From 31101afb074d6a623991ba7fcdced98ca3ca98f6 Mon Sep 17 00:00:00 2001 From: Ben Ahmady <32935794+subatoi@users.noreply.github.com> Date: Wed, 4 Dec 2024 12:02:24 +0000 Subject: [PATCH] 'Code security and analysis' is now 'Code security' (repo level, not GHES) (#53330) Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com> --- ...-analysis-settings-for-your-personal-account.md | 4 ++-- ...vanced-security-features-for-your-enterprise.md | 3 ++- .../viewing-your-github-advanced-security-usage.md | 2 +- ...configuring-advanced-setup-for-code-scanning.md | 2 +- .../configuring-default-setup-for-code-scanning.md | 2 +- .../enabling-default-setup-takes-too-long.md | 2 +- .../results-different-than-expected.md | 2 +- .../configuring-dependabot-alerts.md | 12 ++++++------ ...preset-rules-to-prioritize-dependabot-alerts.md | 2 +- .../configuring-dependabot-security-updates.md | 6 +++--- .../configuring-dependabot-version-updates.md | 4 ++-- .../getting-started/dependabot-quickstart-guide.md | 2 +- .../quickstart-for-securing-your-repository.md | 14 +++++++------- ...enabling-push-protection-for-your-repository.md | 2 +- ...enabling-secret-scanning-for-your-repository.md | 4 ++-- ...ty-and-analysis-settings-for-your-repository.md | 4 ++-- data/features/code-security-wording-only.yml | 5 +++++ .../automatically-pause-dependabot-updates.md | 2 +- ...alerts-enterprise-server-repo-org-enablement.md | 2 +- ...pendabot-grouped-security-updates-how-enable.md | 2 +- .../dependabot/dependabot-updates-and-actions.md | 2 +- .../navigate-to-code-security-and-analysis.md | 2 +- .../repositories/navigate-to-ghas-settings.md | 2 +- data/reusables/user-settings/security-analysis.md | 2 +- 24 files changed, 46 insertions(+), 40 deletions(-) create mode 100644 data/features/code-security-wording-only.yml diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md index 200c74cbe3ef..e3a433c0a18d 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md @@ -32,7 +32,7 @@ For an overview of repository-level security, see "[AUTOTITLE](/code-security/ge {% data reusables.user-settings.access_settings %} {% data reusables.user-settings.security-analysis %} -1. Under "Code security and analysis", to the right of the feature, click **Disable all** or **Enable all**. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of the feature, click **Disable all** or **Enable all**. 1. Optionally, enable the feature by default for new repositories that you own.{% ifversion not ghes %} ![Screenshot of the "Enable FEATURE" modal dialog, with the "Enable by default for new private repositories" option highlighted with a dark orange outline.](/assets/images/help/settings/security-and-analysis-enable-by-default-in-modal.png){% endif %} @@ -45,7 +45,7 @@ For an overview of repository-level security, see "[AUTOTITLE](/code-security/ge {% data reusables.user-settings.access_settings %} {% data reusables.user-settings.security-analysis %} -1. Under "Code security and analysis", to the right of the feature, enable or disable the feature by default for new repositories that you own. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of the feature, enable or disable the feature by default for new repositories that you own. ## Further reading diff --git a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md index 15c9cb500379..716abc816093 100644 --- a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md +++ b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md @@ -47,7 +47,8 @@ When you enable one or more security and analysis features for existing reposito {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} -1. In the left sidebar, click **Code security & analysis**. + +1. In the left sidebar, click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. 1. Optionally, enable or disable a feature for all existing repositories. * To the right of the feature, click **Disable all** or **Enable all**. {% ifversion ghes or ghec %}If the control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled, you have no available {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} for {% data variables.product.prodname_GH_advanced_security %}.{% endif %} diff --git a/content/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md b/content/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md index 856493611f6b..f044e09165b7 100644 --- a/content/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md +++ b/content/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md @@ -111,7 +111,7 @@ You can download the {% data variables.product.prodname_advanced_security %} lic {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} -1. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" %} Code security and analysis**. +1. In the "Security" section of the sidebar, select the **Code security** dropdown menu, then click **{% data variables.product.prodname_global_settings_caps %}**. 