 847033abb2..10993eed58 100644 --- a/content/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md +++ b/content/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md @@ -5,6 +5,7 @@ product: '{% data reusables.gated-features.dependency-review %}' versions: fpt: '*' ghes: '>= 3.2' + ghae: "issue-4864" type: how_to topics: - Pull requests diff --git a/content/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/content/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md index bdb9455df7..a008c6e4b2 100644 --- a/content/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/content/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md @@ -18,7 +18,7 @@ redirect_from: {% ifversion ghes %} By default, if your site administrator has configured email for notifications on your enterprise, you will receive {% ifversion ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} by email.{% endif %} -{% ifversion ghes %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %} +{% ifversion ghes %}Site administrators can also enable {% data variables.product.prodname_dependabot_alerts %} without notifications. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %} ## Configuring notifications for {% ifversion ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} diff --git a/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md b/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md index c4b076b715..904e0de854 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md +++ b/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md @@ -3,8 +3,6 @@ title: Customizing your organization's profile intro: You can share information about your organization by customizing your organization's profile versions: fpt: '*' - ghes: '*' - ghae: '*' topics: - Organizations shortTitle: Customize organization profile diff --git a/content/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization.md index 19c9f7eae0..b0b78ebcc7 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization.md @@ -34,7 +34,7 @@ The page that's displayed allows you to enable or disable all security and analy {% ifversion ghes > 3.0 %}If you have a license for {% data variables.product.prodname_GH_advanced_security %}, the page will also contain options to enable and disable {% data variables.product.prodname_advanced_security %} features. Any repositories that use {% data variables.product.prodname_GH_advanced_security %} are listed at the bottom of the page.{% endif %} -{% ifversion ghae %}The page will also contain options to enable and disable {% data variables.product.prodname_advanced_security %} features.{% endif %} +{% ifversion ghae %}The page will also contain options to enable and disable {% data variables.product.prodname_advanced_security %} features. Any repositories that use {% data variables.product.prodname_GH_advanced_security %} are listed at the bottom of the page.{% endif %} ## Enabling or disabling a feature for all existing repositories @@ -91,10 +91,10 @@ You can enable or disable features for all repositories. {% ifversion fpt %}The 1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)." 2. Under "Configure security and analysis features", to the right of the feature, enable or disable the feature by default for new repositories{% ifversion fpt %}, or all new private repositories,{% endif %} in your organization. - {% ifversion fpt or ghes > 3.1 %} + {% ifversion fpt %} ![Checkbox for enabling or disabling a feature for new repositories](/assets/images/help/organizations/security-and-analysis-enable-or-disable-feature-checkbox-dotcom.png) {% endif %} - {% ifversion ghes = 3.1 %} + {% ifversion ghes > 3.0 %} ![Checkbox for enabling or disabling a feature for new repositories](/assets/images/enterprise/3.1/help/organizations/security-and-analysis-enable-or-disable-feature-checkbox.png) {% endif %} {% ifversion ghes = 3.0 %} diff --git a/content/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization.md index 8733b1d3cb..54f669e6e2 100644 --- a/content/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization.md @@ -66,9 +66,9 @@ To search for specific events, use the `action` qualifier in your query. Actions | [`protected_branch`](#protected_branch-category-actions) | Contains all activities related to protected branches. | [`repo`](#repo-category-actions) | Contains activities related to the repositories owned by your organization.{% ifversion fpt %} | [`repository_advisory`](#repository_advisory-category-actions) | Contains repository-level activities related to security advisories in the {% data variables.product.prodname_advisory_database %}. For more information, see "[About {% data variables.product.prodname_dotcom %} Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)." -| [`repository_content_analysis`](#repository_content_analysis-category-actions) | Contains all activities related to [enabling or disabling data use for a private repository](/articles/about-github-s-use-of-your-data).{% endif %}{% ifversion not ghae %} +| [`repository_content_analysis`](#repository_content_analysis-category-actions) | Contains all activities related to [enabling or disabling data use for a private repository](/articles/about-github-s-use-of-your-data).{% endif %}{% ifversion fpt %} | [`repository_dependency_graph`](#repository_dependency_graph-category-actions) | Contains repository-level activities related to enabling or disabling the dependency graph for a {% ifversion fpt %}private {% endif %}repository. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)."{% endif %}{% ifversion fpt or ghes > 2.22 or ghae %} -| [`repository_secret_scanning`](#repository_secret_scanning-category-actions) | Contains repository-level activities related to secret scanning. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)." {% endif %}{% ifversion not ghae %} +| [`repository_secret_scanning`](#repository_secret_scanning-category-actions) | Contains repository-level activities related to secret scanning. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)." {% endif %}{% ifversion fpt or ghes or ghae-issue-4864 %} | [`repository_vulnerability_alert`](#repository_vulnerability_alert-category-actions) | Contains all activities related to [{% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies).{% endif %}{% ifversion fpt %} | [`repository_vulnerability_alerts`](#repository_vulnerability_alerts-category-actions) | Contains repository-level configuration activities for {% data variables.product.prodname_dependabot %} alerts. {% endif %}{% ifversion fpt or ghes > 2.22 or ghae %} | [`secret_scanning`](#secret_scanning-category-actions) | Contains organization-level configuration activities for secret scanning in existing repositories. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)." @@ -636,7 +636,7 @@ For more information, see "[Managing the publication of {% data variables.produc | `enable` | Triggered when an organization owner or person with admin access to the repository [enables data use settings for a private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository). | `disable` | Triggered when an organization owner or person with admin access to the repository [disables data use settings for a private repository](/github/understanding-how-github-uses-and-protects-your-data/managing-data-use-settings-for-your-private-repository). -{% endif %}{% ifversion not ghae %} +{% endif %}{% ifversion fpt %} ### `repository_dependency_graph` category actions @@ -653,7 +653,7 @@ For more information, see "[Managing the publication of {% data variables.produc | `disable` | Triggered when a repository owner or person with admin access to the repository disables secret scanning for a {% ifversion fpt %}private {% endif %}repository. For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)." | `enable` | Triggered when a repository owner or person with admin access to the repository enables secret scanning for a {% ifversion fpt %}private {% endif %}repository. -{% endif %}{% ifversion not ghae %} +{% endif %}{% ifversion fpt or ghes or ghae-issue-4864 %} ### `repository_vulnerability_alert` category actions | Action | Description diff --git a/content/repositories/viewing-activity-and-data-for-your-repository/about-the-dependency-graph.md b/content/repositories/viewing-activity-and-data-for-your-repository/about-the-dependency-graph.md index 27ede81180..ebb70d132b 100644 --- a/content/repositories/viewing-activity-and-data-for-your-repository/about-the-dependency-graph.md +++ b/content/repositories/viewing-activity-and-data-for-your-repository/about-the-dependency-graph.md @@ -42,7 +42,7 @@ You can use the dependency graph to: ## Enabling the dependency graph -{% ifversion ghes %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/enterprise/{{ currentVersion }}/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)."{% endif %} +{% ifversion ghes %}If the dependency graph is not available in your system, your site administrator can enable the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)."{% endif %} When the dependency graph is first enabled, any manifest and lock files for supported ecosystems are parsed immediately. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. Once enabled, the graph is automatically updated with every push to the repository. diff --git a/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md b/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md index 018935cbc7..881c4fd1af 100644 --- a/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md +++ b/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md @@ -1,6 +1,7 @@ --- title: Understanding connections between repositories intro: "You can better understand the connections that exist between repositories by viewing a repository's network and forks and the projects that depend on the repository." +product: '{% data reusables.gated-features.repository-insights %}' redirect_from: - /articles/viewing-a-repository-s-network - /articles/viewing-a-repositorys-network @@ -24,8 +25,7 @@ shortTitle: Connections between repositories ## Viewing a repository's network -'The network graph displays the branch history of the entire repository network, including branches of the root repository and branches of forks that contain commits unique to the network.' -product: '{% data reusables.gated-features.repository-insights %}' +The network graph displays the branch history of the entire repository network, including branches of the root repository and branches of forks that contain commits unique to the network. ![Repository network graph](/assets/images/help/graphs/repo_network_graph.png) @@ -65,7 +65,7 @@ Forks are listed alphabetically by the username of the person who forked the rep 3. In the left sidebar, click **Forks**. ![Forks tab](/assets/images/help/graphs/graphs-sidebar-forks-tab.png) -{% ifversion fpt or ghes > 2.22 %} +{% ifversion fpt or ghes > 2.22 or ghae-issue-4864 %} ## Viewing the dependencies of a repository You can use the dependency graph to explore the code your repository depends on. diff --git a/content/rest/reference/permissions-required-for-github-apps.md b/content/rest/reference/permissions-required-for-github-apps.md index 63bd6772fd..88bb18d6a3 100644 --- a/content/rest/reference/permissions-required-for-github-apps.md +++ b/content/rest/reference/permissions-required-for-github-apps.md @@ -142,11 +142,11 @@ _Search_ - [`POST /orgs/:org/repos`](/rest/reference/repos#create-an-organization-repository) (:write) - [`PATCH /repos/:owner/:repo`](/rest/reference/repos#update-a-repository) (:write) - [`DELETE /repos/:owner/:repo`](/rest/reference/repos#delete-a-repository) (:write) -{% ifversion fpt -%} - [`GET /repos/:owner/:repo/actions/runners/downloads`](/rest/reference/actions#list-runner-applications-for-a-repository) (:read) - [`GET /repos/:owner/:repo/actions/runners`](/rest/reference/actions#list-self-hosted-runners-for-a-repository) (:read) - [`GET /repos/:owner/:repo/actions/runners/:runner_id`](/rest/reference/actions#get-a-self-hosted-runner-for-a-repository) (:read) - [`DELETE /repos/:owner/:repo/actions/runners/:runner_id`](/rest/reference/actions#delete-a-self-hosted-runner-from-a-repository) (:write) +{% ifversion fpt or ghes -%} - [`POST /repos/:owner/:repo/actions/runners/registration-token`](/rest/reference/actions#create-a-registration-token-for-a-repository) (:write) - [`POST /repos/:owner/:repo/actions/runners/remove-token`](/rest/reference/actions#create-a-remove-token-for-a-repository) (:write) {% endif -%} @@ -894,7 +894,7 @@ _Teams_ - [`GET /repos/:owner/:repo/code-scanning/sarifs/:sarif_id`](/rest/reference/code-scanning#get-information-about-a-sarif-upload) (:read) {% endif -%} -{% ifversion fpt %} +{% ifversion fpt or ghes %} ### Permission on "self-hosted runners" - [`GET /orgs/:org/actions/runners/downloads`](/rest/reference/actions#list-runner-applications-for-an-organization) (:read) - [`POST /orgs/:org/actions/runners/registration-token`](/rest/reference/actions#create-a-registration-token-for-an-organization) (:write) diff --git a/contributing/content-style-guide.md b/contributing/content-style-guide.md index 2c720343be..64c6ef3b31 100644 --- a/contributing/content-style-guide.md +++ b/contributing/content-style-guide.md @@ -4,7 +4,7 @@ Welcome to the content style guide for [GitHub Docs](https://docs.github.com/). These guidelines are specific to GitHub’s documentation. For general style questions or guidance on topics not covered here, see the [GitHub Brand Guide](https://brand.github.com/content/) first, then the [Microsoft Style Guide](https://docs.microsoft.com/style-guide/welcome/). For markup specific to source content on docs.github.com, see our [markup reference guide](content-markup-reference.md). -Use table of contents icon on the top left corner of the this document to get to a specific section of this guide quickly. +Use table of contents icon on the top left corner of this document to get to a specific section of this guide quickly. ## The GitHub Docs approach to style diff --git a/data/learning-tracks/actions.yml b/data/learning-tracks/actions.yml index 5bcbf7bcdf..bd481b61ff 100644 --- a/data/learning-tracks/actions.yml +++ b/data/learning-tracks/actions.yml @@ -7,38 +7,35 @@ getting_started: - /actions/learn-github-actions/essential-features-of-github-actions - /actions/learn-github-actions/managing-complex-workflows - /actions/learn-github-actions/reusing-workflows - - /actions/learn-github-actions/security-hardening-for-github-actions + - /actions/security-guides/security-hardening-for-github-actions featured_track: true continuous_integration: title: 'Build and test code' description: 'You can create custom continuous integration (CI) workflows right in your repository.' guides: - - /actions/guides/about-continuous-integration - - /actions/guides/setting-up-continuous-integration-using-workflow-templates - - /actions/guides/about-service-containers - - /actions/guides/building-and-testing-nodejs - - /actions/guides/building-and-testing-powershell - - /actions/guides/building-and-testing-python - - /actions/guides/building-and-testing-ruby - - /actions/guides/building-and-testing-java-with-maven - - /actions/guides/building-and-testing-java-with-gradle - - /actions/guides/building-and-testing-java-with-ant + - /actions/automating-builds-and-tests/about-continuous-integration + - /actions/automating-builds-and-tests/building-and-testing-powershell + - /actions/automating-builds-and-tests/building-and-testing-ruby + - /actions/automating-builds-and-tests/building-and-testing-java-with-maven + - /actions/automating-builds-and-tests/building-and-testing-java-with-gradle + - /actions/automating-builds-and-tests/building-and-testing-java-with-ant + - /actions/automating-builds-and-tests/building-and-testing-swift continuous_deployment: title: 'Automate your deployments' description: 'Learn how to automate release publishing for your project with a custom continuous deployment (CD) workflow in {% data variables.product.prodname_actions %}.' guides: - - /actions/guides/about-packaging-with-github-actions - - /actions/guides/publishing-nodejs-packages - - /actions/guides/publishing-java-packages-with-maven - - /actions/guides/publishing-java-packages-with-gradle - - /actions/guides/publishing-docker-images + - /actions/publishing-packages/about-packaging-with-github-actions + - /actions/publishing-packages/publishing-nodejs-packages + - /actions/publishing-packages/publishing-java-packages-with-maven + - /actions/publishing-packages/publishing-java-packages-with-gradle + - /actions/publishing-packages/publishing-docker-images deploy_to_the_cloud: title: 'Deploy to the cloud' description: 'Learn how to use {% data variables.product.prodname_actions %} to build an application and deploy it to various cloud-based platforms.' guides: - - /actions/guides/deploying-to-amazon-elastic-container-service - - /actions/guides/deploying-to-azure-app-service - - /actions/guides/deploying-to-google-kubernetes-engine + - /actions/deployment/deploying-to-amazon-elastic-container-service + - /actions/deployment/deploying-to-azure-app-service + - /actions/deployment/deploying-to-google-kubernetes-engine hosting_your_own_runners: title: 'Host your own runners' description: 'You can create self-hosted runners to run workflows in a highly customizable environment.' @@ -55,7 +52,7 @@ create_actions: title: 'Create an action' description: 'Do you have an idea for a new action? Have you built something custom for your project? Learn how to build shareable actions and publish them to GitHub Marketplace.' guides: - - /actions/creating-actions/about-actions + - /actions/creating-actions/about-custom-actions - /actions/creating-actions/creating-a-docker-container-action - /actions/creating-actions/creating-a-javascript-action - /actions/creating-actions/creating-a-composite-action diff --git a/data/release-notes/enterprise-server/3-0/17.yml b/data/release-notes/enterprise-server/3-0/17.yml new file mode 100644 index 0000000000..ab0a13b159 --- /dev/null +++ b/data/release-notes/enterprise-server/3-0/17.yml @@ -0,0 +1,25 @@ +date: '2021-10-12' +sections: + security_fixes: + - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/27034, https://github.com/github/enterprise2/pull/27010 {% endcomment %}' + bugs: + - 'Custom pre-receive hooks could have failed due to too restrictive virtual memory or CPU time limits. {% comment %} https://github.com/github/enterprise2/pull/26971, https://github.com/github/enterprise2/pull/26955 {% endcomment %}' + - 'Attempting to wipe all existing configuration settings with `ghe-cleanup-settings` failed to restart the Management Console service. {% comment %} https://github.com/github/enterprise2/pull/26986, https://github.com/github/enterprise2/pull/26901 {% endcomment %}' + - 'During replication teardown via `ghe-repl-teardown` Memcached failed to be restarted. {% comment %} https://github.com/github/enterprise2/pull/26992, https://github.com/github/enterprise2/pull/26983 {% endcomment %}' + - 'During periods of high load, users would receive HTTP 503 status codes when upstream services failed internal healthchecks. {% comment %} https://github.com/github/enterprise2/pull/27081, https://github.com/github/enterprise2/pull/26999 {% endcomment %}' + - 'Pre-receive hook environments were forbidden from calling the cat command via BusyBox on Alpine. {% comment %} https://github.com/github/enterprise2/pull/27114, https://github.com/github/enterprise2/pull/27094 {% endcomment %}' + - 'The external database password was logged in plaintext. {% comment %} https://github.com/github/enterprise2/pull/27172, https://github.com/github/enterprise2/pull/26413 {% endcomment %}' + - 'An erroneous `jq` error message may have been displayed when running `ghe-config-apply`. {% comment %} https://github.com/github/enterprise2/pull/27203, https://github.com/github/enterprise2/pull/26784 {% endcomment %}' + - 'Failing over from a primary Cluster datacenter to a secondary Cluster datacenter succeeds, but then failing back over to the original primary Cluster datacenter failed to promote Elasticsearch indicies. {% comment %} https://github.com/github/github/pull/193180, https://github.com/github/github/pull/192447 {% endcomment %}' + - 'The Site Admin page for repository self-hosted runners returned an HTTP 500. {% comment %} https://github.com/github/github/pull/194205 {% endcomment %}' + - 'In some cases, GitHub Enterprise Administrators attempting to view the `Dormant users` page received `502 Bad Gateway` or `504 Gateway Timeout` response. {% comment %} https://github.com/github/github/pull/194259, https://github.com/github/github/pull/193609 {% endcomment %}' + changes: + - 'More effectively delete Webhook logs that fall out of the Webhook log retention window. {% comment %} https://github.com/github/enterprise2/pull/27157 {% endcomment %}' + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. diff --git a/data/release-notes/enterprise-server/3-1/9.yml b/data/release-notes/enterprise-server/3-1/9.yml new file mode 100644 index 0000000000..be28140c54 --- /dev/null +++ b/data/release-notes/enterprise-server/3-1/9.yml @@ -0,0 +1,28 @@ +date: '2021-10-12' +sections: + security_fixes: + - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/27035, https://github.com/github/enterprise2/pull/27010 {% endcomment %}' + bugs: + - 'Custom pre-receive hooks could have failed due to too restrictive virtual memory or CPU time limits. {% comment %} https://github.com/github/enterprise2/pull/26972, https://github.com/github/enterprise2/pull/26955 {% endcomment %}' + - 'Attempting to wipe all existing configuration settings with `ghe-cleanup-settings` failed to restart the Management Console service. {% comment %} https://github.com/github/enterprise2/pull/26987, https://github.com/github/enterprise2/pull/26901 {% endcomment %}' + - 'During replication teardown via `ghe-repl-teardown` Memcached failed to be restarted. {% comment %} https://github.com/github/enterprise2/pull/26993, https://github.com/github/enterprise2/pull/26983 {% endcomment %}' + - 'During periods of high load, users would receive HTTP 503 status codes when upstream services failed internal healthchecks. {% comment %} https://github.com/github/enterprise2/pull/27082, https://github.com/github/enterprise2/pull/26999 {% endcomment %}' + - 'With Actions configured, MSSQL replication would fail after restoring from a GitHub Enterprise Backup Utilities snapshot. {% comment %} https://github.com/github/enterprise2/pull/27097, https://github.com/github/enterprise2/pull/26254 {% endcomment %}' + - 'An erroneous `jq` error message may have been displayed when running `ghe-config-apply`. {% comment %} https://github.com/github/enterprise2/pull/27194, https://github.com/github/enterprise2/pull/26784 {% endcomment %}' + - 'Pre-receive hook environments were forbidden from calling the cat command via BusyBox on Alpine. {% comment %} https://github.com/github/enterprise2/pull/27115, https://github.com/github/enterprise2/pull/27094 {% endcomment %}' + - 'The external database password was logged in plaintext. {% comment %} https://github.com/github/enterprise2/pull/27173, https://github.com/github/enterprise2/pull/26413 {% endcomment %}' + - 'Failing over from a primary Cluster datacenter to a secondary Cluster datacenter succeeds, but then failing back over to the original primary Cluster datacenter failed to promote Elasticsearch indicies. {% comment %} https://github.com/github/github/pull/193181, https://github.com/github/github/pull/192447 {% endcomment %}' + - 'The "Import teams" button on the Teams page for an Organization returned an HTTP 404. {% comment %} https://github.com/github/github/pull/193302 {% endcomment %}' + - 'In some cases, GitHub Enterprise Administrators attempting to view the `Dormant users` page received `502 Bad Gateway` or `504 Gateway Timeout` response. {% comment %} https://github.com/github/github/pull/194260, https://github.com/github/github/pull/193609 {% endcomment %}' + - 'Performance was negatively impacted in certain high load situations as a result of the increased number of `SynchronizePullRequestJob` jobs. {% comment %} https://github.com/github/github/pull/195253, https://github.com/github/github/pull/194591 {% endcomment %}' + changes: + - 'More effectively delete Webhook logs that fall out of the Webhook log retention window. {% comment %} https://github.com/github/enterprise2/pull/27158 {% endcomment %}' + known_issues: + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - If {% data variables.product.prodname_actions %} is enabled for {% data variables.product.prodname_ghe_server %}, teardown of a replica node with `ghe-repl-teardown` will succeed, but may return `ERROR:Running migrations`. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. diff --git a/data/release-notes/enterprise-server/3-2/1.yml b/data/release-notes/enterprise-server/3-2/1.yml new file mode 100644 index 0000000000..9b770774ce --- /dev/null +++ b/data/release-notes/enterprise-server/3-2/1.yml @@ -0,0 +1,27 @@ +date: '2021-10-12' +sections: + security_fixes: + - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/27118, https://github.com/github/enterprise2/pull/27110 {% endcomment %}' + bugs: + - 'Custom pre-receive hooks could have failed due to too restrictive virtual memory or CPU time limits. {% comment %} https://github.com/github/enterprise2/pull/26973, https://github.com/github/enterprise2/pull/26955 {% endcomment %}' + - 'In a GitHub Enterprise Server clustering configuration, Dependency Graph settings could have been incorrectly applied. {% comment %} https://github.com/github/enterprise2/pull/26981, https://github.com/github/enterprise2/pull/26861 {% endcomment %}' + - 'Attempting to wipe all existing configuration settings with `ghe-cleanup-settings` failed to restart the Management Console service. {% comment %} https://github.com/github/enterprise2/pull/26988, https://github.com/github/enterprise2/pull/26901 {% endcomment %}' + - 'During replication teardown via `ghe-repl-teardown` Memcached failed to be restarted. {% comment %} https://github.com/github/enterprise2/pull/26994, https://github.com/github/enterprise2/pull/26983 {% endcomment %}' + - 'During periods of high load, users would receive HTTP 503 status codes when upstream services failed internal healthchecks. {% comment %} https://github.com/github/enterprise2/pull/27083, https://github.com/github/enterprise2/pull/26999 {% endcomment %}' + - 'Pre-receive hook environments were forbidden from calling the cat command via BusyBox on Alpine. {% comment %} https://github.com/github/enterprise2/pull/27116, https://github.com/github/enterprise2/pull/27094 {% endcomment %}' + - 'Failing over from a primary Cluster datacenter to a secondary Cluster datacenter succeeds, but then failing back over to the original primary Cluster datacenter failed to promote Elasticsearch indicies. {% comment %} https://github.com/github/github/pull/193182, https://github.com/github/github/pull/192447 {% endcomment %}' + - 'The "Import teams" button on the Teams page for an Organization returned an HTTP 404. {% comment %} https://github.com/github/github/pull/193303 {% endcomment %}' + - 'Using the API to disable Secret Scanning correctly disabled the property but incorrectly returned an HTTP 422 and an error message. {% comment %} https://github.com/github/github/pull/193455, https://github.com/github/github/pull/192907 {% endcomment %}' + - 'In some cases, GitHub Enterprise Administrators attempting to view the `Dormant users` page received `502 Bad Gateway` or `504 Gateway Timeout` response. {% comment %} https://github.com/github/github/pull/194262, https://github.com/github/github/pull/193609 {% endcomment %}' + - 'Performance was negatively impacted in certain high load situations as a result of the increased number of `SynchronizePullRequestJob` jobs. {% comment %} https://github.com/github/github/pull/195256, https://github.com/github/github/pull/194591 {% endcomment %}' + - 'A user defined pattern created for Secret Scanning would continue getting scanned even after it was deleted. {% comment %} https://github.com/github/token-scanning-service/pull/1039, https://github.com/github/token-scanning-service/pull/822 {% endcomment %}' + changes: + - 'GitHub Apps now set the Secret Scanning feature on a repository consistently with the API. {% comment %} https://github.com/github/github/pull/193456, https://github.com/github/github/pull/193125 {% endcomment %}' + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. diff --git a/data/reusables/dependabot/dependabot-alerts-beta.md b/data/reusables/dependabot/dependabot-alerts-beta.md new file mode 100644 index 0000000000..f353647fdd --- /dev/null +++ b/data/reusables/dependabot/dependabot-alerts-beta.md @@ -0,0 +1,7 @@ +{% ifversion ghae-issue-4864 %} +{% note %} + +**Note:** {% data variables.product.prodname_dependabot_alerts %} is currently in beta and is subject to change. + +{% endnote %} +{% endif %} \ No newline at end of file diff --git a/data/reusables/dependabot/dependabot-alerts-dependency-graph-enterprise.md b/data/reusables/dependabot/dependabot-alerts-dependency-graph-enterprise.md new file mode 100644 index 0000000000..893925af22 --- /dev/null +++ b/data/reusables/dependabot/dependabot-alerts-dependency-graph-enterprise.md @@ -0,0 +1,3 @@ +{% ifversion ghes or ghae-issue-4864 %} +The dependency graph and {% data variables.product.prodname_dependabot_alerts %} are configured at an enterprise level by the enterprise owner. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)." +{% endif %} \ No newline at end of file diff --git a/data/reusables/notifications-v2/custom-notification-types.md b/data/reusables/notifications-v2/custom-notification-types.md index 2299c52284..764de9a21f 100644 --- a/data/reusables/notifications-v2/custom-notification-types.md +++ b/data/reusables/notifications-v2/custom-notification-types.md @@ -1,2 +1,5 @@ -{%- ifversion fpt or ghes > 3.1 or ghae-issue-4910 %}issues, pulls requests, releases, security alerts, or discussions{% endif %} -{%- ifversion ghes = 3.1 %}issues, pull requests, releases, or discussions{% endif %} +{%- ifversion fpt or ghes > 3.1 or ghae-issue-4910 %} +issues, pulls requests, releases, security alerts, or discussions +{%- else %}issues, pull requests, releases, or discussions +{% endif %} + \ No newline at end of file diff --git a/data/reusables/notifications/vulnerable-dependency-notification-delivery-method-customization.md b/data/reusables/notifications/vulnerable-dependency-notification-delivery-method-customization.md index 5dcf1f62d3..6a3d822bf9 100644 --- a/data/reusables/notifications/vulnerable-dependency-notification-delivery-method-customization.md +++ b/data/reusables/notifications/vulnerable-dependency-notification-delivery-method-customization.md @@ -1,5 +1,3 @@ -{% ifversion fpt %} +{% ifversion fpt or ghes or ghae-issue-4864 %} You can choose the delivery method and frequency of notifications about {% data variables.product.prodname_dependabot_alerts %} on repositories that you are watching or where you have subscribed to notifications for security alerts. -{% else %} -You can choose the delivery method for notifications about {% ifversion ghes %}{% data variables.product.prodname_dependabot_alerts %}{% else %}security alerts{% endif %} on repositories that you are watching, as well as the frequency at which the notifications are sent to you. {% endif %} diff --git a/data/reusables/notifications/vulnerable-dependency-notification-options.md b/data/reusables/notifications/vulnerable-dependency-notification-options.md index 8755ccfbd1..cda795559e 100644 --- a/data/reusables/notifications/vulnerable-dependency-notification-options.md +++ b/data/reusables/notifications/vulnerable-dependency-notification-options.md @@ -1,15 +1,15 @@ -{% ifversion fpt or ghes > 3.1 %} -{% ifversion fpt %}By default, you will receive notifications:{% endif %}{% ifversion ghes > 3.1 %}By default, if your site administrator has configured email for notifications on your instance, you will receive {% data variables.product.prodname_dependabot_alerts %}:{% endif %} +{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %} +{% ifversion fpt %}By default, you will receive notifications:{% endif %}{% ifversion ghes > 3.1 or ghae-issue-4864 %}By default, if your enterprise owner has configured email for notifications on your instance, you will receive {% data variables.product.prodname_dependabot_alerts %}:{% endif %} - by email, an email is sent when {% data variables.product.prodname_dependabot %} is enabled for a repository, when a new manifest file is committed to the repository, and when a new vulnerability with a critical or high severity is found (**Email each time a vulnerability is found** option). - in the user interface, a warning is shown in your repository's file and code views if there are any vulnerable dependencies (**UI alerts** option). - on the command line, warnings are displayed as callbacks when you push to repositories with any vulnerable dependencies (**Command Line** option). -- in your inbox, as web notifications. A web notification is sent when {% data variables.product.prodname_dependabot %} is enabled for a repository, when a new manifest file is committed to the repository, and when a new vulnerability with a critical or high severity is found (**Web** option). -- on {% data variables.product.prodname_mobile %}, as web notifications. For more information, see "[Enabling push notifications with GitHub for mobile](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#enabling-push-notifications-with-github-for-mobile)." +- in your inbox, as web notifications. A web notification is sent when {% data variables.product.prodname_dependabot %} is enabled for a repository, when a new manifest file is committed to the repository, and when a new vulnerability with a critical or high severity is found (**Web** option).{% ifversion not ghae %} +- on {% data variables.product.prodname_mobile %}, as web notifications. For more information, see "[Enabling push notifications with GitHub for mobile](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#enabling-push-notifications-with-github-for-mobile)."{% endif %} {% note %} -**Note:** The email and web/{% data variables.product.prodname_mobile %} notifications are: +**Note:** The email and web{% ifversion not ghae %}/{% data variables.product.prodname_mobile %}{% endif %} notifications are: - _per repository_ when {% data variables.product.prodname_dependabot %} is enabled on the repository, or when a new manifest file is committed to the repository. diff --git a/data/reusables/repositories/dependency-review.md b/data/reusables/repositories/dependency-review.md index 26db7a1360..4c29e05ad2 100644 --- a/data/reusables/repositories/dependency-review.md +++ b/data/reusables/repositories/dependency-review.md @@ -1,3 +1,3 @@ -{% ifversion fpt or ghes > 3.1 %} +{% ifversion fpt or ghes > 3.1 or ghae-issue-4864 %} Additionally, {% data variables.product.prodname_dotcom %} can review any dependencies added, updated, or removed in a pull request made against the default branch of a repository, and flag any changes that would introduce a vulnerability into your project. This allows you to spot and deal with vulnerable dependencies before, rather than after, they reach your codebase. For more information, see "[Reviewing dependency changes in a pull request](/github/collaborating-with-issues-and-pull-requests/reviewing-dependency-changes-in-a-pull-request)." {% endif %} diff --git a/data/reusables/repositories/enable-security-alerts.md b/data/reusables/repositories/enable-security-alerts.md index a0128f368c..66d4792347 100644 --- a/data/reusables/repositories/enable-security-alerts.md +++ b/data/reusables/repositories/enable-security-alerts.md @@ -1,3 +1,3 @@ -{% ifversion ghes %} -Your site administrator must enable {% data variables.product.prodname_dependabot %} alerts for vulnerable dependencies for {% data variables.product.product_location %} before you can use this feature. For more information, see "[Enabling alerts for vulnerable dependencies on {% data variables.product.prodname_ghe_server %}](/admin/configuration/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server)." +{% ifversion ghes or ghae-issue-4864 %} +Enterprise owners must enable {% data variables.product.prodname_dependabot %} alerts for vulnerable dependencies for {% data variables.product.product_location %} before you can use this feature. For more information, see "[Enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} on your enterprise account](/admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-the-dependency-graph-and-dependabot-alerts-on-your-enterprise-account)." {% endif %} diff --git a/data/reusables/secret-scanning/partner-secret-list-private-repo.md b/data/reusables/secret-scanning/partner-secret-list-private-repo.md index 6d861afeb4..5dcc5da963 100644 --- a/data/reusables/secret-scanning/partner-secret-list-private-repo.md +++ b/data/reusables/secret-scanning/partner-secret-list-private-repo.md @@ -250,6 +250,8 @@ Tableau | Tableau Personal Access Token | tableau_personal_access_token{% endif Telegram | Telegram Bot Token | telegram_bot_token{% endif %} {%- ifversion fpt or ghes > 2.22 or ghae %} Tencent Cloud | Tencent Cloud Secret ID | tencent_cloud_secret_id{% endif %} +{%- ifversion fpt or ghes > 3.3 %} +Twilio | Twilio Access Token | twilio_access_token{% endif %} {%- ifversion fpt or ghes > 2.22 or ghae %} Twilio | Twilio Account String Identifier | twilio_account_sid{% endif %} {%- ifversion fpt or ghes > 2.22 or ghae %} diff --git a/lib/languages.js b/lib/languages.js index 145df84cd0..dc0e9bfc63 100644 --- a/lib/languages.js +++ b/lib/languages.js @@ -31,7 +31,7 @@ const languages = { nativeName: 'Español', code: 'es', hreflang: 'es', - dir: 'translations/es-XL', + dir: 'translations/es-ES', wip: false, }, pt: { diff --git a/lib/search/indexes/github-docs-2.22-cn-records.json.br b/lib/search/indexes/github-docs-2.22-cn-records.json.br deleted file mode 100644 index 72565b03db..0000000000 --- a/lib/search/indexes/github-docs-2.22-cn-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b9c98b4407becaffe887f6b36e44460424af9deaef44b17fabb67d3e270588c0 -size 527287 diff --git a/lib/search/indexes/github-docs-2.22-cn.json.br b/lib/search/indexes/github-docs-2.22-cn.json.br deleted file mode 100644 index cd724312bd..0000000000 --- a/lib/search/indexes/github-docs-2.22-cn.