diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 0195011ff988..c930eff3a2c4 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -4,7 +4,7 @@ Thank you for contributing to this project! You must fill out the information be ### Why: -Closes: +Closes: @@ -16,7 +16,6 @@ If you made changes to the `content` directory, a table will populate in a comme ### Check off the following: -- [ ] I have reviewed my changes in staging, available via the **View deployment** link in this PR's timeline (this link will be available after opening the PR). - - - For content changes, you will also see an automatically generated comment with links directly to pages you've modified. The comment won't appear if your PR only edits files in the `data` directory. -- [ ] For content changes, I have completed the [self-review checklist](https://docs.github.com/en/contributing/collaborating-on-github-docs/self-review-checklist). +- [ ] A subject matter expert (SME) has reviewed the technical accuracy of the content in this PR. In most cases, the author can be the SME. Open source contributions may require a SME review from GitHub staff. +- [ ] The changes in this PR meet [the docs fundamentals that are required for all content](http://docs.github.com/en/contributing/writing-for-github-docs/about-githubs-documentation-fundamentals). +- [ ] All CI checks are passing. diff --git a/.github/review-template.md b/.github/review-template.md deleted file mode 100644 index 6aeb6e69d74b..000000000000 --- a/.github/review-template.md +++ /dev/null @@ -1,36 +0,0 @@ -## Author self-review - -- [ ] The changes in this PR meet the user experience and goals outlined in the content design plan. -- [ ] The changes in this PR adhere to our [style guide](https://docs.github.com/en/contributing/style-guide-and-content-model/style-guide), [content model](https://docs.github.com/en/contributing/writing-for-github-docs/content-model), and "[Writing content to be translated](https://docs.github.com/en/contributing/writing-for-github-docs/writing-content-to-be-translated)." -- [ ] Compare this PR's source changes to the preview deployment and review for versioning issues, redirects, rendering problems, typos, and wonky screenshots. -- [ ] All screenshots in this PR adhere to the guidance in "[Creating screenshots](https://docs.github.com/en/contributing/writing-for-github-docs/creating-screenshots)." -- [ ] All checks are passing. -- [ ] For REST API content, verify that endpoints, parameters, and responses are correct and work as expected and provided curl samples below. - -For more information, check out our [review process](https://github.com/github/docs-team/blob/main/contributing-to-docs/review-process.md). - -## Review request - -### Summary - -_Help reviewers understand this project and its context by writing a paragraph summarizing its goals and intended user experience and explaining how the PR meets those goals._ -[Content design plan](LINK HERE) - -### Docs Content review - -_Give Docs Content any extra context, highlight areas for them to consider in their review, and ask them questions you need answered to ship the PR._ - -### Technical review - -_Ping in technical reviewers, asking them to review whether content is technically accurate and right for the audience._ -_Highlight areas for them to consider in their review and ask them questions you need answered to ship the PR._ - -### Content changes - -[PR on staging](LINK HERE) - -_Give a high-level overview of the changes in your PR and how they support the overall goals of the PR. Share links to important articles or changes in source and on staging. If your PR is large or complex, use a table to highlight changes with high user impact._ - -### Notes - -_Discuss test failures, versioning issues, or anything else reviewers should know to consider the overall user experience of the PR._ diff --git a/.github/workflows/add-review-template.yml b/.github/workflows/add-review-template.yml deleted file mode 100644 index c3490a191965..000000000000 --- a/.github/workflows/add-review-template.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Add review template - -# **What it does**: When a specific label is added to a PR, adds the contents of .github/review-template.md as a comment in the PR -# **Why we have it**: To help Docs Content team members ensure that their PR is ready for review -# **Who does it impact**: docs-internal maintainers and contributors - -on: - pull_request: - types: - - labeled - -permissions: - contents: read - -jobs: - comment-that-approved: - name: Add review template - runs-on: ubuntu-latest - if: github.event.label.name == 'add-review-template' && github.repository == 'github/docs-internal' - - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - # Jump through some hoops to work with a multi-line file - - name: Store review template in variable - run: | - TEMPLATE=$(cat .github/review-template.md) - echo "TEMPLATE<> $GITHUB_ENV - echo "$TEMPLATE" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - - name: Comment on the PR - run: | - gh pr comment $PR --body "$TEMPLATE" - env: - GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }} - PR: ${{ github.event.pull_request.html_url }} - TEMPLATE: ${{ env.TEMPLATE }} diff --git a/.github/workflows/comment-release-note-info.yml b/.github/workflows/comment-release-note-info.yml index d1b6e4059a14..e34eacd0f323 100644 --- a/.github/workflows/comment-release-note-info.yml +++ b/.github/workflows/comment-release-note-info.yml @@ -25,7 +25,7 @@ jobs: with: issue-number: ${{ github.event.pull_request.number }} body: | - Thank you for updating our GitHub Enterprise Server release notes. A member of the `docs-content-enterprise` team will review your changes. + Thank you for updating our GitHub Enterprise Server release notes. Please request a technical review for your changes. Once the technical review is complete, a member of the `docs-content-enterprise` team will review your changes. - If the change is urgent, post in `#docs-content-enterprise` on Slack. - Review the [style guide for release notes](https://docs.github.com/en/contributing/style-guide-and-content-model/style-guide#release-notes). diff --git a/.github/workflows/hubber-contribution-help.yml b/.github/workflows/hubber-contribution-help.yml index ed876e629532..e3896a713088 100644 --- a/.github/workflows/hubber-contribution-help.yml +++ b/.github/workflows/hubber-contribution-help.yml @@ -44,11 +44,11 @@ jobs: - name: Comment on the PR if: steps.membership_check.outputs.result == 'false' run: | - gh pr comment $PR --body "Thanks so much for opening this PR and contributing to GitHub Docs! + gh pr comment $PR --body "### Next: add the review label - - When you're ready for the Docs team to review this PR, add the *ready-for-doc-review* label to your PR, and it will be automatically added to the [Docs Content review board](https://github.com/orgs/github/memexes/901?layout=table&groupedBy%5BcolumnId%5D=11024). **Please factor in at least 72 hours for a review, even longer if this is a substantial change.** - - If you're adding a release note, request a technical review. The Docs team will review the PR after the technical review is complete. - - If your updates to the docs are more than a simple fix, you might want to go back and open an [issue](https://github.com/github/docs-content/issues/new/choose) to ensure we've covered all areas of the docs in these updates. Not doing so may result in delays or inaccurate documentation." + **🛎️ Is this PR ready for review?** A PR is ready for a docs review _after_ the self-review checklist is complete. + + When this is ready for review, add the **\`ready-for-doc-review\`** label to this PR. The PR will then be automatically added to the [Docs Content review board](https://github.com/orgs/github/projects/2936). _Please allow at least 3 working days for a review, and longer if this is a substantial change._" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/assets/images/help/copilot/copilot-icon-top-right.png b/assets/images/help/copilot/copilot-icon-top-right.png new file mode 100644 index 000000000000..24f3f193ae58 Binary files /dev/null and b/assets/images/help/copilot/copilot-icon-top-right.png differ diff --git a/assets/images/help/desktop/configure-custom-editor.png b/assets/images/help/desktop/configure-custom-editor.png deleted file mode 100644 index 859d7ec8e0c0..000000000000 Binary files a/assets/images/help/desktop/configure-custom-editor.png and /dev/null differ diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md index 511de0b2ba39..6864494b15e0 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md @@ -28,15 +28,15 @@ You can authenticate {% data variables.product.prodname_actions_runner_controlle 1. For "Homepage URL," enter `https://github.com/actions/actions-runner-controller`. 1. Under "Permissions," click **Repository permissions**. Then use the dropdown menus to select the following access permissions. - * **Administration**: Read and write + * **Administration:** Read and write > [!NOTE] > `Administration: Read and write` is only required when configuring {% data variables.product.prodname_actions_runner_controller %} to register at the repository scope. It is not required to register at the organization scope. - * **Metadata**: Read-only + * **Metadata:** Read-only 1. Under "Permissions," click **Organization permissions**. Then use the dropdown menus to select the following access permissions. - * **Self-hosted runners**: Read and write + * **Self-hosted runners:** Read and write {% data reusables.actions.arc-app-post-install-steps %} diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md index 4609a8f32a8b..34fd8a8dc163 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md @@ -34,9 +34,9 @@ You may not be able to create a self-hosted runner for an organization-owned rep The status can be one of the following: - * **Idle**: The runner is connected to {% data variables.product.product_name %} and is ready to execute jobs. - * **Active**: The runner is currently executing a job. - * **Offline**: The runner is not connected to {% data variables.product.product_name %}. This could be because the machine is offline, the self-hosted runner application is not running on the machine, or the self-hosted runner application cannot communicate with {% data variables.product.product_name %}. + * **Idle:** The runner is connected to {% data variables.product.product_name %} and is ready to execute jobs. + * **Active:** The runner is currently executing a job. + * **Offline:** The runner is not connected to {% data variables.product.product_name %}. This could be because the machine is offline, the self-hosted runner application is not running on the machine, or the self-hosted runner application cannot communicate with {% data variables.product.product_name %}. ## Troubleshooting network connectivity diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md index 3271e1b15a1d..743c2cf8f37e 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md @@ -17,15 +17,15 @@ The custom scripts are automatically triggered when a specific environment varia The following scripting languages are supported: -* **Bash**: Uses `bash` and can fallback to `sh`. Executes by running `-e {pathtofile}`. -* **PowerShell**: Uses `pwsh` and can fallback to `powershell`. Executes by running `-command \". '{pathtofile}'\"`. +* **Bash:** Uses `bash` and can fallback to `sh`. Executes by running `-e {pathtofile}`. +* **PowerShell:** Uses `pwsh` and can fallback to `powershell`. Executes by running `-command \". '{pathtofile}'\"`. ## Writing the scripts Your custom scripts can use the following features: -* **Variables**: Scripts have access to the default variables. The full webhook event payload can be found in `GITHUB_EVENT_PATH`. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables)." -* **Workflow commands**: Scripts can use workflow commands. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions)". Scripts can also use environment files. For more information, see [Environment files](/actions/using-workflows/workflow-commands-for-github-actions#environment-files). +* **Variables:** Scripts have access to the default variables. The full webhook event payload can be found in `GITHUB_EVENT_PATH`. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables)." +* **Workflow commands:** Scripts can use workflow commands. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions)". Scripts can also use environment files. For more information, see [Environment files](/actions/using-workflows/workflow-commands-for-github-actions#environment-files). Your script files must use a file extension for the relevant language, such as `.sh` or `.ps1`, in order to run successfully. diff --git a/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md b/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md index 6774d27239c0..200068b32a18 100644 --- a/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md +++ b/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md @@ -80,17 +80,17 @@ Use a wait timer to delay a job for a specific amount of time after the job is i Use deployment branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} to restrict which branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} can deploy to the environment. Below are the options for deployment branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} for an environment: {% ifversion deployment-protections-tag-patterns %} -* **No restriction**: No restriction on which branch or tag can deploy to the environment. +* **No restriction:** No restriction on which branch or tag can deploy to the environment. {%- else %} -* **All branches**: All branches in the repository can deploy to the environment. +* **All branches:** All branches in the repository can deploy to the environment. {%- endif %} -* **Protected branches{% ifversion deployment-protections-tag-patterns %} only{% endif %}**: Only branches with branch protection rules enabled can deploy to the environment. If no branch protection rules are defined for any branch in the repository, then all branches can deploy. For more information about branch protection rules, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."{% ifversion actions-protected-branches-restrictions %} +* **Protected branches{% ifversion deployment-protections-tag-patterns %} only{% endif %}:** Only branches with branch protection rules enabled can deploy to the environment. If no branch protection rules are defined for any branch in the repository, then all branches can deploy. For more information about branch protection rules, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."{% ifversion actions-protected-branches-restrictions %} > [!NOTE] > Deployment workflow runs triggered by tags with the same name as a protected branch and forks with branches that match the protected branch name cannot deploy to the environment. {% endif %} -* **Selected branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %}**: Only branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} that match your specified name patterns can deploy to the environment. +* **Selected branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %}:** Only branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} that match your specified name patterns can deploy to the environment. If you specify `releases/*` as a deployment branch{% ifversion deployment-protections-tag-patterns %} or tag{% endif %} rule, only a branch{% ifversion deployment-protections-tag-patterns %} or tag{% endif %} whose name begins with `releases/` can deploy to the environment. (Wildcard characters will not match `/`. To match branches{% ifversion deployment-protections-tag-patterns %} or tags{% endif %} that begin with `release/` and contain an additional single slash, use `release/*/*`.) If you add `main` as a branch rule, a branch named `main` can also deploy to the environment. For more information about syntax options for deployment branches, see the [Ruby `File.fnmatch` documentation](https://ruby-doc.org/core-2.5.1/File.html#method-c-fnmatch). diff --git a/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md b/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md index fa27f6eb27a2..1b12c685e2d5 100644 --- a/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md +++ b/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md @@ -27,9 +27,9 @@ With OpenID Connect (OIDC), you can take a different approach by configuring you By updating your workflows to use OIDC tokens, you can adopt the following good security practices: -* **No cloud secrets**: You won't need to duplicate your cloud credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. Instead, you can configure the OIDC trust on your cloud provider, and then update your workflows to request a short-lived access token from the cloud provider through OIDC. -* **Authentication and authorization management**: You have more granular control over how workflows can use credentials, using your cloud provider's authentication (authN) and authorization (authZ) tools to control access to cloud resources. -* **Rotating credentials**: With OIDC, your cloud provider issues a short-lived access token that is only valid for a single job, and then automatically expires. +* **No cloud secrets:** You won't need to duplicate your cloud credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. Instead, you can configure the OIDC trust on your cloud provider, and then update your workflows to request a short-lived access token from the cloud provider through OIDC. +* **Authentication and authorization management:** You have more granular control over how workflows can use credentials, using your cloud provider's authentication (authN) and authorization (authZ) tools to control access to cloud resources. +* **Rotating credentials:** With OIDC, your cloud provider issues a short-lived access token that is only valid for a single job, and then automatically expires. ### Getting started with OIDC @@ -159,8 +159,8 @@ The token also includes custom claims provided by {% data variables.product.prod With OIDC, a {% data variables.product.prodname_actions %} workflow requires a token in order to access resources in your cloud provider. The workflow requests an access token from your cloud provider, which checks the details presented by the JWT. If the trust configuration in the JWT is a match, your cloud provider responds by issuing a temporary token to the workflow, which can then be used to access resources in your cloud provider. You can configure your cloud provider to only respond to requests that originate from a specific organization's repository. You can also specify additional conditions, described below. Audience and Subject claims are typically used in combination while setting conditions on the cloud role/resources to scope its access to the GitHub workflows. -* **Audience**: By default, this value uses the URL of the organization or repository owner. This can be used to set a condition that only the workflows in the specific organization can access the cloud role. -* **Subject**: By default, has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) environment. See "[Example subject claims](#example-subject-claims)" to see how the subject claim is assembled from concatenated metadata. +* **Audience:** By default, this value uses the URL of the organization or repository owner. This can be used to set a condition that only the workflows in the specific organization can access the cloud role. +* **Subject:** By default, has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) environment. See "[Example subject claims](#example-subject-claims)" to see how the subject claim is assembled from concatenated metadata. If you need more granular trust conditions, you can customize the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see "[Customizing the token claims](#customizing-the-token-claims)". diff --git a/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md b/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md index 3ba6e40d69c6..067a47c4ed32 100644 --- a/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md +++ b/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md @@ -27,11 +27,11 @@ You should be familiar with the concepts described in "[AUTOTITLE](/actions/usin When combined with OpenID Connect (OIDC), reusable workflows let you enforce consistent deployments across your repository, organization, or enterprise. You can do this by defining trust conditions on cloud roles based on reusable workflows. The available options will vary depending on your cloud provider: -* **Using `job_workflow_ref`**: +* **Using `job_workflow_ref`:** * To create trust conditions based on reusable workflows, your cloud provider must support custom claims for `job_workflow_ref`. This allows your cloud provider to identify which repository the job originally came from. * For clouds that only support the standard claims (audience (`aud`) and subject (`sub`)), you can use the API to customize the `sub` claim to include `job_workflow_ref`. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims)". Support for custom claims is currently available for Google Cloud Platform and HashiCorp Vault. -* **Customizing the token claims**: +* **Customizing the token claims:** * You can configure more granular trust conditions by customizing the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims)". ## How the token works with reusable workflows @@ -83,11 +83,11 @@ If your reusable workflow performs deployment steps, then it will typically need You can configure a custom claim that filters for any reusable workflow in a specific repository. In this example, the workflow run must have originated from a job defined in a reusable workflow in the `octo-org/octo-automation` repository, and in any repository that is owned by the `octo-org` organization. -* **Subject**: +* **Subject:** * Syntax: `repo:ORG_NAME/*` * Example: `repo:octo-org/*` -* **Custom claim**: +* **Custom claim:** * Syntax: `job_workflow_ref:ORG_NAME/REPO_NAME` * Example: `job_workflow_ref:octo-org/octo-automation@*` @@ -95,10 +95,10 @@ You can configure a custom claim that filters for any reusable workflow in a spe You can configure a custom claim that filters for a specific reusable workflow. In this example, the workflow run must have originated from a job defined in the reusable workflow `octo-org/octo-automation/.github/workflows/deployment.yml`, and in any repository that is owned by the `octo-org` organization. -* **Subject**: +* **Subject:** * Syntax: `repo:ORG_NAME/*` * Example: `repo:octo-org/*` -* **Custom claim**: +* **Custom claim:** * Syntax: `job_workflow_ref:ORG_NAME/REPO_NAME/.github/workflows/WORKFLOW_FILE@ref` * Example: `job_workflow_ref:octo-org/octo-automation/.github/workflows/deployment.yml@ 10040c56a8c0253d69db7c1f26a0d227275512e2` diff --git a/content/actions/sharing-automations/sharing-actions-and-workflows-with-your-organization.md b/content/actions/sharing-automations/sharing-actions-and-workflows-with-your-organization.md index 2b367e32b741..913d102f952c 100644 --- a/content/actions/sharing-automations/sharing-actions-and-workflows-with-your-organization.md +++ b/content/actions/sharing-automations/sharing-actions-and-workflows-with-your-organization.md @@ -14,7 +14,7 @@ redirect_from: ## About {% data variables.product.prodname_actions %} access to private {% ifversion internal-actions %} or internal {% endif %}repositories -You can share actions and reusable workflows within your organization, without publishing them publicly, by allowing {% data variables.product.prodname_actions %} workflows to access a private {% ifversion internal-actions %} {% endif %}repository that contains the action or reusable workflow. +You can share actions and reusable workflows within your organization, without publishing them publicly, by allowing {% data variables.product.prodname_actions %} workflows to access a private repository that contains the action or reusable workflow. Any actions or reusable workflows stored in the private repository can be used in workflows defined in other private repositories owned by the same organization. Actions and reusable workflows stored in private repositories cannot be used in public repositories. diff --git a/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md b/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md index 5d825bca61b2..3ec3fff02440 100644 --- a/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md +++ b/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md @@ -25,8 +25,8 @@ redirect_from: Runner groups are used to control which repositories can run jobs on your {% data variables.actions.hosted_runner %}s. You must manage access to the group from each level of the management hierarchy, depending on where you've defined the {% data variables.actions.hosted_runner %}: -* **Runners at the enterprise level**: {% data reusables.actions.about-enterprise-level-runner-groups %} -* **Runners at the organization level**: {% data reusables.actions.about-organization-level-runner-groups %} +* **Runners at the enterprise level:** {% data reusables.actions.about-enterprise-level-runner-groups %} +* **Runners at the organization level:** {% data reusables.actions.about-organization-level-runner-groups %} For example, the following diagram has a runner group named `grp-ubuntu-20.04-16core` at the enterprise level. Before the repository named `octo-repo` can use the runners in the group, you must first configure the group at the enterprise level to allow access to the `octo-org` organization. You must then configure the group at the organization level to allow access to `octo-repo`. diff --git a/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md b/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md index 306096b6b283..460533a60ca6 100644 --- a/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md +++ b/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md @@ -48,8 +48,8 @@ Repositories are granted access to {% data variables.actions.hosted_runner %}s t Organization owners can use and configure enterprise-level runner groups for the repositories in their organization, or they can create organization-level runner groups to control access.{% ifversion custom-org-roles %} Users with the "Manage organization runners and runner groups" can only manage organization-level runner groups. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)."{% endif %} -* **For enterprise-level runner groups**: {% data reusables.actions.about-enterprise-level-runner-groups %} -* **For organization-level runner groups**: {% data reusables.actions.about-organization-level-runner-groups %} +* **For enterprise-level runner groups:** {% data reusables.actions.about-enterprise-level-runner-groups %} +* **For organization-level runner groups:** {% data reusables.actions.about-organization-level-runner-groups %} Once a repository has access to {% data variables.actions.hosted_runner %}s, the {% data variables.actions.hosted_runner %}s can be added to workflow files. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/running-jobs-on-larger-runners)." diff --git a/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md b/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md index 86741403e76e..0bfc8792b3eb 100644 --- a/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md +++ b/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md @@ -51,8 +51,8 @@ Artifacts are uploaded during a workflow run, and you can view an artifact's nam To share data between jobs: -* **Uploading files**: Give the uploaded file a name and upload the data before the job ends. -* **Downloading files**: You can only download artifacts that were uploaded during the same workflow run. When you download a file, you can reference it by name. +* **Uploading files:** Give the uploaded file a name and upload the data before the job ends. +* **Downloading files:** You can only download artifacts that were uploaded during the same workflow run. When you download a file, you can reference it by name. The steps of a job share the same environment on the runner machine, but run in their own individual processes. To pass data between steps in a job, you can use inputs and outputs. For more information about inputs and outputs, see "[AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions)." diff --git a/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md b/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md index 10d98b646f5c..2b8eeaa4eb62 100644 --- a/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md +++ b/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md @@ -26,10 +26,10 @@ You can use pre-written building blocks, called actions, in your workflow. An ac Actions can be: -* **Reusable**: actions can be used across different workflows and repositories, allowing you to avoid rewriting the same code. -* **Pre-written**: many actions are available in the {% data variables.product.prodname_marketplace %}, covering a wide range of tasks like checking out code, setting up environments, running tests, and deploying applications. -* **Configurable**: you can configure actions with inputs, outputs, and environment variables to tailor them to your specific needs. -* **Community-driven**: you can create your own actions and share them with others or use actions developed by the community. +* **Reusable:** actions can be used across different workflows and repositories, allowing you to avoid rewriting the same code. +* **Pre-written:** many actions are available in the {% data variables.product.prodname_marketplace %}, covering a wide range of tasks like checking out code, setting up environments, running tests, and deploying applications. +* **Configurable:** you can configure actions with inputs, outputs, and environment variables to tailor them to your specific needs. +* **Community-driven:** you can create your own actions and share them with others or use actions developed by the community. The actions you use in your workflow can be defined in: diff --git a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md index 3d7b1f76ddca..49000a4edb1b 100644 --- a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md +++ b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md @@ -34,13 +34,13 @@ When someone performs an action in the {% data variables.enterprise.management_c In the {% data variables.enterprise.management_console %}, you can perform administrative tasks for {% data variables.location.product_location %}, including: -* **Initial setup**: Walk through the initial setup process when first launching {% data variables.location.product_location %} by visiting {% data variables.location.product_location %}'s IP address in your browser. +* **Initial setup:** Walk through the initial setup process when first launching {% data variables.location.product_location %} by visiting {% data variables.location.product_location %}'s IP address in your browser. {%- ifversion enterprise-management-console-multi-user-auth %} -* **Identity and access management**: Improve the security of {% data variables.location.product_location %} by creating dedicated user accounts for the {% data variables.enterprise.management_console %}. {% ifversion management-console-editor %}The root site administrator account can control these user accounts' access by assigning either the editor or operator role. {% endif %}For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console)."{% ifversion management-console-editor %} +* **Identity and access management:** Improve the security of {% data variables.location.product_location %} by creating dedicated user accounts for the {% data variables.enterprise.management_console %}. {% ifversion management-console-editor %}The root site administrator account can control these user accounts' access by assigning either the editor or operator role. {% endif %}For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console)."{% ifversion management-console-editor %} {% data reusables.enterprise.editor-role-note %}{% endif %} {%- endif %} -* **Configuring authentication policies for the {% data variables.enterprise.management_console %}**: Set rate limits for login attempts, and the lockout duration if someone exceeds the rate limit. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console#configuring-rate-limits-for-authentication-to-the-management-console)." -* **Configuring basic settings for your instance**: Configure DNS, hostname, SSL, user authentication, email, monitoring services, and log forwarding on the Settings page. -* **Scheduling maintenance windows**: Take {% data variables.location.product_location %} offline while performing maintenance using the {% data variables.enterprise.management_console %} or administrative shell. -* **Troubleshooting**: Generate a support bundle or view high level diagnostic information. -* **License management**: View or update your {% data variables.product.prodname_enterprise %} license. +* **Configuring authentication policies for the {% data variables.enterprise.management_console %}:** Set rate limits for login attempts, and the lockout duration if someone exceeds the rate limit. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console#configuring-rate-limits-for-authentication-to-the-management-console)." +* **Configuring basic settings for your instance:** Configure DNS, hostname, SSL, user authentication, email, monitoring services, and log forwarding on the Settings page. +* **Scheduling maintenance windows:** Take {% data variables.location.product_location %} offline while performing maintenance using the {% data variables.enterprise.management_console %} or administrative shell. +* **Troubleshooting:** Generate a support bundle or view high level diagnostic information. +* **License management:** View or update your {% data variables.product.prodname_enterprise %} license. diff --git a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md index 4a388c42884a..f2c1eeda3a88 100644 --- a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md +++ b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md @@ -44,8 +44,8 @@ Only {% data variables.enterprise.management_console %} users with the operator The root site administrator can provision one of two roles for {% data variables.enterprise.management_console %} users: -* **Editor**: A {% data variables.enterprise.management_console %} user with the editor role can perform basic administrative tasks for {% data variables.location.product_location %} in the {% data variables.enterprise.management_console %}. Editors cannot add public SSH keys to the {% data variables.enterprise.management_console %} to grant administrative SSH access to the instance. -* **Operator**: A {% data variables.enterprise.management_console %} user with the operator role +* **Editor:** A {% data variables.enterprise.management_console %} user with the editor role can perform basic administrative tasks for {% data variables.location.product_location %} in the {% data variables.enterprise.management_console %}. Editors cannot add public SSH keys to the {% data variables.enterprise.management_console %} to grant administrative SSH access to the instance. +* **Operator:** A {% data variables.enterprise.management_console %} user with the operator role {%- else %} {% data variables.enterprise.management_console %} users, sometimes called operators, {%- endif %} can perform basic administrative tasks for {% data variables.location.product_location %} in the {% data variables.enterprise.management_console %} and can add SSH keys to the {% data variables.enterprise.management_console %} to grant administrative access to the instance via SSH. diff --git a/content/admin/configuring-packages/enabling-github-packages-with-aws.md b/content/admin/configuring-packages/enabling-github-packages-with-aws.md index cbb4e8295035..4306893650eb 100644 --- a/content/admin/configuring-packages/enabling-github-packages-with-aws.md +++ b/content/admin/configuring-packages/enabling-github-packages-with-aws.md @@ -45,7 +45,7 @@ Ensure your AWS access key ID and secret have the following permissions: For more information, see "[AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html)" in the AWS documentation. * **AWS S3 Bucket:** The name of your S3 bucket dedicated to {% data variables.product.prodname_registry %}. - * **AWS S3 Access Key** and **AWS S3 Secret Key**: The AWS access key ID and secret key to access your bucket. + * **AWS S3 Access Key** and **AWS S3 Secret Key:** The AWS access key ID and secret key to access your bucket. For more information on managing AWS access keys, see the "[AWS Identity and Access Management Documentation](https://docs.aws.amazon.com/iam/index.html)." {%- endif %} diff --git a/content/admin/configuring-packages/enabling-github-packages-with-minio.md b/content/admin/configuring-packages/enabling-github-packages-with-minio.md index acf4c390c56f..41f62168a67c 100644 --- a/content/admin/configuring-packages/enabling-github-packages-with-minio.md +++ b/content/admin/configuring-packages/enabling-github-packages-with-minio.md @@ -45,7 +45,7 @@ Although MinIO does not currently appear in the user interface under "Package St 1. Enter your MinIO storage bucket's details in the AWS storage settings. * **AWS Service URL:** The hosting URL for your MinIO bucket. * **AWS S3 Bucket:** The name of your S3-compatible MinIO bucket dedicated to {% data variables.product.prodname_registry %}. - * **AWS S3 Access Key** and **AWS S3 Secret Key**: Enter the MinIO access key ID and secret key to access your bucket. + * **AWS S3 Access Key** and **AWS S3 Secret Key:** Enter the MinIO access key ID and secret key to access your bucket. {%- endif %} {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index e2cdee276458..4c11d4e61f71 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -63,8 +63,8 @@ You can enable {% data variables.product.prodname_dependabot_updates %} for spec With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. -* **{% data variables.product.prodname_dependabot_version_updates %}**: Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)." -* **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)" and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." +* **{% data variables.product.prodname_dependabot_version_updates %}:** Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)." +* **{% data variables.product.prodname_dependabot_security_updates %}:** Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)" and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." ## Enabling {% data variables.product.prodname_dependabot_alerts %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md index 0e5ae9a85fe3..e02740006c5b 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md @@ -22,7 +22,7 @@ On {% data variables.enterprise.data_residency_site %}, {% data variables.produc * **Administrative access:** You need administrative access to both an enterprise account on {% data variables.enterprise.data_residency_site %} and a {% data variables.product.prodname_ghe_server %} instance. * **Version requirement:** Your {% data variables.product.prodname_ghe_server %} instance must run {% data variables.product.prodname_ghe_server %} 3.12 or later. -* **Proxy configuration**: If using a proxy server, allow connectivity to the following {% data variables.enterprise.data_residency_site %} hostnames (replace SUBDOMAIN with your enterprise's subdomain). +* **Proxy configuration:** If using a proxy server, allow connectivity to the following {% data variables.enterprise.data_residency_site %} hostnames (replace SUBDOMAIN with your enterprise's subdomain). * `{% data variables.enterprise.data_residency_domain %}` * `{% data variables.enterprise.data_residency_api %}` diff --git a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md index 046d8e9f6ba5..7dd6aa9f9382 100644 --- a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md +++ b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md @@ -20,7 +20,7 @@ Access to this feature is currently managed by {% data variables.contact.contact {% data variables.product.github %} is a complete developer platform for building, scaling, and delivering secure software. In addition to these capabilities, {% data variables.product.product_name %} offers several key features designed to further optimize and secure your use of the platform: -* Includes an **enterprise account**: a dedicated, shared space for your company to store code, collaborate, and access {% data variables.product.company_short %} features +* Includes an **enterprise account:** a dedicated, shared space for your company to store code, collaborate, and access {% data variables.product.company_short %} features * Centralizes billing, administration, governance, and audit of your company’s resources and activity * Is accessible only to authorized users, isolated from the wider {% data variables.product.prodname_dotcom_the_website %} community * Includes management of authentication and user lifecycles from an external identity management system: diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md index 880656685f9f..4f53f47f9fde 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md @@ -50,8 +50,8 @@ In the "Policies" section, you can control which organizations within your enter You can also limit the use of public actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}, with the following options: -* **Allow all actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}**: Any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} can be used, regardless of who authored it or where it is defined. -* **Allow enterprise actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}**: Only actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} defined in a repository within the enterprise can be used. {% ifversion ghec or fpt %}Blocks all access to actions authored by {% data variables.product.prodname_dotcom %}, such as the [`actions/checkout`](https://github.com/actions/checkout) action.{% endif %} +* **Allow all actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}:** Any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} can be used, regardless of who authored it or where it is defined. +* **Allow enterprise actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}:** Only actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} defined in a repository within the enterprise can be used. {% ifversion ghec or fpt %}Blocks all access to actions authored by {% data variables.product.prodname_dotcom %}, such as the [`actions/checkout`](https://github.com/actions/checkout) action.{% endif %} * {% data reusables.actions.policy-label-for-select-actions-workflows %}: Any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} defined in a repository within the enterprise can be used, plus any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} that matches criteria you specify. @@ -87,8 +87,8 @@ By default, anyone with admin access to a repository can add a self-hosted runne In the "Runners" section, you can mediate these risks by disabling the use of repository-level self-hosted runners. {% ifversion ghec %} -* **Disable for all organizations**: Prevents the creation of runners at the repository level. -* **Disable in all Enterprise Managed User (EMU) repositories**: Prevents the creation of runners for repositories owned by {% data variables.enterprise.prodname_managed_users %}. +* **Disable for all organizations:** Prevents the creation of runners at the repository level. +* **Disable in all Enterprise Managed User (EMU) repositories:** Prevents the creation of runners for repositories owned by {% data variables.enterprise.prodname_managed_users %}. {% endif %} {% data reusables.actions.disable-selfhosted-runners-note %} @@ -163,8 +163,8 @@ If a policy is enabled for an enterprise, the policy can be selectively disabled In the "Workflow permissions" section, you can set the **default** permissions granted to the `GITHUB_TOKEN`. -* **Read and write permissions**: By default, `GITHUB_TOKEN` has read and write access for all scopes. -* **Read repository contents and packages permissions**: By default, `GITHUB_TOKEN` has only read access for the `contents` and `packages` scopes. The more permissive setting cannot be chosen as the default for individual organizations or repositories. +* **Read and write permissions:** By default, `GITHUB_TOKEN` has read and write access for all scopes. +* **Read repository contents and packages permissions:** By default, `GITHUB_TOKEN` has only read access for the `contents` and `packages` scopes. The more permissive setting cannot be chosen as the default for individual organizations or repositories. Anyone with write access to a repository can still modify the permissions granted to the `GITHUB_TOKEN` for a specific workflow, by editing the `permissions` key in the workflow file. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md index a05e70264f68..16a8d62994a5 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md @@ -18,9 +18,9 @@ redirect_from: ## Restricting access by {% data variables.product.pat_generic_plural %} Enterprise owners can prevent their members from using {% data variables.product.pat_generic_plural %} to access resources owned by the enterprise. You can configure these restrictions for {% data variables.product.pat_v1_plural %} and {% data variables.product.pat_v2_plural %} independently with the following options: -* **Allow organizations to configure access requirements**: Each organization owned by the enterprise can decide whether to restrict or permit access by {% data variables.product.pat_generic_plural %}. -* **Restrict access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_generic_caps_plural %} cannot access organizations owned by the enterprise. SSH keys created by these {% data variables.product.pat_generic_plural %} will continue to work. Organizations cannot override this setting. -* **Allow access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_generic_caps_plural %} can access organizations owned by the enterprise. Organizations cannot override this setting. +* **Allow organizations to configure access requirements:** Each organization owned by the enterprise can decide whether to restrict or permit access by {% data variables.product.pat_generic_plural %}. +* **Restrict access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_generic_caps_plural %} cannot access organizations owned by the enterprise. SSH keys created by these {% data variables.product.pat_generic_plural %} will continue to work. Organizations cannot override this setting. +* **Allow access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_generic_caps_plural %} can access organizations owned by the enterprise. Organizations cannot override this setting. Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plural %} will have access to public resources within the organizations managed by your enterprise. @@ -61,9 +61,9 @@ When you set a policy, tokens with non-compliant lifetimes will be blocked from ## Enforcing an approval policy for {% data variables.product.pat_v2_plural %} Enterprise owners can manage approval requirements for each {% data variables.product.pat_v2 %} with the following options: -* **Allow organizations to configure approval requirements**: Enterprise owners can allow each organization in the enterprise to set its own approval requirements for the tokens. -* **Require approval**: Enterprise owners can require that all organizations within the enterprise must approve each {% data variables.product.pat_v2 %} that can access the organization. These tokens can still read public resources within the organization without needing approval. -* **Disable approval**: {% data variables.product.pat_v2_caps %}s created by organization members can access organizations owned by the enterprise without prior approval. Organizations cannot override this setting. +* **Allow organizations to configure approval requirements:** Enterprise owners can allow each organization in the enterprise to set its own approval requirements for the tokens. +* **Require approval:** Enterprise owners can require that all organizations within the enterprise must approve each {% data variables.product.pat_v2 %} that can access the organization. These tokens can still read public resources within the organization without needing approval. +* **Disable approval:** {% data variables.product.pat_v2_caps %}s created by organization members can access organizations owned by the enterprise without prior approval. Organizations cannot override this setting. > [!NOTE] > Only {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}, are subject to approval. Any {% data variables.product.pat_v1 %} can access organization resources without prior approval, unless the organization or enterprise has restricted access by {% data variables.product.pat_v1_plural %} For more information about restricting {% data variables.product.pat_v1_plural %}, see "[Restricting access by {% data variables.product.pat_generic_plural %}](#restricting-access-by-personal-access-tokens)" on this page and "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)." diff --git a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md index 96e1ba9e7f88..54730e0ec793 100644 --- a/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md +++ b/content/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v.md @@ -26,6 +26,14 @@ shortTitle: Install on Hyper-V {% data reusables.enterprise_installation.hardware-considerations-all-platforms %} +## Should I use VMotion? + +VMotion can be exceptionally helpful for general resource management, however the impact to the guest instance can be significant. With larger {% data variables.product.prodname_ghe_server %} instances (8 CPU/64 GB RAM and above), a VMotion event may result in a full outage of the {% data variables.product.prodname_ghe_server %} to end users as a result of dramatically reduced CPU, RAM, and storage IOPS. With this in mind, {% data variables.product.prodname_ghe_server %} should be considered a "highly latency sensitive" application. + +For large(r) deployments on VMWare that have Distributed Resource Scheduler (DRS) enabled, we would recommend configuring a VM-to-Host affinity rule for your {% data variables.product.prodname_ghe_server %} to try and keep the virtual appliance on a single host. If a migration with VMotion is required, we'd recommend considering this a "planned outage", and placing {% data variables.product.prodname_ghe_server %} into maintenance mode until the migration is complete. + +We also recommend that the ESXi Power Management Setting be configured to "High Performance". We have seen cases where overall system performance can be negatively impacted if this is left at "Balanced". + ## Downloading the {% data variables.product.prodname_ghe_server %} image {% data reusables.enterprise_installation.download-license %} diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md index 2195fac7708e..c70521b51846 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md @@ -25,8 +25,8 @@ Once a user account has been deleted, the username will be available for use wit You cannot delete a user that is currently an **organization owner**. -* **If the user is the only owner**: Transfer ownership to another person, or delete the organization. See "[AUTOTITLE](/organizations/managing-organization-settings/transferring-organization-ownership)" and "[AUTOTITLE](/organizations/managing-organization-settings/deleting-an-organization-account)." -* **If there are other owners**: Remove the user from the organization. See "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/removing-yourself-from-an-organization)." +* **If the user is the only owner:** Transfer ownership to another person, or delete the organization. See "[AUTOTITLE](/organizations/managing-organization-settings/transferring-organization-ownership)" and "[AUTOTITLE](/organizations/managing-organization-settings/deleting-an-organization-account)." +* **If there are other owners:** Remove the user from the organization. See "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/removing-yourself-from-an-organization)." You cannot delete **your own user account**. If you need to delete your own user account, ask another site administrator to delete your account for you. diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md index d97e8dd005d7..f18de4c4c0d0 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md @@ -17,8 +17,8 @@ shortTitle: Manage support entitlements People with support entitlements for your enterprise account can use the support portal to open, view, and comment on support tickets associated with the enterprise account. Enterprise owners and billing managers automatically have a support entitlement. Enterprise owners can add support entitlements to a limited number of enterprise members. -* **{% data variables.product.premium_support_plan %}**: Up to 20 members -* **{% data variables.product.premium_plus_support_plan %}**: Up to 40 members +* **{% data variables.product.premium_support_plan %}:** Up to 20 members +* **{% data variables.product.premium_plus_support_plan %}:** Up to 40 members ## Adding a support entitlement to an enterprise member diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md index 9fcb8fc4436c..df5cc267cb0a 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md @@ -19,13 +19,13 @@ topics: All users that are part of your enterprise have one of the following roles. -* **Enterprise owner**: Can manage all enterprise settings, members, and policies +* **Enterprise owner:** Can manage all enterprise settings, members, and policies {%- ifversion ghec %} -* **Billing manager**: Can manage enterprise billing settings +* **Billing manager:** Can manage enterprise billing settings {%- endif %} -* **Enterprise member**: Is a member or owner of any organization in the enterprise +* **Enterprise member:** Is a member or owner of any organization in the enterprise {%- ifversion guest-collaborators %} -* **Guest collaborator**: Can be granted access to repositories or organizations, but has limited access by default ({% data variables.product.prodname_emus %} only) +* **Guest collaborator:** Can be granted access to repositories or organizations, but has limited access by default ({% data variables.product.prodname_emus %} only) {%- endif %} {% ifversion ghec %}For information about which users consume a license, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing#people-that-consume-a-license)."{% endif %} diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md index fb4a7b968f5c..bdbaf1a9e429 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md @@ -210,9 +210,9 @@ If you use SAML authentication and SCIM provisioning, you can filter members bas {% data reusables.enterprise-accounts.people-tab %} 1. Select **Account Type**, then choose from the following options. - * **Built-in**: Users with local accounts on {% data variables.location.product_location %} who authenticate with a username and password. - * **SAML linked**: Users who authenticate with SAML via an identity provider, but were not provisioned by SCIM. - * **SAML and SCIM linked**: Users who authenticate with SAML via an identity provider, and were provisioned by SCIM. + * **Built-in:** Users with local accounts on {% data variables.location.product_location %} who authenticate with a username and password. + * **SAML linked:** Users who authenticate with SAML via an identity provider, but were not provisioned by SCIM. + * **SAML and SCIM linked:** Users who authenticate with SAML via an identity provider, and were provisioned by SCIM. {% endif %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md index a390178c36e8..5a5cba59d095 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md +++ b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md @@ -144,9 +144,9 @@ To configure {% data variables.product.prodname_ghe_server %} to use OIDC with a {% data reusables.actions.enterprise-enable-checkbox %} {% data reusables.actions.enterprise-s3-storage-setup %} 1. Under "Authentication", select **OpenID Connect (OIDC)**, and enter the values for your storage: - * **AWS S3 Bucket**: The name of your S3 bucket. - * **AWS Role**: The ARN for the role you created in the previous procedures. For example, `arn:aws:iam::123456789:role/my-role-name`. - * **AWS Region**: The AWS region for your bucket. For example, `us-east-1`. + * **AWS S3 Bucket:** The name of your S3 bucket. + * **AWS Role:** The ARN for the role you created in the previous procedures. For example, `arn:aws:iam::123456789:role/my-role-name`. + * **AWS Region:** The AWS region for your bucket. For example, `us-east-1`. {% data reusables.enterprise_management_console.test-storage-button %} {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md index 48d36d6c71c7..91d02869ff20 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md +++ b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md @@ -108,14 +108,14 @@ To configure {% data variables.product.prodname_ghe_server %} to use OIDC with G {% data reusables.actions.enterprise-enable-checkbox %} {% data reusables.actions.enterprise-gcp-storage-setup %} 1. Under "Authentication", select **OpenID Connect (OIDC)**, and enter the values for your storage: - * **Service URL**: The service URL for your bucket. This is usually `https://storage.googleapis.com`. - * **Bucket name**: The name of your bucket. - * **Workload Identity Provider ID**: The identity provider ID for your identity pool. + * **Service URL:** The service URL for your bucket. This is usually `https://storage.googleapis.com`. + * **Bucket name:** The name of your bucket. + * **Workload Identity Provider ID:** The identity provider ID for your identity pool. This is in the format `projects/PROJECT-NUMBER/locations/global/workloadIdentityPools/POOL-NAME/providers/PROVIDER-NAME`. Note that you must remove the `https://iam.googleapis.com/` prefix from the value noted in the previous procedure. For example, `projects/1234567890/locations/global/workloadIdentityPools/my-pool/providers/my-provider`. - * **Service account**: The service account email address that you noted in the previous procedure. For example, `ghes-oidc-service-account@my-project.iam.gserviceaccount.com`. + * **Service account:** The service account email address that you noted in the previous procedure. For example, `ghes-oidc-service-account@my-project.iam.gserviceaccount.com`. {% data reusables.enterprise_management_console.test-storage-button %} {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md index 7d0116609acc..4a9b0373b526 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md @@ -269,14 +269,14 @@ Before starting this section, ensure you have followed {% ifversion ghec %}the p On the "Attribute Mapping" tab, you will need to map fields from your LDAP server to SCIM fields. See the following list for {% data variables.product.github %}'s supported SCIM fields and the values expected in each one. -* **Username**: This will be normalized and used as the {% data variables.product.github %} username for the provisioned user. See "[AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication#about-username-normalization)." This must match the normalization of the subject sent with the SAML assertion that you configured with the `SAML_SUBJECT` property in PingFederate. -* **Email**: A field containing the user's email address. -* **Display Name**: A human-readable name for the user. -* **Formatted Name**: The user's full name, including all middle names, titles, and suffixes, formatted for display. -* **First Name**: The first name of the user. -* **Last Name**: The last name of the user. -* **External ID**: This identifier is generated by an IdP provider. -* **Roles**: This field should contain a string that represents the user's intended role on {% data variables.product.github %}. Valid roles are {% ifversion ghec %}`enterprise_owner`, `user`, `billing_manager`, and `guest_collaborator`{% else %}`enterprise_owner` and `user`{% endif %}. +* **Username:** This will be normalized and used as the {% data variables.product.github %} username for the provisioned user. See "[AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication#about-username-normalization)." This must match the normalization of the subject sent with the SAML assertion that you configured with the `SAML_SUBJECT` property in PingFederate. +* **Email:** A field containing the user's email address. +* **Display Name:** A human-readable name for the user. +* **Formatted Name:** The user's full name, including all middle names, titles, and suffixes, formatted for display. +* **First Name:** The first name of the user. +* **Last Name:** The last name of the user. +* **External ID:** This identifier is generated by an IdP provider. +* **Roles:** This field should contain a string that represents the user's intended role on {% data variables.product.github %}. Valid roles are {% ifversion ghec %}`enterprise_owner`, `user`, `billing_manager`, and `guest_collaborator`{% else %}`enterprise_owner` and `user`{% endif %}. When you have finished configuring these settings, click **Next**. diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md index b19409414190..7aeabbd29991 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md @@ -73,13 +73,11 @@ In addition: ## 1. Configure SAML -During the {% data variables.release-phases.public_preview %} of SCIM on {% data variables.product.prodname_ghe_server %}, you will use the **GitHub AE** application in Okta to configure SAML authentication and SCIM provisioning. Do **not** use the "{% data variables.product.prodname_ghe_server %}" application, which is incompatible with {% data variables.product.prodname_dotcom %}'s latest SCIM API endpoints. - Before starting this section, ensure you have followed steps **1 and 2** in "[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users)." ### In Okta -1. Go to the [GitHub AE](https://www.okta.com/integrations/github-ae/) application in Okta. +1. Go to the [GitHub Enterprise Server](https://www.okta.com/integrations/github-enterprise-server/) application in Okta. 1. Click **Add integration**. 1. In the general settings, for the base URL, enter your {% data variables.product.prodname_ghe_server %} host URL (`https://HOSTNAME.com`). 1. Click the **Sign On** tab. diff --git a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md index 635835c14ff3..3c85616cedb2 100644 --- a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md +++ b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md @@ -41,17 +41,17 @@ In these cases, contact {% data variables.contact.contact_enterprise_sales %}. The following changes also apply to single organizations that are automatically upgraded to an enterprise account. For details, see [{% data variables.product.prodname_blog %}](https://github.blog/changelog/2024-06-19-upcoming-automatic-upgrade-to-the-enterprise-account-experience/). -* **Ownership transfer**: Your organization will automatically be owned by the enterprise account. For details, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#about-addition-of-organizations-to-your-enterprise-account)." -* **Ownership roles**: All organization owners will become enterprise owners. -* **Billing details**: The organization’s billing details will now apply to the enterprise account. -* **Billing managers**: All organization billing managers will become enterprise billing managers. -* **Billing process**: {% data variables.product.company_short %} will bill the enterprise account for usage within **all** organizations owned by the enterprise. -* **Enterprise account name**: During the upgrade, the new enterprise account name will match your organization name or be as close as possible if taken. You can rename it after the upgrade. +* **Ownership transfer:** Your organization will automatically be owned by the enterprise account. For details, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#about-addition-of-organizations-to-your-enterprise-account)." +* **Ownership roles:** All organization owners will become enterprise owners. +* **Billing details:** The organization’s billing details will now apply to the enterprise account. +* **Billing managers:** All organization billing managers will become enterprise billing managers. +* **Billing process:** {% data variables.product.company_short %} will bill the enterprise account for usage within **all** organizations owned by the enterprise. +* **Enterprise account name:** During the upgrade, the new enterprise account name will match your organization name or be as close as possible if taken. You can rename it after the upgrade. * **SAML SSO:** Existing SAML SSO will stay at the organization level after being added to the new enterprise account. You can configure SSO at the enterprise level post-upgrade, which will override the organization level. Existing PATs and SAML-authorized tokens will remain unchanged. -* **Policies**: The new enterprise account starts with no policies, so existing organization policies won't be overridden. -* **Spending limits**: Existing organization spending limits transfer to the new enterprise account. Post-upgrade, billing is handled at the enterprise level. To adjust spending limits, under "Settings" in the enterprise account sidebar, select **Billing**. -* **Coupons**: Existing coupons will carry over to the new enterprise account with no interruptions. -* **Workflow permissions**: The new enterprise account will inherit your organization's workflow permissions. If the organization has a permissive setting ("Read and write"), the enterprise account will also default to permissive. Otherwise, it defaults to restrictive ("Read repository contents and packages"). For workflows with the id-token permission, the default changes to read-only due to a February 2023 update. Add an explicit permissions block in these workflows to grant the required permissions. +* **Policies:** The new enterprise account starts with no policies, so existing organization policies won't be overridden. +* **Spending limits:** Existing organization spending limits transfer to the new enterprise account. Post-upgrade, billing is handled at the enterprise level. To adjust spending limits, under "Settings" in the enterprise account sidebar, select **Billing**. +* **Coupons:** Existing coupons will carry over to the new enterprise account with no interruptions. +* **Workflow permissions:** The new enterprise account will inherit your organization's workflow permissions. If the organization has a permissive setting ("Read and write"), the enterprise account will also default to permissive. Otherwise, it defaults to restrictive ("Read repository contents and packages"). For workflows with the id-token permission, the default changes to read-only due to a February 2023 update. Add an explicit permissions block in these workflows to grant the required permissions. ## Upgrading an organization to an enterprise account diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md index 3ed1d4baef7c..aba6e5b66427 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md @@ -141,7 +141,7 @@ The following aggregate metrics will be collected and transmitted on a daily bas | CF | `packages_stats.ecosystems.nuget.internal_packages_count` | Number of internal NuGet packages | | CG | `packages_stats.ecosystems.nuget.user_packages_count` | Number of NuGet packages owned by user accounts | | CH | `packages_stats.ecosystems.nuget.organization_packages_count` | Number of NuGet packages owned by organizations | -| CI | `packages_stats.ecosystems.nuget.daily_download_count` | Number of downloads of Nuget packages | +| CI | `packages_stats.ecosystems.nuget.daily_download_count` | Number of downloads of NuGet packages | | CJ | `packages_stats.ecosystems.nuget.daily_update_count` | Number of NuGet packages updated | | CK | `packages_stats.ecosystems.nuget.daily_delete_count` | Number of NuGet packages deleted | | CL | `packages_stats.ecosystems.nuget.daily_create_count` | Number of NuGet packages created | diff --git a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md index 10fa7812131b..044539d53c9d 100644 --- a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md +++ b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md @@ -74,12 +74,12 @@ The system health graphs provide a general overview of services and system resou These graphs include key metrics for the resource utilization of services that power {% data variables.product.prodname_ghe_server %}. They help visualize ongoing issues while processing requests. -* **Nomad jobs**: The CPU and memory usage of individual services. {% data variables.product.prodname_ghe_server %} utilizes Nomad internally as the workload orchestrator. -* **Response code**: The number of responses by status code returned across {% data variables.product.prodname_ghe_server %} services. -* **Response time**: The speed of web requests at the 90th percentile in milliseconds. -* **Active workers**: The number of web workers busy per {% data variables.product.prodname_ghe_server %} application. -* **Queued requests**: The number of web requests queued per {% data variables.product.prodname_ghe_server %} application. It is expected for this panel to display 'No data' when no requests are queued up. -* **ElasticSearch Cluster Health**: The health status of the ElasticSearch cluster, based on the state of its primary and replica shards. This cluster powers {% data variables.product.prodname_ghe_server %} search. +* **Nomad jobs:** The CPU and memory usage of individual services. {% data variables.product.prodname_ghe_server %} utilizes Nomad internally as the workload orchestrator. +* **Response code:** The number of responses by status code returned across {% data variables.product.prodname_ghe_server %} services. +* **Response time:** The speed of web requests at the 90th percentile in milliseconds. +* **Active workers:** The number of web workers busy per {% data variables.product.prodname_ghe_server %} application. +* **Queued requests:** The number of web requests queued per {% data variables.product.prodname_ghe_server %} application. It is expected for this panel to display 'No data' when no requests are queued up. +* **ElasticSearch Cluster Health:** The health status of the ElasticSearch cluster, based on the state of its primary and replica shards. This cluster powers {% data variables.product.prodname_ghe_server %} search. {% endif %} ### Processes diff --git a/content/admin/overview/about-github-enterprise-server.md b/content/admin/overview/about-github-enterprise-server.md index 3b1c23b0aa8a..8e6016152857 100644 --- a/content/admin/overview/about-github-enterprise-server.md +++ b/content/admin/overview/about-github-enterprise-server.md @@ -27,10 +27,10 @@ Most features are released on {% data variables.product.prodname_dotcom_the_webs You can also configure optional features on {% data variables.product.product_name %} to improve the software development lifecycle for your enterprise. -* **{% data variables.product.prodname_actions %}**: Automate CI/CD and development workflows -* **{% data variables.product.prodname_GH_advanced_security %}**: Scan code for secrets and vulnerabilities -* **{% data variables.product.prodname_github_connect %}**: Benefit from data and features on {% data variables.product.prodname_dotcom_the_website %} -* **{% data variables.product.prodname_registry %}**: Host software packages for your enterprise +* **{% data variables.product.prodname_actions %}:** Automate CI/CD and development workflows +* **{% data variables.product.prodname_GH_advanced_security %}:** Scan code for secrets and vulnerabilities +* **{% data variables.product.prodname_github_connect %}:** Benefit from data and features on {% data variables.product.prodname_dotcom_the_website %} +* **{% data variables.product.prodname_registry %}:** Host software packages for your enterprise ## How do I deploy {% data variables.product.product_name %}? diff --git a/content/admin/overview/about-github-for-enterprises.md b/content/admin/overview/about-github-for-enterprises.md index 40f3500f55c2..f7497f3ab8b2 100644 --- a/content/admin/overview/about-github-for-enterprises.md +++ b/content/admin/overview/about-github-for-enterprises.md @@ -69,13 +69,13 @@ When businesses adopt {% data variables.product.prodname_enterprise %}, their re {% data reusables.enterprise.ghe-includes-ghec-and-ghes %} You can choose to use **one or both** of these deployment options. -**With {% data variables.product.prodname_ghe_cloud %}**: +**With {% data variables.product.prodname_ghe_cloud %}:** * Your repositories and other resources are hosted by {% data variables.product.company_short %}, and you'll automatically have access to the latest features and bugfixes. * You can choose for your enterprise to be hosted on {% data variables.product.prodname_dotcom_the_website %} or, for more control over where your company's code and data reside, on your own subdomain of {% data variables.enterprise.data_residency_site %}. * To access your resources, members of your enterprise can use their personal account or, if you use {% data variables.product.prodname_emus %}, you will provision accounts for users using an external system. -**With {% data variables.product.prodname_ghe_server %}**: +**With {% data variables.product.prodname_ghe_server %}:** * You run your own {% data variables.product.prodname_dotcom %} instance, either on-premises or on a public cloud service. * You create accounts for users, and authenticate users using either built-in authentication or an external system. diff --git a/content/admin/overview/about-the-github-enterprise-api.md b/content/admin/overview/about-the-github-enterprise-api.md index cb2b91dd3cc2..80f00dc99fc4 100644 --- a/content/admin/overview/about-the-github-enterprise-api.md +++ b/content/admin/overview/about-the-github-enterprise-api.md @@ -16,11 +16,9 @@ shortTitle: GitHub Enterprise API --- With the APIs, you can automate many administrative tasks. Some examples include: -* Perform changes to the {% data variables.enterprise.management_console %}. For more information, see -{% ifversion management-console-manage-ghes-parity -%} -"[AUTOTITLE](/rest/enterprise-admin/manage-ghes)." -{%- else -%} -"[AUTOTITLE](/rest/enterprise-admin/management-console)." + +{%- ifversion management-console-manage-ghes-parity %} +* Perform a configuration run to apply changes to {% data variables.enterprise.management_console %} settings. For more information, see "[AUTOTITLE](/rest/enterprise-admin/manage-ghes)." {%- endif %} * Configure LDAP sync. For more information, see "[AUTOTITLE](/rest/enterprise-admin/ldap)." * Collect statistics about your enterprise. For more information, see "[AUTOTITLE](/rest/enterprise-admin/admin-stats)." diff --git a/content/apps/using-github-apps/installing-your-own-github-app.md b/content/apps/using-github-apps/installing-your-own-github-app.md index 69d56cd9660a..6ae920fc226a 100644 --- a/content/apps/using-github-apps/installing-your-own-github-app.md +++ b/content/apps/using-github-apps/installing-your-own-github-app.md @@ -20,9 +20,9 @@ shortTitle: Install your own app After creating a {% data variables.product.prodname_github_app %}, you can install it based on its visibility. -* **Only on this account**: The {% data variables.product.prodname_github_app %} can only be installed on the organization or user account that created it.{% ifversion ghec %} If you are an {% data variables.product.prodname_emu %}, this option is not available for apps you create.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise.{% endif %}{% endif %} -* **Any account**: You can install this {% data variables.product.prodname_github_app %} on your user account or any organization account where you are an organization owner.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise. -* **Only enterprise organizations**: If the {% data variables.product.prodname_github_app %} is owned by an enterprise, you can only install the app on organizations within the enterprise. Organizations where you are an organization owner will appear in the installation options.{% endif %}{% ifversion ghec %} +* **Only on this account:** The {% data variables.product.prodname_github_app %} can only be installed on the organization or user account that created it.{% ifversion ghec %} If you are an {% data variables.product.prodname_emu %}, this option is not available for apps you create.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise.{% endif %}{% endif %} +* **Any account:** You can install this {% data variables.product.prodname_github_app %} on your user account or any organization account where you are an organization owner.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise. +* **Only enterprise organizations:** If the {% data variables.product.prodname_github_app %} is owned by an enterprise, you can only install the app on organizations within the enterprise. Organizations where you are an organization owner will appear in the installation options.{% endif %}{% ifversion ghec %} If you are an {% data variables.product.prodname_emu %}, you cannot install a {% data variables.product.prodname_github_app %} on your user account.{% endif %} diff --git a/content/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository.md b/content/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository.md index 255c201ccab9..d7282e98e86c 100644 --- a/content/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository.md +++ b/content/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository.md @@ -180,6 +180,23 @@ To illustrate how `git filter-repo` works, we'll show you how to remove your fil After using either the BFG tool or `git filter-repo` to remove the sensitive data and pushing your changes to {% data variables.product.product_name %}, you must take a few more steps to fully remove the data from {% data variables.product.product_name %}. +{% ifversion ghec %} +1. If the repository was migrated using the {% data variables.product.prodname_importer_proper_name %}, there may be some non-standard Git references that follow the pattern `refs/github-services`, that neither the BFG tool or `git filter-repo` can remove. In this case, remove those references running the following commands in your local copy of the repository: + + ```shell + # fetch all refs + git ls-remote | grep refs/github-services | cut -f2 | sort -t'/' -k3,4n > github-services-refs.txt + + # inspect and validate refs to be deleted + cat github-services-refs.txt + + # delete refs in batches + export BATCH_SIZE=512 + cat github-services-refs.txt | xargs -n $BATCH_SIZE git push origin --delete + ``` + +{% endif %} + 1. Contact {% data variables.contact.contact_support %}, and ask to remove cached views and references to the sensitive data in pull requests on {% data variables.product.product_name %}. Please provide the name of the repository and/or a link to the commit you need removed.{% ifversion ghes %} For more information about how site administrators can remove unreachable Git objects, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-repo-gc)." For more information about how site administrators can identify reachable commits, see "[Identifying reachable commits](#identifying-reachable-commits)."{% endif %}{% ifversion fpt or ghec %} > [!IMPORTANT] {% data variables.contact.github_support %} won't remove non-sensitive data, and will only assist in the removal of sensitive data in cases where we determine that the risk can't be mitigated by rotating affected credentials. diff --git a/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index 80ae728046f2..849fb795d97a 100644 --- a/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -14,7 +14,7 @@ shortTitle: Use SSH over HTTPS port --- {% tip %} -**{% data variables.product.prodname_ghe_server %} users**: Accessing {% data variables.product.prodname_ghe_server %} via SSH over the HTTPS port is currently not supported. +**{% data variables.product.prodname_ghe_server %} users:** Accessing {% data variables.product.prodname_ghe_server %} via SSH over the HTTPS port is currently not supported. {% endtip %} diff --git a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md index ed104aeba5dc..e3909c14c799 100644 --- a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md +++ b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md @@ -37,13 +37,13 @@ When you enable {% data variables.product.prodname_secret_scanning %}, you shoul There are a few approaches for tackling newly committed credentials, but one example approach would be: -1. **Notify**: Use webhooks to ensure that any new secret alerts are seen by the right teams as quickly as possible. A webhook fires when a secret alert is either created, resolved, or reopened. You can then parse the webhook payload, and integrate it into any tools you and your team use such Slack, Teams, Splunk, or email. For more information, see "[AUTOTITLE](/webhooks-and-events/webhooks/about-webhooks)" and "[AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert)." -1. **Follow Up**: Create a high-level remediation process that works for all secret types. For example, you could contact the developer who committed the secret and their technical lead on that project, highlighting the dangers of committing secrets to {% data variables.product.prodname_dotcom %}, and asking the them to revoke, and update the detected secret. +1. **Notify:** Use webhooks to ensure that any new secret alerts are seen by the right teams as quickly as possible. A webhook fires when a secret alert is either created, resolved, or reopened. You can then parse the webhook payload, and integrate it into any tools you and your team use such Slack, Teams, Splunk, or email. For more information, see "[AUTOTITLE](/webhooks-and-events/webhooks/about-webhooks)" and "[AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert)." +1. **Follow Up:** Create a high-level remediation process that works for all secret types. For example, you could contact the developer who committed the secret and their technical lead on that project, highlighting the dangers of committing secrets to {% data variables.product.prodname_dotcom %}, and asking the them to revoke, and update the detected secret. > [!NOTE] > You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create an email/message to the responsible people or open an issue. -1. **Educate**: Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well. +1. **Educate:** Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well. Repeat the last two steps for any new secrets leaked. This process encourages developers to take responsibility for managing the secrets used in their code securely, and allows you to measure the reduction in newly committed secrets. @@ -56,13 +56,13 @@ Once you have enabled {% data variables.product.prodname_secret_scanning %}, you Once enabled, you can do the following: -1. **Provide guidance**: Configure a custom link in the message that contributors will see if their push is blocked by {% data variables.product.prodname_secret_scanning %}. The linked resource can provide guidance for contributors on how to resolve the blocked push. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository)." +1. **Provide guidance:** Configure a custom link in the message that contributors will see if their push is blocked by {% data variables.product.prodname_secret_scanning %}. The linked resource can provide guidance for contributors on how to resolve the blocked push. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository)." -1. **Notify**: Define a webhook that specifically tracks {% data variables.secret-scanning.alerts %} created when someone bypasses push protection by using the alert property `"push_protection_bypassed": true`. Or, use the API to get updates on which {% data variables.secret-scanning.alerts %} were the result of a push protection bypass by filtering the list of results for `"push_protection_bypassed": true`. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)." +1. **Notify:** Define a webhook that specifically tracks {% data variables.secret-scanning.alerts %} created when someone bypasses push protection by using the alert property `"push_protection_bypassed": true`. Or, use the API to get updates on which {% data variables.secret-scanning.alerts %} were the result of a push protection bypass by filtering the list of results for `"push_protection_bypassed": true`. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)." {%- ifversion security-overview-push-protection-metrics-page %} -1. **Monitor**: Use security overview to view metrics on how push protection is performing in repositories across your organization, so you can quickly identify any repositories where you might need to take action. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)." +1. **Monitor:** Use security overview to view metrics on how push protection is performing in repositories across your organization, so you can quickly identify any repositories where you might need to take action. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)." {%- endif %} diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md index a88a4415038a..935508eb4999 100644 --- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md +++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md @@ -334,8 +334,8 @@ Creating a {% data variables.product.prodname_codeql %} database without buildin You can ensure a more accurate analysis by taking the following steps: -* Provide access to the public internet or ensure that access to a private Nuget feed is available. -* Check whether the repository requires multiple versions of the same Nuget dependency. {% data variables.product.prodname_codeql %} can use only one version and usually chooses the newer version where there are multiple versions. This approach may not work for all repositories. +* Provide access to the public internet or ensure that access to a private NuGet feed is available. +* Check whether the repository requires multiple versions of the same NuGet dependency. {% data variables.product.prodname_codeql %} can use only one version and usually chooses the newer version where there are multiple versions. This approach may not work for all repositories. * Check whether multiple versions of .NET are referenced, for example, `net48`, `net5.0`, and `netstandard1.6`. {% data variables.product.prodname_codeql %} can use only one version and this may affect accuracy. * Avoid colliding class names, otherwise this may cause missing method call targets, which has an impact on dataflow analysis. @@ -379,13 +379,13 @@ If `autobuild` detects multiple solution or project files at the same (shortest) For .NET Core application development on self-hosted runners, the .NET SDK is required (for `dotnet`). -For .NET Framework application development, you will need Microsoft Build Tools (for `msbuild`) and Nuget CLI (for `nuget`). +For .NET Framework application development, you will need Microsoft Build Tools (for `msbuild`) and NuGet CLI (for `nuget`). Windows runners require `powershell.exe` to be on the `PATH`. {% ifversion codeql-no-build-csharp %} -If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private Nuget feed is available. +If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private NuGet feed is available. {% endif %} @@ -404,7 +404,7 @@ For .NET Framework application development, you will require Mono Runtime (to ru {% ifversion codeql-no-build-csharp %} -If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private Nuget feed is available. +If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private NuGet feed is available. {% endif %} diff --git a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md index f58b14c6d063..2be02933cdcb 100644 --- a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md +++ b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md @@ -25,9 +25,9 @@ When you open the model editor, it analyzes the currently selected {% data varia The model editor has two different modes: -* **Application mode** (default view): The editor lists each external framework used by the selected {% data variables.product.prodname_codeql %} database. When you expand a framework, a list of all calls to and from the external API is shown with the options available to model dataflow through each call. This mode is most useful for improving the {% data variables.product.prodname_codeql %} results for a specific codebase. +* **Application mode (default view)**: The editor lists each external framework used by the selected {% data variables.product.prodname_codeql %} database. When you expand a framework, a list of all calls to and from the external API is shown with the options available to model dataflow through each call. This mode is most useful for improving the {% data variables.product.prodname_codeql %} results for a specific codebase. -* **Dependency mode**: The editor identifies all of the publicly accessible APIs in the selected {% data variables.product.prodname_codeql %} database. This view guides you through modeling each public API that the codebase makes available. When you have finished modeling the entire API, you can save the model and use it to improve the {% data variables.product.prodname_codeql %} analysis for all codebases that use the dependency. +* **Dependency mode:** The editor identifies all of the publicly accessible APIs in the selected {% data variables.product.prodname_codeql %} database. This view guides you through modeling each public API that the codebase makes available. When you have finished modeling the entire API, you can save the model and use it to improve the {% data variables.product.prodname_codeql %} analysis for all codebases that use the dependency. The rest of this article covers the practical aspects of modelling dependencies using the {% data variables.product.prodname_codeql %} model editor. For technical information, see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/){% ifversion fpt or ghec or ghes > 3.14 %}, [Customizing Library Models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/), [Customizing Library Models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/), and [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/){% elsif ghes > 3.12 %}, [Customizing Library Models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/), and [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/){% endif %} in the {% data variables.product.prodname_codeql %} language documentation. diff --git a/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md b/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index 71d5b6c612e5..2c46ee5f04d0 100644 --- a/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -146,7 +146,7 @@ With a {% data variables.product.prodname_copilot_enterprise %} license, you can ## Dismissing {% data variables.product.prodname_dependabot_alerts %} -> [!TIP] +> [!NOTE] > You can only dismiss open alerts. If you schedule extensive work to upgrade a dependency, or decide that an alert does not need to be fixed, you can dismiss the alert. Dismissing alerts that you have already assessed makes it easier to triage new alerts as they appear. diff --git a/content/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules.md b/content/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules.md index b8231a24850c..1978dd84b6da 100644 --- a/content/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules.md +++ b/content/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules.md @@ -28,11 +28,8 @@ There are two types of {% data variables.dependabot.auto_triage_rules %}: ### About {% data variables.dependabot.github_presets %} -{% note %} - -{% data reusables.dependabot.dependabot-github-preset-auto-triage-rules %} - -{% endnote %} +> [!NOTE] +> {% data reusables.dependabot.dependabot-github-preset-auto-triage-rules %} {% data variables.dependabot.github_presets %} are rules curated by {% data variables.product.company_short %}. {% data reusables.dependabot.dismiss-low-impact-rule %} @@ -40,11 +37,8 @@ The rule is enabled by default for public repositories and can be opted into for ### About {% data variables.dependabot.custom_rules %} -{% note %} - -{% data reusables.gated-features.dependabot-custom-auto-triage-rules %} - -{% endnote %} +> [!NOTE] +> {% data reusables.gated-features.dependabot-custom-auto-triage-rules %} With {% data variables.dependabot.custom_rules %}, you can create your own rules to automatically dismiss or reopen alerts based on targeted metadata, such as severity, package name, CWE, and more. You can also specify which alerts you want {% data variables.product.prodname_dependabot %} to open pull requests for. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts)." diff --git a/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md b/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md index 4ce447da6c9e..fb043eab08c7 100644 --- a/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md @@ -26,8 +26,8 @@ Repository administrators can create {% data variables.dependabot.custom_rules % Organization owners and security managers can set {% data variables.dependabot.custom_rules %} at the organization-level, and then choose if a rule is enforced or enabled across all public {% ifversion ghec %}and private {% endif %} repositories in the organization. - * **Enforced**: If an organization-level rule is "enforced", repository administrators cannot edit, disable, or delete the rule. - * **Enabled**: If an organization-level rule is "enabled", repository administrators can still disable the rule for their repository. + * **Enforced:** If an organization-level rule is "enforced", repository administrators cannot edit, disable, or delete the rule. + * **Enabled:** If an organization-level rule is "enabled", repository administrators can still disable the rule for their repository. > [!NOTE] > In the event that an organization-level rule and a repository-level rule specify conflicting behaviors, the action set out by the organization-level rule takes precedence. Dismissal rules always act before rules which trigger {% data variables.product.prodname_dependabot %} pull requests. diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index ea3fc1925b8c..ff14867bd7aa 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -190,7 +190,7 @@ updates: interval: "daily" ``` ->[!TIP] +> [!NOTE] > The `directories` key supports globbing and the wildcard character `*`. These features are not supported by the `directory` key. ```yaml @@ -996,18 +996,18 @@ updates: #### Versioning tag glossary -* **`alpha`**: Early version, may be unstable and have incomplete features. -* **`beta`**: More stable than alpha but may still have bugs. -* **`canary`**: Regularly updated pre-release version for testing. -* **`dev`**: Represents development versions. -* **`experimental`**: Versions with experimental features. -* **`latest`**: The latest stable release. -* **`legacy`**: Older or deprecated versions. -* **`next`**: Upcoming release version. -* **`nightly`**: Versions built nightly; often includes the latest changes. -* **`rc`**: Release candidate, close to stable release. -* **`release`**: The official release version. -* **`stable`**: The most reliable, production-ready version. +* **`alpha`:** Early version, may be unstable and have incomplete features. +* **`beta`:** More stable than alpha but may still have bugs. +* **`canary`:** Regularly updated pre-release version for testing. +* **`dev`:** Represents development versions. +* **`experimental`:** Versions with experimental features. +* **`latest`:** The latest stable release. +* **`legacy`:** Older or deprecated versions. +* **`next`:** Upcoming release version. +* **`nightly`:** Versions built nightly; often includes the latest changes. +* **`rc`:** Release candidate, close to stable release. +* **`release`:** The official release version. +* **`stable`:** The most reliable, production-ready version. {% endif %} @@ -1027,7 +1027,7 @@ You can give {% data variables.product.prodname_dependabot %} access to private > * Gradle > * Maven > * Npm -> * Nuget{% ifversion dependabot-updates-pub-private-registry %} +> * NuGet{% ifversion dependabot-updates-pub-private-registry %} > * Pub{% endif %} > * Python > * Yarn diff --git a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md index 60743efa50b3..55f7d09fb645 100644 --- a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md +++ b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md @@ -23,7 +23,8 @@ topics: Using {% data variables.product.prodname_actions %} runners allows you to more easily identify {% data variables.product.prodname_dependabot %} job errors and manually detect and troubleshoot failed runs. You can also integrate {% data variables.product.prodname_dependabot %} into your CI/CD pipelines by using {% data variables.product.prodname_actions %} APIs and webhooks to detect {% data variables.product.prodname_dependabot %} job status such as failed runs, and perform downstream processing. For more information, see "[AUTOTITLE](/rest/actions)" and "[AUTOTITLE](/webhooks/webhook-events-and-payloads)." ->[!TIP] Running {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_dotcom %}-hosted and self-hosted runners **does not** count towards your included {% data variables.product.prodname_actions %} minutes. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)." +> [!NOTE] +> Running {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_dotcom %}-hosted and self-hosted runners **does not** count towards your included {% data variables.product.prodname_actions %} minutes. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)." You can run {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_actions %} using: * {% data variables.product.prodname_dotcom %}-hosted runners diff --git a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md index eb8faacac258..50a15135b959 100644 --- a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md +++ b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md @@ -34,7 +34,7 @@ You'll find detailed guidance for the setup of the following package managers: * [Gradle](#gradle) * [Maven](#maven) * [npm](#npm) -* [Nuget](#nuget){% ifversion dependabot-updates-pub-private-registry %} +* [NuGet](#nuget){% ifversion dependabot-updates-pub-private-registry %} * [pub](#pub){% endif %} * [Python](#python) * [Yarn](#yarn) @@ -323,7 +323,7 @@ For scoped dependencies (`@my-org/my-dep`), {% data variables.product.prodname_d Registries should be configured using the `https` protocol. -### Nuget +### NuGet Supported by Artifactory, Artifacts, Cloudsmith, {% data variables.product.prodname_registry %} registry, Nexus, and ProGet. diff --git a/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md b/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md index b9b63f1f6d74..78d41777e3bd 100644 --- a/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md +++ b/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md @@ -226,11 +226,11 @@ If the `yarn.lock` file doesn't list the private registry as the dependency sour > [!NOTE] > For scoped dependencies (`@my-org/my-dep`), {% data variables.product.prodname_dependabot %} requires that the private registry is defined in the project's `.yarnrc` file. To define private registries for individual scopes, use `"@myscope:registry" "https://private_registry_url"`. -## Nuget +## NuGet -To allow the Nuget ecosystem to only access private registries, you can configure the `dependabot.yml` file. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#nuget-feed)." +To allow the NuGet ecosystem to only access private registries, you can configure the `dependabot.yml` file. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#nuget-feed)." -The Nuget ecosystem additionally requires a `nuget.config` file to be checked into the repository, with either a `< clear />` tag in `` section or a key `nuget.org` as true in the `disabledPackageSources` section of the `nuget.config` file. +The NuGet ecosystem additionally requires a `nuget.config` file to be checked into the repository, with either a `< clear />` tag in `` section or a key `nuget.org` as true in the `disabledPackageSources` section of the `nuget.config` file. This is an example of a `< clear />` tag in the `packageSources` section of the `nuget.config`. diff --git a/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md index 48fbce04da2a..345185eb7d45 100644 --- a/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -256,8 +256,8 @@ If you continue to see CI failures, you should remove the group configuration so If you unblock {% data variables.product.prodname_dependabot %}, you can manually trigger a fresh attempt to create a pull request. -* **Security updates**: Display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. -* **Version updates**: On the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked _TIME_ ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. +* **Security updates:** Display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. +* **Version updates:** On the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked _TIME_ ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. ## Further reading diff --git a/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index 4f2544e5e51c..9f9ebbe7a773 100644 --- a/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -42,7 +42,7 @@ topics: * Direct dependencies explicitly declared in a manifest or lockfile * Transitive dependencies declared in a lockfile -**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? +**Check:** Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? ## Why don't I get {% data variables.product.prodname_dependabot_alerts %} for some ecosystems? @@ -50,7 +50,7 @@ topics: It's worth noting that security advisories may exist for other ecosystems. The information in an unreviewed security advisory is provided by the maintainers of a particular repository. This data is not curated by {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.link-browsing-advisory-db %} -**Check**: Does the uncaught vulnerability apply to an unsupported ecosystem? +**Check:** Does the uncaught vulnerability apply to an unsupported ecosystem? ## Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years? @@ -58,7 +58,7 @@ The {% data variables.product.prodname_advisory_database %} was launched in Nove Some information on older vulnerabilities is available, especially where these CVEs are particularly widespread, however some old vulnerabilities are not included in the {% data variables.product.prodname_advisory_database %}. If there's a specific old vulnerability that you need to be included in the database, contact {% data variables.contact.contact_support %}. -**Check**: Does the uncaught vulnerability have a publish date earlier than 2017 in the National Vulnerability Database? +**Check:** Does the uncaught vulnerability have a publish date earlier than 2017 in the National Vulnerability Database? ## Why does {% data variables.product.prodname_advisory_database %} use a subset of published vulnerability data? @@ -80,7 +80,7 @@ Legacy {% data variables.product.prodname_dependabot_alerts %} were grouped into The {% data variables.product.prodname_dependabot_alerts %} count in {% data variables.product.prodname_dotcom %} shows a total for the number of alerts, which is the number of vulnerabilities, not the number of dependencies. -**Check**: If there is a discrepancy in the totals you are seeing, check that you are not comparing alert numbers with dependency numbers. Also check that you are viewing all alerts and not a subset of filtered alerts. +**Check:** If there is a discrepancy in the totals you are seeing, check that you are not comparing alert numbers with dependency numbers. Also check that you are viewing all alerts and not a subset of filtered alerts. {% endif %} ## Can Dependabot ignore specific dependencies? diff --git a/content/code-security/secret-scanning/introduction/about-push-protection.md b/content/code-security/secret-scanning/introduction/about-push-protection.md index 4792c34c38cf..0c957edf3e26 100644 --- a/content/code-security/secret-scanning/introduction/about-push-protection.md +++ b/content/code-security/secret-scanning/introduction/about-push-protection.md @@ -57,19 +57,19 @@ By default, anyone with write access to the repository can choose to bypass push ## About the benefits of push protection -* **Preventative security**: Push protection acts as a frontline defense mechanism by scanning code for secrets at the time of the push. This preventative approach helps to catch potential issues before they are merged into your repository. +* **Preventative security:** Push protection acts as a frontline defense mechanism by scanning code for secrets at the time of the push. This preventative approach helps to catch potential issues before they are merged into your repository. -* **Immediate feedback**: Developers receive instant feedback if a potential secret is detected during a push attempt. This immediate notification allows for quick remediation, reducing the likelihood of sensitive information being exposed. +* **Immediate feedback:** Developers receive instant feedback if a potential secret is detected during a push attempt. This immediate notification allows for quick remediation, reducing the likelihood of sensitive information being exposed. -* **Reduced risk of data leaks**: By blocking commits that contain sensitive information, push protection significantly reduces the risk of accidental data leaks. This helps in safeguarding against unauthorized access to your infrastructure, services, and data. +* **Reduced risk of data leaks:** By blocking commits that contain sensitive information, push protection significantly reduces the risk of accidental data leaks. This helps in safeguarding against unauthorized access to your infrastructure, services, and data. -* **Efficient secret management**: Instead of retrospectively dealing with exposed secrets, developers can address issues at the source. This makes secret management more efficient and less time-consuming. +* **Efficient secret management:** Instead of retrospectively dealing with exposed secrets, developers can address issues at the source. This makes secret management more efficient and less time-consuming. -* **Integration with CI/CD pipelines**: Push Protection can be integrated into your Continuous Integration/Continuous Deployment (CI/CD) pipelines, ensuring that every push is scanned for secrets before it gets deployed. This adds an extra layer of security to your DevOps practices. +* **Integration with CI/CD pipelines:** Push Protection can be integrated into your Continuous Integration/Continuous Deployment (CI/CD) pipelines, ensuring that every push is scanned for secrets before it gets deployed. This adds an extra layer of security to your DevOps practices. -{% ifversion secret-scanning-push-protection-custom-patterns %}* **Ability to detect custom patterns**: Organizations can define custom patterns for detecting secrets unique to their environment. This customization ensures that push Protection can effectively identify and block even non-standard secrets.{% endif %} +{% ifversion secret-scanning-push-protection-custom-patterns %}* **Ability to detect custom patterns:** Organizations can define custom patterns for detecting secrets unique to their environment. This customization ensures that push Protection can effectively identify and block even non-standard secrets.{% endif %} -{% ifversion push-protection-delegated-bypass %}* **Delegated bypass for flexibility**: For cases where false positives occur or when certain patterns are necessary, the delegated bypass feature allows designated users to approve specific pushes. This provides flexibility without compromising overall security.{% endif %} +{% ifversion push-protection-delegated-bypass %}* **Delegated bypass for flexibility:** For cases where false positives occur or when certain patterns are necessary, the delegated bypass feature allows designated users to approve specific pushes. This provides flexibility without compromising overall security.{% endif %} {% ifversion secret-scanning-push-protection-for-users %} diff --git a/content/code-security/secret-scanning/introduction/about-secret-scanning.md b/content/code-security/secret-scanning/introduction/about-secret-scanning.md index ef6afa7c951d..21765ae52294 100644 --- a/content/code-security/secret-scanning/introduction/about-secret-scanning.md +++ b/content/code-security/secret-scanning/introduction/about-secret-scanning.md @@ -48,47 +48,47 @@ You can also use security overview to see an organization-level view of which re Below is a typical workflow that explains how {% data variables.product.prodname_secret_scanning %} works: -* **Detection**: {% data variables.product.prodname_secret_scanning_caps %} automatically scans your repository's contents for sensitive data, such as API keys, passwords, tokens, and other secrets. It looks for patterns and heuristics that match known types of secrets. +* **Detection:** {% data variables.product.prodname_secret_scanning_caps %} automatically scans your repository's contents for sensitive data, such as API keys, passwords, tokens, and other secrets. It looks for patterns and heuristics that match known types of secrets. -* **Alerts**: When a potential secret is detected, {% data variables.product.prodname_dotcom %} generates an alert and notifies the relevant repository administrators and users. This notification includes details about the detected secret, such as its location in the repository. For more information about alert types and alert details, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)." +* **Alerts:** When a potential secret is detected, {% data variables.product.prodname_dotcom %} generates an alert and notifies the relevant repository administrators and users. This notification includes details about the detected secret, such as its location in the repository. For more information about alert types and alert details, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)." -* **Review**: When a secret is detected, you'll need to review the alert details provided. +* **Review:** When a secret is detected, you'll need to review the alert details provided. -* **Remediation**: You then need to take appropriate actions to remediate the exposure. This might include: +* **Remediation:** You then need to take appropriate actions to remediate the exposure. This might include: * Rotating the affected credential to ensure it is no longer usable. * Removing the secret from the repository's history (using tools like BFG Repo-Cleaner or {% data variables.product.prodname_dotcom %}'s built-in features). -* **Monitoring**: It's good practice to regularly audit and monitor your repositories to ensure no other secrets are exposed. +* **Monitoring:** It's good practice to regularly audit and monitor your repositories to ensure no other secrets are exposed. {% ifversion fpt or ghec %} -* **Integration with partners**: {% data variables.product.prodname_dotcom %} works with various service providers to validate secrets. When a partner secret is detected, {% data variables.product.prodname_dotcom %} notifies the provider so they can take appropriate action, such as revoking the credential. For more information about the partnership program, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." +* **Integration with partners:** {% data variables.product.prodname_dotcom %} works with various service providers to validate secrets. When a partner secret is detected, {% data variables.product.prodname_dotcom %} notifies the provider so they can take appropriate action, such as revoking the credential. For more information about the partnership program, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." {% endif %} ## About the benefits of {% data variables.product.prodname_secret_scanning %} -* **Enhanced security**: {% data variables.product.prodname_secret_scanning_caps %} scans your repositories for sensitive information like API keys, passwords, tokens, and other secrets. By detecting these early, you can mitigate potential security risks before they are exploited by malicious actors. +* **Enhanced security:** {% data variables.product.prodname_secret_scanning_caps %} scans your repositories for sensitive information like API keys, passwords, tokens, and other secrets. By detecting these early, you can mitigate potential security risks before they are exploited by malicious actors. -* **Automated detection**: The feature automatically scans your codebase, including commits, issues, and pull requests, ensuring continuous protection without requiring manual intervention. This automation helps in maintaining security even as your repository evolves. +* **Automated detection:** The feature automatically scans your codebase, including commits, issues, and pull requests, ensuring continuous protection without requiring manual intervention. This automation helps in maintaining security even as your repository evolves. -* **Real-time alerts**: When a secret is detected, {% data variables.product.prodname_secret_scanning %} provides real-time alerts to repository administrators and contributors. This immediate feedback allows for swift remediation actions. +* **Real-time alerts:** When a secret is detected, {% data variables.product.prodname_secret_scanning %} provides real-time alerts to repository administrators and contributors. This immediate feedback allows for swift remediation actions. {% ifversion fpt or ghec %} -* **Integration with service providers**: {% data variables.product.prodname_dotcom %} partners with various service providers to validate detected secrets. When a secret is identified, {% data variables.product.prodname_dotcom %} notifies the corresponding service provider to take appropriate actions, such as revoking the exposed credential. For more information, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." +* **Integration with service providers:** {% data variables.product.prodname_dotcom %} partners with various service providers to validate detected secrets. When a secret is identified, {% data variables.product.prodname_dotcom %} notifies the corresponding service provider to take appropriate actions, such as revoking the exposed credential. For more information, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." {% endif %} {% ifversion ghec or ghes %} -* **Custom pattern support**: Organizations can define custom patterns to detect proprietary or unique types of secrets that may not be covered by default patterns. This flexibility allows for tailored security measures specific to your environment. +* **Custom pattern support:** Organizations can define custom patterns to detect proprietary or unique types of secrets that may not be covered by default patterns. This flexibility allows for tailored security measures specific to your environment. {% endif %} {% ifversion secret-scanning-non-provider-patterns %} -* **Ability to detect non-provider patterns**: You can expand the detection to include non-provider patterns such as connection strings, authentication headers, and private keys, for your repository or organization. +* **Ability to detect non-provider patterns:** You can expand the detection to include non-provider patterns such as connection strings, authentication headers, and private keys, for your repository or organization. {% endif %} @@ -120,8 +120,8 @@ Define your own patterns for secrets used by your organization that {% data vari ### {% data variables.secret-scanning.copilot-secret-scanning %} -* **{% data variables.secret-scanning.generic-secret-detection-caps %}**: Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to detect unstructured secrets, such as passwords, in your repository. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets)."{% ifversion secret-scanning-custom-pattern-ai-generated %} -* **{% data variables.secret-scanning.custom-pattern-regular-expression-generator-caps %}**: Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to generate regular expressions that will capture all your custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-regex-generator).{% endif %} +* **{% data variables.secret-scanning.generic-secret-detection-caps %}:** Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to detect unstructured secrets, such as passwords, in your repository. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets)."{% ifversion secret-scanning-custom-pattern-ai-generated %} +* **{% data variables.secret-scanning.custom-pattern-regular-expression-generator-caps %}:** Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to generate regular expressions that will capture all your custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-regex-generator).{% endif %} {% endif %} diff --git a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md index 86a5216596ec..b312d0032199 100644 --- a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md +++ b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md @@ -33,19 +33,19 @@ If you believe that {% data variables.product.prodname_secret_scanning %} should This table lists the secrets supported by {% data variables.product.prodname_secret_scanning %}. You can see the types of alert that get generated for each token, as well as whether a validity check is performed on the token. -* **Provider**: Name of the token provider.{% ifversion fpt or ghec %} -* **Partner**: Token for which leaks are reported to the relevant token partner. Applies to public repositories only. -* **User**: Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} +* **Provider:** Name of the token provider.{% ifversion fpt or ghec %} +* **Partner:** Token for which leaks are reported to the relevant token partner. Applies to public repositories only. +* **User:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} * Applies to public repositories, and to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled. * Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which usually have a higher ratio of false positives. * For {% data variables.product.prodname_secret_scanning %} to scan for non-provider patterns, the detection of non-provider patterns must be enabled for the repository or the organization. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository)." {% data reusables.secret-scanning.non-provider-patterns-beta %}{% endif %}{% endif %}{% ifversion ghes %} -* **{% data variables.product.prodname_secret_scanning_caps %} alert**: Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} +* **{% data variables.product.prodname_secret_scanning_caps %} alert:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} * Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled. * Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which often result in false positives.{% else %} Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled.{% endif %}{% endif %} -* **Push protection**: Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}. Applies to repositories with {% data variables.product.prodname_secret_scanning %} and push protection enabled. +* **Push protection:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}. Applies to repositories with {% data variables.product.prodname_secret_scanning %} and push protection enabled. -* **Validity check**: Token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see "[{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security)" in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see "[AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %} +* **Validity check:** Token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see "[{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security)" in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see "[AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %} {% ifversion secret-scanning-non-provider-patterns %} diff --git a/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md b/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md index dab2de9795b8..b8fc5f3468c3 100644 --- a/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md +++ b/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md @@ -82,10 +82,10 @@ Create a public, internet accessible HTTP endpoint at the URL you provided to us The message body is a JSON array that contains one or more objects, with each object representing a single secret match. Your endpoint should be able to handle requests with a large number of matches without timing out. The keys for each secret match are: -* **token**: The value of the secret match. -* **type**: The unique name you provided to identify your regular expression. -* **url**: The public URL where the match was found (may be empty) -* **source**: Where the token was found on {% data variables.product.prodname_dotcom %}. +* **token:** The value of the secret match. +* **type:** The unique name you provided to identify your regular expression. +* **url:** The public URL where the match was found (may be empty) +* **source:** Where the token was found on {% data variables.product.prodname_dotcom %}. The list of valid values for `source` are: diff --git a/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md b/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md index 2a81b932b264..7f79cf4bbc4b 100644 --- a/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md +++ b/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md @@ -24,7 +24,7 @@ If you make a request with these endpoints whose content includes a supported se To resolve the error, you can either: * **Remove** the secret from the content of your API request before trying again. -* **Create a push protection bypass**: You can bypass push protection using the "Create a push protection bypass" endpoint. For more information, see "[AUTOTITLE](/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28#create-a-push-protection-bypass)." +* **Create a push protection bypass:** You can bypass push protection using the "Create a push protection bypass" endpoint. For more information, see "[AUTOTITLE](/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28#create-a-push-protection-bypass)." ## Further reading diff --git a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md index 1196a061794c..eaad4d26e089 100644 --- a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md +++ b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md @@ -51,9 +51,9 @@ For more information about the {% data variables.product.prodname_advisory_datab ### Glossary -* **Vulnerable Version Range (VVR)**: the range of versions that are vulnerable to a particular software bug. -* **Operator**: any symbol that indicates the boundary of a vulnerable version range. -* **Open Source Vulnerability format (OSV)**: format that the {% data variables.product.prodname_advisory_database %} data strives to be compatible with. +* **Vulnerable Version Range (VVR):** the range of versions that are vulnerable to a particular software bug. +* **Operator:** any symbol that indicates the boundary of a vulnerable version range. +* **Open Source Vulnerability format (OSV):** format that the {% data variables.product.prodname_advisory_database %} data strives to be compatible with. ### Version syntax diff --git a/content/code-security/security-overview/viewing-security-insights.md b/content/code-security/security-overview/viewing-security-insights.md index 26e0f8035658..7c1280cd5e7d 100644 --- a/content/code-security/security-overview/viewing-security-insights.md +++ b/content/code-security/security-overview/viewing-security-insights.md @@ -34,9 +34,9 @@ You can view a variety of metrics about the security alerts in your organization {% ifversion security-overview-3-tab-dashboard %} The dashboard is divided into three tabs, each focused around a different security goal: -* **Detection**: this tab shows metrics about the status and age of alerts in your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}, the secrets that have been blocked or bypassed, and the top repositories and vulnerabilities that pose the highest potential security risk. -* **Remediation**: this tab shows metrics about how alerts are resolved and alert activity over time. -* **Prevention**: this tab shows metrics about how vulnerabilities have been prevented and fixed. +* **Detection:** this tab shows metrics about the status and age of alerts in your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}, the secrets that have been blocked or bypassed, and the top repositories and vulnerabilities that pose the highest potential security risk. +* **Remediation:** this tab shows metrics about how alerts are resolved and alert activity over time. +* **Prevention:** this tab shows metrics about how vulnerabilities have been prevented and fixed. >[!NOTE] > Unlike the **Detection** and **Remediation** tabs which report alerts on the default branch, the **Prevention** tab gives you insights for {% data variables.product.prodname_codeql %} alerts found in merged pull requests. diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md index a8ce6db98c20..e81bd205a4b3 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -139,31 +139,31 @@ For more information about {% data variables.product.prodname_dependabot_updates {% ifversion fpt or ghec %} Public repositories: -* **Dependency graph**: Enabled by default and cannot be disabled. -* **Dependency review**: Enabled by default and cannot be disabled. -* **{% data variables.product.prodname_dependabot_alerts %}**: Not enabled by default. {% data variables.product.prodname_dotcom %} detects insecure dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. +* **Dependency graph:** Enabled by default and cannot be disabled. +* **Dependency review:** Enabled by default and cannot be disabled. +* **{% data variables.product.prodname_dependabot_alerts %}:** Not enabled by default. {% data variables.product.prodname_dotcom %} detects insecure dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account)" or "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." Private repositories: -* **Dependency graph**: Not enabled by default. The feature can be enabled by repository administrators. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +* **Dependency graph:** Not enabled by default. The feature can be enabled by repository administrators. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." {% ifversion fpt %} -* **Dependency review**: Available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +* **Dependency review:** Available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). {% elsif ghec %} -* **Dependency review**: Available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)" and "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +* **Dependency review:** Available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)" and "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." {% endif %} -* **{% data variables.product.prodname_dependabot_alerts %}**: Not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. +* **{% data variables.product.prodname_dependabot_alerts %}:** Not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account)" or "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." Any repository type: -* **{% data variables.product.prodname_dependabot_security_updates %}**: Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." -* **{% data variables.product.prodname_dependabot_version_updates %}**: Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." +* **{% data variables.product.prodname_dependabot_security_updates %}:** Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." +* **{% data variables.product.prodname_dependabot_version_updates %}:** Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." {% endif %} {% ifversion ghes %} -* **Dependency graph** and **{% data variables.product.prodname_dependabot_alerts %}**: Not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." -* **Dependency review**: Available when dependency graph is enabled for your instance and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)." +* **Dependency graph and {% data variables.product.prodname_dependabot_alerts %}:** Not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." +* **Dependency review:** Available when dependency graph is enabled for your instance and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)." {% endif %} {% ifversion ghes %} -* **{% data variables.product.prodname_dependabot_security_updates %}**: Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." -* **{% data variables.product.prodname_dependabot_version_updates %}**: Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." +* **{% data variables.product.prodname_dependabot_security_updates %}:** Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." +* **{% data variables.product.prodname_dependabot_version_updates %}:** Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." {% endif %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md index 951aadd6ca7d..73b98cc49411 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -28,7 +28,7 @@ The dependency graph doesn't automatically include "loose" dependencies. "Loose" However, you can use the {% data variables.dependency-submission-api.name %} to add dependencies to a project's dependency graph, even if the dependencies are not declared in a manifest or lock file, such as dependencies resolved when a project is built. {% data reusables.dependency-graph.dependency-submission-API-short %} For more information on the {% data variables.dependency-submission-api.name %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api)." -**Check**: Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? +**Check:** Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? ## Does the dependency graph detect dependencies specified using variables? @@ -36,7 +36,7 @@ The dependency graph analyzes manifests as they’re pushed to {% data variables However, you can use the {% data variables.dependency-submission-api.name %} to add dependencies to a project's dependency graph, even if the dependencies are only resolved when a project is built. For more information on the {% data variables.dependency-submission-api.name %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api)." -**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? +**Check:** Is the missing dependency declared in the manifest by using a variable for its name or version? ## Are there limits which affect the dependency graph data? diff --git a/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md b/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md index 189f12aca9a5..48264e23314e 100644 --- a/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md +++ b/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md @@ -79,8 +79,8 @@ If you change from **user ownership** to **organization ownership**, existing co {% data reusables.organizations.click-codespaces %} {% data reusables.organizations.click-general %} 1. On the {% data variables.product.prodname_codespaces %} settings page, under "Codespace ownership," select the setting you want for your organization: - * **Organization ownership**: Codespaces can be owned and paid for by your organization. - * **User ownership**: Codespaces are always owned and paid for by the user who creates the codespace. + * **Organization ownership:** Codespaces can be owned and paid for by your organization. + * **User ownership:** Codespaces are always owned and paid for by the user who creates the codespace. 1. Optionally, under "Codespaces access," review the members and collaborators for whom you have enabled {% data variables.product.prodname_codespaces %}. These are the only users who can create codespaces that your organization pays for. See "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization)." diff --git a/content/codespaces/reference/security-in-github-codespaces.md b/content/codespaces/reference/security-in-github-codespaces.md index 56915d838138..d8c9bec7f8c4 100644 --- a/content/codespaces/reference/security-in-github-codespaces.md +++ b/content/codespaces/reference/security-in-github-codespaces.md @@ -42,9 +42,9 @@ Every time a codespace is created or restarted, it's assigned a new {% data vari The token's scope will vary depending on the access you have to the repository where the codespace was created: -* **If you have write access to the repository**: The token will be scoped for read/write access to the repository. -* **If you only have read access to the repository**: The token will only allow the code to be cloned from the source repository. If you make a commit in the codespace, or push a new branch, {% data variables.product.prodname_github_codespaces %} automatically creates a fork of the repository, or links the codespace to an existing fork if you already have one for the upstream repository. The token is updated to have read and write access to the fork. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/using-source-control-in-your-codespace#about-automatic-forking)." -* **If you've authorized your codespace to access other repositories**: The token will be scoped for read or read/write access to the source repository and to any other repositories to which you've authorized access. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces#authorizing-requested-permissions)." +* **If you have write access to the repository:** The token will be scoped for read/write access to the repository. +* **If you only have read access to the repository:** The token will only allow the code to be cloned from the source repository. If you make a commit in the codespace, or push a new branch, {% data variables.product.prodname_github_codespaces %} automatically creates a fork of the repository, or links the codespace to an existing fork if you already have one for the upstream repository. The token is updated to have read and write access to the fork. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/using-source-control-in-your-codespace#about-automatic-forking)." +* **If you've authorized your codespace to access other repositories:** The token will be scoped for read or read/write access to the source repository and to any other repositories to which you've authorized access. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces#authorizing-requested-permissions)." ### Codespace connections @@ -58,11 +58,11 @@ If you need to connect to a service (such as a development web server) running w Organization owners can restrict the ability to make forward ports available publicly or within the organization. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)." -**Privately forwarded ports**: Are accessible on the internet, but only the codespace creator can access them, after authenticating to {% data variables.product.product_name %}. +**Privately forwarded ports:** Are accessible on the internet, but only the codespace creator can access them, after authenticating to {% data variables.product.product_name %}. -**Publicly forwarded ports within your organization**: Are accessible on the internet, but only to members of the same organization as the codespace, after authenticating to {% data variables.product.product_name %}. +**Publicly forwarded ports within your organization:** Are accessible on the internet, but only to members of the same organization as the codespace, after authenticating to {% data variables.product.product_name %}. -**Publicly forwarded ports**: Are accessible on the internet, and anyone on the internet can access them. No authentication is needed to access public forwarded ports. +**Publicly forwarded ports:** Are accessible on the internet, and anyone on the internet can access them. No authentication is needed to access public forwarded ports. All forwarded ports are private by default, which means that you will need to authenticate before you can access the port. Access to a codespace's private forwarded ports is controlled by authentication cookies with a 3-hour expiry period. When the cookie expires, you will need to reauthenticate. diff --git a/content/contributing/collaborating-on-github-docs/self-review-checklist.md b/content/contributing/collaborating-on-github-docs/self-review-checklist.md index 1704462f4012..595daf78a906 100644 --- a/content/contributing/collaborating-on-github-docs/self-review-checklist.md +++ b/content/contributing/collaborating-on-github-docs/self-review-checklist.md @@ -9,7 +9,6 @@ Before you submit your changes to the {% data variables.product.prodname_docs %} * Changes meet the **content goals and user needs** in the content design plan, if one has been created. * Content has been **confirmed for accuracy** by a subject matter expert (SME) in the technical area. -* Content follows **quality guidelines** in "[AUTOTITLE](/contributing/writing-for-github-docs/best-practices-for-github-docs)" and "[AUTOTITLE](/contributing/writing-for-github-docs/writing-content-to-be-translated)." -* Content is **free of errors** such as typos and adheres to the "[AUTOTITLE](/contributing/style-guide-and-content-model/style-guide)." +* Content satisfies {% data variables.product.github %}'s **documentation fundamentals** that are required for all content. For more information, see "[AUTOTITLE](/contributing/writing-for-github-docs/about-githubs-documentation-fundamentals)." * The article **renders properly on staging** for each version of the article (Free Pro Team, GHEC, GHES). * All **pull request checks** are passing. diff --git a/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md b/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md index 33f5591063d0..fb61f7f58a0c 100644 --- a/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md +++ b/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md @@ -95,13 +95,13 @@ During development, you can visit any page on `http://localhost:4000` and add `? If your text or code example includes content between curly brackets (`{` and `}`), you need to wrap it between {% raw %} and {% raw %} tags to disable Liquid processing for that section. For example: -* **Use**: +* **Use:** 
   GITHUB_TOKEN: {% raw %}${% raw %}{{ secrets.GITHUB_TOKEN }}{% endraw %}{% endraw %}
-* **Avoid**: +* **Avoid:** 
   GITHUB_TOKEN: ${% raw %}${{ secrets.GITHUB_TOKEN }}${% endraw %}
diff --git a/content/contributing/style-guide-and-content-model/style-guide.md b/content/contributing/style-guide-and-content-model/style-guide.md
index b70c30597319..e09ad94fb15c 100644
--- a/content/contributing/style-guide-and-content-model/style-guide.md
+++ b/content/contributing/style-guide-and-content-model/style-guide.md
@@ -29,10 +29,10 @@ We document each of the events that may appear in the audit logs for each type o
 