1. In the "{% data variables.product.prodname_GH_advanced_security %} repositories" section, next to the repository you want usage information for, select {% octicon "kebab-horizontal" aria-label="GHAS repository actions" %}, then click **Download CSV report**. ![Screenshot of the committers by repository table. The horizontal kebab icon and "Download CSV report" button are highlighted with an orange outline.](/assets/images/help/billing/ghas-billing-table-repository-csv.png) diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md index 915aa87a5c68..fdfb976c6392 100644 --- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md +++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md @@ -71,7 +71,7 @@ You can customize your {% data variables.product.prodname_codeql %} analysis by > [!NOTE] > If you are switching from default setup to advanced setup, in the "{% data variables.product.prodname_code_scanning_caps %}" section, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click **{% octicon "workflow" aria-hidden="true" %} Switch to advanced**. In the pop-up window that appears, click **Disable {% data variables.product.prodname_codeql %}**. - ![Screenshot of the "{% data variables.product.prodname_code_scanning_caps %}" section of "Code security and analysis" settings. The "Advanced setup" button is highlighted with an orange outline.](/assets/images/help/security/advanced-code-scanning-setup.png) + ![Screenshot of the "{% data variables.product.prodname_code_scanning_caps %}" section of {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} settings. The "Advanced setup" button is highlighted with an orange outline.](/assets/images/help/security/advanced-code-scanning-setup.png) 1. To customize how {% data variables.product.prodname_code_scanning %} scans your code, edit the workflow. diff --git a/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md b/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md index 24518b3f44f8..099243606867 100644 --- a/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md +++ b/content/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md @@ -102,7 +102,7 @@ When you initially configure default setup for {% data variables.product.prodnam {% data reusables.user-settings.security-analysis %} 1. In the "{% data variables.product.prodname_code_scanning_caps %}" section, select **Set up** {% octicon "triangle-down" aria-hidden="true" %}, then click **Default**. - ![Screenshot of the "{% data variables.product.prodname_code_scanning_caps %}" section of "Code security and analysis" settings. The "Default setup" button is highlighted with an orange outline.](/assets/images/help/security/default-code-scanning-setup.png) + ![Screenshot of the "{% data variables.product.prodname_code_scanning_caps %}" section of {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} settings. The "Default setup" button is highlighted with an orange outline.](/assets/images/help/security/default-code-scanning-setup.png) You will then see a "{% data variables.product.prodname_codeql %} default configuration" dialog summarizing the {% data variables.product.prodname_code_scanning %} configuration automatically created by default setup. diff --git a/content/code-security/code-scanning/troubleshooting-code-scanning/enabling-default-setup-takes-too-long.md b/content/code-security/code-scanning/troubleshooting-code-scanning/enabling-default-setup-takes-too-long.md index 2bd7cb54403e..ab1142aae181 100644 --- a/content/code-security/code-scanning/troubleshooting-code-scanning/enabling-default-setup-takes-too-long.md +++ b/content/code-security/code-scanning/troubleshooting-code-scanning/enabling-default-setup-takes-too-long.md @@ -13,4 +13,4 @@ When you enable default setup, a workflow is triggered with the automatically ge You can check on the progress of the test run for default setup on the **Actions** tab. If the run is taking too long, try canceling the workflow run and restarting the configuration process. -To restart your configuration, navigate to the main page of your repository, then click **{% octicon "play" aria-hidden="true" %} Actions**. Click the **{% data variables.product.prodname_codeql %}** workflow run that's in progress, then click **Cancel workflow**. Once {% octicon "stop" aria-label="cancelled" %} appears beside the workflow run name, navigate back to the **Code security and analysis** settings and re-enable default setup. If default setup continues to stall, please contact {% data variables.contact.contact_support %} or try enabling advanced setup. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning)." +To restart your configuration, navigate to the main page of your repository, then click **{% octicon "play" aria-hidden="true" %} Actions**. Click the **{% data variables.product.prodname_codeql %}** workflow run that's in progress, then click **Cancel workflow**. Once {% octicon "stop" aria-label="cancelled" %} appears beside the workflow run name, navigate back to the {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %} settings and re-enable default setup. If default setup continues to stall, please contact {% data variables.contact.contact_support %} or try enabling advanced setup. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning)." diff --git a/content/code-security/code-scanning/troubleshooting-code-scanning/results-different-than-expected.md b/content/code-security/code-scanning/troubleshooting-code-scanning/results-different-than-expected.md index 36beff1f8fd5..b29841897620 100644 --- a/content/code-security/code-scanning/troubleshooting-code-scanning/results-different-than-expected.md +++ b/content/code-security/code-scanning/troubleshooting-code-scanning/results-different-than-expected.md @@ -13,7 +13,7 @@ redirect_from: If your {% data variables.product.prodname_code_scanning %} results are different than you expected, you may have both default and advanced setup configured for your repository. When you enable default setup, this disables the existing {% data variables.product.prodname_codeql %} workflow file and blocks any {% data variables.product.prodname_codeql %} API analysis from uploading results. -To check if default setup is enabled, navigate to the main page of the repository, then click **{% octicon "gear" aria-hidden="true" %} Settings**. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" %} Code security and analysis**. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis", click {% octicon "kebab-horizontal" aria-label="Menu" %}. If there is a **{% octicon "workflow" aria-hidden="true" %} Switch to advanced** option, you are currently using default setup. +To check if default setup is enabled, navigate to the main page of the repository, then click **{% octicon "gear" aria-hidden="true" %} Settings**. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" %} {% ifversion code-security-wording-only %}Code security{% else %}Code security and analysis{% endif %}. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis", click {% octicon "kebab-horizontal" aria-label="Menu" %}. If there is a **{% octicon "workflow" aria-hidden="true" %} Switch to advanced** option, you are currently using default setup. If you want to return to using advanced setup and get {% data variables.product.prodname_code_scanning %} results from your custom workflow file, click **{% octicon "stop" aria-hidden="true" %} Disable {% data variables.product.prodname_codeql %}** to disable default setup. Then you should re-enable your pre-existing workflows to start triggering and uploading results from advanced setup. For more information, see "[AUTOTITLE](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow)" and "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning)." diff --git a/content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md b/content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md index f5a668b64784..46251d38d2d8 100644 --- a/content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md @@ -47,7 +47,7 @@ You can enable or disable {% data variables.product.prodname_dependabot_alerts % {% data reusables.user-settings.access_settings %} {% data reusables.user-settings.security-analysis %} -1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Disable all** or **Enable all**. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Disable all** or **Enable all**. 1. Optionally, to enable {% data variables.product.prodname_dependabot_alerts %} by default for new repositories that you create, in the dialog box, select "Enable by default for new repositories". 1. Click **Disable {% data variables.product.prodname_dependabot_alerts %}** or **Enable {% data variables.product.prodname_dependabot_alerts %}** to disable or enable {% data variables.product.prodname_dependabot_alerts %} for all the repositories you own. @@ -57,7 +57,7 @@ When you enable {% data variables.product.prodname_dependabot_alerts %} for exis {% data reusables.user-settings.access_settings %} {% data reusables.user-settings.security-analysis %} -1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, select **Automatically enable for new repositories**. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of {% data variables.product.prodname_dependabot_alerts %}, select **Automatically enable for new repositories**. {% else %} {% data variables.product.prodname_dependabot_alerts %} for your repositories can be enabled or disabled by your enterprise owner. For more information, see "[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." @@ -80,7 +80,7 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Enable** to enable alerts or **Disable** to disable alerts. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Enable** to enable alerts or **Disable** to disable alerts. ## Managing {% data variables.product.prodname_dependabot_alerts %} for your organization @@ -98,15 +98,15 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa {% ifversion code-security-multi-repo-enablement %} You can use security overview to find a set of repositories and enable or disable {% data variables.product.prodname_dependabot_alerts %} for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)." -You can also use the organization settings page for "Code security and analysis" to enable or disable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization. +You can also use the organization settings page for {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} to enable or disable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization. {% else %} -You can use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization. +You can use the organization settings page for {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} to enable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization. {% endif %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} -1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Disable all** or **Enable all**. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Disable all** or **Enable all**. 1. Optionally, to enable {% data variables.product.prodname_dependabot_alerts %} by default for new repositories in your organization, in the dialog box, select "Enable by default for new repositories". 