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:852d5b9e655e5ee3eb6cdf20f275ff998259fab7fc37ad8d6a329687aaaa0e9b -size 883232 diff --git a/lib/search/indexes/github-docs-2.22-de-records.json.br b/lib/search/indexes/github-docs-2.22-de-records.json.br deleted file mode 100644 index e77afc3c16..0000000000 --- a/lib/search/indexes/github-docs-2.22-de-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6927172c000d51700dc637693798c4867cd92931acff77d562d75733bcdcb05f -size 481204 diff --git a/lib/search/indexes/github-docs-2.22-de.json.br b/lib/search/indexes/github-docs-2.22-de.json.br deleted file mode 100644 index 9053e61542..0000000000 --- a/lib/search/indexes/github-docs-2.22-de.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bb7ebbb71348ae0f08aecdf891f065d097ae6b03c8ce8543d21e5b6584387dc1 -size 2140116 diff --git a/lib/search/indexes/github-docs-2.22-en-records.json.br b/lib/search/indexes/github-docs-2.22-en-records.json.br deleted file mode 100644 index 2c6d5cd377..0000000000 --- a/lib/search/indexes/github-docs-2.22-en-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:58184479bc89876faafdd6ee866cee68e257116f9775d19252a13e7a00421da4 -size 433922 diff --git a/lib/search/indexes/github-docs-2.22-en.json.br b/lib/search/indexes/github-docs-2.22-en.json.br deleted file mode 100644 index 970d7cc200..0000000000 --- a/lib/search/indexes/github-docs-2.22-en.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:74a75bf1bdac774811798e7d90edad2a75a6906d16178fea1c7ad7f6841e3316 -size 1694823 diff --git a/lib/search/indexes/github-docs-2.22-es-records.json.br b/lib/search/indexes/github-docs-2.22-es-records.json.br deleted file mode 100644 index 54ddaff43e..0000000000 --- a/lib/search/indexes/github-docs-2.22-es-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6cac7c9bd4da40d4efbf80065ce1e2f66a5e10397941c4dec2a49ca684ecc518 -size 187121 diff --git a/lib/search/indexes/github-docs-2.22-es.json.br b/lib/search/indexes/github-docs-2.22-es.json.br deleted file mode 100644 index 74ecd8562c..0000000000 --- a/lib/search/indexes/github-docs-2.22-es.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6050dfe01f42a314deb599aec39368a88cb8aa3add5259235590dc409f5a371e -size 658076 diff --git a/lib/search/indexes/github-docs-2.22-ja-records.json.br b/lib/search/indexes/github-docs-2.22-ja-records.json.br deleted file mode 100644 index e9fadadc61..0000000000 --- a/lib/search/indexes/github-docs-2.22-ja-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7bdc7f970fec61fbc08833bde2da1ae983533517925320fbe89d4a65c1b4f376 -size 547746 diff --git a/lib/search/indexes/github-docs-2.22-ja.json.br b/lib/search/indexes/github-docs-2.22-ja.json.br deleted file mode 100644 index be136bd81a..0000000000 --- a/lib/search/indexes/github-docs-2.22-ja.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9b95d74597160c63e295d1cdd49fdd3eea2ec1bdce47ed47737f7301bcbb2663 -size 2898913 diff --git a/lib/search/indexes/github-docs-2.22-pt-records.json.br b/lib/search/indexes/github-docs-2.22-pt-records.json.br deleted file mode 100644 index a942ebc505..0000000000 --- a/lib/search/indexes/github-docs-2.22-pt-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3eddc142174b2ac69bf023a83ba01349e20f904455c7c1f3bbcefa052e100035 -size 457000 diff --git a/lib/search/indexes/github-docs-2.22-pt.json.br b/lib/search/indexes/github-docs-2.22-pt.json.br deleted file mode 100644 index 3af5593556..0000000000 --- a/lib/search/indexes/github-docs-2.22-pt.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c1089f68df3504511d658a737367a2c5e51a3f85773e7dd30edb4a0a4f68b820 -size 1887397 diff --git a/lib/search/indexes/github-docs-3.0-cn-records.json.br b/lib/search/indexes/github-docs-3.0-cn-records.json.br deleted file mode 100644 index 337581bf53..0000000000 --- a/lib/search/indexes/github-docs-3.0-cn-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4ad2ca4384e98d884640658cc6b4391cf2c499c76f4614da6340c03d1cc2fc1e -size 547152 diff --git a/lib/search/indexes/github-docs-3.0-cn.json.br b/lib/search/indexes/github-docs-3.0-cn.json.br deleted file mode 100644 index bfa8185dc9..0000000000 --- a/lib/search/indexes/github-docs-3.0-cn.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:77e5f16c7bc9d71c5b2db14e218b6006f047930763b8f378780d0b9c228683b8 -size 922689 diff --git a/lib/search/indexes/github-docs-3.0-de-records.json.br b/lib/search/indexes/github-docs-3.0-de-records.json.br deleted file mode 100644 index 3160e03a86..0000000000 --- a/lib/search/indexes/github-docs-3.0-de-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a8de831d9644c521cc2d7de6660c562783f3ae016091965517822468f2a8be58 -size 501747 diff --git a/lib/search/indexes/github-docs-3.0-de.json.br b/lib/search/indexes/github-docs-3.0-de.json.br deleted file mode 100644 index 4626fceb45..0000000000 --- a/lib/search/indexes/github-docs-3.0-de.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a8f6ead14bc8e25e92af94c8def0cd809e97899d9540b7d5de6c12c2b72fdc73 -size 2246553 diff --git a/lib/search/indexes/github-docs-3.0-en-records.json.br b/lib/search/indexes/github-docs-3.0-en-records.json.br deleted file mode 100644 index 38f5d09be3..0000000000 --- a/lib/search/indexes/github-docs-3.0-en-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:eea451b16ba7bddf6c4df029ee09a348bdf56ca47afa3542bed512edcd88dc41 -size 453293 diff --git a/lib/search/indexes/github-docs-3.0-en.json.br b/lib/search/indexes/github-docs-3.0-en.json.br deleted file mode 100644 index d123056428..0000000000 --- a/lib/search/indexes/github-docs-3.0-en.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:94aa4b6e23ecac077f304f3628b1f4c6ce4b1c4d8b32f510020144499bb68df2 -size 1770622 diff --git a/lib/search/indexes/github-docs-3.0-es-records.json.br b/lib/search/indexes/github-docs-3.0-es-records.json.br deleted file mode 100644 index 9fa0194e49..0000000000 --- a/lib/search/indexes/github-docs-3.0-es-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:06e0985d368615f5b39a894f3a285bafca51a29838728b7c20f68c5470192ae7 -size 185680 diff --git a/lib/search/indexes/github-docs-3.0-es.json.br b/lib/search/indexes/github-docs-3.0-es.json.br deleted file mode 100644 index a2ac83825b..0000000000 --- a/lib/search/indexes/github-docs-3.0-es.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c32d7da3e28d73acdfac8b120164ccc4b603a6d59808da1988912e17077db3f9 -size 650040 diff --git a/lib/search/indexes/github-docs-3.0-ja-records.json.br b/lib/search/indexes/github-docs-3.0-ja-records.json.br deleted file mode 100644 index 510955f25f..0000000000 --- a/lib/search/indexes/github-docs-3.0-ja-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:441de5be577317415c6ecc5f6037678a64f9dd2dc308da5c942bceb6b72da6c6 -size 570026 diff --git a/lib/search/indexes/github-docs-3.0-ja.json.br b/lib/search/indexes/github-docs-3.0-ja.json.br deleted file mode 100644 index 742d3ac6f2..0000000000 --- a/lib/search/indexes/github-docs-3.0-ja.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:26f9518ff8457d86cd215cb7b8a0edeffee1d119b2349d63dd541ba87514f985 -size 3022799 diff --git a/lib/search/indexes/github-docs-3.0-pt-records.json.br b/lib/search/indexes/github-docs-3.0-pt-records.json.br deleted file mode 100644 index a88e084813..0000000000 --- a/lib/search/indexes/github-docs-3.0-pt-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:994ab2e9c223e6e2b532cbb62f6395d7fb151b3e26f699dc80ae2d3bff3b2ac9 -size 477427 diff --git a/lib/search/indexes/github-docs-3.0-pt.json.br b/lib/search/indexes/github-docs-3.0-pt.json.br deleted file mode 100644 index e0733328e6..0000000000 --- a/lib/search/indexes/github-docs-3.0-pt.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9d5ba80373540723e5364ad35d7a03ee9cf147772fc75ddace33638c1f32260e -size 1971206 diff --git a/lib/search/indexes/github-docs-3.1-cn-records.json.br b/lib/search/indexes/github-docs-3.1-cn-records.json.br deleted file mode 100644 index 7794f54b91..0000000000 --- a/lib/search/indexes/github-docs-3.1-cn-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1e431308adf28d3cc990ed968b34d886aad9680c3c5026b365454262b22e718a -size 560744 diff --git a/lib/search/indexes/github-docs-3.1-cn.json.br b/lib/search/indexes/github-docs-3.1-cn.json.br deleted file mode 100644 index 909978719c..0000000000 --- a/lib/search/indexes/github-docs-3.1-cn.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:868faf225dabc84d8cd8c44170a3d035555c16ef6bb9e18204bcedcb54699aac -size 950744 diff --git a/lib/search/indexes/github-docs-3.1-de-records.json.br b/lib/search/indexes/github-docs-3.1-de-records.json.br deleted file mode 100644 index edc1c71e5a..0000000000 --- a/lib/search/indexes/github-docs-3.1-de-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1fd821abe95d5cde4aa1522f83003eef2a9e9860d6d4c8a261450531b4eadfb7 -size 511696 diff --git a/lib/search/indexes/github-docs-3.1-de.json.br b/lib/search/indexes/github-docs-3.1-de.json.br deleted file mode 100644 index 4b7b93a78a..0000000000 --- a/lib/search/indexes/github-docs-3.1-de.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:df7734993cd902db0baa198c881f8cde87ed3e0d70463cb3302538993c01453e -size 2304208 diff --git a/lib/search/indexes/github-docs-3.1-en-records.json.br b/lib/search/indexes/github-docs-3.1-en-records.json.br deleted file mode 100644 index 5fc07aa5c6..0000000000 --- a/lib/search/indexes/github-docs-3.1-en-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7f4557561b7310abc0732f9f37bbdbe3bed305f514fcead6429627a1c752daaa -size 463449 diff --git a/lib/search/indexes/github-docs-3.1-en.json.br b/lib/search/indexes/github-docs-3.1-en.json.br deleted file mode 100644 index bc9eaeffac..0000000000 --- a/lib/search/indexes/github-docs-3.1-en.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d5b0db78fbf9c001d800045eee5bb295f7404a152663b9c6ad66ffeaeac3e716 -size 1813270 diff --git a/lib/search/indexes/github-docs-3.1-es-records.json.br b/lib/search/indexes/github-docs-3.1-es-records.json.br deleted file mode 100644 index 9b81032073..0000000000 --- a/lib/search/indexes/github-docs-3.1-es-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8c4cc2e668dab9da1beadee42dd8a5940accbc754e4fbe478a0a34adf2821d67 -size 185776 diff --git a/lib/search/indexes/github-docs-3.1-es.json.br b/lib/search/indexes/github-docs-3.1-es.json.br deleted file mode 100644 index 1093cd272b..0000000000 --- a/lib/search/indexes/github-docs-3.1-es.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:25149adac341cd74eabc94b655bef6e19a44bc873fe7c69f5b1a7c306cb7464d -size 650060 diff --git a/lib/search/indexes/github-docs-3.1-ja-records.json.br b/lib/search/indexes/github-docs-3.1-ja-records.json.br deleted file mode 100644 index d6d0925f18..0000000000 --- a/lib/search/indexes/github-docs-3.1-ja-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:aee889d57fc28ab42f773735b662b6b38312606220bf97edb3b5fd647c036fa2 -size 583073 diff --git a/lib/search/indexes/github-docs-3.1-ja.json.br b/lib/search/indexes/github-docs-3.1-ja.json.br deleted file mode 100644 index 683d705a1e..0000000000 --- a/lib/search/indexes/github-docs-3.1-ja.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:978b565e0f5d996c881ed2193f65cf9bd254cd2672fa9b7392502880f6f7d9f1 -size 3100628 diff --git a/lib/search/indexes/github-docs-3.1-pt-records.json.br b/lib/search/indexes/github-docs-3.1-pt-records.json.br deleted file mode 100644 index a0f09038e9..0000000000 --- a/lib/search/indexes/github-docs-3.1-pt-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d7abd542ebe726faeadc61a1e2012f95508283333300bf98315a877584b4da0e -size 487616 diff --git a/lib/search/indexes/github-docs-3.1-pt.json.br b/lib/search/indexes/github-docs-3.1-pt.json.br deleted file mode 100644 index 6b834c1eaa..0000000000 --- a/lib/search/indexes/github-docs-3.1-pt.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:07d6e75cee01579a445f3246414869b825e53254135b9ac8deb950a4555aaf35 -size 2017394 diff --git a/lib/search/indexes/github-docs-3.2-cn-records.json.br b/lib/search/indexes/github-docs-3.2-cn-records.json.br deleted file mode 100644 index a565837e04..0000000000 --- a/lib/search/indexes/github-docs-3.2-cn-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:496476b56bb8dfee67e88e19ac75f1a3c0e62ea383b4e1645853dbb52b4cdc2e -size 571543 diff --git a/lib/search/indexes/github-docs-3.2-cn.json.br b/lib/search/indexes/github-docs-3.2-cn.json.br deleted file mode 100644 index 0e1bb5d00d..0000000000 --- a/lib/search/indexes/github-docs-3.2-cn.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8782a7ba0313207b6824376bea6512d975ddaebd448a1e1bccbd95e6f513894e -size 970749 diff --git a/lib/search/indexes/github-docs-3.2-de-records.json.br b/lib/search/indexes/github-docs-3.2-de-records.json.br deleted file mode 100644 index ddb7065d3d..0000000000 --- a/lib/search/indexes/github-docs-3.2-de-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:930f1a4752fc5ce93725d119fed654b3cdfcd3d95da4b0f85dfab5cfd3098b39 -size 520560 diff --git a/lib/search/indexes/github-docs-3.2-de.json.br b/lib/search/indexes/github-docs-3.2-de.json.br deleted file mode 100644 index 235125cf4e..0000000000 --- a/lib/search/indexes/github-docs-3.2-de.