 When writing the description for an audit log event, describe the event that took place in a way that applies to all versions, using past tense and passive voice. Do not begin the sentence with phrases that are already implied by the context of the article, such as "Triggered by."
 
-* **Use**: The visibility of a repository was changed.
-* **Use**: Secret scanning was enabled for all new repositories.
-* **Avoid**: An organization owner disabled a two-factor authentication requirement for the organization.
-* **Avoid**: Triggered when a user updates which repositories a codespace can access.
+* **Use:** The visibility of a repository was changed.
+* **Use:** Secret scanning was enabled for all new repositories.
+* **Avoid:** An organization owner disabled a two-factor authentication requirement for the organization.
+* **Avoid:** Triggered when a user updates which repositories a codespace can access.
 
 ## Alerts
 
@@ -175,13 +175,13 @@ Within code blocks:
     ```
 
 * If your code example includes `{` or `}` that should render, wrap that section in {% raw %} {% endraw %} to disable Liquid processing for that section.
-  * **Use**:
+  * **Use:**
 
     
     GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
     

 
-  * **Avoid**:
+  * **Avoid:**
 
     
     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -1031,9 +1031,9 @@ A release note for a security fix answers the following questions.
 
 #### Examples of release notes for security fixes
 
-* > **MEDIUM**: An attacker could cause unbounded resource exhaustion on the instance by making parallel requests to the Markdown REST API. To mitigate this issue, {% data variables.product.company_short %} has updated [CommonMarker](https://github.com/gjtorikian/commonmarker). {% data variables.product.company_short %} has requested CVE ID [CVE-2022-39209](https://nvd.nist.gov/vuln/detail/CVE-2022-39209) for this vulnerability.
+* > **MEDIUM:** An attacker could cause unbounded resource exhaustion on the instance by making parallel requests to the Markdown REST API. To mitigate this issue, {% data variables.product.company_short %} has updated [CommonMarker](https://github.com/gjtorikian/commonmarker). {% data variables.product.company_short %} has requested CVE ID [CVE-2022-39209](https://nvd.nist.gov/vuln/detail/CVE-2022-39209) for this vulnerability.
 
-* > **MEDIUM**: An attacker could embed dangerous links in the instance's web UI because pull request preview links did not properly sanitize URLs. This vulnerability was reported via the [{% data variables.product.company_short %} Bug Bounty program](https://bounty.github.com).
+* > **MEDIUM:** An attacker could embed dangerous links in the instance's web UI because pull request preview links did not properly sanitize URLs. This vulnerability was reported via the [{% data variables.product.company_short %} Bug Bounty program](https://bounty.github.com).
 
 #### Base image and package updates
 
@@ -1147,7 +1147,7 @@ A release note for a deprecation answers the following questions.
 
 #### Examples of release notes for deprecations
 
-* > **Upcoming deprecation**: In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
+* > **Upcoming deprecation:** In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
 
 * > Commit comments, which are comments that users add directly to a commit outside of a pull request, no longer appear in the pull request timeline. Users could not reply to or resolve these comments. The Timeline events REST API and the GraphQL API's `PullRequest` object also no longer return commit comments.
 
@@ -1175,7 +1175,7 @@ A release note for a feature that is closing down answers the following question
 
 #### Examples of release notes for features that are closing down
 
-* > **Closing down**: In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
+* > **Closing down:** In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
 
 * > Commit comments, which are comments that users add directly to a commit outside of a pull request, no longer appear in the pull request timeline. Users could not reply to or resolve these comments. The Timeline events REST API and the GraphQL API's `PullRequest` object also no longer return commit comments.
 
@@ -1201,7 +1201,7 @@ A release note for a retired feature answers the following questions.
 
 #### Examples of release notes for retired features
 
-* > **Retired**: {% data variables.product.github %} no longer supports required workflows for {% data variables.product.prodname_actions %} in {% data variables.product.prodname_ghe_server %} 3.11 and later. Use repository rulesets instead. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-workflows-to-pass-before-merging)."
+* > **Retired:** {% data variables.product.github %} no longer supports required workflows for {% data variables.product.prodname_actions %} in {% data variables.product.prodname_ghe_server %} 3.11 and later. Use repository rulesets instead. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-workflows-to-pass-before-merging)."
 
 {% endif %}
 
diff --git a/content/contributing/writing-for-github-docs/about-githubs-documentation-fundamentals.md b/content/contributing/writing-for-github-docs/about-githubs-documentation-fundamentals.md
new file mode 100644
index 000000000000..7aa2bd7d4dcb
--- /dev/null
+++ b/content/contributing/writing-for-github-docs/about-githubs-documentation-fundamentals.md
@@ -0,0 +1,33 @@
+---
+title: About GitHub's documentation fundamentals
+shortTitle: Documentation fundamentals
+intro: 'All content published on {% data variables.product.prodname_docs %} must meet these fundamental requirements.'
+versions:
+  feature: 'contributing'
+---
+
+## About {% data variables.product.github %}'s documentation fundamentals
+
+These fundamentals are required for {% data variables.product.github %} documentation. Use the lists below to help ensure your contributions are accurate, accessible and inclusive, and consistent.
+
+## Accurate
+
+Documentation is correct and accurate.
+
+* Ensure that the content is free from factual errors.
+* Ensure that the content is free from spelling and formatting errors.
+
+## Accessible and inclusive
+
+Documentation is up to date with the latest accessibility standards, and is written to be inclusive and translation-friendly.
+
+* Ensure content adheres to the accessibility and screenshot guidelines. For more information, see "[AUTOTITLE](/contributing/writing-for-github-docs/creating-screenshots)."
+* Ensure content can be successfully translated. For more information, see "[AUTOTITLE](/contributing/writing-for-github-docs/writing-content-to-be-translated)."
+
+## Consistent
+
+Documentation maintains a consistent voice, tone, and style throughout, creating a cohesive experience for readers.
+
+* Ensure content adheres to the {% data variables.product.prodname_docs %} style guide. For more information, see "[AUTOTITLE](/contributing/style-guide-and-content-model/style-guide)."
+* Apply consistent terminology and naming conventions.
+* Use branding elements (for example, product and feature names, logos, color schemes) consistently in the content.
diff --git a/content/contributing/writing-for-github-docs/best-practices-for-github-docs.md b/content/contributing/writing-for-github-docs/best-practices-for-github-docs.md
index 32692ed5ee9a..2435f3a5da9a 100644
--- a/content/contributing/writing-for-github-docs/best-practices-for-github-docs.md
+++ b/content/contributing/writing-for-github-docs/best-practices-for-github-docs.md
@@ -10,9 +10,10 @@ versions:
 
 At {% data variables.product.prodname_dotcom %}, we strive to create documentation that is accurate, valuable, inclusive, accessible, and easy to use.
 
-Before contributing to {% data variables.product.prodname_docs %}, please take a moment to familiarize yourself with {% data variables.product.prodname_dotcom %}'s documentation philosophy and content design principles:
+Before contributing to {% data variables.product.prodname_docs %}, please take a moment to familiarize yourself with {% data variables.product.prodname_dotcom %}'s documentation philosophy, fundamentals, and content design principles:
 
 * [AUTOTITLE](/contributing/writing-for-github-docs/about-githubs-documentation-philosophy)
+* [AUTOTITLE](/contributing/writing-for-github-docs/about-githubs-documentation-fundamentals)
 * [AUTOTITLE](/contributing/writing-for-github-docs/content-design-principles)
 
 ## Best practices for writing {% data variables.product.prodname_dotcom %} documentation
diff --git a/content/contributing/writing-for-github-docs/index.md b/content/contributing/writing-for-github-docs/index.md
index e2c648ea2eed..235a8f8cc97f 100644
--- a/content/contributing/writing-for-github-docs/index.md
+++ b/content/contributing/writing-for-github-docs/index.md
@@ -7,6 +7,7 @@ versions:
 children:
   - /best-practices-for-github-docs
   - /about-githubs-documentation-philosophy
+  - /about-githubs-documentation-fundamentals
   - /content-design-principles
   - /writing-content-to-be-translated
   - /making-content-findable-in-search
diff --git a/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md b/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md
index 94167af8ad49..e0fcea95b887 100644
--- a/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md
+++ b/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md
@@ -45,24 +45,24 @@ Videos are broadly grouped into three categories: product overviews, feature vid
 
 ### Product overviews
 
-* **Purpose**: Briefly explain what the product is, showcase the main functionality, and get people interested
-* **Length**: Less than a minute
-* **Possible audiences**: People who want to know if a feature is useful for their goals, people who are new to {% data variables.product.company_short %} and trying to understand what the products do
-* **Possible locations in the docs**: Landing pages and guides
+* **Purpose:** Briefly explain what the product is, showcase the main functionality, and get people interested
+* **Length:** Less than a minute
+* **Possible audiences:** People who want to know if a feature is useful for their goals, people who are new to {% data variables.product.company_short %} and trying to understand what the products do
+* **Possible locations in the docs:** Landing pages and guides
 
 ### Feature videos
 
-* **Purpose**: Supplement conceptual or procedural content
-* **Length**: As short as possible, without exceeding five minutes. Break longer content into multiple shorter, focused videos
-* **Possible audiences**: People who are learning about or how to use a feature
-* **Possible locations in the docs**: Guides, conceptual articles, procedural articles
+* **Purpose:** Supplement conceptual or procedural content
+* **Length:** As short as possible, without exceeding five minutes. Break longer content into multiple shorter, focused videos
+* **Possible audiences:** People who are learning about or how to use a feature
+* **Possible locations in the docs:** Guides, conceptual articles, procedural articles
 
 ### Tutorials
 
-* **Purpose**: Help novice users get going with a product, drive adoption, or explain complex functionalities
-* **Length**: Individual videos should be five minutes or less. Complex topics can have a series of shorter videos spread across an article. Total length should be a maximum of 15 minutes
-* **Possible audiences**: New users of features or products
-* **Possible locations**: Guides
+* **Purpose:** Help novice users get going with a product, drive adoption, or explain complex functionalities
+* **Length:** Individual videos should be five minutes or less. Complex topics can have a series of shorter videos spread across an article. Total length should be a maximum of 15 minutes
+* **Possible audiences:** New users of features or products
+* **Possible locations:** Guides
 
 ## When to use videos
 
diff --git a/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md b/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md
index cbc46622b2ad..eca5460c8121 100644
--- a/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md
+++ b/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md
@@ -15,10 +15,10 @@ type: overview
 
 {% data variables.product.prodname_copilot_extensions_short %} are integrations that expand the functionality of {% data variables.product.prodname_copilot_chat_short %}, allowing developers to bring external tools, services, and custom behaviors into the Chat experience. You can use {% data variables.product.prodname_copilot_extensions_short %} to extend the capabilities of {% data variables.product.prodname_copilot_chat_short %} in a variety of ways, including:
 
-* **Querying documentation**: A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party documentation service to find information about a specific topic.
-* **AI-assisted coding**: A {% data variables.product.prodname_copilot_extension_short %} can use a third-party AI model to provide code suggestions.
-* **Data retrieval**: A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party data service to retrieve information about a specific topic.
-* **Action execution**: A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to execute a specific action, such as posting to a message board or updating a tracking item in an external system.
+* **Querying documentation:** A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party documentation service to find information about a specific topic.
+* **AI-assisted coding:** A {% data variables.product.prodname_copilot_extension_short %} can use a third-party AI model to provide code suggestions.
+* **Data retrieval:** A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party data service to retrieve information about a specific topic.
+* **Action execution:** A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to execute a specific action, such as posting to a message board or updating a tracking item in an external system.
 