1. Click **Disable {% data variables.product.prodname_dependabot_alerts %}** or **Enable {% data variables.product.prodname_dependabot_alerts %}** to disable or enable {% data variables.product.prodname_dependabot_alerts %} for all the repositories in your organization. diff --git a/content/code-security/dependabot/dependabot-auto-triage-rules/using-github-preset-rules-to-prioritize-dependabot-alerts.md b/content/code-security/dependabot/dependabot-auto-triage-rules/using-github-preset-rules-to-prioritize-dependabot-alerts.md index 3d907c260869..aa7d7ad2e932 100644 --- a/content/code-security/dependabot/dependabot-auto-triage-rules/using-github-preset-rules-to-prioritize-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-auto-triage-rules/using-github-preset-rules-to-prioritize-dependabot-alerts.md @@ -44,7 +44,7 @@ The `Dismiss low impact issues for development-scoped dependencies` rule is enab {% data reusables.repositories.navigate-to-code-security-and-analysis %} 1. Under "{% data variables.product.prodname_dependabot_alerts %}", click {% octicon "gear" aria-label="The Gear icon" %} close to "{% data variables.product.prodname_dependabot %} rules". - ![Screenshot of the "Code security and analysis" page for a repository. The gear icon is highlighted with an orange outline.](/assets/images/help/repository/dependabot-rules-page.png) + ![Screenshot of the {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} page for a repository. The gear icon is highlighted with an orange outline.](/assets/images/help/repository/dependabot-rules-page.png) 1. Under "{% data variables.product.company_short %} presets", to the right of "Dismiss low impact issues for development-scoped dependencies", click {% octicon "pencil" aria-label="Edit rule" %}. 1. Under "State", select the dropdown menu, then click "Enabled". diff --git a/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index b66aae1aedd1..2c284f76de59 100644 --- a/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md +++ b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -57,7 +57,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} {% ifversion dependabot-grouped-security-updates-config %} @@ -82,7 +82,7 @@ Repository administrators can enable or disable grouped security updates for the {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of "Grouped security updates", click **Enable** to enable the feature or **Disable** to disable it. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of "Grouped security updates", click **Enable** to enable the feature or **Disable** to disable it. ### Enabling or disabling grouped {% data variables.product.prodname_dependabot_security_updates %} for an organization @@ -95,7 +95,7 @@ Organization owners can enable or disable grouped security updates for all repos {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} -1. Under "Code security and analysis", to the right of "Grouped security updates", click **Disable all** or **Enable all**. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of "Grouped security updates", click **Disable all** or **Enable all**. 1. Optionally, to enable grouped {% data variables.product.prodname_dependabot_security_updates %} for new repositories in your organization, select **Automatically enable for new repositories**. {% endif %} diff --git a/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md index ad51159d47f1..658b3f56545c 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md @@ -43,7 +43,7 @@ You enable {% data variables.product.prodname_dependabot_version_updates %} by c {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot_version_updates %}", click **Enable** to open a basic `dependabot.yml` configuration file in the `.github` directory of your repository. {% data reusables.dependabot.link-to-yml-config-file %} +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of "{% data variables.product.prodname_dependabot_version_updates %}", click **Enable** to open a basic `dependabot.yml` configuration file in the `.github` directory of your repository. {% data reusables.dependabot.link-to-yml-config-file %} {% else %} 1. Create a `dependabot.yml` configuration file in the `.github` directory of your repository. You can use the snippet below as a starting point. {% data reusables.dependabot.link-to-yml-config-file %} {% endif %} @@ -110,7 +110,7 @@ On a fork, you also need to explicitly enable {% data variables.product.prodname {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot_version_updates %}", click **Enable** to allow {% data variables.product.prodname_dependabot %} to initiate version updates. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of "{% data variables.product.prodname_dependabot_version_updates %}", click **Enable** to allow {% data variables.product.prodname_dependabot %} to initiate version updates. ## Checking the status of version updates diff --git a/content/code-security/getting-started/dependabot-quickstart-guide.md b/content/code-security/getting-started/dependabot-quickstart-guide.md index c0c786b00223..ddbea869e80b 100644 --- a/content/code-security/getting-started/dependabot-quickstart-guide.md +++ b/content/code-security/getting-started/dependabot-quickstart-guide.md @@ -44,7 +44,7 @@ You need to follow the steps below on the repository you forked in "[Prerequisit {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Enable** for {% data variables.product.prodname_dependabot_alerts %}, {% data variables.product.prodname_dependabot_security_updates %}, and {% data variables.product.prodname_dependabot_version_updates %}. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of {% data variables.product.prodname_dependabot_alerts %}, click **Enable** for {% data variables.product.prodname_dependabot_alerts %}, {% data variables.product.prodname_dependabot_security_updates %}, and {% data variables.product.prodname_dependabot_version_updates %}. 1. Optionally, if you are interested in experimenting with {% data variables.product.prodname_dependabot_version_updates %}, click **.github/dependabot.yml**. This will create a default `dependabot.yml` configuration file in the `/.github` directory of your repository. To enable {% data variables.product.prodname_dependabot_version_updates %} for your repository, you typically configure this file to suit your needs by editing the default file, and committing your changes. You can refer to the snippet provided in "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#example-dependabotyml-file)" for an example. > [!NOTE] diff --git a/content/code-security/getting-started/quickstart-for-securing-your-repository.md b/content/code-security/getting-started/quickstart-for-securing-your-repository.md index 9c2ed5357463..d686f7098ba3 100644 --- a/content/code-security/getting-started/quickstart-for-securing-your-repository.md +++ b/content/code-security/getting-started/quickstart-for-securing-your-repository.md @@ -42,7 +42,7 @@ From the main page of your repository, click **{% octicon "gear" aria-hidden="tr {% data reusables.dependency-graph.feature-availability %} The dependency graph interprets manifest and lock files in a repository to identify dependencies. 1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**. -1. Click **Security & analysis**. +1. Click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. 1. Next to Dependency graph, click **Enable** or **Disable**. {% endif %} @@ -64,7 +64,7 @@ For more information, see "[AUTOTITLE](/code-security/supply-chain-security/unde {% ifversion fpt or ghec %} 1. Click your profile photo, then click **Settings**. -1. Click **Security & analysis**. +1. Click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. 1. Click **Enable all** next to {% data variables.product.prodname_dependabot_alerts %}. {% endif %} @@ -83,7 +83,7 @@ Dependency review lets you visualize dependency changes in pull requests before Dependency review is a {% data variables.product.prodname_GH_advanced_security %} feature. {% ifversion fpt or ghec %}Dependency review is already enabled for all public repositories. {% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %} can additionally enable dependency review for private and internal repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/getting-started/quickstart-for-securing-your-repository#managing-dependency-review). {% endif %}{% endif %}{% ifversion ghec or ghes %}To enable dependency review for a {% ifversion ghec %}private or internal {% endif %}repository, ensure that the dependency graph is enabled and enable {% data variables.product.prodname_GH_advanced_security %}. 1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**. -1. Click **Security & analysis**. +1. Click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. 1. {% ifversion ghec %}If dependency graph is not already enabled, click **Enable**.{% elsif ghes %}Check that dependency graph is configured for your enterprise.{% endif %} 1. If {% data variables.product.prodname_GH_advanced_security %} is not already enabled, click **Enable**. @@ -94,7 +94,7 @@ Dependency review is a {% data variables.product.prodname_GH_advanced_security % For any repository that uses {% data variables.product.prodname_dependabot_alerts %}, you can enable {% data variables.product.prodname_dependabot_security_updates %} to raise pull requests with security updates when vulnerabilities are detected. 1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**. -1. Click **Security & analysis**. +1. Click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. 1. Next to {% data variables.product.prodname_dependabot_security_updates %}, click **Enable**. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)" and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." @@ -105,7 +105,7 @@ You can enable {% data variables.product.prodname_dependabot %} to automatically {% ifversion dependabot-settings-update-37 %} 1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**. -1. Click **Security & analysis**. +1. Click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. 1. Next to {% data variables.product.prodname_dependabot_version_updates %}, click **Enable** to create a basic `dependabot.yml` configuration file. 1. Specify the dependencies to update and any associated configuration options, then commit the file to the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates)." @@ -121,7 +121,7 @@ To enable {% data variables.product.prodname_dependabot_version_updates %}, you You can configure {% data variables.product.prodname_code_scanning %} to automatically identify vulnerabilities and errors in the code stored in your repository by using a {% data variables.code-scanning.codeql_workflow %} or third-party tool. Depending on the programming languages in your repository, you can configure {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %} using default setup, in which {% data variables.product.prodname_dotcom %} automatically determines the languages to scan, query suites to run, and events that will trigger a new scan. For more information, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)." 