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:39521f82e1214063627cdbba0fd10048cfc3828d63e088684f34308ac0165c9d -size 2352023 diff --git a/lib/search/indexes/github-docs-3.2-en-records.json.br b/lib/search/indexes/github-docs-3.2-en-records.json.br deleted file mode 100644 index 44d623400b..0000000000 --- a/lib/search/indexes/github-docs-3.2-en-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5cdb4d223fe3e03f554dbbe21295a446b3330e4eb013f00f9bf2f4170ecd3a52 -size 472997 diff --git a/lib/search/indexes/github-docs-3.2-en.json.br b/lib/search/indexes/github-docs-3.2-en.json.br deleted file mode 100644 index 1e86fd2147..0000000000 --- a/lib/search/indexes/github-docs-3.2-en.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0cad38cfd37eff7aa8ef793ac02264ecca5ddc8001110ac3f7682b572284a695 -size 1846644 diff --git a/lib/search/indexes/github-docs-3.2-es-records.json.br b/lib/search/indexes/github-docs-3.2-es-records.json.br deleted file mode 100644 index 3f27d9e60c..0000000000 --- a/lib/search/indexes/github-docs-3.2-es-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3e7847b5ae76b0fe0230b9b546d94861bf726b905cff894173f8203e3df00498 -size 185605 diff --git a/lib/search/indexes/github-docs-3.2-es.json.br b/lib/search/indexes/github-docs-3.2-es.json.br deleted file mode 100644 index da4c083387..0000000000 --- a/lib/search/indexes/github-docs-3.2-es.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1056973d952a81b6a3f712774d84967a1cf11eefa0aff2cbfd0bca4c6850ae05 -size 650093 diff --git a/lib/search/indexes/github-docs-3.2-ja-records.json.br b/lib/search/indexes/github-docs-3.2-ja-records.json.br deleted file mode 100644 index 63fe41c213..0000000000 --- a/lib/search/indexes/github-docs-3.2-ja-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ac38a60ae9c73ba6b66f5a6c3f2548510234483ac90afb103bb80ae97d893c91 -size 593557 diff --git a/lib/search/indexes/github-docs-3.2-ja.json.br b/lib/search/indexes/github-docs-3.2-ja.json.br deleted file mode 100644 index 5772f4731b..0000000000 --- a/lib/search/indexes/github-docs-3.2-ja.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d6c26257bd9858b9d25e251f2749338d316c263730e2e7473846540b0ec6eec4 -size 3165535 diff --git a/lib/search/indexes/github-docs-3.2-pt-records.json.br b/lib/search/indexes/github-docs-3.2-pt-records.json.br deleted file mode 100644 index bf8a410cea..0000000000 --- a/lib/search/indexes/github-docs-3.2-pt-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:99e54ddc89e2e734b8c7fa07c2e019f5dcf7c0118b98ce74f387dc4e1a29036d -size 497274 diff --git a/lib/search/indexes/github-docs-3.2-pt.json.br b/lib/search/indexes/github-docs-3.2-pt.json.br deleted file mode 100644 index 971cebab60..0000000000 --- a/lib/search/indexes/github-docs-3.2-pt.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ccadc47ccdae47636acbddeb2a84fa1ff9984c8461281f41b1ac0a27ea259922 -size 2055953 diff --git a/lib/search/indexes/github-docs-dotcom-cn-records.json.br b/lib/search/indexes/github-docs-dotcom-cn-records.json.br deleted file mode 100644 index 3a9bba8d4d..0000000000 --- a/lib/search/indexes/github-docs-dotcom-cn-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3697daa05ea32a7a53a4f91b66ec4f2a5932b80cb828b56cb2813504d40359ba -size 782106 diff --git a/lib/search/indexes/github-docs-dotcom-cn.json.br b/lib/search/indexes/github-docs-dotcom-cn.json.br deleted file mode 100644 index f337ecfdb9..0000000000 --- a/lib/search/indexes/github-docs-dotcom-cn.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e5f06d826912e5f000d99912f20b0e1cb4394a4d7d79a7a7f45e293259a669c8 -size 1233091 diff --git a/lib/search/indexes/github-docs-dotcom-de-records.json.br b/lib/search/indexes/github-docs-dotcom-de-records.json.br deleted file mode 100644 index 6aa2c1bfe5..0000000000 --- a/lib/search/indexes/github-docs-dotcom-de-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c19a2607e61568044c51e4fa669814f6b3dbce2513e6d4986da24c1b58b75a2f -size 701370 diff --git a/lib/search/indexes/github-docs-dotcom-de.json.br b/lib/search/indexes/github-docs-dotcom-de.json.br deleted file mode 100644 index 75fb3614f9..0000000000 --- a/lib/search/indexes/github-docs-dotcom-de.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7c3fdabbae32963cae4c00dca5de1610ef4e85659e34fd915f9e3ea38cc11bac -size 3191317 diff --git a/lib/search/indexes/github-docs-dotcom-en-records.json.br b/lib/search/indexes/github-docs-dotcom-en-records.json.br deleted file mode 100644 index 19225c8bf0..0000000000 --- a/lib/search/indexes/github-docs-dotcom-en-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:21d338a89f7b0aec76983a86902cfbc35b3debb838f5edcd95023ad7a1b38dbf -size 639590 diff --git a/lib/search/indexes/github-docs-dotcom-en.json.br b/lib/search/indexes/github-docs-dotcom-en.json.br deleted file mode 100644 index 9769a11ab4..0000000000 --- a/lib/search/indexes/github-docs-dotcom-en.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:50da026aeb271f78ebb51ae67ed4ceac71932a454d423160c8c22205fd5a7a33 -size 2431106 diff --git a/lib/search/indexes/github-docs-dotcom-es-records.json.br b/lib/search/indexes/github-docs-dotcom-es-records.json.br deleted file mode 100644 index 2f274d3559..0000000000 --- a/lib/search/indexes/github-docs-dotcom-es-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:670daeb6bd1fd990df946a1e1d50874c6c9251f4a93c2a57fc2aa6e8f358513e -size 195114 diff --git a/lib/search/indexes/github-docs-dotcom-es.json.br b/lib/search/indexes/github-docs-dotcom-es.json.br deleted file mode 100644 index 8b481f23c3..0000000000 --- a/lib/search/indexes/github-docs-dotcom-es.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8d44aeb0b96cf964d36b7cdf64743ec1999ac269a5ad79a26618f6e25a44a80e -size 615760 diff --git a/lib/search/indexes/github-docs-dotcom-ja-records.json.br b/lib/search/indexes/github-docs-dotcom-ja-records.json.br deleted file mode 100644 index 9ac9722999..0000000000 --- a/lib/search/indexes/github-docs-dotcom-ja-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fc8fc8884e216555fef559f8fe524146efc434b6315fc2880a179a33f3f1b2aa -size 805691 diff --git a/lib/search/indexes/github-docs-dotcom-ja.json.br b/lib/search/indexes/github-docs-dotcom-ja.json.br deleted file mode 100644 index f5aeb28bde..0000000000 --- a/lib/search/indexes/github-docs-dotcom-ja.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:158ecd834c7be819b9333d981a2f1786a0663bf7783fb120ee3b8f52e481c543 -size 4233594 diff --git a/lib/search/indexes/github-docs-dotcom-pt-records.json.br b/lib/search/indexes/github-docs-dotcom-pt-records.json.br deleted file mode 100644 index 9c93782daf..0000000000 --- a/lib/search/indexes/github-docs-dotcom-pt-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:70c6e5e530315d24ce916a93c9f2e0ff326b3bc8b5035782ccb7373c24e24354 -size 676589 diff --git a/lib/search/indexes/github-docs-dotcom-pt.json.br b/lib/search/indexes/github-docs-dotcom-pt.json.br deleted file mode 100644 index 829ded3168..0000000000 --- a/lib/search/indexes/github-docs-dotcom-pt.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:300490b98d9c4c81f20215b33b3997c645e5c5fe7f07c65f370da628617cbc8b -size 2741677 diff --git a/lib/search/indexes/github-docs-ghae-cn-records.json.br b/lib/search/indexes/github-docs-ghae-cn-records.json.br deleted file mode 100644 index 4471d66e2e..0000000000 --- a/lib/search/indexes/github-docs-ghae-cn-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:51a5d4baad79309721af739482e97ee63a35d37df883cc692ed6f144b77d6f8f -size 437777 diff --git a/lib/search/indexes/github-docs-ghae-cn.json.br b/lib/search/indexes/github-docs-ghae-cn.json.br deleted file mode 100644 index 576a8fa020..0000000000 --- a/lib/search/indexes/github-docs-ghae-cn.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dce0e08c886705369c7ae099f9e72eab5c9eab1d2fe9f1ba00fe2823334a802b -size 712110 diff --git a/lib/search/indexes/github-docs-ghae-de-records.json.br b/lib/search/indexes/github-docs-ghae-de-records.json.br deleted file mode 100644 index 5335555c03..0000000000 --- a/lib/search/indexes/github-docs-ghae-de-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e48651db48c6467bbd05eb3b5b62fe5ef20790becb3acb36e76ba089996b470b -size 403986 diff --git a/lib/search/indexes/github-docs-ghae-de.json.br b/lib/search/indexes/github-docs-ghae-de.json.br deleted file mode 100644 index 08722142a8..0000000000 --- a/lib/search/indexes/github-docs-ghae-de.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7bffe7215d8e154f1029a4b75dae9bde3b17378e26fe9392f8c1608c55718733 -size 1758644 diff --git a/lib/search/indexes/github-docs-ghae-en-records.json.br b/lib/search/indexes/github-docs-ghae-en-records.json.br deleted file mode 100644 index babbcec456..0000000000 --- a/lib/search/indexes/github-docs-ghae-en-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9a3824ef5279357560424b915723475065367697ac053346c51996d31d9a3855 -size 365848 diff --git a/lib/search/indexes/github-docs-ghae-en.json.br b/lib/search/indexes/github-docs-ghae-en.json.br deleted file mode 100644 index 704dbe190f..0000000000 --- a/lib/search/indexes/github-docs-ghae-en.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:52365afdc1471004db71f24f3ba76e3b30583d493ff1a0681c827276f28afec3 -size 1360180 diff --git a/lib/search/indexes/github-docs-ghae-es-records.json.br b/lib/search/indexes/github-docs-ghae-es-records.json.br deleted file mode 100644 index 07cee357d3..0000000000 --- a/lib/search/indexes/github-docs-ghae-es-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f5928023baa8120607dc17abaa84668942c051b41e8b179947bf837f6d097efe -size 121276 diff --git a/lib/search/indexes/github-docs-ghae-es.json.br b/lib/search/indexes/github-docs-ghae-es.json.br deleted file mode 100644 index 39277a0761..0000000000 --- a/lib/search/indexes/github-docs-ghae-es.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:93896b781b0062d0f6f79c271cc51b4c2ae228e3924dd75b3e62af0c3150067b -size 386465 diff --git a/lib/search/indexes/github-docs-ghae-ja-records.json.br b/lib/search/indexes/github-docs-ghae-ja-records.json.br deleted file mode 100644 index 16c4fb42c9..0000000000 --- a/lib/search/indexes/github-docs-ghae-ja-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:93954ac7352f928853d9b74e3dc366acd11d26b6d19ab324838b584eab8f5763 -size 457256 diff --git a/lib/search/indexes/github-docs-ghae-ja.json.br b/lib/search/indexes/github-docs-ghae-ja.json.br deleted file mode 100644 index 127d5edf50..0000000000 --- a/lib/search/indexes/github-docs-ghae-ja.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2b1bfbefd764c95c52521b4d7f59ee654a75458db067440960a6d6702aa4bf85 -size 2322275 diff --git a/lib/search/indexes/github-docs-ghae-pt-records.json.br b/lib/search/indexes/github-docs-ghae-pt-records.json.br deleted file mode 100644 index 4f8f912eb4..0000000000 --- a/lib/search/indexes/github-docs-ghae-pt-records.