 ## About building {% data variables.product.prodname_copilot_extensions %}
 
@@ -57,13 +57,13 @@ For more information about skillsets, see "[AUTOTITLE](/copilot/building-copilot
 
 Before creating your own {% data variables.product.prodname_copilot_extension %} from scratch, you may want to explore an existing {% data variables.product.prodname_copilot_agent_short %}, then integrate it with a {% data variables.product.prodname_github_app %} to see how it works. {% data variables.product.company_short %} provides a few example {% data variables.product.prodname_copilot_agents_short %} that you can clone and use as the basis for your own {% data variables.product.prodname_copilot_extension %}:
 
-* **Blackbeard**: A simple {% data variables.product.prodname_copilot_agent_short %} that responds to requests like a pirate, using {% data variables.product.prodname_copilot_short %}'s LLM API and special system prompts. It is a good starting point for learning how to build a {% data variables.product.prodname_copilot_extension %}. For more information, see the [Blackbeard {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/blackbeard-extension).
-* **{% data variables.product.prodname_github_models %}**: A more complex {% data variables.product.prodname_copilot_agent_short %} that lets you ask about and interact with various LLMs listed on the {% data variables.product.prodname_marketplace %} from within {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [{% data variables.product.prodname_github_models %} {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/github-models-extension).
+* **Blackbeard:** A simple {% data variables.product.prodname_copilot_agent_short %} that responds to requests like a pirate, using {% data variables.product.prodname_copilot_short %}'s LLM API and special system prompts. It is a good starting point for learning how to build a {% data variables.product.prodname_copilot_extension %}. For more information, see the [Blackbeard {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/blackbeard-extension).
+* **{% data variables.product.prodname_github_models %}:** A more complex {% data variables.product.prodname_copilot_agent_short %} that lets you ask about and interact with various LLMs listed on the {% data variables.product.prodname_marketplace %} from within {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [{% data variables.product.prodname_github_models %} {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/github-models-extension).
 
     > [!NOTE] {% data variables.product.prodname_github_models %} are in {% data variables.release-phases.public_preview %} and subject to change. To request access, join the [waitlist](https://github.com/marketplace/models/waitlist).
-* **Function calling**: an example agent written in Go that demonstrates function calling and confirmation dialogues. For more information, see the [Function calling extension](https://github.com/copilot-extensions/function-calling-extension).
-* **RAG extension**: an example agent written in Go that demonstrates a simple implementation of retrieval augmented generation. For more information, see the [RAG extension](https://github.com/copilot-extensions/rag-extension).
-* **Preview SDK**: An SDK that simplifies the process of building {% data variables.product.prodname_copilot_extensions %} by handling request verification, response formatting, and API interactions. It allows builders to focus on their extension's core functionality rather than boilerplate, by streamlining the integration of tools, APIs, and data sources into {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [Preview SDK](https://github.com/copilot-extensions/preview-sdk.js).
+* **Function calling:** an example agent written in Go that demonstrates function calling and confirmation dialogues. For more information, see the [Function calling extension](https://github.com/copilot-extensions/function-calling-extension).
+* **RAG extension:** an example agent written in Go that demonstrates a simple implementation of retrieval augmented generation. For more information, see the [RAG extension](https://github.com/copilot-extensions/rag-extension).
+* **Preview SDK:** An SDK that simplifies the process of building {% data variables.product.prodname_copilot_extensions %} by handling request verification, response formatting, and API interactions. It allows builders to focus on their extension's core functionality rather than boilerplate, by streamlining the integration of tools, APIs, and data sources into {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [Preview SDK](https://github.com/copilot-extensions/preview-sdk.js).
 
 ## About building {% data variables.product.prodname_copilot_extensions_vsc %}
 
diff --git a/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md b/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md
index 80b9a72b2bac..34e105ea4e11 100644
--- a/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md
+++ b/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md
@@ -19,8 +19,8 @@ type: how_to
 
 Before you begin, make sure you have the following:
 
-1. **A configured {% data variables.product.prodname_github_app %}**: You’ll need a {% data variables.product.prodname_github_app %} to act as the container for your skillset. If you haven’t already set one up, refer to "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/creating-a-github-app-for-your-copilot-extension)" and "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-github-app-for-your-copilot-extension)".
-1. **API endpoints**: You need one endpoint per skill. Each endpoint must:
+1. **A configured {% data variables.product.prodname_github_app %}:** You’ll need a {% data variables.product.prodname_github_app %} to act as the container for your skillset. If you haven’t already set one up, refer to "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/creating-a-github-app-for-your-copilot-extension)" and "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-github-app-for-your-copilot-extension)".
+1. **API endpoints:** You need one endpoint per skill. Each endpoint must:
     * Accept POST requests with the `application/json` MIME type
     * Be able to verify the signature of requests from {% data variables.product.github %} to authenticate their origin and prevent unauthorized access
     * Be publicly accessible via HTTPS
@@ -30,10 +30,10 @@ For more information about signature verification, see "[Verifying that payloads
 ## Configuration requirements
 
 Each skillset is defined within a {% data variables.product.prodname_github_app %}. A single{% data variables.product.prodname_github_app %} can contain up to five skills. Each individual skill needs:
-* **Name**: A clear and descriptive name (for example, "Get Issues").
-* **Inference description**: A detailed explanation of what the skill does and when to use it (for example, "Searches for external issues matching specific criteria like status and labels").
-* **API endpoint**: A POST endpoint that accepts JSON requests.
-* **JSON schema**: The structure of data your endpoint expects.
+* **Name:** A clear and descriptive name (for example, "Get Issues").
+* **Inference description:** A detailed explanation of what the skill does and when to use it (for example, "Searches for external issues matching specific criteria like status and labels").
+* **API endpoint:** A POST endpoint that accepts JSON requests.
+* **JSON schema:** The structure of data your endpoint expects.
 
 ### Example JSON schema
 
diff --git a/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md b/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md
index afc0ede58557..7db995f7936f 100644
--- a/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md
+++ b/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md
@@ -13,8 +13,8 @@ type: how_to
 
 When you build a {% data variables.product.prodname_copilot_extension_short %}, you have two options for the visibility of your {% data variables.product.prodname_github_app %}:
 
-* **Public**: Any user or organization account with the link to your app's installation page can install it. Making your app public automatically creates a public installation page, but does not list the app on the {% data variables.product.prodname_marketplace %}.
-* **Private**: Only the user or organization account that created the app can install it.
+* **Public:** Any user or organization account with the link to your app's installation page can install it. Making your app public automatically creates a public installation page, but does not list the app on the {% data variables.product.prodname_marketplace %}.
+* **Private:** Only the user or organization account that created the app can install it.
 
 If you make your app public, you can choose to publish it on the {% data variables.product.prodname_marketplace %}.
 
@@ -25,8 +25,8 @@ If you make your app public, you can choose to publish it on the {% data variabl
 1. At the bottom of the sidebar, select **{% octicon "code" aria-hidden="true" %} Developer settings**, then click **{% data variables.product.prodname_github_apps %}**.
 1. In the "{% data variables.product.prodname_github_apps %}" section, next to the name of your {% data variables.product.prodname_copilot_extension_short %}, click **Edit**.
 1. In the sidebar, click **Advanced**. At the bottom of the "Danger Zone" section, you will see one of two options:
-   * **Make public**: If you see the **Make public** option, your {% data variables.product.prodname_github_app %} is currently private, and can only be installed by the organization or user that created the app. You can click **Make public** to allow any other account with the link to your app's installation page to install your {% data variables.product.prodname_copilot_extension_short %}, or leave your settings as they are to keep your app private.
-   * **Make private**: If you see the **Make private** option, your {% data variables.product.prodname_github_app %} is currently public, and can be installed by any account with the link to your app's installation page. You can click **Make private** to only allow the organization or user that created the app to install it, or leave your settings as they are to keep your app public.
+   * **Make public:** If you see the **Make public** option, your {% data variables.product.prodname_github_app %} is currently private, and can only be installed by the organization or user that created the app. You can click **Make public** to allow any other account with the link to your app's installation page to install your {% data variables.product.prodname_copilot_extension_short %}, or leave your settings as they are to keep your app private.
+   * **Make private:** If you see the **Make private** option, your {% data variables.product.prodname_github_app %} is currently public, and can be installed by any account with the link to your app's installation page. You can click **Make private** to only allow the organization or user that created the app to install it, or leave your settings as they are to keep your app public.
 1. Optionally, if your {% data variables.product.prodname_github_app %} is public, you can share the link to the installation page for your {% data variables.product.prodname_copilot_extension_short %}. In the sidebar, click **Public page** in the sidebar, then copy the link for your listing.
 
 ## Listing your {% data variables.product.prodname_copilot_extension_short %} on the {% data variables.product.prodname_marketplace %}
diff --git a/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md b/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md
index bac3cb166ba2..882c65254cc8 100644
--- a/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md
+++ b/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md
@@ -56,8 +56,8 @@ To create a {% data variables.product.prodname_copilot_extension_short %}, you n
 ## 6. Choose the availability of your {% data variables.product.prodname_copilot_extension_short %}
 
 Choose one of two visibility levels for your {% data variables.product.prodname_copilot_extension_short %}:
-* **Public**: Any user or organization account with the installation page link for the extension can install it.
-* **Private**: Only the user or organization account that created the extension can install it.
+* **Public:** Any user or organization account with the installation page link for the extension can install it.
+* **Private:** Only the user or organization account that created the extension can install it.
 
 If you make your {% data variables.product.prodname_copilot_extension_short %} public, you can then choose to list it on the {% data variables.product.prodname_marketplace %}.
 
@@ -94,8 +94,8 @@ To create a {% data variables.product.prodname_copilot_extension_short %}, you n
 ## 5. Choose the availability of your {% data variables.product.prodname_copilot_skillset_short %}
 
 Choose one of two visibility levels for your {% data variables.product.prodname_copilot_extension_short %}:
-* **Public**: Any user or organization account with the installation page link for the extension can install it.
-* **Private**: Only the user or organization account that created the extension can install it.
+* **Public:** Any user or organization account with the installation page link for the extension can install it.
+* **Private:** Only the user or organization account that created the extension can install it.
 
 If you make your {% data variables.product.prodname_copilot_extension_short %} public, you can then choose to list it on the {% data variables.product.prodname_marketplace %}.
 
diff --git a/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md b/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md
index 26b1bafd4e4a..3c12355fcd45 100644
--- a/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md
+++ b/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md
@@ -135,33 +135,33 @@ When you create a custom model, you can choose to allow {% data variables.produc
 
 ### What telemetry data is collected?
 
-* **Prompts**: This includes all the information sent to the {% data variables.product.prodname_copilot %} language model by the {% data variables.product.prodname_copilot_short %} extension, including context from your open files.
-* **Suggestions**: The code completion suggestions that {% data variables.product.prodname_copilot_short %} generates.
-* **Code snippet**: A snapshot of the code 30 seconds after a suggestion is accepted, capturing how the suggestion was integrated into the codebase. This helps determine whether the suggestion was accepted as is or modified by the user before final integration.
+* **Prompts:** This includes all the information sent to the {% data variables.product.prodname_copilot %} language model by the {% data variables.product.prodname_copilot_short %} extension, including context from your open files.
+* **Suggestions:** The code completion suggestions that {% data variables.product.prodname_copilot_short %} generates.
+* **Code snippet:** A snapshot of the code 30 seconds after a suggestion is accepted, capturing how the suggestion was integrated into the codebase. This helps determine whether the suggestion was accepted as is or modified by the user before final integration.
 
 ### How is telemetry data used?
 
 Telemetry data is primarily used to fine-tune the {% data variables.product.prodname_copilot_short %} custom model to better understand and predict your organization’s coding patterns. Specifically, it helps:
 
-* **Enhance model accuracy**: By analyzing the collected telemetry, {% data variables.product.prodname_copilot_short %} refines your custom model to increase the relevance and accuracy of future coding suggestions.
-* **Monitor performance**: Telemetry data allows {% data variables.product.company_short %} to monitor how well custom models are performing compared to the base model, enabling ongoing improvements.
-* **Feedback loops**: The data helps {% data variables.product.company_short %} create feedback loops where the model learns from real-world usage, adapting to your specific coding environment over time.
+* **Enhance model accuracy:** By analyzing the collected telemetry, {% data variables.product.prodname_copilot_short %} refines your custom model to increase the relevance and accuracy of future coding suggestions.
+* **Monitor performance:** Telemetry data allows {% data variables.product.company_short %} to monitor how well custom models are performing compared to the base model, enabling ongoing improvements.
+* **Feedback loops:** The data helps {% data variables.product.company_short %} create feedback loops where the model learns from real-world usage, adapting to your specific coding environment over time.
 
 ### Data storage and retention
 
-* **Data storage**: All telemetry data collected is stored in the {% data variables.product.prodname_copilot_short %} Data Store, a secure and restricted environment. The data is encrypted and isolated to prevent unauthorized access.
-* **Retention period**: Telemetry data is retained for a rolling 28-day period. After this period, the data is automatically deleted from {% data variables.product.company_short %}'s systems, ensuring that only recent and relevant data is used for model training and improvement.
+* **Data storage:** All telemetry data collected is stored in the {% data variables.product.prodname_copilot_short %} Data Store, a secure and restricted environment. The data is encrypted and isolated to prevent unauthorized access.
+* **Retention period:** Telemetry data is retained for a rolling 28-day period. After this period, the data is automatically deleted from {% data variables.product.company_short %}'s systems, ensuring that only recent and relevant data is used for model training and improvement.
 
 ### Privacy and data security
 
 {% data variables.product.company_short %} is committed to ensuring that your organization’s data remains private and secure.
 
-* **Exclusive use**: The telemetry data collected from your organization is used exclusively for training your custom model and is never shared with other organizations or used to train other customers’ models.
-* **Data leakage prevention**: {% data variables.product.company_short %} implements strict data isolation protocols to prevent cross-contamination between different organizations’ data. This means that your proprietary code and information are protected from exposure to other organizations or individuals.
+* **Exclusive use:** The telemetry data collected from your organization is used exclusively for training your custom model and is never shared with other organizations or used to train other customers’ models.
+* **Data leakage prevention:** {% data variables.product.company_short %} implements strict data isolation protocols to prevent cross-contamination between different organizations’ data. This means that your proprietary code and information are protected from exposure to other organizations or individuals.
 
 ### Important considerations
 
-* **Opt-in for telemetry**: Participation in telemetry data collection is optional and controlled via your organization’s admin policies. Telemetry data is only collected when explicitly enabled for training custom models.
-* **Potential risks**: Although {% data variables.product.company_short %} takes extensive measures to prevent data leakage, there are scenarios where sensitive data, such as internal links or names, could be included in the telemetry and subsequently used in training. We recommend reviewing and filtering the data you submit for training to minimize these risks.
+* **Opt-in for telemetry:** Participation in telemetry data collection is optional and controlled via your organization’s admin policies. Telemetry data is only collected when explicitly enabled for training custom models.
+* **Potential risks:** Although {% data variables.product.company_short %} takes extensive measures to prevent data leakage, there are scenarios where sensitive data, such as internal links or names, could be included in the telemetry and subsequently used in training. We recommend reviewing and filtering the data you submit for training to minimize these risks.
 
   For more details about our data-handling practices, see the [{% data variables.product.prodname_copilot %} Trust Center](https://resources.github.com/copilot-trust-center) or review {% data variables.product.company_short %}’s [data protection agreement](https://github.com/customer-terms/github-data-protection-agreement).
diff --git a/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md b/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md
index 1779d99d4cbd..9cf6ebbd8a4f 100644
--- a/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md
+++ b/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md
@@ -60,9 +60,9 @@ getAge("Mario");
 
 {% data variables.product.prodname_copilot_short %} suggests the following patterns:
 
-* **Singleton pattern**: to ensure that there is only one instance of the `people` object.
-* **Factory pattern**: to create a factory for creating `Person` objects.
-* **Module pattern**: to encapsulate the `people` object and related functions within a module to avoid polluting the global namespace.
+* **Singleton pattern:** to ensure that there is only one instance of the `people` object.
+* **Factory pattern:** to create a factory for creating `Person` objects.
+* **Module pattern:** to encapsulate the `people` object and related functions within a module to avoid polluting the global namespace.
 
 ## Example prompt 2
 
diff --git a/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md b/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md
index 9c0f1910da00..44beb7bc7054 100644
--- a/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md
+++ b/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md
@@ -103,9 +103,9 @@ To configure language settings in the `github-copilot.xml` file, you must edit t
 
 The file is located in the following directory:
 
-* **macOS**: `~/Library/Application Support/JetBrains//options/github-copilot.xml`
-* **Windows**: `%APPDATA%\JetBrains\\options\github-copilot.xml`
-* **Linux**: `~/.config/JetBrains//options/github-copilot.xml`
+* **macOS:** `~/Library/Application Support/JetBrains//options/github-copilot.xml`
+* **Windows:** `%APPDATA%\JetBrains\\options\github-copilot.xml`
+* **Linux:** `~/.config/JetBrains//options/github-copilot.xml`
 
 For example, if you are using IntelliJ IDEA 2021.1 on macOS, the file is located at `~/Library/Application Support/JetBrains/IdeaIC2021.1/options/github-copilot.xml`.
 
diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md
index de1efb4661f8..883a9bda8b87 100644
--- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md
+++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md
@@ -34,6 +34,6 @@ Enable {% data variables.product.prodname_copilot_short %} for some or all organ
 
 ## 5. Share onboarding material
 
-* **Share onboarding material**: Share onboarding material with each organization that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization)."
-* **Encourage adoption**: Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your enterprise. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your enterprise.
-* **Set up training sessions or workshops**: Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
+* **Share onboarding material:** Share onboarding material with each organization that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization)."
+* **Encourage adoption:** Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your enterprise. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your enterprise.
+* **Set up training sessions or workshops:** Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md
index 46aa9a042993..3524118f5034 100644
--- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md
+++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md
@@ -41,9 +41,9 @@ Alternatively, you can set up a self-serve workflow using the API. See "[Add tea
 
 ## 5. Share onboarding material
 
-* **Share onboarding material**: Share onboarding material with each member that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself)" and "[AUTOTITLE](/copilot/using-github-copilot/best-practices-for-using-github-copilot)."
-* **Encourage adoption**: Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your organization. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your organization.
-* **Set up training sessions or workshops**: Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
+* **Share onboarding material:** Share onboarding material with each member that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself)" and "[AUTOTITLE](/copilot/using-github-copilot/best-practices-for-using-github-copilot)."
+* **Encourage adoption:** Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your organization. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your organization.
+* **Set up training sessions or workshops:** Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
 
 ## 6. Enhance the {% data variables.product.prodname_copilot_short %} experience
 
diff --git a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md
index 8f1deaa75991..a6a368d6a472 100644
--- a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md
+++ b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md
@@ -44,12 +44,12 @@ The following {% ifversion fpt %}limitation applies{% else %} limitations apply{
 
 To use {% data variables.product.prodname_copilot_mobile_short %} you will need the following.
 
-* **Subscription to {% data variables.product.prodname_copilot %}**: You must have an active {% data variables.product.prodname_copilot %} subscription. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot)."
+* **Subscription to {% data variables.product.prodname_copilot %}:** You must have an active {% data variables.product.prodname_copilot %} subscription. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot)."
 
    If you do not have a {% data variables.product.prodname_copilot %} subscription, you can purchase a {% data variables.product.prodname_copilot_individuals_short %} subscription directly in the iOS version of {% data variables.product.prodname_mobile %}, or in the Google Play Store for the Android version of {% data variables.product.prodname_mobile %}.
 
-* **Access to {% data variables.product.prodname_copilot_mobile_short %}**: If you are part of an organization{% ifversion ghec %} or enterprise{% endif %} with a {% data variables.product.prodname_copilot_for_business %}{% ifversion ghec %} or {% data variables.product.prodname_copilot_enterprise %}{% endif %} subscription, the organization{% ifversion ghec %} or enterprise{% endif %} owner will need to grant you access to {% data variables.product.prodname_copilot_mobile_short %}. For more information, see "[AUTOTITLE](/copilot/github-copilot-chat/copilot-chat-in-github-mobile/enabling-github-copilot-chat-for-github-mobile)."
-* **Enable {% data variables.product.prodname_copilot_short %} features for your device**: {% data variables.product.prodname_copilot_short %} needs to be enabled from within {% data variables.product.prodname_mobile %}. For more information, see "[AUTOTITLE](/copilot/using-github-copilot/getting-started-with-github-copilot#enabling-or-disabling-copilot-in-github-mobile)." If you cannot see the {% data variables.product.prodname_copilot_short %} logo in the {% data variables.product.prodname_mobile %} home page, you may need to update your app version.
+* **Access to {% data variables.product.prodname_copilot_mobile_short %}:** If you are part of an organization{% ifversion ghec %} or enterprise{% endif %} with a {% data variables.product.prodname_copilot_for_business %}{% ifversion ghec %} or {% data variables.product.prodname_copilot_enterprise %}{% endif %} subscription, the organization{% ifversion ghec %} or enterprise{% endif %} owner will need to grant you access to {% data variables.product.prodname_copilot_mobile_short %}. For more information, see "[AUTOTITLE](/copilot/github-copilot-chat/copilot-chat-in-github-mobile/enabling-github-copilot-chat-for-github-mobile)."
+* **Enable {% data variables.product.prodname_copilot_short %} features for your device:** {% data variables.product.prodname_copilot_short %} needs to be enabled from within {% data variables.product.prodname_mobile %}. For more information, see "[AUTOTITLE](/copilot/using-github-copilot/getting-started-with-github-copilot#enabling-or-disabling-copilot-in-github-mobile)." If you cannot see the {% data variables.product.prodname_copilot_short %} logo in the {% data variables.product.prodname_mobile %} home page, you may need to update your app version.
 
 ## Asking a general question about software development
 
diff --git a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md
index 376127e7b934..3bfccf8d9669 100644
--- a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md
+++ b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md
@@ -167,9 +167,9 @@ You can tell {% data variables.product.prodname_copilot_short %} to answer a que
 
 In addition to submitting prompts through the chat view, you can submit prompts in other ways:
 
-* **Inline**: To start an inline chat directly in the editor or integrated terminal, enter Command+i (Mac) / Ctrl+i (Windows/Linux).
-* **Quick chat**: To open the quick chat dropdown, enter Shift+Command+i (Mac) / Shift+Ctrl+i (Windows/Linux)
-* **Smart actions**: To submit prompts via the context menu, right click in your editor, select **Copilot** in the menu that appears, then select one of the actions. Smart actions can also be accessed via the sparkle icon that sometimes appears when you select a line of code.
+* **Inline:** To start an inline chat directly in the editor or integrated terminal, enter Command+i (Mac) / Ctrl+i (Windows/Linux).
+* **Quick chat:** To open the quick chat dropdown, enter Shift+Command+i (Mac) / Shift+Ctrl+i (Windows/Linux)
+* **Smart actions:** To submit prompts via the context menu, right click in your editor, select **Copilot** in the menu that appears, then select one of the actions. Smart actions can also be accessed via the sparkle icon that sometimes appears when you select a line of code.
 
 See [inline chat](https://code.visualstudio.com/docs/copilot/copilot-chat#_inline-chat), [quick chat](https://code.visualstudio.com/docs/copilot/copilot-chat#_quick-chat), and [chat smart actions](https://code.visualstudio.com/docs/copilot/copilot-chat#_chat-smart-actions) in the {% data variables.product.prodname_vscode %} documentation for more details.
 
diff --git a/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md b/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md
index 40ea80fbcef6..7f50d22018c6 100644
--- a/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md
+++ b/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md
@@ -12,14 +12,14 @@ shortTitle: Best practices
 
 {% data variables.product.prodname_copilot %} is an AI coding assistant that helps you write code faster and with less effort, allowing you to focus more energy on problem solving and collaboration. Before you start working with {% data variables.product.prodname_copilot_short %}, it's important to understand when you should and shouldn't use it.
 
-**Some of the things {% data variables.product.prodname_copilot_short %} does best include**:
+**Some of the things {% data variables.product.prodname_copilot_short %} does best include:**
 
 * Writing tests and repetitive code
 * Debugging and correcting syntax
 * Explaining and commenting code
 * Generating regular expressions
 
-**{% data variables.product.prodname_copilot_short %} is not designed to**:
+**{% data variables.product.prodname_copilot_short %} is not designed to:**
 
 * Respond to prompts unrelated to coding and technology
 * Replace your expertise and skills. Remember that you are in charge, and {% data variables.product.prodname_copilot_short %} is a powerful tool at your service.
@@ -28,14 +28,14 @@ shortTitle: Best practices
 
 While {% data variables.product.prodname_copilot_short %} code completions and {% data variables.product.prodname_copilot_chat_short %} share some functionality, the two tools are best used in different circumstances.
 
-**Code completions work best for**:
+**Code completions work best for:**
 
 * Completing code snippets, variable names, and functions as you write them
 * Generating repetitive code
 * Generating code from inline comments in natural language
 * Generating tests for test-driven development
 
-**Alternatively, {% data variables.product.prodname_copilot_chat_short %} is best suited for**:
+**Alternatively, {% data variables.product.prodname_copilot_chat_short %} is best suited for:**
 
 * Answering questions about code in natural language
 * Generating large sections of code, then iterating on that code to meet your needs
@@ -67,7 +67,7 @@ While {% data variables.product.prodname_copilot_short %} is very powerful, it i
 
 There are several adjustments you can make to steer {% data variables.product.prodname_copilot_short %} towards more valuable responses:
 
-* **Provide {% data variables.product.prodname_copilot_short %} with helpful context**:
+* **Provide {% data variables.product.prodname_copilot_short %} with helpful context:**
   * If you are using {% data variables.product.prodname_copilot_short %} in your IDE, open relevant files and close irrelevant files.
   * In {% data variables.product.prodname_copilot_chat_short %}, if a particular request is no longer helpful context, delete that request from the conversation. Alternatively, if none of the context of a particular conversation is helpful, start a new conversation.
   * If you are using {% data variables.product.prodname_copilot_chat_dotcom_short %}, provide specific repositories, files, symbols, and more as context. See "[AUTOTITLE](/copilot/using-github-copilot/asking-github-copilot-questions-in-githubcom)."
diff --git a/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md b/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md
index 2f5d2472fe0b..e65c796bdda6 100644
--- a/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md
+++ b/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md
@@ -24,8 +24,8 @@ redirect_from:
 
 {% data variables.copilot.copilot_code-review_short %} supports two types of review:
 
-* **Review selection**: Highlight code and ask for an initial review _({% data variables.product.prodname_vscode %} only)_
-* **Review changes**: Request a deeper review of all your changes _({% data variables.product.github %} website and {% data variables.product.prodname_vscode %})_
+* **Review selection:** Highlight code and ask for an initial review _({% data variables.product.prodname_vscode %} only)_
+* **Review changes:** Request a deeper review of all your changes _({% data variables.product.github %} website and {% data variables.product.prodname_vscode %})_
 
 The current functionality and availability of the two types of review is summarized in the following table:
 
diff --git a/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md b/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md
index 8d00328da7de..2da03d0f17f9 100644
--- a/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md
+++ b/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md
@@ -439,9 +439,9 @@ func CalculateDaysBetweenDates(
 
 If you encounter issues with code suggestions, such as conflicting or missing suggestions, you can try the following:
 
-* **Disable Xcode's native predictive text completion**: To avoid receiving two sets of code suggestions, you can disable Xcode's native predictive text completion. You can find this setting in the Xcode settings in the "Editing" tab under "Text Editing".
-* **Check for duplication detection in {% data variables.product.prodname_copilot_short %}**: If you receive limited or no suggestions from {% data variables.product.prodname_copilot_short %}, you may have duplication detection enabled. For more information on duplication detection, see "[AUTOTITLE](/copilot/configuring-github-copilot/configuring-your-personal-github-copilot-settings-on-githubcom#enabling-or-disabling-suggestions-matching-public-code)."
-* **Check for updates and restart Xcode**: Ensure you have the latest version of {% data variables.product.prodname_copilot_short %} for Xcode in the extension application and restart Xcode.
+* **Disable Xcode's native predictive text completion:** To avoid receiving two sets of code suggestions, you can disable Xcode's native predictive text completion. You can find this setting in the Xcode settings in the "Editing" tab under "Text Editing".
+* **Check for duplication detection in {% data variables.product.prodname_copilot_short %}:** If you receive limited or no suggestions from {% data variables.product.prodname_copilot_short %}, you may have duplication detection enabled. For more information on duplication detection, see "[AUTOTITLE](/copilot/configuring-github-copilot/configuring-your-personal-github-copilot-settings-on-githubcom#enabling-or-disabling-suggestions-matching-public-code)."
+* **Check for updates and restart Xcode:** Ensure you have the latest version of {% data variables.product.prodname_copilot_short %} for Xcode in the extension application and restart Xcode.
 