1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**. -1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-hidden="true" %} Code security and analysis**. +1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-hidden="true" %} {% ifversion code-security-wording-only %}Code security{% else %}Code security and analysis{% endif %}**. 1. In the "{% data variables.product.prodname_code_scanning_caps %}" section, select **Set up** {% octicon "triangle-down" aria-hidden="true" %}, then click **Default**. 1. In the pop-up window that appears, review the default configuration settings for your repository, then click **Enable {% data variables.product.prodname_codeql %}**. @@ -132,7 +132,7 @@ Alternatively, you can use advanced setup, which generates a workflow file you c {% data reusables.gated-features.secret-scanning %} 1. From the main page of your repository, click **{% octicon "gear" aria-hidden="true" %} Settings**. -1. Click **Code security & analysis**. +1. Click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}. {% ifversion ghec or ghes %} 1. If {% data variables.product.prodname_GH_advanced_security %} is not already enabled, click **Enable**.{% endif %} 1. Next to {% data variables.product.prodname_secret_scanning_caps %}, click **Enable**. diff --git a/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md b/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md index d6df2d70c3fb..06ac5d599285 100644 --- a/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md +++ b/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md @@ -16,7 +16,7 @@ topics: ## About enabling push protection -To enable push protection for a repository, you must first enable {% data variables.product.prodname_secret_scanning %}. You can then enable push protection in the repository's "Code security and analysis" settings page following the steps outlined in this article. +To enable push protection for a repository, you must first enable {% data variables.product.prodname_secret_scanning %}. You can then enable push protection in the repository's {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} settings page following the steps outlined in this article. {% ifversion secret-scanning-push-protection-for-users %} diff --git a/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository.md b/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository.md index 6f95b840a569..5eb3b7982c79 100644 --- a/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository.md +++ b/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository.md @@ -51,10 +51,10 @@ If your organization is owned by an enterprise account, an enterprise owner can 1. Review the impact of enabling {% data variables.product.prodname_advanced_security %}, then click **Enable {% data variables.product.prodname_GH_advanced_security %} for this repository**. 1. When you enable {% data variables.product.prodname_advanced_security %}, {% data variables.product.prodname_secret_scanning %} may automatically be enabled for the repository due to the organization's settings. If "{% data variables.product.prodname_secret_scanning_caps %}" is shown with an **Enable** button, you still need to enable {% data variables.product.prodname_secret_scanning %} by clicking **Enable**. If you see a **Disable** button, {% data variables.product.prodname_secret_scanning %} is already enabled. - ![Screenshot of the "{% data variables.product.prodname_secret_scanning_caps %}" section of the "Code security and analysis" page, with the "Enable" button highlighted in a dark orange outline.](/assets/images/help/repository/enable-secret-scanning-alerts.png){% endif %}{% ifversion fpt %} + ![Screenshot of the "{% data variables.product.prodname_secret_scanning_caps %}" section of the {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} page, with the "Enable" button highlighted in a dark orange outline.](/assets/images/help/repository/enable-secret-scanning-alerts.png){% endif %}{% ifversion fpt %} 1. Scroll down to the bottom of the page, and click **Enable** for {% data variables.product.prodname_secret_scanning %}. If you see a **Disable** button, it means that {% data variables.product.prodname_secret_scanning %} is already enabled for the repository. - ![Screenshot of the "{% data variables.product.prodname_secret_scanning_caps %}" section of the "Code security and analysis" page, with the "Enable" button highlighted in a dark orange outline.](/assets/images/help/repository/enable-secret-scanning-alerts.png){% endif %} + ![Screenshot of the "{% data variables.product.prodname_secret_scanning_caps %}" section of the {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} page, with the "Enable" button highlighted in a dark orange outline.](/assets/images/help/repository/enable-secret-scanning-alerts.png){% endif %} A repository administrator can choose to disable {% data variables.product.prodname_secret_scanning %} for a repository at any time. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)." diff --git a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md index be4c7de78ce7..664aabed5c1f 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository.md @@ -40,7 +40,7 @@ You can manage a subset of security and analysis features for public repositorie {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of the feature, click **Disable** or **Enable**. +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of the feature, click **Disable** or **Enable**. {% endif %} ## Enabling or disabling security and analysis features{% ifversion fpt or ghec %} for private repositories{% endif %} @@ -54,7 +54,7 @@ You can manage the security and analysis features for your {% ifversion fpt or g {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Code security and analysis", to the right of the feature, click **Disable** or **Enable**. {% ifversion not fpt %}The control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled if your enterprise has no available licenses for {% data variables.product.prodname_advanced_security %}.{% endif %} +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of the feature, click **Disable** or **Enable**. {% ifversion not fpt %}The control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled if your enterprise has no available licenses for {% data variables.product.prodname_advanced_security %}.{% endif %} {% ifversion not fpt %} > [!NOTE] diff --git a/data/features/code-security-wording-only.yml b/data/features/code-security-wording-only.yml new file mode 100644 index 000000000000..f069057c5537 --- /dev/null +++ b/data/features/code-security-wording-only.yml @@ -0,0 +1,5 @@ +# Reference: 16288 + +versions: + fpt: '*' + ghec: '*' diff --git a/data/reusables/dependabot/automatically-pause-dependabot-updates.md b/data/reusables/dependabot/automatically-pause-dependabot-updates.md index 1aeeb4a29f24..3a3a1c08efc2 100644 --- a/data/reusables/dependabot/automatically-pause-dependabot-updates.md +++ b/data/reusables/dependabot/automatically-pause-dependabot-updates.md @@ -14,7 +14,7 @@ An inactive repository is a repository that has at least one {% data variables.p When {% data variables.product.prodname_dependabot %} is paused, {% data variables.product.prodname_dotcom %} adds a banner notice: * To all open {% data variables.product.prodname_dependabot %} pull requests. -* To the UI of the **Settings** tab of the repository (under **Code security and analysis**, then **{% data variables.product.prodname_dependabot %}**). +* To the UI of the **Settings** tab of the repository (under **{% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}**, then **{% data variables.product.prodname_dependabot %}**). * To the list of {% data variables.product.prodname_dependabot_alerts %} (if {% data variables.product.prodname_dependabot_security_updates %} are affected). {% ifversion dependabot-updates-paused-enterprise-orgs %} Additionally, you will be able to see whether {% data variables.product.prodname_dependabot %} is paused at the organization-level in the security overview. The `paused` status will also be visible via the API. For more information, see "[AUTOTITLE](/rest/repos#enable-automated-security-fixes)."{% endif %} diff --git a/data/reusables/dependabot/dependabot-alerts-enterprise-server-repo-org-enablement.md b/data/reusables/dependabot/dependabot-alerts-enterprise-server-repo-org-enablement.md index 530f35bf5e64..472187bfda8e 100644 --- a/data/reusables/dependabot/dependabot-alerts-enterprise-server-repo-org-enablement.md +++ b/data/reusables/dependabot/dependabot-alerts-enterprise-server-repo-org-enablement.md @@ -1,3 +1,3 @@ Enterprise owners must configure the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for an enterprise. -Once {% data variables.product.prodname_dependabot_alerts %} have been configured, repository administrators and organization owners can enable {% data variables.product.prodname_dependabot_alerts %} for private and internal repositories in their "Code security and analysis" settings page. Public repositories are enabled by default. For more information, see "[AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)", "[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)," and "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts)." +Once {% data variables.product.prodname_dependabot_alerts %} have been configured, repository administrators and organization owners can enable {% data variables.product.prodname_dependabot_alerts %} for private and internal repositories in their {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} settings page. Public repositories are enabled by default. For more information, see "[AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)", "[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)," and "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts)." diff --git a/data/reusables/dependabot/dependabot-grouped-security-updates-how-enable.md b/data/reusables/dependabot/dependabot-grouped-security-updates-how-enable.md index 0ac9eff9e403..bcc03cbd4c30 100644 --- a/data/reusables/dependabot/dependabot-grouped-security-updates-how-enable.md +++ b/data/reusables/dependabot/dependabot-grouped-security-updates-how-enable.md @@ -1,4 +1,4 @@ You can enable grouped pull requests for {% data variables.product.prodname_dependabot_security_updates %} in one, or both, of the following ways. -* To group as many available security updates together as possible, across directories and per ecosystem, enable grouping in the "Code security and analysis" settings for your repository{% ifversion pre-security-configurations %}or organization{% elsif security-configurations %}, or in "Global settings" under "Code security" for your organization{% endif %}. +* To group as many available security updates together as possible, across directories and per ecosystem, enable grouping in the {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} settings for your repository{% ifversion pre-security-configurations %}or organization{% elsif security-configurations %}, or in "Global settings" under "Code security" for your organization{% endif %}. * For more granular control of grouping, such as grouping by package name, development/production dependencies,{% ifversion dependabot-updates-multidirectory-support %} SemVer level, or across multiple directories per ecosystem{% else %} or SemVer level{% endif %}, add configuration options to the `dependabot.yml` configuration file in your repository. diff --git a/data/reusables/dependabot/dependabot-updates-and-actions.md b/data/reusables/dependabot/dependabot-updates-and-actions.md index 496f2e0ee22f..92da0cf0dd5b 100644 --- a/data/reusables/dependabot/dependabot-updates-and-actions.md +++ b/data/reusables/dependabot/dependabot-updates-and-actions.md @@ -1,3 +1,3 @@ If you enable {% data variables.product.prodname_dependabot %} on a new repository and have {% data variables.product.prodname_actions %} enabled, {% data variables.product.prodname_dependabot %} will run on {% data variables.product.prodname_actions %} by default. -If you enable {% data variables.product.prodname_dependabot %} on a new repository and have {% data variables.product.prodname_actions %} disabled, {% data variables.product.prodname_dependabot %} will run on the legacy application in {% data variables.product.product_name %} to perform {% data variables.product.prodname_dependabot_updates %}. This doesn't provide as good performance, visibility, or control of {% data variables.product.prodname_dependabot_updates %} jobs as {% data variables.product.prodname_actions %} does. If you want to use {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}, you must ensure that your repository enables {% data variables.product.prodname_actions %}, then enable "{% data variables.product.prodname_dependabot %} on Actions runners" from the repository's "Code security and analysis" settings page. +If you enable {% data variables.product.prodname_dependabot %} on a new repository and have {% data variables.product.prodname_actions %} disabled, {% data variables.product.prodname_dependabot %} will run on the legacy application in {% data variables.product.product_name %} to perform {% data variables.product.prodname_dependabot_updates %}. This doesn't provide as good performance, visibility, or control of {% data variables.product.prodname_dependabot_updates %} jobs as {% data variables.product.prodname_actions %} does. If you want to use {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}, you must ensure that your repository enables {% data variables.product.prodname_actions %}, then enable "{% data variables.product.prodname_dependabot %} on Actions runners" from the repository's {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %} settings page. diff --git a/data/reusables/repositories/navigate-to-code-security-and-analysis.md b/data/reusables/repositories/navigate-to-code-security-and-analysis.md index 64e48bcb6ca6..0d59fc5b039b 100644 --- a/data/reusables/repositories/navigate-to-code-security-and-analysis.md +++ b/data/reusables/repositories/navigate-to-code-security-and-analysis.md @@ -1 +1 @@ -1. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" %} Code security and analysis**. +1. In the "Security" section of the sidebar, click **{% octicon "codescan" aria-hidden="true" %} {% ifversion code-security-wording-only %}Code security{% else %}Code security and analysis{% endif %}**. diff --git a/data/reusables/repositories/navigate-to-ghas-settings.md b/data/reusables/repositories/navigate-to-ghas-settings.md index 51bf8e0b4084..32245b8a0ab7 100644 --- a/data/reusables/repositories/navigate-to-ghas-settings.md +++ b/data/reusables/repositories/navigate-to-ghas-settings.md @@ -1 +1 @@ -1. Under "Code security and analysis", find "{% data variables.product.prodname_GH_advanced_security %}." +1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, find "{% data variables.product.prodname_GH_advanced_security %}." diff --git a/data/reusables/user-settings/security-analysis.md b/data/reusables/user-settings/security-analysis.md index 28ee4bdd3c8e..768251f218bc 100644 --- a/data/reusables/user-settings/security-analysis.md +++ b/data/reusables/user-settings/security-analysis.md @@ -1 +1 @@ -1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-hidden="true" %} Code security and analysis**. +1. In the "Security" section of the sidebar, click **{% octicon "shield-lock" aria-hidden="true" %} {% ifversion code-security-wording-only %}Code security{% else %}Code security and analysis{% endif %}**.