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dfd6f41250bc39c68b0c7b80fc7edf207f474dd9e7f7f59c67776831ee962559 -size 385184 diff --git a/lib/search/indexes/github-docs-ghae-pt.json.br b/lib/search/indexes/github-docs-ghae-pt.json.br deleted file mode 100644 index c42b137612..0000000000 --- a/lib/search/indexes/github-docs-ghae-pt.json.br +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6595fc4141ceeacaa82cf88687172fb2528e379c508405a22873c3e695114b7f -size 1524269 diff --git a/package-lock.json b/package-lock.json index 92dccd2c8e..04dcb8bf96 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,7 @@ "@primer/octicons": "^15.1.0", "@primer/octicons-react": "^15.1.0", "accept-language-parser": "^1.5.0", - "ajv": "^8.4.0", + "ajv": "^8.6.3", "ajv-formats": "^2.1.1", "browser-date-formatter": "^3.0.3", "change-case": "^4.1.2", @@ -30,7 +30,7 @@ "dotenv": "^10.0.0", "express": "^4.17.1", "express-basic-auth": "^1.2.0", - "express-rate-limit": "^5.3.0", + "express-rate-limit": "^5.4.1", "express-timeout-handler": "^2.2.2", "flat": "^5.0.2", "github-slugger": "^1.4.0", @@ -90,27 +90,27 @@ "throng": "^5.0.0", "ts-dedent": "^2.2.0", "unified": "^10.1.0", - "unist-util-visit": "^4.0.0", + "unist-util-visit": "^4.1.0", "uuid": "^8.3.2", "walk-sync": "^3.0.0" }, "devDependencies": { "@actions/core": "^1.5.0", "@actions/github": "^5.0.0", - "@babel/core": "^7.15.5", + "@babel/core": "^7.15.8", "@babel/eslint-parser": "^7.15.4", "@babel/plugin-syntax-top-level-await": "^7.14.5", "@babel/plugin-transform-runtime": "^7.15.0", - "@babel/preset-env": "^7.15.6", + "@babel/preset-env": "^7.15.8", "@graphql-inspector/core": "^2.9.0", - "@graphql-tools/load": "^7.3.0", + "@graphql-tools/load": "^7.3.2", "@jest/globals": "^27.2.0", - "@octokit/rest": "^18.10.0", + "@octokit/rest": "^18.12.0", "@types/github-slugger": "^1.3.0", "@types/imurmurhash": "^0.1.1", "@types/js-cookie": "^2.2.7", "@types/lodash": "^4.14.175", - "@types/react": "^17.0.20", + "@types/react": "^17.0.27", "@types/react-dom": "^17.0.9", "@types/react-syntax-highlighter": "^13.5.2", "@types/uuid": "^8.3.1", @@ -137,7 +137,7 @@ "eslint-plugin-node": "^11.1.0", "eslint-plugin-promise": "^5.1.0", "event-to-promise": "^0.8.0", - "glob": "^7.1.7", + "glob": "^7.2.0", "graphql": "^15.5.3", "heroku-client": "^3.1.0", "http-status-code": "^2.1.0", @@ -149,7 +149,7 @@ "jest": "^27.2.0", "jest-github-actions-reporter": "^1.0.3", "jest-slow-test-reporter": "^1.0.0", - "linkinator": "^2.14.0", + "linkinator": "^2.14.4", "lint-staged": "^11.2.2", "make-promises-safe": "^5.1.0", "minimatch": "^3.0.4", @@ -236,19 +236,19 @@ } }, "node_modules/@babel/core": { - "version": "7.15.5", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.5.tgz", - "integrity": "sha512-pYgXxiwAgQpgM1bNkZsDEq85f0ggXMA5L7c+o3tskGMh2BunCI9QUwB9Z4jpvXUOuMdyGKiGKQiRe11VS6Jzvg==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.8.tgz", + "integrity": "sha512-3UG9dsxvYBMYwRv+gS41WKHno4K60/9GPy1CJaH6xy3Elq8CTtvtjT5R5jmNhXfCYLX2mTw+7/aq5ak/gOE0og==", "dependencies": { - "@babel/code-frame": "^7.14.5", - "@babel/generator": "^7.15.4", + "@babel/code-frame": "^7.15.8", + "@babel/generator": "^7.15.8", "@babel/helper-compilation-targets": "^7.15.4", - "@babel/helper-module-transforms": "^7.15.4", + "@babel/helper-module-transforms": "^7.15.8", "@babel/helpers": "^7.15.4", - "@babel/parser": "^7.15.5", + "@babel/parser": "^7.15.8", "@babel/template": "^7.15.4", "@babel/traverse": "^7.15.4", - "@babel/types": "^7.15.4", + "@babel/types": "^7.15.6", "convert-source-map": "^1.7.0", "debug": "^4.1.0", "gensync": "^1.0.0-beta.2", @@ -265,9 +265,9 @@ } }, "node_modules/@babel/core/node_modules/@babel/code-frame": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.14.5.tgz", - "integrity": "sha512-9pzDqyc6OLDaqe+zbACgFkb6fKMNG6CObKpnYXChRsvYGyEdc7CA2BaqeOM+vOtCS5ndmJicPJhKAwYRI6UfFw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.15.8.tgz", + "integrity": "sha512-2IAnmn8zbvC/jKYhq5Ki9I+DwjlrtMPUCH/CpHvqI4dNnlwHwsxoIhlc8WcYY5LSYknXQtAlFYuHfqAFCvQ4Wg==", "dependencies": { "@babel/highlight": "^7.14.5" }, @@ -341,11 +341,11 @@ } }, "node_modules/@babel/generator": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.15.4.tgz", - "integrity": "sha512-d3itta0tu+UayjEORPNz6e1T3FtvWlP5N4V5M+lhp/CxT4oAA7/NcScnpRyspUMLK6tu9MNHmQHxRykuN2R7hw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.15.8.tgz", + "integrity": "sha512-ECmAKstXbp1cvpTTZciZCgfOt6iN64lR0d+euv3UZisU5awfRawOvg07Utn/qBGuH4bRIEZKrA/4LzZyXhZr8g==", "dependencies": { - "@babel/types": "^7.15.4", + "@babel/types": "^7.15.6", "jsesc": "^2.5.1", "source-map": "^0.5.0" }, @@ -559,18 +559,18 @@ } }, "node_modules/@babel/helper-module-transforms": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.4.tgz", - "integrity": "sha512-9fHHSGE9zTC++KuXLZcB5FKgvlV83Ox+NLUmQTawovwlJ85+QMhk1CnVk406CQVj97LaWod6KVjl2Sfgw9Aktw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.8.tgz", + "integrity": "sha512-DfAfA6PfpG8t4S6npwzLvTUpp0sS7JrcuaMiy1Y5645laRJIp/LiLGIBbQKaXSInK8tiGNI7FL7L8UvB8gdUZg==", "dependencies": { "@babel/helper-module-imports": "^7.15.4", "@babel/helper-replace-supers": "^7.15.4", "@babel/helper-simple-access": "^7.15.4", "@babel/helper-split-export-declaration": "^7.15.4", - "@babel/helper-validator-identifier": "^7.14.9", + "@babel/helper-validator-identifier": "^7.15.7", "@babel/template": "^7.15.4", "@babel/traverse": "^7.15.4", - "@babel/types": "^7.15.4" + "@babel/types": "^7.15.6" }, "engines": { "node": ">=6.9.0" @@ -658,9 +658,9 @@ } }, "node_modules/@babel/helper-validator-identifier": { - "version": "7.14.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.14.9.tgz", - "integrity": "sha512-pQYxPY0UP6IHISRitNe8bsijHex4TWZXi2HwKVsjPiltzlhse2znVcm9Ace510VT1kxIHjGJCZZQBX2gJDbo0g==", + "version": "7.15.7", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.15.7.tgz", + "integrity": "sha512-K4JvCtQqad9OY2+yTU8w+E82ywk/fe+ELNlt1G8z3bVGlZfn/hOcQQsUhGhW/N+tb3fxK800wLtKOE/aM0m72w==", "engines": { "node": ">=6.9.0" } @@ -750,9 +750,9 @@ } }, "node_modules/@babel/parser": { - "version": "7.15.6", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.15.6.tgz", - "integrity": "sha512-S/TSCcsRuCkmpUuoWijua0Snt+f3ewU/8spLo+4AXJCZfT0bVCzLD5MuOKdrx0mlAptbKzn5AdgEIIKXxXkz9Q==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.15.8.tgz", + "integrity": "sha512-BRYa3wcQnjS/nqI8Ac94pYYpJfojHVvVXJ97+IDCImX4Jc8W8Xv1+47enbruk+q1etOpsQNwnfFcNGw+gtPGxA==", "bin": { "parser": "bin/babel-parser.js" }, @@ -778,9 +778,9 @@ } }, "node_modules/@babel/plugin-proposal-async-generator-functions": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.15.4.tgz", - "integrity": "sha512-2zt2g5vTXpMC3OmK6uyjvdXptbhBXfA77XGrd3gh93zwG8lZYBLOBImiGBEG0RANu3JqKEACCz5CGk73OJROBw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.15.8.tgz", + "integrity": "sha512-2Z5F2R2ibINTc63mY7FLqGfEbmofrHU9FitJW1Q7aPaKFhiPvSq6QEt/BoWN5oME3GVyjcRuNNSRbb9LC0CSWA==", "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.14.5", @@ -1697,13 +1697,13 @@ } }, "node_modules/@babel/plugin-transform-spread": { - "version": "7.14.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.14.6.tgz", - "integrity": "sha512-Zr0x0YroFJku7n7+/HH3A2eIrGMjbmAIbJSVv0IZ+t3U2WUQUA64S/oeied2e+MaGSjmt4alzBCsK9E8gh+fag==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.15.8.tgz", + "integrity": "sha512-/daZ8s2tNaRekl9YJa9X4bzjpeRZLt122cpgFnQPLGUe61PH8zMEBmYqKkW5xF5JUEh5buEGXJoQpqBmIbpmEQ==", "dev": true, "dependencies": { "@babel/helper-plugin-utils": "^7.14.5", - "@babel/helper-skip-transparent-expression-wrappers": "^7.14.5" + "@babel/helper-skip-transparent-expression-wrappers": "^7.15.4" }, "engines": { "node": ">=6.9.0" @@ -1789,9 +1789,9 @@ } }, "node_modules/@babel/preset-env": { - "version": "7.15.6", - "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.15.6.tgz", - "integrity": "sha512-L+6jcGn7EWu7zqaO2uoTDjjMBW+88FXzV8KvrBl2z6MtRNxlsmUNRlZPaNNPUTgqhyC5DHNFk/2Jmra+ublZWw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.15.8.tgz", + "integrity": "sha512-rCC0wH8husJgY4FPbHsiYyiLxSY8oMDJH7Rl6RQMknbN9oDDHhM9RDFvnGM2MgkbUJzSQB4gtuwygY5mCqGSsA==", "dev": true, "dependencies": { "@babel/compat-data": "^7.15.0", @@ -1799,7 +1799,7 @@ "@babel/helper-plugin-utils": "^7.14.5", "@babel/helper-validator-option": "^7.14.5", "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining": "^7.15.4", - "@babel/plugin-proposal-async-generator-functions": "^7.15.4", + "@babel/plugin-proposal-async-generator-functions": "^7.15.8", "@babel/plugin-proposal-class-properties": "^7.14.5", "@babel/plugin-proposal-class-static-block": "^7.15.4", "@babel/plugin-proposal-dynamic-import": "^7.14.5", @@ -1854,7 +1854,7 @@ "@babel/plugin-transform-regenerator": "^7.14.5", "@babel/plugin-transform-reserved-words": "^7.14.5", "@babel/plugin-transform-shorthand-properties": "^7.14.5", - "@babel/plugin-transform-spread": "^7.14.6", + "@babel/plugin-transform-spread": "^7.15.8", "@babel/plugin-transform-sticky-regex": "^7.14.5", "@babel/plugin-transform-template-literals": "^7.14.5", "@babel/plugin-transform-typeof-symbol": "^7.14.5", @@ -1863,7 +1863,7 @@ "@babel/preset-modules": "^0.1.4", "@babel/types": "^7.15.6", "babel-plugin-polyfill-corejs2": "^0.2.2", - "babel-plugin-polyfill-corejs3": "^0.2.2", + "babel-plugin-polyfill-corejs3": "^0.2.5", "babel-plugin-polyfill-regenerator": "^0.2.2", "core-js-compat": "^3.16.0", "semver": "^6.3.0" @@ -2171,13 +2171,13 @@ "dev": true }, "node_modules/@graphql-tools/load": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/@graphql-tools/load/-/load-7.3.0.tgz", - "integrity": "sha512-ZVipT7yzOpf/DJ2sLI3xGwnULVFp/icu7RFEgDo2ZX0WHiS7EjWZ0cegxEm87+WN4fMwpiysRLzWx67VIHwKGA==", + "version": "7.3.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/load/-/load-7.3.2.tgz", + "integrity": "sha512-tB03MGOlgKkoP6YyzIl/saTYshuLWxQy2JebhYL6gy3XsWmSE7ae1WAL3p+G0pyfw66HaMu905omyulu1VkfXw==", "dev": true, "dependencies": { "@graphql-tools/schema": "8.2.0", - "@graphql-tools/utils": "^8.2.0", + "@graphql-tools/utils": "^8.2.3", "p-limit": "3.1.0", "tslib": "~2.3.0" }, @@ -2247,9 +2247,9 @@ "dev": true }, "node_modules/@graphql-tools/utils": { - "version": "8.2.2", - "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.2.2.tgz", - "integrity": "sha512-29FFY5U4lpXuBiW9dRvuWnBVwGhWbGLa2leZcAMU/Pz47Cr/QLZGVgpLBV9rt+Gbs7wyIJM7t7EuksPs0RDm3g==", + "version": "8.2.5", + "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.2.5.tgz", + "integrity": "sha512-k/Rktklhy22dQfbJLKiLGfQymQCTr6Rd2BilC7g2Yk6wFSzVLYr8jeXNoTD+/p61XBQzBjTVayskvaMvNS3BDg==", "dev": true, "dependencies": { "tslib": "~2.3.0" @@ -3519,18 +3519,18 @@ } }, "node_modules/@octokit/openapi-types": { - "version": "10.1.5", - "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-10.1.5.tgz", - "integrity": "sha512-OoShNYzhAU8p8JbGHe1rRs1GIErRtmN2230AQCJAjL5lc0AUU5OhppVe6693HIZ2eCBLUhoLPhnnnmQ5ASH7Wg==", + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-11.0.0.tgz", + "integrity": "sha512-QeMW4h18cEm53ojYufACSRgq3rrQg4BibVcsHytXmbJ+otmXSelr1BCBCEi8q7nqGkYJyGQX30DoULENIgJ8BA==", "dev": true }, "node_modules/@octokit/plugin-paginate-rest": { - "version": "2.16.2", - "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.16.2.tgz", - "integrity": "sha512-WF5/MTPnFgYH6rMGuxBvbxX2S/3ygNWylakgD7njKES0Qwk5e+d/L6r/BYXSw7B6xJJ3hlwIAmUmOxxYrR+Q8A==", + "version": "2.16.8", + "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.16.8.tgz", + "integrity": "sha512-VZZYeNNwCkC2XoTUFouTpFdR2esSPuJb4U58iUxeYu4vQ1AUzCs6AI+gf4bL413CQ8DZhkxASflfLWzcp+9shQ==", "dev": true, "dependencies": { - "@octokit/types": "^6.27.2" + "@octokit/types": "^6.32.0" }, "peerDependencies": { "@octokit/core": ">=2" @@ -3546,12 +3546,12 @@ } }, "node_modules/@octokit/plugin-rest-endpoint-methods": { - "version": "5.10.3", - "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.10.3.tgz", - "integrity": "sha512-eAT4gje+VR9xdSlhuHWNXsNLpiODqdqz8jqShMgaxRH82Le2nS6EV6LAo3QPZ05Fso5oGmDfJF6eq9vs1cEhdA==", + "version": "5.12.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.12.0.tgz", + "integrity": "sha512-OD3Rv660YzXSmhTr8g8kpLvLq3Z5ADvLxtb9a8+1I4S2EqV6YQTHeJwVC5I6vwvV5tMmnj3oeRn7OWc0eODwQw==", "dev": true, "dependencies": { - "@octokit/types": "^6.27.2", + "@octokit/types": "^6.32.0", "deprecation": "^2.3.1" }, "peerDependencies": { @@ -3602,24 +3602,24 @@ } }, "node_modules/@octokit/rest": { - "version": "18.10.0", - "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-18.10.0.tgz", - "integrity": "sha512-esHR5OKy38bccL/sajHqZudZCvmv4yjovMJzyXlphaUo7xykmtOdILGJ3aAm0mFHmMLmPFmDMJXf39cAjNJsrw==", + "version": "18.12.0", + "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-18.12.0.tgz", + "integrity": "sha512-gDPiOHlyGavxr72y0guQEhLsemgVjwRePayJ+FcKc2SJqKUbxbkvf5kAZEWA/MKvsfYlQAMVzNJE3ezQcxMJ2Q==", "dev": true, "dependencies": { "@octokit/core": "^3.5.1", - "@octokit/plugin-paginate-rest": "^2.16.0", + "@octokit/plugin-paginate-rest": "^2.16.8", "@octokit/plugin-request-log": "^1.0.4", - "@octokit/plugin-rest-endpoint-methods": "^5.9.0" + "@octokit/plugin-rest-endpoint-methods": "^5.12.0" } }, "node_modules/@octokit/types": { - "version": "6.27.2", - "resolved": "https://registry.npmjs.org/@octokit/types/-/types-6.27.2.tgz", - "integrity": "sha512-AgajmAJh7LhStgaEaNoY1N7znst2q07CKZVdnVB/V4tmitMbk+qijmD0IkkSKulXE5RVLbJjQikJF9+XLqhsVA==", + "version": "6.32.