 You can also open an issue in the [{% data variables.product.prodname_copilot_short %} for Xcode repository](https://github.com/github/CopilotForXcode).
 
diff --git a/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md b/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md
index 04321af56fd3..d8613691f46d 100644
--- a/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md
+++ b/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md
@@ -53,7 +53,7 @@ done
 1. Open {% data variables.product.prodname_copilot_chat_short %} by clicking the chat icon in the activity bar or by using the keyboard shortcut:
 
    * **{% data variables.product.prodname_vscode_shortname %} and {% data variables.product.prodname_vs %}:** Control+Command+i (Mac) / Ctrl+Alt+i (Windows/Linux)
-   * **JetBrains**: Control+Shift+c
+   * **JetBrains:** Control+Shift+c
 
 1. In the input box at the bottom of the chat panel, type: `Can this script be improved?`
 
diff --git a/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md b/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md
index 56937d493500..3dcf0fde4917 100644
--- a/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md
+++ b/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md
@@ -59,11 +59,11 @@ You can prompt Copilot with a request to write tests that cover a range of scena
 **Prompt:** _Develop a comprehensive suite of unit tests for the BankAccount() function in Python. Write multiple test methods that cover a wide range of scenarios, including edge cases, exception handling, and data validation._
 
 This prompt does a few important things:
-* **Scope**: It explicitly asks for a comprehensive suite of unit tests, so that {% data variables.product.prodname_copilot_short %} generates more than just basic tests, covering a variety of potential use cases.
-* **Scenarios**: The prompt specifies that the tests should include:
-  * **Edge cases**: Tests for boundary conditions (e.g., negative values for deposits or withdrawals, withdrawing more than the available balance).
-  * **Exception handling**: Tests for errors that should be raised when certain invalid actions occur (e.g., withdrawing more than the available balance, depositing negative amounts).
-  * **Data validation**: Ensures that inputs are correctly validated and handled by the methods.
+* **Scope:** It explicitly asks for a comprehensive suite of unit tests, so that {% data variables.product.prodname_copilot_short %} generates more than just basic tests, covering a variety of potential use cases.
+* **Scenarios:** The prompt specifies that the tests should include:
+  * **Edge cases:** Tests for boundary conditions (e.g., negative values for deposits or withdrawals, withdrawing more than the available balance).
+  * **Exception handling:** Tests for errors that should be raised when certain invalid actions occur (e.g., withdrawing more than the available balance, depositing negative amounts).
+  * **Data validation:** Ensures that inputs are correctly validated and handled by the methods.
 
 {% data variables.product.prodname_copilot_short %} will give you a response like the following.
 
@@ -188,10 +188,10 @@ Here we'll break down our request for {% data variables.product.prodname_copilot
 **Prompt:** _"Write integration tests for the `deposit` function in the `BankAccount` class. Use mocks to simulate the `NotificationSystem` and verify that it is called correctly after a deposit."_
 
 This prompt does a few important things:
-* **Scope**: It specifies integration tests, focusing on the interaction between the `deposit` function and the `NotificationSystem`, rather than just unit tests.
-* **Mocks**: It explicitly asks for the use of mocks to simulate the `NotificationSystem`, ensuring that the interaction with external systems is tested without relying on their actual implementation.
-* **Verification**: The prompt emphasizes verifying that the `NotificationSystem` is called correctly after a deposit, ensuring that the integration between the components works as expected.
-* **Specificity**: The prompt clearly states the method (`deposit`) and the class (`BankAccount`) to be tested.
+* **Scope:** It specifies integration tests, focusing on the interaction between the `deposit` function and the `NotificationSystem`, rather than just unit tests.
+* **Mocks:** It explicitly asks for the use of mocks to simulate the `NotificationSystem`, ensuring that the interaction with external systems is tested without relying on their actual implementation.
+* **Verification:** The prompt emphasizes verifying that the `NotificationSystem` is called correctly after a deposit, ensuring that the integration between the components works as expected.
+* **Specificity:** The prompt clearly states the method (`deposit`) and the class (`BankAccount`) to be tested.
 
 > [!TIP] If {% data variables.product.prodname_copilot_short %} is producing invalid tests, provide examples of inputs and outputs for the function you want to test. This will help {% data variables.product.prodname_copilot_short %} evaluate the expected behavior of the function.
 
diff --git a/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md b/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md
index 0996a94f47a1..b30c687ee732 100644
--- a/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md
+++ b/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md
@@ -44,7 +44,7 @@ You can interact with your custom-built or installed extension in a {% data vari
 
 **If you have a {% data variables.product.prodname_copilot_individuals_short %} subscription**, you need to install a {% data variables.product.prodname_copilot_extension_short %} before you can use the extension in {% data variables.product.prodname_copilot_chat_short %}. See "[AUTOTITLE](/copilot/github-copilot-chat/github-copilot-extensions/installing-github-copilot-extensions-for-your-personal-account)."
 
-**If you have access to {% data variables.product.prodname_copilot_short %} through a {% data variables.product.prodname_copilot_business_short %} or {% data variables.product.prodname_copilot_enterprise_short %} subscription**:
+**If you have access to {% data variables.product.prodname_copilot_short %} through a {% data variables.product.prodname_copilot_business_short %} or {% data variables.product.prodname_copilot_enterprise_short %} subscription:**
   1. An organization owner or enterprise owner needs to enable the {% data variables.product.prodname_copilot_extensions_short %} policy for your organization or enterprise. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/setting-policies-for-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization#setting-a-policy-for-github-copilot-extensions-in-your-organization)" and "[AUTOTITLE](/enterprise-cloud@latest/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-policies-and-features-for-copilot-in-your-enterprise#configuring-policies-for-github-copilot)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
   1. An organization owner needs to install {% data variables.product.prodname_copilot_extensions_short %} for your organization. See "[AUTOTITLE](/copilot/github-copilot-chat/github-copilot-extensions/installing-github-copilot-extensions-for-your-organization)."
 
@@ -76,11 +76,11 @@ You can interact with your custom-built or installed extension in a {% data vari
 
 For questions and issues related to {% data variables.product.prodname_copilot_extensions %}, please use the following resources:
 
-* **General issues for users and builders**: Visit the [{% data variables.product.github %} Support Portal](https://support.github.com/).
-* **Requests or feedback for {% data variables.product.github %}**: Use the [{% data variables.product.github %} Community Discussion Thread](https://gh.io/community-feedback).
-* **Requests or feedback for third-party extension publishers**: File an issue in the [User Feedback Repo](https://github.com/copilot-extensions/user-feedback) and add a label with the extension's slug name.
-* **{% data variables.product.github %} Technology Partners**: Email the partnerships team directly for assistance.
-* **{% data variables.product.prodname_copilot_extensions_vsc %}**: For more information on this type of {% data variables.product.prodname_copilot_extension_short %}, see [Chat extensions](https://code.visualstudio.com/api/extension-guides/chat) in the {% data variables.product.prodname_vscode %} documentation.
+* **General issues for users and builders:** Visit the [{% data variables.product.github %} Support Portal](https://support.github.com/).
+* **Requests or feedback for {% data variables.product.github %}:** Use the [{% data variables.product.github %} Community Discussion Thread](https://gh.io/community-feedback).
+* **Requests or feedback for third-party extension publishers:** File an issue in the [User Feedback Repo](https://github.com/copilot-extensions/user-feedback) and add a label with the extension's slug name.
+* **{% data variables.product.github %} Technology Partners:** Email the partnerships team directly for assistance.
+* **{% data variables.product.prodname_copilot_extensions_vsc %}:** For more information on this type of {% data variables.product.prodname_copilot_extension_short %}, see [Chat extensions](https://code.visualstudio.com/api/extension-guides/chat) in the {% data variables.product.prodname_vscode %} documentation.
 
 > [!NOTE] {% data variables.product.github %} Support is not able to answer questions regarding {% data variables.product.prodname_copilot_extensions_vsc %}, as this implementation path is owned and maintained by the {% data variables.product.prodname_vscode_shortname %} team.
 
diff --git a/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md b/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md
index 483593afd7c1..1e870c13c074 100644
--- a/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md
+++ b/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md
@@ -34,8 +34,8 @@ Once you are a verified {% data variables.product.prodname_global_campus %} stud
 * Discover student-created repositories from {% data variables.product.prodname_community_exchange %}. For more information, see "[AUTOTITLE](/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-global-campus-for-students/about-github-community-exchange)."
 
 {% data variables.product.prodname_global_campus %} students also receive the following {% data variables.product.prodname_dotcom %} benefits.
-* **{% data variables.product.prodname_copilot %}**: Verified students receive a free subscription for {% data variables.product.prodname_copilot %}. See "[AUTOTITLE](/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/getting-free-access-to-copilot-as-a-student-teacher-or-maintainer)."
-* **{% data variables.product.prodname_github_codespaces %}**: {% data reusables.education.student-codespaces-benefit %} For more information on getting started with {% data variables.product.prodname_github_codespaces %}, see "[AUTOTITLE](/codespaces/overview)."
+* **{% data variables.product.prodname_copilot %}:** Verified students receive a free subscription for {% data variables.product.prodname_copilot %}. See "[AUTOTITLE](/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/getting-free-access-to-copilot-as-a-student-teacher-or-maintainer)."
+* **{% data variables.product.prodname_github_codespaces %}:** {% data reusables.education.student-codespaces-benefit %} For more information on getting started with {% data variables.product.prodname_github_codespaces %}, see "[AUTOTITLE](/codespaces/overview)."
 
 > [!NOTE]
 > {% data reusables.education.note-on-student-codespaces-usage %} For more information, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/using-github-codespaces-with-github-classroom)."
diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md
index c5e0f37bdad8..b466ae4c9ffd 100644
--- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md
+++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md
@@ -15,20 +15,20 @@ Each assignment you create on {% data variables.product.prodname_classroom %} ha
 
 For individual assignments, you can view the following information at the top of the assignment overview page:
 
-* **Rostered students**: The number of students on the classroom's roster.
-* **Added students**: The number of {% data variables.product.prodname_dotcom %} accounts that have accepted the assignment and are not associated with a roster identifier.
-* **Accepted students**: The number of accounts that have accepted this assignment.
-* **Assignment submissions**: The number of students that have submitted the assignment. Submission is triggered at the assignment deadline.
-* **Passing students**: The number of students currently passing the autograding tests for this assignment.
+* **Rostered students:** The number of students on the classroom's roster.
+* **Added students:** The number of {% data variables.product.prodname_dotcom %} accounts that have accepted the assignment and are not associated with a roster identifier.
+* **Accepted students:** The number of accounts that have accepted this assignment.
+* **Assignment submissions:** The number of students that have submitted the assignment. Submission is triggered at the assignment deadline.
+* **Passing students:** The number of students currently passing the autograding tests for this assignment.
 
 For group assignments, you can view the following information at the top of the assignment overview page:
 
-* **Total teams**: The number of teams that have been created.
-* **Rostered students**: The number of students on the classroom's roster.
-* **Students not on a team**: The number of students on the classroom roster who have not yet joined a team.
-* **Accepted teams**: The number of teams who have accepted this assignment.
-* **Assignment submissions**: The number of teams that have submitted the assignment. Submission is triggered at the assignment deadline.
-* **Passing teams**: The number of teams that are currently passing the autograding tests for this assignment.
+* **Total teams:** The number of teams that have been created.
+* **Rostered students:** The number of students on the classroom's roster.
+* **Students not on a team:** The number of students on the classroom roster who have not yet joined a team.
+* **Accepted teams:** The number of teams who have accepted this assignment.
+* **Assignment submissions:** The number of teams that have submitted the assignment. Submission is triggered at the assignment deadline.
+* **Passing teams:** The number of teams that are currently passing the autograding tests for this assignment.
 
 ## Viewing the assignment overview page for an assignment
 
diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md
index 1177bdaf7c66..18e72baa867d 100644
--- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md
+++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md
@@ -40,7 +40,7 @@ An input/output test optionally runs a setup command, then provides standard inp
 | **Run command** | The command to run the test and generate standard output for evaluation |
 | **Inputs** | Standard input for run command |
 | **Expected output** | The output that you want to see as standard output from the run command |
-| **Comparison** | The type of comparison between the run command's output and the expected output

  • **Included**: Passes when the expected output appears
    anywhere in the standard output from the run command
  • **Exact**: Passes when the expected output is completely identical
    to the standard output from the run command
  • **Regex**: Passes if the regular expression in expected
    output matches against the standard output from the run command
 |
+| **Comparison** | The type of comparison between the run command's output and the expected output

  • **Included:** Passes when the expected output appears
    anywhere in the standard output from the run command
  • **Exact:** Passes when the expected output is completely identical
    to the standard output from the run command
  • **Regex:** Passes if the regular expression in expected
    output matches against the standard output from the run command
 |
 | **Timeout** | In minutes, how long a test should run before resulting in failure |
 | **Points** | _Optional_. The number of points the test is worth toward a total score |
 
@@ -106,9 +106,9 @@ By default, autograding tests will automatically run whenever a student pushes t
 {% data reusables.classroom.assignments-click-pencil %}
 1. In the left sidebar, click **Grading and feedback**.
 1. Below your list of autograding tests, you can configure when autograding tests are run.
-    * **Every time a student submits an assignment**: This is the default behavior.
-    * **On a schedule**: You can set a time every day or every week for autograding tests to be run.
-    * **Manually**: Autograding test runs will be manually triggered by you from the assignment dashboard.
+    * **Every time a student submits an assignment:** This is the default behavior.
+    * **On a schedule:** You can set a time every day or every week for autograding tests to be run.
+    * **Manually:** Autograding test runs will be manually triggered by you from the assignment dashboard.
 
 ## Viewing and downloading results from autograding tests
 
diff --git a/content/get-started/exploring-projects-on-github/contributing-to-a-project.md b/content/get-started/exploring-projects-on-github/contributing-to-a-project.md
index a56b9cb68003..4cead07e91c2 100644
--- a/content/get-started/exploring-projects-on-github/contributing-to-a-project.md
+++ b/content/get-started/exploring-projects-on-github/contributing-to-a-project.md
@@ -18,13 +18,13 @@ redirect_from:
 
 ## About forking
 
-If you want to contribute to someone else's project but don't have write access to the repository, you can use a "fork and pull request" workflow.
+If you want to contribute to someone else's project but don’t have permission to make changes directly, you can create your own copy of the project, make updates, and then suggest those updates for inclusion in the main project. This process is often called a "fork and pull request" workflow.
 
-{% data reusables.repositories.fork-definition-long %}
+When you create your own copy (or "fork") of a project, it’s like making a new workspace that shares code with the original project. This is useful for open-source projects or anytime you don’t have write access to the original project.
 
-You can contribute by submitting pull requests from your fork to the upstream repository. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo)."
+Once you’ve made your changes in your copy, you can submit them as a pull request, which is a way to propose changes back to the main project. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo)."
 
-## Forking a repository
+## Creating your own copy of a project
 
 This tutorial uses [the Spoon-Knife project](https://github.com/octocat/Spoon-Knife), a test repository that's hosted on {% data variables.product.prodname_dotcom %} that lets you test the fork and pull request workflow.
 
@@ -44,7 +44,7 @@ This tutorial uses [the Spoon-Knife project](https://github.com/octocat/Spoon-Kn
 > [!NOTE]
 > If you want to copy additional branches from the upstream repository, you can do so from the **Branches** page. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)."
 
-## Cloning a fork
+## Cloning a fork to your computer
 
 You've successfully forked the Spoon-Knife repository, but so far, it only exists on {% data variables.product.product_name %}. To be able to work on the project, you will need to clone it to your computer.
 
@@ -99,7 +99,7 @@ gh repo fork REPOSITORY --clone=true
 
 ## Creating a branch to work on
 
-Before making changes to the project, you should create a new branch and check it out. By keeping changes in their own branch, you follow GitHub Flow and ensure that it will be easier to contribute to the same project again in the future. For more information, see "[AUTOTITLE](/get-started/using-github/github-flow#following-github-flow)."
+Before making changes to the project, you should create a new branch and check it out. By keeping changes in their own branch, you follow {% data variables.product.github %} flow and ensure that it will be easier to contribute to the same project again in the future. See "[AUTOTITLE](/get-started/using-github/github-flow#following-github-flow)."
 
 {% webui %}
 
@@ -127,7 +127,7 @@ For more information about how to create and manage branches in {% data variable
 
 ## Making and pushing changes
 
-Go ahead and make a few changes to the project using your favorite text editor, like [{% data variables.product.prodname_vscode %}](https://code.visualstudio.com). You could, for example, change the text in `index.html` to add your GitHub username.
+Go ahead and make a few changes to the project using your favorite text editor, like [{% data variables.product.prodname_vscode %}](https://code.visualstudio.com). You could, for example, change the text in `index.html` to add your {% data variables.product.github %} username.
 
 When you're ready to submit your changes, stage and commit your changes. `git add .` tells Git that you want to include all of your changes in the next commit. `git commit` takes a snapshot of those changes.
 
@@ -199,3 +199,9 @@ Pull requests are an area for discussion. Don't be offended if the project owner
 
 You've successfully forked and contributed back to a repository. Go forth, and
 contribute some more!{% ifversion fpt %} For more information, see "[AUTOTITLE](/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github)."{% endif %}
+
+{% ifversion copilot %}
+
+## Familiarizing yourself with a project
+
+If you're new to a project, you can use {% data variables.product.prodname_copilot_short %} to help you understand the purpose of the repository, examine files, and dive into specific lines of code. See "[AUTOTITLE](/get-started/exploring-projects-on-github/using-github-copilot-to-explore-projects)."{% endif %}
diff --git a/content/get-started/exploring-projects-on-github/index.md b/content/get-started/exploring-projects-on-github/index.md
index aa32d323f90a..4589eb3fd40a 100644
--- a/content/get-started/exploring-projects-on-github/index.md
+++ b/content/get-started/exploring-projects-on-github/index.md
@@ -15,6 +15,7 @@ topics:
   - Projects
 children:
   - /finding-ways-to-contribute-to-open-source-on-github
+  - /using-github-copilot-to-explore-projects
   - /contributing-to-a-project
   - /saving-repositories-with-stars
   - /following-people
diff --git a/content/get-started/exploring-projects-on-github/using-github-copilot-to-explore-projects.md b/content/get-started/exploring-projects-on-github/using-github-copilot-to-explore-projects.md
new file mode 100644
index 000000000000..ac3837d15968
--- /dev/null
+++ b/content/get-started/exploring-projects-on-github/using-github-copilot-to-explore-projects.md
@@ -0,0 +1,45 @@
+---
+title: Using GitHub Copilot to explore projects
+intro: 'This guide will help you use {% data variables.product.prodname_copilot_short %} to explore projects on {% data variables.product.prodname_dotcom %}.'
+versions:
+  feature: copilot
+topics:
+  - Copilot
+  - Repositories
+shortTitle: Use Copilot to explore projects
+---
+
+> [!NOTE] {% data variables.product.prodname_copilot_chat_dotcom %} is currently in {% data variables.release-phases.public_preview %} and is subject to change.
+
+In this guide, you’ll learn how to use {% data variables.product.prodname_copilot_chat_dotcom_short %} to understand a repository’s purpose, examine files, and dive into specific lines of code. By following these steps, you’ll gain insights into any project faster—making onboarding, code review, and project exploration easier and more efficient.
+
+## Prerequisites
+
+{% data reusables.copilot.copilot-requires-subscription %}
+
+## Understanding a repository
+
+When you’re new to a project, it can be challenging to understand the purpose of a repository and its files. {% data variables.product.prodname_copilot_short %} can help you quickly understand the purpose of a repository, for example, by providing a summary of the repository’s README file.
+
+1. On the {% data variables.product.prodname_dotcom %} website, go to the repository you want to chat about.
+
+1. Click the **{% octicon "copilot" aria-hidden="true" %}** {% data variables.product.prodname_copilot %} icon at the top right of the page.
+1. The heading at the top of the chat panel should read "Chatting about" followed by the name of the current repository.
+
+   If the wrong repository name is displayed, because you were previously chatting about another repository, click **All repositories** then choose the repository you want to chat about.
+
+   ![Screenshot of the {% data variables.product.prodname_copilot_short %} chat panel page with "All repositories" highlighted with a dark orange outline.](/assets/images/help/copilot/copilot-chat-all-repositories.png)
+
+1. In the "Ask {% data variables.product.prodname_copilot_short %}" box, at the bottom of the chat panel, type "Summarize the purpose of this repository based on the README" and press Enter.  {% data variables.product.prodname_copilot_short %} replies in the chat panel.
+
+You can also use {% data variables.product.prodname_copilot_short %} to understand the roles of different folders and files within the repository. For example, you can ask {% data variables.product.prodname_copilot_short %} to summarize the contents of a specific file, or to explain the purpose of a specific folder.
+
+## Exploring files and code
+
+When you’re exploring a project, you might want to understand the contents of a specific file. {% data variables.product.prodname_copilot_short %} can help you quickly understand the purpose of a file, for example, by providing a summary of the file’s contents. You can also ask {% data variables.product.prodname_copilot_short %} to explain specific lines of code within a file.
+
+{% data reusables.copilot.chat-about-specific-lines %}
+
+## Next steps
+
+Now that you know how to use {% data variables.product.prodname_copilot_short %} to explore projects, you can use it to help you understand any repository, file, or line of code on {% data variables.product.prodname_dotcom %}.
diff --git a/content/get-started/using-github/communicating-on-github.md b/content/get-started/using-github/communicating-on-github.md
index ac26e9d4e5ba..c544d300e650 100644
--- a/content/get-started/using-github/communicating-on-github.md
+++ b/content/get-started/using-github/communicating-on-github.md
@@ -59,11 +59,11 @@ You can create and participate in issues, pull requests and team discussions, de
 
 ### Team discussions
 
-* can be started on your team's page for conversations that span across projects and don't belong in a specific issue or pull request. Instead of opening an issue in a repository to discuss an idea, you can include the entire team by having a conversation in a team discussion.
-* allow you to hold discussions with your team about planning, analysis, design, user research and general project decision making in one place.{% ifversion ghes %}
-* provide a collaborative experience outside the codebase, allowing the brainstorming of ideas.
-* often don’t have a clear owner.
-* often do not result in an actionable task.{% endif %}
+* Can be started on your team's page for conversations that span across projects and don't belong in a specific issue or pull request. Instead of opening an issue in a repository to discuss an idea, you can include the entire team by having a conversation in a team discussion.
+* Allow you to hold discussions with your team about planning, analysis, design, user research and general project decision making in one place.{% ifversion ghes %}
+* Provide a collaborative experience outside the codebase, allowing the brainstorming of ideas.
+* Often don’t have a clear owner.
+* Often do not result in an actionable task.{% endif %}
 {% endif %}
 
 ## Which discussion tool should I use?
@@ -148,6 +148,34 @@ The `octocat` team member posted a team discussion, informing the team of variou
 * Material about the April All Hands is now available for all team members to view.
 {% endif %}
 
+{% ifversion copilot %}
+
+## Using {% data variables.product.prodname_copilot_short %} to gain context
+
+> [!NOTE] {% data reusables.copilot.copilot-requires-subscription %}
+
+If you need more context or clarity on a specific issue or discussion, you can use {% data variables.product.prodname_copilot %} to help answer your questions. This enables you to quickly gain insights, understand complex threads, and stay aligned with the project’s goals, fostering collaboration and knowledge sharing within the community.
+
+To ask a question about an issue or discussion:
+
+1. From anywhere on {% data variables.product.github %},  click the **{% octicon "copilot" aria-hidden="true" %}** {% data variables.product.prodname_copilot %} icon next to the search bar in the top right of the page.
+
+   ![Screenshot of the new conversation button, highlighted with a dark orange outline.](/assets/images/help/copilot/copilot-icon-top-right.png)
+
+1. In the "Ask {% data variables.product.prodname_copilot_short %}" box, type a question and include the relevant URL in your message. For example, you could ask:
+
+   * `Explain https://github.com/monalisa/octokit/issues/1`
+   * `Summarize https://github.com/monalisa/octokit/discussions/4`
+   * `Recommend next steps for https://github.com/monalisa/octokit/issues/2`
+   * `What are the acceptance criteria for ISSUE URL?`
+   * `What are the main points made by PERSON in DISCUSSION URL?`
+
+   If you chat with {% data variables.product.prodname_copilot %} from a specific issue or discussion, you don't need to include the URL in your question.
+
+{% data reusables.copilot.stop-response-generation %}
+
+{% endif %}
+
 ## Next steps
 
 These examples showed you how to decide which is the best tool for your conversations on {% data variables.product.product_name %}. But this is only the beginning; there is so much more you can do to tailor these tools to your needs.
diff --git a/content/github-models/prototyping-with-ai-models.md b/content/github-models/prototyping-with-ai-models.md
index 93fe4bdc9e94..af5dd0df2810 100644
--- a/content/github-models/prototyping-with-ai-models.md
+++ b/content/github-models/prototyping-with-ai-models.md
@@ -6,7 +6,7 @@ versions:
   feature: github-models
 ---
 
-If you want to develop a generative AI application, you can use {% data variables.product.prodname_github_models %} to find and experiment with AI models for free. Once you are ready to bring your application to production, you can switch to a token from a paid Azure account. See the [Azure AI](https://ai.azure.com/github/model/docs) documentation.
+If you want to develop a generative AI application, you can use {% data variables.product.prodname_github_models %} to find and experiment with AI models for free. Once you are ready to bring your application to production, you can switch to a token from a paid Azure account. See the [Azure AI](https://aka.ms/azureai/github-models) documentation.
 
 See also "[AUTOTITLE](/github-models/responsible-use-of-github-models)."
 
diff --git a/content/github-models/responsible-use-of-github-models.md b/content/github-models/responsible-use-of-github-models.md
index 0ab3b65fe139..b50c2a565c20 100644
--- a/content/github-models/responsible-use-of-github-models.md
+++ b/content/github-models/responsible-use-of-github-models.md
@@ -9,4 +9,4 @@ type: rai
 
 With {% data variables.product.prodname_github_models %}, you build your understanding of AI model capabilities by experimenting with model settings and sending prompts through a chat interface. Additionally, you can directly interact with models through an SDK. Refer to a model's "Getting Started" tab for more information about how to use the SDK. Refer to a model’s "README" tab for more information on the model. Remember when interacting with a model you are experimenting with AI, so content mistakes are possible.
 
-{% data variables.product.prodname_github_models %} is designed to allow for learning, experimentation and proof-of-concept activities. The feature is subject to various limits (including requests per minute, requests per day, tokens per request, and concurrent requests) and is not designed for production use cases. {% data variables.product.prodname_github_models %} employs a number of [content filters](https://azure.microsoft.com/en-us/products/ai-services/ai-content-safety). These filters cannot be turned off as part of the {% data variables.product.prodname_github_models %} experience. If you decide to employ models through [Azure AI](https://ai.azure.com/github/model/docs) or a paid service, please configure your content filters to meet your requirements.
+{% data variables.product.prodname_github_models %} is designed to allow for learning, experimentation and proof-of-concept activities. The feature is subject to various limits (including requests per minute, requests per day, tokens per request, and concurrent requests) and is not designed for production use cases. {% data variables.product.prodname_github_models %} employs a number of [content filters](https://azure.microsoft.com/en-us/products/ai-services/ai-content-safety). These filters cannot be turned off as part of the {% data variables.product.prodname_github_models %} experience. If you decide to employ models through [Azure AI](https://aka.ms/azureai/github-models) or a paid service, please configure your content filters to meet your requirements.
diff --git a/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md b/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md
index 2a9d3eb41cf0..2a8133adfdf9 100644
--- a/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md
+++ b/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md
@@ -45,10 +45,10 @@ The default base role is `write`, meaning that everyone in the organization can
 
    ![Screenshot showing the "Who has access" settings. The dropdown for setting the base role is highlighted with an orange outline.](/assets/images/help/projects-v2/base-role.png)
 
-   * **No access**: Only organization owners and users granted individual access can see the project. Organization owners are also admins for the project.
-   * **Read**: Everyone in the organization can see the project. Organization owners are also admins for the project.
-   * **Write**: Everyone in the organization can see and edit the project. Organization owners are also admins for the project.
-   * **Admin**: Everyone in the organization is an admin for the project.
+   * **No access:** Only organization owners and users granted individual access can see the project. Organization owners are also admins for the project.
+   * **Read:** Everyone in the organization can see the project. Organization owners are also admins for the project.
+   * **Write:** Everyone in the organization can see and edit the project. Organization owners are also admins for the project.
+   * **Admin:** Everyone in the organization is an admin for the project.
 
 ### Managing access for teams and individual members of your organization
 
@@ -69,9 +69,9 @@ You can only invite an individual user to collaborate on your organization-level
    ![Screenshot showing searching for a collaborator.](/assets/images/help/projects-v2/access-search.png)
 
 1. Select the role for the collaborator.
-   * **Read**: The team or individual can view the project.
-   * **Write**: The team or individual can view and edit the project.
-   * **Admin**: The team or individual can view, edit, and add new collaborators to the project.
+   * **Read:** The team or individual can view the project.
+   * **Write:** The team or individual can view and edit the project.
+   * **Admin:** The team or individual can view, edit, and add new collaborators to the project.
 1. Click **Invite**.
 