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-6.32.0.tgz", + "integrity": "sha512-7CFlMfpX78PbvGnQZfQ3pD246RGTLITDnLCyYgTOtwNPIdTKMGs/8dJiZA3Fh5vXuZYqu/YHH32GboK7xnZ0ag==", "dev": true, "dependencies": { - "@octokit/openapi-types": "^10.1.5" + "@octokit/openapi-types": "^11.0.0" } }, "node_modules/@primer/components": { @@ -4115,9 +4115,9 @@ "integrity": "sha512-KfRL3PuHmqQLOG+2tGpRO26Ctg+Cq1E01D2DMriKEATHgWLfeNDmq9e29Q9WIky0dQ3NPkd1mzYH8Lm936Z9qw==" }, "node_modules/@types/react": { - "version": "17.0.20", - "resolved": "https://registry.npmjs.org/@types/react/-/react-17.0.20.tgz", - "integrity": "sha512-wWZrPlihslrPpcKyCSlmIlruakxr57/buQN1RjlIeaaTWDLtJkTtRW429MoQJergvVKc4IWBpRhWw7YNh/7GVA==", + "version": "17.0.27", + "resolved": "https://registry.npmjs.org/@types/react/-/react-17.0.27.tgz", + "integrity": "sha512-zgiJwtsggVGtr53MndV7jfiUESTqrbxOcBvwfe6KS/9bzaVPCTDieTWnFNecVNx6EAaapg5xsLLWFfHHR437AA==", "dependencies": { "@types/prop-types": "*", "@types/scheduler": "*", @@ -4903,9 +4903,9 @@ } }, "node_modules/ajv": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.4.0.tgz", - "integrity": "sha512-7QD2l6+KBSLwf+7MuYocbWvRPdOu63/trReTLu2KFwkgctnub1auoF+Y1WYcm09CTM7quuscrzqmASaLHC/K4Q==", + "version": "8.6.3", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.6.3.tgz", + "integrity": "sha512-SMJOdDP6LqTkD0Uq8qLi+gMwSt0imXLSV080qFVwJCpH9U6Mb+SUGHAXM0KNbcBPguytWyvFxcHgMLe2D2XSpw==", "dependencies": { "fast-deep-equal": "^3.1.1", "json-schema-traverse": "^1.0.0", @@ -5730,13 +5730,13 @@ } }, "node_modules/babel-plugin-polyfill-corejs3": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.2.4.tgz", - "integrity": "sha512-z3HnJE5TY/j4EFEa/qpQMSbcUJZ5JQi+3UFjXzn6pQCmIKc5Ug5j98SuYyH+m4xQnvKlMDIW4plLfgyVnd0IcQ==", + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.2.5.tgz", + "integrity": "sha512-ninF5MQNwAX9Z7c9ED+H2pGt1mXdP4TqzlHKyPIYmJIYz0N+++uwdM7RnJukklhzJ54Q84vA4ZJkgs7lu5vqcw==", "dev": true, "dependencies": { "@babel/helper-define-polyfill-provider": "^0.2.2", - "core-js-compat": "^3.14.0" + "core-js-compat": "^3.16.2" }, "peerDependencies": { "@babel/core": "^7.0.0-0" @@ -10476,9 +10476,9 @@ } }, "node_modules/express-rate-limit": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.3.0.tgz", - "integrity": "sha512-qJhfEgCnmteSeZAeuOKQ2WEIFTX5ajrzE0xS6gCOBCoRQcU+xEzQmgYQQTpzCcqUAAzTEtu4YEih4pnLfvNtew==" + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.4.1.tgz", + "integrity": "sha512-ZQh2h3qiu7wWdvWNYHznBhaOp2ZIXNnT4hl2Ff608STeWtCuJ251NzqQlk7mo5wnO2HmrydBYHuVA9Z3S3ZtXg==" }, "node_modules/express-timeout-handler": { "version": "2.2.2", @@ -11336,9 +11336,9 @@ "integrity": "sha512-w0dzqw/nt51xMVmlaV1+JRzN+oCa1KfcgGEWhxUG16wbdA+Xnt/yoFO8Z8x/V82ZcZ0wy6ln9QDup5avbhiDhQ==" }, "node_modules/glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", "dependencies": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -14776,16 +14776,16 @@ "dev": true }, "node_modules/linkinator": { - "version": "2.14.0", - "resolved": "https://registry.npmjs.org/linkinator/-/linkinator-2.14.0.tgz", - "integrity": "sha512-7OvAgx0Ml7vByog2NsMg3sH+cH8pZyvMt1BhQE6mGnyQONXtKQvzuynLCEFPznVgPpQBQ1onvDP2udyVafvINQ==", + "version": "2.14.4", + "resolved": "https://registry.npmjs.org/linkinator/-/linkinator-2.14.4.tgz", + "integrity": "sha512-ADxb8C9k9LUAHFZCsKZnB+TtxTqVPiL86zQpmMp9x+aarrhY9YBV12msb87C9IR9DBxaohonhIfMVvrJW4E7Wg==", "dev": true, "dependencies": { "chalk": "^4.0.0", - "cheerio": "^1.0.0-rc.10", "escape-html": "^1.0.3", "gaxios": "^4.0.0", "glob": "^7.1.6", + "htmlparser2": "^7.1.2", "jsonexport": "^3.0.0", "marked": "^2.0.0", "meow": "^9.0.0", @@ -14888,6 +14888,82 @@ "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, + "node_modules/linkinator/node_modules/dom-serializer": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.3.2.tgz", + "integrity": "sha512-5c54Bk5Dw4qAxNOI1pFEizPSjVsx5+bpJKmL2kPn8JhBUq2q09tTCa3mjijun2NfK78NMouDYNMBkOrPZiS+ig==", + "dev": true, + "dependencies": { + "domelementtype": "^2.0.1", + "domhandler": "^4.2.0", + "entities": "^2.0.0" + }, + "funding": { + "url": "https://github.com/cheeriojs/dom-serializer?sponsor=1" + } + }, + "node_modules/linkinator/node_modules/dom-serializer/node_modules/entities": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "integrity": "sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==", + "dev": true, + "funding": { + "url": "https://github.com/fb55/entities?sponsor=1" + } + }, + "node_modules/linkinator/node_modules/domelementtype": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.2.0.tgz", + "integrity": "sha512-DtBMo82pv1dFtUmHyr48beiuq792Sxohr+8Hm9zoxklYPfa6n0Z3Byjj2IV7bmr2IyqClnqEQhfgHJJ5QF0R5A==", + "dev": true, + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fb55" + } + ] + }, + "node_modules/linkinator/node_modules/domhandler": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-4.2.2.tgz", + "integrity": "sha512-PzE9aBMsdZO8TK4BnuJwH0QT41wgMbRzuZrHUcpYncEjmQazq8QEaBWgLG7ZyC/DAZKEgglpIA6j4Qn/HmxS3w==", + "dev": true, + "dependencies": { + "domelementtype": "^2.2.0" + }, + "engines": { + "node": ">= 4" + }, + "funding": { + "url": "https://github.com/fb55/domhandler?sponsor=1" + } + }, + "node_modules/linkinator/node_modules/domutils": { + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "integrity": "sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==", + "dev": true, + "dependencies": { + "dom-serializer": "^1.0.1", + "domelementtype": "^2.2.0", + "domhandler": "^4.2.0" + }, + "funding": { + "url": "https://github.com/fb55/domutils?sponsor=1" + } + }, + "node_modules/linkinator/node_modules/entities": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", + "integrity": "sha512-WiyBqoomrwMdFG1e0kqvASYfnlb0lp8M5o5Fw2OFq1hNZxxcNk8Ik0Xm7LxzBhuidnZB/UtBqVCgUz3kBOP51Q==", + "dev": true, + "engines": { + "node": ">=0.12" + }, + "funding": { + "url": "https://github.com/fb55/entities?sponsor=1" + } + }, "node_modules/linkinator/node_modules/global-dirs": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/global-dirs/-/global-dirs-3.0.0.tgz", @@ -14903,6 +14979,25 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/linkinator/node_modules/htmlparser2": { + "version": "7.1.2", + "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.1.2.tgz", + "integrity": "sha512-d6cqsbJba2nRdg8WW2okyD4ceonFHn9jLFxhwlNcLhQWcFPdxXeJulgOLjLKtAK9T6ahd+GQNZwG9fjmGW7lyg==", + "dev": true, + "funding": [ + "https://github.com/fb55/htmlparser2?sponsor=1", + { + "type": "github", + "url": "https://github.com/sponsors/fb55" + } + ], + "dependencies": { + "domelementtype": "^2.0.1", + "domhandler": "^4.2.2", + "domutils": "^2.8.0", + "entities": "^3.0.1" + } + }, "node_modules/linkinator/node_modules/is-installed-globally": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.4.0.tgz", @@ -23815,9 +23910,9 @@ } }, "node_modules/unist-util-visit": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-4.0.0.tgz", - "integrity": "sha512-3HWTvrtU10/E7qgPznBfiOyG0TXj9W8c1GSfaI8L9GkaG1pLePiQPZ7E35a0R3ToQ/zcy4Im6aZ9WBgOTnv1MQ==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-4.1.0.tgz", + "integrity": "sha512-n7lyhFKJfVZ9MnKtqbsqkQEk5P1KShj0+//V7mAcoI6bpbUjh3C/OG8HVD+pBihfh6Ovl01m8dkcv9HNqYajmQ==", "dependencies": { "@types/unist": "^2.0.0", "unist-util-is": "^5.0.0", @@ -25541,19 +25636,19 @@ "integrity": "sha512-0NqAC1IJE0S0+lL1SWFMxMkz1pKCNCjI4tr2Zx4LJSXxCLAdr6KyArnY+sno5m3yH9g737ygOyPABDsnXkpxiA==" }, "@babel/core": { - "version": "7.15.5", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.5.tgz", - "integrity": "sha512-pYgXxiwAgQpgM1bNkZsDEq85f0ggXMA5L7c+o3tskGMh2BunCI9QUwB9Z4jpvXUOuMdyGKiGKQiRe11VS6Jzvg==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.15.8.tgz", + "integrity": "sha512-3UG9dsxvYBMYwRv+gS41WKHno4K60/9GPy1CJaH6xy3Elq8CTtvtjT5R5jmNhXfCYLX2mTw+7/aq5ak/gOE0og==", "requires": { - "@babel/code-frame": "^7.14.5", - "@babel/generator": "^7.15.4", + "@babel/code-frame": "^7.15.8", + "@babel/generator": "^7.15.8", "@babel/helper-compilation-targets": "^7.15.4", - "@babel/helper-module-transforms": "^7.15.4", + "@babel/helper-module-transforms": "^7.15.8", "@babel/helpers": "^7.15.4", - "@babel/parser": "^7.15.5", + "@babel/parser": "^7.15.8", "@babel/template": "^7.15.4", "@babel/traverse": "^7.15.4", - "@babel/types": "^7.15.4", + "@babel/types": "^7.15.6", "convert-source-map": "^1.7.0", "debug": "^4.1.0", "gensync": "^1.0.0-beta.2", @@ -25563,9 +25658,9 @@ }, "dependencies": { "@babel/code-frame": { - "version": "7.14.5", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.14.5.tgz", - "integrity": "sha512-9pzDqyc6OLDaqe+zbACgFkb6fKMNG6CObKpnYXChRsvYGyEdc7CA2BaqeOM+vOtCS5ndmJicPJhKAwYRI6UfFw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.15.8.tgz", + "integrity": "sha512-2IAnmn8zbvC/jKYhq5Ki9I+DwjlrtMPUCH/CpHvqI4dNnlwHwsxoIhlc8WcYY5LSYknXQtAlFYuHfqAFCvQ4Wg==", "requires": { "@babel/highlight": "^7.14.5" } @@ -25616,11 +25711,11 @@ } }, "@babel/generator": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.15.4.tgz", - "integrity": "sha512-d3itta0tu+UayjEORPNz6e1T3FtvWlP5N4V5M+lhp/CxT4oAA7/NcScnpRyspUMLK6tu9MNHmQHxRykuN2R7hw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.15.8.tgz", + "integrity": "sha512-ECmAKstXbp1cvpTTZciZCgfOt6iN64lR0d+euv3UZisU5awfRawOvg07Utn/qBGuH4bRIEZKrA/4LzZyXhZr8g==", "requires": { - "@babel/types": "^7.15.4", + "@babel/types": "^7.15.6", "jsesc": "^2.5.1", "source-map": "^0.5.0" } @@ -25776,18 +25871,18 @@ } }, "@babel/helper-module-transforms": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.4.tgz", - "integrity": "sha512-9fHHSGE9zTC++KuXLZcB5FKgvlV83Ox+NLUmQTawovwlJ85+QMhk1CnVk406CQVj97LaWod6KVjl2Sfgw9Aktw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.15.8.tgz", + "integrity": "sha512-DfAfA6PfpG8t4S6npwzLvTUpp0sS7JrcuaMiy1Y5645laRJIp/LiLGIBbQKaXSInK8tiGNI7FL7L8UvB8gdUZg==", "requires": { "@babel/helper-module-imports": "^7.15.4", "@babel/helper-replace-supers": "^7.15.4", "@babel/helper-simple-access": "^7.15.4", "@babel/helper-split-export-declaration": "^7.15.4", - "@babel/helper-validator-identifier": "^7.14.9", + "@babel/helper-validator-identifier": "^7.15.7", "@babel/template": "^7.15.4", "@babel/traverse": "^7.15.4", - "@babel/types": "^7.15.4" + "@babel/types": "^7.15.6" } }, "@babel/helper-optimise-call-expression": { @@ -25851,9 +25946,9 @@ } }, "@babel/helper-validator-identifier": { - "version": "7.14.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.14.9.tgz", - "integrity": "sha512-pQYxPY0UP6IHISRitNe8bsijHex4TWZXi2HwKVsjPiltzlhse2znVcm9Ace510VT1kxIHjGJCZZQBX2gJDbo0g==" + "version": "7.15.7", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.15.7.tgz", + "integrity": "sha512-K4JvCtQqad9OY2+yTU8w+E82ywk/fe+ELNlt1G8z3bVGlZfn/hOcQQsUhGhW/N+tb3fxK800wLtKOE/aM0m72w==" }, "@babel/helper-validator-option": { "version": "7.14.5", @@ -25921,9 +26016,9 @@ } }, "@babel/parser": { - "version": "7.15.6", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.15.6.tgz", - "integrity": "sha512-S/TSCcsRuCkmpUuoWijua0Snt+f3ewU/8spLo+4AXJCZfT0bVCzLD5MuOKdrx0mlAptbKzn5AdgEIIKXxXkz9Q==" + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.15.8.tgz", + "integrity": "sha512-BRYa3wcQnjS/nqI8Ac94pYYpJfojHVvVXJ97+IDCImX4Jc8W8Xv1+47enbruk+q1etOpsQNwnfFcNGw+gtPGxA==" }, "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining": { "version": "7.15.4", @@ -25937,9 +26032,9 @@ } }, "@babel/plugin-proposal-async-generator-functions": { - "version": "7.15.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.15.4.tgz", - "integrity": "sha512-2zt2g5vTXpMC3OmK6uyjvdXptbhBXfA77XGrd3gh93zwG8lZYBLOBImiGBEG0RANu3JqKEACCz5CGk73OJROBw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.15.8.tgz", + "integrity": "sha512-2Z5F2R2ibINTc63mY7FLqGfEbmofrHU9FitJW1Q7aPaKFhiPvSq6QEt/BoWN5oME3GVyjcRuNNSRbb9LC0CSWA==", "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.14.5", @@ -26534,13 +26629,13 @@ } }, "@babel/plugin-transform-spread": { - "version": "7.14.6", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.14.6.tgz", - "integrity": "sha512-Zr0x0YroFJku7n7+/HH3A2eIrGMjbmAIbJSVv0IZ+t3U2WUQUA64S/oeied2e+MaGSjmt4alzBCsK9E8gh+fag==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.15.8.tgz", + "integrity": "sha512-/daZ8s2tNaRekl9YJa9X4bzjpeRZLt122cpgFnQPLGUe61PH8zMEBmYqKkW5xF5JUEh5buEGXJoQpqBmIbpmEQ==", "dev": true, "requires": { "@babel/helper-plugin-utils": "^7.14.5", - "@babel/helper-skip-transparent-expression-wrappers": "^7.14.5" + "@babel/helper-skip-transparent-expression-wrappers": "^7.15.4" } }, "@babel/plugin-transform-sticky-regex": { @@ -26590,9 +26685,9 @@ } }, "@babel/preset-env": { - "version": "7.15.6", - "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.15.6.tgz", - "integrity": "sha512-L+6jcGn7EWu7zqaO2uoTDjjMBW+88FXzV8KvrBl2z6MtRNxlsmUNRlZPaNNPUTgqhyC5DHNFk/2Jmra+ublZWw==", + "version": "7.15.8", + "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.15.8.tgz", + "integrity": "sha512-rCC0wH8husJgY4FPbHsiYyiLxSY8oMDJH7Rl6RQMknbN9oDDHhM9RDFvnGM2MgkbUJzSQB4gtuwygY5mCqGSsA==", "dev": true, "requires": { "@babel/compat-data": "^7.15.0", @@ -26600,7 +26695,7 @@ "@babel/helper-plugin-utils": "^7.14.5", "@babel/helper-validator-option": "^7.14.5", "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining": "^7.15.4", - "@babel/plugin-proposal-async-generator-functions": "^7.15.4", + "@babel/plugin-proposal-async-generator-functions": "^7.15.8", "@babel/plugin-proposal-class-properties": "^7.14.5", "@babel/plugin-proposal-class-static-block": "^7.15.4", "@babel/plugin-proposal-dynamic-import": "^7.14.5", @@ -26655,7 +26750,7 @@ "@babel/plugin-transform-regenerator": "^7.14.5", "@babel/plugin-transform-reserved-words": "^7.14.5", "@babel/plugin-transform-shorthand-properties": "^7.14.5", - "@babel/plugin-transform-spread": "^7.14.6", + "@babel/plugin-transform-spread": "^7.15.8", "@babel/plugin-transform-sticky-regex": "^7.14.5", "@babel/plugin-transform-template-literals": "^7.14.5", "@babel/plugin-transform-typeof-symbol": "^7.14.5", @@ -26664,7 +26759,7 @@ "@babel/preset-modules": "^0.1.4", "@babel/types": "^7.15.6", "babel-plugin-polyfill-corejs2": "^0.2.2", - "babel-plugin-polyfill-corejs3": "^0.2.2", + "babel-plugin-polyfill-corejs3": "^0.2.5", "babel-plugin-polyfill-regenerator": "^0.2.2", "core-js-compat": "^3.16.0", "semver": "^6.3.0" @@ -26909,13 +27004,13 @@ } }, "@graphql-tools/load": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/@graphql-tools/load/-/load-7.3.0.tgz", - "integrity": "sha512-ZVipT7yzOpf/DJ2sLI3xGwnULVFp/icu7RFEgDo2ZX0WHiS7EjWZ0cegxEm87+WN4fMwpiysRLzWx67VIHwKGA==", + "version": "7.3.2", + "resolved": "https://registry.npmjs.org/@graphql-tools/load/-/load-7.3.2.tgz", + "integrity": "sha512-tB03MGOlgKkoP6YyzIl/saTYshuLWxQy2JebhYL6gy3XsWmSE7ae1WAL3p+G0pyfw66HaMu905omyulu1VkfXw==", "dev": true, "requires": { "@graphql-tools/schema": "8.2.0", - "@graphql-tools/utils": "^8.2.0", + "@graphql-tools/utils": "^8.2.3", "p-limit": "3.1.0", "tslib": "~2.3.0" }, @@ -26976,9 +27071,9 @@ } }, "@graphql-tools/utils": { - "version": "8.2.2", - "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.2.2.tgz", - "integrity": "sha512-29FFY5U4lpXuBiW9dRvuWnBVwGhWbGLa2leZcAMU/Pz47Cr/QLZGVgpLBV9rt+Gbs7wyIJM7t7EuksPs0RDm3g==", + "version": "8.2.5", + "resolved": "https://registry.npmjs.org/@graphql-tools/utils/-/utils-8.2.5.tgz", + "integrity": "sha512-k/Rktklhy22dQfbJLKiLGfQymQCTr6Rd2BilC7g2Yk6wFSzVLYr8jeXNoTD+/p61XBQzBjTVayskvaMvNS3BDg==", "dev": true, "requires": { "tslib": "~2.3.0" @@ -27977,18 +28072,18 @@ } }, "@octokit/openapi-types": { - "version": "10.1.5", - "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-10.1.5.tgz", - "integrity": "sha512-OoShNYzhAU8p8JbGHe1rRs1GIErRtmN2230AQCJAjL5lc0AUU5OhppVe6693HIZ2eCBLUhoLPhnnnmQ5ASH7Wg==", + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-11.0.0.tgz", + "integrity": "sha512-QeMW4h18cEm53ojYufACSRgq3rrQg4BibVcsHytXmbJ+otmXSelr1BCBCEi8q7nqGkYJyGQX30DoULENIgJ8BA==", "dev": true }, "@octokit/plugin-paginate-rest": { - "version": "2.16.2", - "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.16.2.tgz", - "integrity": "sha512-WF5/MTPnFgYH6rMGuxBvbxX2S/3ygNWylakgD7njKES0Qwk5e+d/L6r/BYXSw7B6xJJ3hlwIAmUmOxxYrR+Q8A==", + "version": "2.16.8", + "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.16.8.tgz", + "integrity": "sha512-VZZYeNNwCkC2XoTUFouTpFdR2esSPuJb4U58iUxeYu4vQ1AUzCs6AI+gf4bL413CQ8DZhkxASflfLWzcp+9shQ==", "dev": true, "requires": { - "@octokit/types": "^6.27.2" + "@octokit/types": "^6.32.0" } }, "@octokit/plugin-request-log": { @@ -27999,12 +28094,12 @@ "requires": {} }, "@octokit/plugin-rest-endpoint-methods": { - "version": "5.10.3", - "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.10.3.tgz", - "integrity": "sha512-eAT4gje+VR9xdSlhuHWNXsNLpiODqdqz8jqShMgaxRH82Le2nS6EV6LAo3QPZ05Fso5oGmDfJF6eq9vs1cEhdA==", + "version": "5.12.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.12.0.tgz", + "integrity": "sha512-OD3Rv660YzXSmhTr8g8kpLvLq3Z5ADvLxtb9a8+1I4S2EqV6YQTHeJwVC5I6vwvV5tMmnj3oeRn7OWc0eODwQw==", "dev": true, "requires": { - "@octokit/types": "^6.27.2", + "@octokit/types": "^6.32.0", "deprecation": "^2.3.1" } }, @@ -28048,24 +28143,24 @@ } }, "@octokit/rest": { - "version": "18.10.0", - "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-18.10.0.tgz", - "integrity": "sha512-esHR5OKy38bccL/sajHqZudZCvmv4yjovMJzyXlphaUo7xykmtOdILGJ3aAm0mFHmMLmPFmDMJXf39cAjNJsrw==", + "version": "18.12.0", + "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-18.12.0.tgz", + "integrity": "sha512-gDPiOHlyGavxr72y0guQEhLsemgVjwRePayJ+FcKc2SJqKUbxbkvf5kAZEWA/MKvsfYlQAMVzNJE3ezQcxMJ2Q==", "dev": true, "requires": { "@octokit/core": "^3.5.1", - "@octokit/plugin-paginate-rest": "^2.16.0", + "@octokit/plugin-paginate-rest": "^2.16.8", "@octokit/plugin-request-log": "^1.0.4", - "@octokit/plugin-rest-endpoint-methods": "^5.9.0" + "@octokit/plugin-rest-endpoint-methods": "^5.12.0" } }, "@octokit/types": { - "version": "6.27.2", - "resolved": "https://registry.npmjs.org/@octokit/types/-/types-6.27.2.tgz", - "integrity": "sha512-AgajmAJh7LhStgaEaNoY1N7znst2q07CKZVdnVB/V4tmitMbk+qijmD0IkkSKulXE5RVLbJjQikJF9+XLqhsVA==", + "version": "6.32.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-6.32.0.tgz", + "integrity": "sha512-7CFlMfpX78PbvGnQZfQ3pD246RGTLITDnLCyYgTOtwNPIdTKMGs/8dJiZA3Fh5vXuZYqu/YHH32GboK7xnZ0ag==", "dev": true, "requires": { - "@octokit/openapi-types": "^10.1.5" + "@octokit/openapi-types": "^11.0.0" } }, "@primer/components": { @@ -28532,9 +28627,9 @@ "integrity": "sha512-KfRL3PuHmqQLOG+2tGpRO26Ctg+Cq1E01D2DMriKEATHgWLfeNDmq9e29Q9WIky0dQ3NPkd1mzYH8Lm936Z9qw==" }, "@types/react": { - "version": "17.0.20", - "resolved": "https://registry.npmjs.org/@types/react/-/react-17.0.20.tgz", - "integrity": "sha512-wWZrPlihslrPpcKyCSlmIlruakxr57/buQN1RjlIeaaTWDLtJkTtRW429MoQJergvVKc4IWBpRhWw7YNh/7GVA==", + "version": "17.0.27", + "resolved": "https://registry.npmjs.org/@types/react/-/react-17.0.27.tgz", + "integrity": "sha512-zgiJwtsggVGtr53MndV7jfiUESTqrbxOcBvwfe6KS/9bzaVPCTDieTWnFNecVNx6EAaapg5xsLLWFfHHR437AA==", "requires": { "@types/prop-types": "*", "@types/scheduler": "*", @@ -29163,9 +29258,9 @@ } }, "ajv": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.4.0.tgz", - "integrity": "sha512-7QD2l6+KBSLwf+7MuYocbWvRPdOu63/trReTLu2KFwkgctnub1auoF+Y1WYcm09CTM7quuscrzqmASaLHC/K4Q==", + "version": "8.6.3", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.6.3.tgz", + "integrity": "sha512-SMJOdDP6LqTkD0Uq8qLi+gMwSt0imXLSV080qFVwJCpH9U6Mb+SUGHAXM0KNbcBPguytWyvFxcHgMLe2D2XSpw==", "requires": { "fast-deep-equal": "^3.1.1", "json-schema-traverse": "^1.0.0", @@ -29848,13 +29943,13 @@ } }, "babel-plugin-polyfill-corejs3": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.2.4.tgz", - "integrity": "sha512-z3HnJE5TY/j4EFEa/qpQMSbcUJZ5JQi+3UFjXzn6pQCmIKc5Ug5j98SuYyH+m4xQnvKlMDIW4plLfgyVnd0IcQ==", + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/babel-plugin-polyfill-corejs3/-/babel-plugin-polyfill-corejs3-0.2.5.tgz", + "integrity": "sha512-ninF5MQNwAX9Z7c9ED+H2pGt1mXdP4TqzlHKyPIYmJIYz0N+++uwdM7RnJukklhzJ54Q84vA4ZJkgs7lu5vqcw==", "dev": true, "requires": { "@babel/helper-define-polyfill-provider": "^0.2.2", - "core-js-compat": "^3.14.0" + "core-js-compat": "^3.16.2" } }, "babel-plugin-polyfill-regenerator": { @@ -33709,9 +33804,9 @@ } }, "express-rate-limit": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.3.0.tgz", - "integrity": "sha512-qJhfEgCnmteSeZAeuOKQ2WEIFTX5ajrzE0xS6gCOBCoRQcU+xEzQmgYQQTpzCcqUAAzTEtu4YEih4pnLfvNtew==" + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.4.1.tgz", + "integrity": "sha512-ZQh2h3qiu7wWdvWNYHznBhaOp2ZIXNnT4hl2Ff608STeWtCuJ251NzqQlk7mo5wnO2HmrydBYHuVA9Z3S3ZtXg==" }, "express-timeout-handler": { "version": "2.2.2", @@ -34353,9 +34448,9 @@ "integrity": "sha512-w0dzqw/nt51xMVmlaV1+JRzN+oCa1KfcgGEWhxUG16wbdA+Xnt/yoFO8Z8x/V82ZcZ0wy6ln9QDup5avbhiDhQ==" }, "glob": { - "version": "7.1.7", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.7.tgz", - "integrity": "sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz", + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", "requires": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -36978,16 +37073,16 @@ "dev": true }, "linkinator": { - "version": "2.14.0", - "resolved": "https://registry.npmjs.org/linkinator/-/linkinator-2.14.0.tgz", - "integrity": "sha512-7OvAgx0Ml7vByog2NsMg3sH+cH8pZyvMt1BhQE6mGnyQONXtKQvzuynLCEFPznVgPpQBQ1onvDP2udyVafvINQ==", + "version": "2.14.4", + "resolved": "https://registry.npmjs.org/linkinator/-/linkinator-2.14.4.tgz", + "integrity": "sha512-ADxb8C9k9LUAHFZCsKZnB+TtxTqVPiL86zQpmMp9x+aarrhY9YBV12msb87C9IR9DBxaohonhIfMVvrJW4E7Wg==", "dev": true, "requires": { "chalk": "^4.0.0", - "cheerio": "^1.0.0-rc.10", "escape-html": "^1.0.3", "gaxios": "^4.0.0", "glob": "^7.1.6", + "htmlparser2": "^7.1.2", "jsonexport": "^3.0.0", "marked": "^2.0.0", "meow": "^9.0.0", @@ -37054,6 +37149,57 @@ "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "dev": true }, + "dom-serializer": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.3.2.tgz", + "integrity": "sha512-5c54Bk5Dw4qAxNOI1pFEizPSjVsx5+bpJKmL2kPn8JhBUq2q09tTCa3mjijun2NfK78NMouDYNMBkOrPZiS+ig==", + "dev": true, + "requires": { + "domelementtype": "^2.0.1", + "domhandler": "^4.2.0", + "entities": "^2.0.0" + }, + "dependencies": { + "entities": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "integrity": "sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==", + "dev": true + } + } + }, + "domelementtype": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.2.0.tgz", + "integrity": "sha512-DtBMo82pv1dFtUmHyr48beiuq792Sxohr+8Hm9zoxklYPfa6n0Z3Byjj2IV7bmr2IyqClnqEQhfgHJJ5QF0R5A==", + "dev": true + }, + "domhandler": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-4.2.2.tgz", + "integrity": "sha512-PzE9aBMsdZO8TK4BnuJwH0QT41wgMbRzuZrHUcpYncEjmQazq8QEaBWgLG7ZyC/DAZKEgglpIA6j4Qn/HmxS3w==", + "dev": true, + "requires": { + "domelementtype": "^2.2.0" + } + }, + "domutils": { + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "integrity": "sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==", + "dev": true, + "requires": { + "dom-serializer": "^1.0.1", + "domelementtype": "^2.2.0", + "domhandler": "^4.2.0" + } + }, + "entities": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", + "integrity": "sha512-WiyBqoomrwMdFG1e0kqvASYfnlb0lp8M5o5Fw2OFq1hNZxxcNk8Ik0Xm7LxzBhuidnZB/UtBqVCgUz3kBOP51Q==", + "dev": true + }, "global-dirs": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/global-dirs/-/global-dirs-3.0.0.tgz", @@ -37063,6 +37209,18 @@ "ini": "2.0.0" } }, + "htmlparser2": { + "version": "7.1.2", + "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.1.2.tgz", + "integrity": "sha512-d6cqsbJba2nRdg8WW2okyD4ceonFHn9jLFxhwlNcLhQWcFPdxXeJulgOLjLKtAK9T6ahd+GQNZwG9fjmGW7lyg==", + "dev": true, + "requires": { + "domelementtype": "^2.0.1", + "domhandler": "^4.2.2", + "domutils": "^2.8.0", + "entities": "^3.0.1" + } + }, "is-installed-globally": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.4.0.tgz", @@ -43987,9 +44145,9 @@ } }, "unist-util-visit": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-4.0.0.tgz", - "integrity": "sha512-3HWTvrtU10/E7qgPznBfiOyG0TXj9W8c1GSfaI8L9GkaG1pLePiQPZ7E35a0R3ToQ/zcy4Im6aZ9WBgOTnv1MQ==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-4.1.0.tgz", + "integrity": "sha512-n7lyhFKJfVZ9MnKtqbsqkQEk5P1KShj0+//V7mAcoI6bpbUjh3C/OG8HVD+pBihfh6Ovl01m8dkcv9HNqYajmQ==", "requires": { "@types/unist": "^2.0.0", "unist-util-is": "^5.0.0", diff --git a/package.json b/package.json index b41d557339..da86d13531 100644 --- a/package.json +++ b/package.json @@ -16,7 +16,7 @@ "@primer/octicons": "^15.1.0", "@primer/octicons-react": "^15.1.0", "accept-language-parser": "^1.5.0", - "ajv": "^8.4.0", + "ajv": "^8.6.3", "ajv-formats": "^2.1.1", "browser-date-formatter": "^3.0.3", "change-case": "^4.1.2", @@ -32,7 +32,7 @@ "dotenv": "^10.0.0", "express": "^4.17.1", "express-basic-auth": "^1.2.0", - "express-rate-limit": "^5.3.0", + "express-rate-limit": "^5.4.1", "express-timeout-handler": "^2.2.2", "flat": "^5.0.2", "github-slugger": "^1.4.0", @@ -92,27 +92,27 @@ "throng": "^5.0.0", "ts-dedent": "^2.2.0", "unified": "^10.1.0", - "unist-util-visit": "^4.0.0", + "unist-util-visit": "^4.1.0", "uuid": "^8.3.2", "walk-sync": "^3.0.0" }, "devDependencies": { "@actions/core": "^1.5.0", "@actions/github": "^5.0.0", - "@babel/core": "^7.15.5", + "@babel/core": "^7.15.8", "@babel/eslint-parser": "^7.15.4", "@babel/plugin-syntax-top-level-await": "^7.14.5", "@babel/plugin-transform-runtime": "^7.15.0", - "@babel/preset-env": "^7.15.6", + "@babel/preset-env": "^7.15.8", "@graphql-inspector/core": "^2.9.0", - "@graphql-tools/load": "^7.3.0", + "@graphql-tools/load": "^7.3.2", "@jest/globals": "^27.2.0", - "@octokit/rest": "^18.10.0", + "@octokit/rest": "^18.12.0", "@types/github-slugger": "^1.3.0", "@types/imurmurhash": "^0.1.1", "@types/js-cookie": "^2.2.7", "@types/lodash": "^4.14.175", - "@types/react": "^17.0.20", + "@types/react": "^17.0.27", "@types/react-dom": "^17.0.9", "@types/react-syntax-highlighter": "^13.5.2", "@types/uuid": "^8.3.1", @@ -139,7 +139,7 @@ "eslint-plugin-node": "^11.1.0", "eslint-plugin-promise": "^5.1.0", "event-to-promise": "^0.8.0", - "glob": "^7.1.7", + "glob": "^7.2.0", "graphql": "^15.5.3", "heroku-client": "^3.1.0", "http-status-code": "^2.1.0", @@ -151,7 +151,7 @@ "jest": "^27.2.0", "jest-github-actions-reporter": "^1.0.3", "jest-slow-test-reporter": "^1.0.0", - "linkinator": "^2.14.0", + "linkinator": "^2.14.4", "lint-staged": "^11.2.2", "make-promises-safe": "^5.1.0", "minimatch": "^3.0.4", diff --git a/server.mjs b/server.mjs index e050d7a593..fac03c795a 100644 --- a/server.mjs +++ b/server.mjs @@ -41,7 +41,9 @@ async function checkPortAvailability() { const portInUse = await portUsed.check(port) if (portInUse) { console.log(`\n\n\nPort ${port} is not available. You may already have a server running.`) - console.log('Try running `killall node` to shut down all your running node processes.\n\n\n') + console.log( + `Try running \`npx kill-port ${port}\` to shut down all your running node processes.\n\n\n` + ) console.log('\x07') // system 'beep' sound process.exit(1) }