 ### Managing access of an existing collaborator on your project
@@ -104,9 +104,9 @@ This only affects collaborators for your project, not for repositories in your p
    ![Screenshot showing searching for a collaborator.](/assets/images/help/projects-v2/access-search.png)
 
 1. Select the role for the collaborator.
-   * **Read**: The individual can view the project.
-   * **Write**: The individual can view and edit the project.
-   * **Admin**: The individual can view, edit, and add new collaborators to the project.
+   * **Read:** The individual can view the project.
+   * **Write:** The individual can view and edit the project.
+   * **Admin:** The individual can view, edit, and add new collaborators to the project.
 1. Click **Invite**.
 
 ### Managing access of an existing collaborator on your project
diff --git a/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md b/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md
index 5e504821894f..ddd604713790 100644
--- a/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md
+++ b/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md
@@ -24,10 +24,10 @@ When starting a new project, initiative, or feature, the first step is to create
 
 You can set up repositories for different purposes based on your needs. The following are some common use cases:
 
-* **Product repositories**: Larger organizations that track their work and goals around specific products may have one or more repositories containing the code and other files. These repositories can also be used for documentation, reporting on product health or future plans for the product.
-* **Project repositories**: You can create a repository for an individual project you are working on, or for a project you are collaborating on with others. For an organization that tracks work for short-lived initiatives or projects, such as a consulting firm, there is a need to report on the health of a project and move people between different projects based on skills and needs. Code for the project is often contained in a single repository.
-* **Team repositories**: For an organization that groups people into teams, and brings projects to them, such as a dev tools team, code may be scattered across many repositories for the different work they need to track. In this case it may be helpful to have a team-specific repository as one place to track all the work the team is involved in.
-* **Personal repositories**: You can create a personal repository to track all your work in one place, plan future tasks, or even add notes or information you want to save. You can also add collaborators if you want to share this information with others.
+* **Product repositories:** Larger organizations that track their work and goals around specific products may have one or more repositories containing the code and other files. These repositories can also be used for documentation, reporting on product health or future plans for the product.
+* **Project repositories:** You can create a repository for an individual project you are working on, or for a project you are collaborating on with others. For an organization that tracks work for short-lived initiatives or projects, such as a consulting firm, there is a need to report on the health of a project and move people between different projects based on skills and needs. Code for the project is often contained in a single repository.
+* **Team repositories:** For an organization that groups people into teams, and brings projects to them, such as a dev tools team, code may be scattered across many repositories for the different work they need to track. In this case it may be helpful to have a team-specific repository as one place to track all the work the team is involved in.
+* **Personal repositories:** You can create a personal repository to track all your work in one place, plan future tasks, or even add notes or information you want to save. You can also add collaborators if you want to share this information with others.
 
 You can create multiple, separate repositories if you want different access permissions for the source code and for tracking issues and discussions. For more information, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/creating-an-issues-only-repository)."
 
@@ -94,6 +94,41 @@ Below we have added a task list to our Project Octocat issue, breaking it down i
 
 {% endif %}
 
+{% ifversion copilot %}
+
+## Understanding new issues
+
+> [!NOTE] {% data reusables.copilot.copilot-requires-subscription %}
+
+When working on an unfamiliar or complex issue, {% data variables.product.prodname_copilot %} can help you quickly understand the context, history, and key information, so you can get started faster and with more confidence.
+
+### Reviewing the issue
+
+1. Navigate to an issue on {% data variables.product.github %}.
+
+{% data reusables.copilot.open-copilot %}
+
+1. At the bottom of the {% data variables.product.prodname_copilot_short %} chat panel, in the "Ask {% data variables.product.prodname_copilot_short %}" box, type a question and press Enter. For example, you could enter:
+
+   * `Summarize the main points of this issue`
+   * `What’s the goal of this issue?`
+
+{% data variables.product.prodname_copilot_short %}'s summary will help you capture the purpose and scope of the work.
+
+### Understanding the history and comments
+
+Issues often contain a history of discussions and decisions that can provide important context. You can use {% data variables.product.prodname_copilot_short %} to summarize these conversations to identify key points, such as proposed solutions or unanswered questions. For example, you might ask {% data variables.product.prodname_copilot_short %} to summarize recent comments or highlight decisions that have already been made. This helps you focus on what’s most relevant and ensures your contributions are aligned with the team’s priorities.
+
+### Clarifying technical terms
+
+Issues often mention technical terms, code, or files that might not be immediately clear. You can use {% data variables.product.prodname_copilot_short %} to get explanations or context for these references. For example, you can ask about the purpose of a file or function, or the meaning of a specific term mentioned in the issue. This helps you understand the details without spending extra time searching through documentation or code.
+
+### Getting suggestions for next steps
+
+Once you understand the context of an issue, {% data variables.product.prodname_copilot_short %} can help you figure out how to move forward. You can ask for suggestions on how to approach the work, like fixing a bug or implementing a new feature. For example, you might ask, “What’s the best way to resolve this issue?” or “How can I start addressing this problem?” {% data variables.product.prodname_copilot_short %}'s suggestions can provide useful starting points, helping you plan your work more effectively.
+
+{% endif %}
+
 ## Making decisions as a team
 
 You can use issues and discussions to communicate and make decisions as a team on planned improvements or priorities for your project. Issues are useful when you create them for discussion of specific details, such as bug or performance reports, planning for the next quarter, or design for a new initiative. Discussions are useful for open-ended brainstorming or feedback, outside the codebase and across repositories. For more information, see "[AUTOTITLE](/get-started/using-github/communicating-on-github#which-discussion-tool-should-i-use)."
diff --git a/content/migrations/overview/migration-paths-to-github.md b/content/migrations/overview/migration-paths-to-github.md
index 856a4a0ac52d..4fea074b00f7 100644
--- a/content/migrations/overview/migration-paths-to-github.md
+++ b/content/migrations/overview/migration-paths-to-github.md
@@ -40,23 +40,23 @@ You can review the scope and tooling for your migration to {% data variables.pro
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.1 or newer to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.0 or older to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
@@ -64,97 +64,97 @@ You can review the scope and tooling for your migration to {% data variables.pro
 
 Migrations from {% data variables.product.prodname_dotcom_the_website %} include {% data variables.product.prodname_ghe_cloud %}. This path includes adoption of {% data variables.product.prodname_emus %} or a move between managed enterprises.
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### Azure DevOps Services (Azure DevOps Cloud) to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**: "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:** "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
 
 ### Azure DevOps Server to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * [Migrate data from Azure DevOps Server to Azure DevOps Services](https://learn.microsoft.com/en-us/azure/devops/migrate/migration-overview?view=azure-devops) in the Microsoft Docs
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
-* **Caveats**: If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, "[Migrations from any Git repository to {% data variables.product.prodname_dotcom_the_website %}](#any-git-repository-to-githubcom)."
+* **Caveats:** If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, "[Migrations from any Git repository to {% data variables.product.prodname_dotcom_the_website %}](#any-git-repository-to-githubcom)."
 
 ### Bitbucket Cloud (Bitbucket.org) to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI or {% data variables.product.prodname_importer %}
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI or {% data variables.product.prodname_importer %}
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
   * "[AUTOTITLE]({% ifversion ghes %}/free-pro-team@latest{% endif %}/migrations/importing-source-code/using-github-importer/about-github-importer)"
 
 ### Bitbucket Server or Bitbucket Data Center to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * For complex repositories larger than around 5 GB, you may need to use `bbs-exporter` and Enterprise Cloud Importer instead. Enterprise Cloud Importer is only available for expert-led migrations.
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### GitLab to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: `gl-exporter`, then Enterprise Cloud Importer (expert-led migrations only)
-* **More information**: [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** `gl-exporter`, then Enterprise Cloud Importer (expert-led migrations only)
+* **More information:** [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
+* **Caveats:**
   * Enterprise Cloud Importer is only available for expert-led migrations.
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### Any Git repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI or {% data variables.product.prodname_importer %} if the repository is accessible over the public internet
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI or {% data variables.product.prodname_importer %} if the repository is accessible over the public internet
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
   * "[AUTOTITLE]({% ifversion ghes %}/free-pro-team@latest{% endif %}/migrations/importing-source-code/using-github-importer/about-github-importer)"
 
 ### Any Mercurial repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Mercurial, Git CLI, and Python
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
+* **Scope:** Source and history
+* **Tooling:** Mercurial, Git CLI, and Python
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
 
 ### Any Subversion (SVN) repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Subversion and Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
+* **Scope:** Source and history
+* **Tooling:** Subversion and Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
 
 ### Any Team Foundation Version Control (TFVC) repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Azure Repos, then Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
+* **Scope:** Source and history
+* **Tooling:** Azure Repos, then Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
 
 ### Any Perforce repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: `git-p4`, then Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** `git-p4`, then Git CLI
+* **More information:**
   * [git-p4](https://git-scm.com/docs/git-p4) in the Git documentation
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github#importing-a-git-repository-with-the-command-line)"
 
 ### Any other repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source snapshot
-* **Tooling**: {% data variables.product.prodname_cli %} or Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
+* **Scope:** Source snapshot
+* **Tooling:** {% data variables.product.prodname_cli %} or Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
 
 ### {% data variables.enterprise.data_residency_site %} to {% data variables.product.prodname_dotcom_the_website %}
 
@@ -185,116 +185,116 @@ Follow a link below to review the scope and tooling for your migration to {% dat
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.1 or newer to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.0 or older to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### {% data variables.product.prodname_dotcom_the_website %} to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### Azure DevOps Services (Azure DevOps Cloud) to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**: "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:** "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
 
 ### Azure DevOps Server to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * [Migrate data from Azure DevOps Server to Azure DevOps Services](https://learn.microsoft.com/en-us/azure/devops/migrate/migration-overview?view=azure-devops) in the Microsoft Docs
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
-* **Caveats**: If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, see "[Migrations from any Git repository to {% data variables.enterprise.data_residency_site %}](#any-git-repository-to-githubcom)."
+* **Caveats:** If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, see "[Migrations from any Git repository to {% data variables.enterprise.data_residency_site %}](#any-git-repository-to-githubcom)."
 
 ### Bitbucket Cloud (Bitbucket.org) to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Bitbucket Server or Bitbucket Data Center to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### GitLab to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Contact {% data variables.product.prodname_expert_services %}
-* **More information**: [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Contact {% data variables.product.prodname_expert_services %}
+* **More information:** [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
+* **Caveats:**
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### Any Git repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Any Mercurial repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Mercurial, Git CLI, and Python
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
+* **Scope:** Source and history
+* **Tooling:** Mercurial, Git CLI, and Python
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
 
 ### Any Subversion (SVN) repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Subversion and Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
+* **Scope:** Source and history
+* **Tooling:** Subversion and Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
 
 ### Any Team Foundation Version Control (TFVC) repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Azure Repos, then Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
+* **Scope:** Source and history
+* **Tooling:** Azure Repos, then Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
 
 ### Any Perforce repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: `git-p4`, then Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** `git-p4`, then Git CLI
+* **More information:**
   * [git-p4](https://git-scm.com/docs/git-p4) in the Git documentation
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github#importing-a-git-repository-with-the-command-line)"
 
 ### Any other repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source snapshot
-* **Tooling**: {% data variables.product.prodname_cli %} or Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
+* **Scope:** Source snapshot
+* **Tooling:** {% data variables.product.prodname_cli %} or Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
 
 ## Migrations to {% data variables.product.prodname_ghe_server %}
 
@@ -318,87 +318,87 @@ You can review the scope and tooling for your migration to {% data variables.pro
 
 Migrations from {% data variables.product.prodname_dotcom_the_website %} include {% data variables.product.prodname_ghe_cloud %}.
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Organization migrations API, then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Organization migrations API, then `ghe-migrator`
+* **More information:**
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/exporting-migration-data-from-githubcom)"
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
 
 ### {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Organization migrations API, then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Organization migrations API, then `ghe-migrator`
+* **More information:**
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/exporting-migration-data-from-github-enterprise-server)"
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
 
 ### Azure DevOps to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Bitbucket Cloud (Bitbucket.org) to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Bitbucket Server or Bitbucket Data Center to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: `bbs-exporter` (expert-led migrations only), then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** `bbs-exporter` (expert-led migrations only), then `ghe-migrator`
+* **More information:**
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
-* **Caveats**: {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
+* **Caveats:** {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
 
 ### GitLab to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: `gl-exporter` (expert-led migrations only), then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** `gl-exporter` (expert-led migrations only), then `ghe-migrator`
+* **More information:**
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
-* **Caveats**: {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
+* **Caveats:** {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
 
 ### Any Git repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Any Mercurial repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Mercurial, Git CLI, and Python
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
+* **Scope:** Source and history
+* **Tooling:** Mercurial, Git CLI, and Python
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
 
 ### Any Subversion (SVN) repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Subversion and Git CLI
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
+* **Scope:** Source and history
+* **Tooling:** Subversion and Git CLI
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
 
 ### Any Team Foundation Version Control (TFVC) repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Azure Repos, then Git CLI
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
+* **Scope:** Source and history
+* **Tooling:** Azure Repos, then Git CLI
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
 
 ### Any Perforce repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: `git-p4`, then Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** `git-p4`, then Git CLI
+* **More information:**
   * [git-p4](https://git-scm.com/docs/git-p4) in the Git documentation
   * "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github#importing-a-git-repository-with-the-command-line)"
 
 ### Any other repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source snapshot
-* **Tooling**: {% data variables.product.prodname_cli %} or Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
+* **Scope:** Source snapshot
+* **Tooling:** {% data variables.product.prodname_cli %} or Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
 
 ### {% data variables.enterprise.data_residency_site %} to {% data variables.product.prodname_ghe_server %}
 
diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md
index 2e644b046b46..2938f0df4133 100644
--- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md
+++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md
@@ -78,11 +78,11 @@ The base repository role determines the initial set of permissions included in t
 
 The base repository roles are:
 
-* **Read**: Grants read access to all repositories in the organization.
-* **Write**: Grants write access to all repositories in the organization.
-* **Triage**: Grants triage access to all repositories in the organization.
-* **Maintain**: Grants maintenance access to all repositories in the organization.
-* **Admin**: Grants admin access to all repositories in the organization.
+* **Read:** Grants read access to all repositories in the organization.
+* **Write:** Grants write access to all repositories in the organization.
+* **Triage:** Grants triage access to all repositories in the organization.
+* **Maintain:** Grants maintenance access to all repositories in the organization.
+* **Admin:** Grants admin access to all repositories in the organization.
 
 ## Additional permissions for repository access
 
diff --git a/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md
index c790b3c3fc3e..b8786271ed4c 100644
--- a/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md
+++ b/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md
@@ -13,8 +13,8 @@ shortTitle: Set a token policy
 ## Restricting access by {% data variables.product.pat_generic_plural %}
 
 Organization owners can prevent {% data variables.product.pat_generic_plural %} from accessing resources owned by the organization with the following options:
-* **Restrict access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} cannot access resources owned by the organization. SSH keys created by {% data variables.product.pat_generic_plural %} will continue to work.
-* **Allow access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} can access resources owned by the organization.
+* **Restrict access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} cannot access resources owned by the organization. SSH keys created by {% data variables.product.pat_generic_plural %} will continue to work.
+* **Allow access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} can access resources owned by the organization.
 
 Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plural %} will have access to public resources within the organization.
 
@@ -48,8 +48,8 @@ When you set a policy, tokens with non-compliant lifetimes will be blocked from
 ## Enforcing an approval policy for {% data variables.product.pat_v2_plural %}
 
 Organization owners can manage approval requirements for each {% data variables.product.pat_v2 %} that can access the organization with the following options:
-  * **Require administrator approval**: An organization owner must approve each {% data variables.product.pat_v2 %} that can access the organization. {% data variables.product.pat_v2_caps_plural %} created by organization owners will not need approval.
-  * **Do not require administrator approval**: {% data variables.product.pat_v2_caps %}s created by organization members can access resources in the organization without prior approval.
+  * **Require administrator approval:** An organization owner must approve each {% data variables.product.pat_v2 %} that can access the organization. {% data variables.product.pat_v2_caps_plural %} created by organization owners will not need approval.
+  * **Do not require administrator approval:** {% data variables.product.pat_v2_caps %}s created by organization members can access resources in the organization without prior approval.
 
 {% data variables.product.pat_v2_caps %}s will still be able to read public resources within the organization without approval.
 
diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
index 3458024bb8ad..ead662e282b8 100644
--- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
+++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
@@ -23,11 +23,11 @@ shortTitle: Repository roles
 You can give organization members, outside collaborators, and teams of people different levels of access to repositories owned by an organization by assigning them to roles. Choose the role that best fits each person or team's function in your project without giving people more access to the project than they need.
 
 From least access to most access, the roles for an organization repository are:
-* **Read**: Recommended for non-code contributors who want to view or discuss your project
-* **Triage**: Recommended for contributors who need to proactively manage issues{% ifversion discussions-moderators-control-who-can-report %}, discussions,{% endif %} and pull requests without write access
-* **Write**: Recommended for contributors who actively push to your project
-* **Maintain**: Recommended for project managers who need to manage the repository without access to sensitive or destructive actions
-* **Admin**: Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository
+* **Read:** Recommended for non-code contributors who want to view or discuss your project
+* **Triage:** Recommended for contributors who need to proactively manage issues{% ifversion discussions-moderators-control-who-can-report %}, discussions,{% endif %} and pull requests without write access
+* **Write:** Recommended for contributors who actively push to your project
+* **Maintain:** Recommended for project managers who need to manage the repository without access to sensitive or destructive actions
+* **Admin:** Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository
 
 {% ifversion fpt %}
 If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can create custom repository roles. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
diff --git a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md
index f83439462e30..e1c2a5cb5ba9 100644
--- a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md
+++ b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md
@@ -29,9 +29,9 @@ For an introduction to requesting and providing pull request reviews, see the [R
 {% ifversion fpt or ghec %}You can schedule reminders for pull requests that need to be reviewed. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team)."{% endif %}
 
 A review has three possible statuses:
-* **Comment**: Submit general feedback without explicitly approving the changes or requesting additional changes.
-* **Approve**: Submit feedback and approve merging the changes proposed in the pull request.
-* **Request changes**: Submit feedback that must be addressed before the pull request can be merged.
+* **Comment:** Submit general feedback without explicitly approving the changes or requesting additional changes.
+* **Approve:** Submit feedback and approve merging the changes proposed in the pull request.
+* **Request changes:** Submit feedback that must be addressed before the pull request can be merged.
 
 {% data reusables.repositories.request-changes-tips %}
 
diff --git a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md
index 6f7105920c02..78b27aef69de 100644
--- a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md
+++ b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md
@@ -56,7 +56,7 @@ Before you submit your review, your line comments are _pending_ and only visible
 You can use [{% data variables.product.prodname_github_codespaces %}](/codespaces/overview) to test, run, and review pull requests.
 
 1. Open the pull request in a codespace, as described in "[AUTOTITLE](/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests#opening-a-pull-request-in-codespaces)."
-1. In the Activity Bar, click the **GitHub Pull Request** view. This view only appears when you open a pull request in a codespace.
+1. In the Activity Bar, click the **{% data variables.product.github %} Pull Request** view. This view only appears when you open a pull request in a codespace.
 
    ![Screenshot of the {% data variables.product.prodname_vscode_shortname %} Activity Bar. The mouse pointer is hovering over an icon displaying the tooltip "{% data variables.product.prodname_dotcom %} Pull Request."](/assets/images/help/codespaces/github-pr-view.png)
 
@@ -79,6 +79,33 @@ For more information on reviewing pull requests in {% data variables.product.pro
 {% endcodespaces %}
 {% endif %}
 
+{% webui %}
+{% ifversion copilot %}
+
+## Understanding changes in a pull request
+
+> [!NOTE] {% data reusables.copilot.copilot-requires-subscription %}
+
+{% data variables.product.prodname_copilot %} can help you quickly understand the changes in a pull request by providing context and explanations for specific commits. If you’re unsure about the purpose of a particular change or need more details about how it fits into the broader codebase, you can ask {% data variables.product.prodname_copilot_short %} questions about individual commits.
+
+1. Navigate to a commit on {% data variables.product.github %}.
+
+{% data reusables.copilot.open-copilot %}
+
+1. At the bottom of the {% data variables.product.prodname_copilot_short %} chat panel, in the "Ask {% data variables.product.prodname_copilot_short %}" box, type a question and press Enter. For example, you could enter:
+
+   * `Summarize the changes in this commit`
+   * `Who committed these changes?`
+   * `When was this commit made?`
+
+   > [!TIP]
+   > If you know the SHA for a commit, instead of navigating to the commit, you can ask {% data variables.product.prodname_copilot_short %} about the commit from any page in the repository on {% data variables.product.github %} by including the SHA in your message. For example, `What changed in commit a778e0eab?`
+
+{% data reusables.copilot.stop-response-generation %}
+
+{% endif %}
+{% endwebui %}
+
 ## Reviewing dependency changes
 
 If the pull request contains changes to dependencies you can use the dependency review for a manifest or lock file to see what has changed and check whether the changes introduce security vulnerabilities. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)."
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md b/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
index 37e4043844be..70c457442a13 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
@@ -53,19 +53,19 @@ Repository administrators can require a merge queue by enabling the branch prote
 
 Once you have enabled the "Require merge queue" setting, you can also access the following settings:
 
-* **Merge method**: Select which method to use when merging queued pull requests: merge, rebase, or squash.
+* **Merge method:** Select which method to use when merging queued pull requests: merge, rebase, or squash.
 
-* **Build concurrency**: The maximum number of `merge_group` webhooks to dispatch (between `1` and `100`), throttling the total amount of concurrent CI builds. This affects the velocity of merges that a merge queue can complete.
-* **Only merge non-failing pull requests**: This setting determines how a merge queue forms groups of pull requests to be merged.
+* **Build concurrency:** The maximum number of `merge_group` webhooks to dispatch (between `1` and `100`), throttling the total amount of concurrent CI builds. This affects the velocity of merges that a merge queue can complete.
+* **Only merge non-failing pull requests:** This setting determines how a merge queue forms groups of pull requests to be merged.
 
   | Enabled? | Description |
   | -------- | ----------- |
   | Yes      | All pull requests must satisfy required checks to be merged. |
   | No       | Pull requests that have failed required checks can be added to a group as long as the last pull request in the group has passed required checks. If the last pull request in the group has passed required checks, this means that the checks have passed for the combined set of changes in the merge group. Leaving this checkbox unselected can be useful if you have intermittent test failures, but don't want false negatives to hold up the queue. |
 
-* **Status check timeout**: Choose how long the queue should wait for a response from CI before assuming that checks have failed.
+* **Status check timeout:** Choose how long the queue should wait for a response from CI before assuming that checks have failed.
 
-* **Merge limits**: Select the minimum and maximum number of pull requests to merge into the base branch at the same time (between `1` and `100`), and a timeout after which the queue should stop waiting for more entries and merge with fewer than the minimum number.
+* **Merge limits:** Select the minimum and maximum number of pull requests to merge into the base branch at the same time (between `1` and `100`), and a timeout after which the queue should stop waiting for more entries and merge with fewer than the minimum number.
 
   > [!NOTE]
   > Merge limits do not combine `merge_group` **builds**. Merge limits only affect merges to the base branch once one or more `merge_group` has satisfied build checks.
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md
index 5a71c6e1efbf..e73b0341e380 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md
@@ -16,10 +16,10 @@ shortTitle: View branches
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.navigate-to-branches %}
 1. Use the navigation at the top of the page to view specific lists of branches:
-    * **Your branches**: In repositories that you have push access to, the **Yours** view shows all branches that you’ve pushed to, excluding the default branch, with the most recent branches first.
-    * **Active branches**: The **Active** view shows all branches (excluding the default branch) that anyone has committed to within the last three months, ordered by the branches with the most recent commits first.
-    * **Stale branches**: The **Stale** view shows all branches that no one has committed to in the last three months, ordered by the branches with the oldest commits first. Use this list to determine [which branches to delete](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository).
-    * **All branches**: The **All** view shows the default branch, followed by all other branches ordered by the branches with the most recent commits first.
+    * **Your branches:** In repositories that you have push access to, the **Yours** view shows all branches that you’ve pushed to, excluding the default branch, with the most recent branches first.
+    * **Active branches:** The **Active** view shows all branches (excluding the default branch) that anyone has committed to within the last three months, ordered by the branches with the most recent commits first.
+    * **Stale branches:** The **Stale** view shows all branches that no one has committed to in the last three months, ordered by the branches with the oldest commits first. Use this list to determine [which branches to delete](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository).
+    * **All branches:** The **All** view shows the default branch, followed by all other branches ordered by the branches with the most recent commits first.
 
 1. Optionally, use the search field on the top right. It provides a simple, case-insensitive, sub-string search on the branch name. It does not support any additional query syntax.
 
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md
index bd923f48de8e..9c45b9936f02 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md
@@ -53,16 +53,16 @@ You can require that merges must be performed with a merge queue at the reposito
 
 You can configure various settings for your merge queue rule.
 
-* **Merge method**: Method to use when merging changes from pull requests.
-* **Build concurrency**: Limit the number of queued pull requests requesting checks and workflow runs at the same time.
+* **Merge method:** Method to use when merging changes from pull requests.
+* **Build concurrency:** Limit the number of queued pull requests requesting checks and workflow runs at the same time.
   * This setting controls when merge queue dispatches the `merge_group.checks_requested` webhook event, which triggers {% data variables.product.prodname_actions %} workflows that are configured to run on `merge_group`. For more information, see "[AUTOTITLE](/webhooks/webhook-events-and-payloads#merge_group)."
   * For example, if there are 5 pull requests added to the queue and the build concurrency setting is 3, merge queue will dispatch the `checks_requested` event for the first 3 pull requests. When it receives a result for one of those pull requests, merge queue will dispatch the event for the 4th pull request, and so on.
-* **Minimum/maximum group size**: The number of pull requests that will be merged together in a group.
-* **Wait time to meet minimum group size (minutes)**: The time the merge queue will wait after the first pull request is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.
-* **Require all queue entries to pass required checks**:
+* **Minimum/maximum group size:** The number of pull requests that will be merged together in a group.
+* **Wait time to meet minimum group size (minutes):** The time the merge queue will wait after the first pull request is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.
+* **Require all queue entries to pass required checks:**
     * When this setting is enabled, each item in the merge group must pass all required checks.
     * When this setting is disabled, only the commit at the head of the merge group, i.e. the commit containing changes from all of the pull requests in the group, must pass its required checks to merge.
-* **Status check timeout (minutes)**: Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed
+* **Status check timeout (minutes):** Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed
 
 {% endif %}
 
diff --git a/content/repositories/working-with-files/using-files/index.md b/content/repositories/working-with-files/using-files/index.md
index 25a13d198a9b..0d1726ad2cbe 100644
--- a/content/repositories/working-with-files/using-files/index.md
+++ b/content/repositories/working-with-files/using-files/index.md
@@ -7,9 +7,8 @@ versions:
   ghec: '*'
 children:
   - /navigating-code-on-github
-  - /viewing-a-file
+  - /viewing-and-understanding-files
   - /getting-permanent-links-to-files
   - /downloading-source-code-archives
   - /working-with-non-code-files
 ---
-
diff --git a/content/repositories/working-with-files/using-files/viewing-a-file.md b/content/repositories/working-with-files/using-files/viewing-and-understanding-files.md
similarity index 85%
rename from content/repositories/working-with-files/using-files/viewing-a-file.md
rename to content/repositories/working-with-files/using-files/viewing-and-understanding-files.md
index d3444096d2ac..0d979f409e4f 100644
--- a/content/repositories/working-with-files/using-files/viewing-a-file.md
+++ b/content/repositories/working-with-files/using-files/viewing-and-understanding-files.md
@@ -1,6 +1,6 @@
 ---
-title: Viewing a file
-intro: You can view raw file content or trace changes to lines in a file and discover how parts of the file evolved over time.
+title: Viewing and understanding files
+intro: Explore file content and trace changes over time to understand a new codebase and its evolution.
 redirect_from:
   - /articles/using-git-blame-to-trace-changes-in-a-file
   - /articles/tracing-changes-in-a-file
@@ -8,14 +8,18 @@ redirect_from:
   - /github/managing-files-in-a-repository/tracking-changes-in-a-file
   - /github/managing-files-in-a-repository/managing-files-on-github/tracking-changes-in-a-file
   - /repositories/working-with-files/using-files/tracking-changes-in-a-file
+  - /repositories/working-with-files/using-files/viewing-a-file
 versions:
   fpt: '*'
   ghes: '*'
   ghec: '*'
 topics:
   - Repositories
-shortTitle: View files and track file changes
+shortTitle: View and understand files
 ---
+
+{% data variables.product.github %} provides tools to view raw content, trace changes to specific lines, and explore how a file’s content has evolved over time. These insights reveal how code was developed, its current purpose, and its structure, helping you contribute effectively.
+
 ## Viewing or copying the raw file content
 
 With the raw view, you can view or copy the raw content of a file without any styling.
@@ -100,3 +104,15 @@ git config blame.ignoreRevsFile .git-blame-ignore-revs
 ## Bypassing `.git-blame-ignore-revs` in the blame view
 
 If the blame view for a file shows **Ignoring revisions in .git-blame-ignore-revs**, you can still bypass `.git-blame-ignore-revs` and see the normal blame view. In the URL, append a `~` to the SHA and the **Ignoring revisions in .git-blame-ignore-revs** banner will disappear.
+
+{% ifversion copilot %}
+
+## Understanding files with {% data variables.product.prodname_copilot_short %}
+
+> [!NOTE] {% data reusables.copilot.copilot-requires-subscription %}
+
+You can also use {% data variables.product.prodname_copilot_short %} to ask about specific lines of code in a file, helping you understand how the code works and reducing the risk of introducing new problems.
+
+{% data reusables.copilot.chat-about-specific-lines %}
+
+{% endif %}
diff --git a/content/rest/enterprise-admin/index.md b/content/rest/enterprise-admin/index.md
index 8511c082c1b4..ebf810db3db8 100644
--- a/content/rest/enterprise-admin/index.md
+++ b/content/rest/enterprise-admin/index.md
@@ -44,13 +44,7 @@ autogenerated: rest
 
 ## Endpoint URLs
 
-These endpoints
-{% ifversion management-console-manage-ghes-parity -%}
-—except Manage GitHub Enterprise Server API—
-{%- else -%}
-—except Management Console API—
-{%- endif -%}
- are prefixed with the following URL:
+These endpoints{% ifversion ghes %}, except the Manage GitHub Enterprise Server API {% ifversion ghes < 3.15 %} and Management Console API{% endif %},{% endif %} are prefixed with the following URL:
 
 ```shell
 {% data variables.product.rest_url %}
@@ -61,15 +55,11 @@ When endpoints include `{enterprise}`, replace `{enterprise}` with the handle fo
 {% endif %}
 
 {% ifversion ghes %}
-{% ifversion management-console-manage-ghes-parity -%}
-Manage GitHub Enterprise Server API
-{%- else -%}
-Management Console API
-{%- endif %}
-endpoints are only prefixed with a hostname:
+
+Endpoints for the  Manage GitHub Enterprise Server API{% ifversion ghes < 3.15 %} and Management Console API{% endif %} are only prefixed with a hostname and administration port:
 
 ```shell
-http(s)://HOSTNAME/
+http(s)://HOSTNAME:ADMINISTRATION-PORT/
 ```
 
 {% endif %}
@@ -81,13 +71,7 @@ Your {% data variables.product.product_name %} installation's API endpoints acce
 
 OAuth tokens must have the `site_admin` [OAuth scope](/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes) when used with these endpoints.
 
-These endpoints are only accessible to authenticated {% data variables.product.product_name %} site administrators, except for the
-{% ifversion management-console-manage-ghes-parity -%}
-[AUTOTITLE](/rest/enterprise-admin/manage-ghes),
-{%- else -%}
-[AUTOTITLE](/rest/enterprise-admin/management-console),
-{%- endif %}
-which requires the [Management Console password](/admin/configuration/administering-your-instance-from-the-management-console).
+These endpoints are only accessible to authenticated {% data variables.product.product_name %} site administrators, except for endpoints of the [AUTOTITLE](/rest/enterprise-admin/manage-ghes) API{% ifversion ghes < 3.15 %} and [AUTOTITLE](/rest/enterprise-admin/management-console) API{% endif %}, which allow authentication as a Management Console user. See "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console)."
 
 {% data reusables.enterprise_management_console.api-deprecation %}
 
diff --git a/content/rest/enterprise-admin/manage-ghes.md b/content/rest/enterprise-admin/manage-ghes.md
index 35af1e12ed8c..198546821609 100644
--- a/content/rest/enterprise-admin/manage-ghes.md
+++ b/content/rest/enterprise-admin/manage-ghes.md
@@ -53,7 +53,7 @@ By default, the response includes information from about all configured nodes fo
 | Query parameter | Description |
 | :- | :- |
 | `uuid` | Unique identifier for the node. |
-| `cluster_role` | For nodes in a cluster, the roles that apply to the node. For more information, see "[AUTOTITLE)(/admin/enterprise-management/configuring-clustering/about-cluster-nodes)." |
+| `cluster_role` | For nodes in a cluster, the roles that apply to the node. For more information, see "[AUTOTITLE](/admin/enterprise-management/configuring-clustering/about-cluster-nodes)." |
 
 You can specify multiple values for the query parameter by delimiting the values with a comma. For example, the following request uses curl to return any nodes with the `web-server` or `storage-server` role.
 
diff --git a/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md b/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md
index 700b960cefa0..3850b5ed9e39 100644
--- a/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md
+++ b/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md
@@ -234,19 +234,19 @@ Use the {% data variables.product.prodname_cli %} `api` subcommand to make your
 In your request, specify the following options and values:
 
 {%- ifversion not fpt %}
-* **--hostname**: If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
+* **--hostname:** If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
 {%- endif %}
 * **--method** followed by the HTTP method and the path of the endpoint. For more information, see "[HTTP method](#http-method)" and "[Path](#path)."
-* **--header**:
-  * **`Accept`**: Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
-  * **`X-GitHub-Api-Version`**: Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
+* **--header:**
+  * **`Accept`:** Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
+  * **`X-GitHub-Api-Version`:** Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
 * **`-f`** or **`-F`** followed by any body parameters or query parameters in `key=value` format. Use the `-F` option to pass a parameter that is a number, Boolean, or null. Use the `-f` option to pass string parameters.
 
   Some endpoints use query parameters that are arrays. To send an array in the query string, use the query parameter once per array item, and append `[]` after the query parameter name. For example, to provide an array of two repository IDs, use `-f repository_ids[]=REPOSITORY_A_ID -f repository_ids[]=REPOSITORY_B_ID`.
 
   If you do not need to specify any body parameters or query parameters in your request, omit this option. For more information, see "[Body parameters](#body-parameters)" and "[Query parameters](#query-parameters)." For examples, see "[Example request using body parameters](#example-request-using-body-parameters)" and "[Example request using query parameters](#example-request-using-query-parameters)."
 {%- ifversion not fpt %}
-* **--hostname**: If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
+* **--hostname:** If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
 {%- endif %}
 
 #### Example request
@@ -318,10 +318,10 @@ Specify the following options and values in your request:
 * **`--url`** followed by the full path as the value. The full path is a URL that includes the base URL for the GitHub REST API (`{% data variables.product.rest_url %}`{% ifversion ghec %} or `https://{% data variables.enterprise.data_residency_api %}`, depending on where you access {% data variables.product.github %}{% endif %}) and the path of the endpoint, like this: `{% data variables.product.rest_url %}/PATH`.{% ifversion ghes %} Replace `HOSTNAME` with the name of {% data variables.location.product_location %}.{% endif %} Replace `PATH` with the path of the endpoint. For more information, see "[Path](#path)."
 
   To use query parameters, add a `?` to the end of the path, then append your query parameter name and value in the form `parameter_name=value`. Separate multiple query parameters with `&`. If you need to send an array in the query string, use the query parameter once per array item, and append `[]` after the query parameter name. For example, to provide an array of two repository IDs, use `?repository_ids[]=REPOSITORY_A_ID&repository_ids[]=REPOSITORY_B_ID`. For more information, see "[Query parameters](#query-parameters)." For an example, see "[Example request using query parameters](#example-request-using-query-parameters-1)."
-* **`--header` or `-H`**:
-  * **`Accept`**: Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma, for example: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
-  * **`X-GitHub-Api-Version`**: Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
-  * **`Authorization`**: Pass your authentication token in an `Authorization` header. Note that in most cases you can use `Authorization: Bearer` or `Authorization: token` to pass a token. However, if you are passing a JSON web token (JWT), you must use `Authorization: Bearer`. For more information, see "[Authentication](#authentication)." For an example of a request that uses an `Authorization` header, see "[Example request using body parameters](#example-request-using-body-parameters-1)."
+* **`--header` or `-H`:**
+  * **`Accept`:** Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma, for example: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
+  * **`X-GitHub-Api-Version`:** Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
+  * **`Authorization`:** Pass your authentication token in an `Authorization` header. Note that in most cases you can use `Authorization: Bearer` or `Authorization: token` to pass a token. However, if you are passing a JSON web token (JWT), you must use `Authorization: Bearer`. For more information, see "[Authentication](#authentication)." For an example of a request that uses an `Authorization` header, see "[Example request using body parameters](#example-request-using-body-parameters-1)."
 * **`--data` or `-d`** followed by any body parameters within a JSON object. If you do not need to specify any body parameters in your request, omit this option. For more information, see "[Body parameters](#body-parameters)." For an example, see "[Example request using body parameters](#example-request-using-body-parameters-1)."
 
 #### Example request
diff --git a/content/search-github/github-code-search/using-github-code-search.md b/content/search-github/github-code-search/using-github-code-search.md
index 8fb796838f01..2a635b716908 100644
--- a/content/search-github/github-code-search/using-github-code-search.md
+++ b/content/search-github/github-code-search/using-github-code-search.md
@@ -37,6 +37,34 @@ For more information about the search syntax of code search, see "[AUTOTITLE](/s
 
 1. After typing your query, you can also press Enter to go to the full search results view, where you can see each match and a visual interface for applying filters. For more information, see "[Using the search results view](#using-the-search-results-view)."
 
+{% ifversion copilot %}
+
+## Getting answers with {% data variables.product.prodname_copilot_short %} from the search bar
+
+> [!NOTE] {% data reusables.copilot.copilot-requires-subscription %}
+
+You can use {% data variables.product.prodname_copilot %} to ask questions about an entire repository directly from the main search box. Simply type your question into the search bar, and {% data variables.product.prodname_copilot_short %} can provide insights or explanations about the repository’s structure, purpose, or specific components. This makes it easy to get quick answers without navigating through multiple files, helping you stay focused and maintain your workflow.
+
+1. Navigate to a repository on {% data variables.product.github %}.
+1. Press /, or click in the main search box at the top of the page.
+1. In the search box, after `repo:OWNER/REPO`, type the question you want to ask {% data variables.product.prodname_copilot_short %}.
+
+   For example, you could enter:
+
+   * `What does this repo do?`
+   * `Where is authentication implemented in this codebase?`
+   * `How does license file detection work in this repo?`
+
+1. Click **Ask {% data variables.product.prodname_copilot_short %}**.
+
+   ![Screenshot of the main search box on {% data variables.product.prodname_dotcom %}. The drop-down option "Ask {% data variables.product.prodname_copilot_short %}" is highlighted with an orange outline.](/assets/images/help/copilot/ask-copilot-from-search-bar.png)
+
+   The {% data variables.product.prodname_copilot_chat %} panel is displayed and {% data variables.product.prodname_copilot_short %} responds to your request.
+
+{% data reusables.copilot.stop-response-generation %}
+
+{% endif %}
+
 ## Creating and managing saved searches
 
 1. In the top navigation of {% data variables.product.prodname_dotcom %}, click the search bar and type `saved:`.
diff --git a/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md b/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md
index 0e2431922cb8..d848582bf6e4 100644
--- a/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md
+++ b/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md
@@ -56,19 +56,19 @@ GitHub has a non-retaliation policy for reporting workplace-related concerns. Co
 
 GitHub's labor practices are
 
-**fair**:
+**fair:**
    * GitHub pays its employees and contractors a fair wage, in accordance with applicable legal wages
    * GitHub maintains humane working conditions
    * GitHub does not require workers to exceed the maximum hours of daily labor set by local and national laws or regulations
    * GitHub pays its employees and contractors in a timely manner, with documentation (such as a pay stub) stating the basis on which they are paid, and keeps employee records in accordance with local and national laws
 
-**humane and ethical**:
+**humane and ethical:**
    * GitHub uses only voluntary labor
    * GitHub prohibits child labor
    * GitHub does not engage in physical discipline or abuse
    * GitHub does not tolerate harassment or unlawful discrimination in the workforce or workplace
 
-**respectful**:
+**respectful:**
    * GitHub protects its employees' rights to freedom of association and collective bargaining in accordance with legal requirements, including to post legal notices of employees' rights under the National Labor Relations Act
    * GitHub provides benefits to employees at or in excess of levels expected in the industry
    * GitHub encourages employees to report any workplace complaint and does not tolerate retaliation for reporting
diff --git a/content/site-policy/github-terms/github-copilot-extension-developer-policy.md b/content/site-policy/github-terms/github-copilot-extension-developer-policy.md
index f86f82fb99d0..d9a30aa99f5d 100644
--- a/content/site-policy/github-terms/github-copilot-extension-developer-policy.md
+++ b/content/site-policy/github-terms/github-copilot-extension-developer-policy.md
@@ -27,9 +27,9 @@ Violations of this Agreement may result in removing the Extension from the Platf
 
 While we want You to develop useful, fun, and interesting Extensions with GitHub Copilot, we want to make sure that our Users receive a safe, secure, productive, and enjoyable experience. When creating Extensions, you must understand the use cases and limitations of GitHub Copilot, and not rely on it for tasks where its use could lead to significant harm. With that in mind, You are required to comply with this Policy and other obligations.
 
-**Terms of Service**: Your Extension must comply with the GitHub Terms of Service (ToS) including the Acceptable Use Policy.
+**Terms of Service:** Your Extension must comply with the GitHub Terms of Service (ToS) including the Acceptable Use Policy.
 
-**Security**: We take the security of Personal Data seriously and you must as well. As you develop your Extension, You must properly configure your systems to protect Personal Data and ensure that any stored Personal Data is encrypted. Furthermore, Extensions and developers must not:
+**Security:** We take the security of Personal Data seriously and you must as well. As you develop your Extension, You must properly configure your systems to protect Personal Data and ensure that any stored Personal Data is encrypted. Furthermore, Extensions and developers must not:
 
 * Degrade or compromise security
 * Bypass or circumvent protocols and access controls
@@ -38,7 +38,7 @@ While we want You to develop useful, fun, and interesting Extensions with GitHub
 * Transmit any viruses or other code that may damage, detrimentally interfere with, surreptitiously intercept or expropriate any system or Personal Data
 * Attempt to reverse engineer or otherwise derive source code, trade secrets, or know-how of the Platform or any portion thereof
 
-**Use of Personal Data**: Protecting User privacy is paramount at GitHub, and must be for you. You are responsible for good Personal Data practices. You do not have independent rights to any Personal Data. In accordance with this, Extensions and developers are prohibited from:
+**Use of Personal Data:** Protecting User privacy is paramount at GitHub, and must be for you. You are responsible for good Personal Data practices. You do not have independent rights to any Personal Data. In accordance with this, Extensions and developers are prohibited from:
 
 * Collecting, storing, and using Personal Data without obtaining proper User consent
 * Utilizing Personal Data to contact Users. You must gain permission through a clear and separate permissions process to contact Users outside of GitHub. Contacting Users is limited to emergencies in which the User’s safety and security is at risk and in compliance with the law
@@ -52,7 +52,7 @@ While we want You to develop useful, fun, and interesting Extensions with GitHub
 * Accessing Data for surveillance purposes. You may not allow or assist any entity to conduct surveillance or obtain Personal Data using your access to the Platform
 * Otherwise exploiting Personal Data in a way not approved by GitHub and not disclosed to and permitted by Users. You may, however, use Data that is both aggregated and anonymized for purposes of analytics and development related to the Extension
 
-**Law and Safety**: Extensions should not create unsafe environments or hardships for Users. Each Extension must comply with all applicable laws and legal requirements in all locations where it is made available to Users. In addition, Extensions and developers are prohibited from:
+**Law and Safety:** Extensions should not create unsafe environments or hardships for Users. Each Extension must comply with all applicable laws and legal requirements in all locations where it is made available to Users. In addition, Extensions and developers are prohibited from:
 
 * Inferring people’s emotional states from their physical, physiological, or behavioral characteristics
 * Inferring people’s sensitive attributes such as gender, race, nationality, religion, or specific age (not including age range, position of mouth (e.g., smile or frown), and hair color)
@@ -62,7 +62,7 @@ While we want You to develop useful, fun, and interesting Extensions with GitHub
 * For any real-time facial recognition technology on mobile cameras used by any law enforcement globally to attempt to identify individuals in uncontrolled, "in the wild" environments, which includes (without limitation) police officers on patrol using body-worn or dash-mounted cameras using facial recognition technology to attempt to identify individuals present in a database of suspects or prior inmates
 * Without the individual’s valid consent, for ongoing surveillance or real-time or near real-time identification or persistent tracking of the individual using any of their personal information, including biometric data
 
-**Transparency**: GitHub Copilot is a generative artificial intelligence (AI) tool intended to increase developer productivity. You must inform Users of Your Extensions intended use cases, best practices, and limitations as well as when they are interacting with generative AI content. Furthermore, Extensions and developers must:
+**Transparency:** GitHub Copilot is a generative artificial intelligence (AI) tool intended to increase developer productivity. You must inform Users of Your Extensions intended use cases, best practices, and limitations as well as when they are interacting with generative AI content. Furthermore, Extensions and developers must:
 
 * Test the Extension to ensure outputs do not violate this Agreement
 * Provide a mechanism for Users to report feedback to You and GitHub related to errors, bugs, improper, or undesired outputs
diff --git a/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md b/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md
index 26c59ed430dd..2513d3071a73 100644
--- a/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md
+++ b/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md
@@ -75,7 +75,7 @@ Gists can either be public or secret (accessible only through a known URL). Publ
 Here is a non-exhaustive list of the kinds of data we maintain about users and projects on GitHub.
 
 * 
-**Public account data**:
+**Public account data:**
 There is a variety of information publicly available on GitHub about users and their repositories.
 User profiles can be found at a URL such as `https://github.com/username`.
 User profiles display information about when the user created their account as well their public activity on GitHub.com and social interactions.
@@ -96,7 +96,7 @@ All user public profiles display:
   * Organizations to which the user is a member (_depending on either the organizations' or the users' preferences_)
 
 * 
-**Private account data**:
+**Private account data:**
 GitHub also collects and maintains certain private information about users as outlined in our [Privacy Policy](/site-policy/privacy-policies/github-privacy-statement).
 This may include:
   * Private email addresses
@@ -107,7 +107,7 @@ This may include:
     To get a sense of the type of private account information that GitHub collects, you can visit your {% data reusables.user-settings.personal_dashboard %} and browse through the sections in the left-hand menubar.
 
 * 
-**Organization account data**:
+**Organization account data:**
 Information about organizations, their administrative users and repositories is publicly available on GitHub.
 Organization profiles can be found at a URL such as `https://github.com/organization`.
 Public organization profiles can also include additional information that the owners have chosen to share publicly.
@@ -124,7 +124,7 @@ All organization public profiles display:
   * Collaborators
 
 * 
-**Public repository data**:
+**Public repository data:**
 GitHub is home to millions of public, open-source software projects.
 You can browse almost any public repository (for example, the [GitHub Docs](https://github.com/github/docs)) to get a sense for the information that GitHub collects and maintains about repositories.
 This can include:
@@ -139,11 +139,11 @@ This can include:
   * Statistics and graphs showing contributions to the project and the network of contributors
 
 * 
-**Private repository data**:
+**Private repository data:**
 GitHub collects and maintains the same type of data for private repositories that can be seen for public repositories, except only specifically invited users may access private repository data.
 
 * 
-**Other data**:
+**Other data:**
 Additionally, GitHub collects analytics data such as page visits and information occasionally volunteered by our users (such as communications with our support team, survey information and/or site registrations).
 
 ## We will notify any affected account owners
@@ -158,11 +158,11 @@ Where GitHub agrees to produce non-public information in response to a lawful re
 Here are the kinds of information we will agree to produce, depending on the kind of legal process we are served with:
 
 * 
-**With user consent**:
+**With user consent:**
 GitHub will provide private account information, if requested, directly to the user (or an owner, in the case of an organization account), or to a designated third party with the user's written consent once GitHub is satisfied that the user has verified his or her identity.
 
 * 
-**With a subpoena**:
+**With a subpoena:**
 If served with a valid subpoena, civil investigative demand, or similar legal process issued in connection with an official criminal or civil investigation, we can provide certain non-public account information, which may include:
 
   * Name(s) associated with the account
@@ -177,7 +177,7 @@ In the case of organization accounts, we can provide the name(s) and email addre
 Please note that the information available will vary from case to case. Some of the information is optional for users to provide. In other cases, we may not have collected or retained the information.
 
 * 
-**With a court order _or_ a search warrant**: We will not disclose account access logs unless compelled to do so by either
+**With a court order _or_ a search warrant:** We will not disclose account access logs unless compelled to do so by either
 (i) a court order issued under 18 U.S.C. Section 2703(d), upon a showing of specific and articulable facts showing that there are reasonable grounds to believe that the information sought is relevant and material to an ongoing criminal investigation; or
 (ii) a search warrant issued under the procedures described in the Federal Rules of Criminal Procedure or equivalent state warrant procedures, upon a showing of probable cause.
 In addition to the non-public account information listed above, we can provide account access logs in response to a court order or search warrant, which may include:
@@ -188,7 +188,7 @@ In addition to the non-public account information listed above, we can provide a
   * Security access logs other than account creation or for a specific time and date
 
 * 
-**Only with a search warrant**:
+**Only with a search warrant:**
 We will not disclose the private contents of any account unless compelled to do so under a search warrant issued under the procedures described in the Federal Rules of Criminal Procedure or equivalent state warrant procedures upon a showing of probable cause.
 In addition to the non-public account information and account access logs mentioned above, we will also provide private account contents in response to a search warrant, which may include:
 
@@ -199,7 +199,7 @@ In addition to the non-public account information and account access logs mentio
   * Any security keys used for authentication or encryption
 
 * 
-**Under exigent circumstances**:
+**Under exigent circumstances:**
 If we receive a request for information under certain exigent circumstances (where we believe the disclosure is necessary to prevent an emergency involving danger of death or serious physical injury to a person), we may disclose limited information that we determine necessary to enable law enforcement to address the emergency. For any information beyond that, we would require a subpoena, search warrant, or court order, as described above. For example, we will not disclose contents of private repositories without a search warrant. Before disclosing information, we confirm that the request came from a law enforcement agency, an authority sent an official notice summarizing the emergency, and how the information requested will assist in addressing the emergency.
 
 ## Cost reimbursement
diff --git a/data/features/dependabot-private-registries.yml b/data/features/dependabot-private-registries.yml
deleted file mode 100644
index 92c86d8a2b1b..000000000000
--- a/data/features/dependabot-private-registries.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# Reference: Issue #8535 Dependabot does not access public registries when the user has configured private registries
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '>=3.8'
diff --git a/data/features/dependabot-security-updates-npm.yml b/data/features/dependabot-security-updates-npm.yml
deleted file mode 100644
index 3674b3983660..000000000000
--- a/data/features/dependabot-security-updates-npm.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '>=3.8'
diff --git a/data/features/dependabot-security-updates-unlock-transitive-dependencies.yml b/data/features/dependabot-security-updates-unlock-transitive-dependencies.yml
deleted file mode 100644
index e1cab4855e28..000000000000
--- a/data/features/dependabot-security-updates-unlock-transitive-dependencies.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# Reference: Issue #7084 Dependabot unlocks parent dependencies on updates
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '>=3.8'
diff --git a/data/features/dependabot-updates-actions-reusable-workflows.yml b/data/features/dependabot-updates-actions-reusable-workflows.yml
deleted file mode 100644
index 29fcb87506be..000000000000
--- a/data/features/dependabot-updates-actions-reusable-workflows.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# Reference: Issue #9693 -  Dependabot Updates now can keep {% data variables.product.prodname_actions %} reusable workflows up to date - [GA]
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '>3.8'
diff --git a/data/features/dependabot-updates-paused.yml b/data/features/dependabot-updates-paused.yml
deleted file mode 100644
index 4d82773e79f9..000000000000
--- a/data/features/dependabot-updates-paused.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# Reference: Issue #10199 - Dependabot: automatic, rolling opt-out for inactivity (Version updates, Security updates) - [GA]
-versions:
-  fpt: '*'
-  ghec: '*'
-  ghes: '>3.9'
diff --git a/data/release-notes/enterprise-server/3-10/19.yml b/data/release-notes/enterprise-server/3-10/19.yml
deleted file mode 100644
index 7ac6e1e21477..000000000000
--- a/data/release-notes/enterprise-server/3-10/19.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-date: '2024-11-07'
-sections:
-  security_fixes:
-    - |
-      **HIGH**: An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, allowing unauthorized provisioning of users and access to the instance, by exploiting an improper verification of cryptographic signatures vulnerability in GitHub Enterprise Server. This is a follow up fix for [CVE-2024-9487](https://www.cve.org/cverecord?id=CVE-2024-9487) to further harden the encrypted assertions feature against this type of attack. Please note that encrypted assertions are not enabled by default. Instances not utilizing SAML SSO, or utilizing SAML SSO authentication without encrypted assertions, are not impacted. Additionally, an attacker would require direct network access as well as a signed SAML response or metadata document to exploit this vulnerability.
-  known_issues:
-    - |
-      Custom firewall rules are removed during the upgrade process.
-    - |
-      During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start.
-    - |
-      If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)."
-    - |
-      The `mbind: Operation not permitted` error in the `/var/log/mysql/mysql.err` file can be ignored. MySQL 8 does not gracefully handle when the `CAP_SYS_NICE` capability isn't required, and outputs an error instead of a warning.
-    - |
-      {% data reusables.release-notes.2023-11-aws-system-time %}
-    - |
-      On an instance with the HTTP `X-Forwarded-For` header configured for use behind a load balancer, all client IP addresses in the instance's audit log erroneously appear as 127.0.0.1.
-    - |
-      {% data reusables.release-notes.2023-10-git-push-made-but-not-registered %}
-    - |
-      {% data reusables.release-notes.large-adoc-files-issue %}
-    - |
-      {% data reusables.release-notes.2024-01-haproxy-upgrade-causing-increased-errors %}
-    - |
-      The `reply.[HOSTNAME]` subdomain is falsely always displaying as having no SSL and DNS record, when testing the domain settings via the Management Console without subdomain isolation.
-    - |
-      Admin stats REST API endpoints may timeout on appliances with many users or repositories. Retrying the request until data is returned is advised.
-    - |
-      {% data reusables.release-notes.2024-06-possible-frontend-5-minute-outage-during-hotpatch-upgrade %}
-    - |
-      When restoring from a backup snapshot, a large number of `mapper_parsing_exception` errors may be displayed.
-    - |
-      Services may respond with a `503` status due to an out of date `haproxy` configuration. This can usually be resolved with a `ghe-config-apply` run.
diff --git a/data/reusables/actions/about-actions-metrics.md b/data/reusables/actions/about-actions-metrics.md
index e7eb3ae2dfcf..4cd3ef8e7efe 100644
--- a/data/reusables/actions/about-actions-metrics.md
+++ b/data/reusables/actions/about-actions-metrics.md
@@ -1,5 +1,5 @@
 ## About {% data variables.product.prodname_actions %} metrics
 
 {% data variables.product.prodname_actions %} metrics provide insights into how your workflows and jobs are performing at the organization and repository levels. There are two types of metrics to help you analyze different aspects of your workflows:
-* **{% data variables.product.prodname_actions %} usage metrics**: Usage metrics help you track how many minutes your workflows and jobs consume. You can use this data to understand the cost of running Actions and ensure you're staying within your plan limits. This is especially useful for identifying high-usage workflows or repositories.
-* **{% data variables.product.prodname_actions %} performance metrics**: Performance metrics focus on the efficiency and reliability of your workflows and jobs. With performance metrics, you can monitor key indicators like job run times, queue times, and failure rates to identify bottlenecks, slow-running jobs, or frequently failing workflows.
+* **{% data variables.product.prodname_actions %} usage metrics:** Usage metrics help you track how many minutes your workflows and jobs consume. You can use this data to understand the cost of running Actions and ensure you're staying within your plan limits. This is especially useful for identifying high-usage workflows or repositories.
+* **{% data variables.product.prodname_actions %} performance metrics:** Performance metrics focus on the efficiency and reliability of your workflows and jobs. With performance metrics, you can monitor key indicators like job run times, queue times, and failure rates to identify bottlenecks, slow-running jobs, or frequently failing workflows.
diff --git a/data/reusables/actions/add-hosted-runner.md b/data/reusables/actions/add-hosted-runner.md
index 678247bf8699..4c6c2e3b0156 100644
--- a/data/reusables/actions/add-hosted-runner.md
+++ b/data/reusables/actions/add-hosted-runner.md
@@ -1,15 +1,15 @@
 1. Click **New runner**, then click **{% octicon "mark-github" aria-hidden="true" %} New {% data variables.product.prodname_dotcom %}-hosted runner**.
 1. Complete the required details to configure your new runner:
 
-    * **Name**: Enter a name for your new runner. For easier identification, this should indicate its hardware and operating configuration, such as `ubuntu-20.04-16core`.
-    * **Platform**: Choose a platform from the available options. Once you've selected a platform, you will be able to choose a specific image.
-    * **Image**: Choose an image from the available options. Once you've selected an image, you will be able to choose a specific size.
-      * **GitHub-owned**: For images managed by GitHub, select an image under this tab.
-      * **Partner**: For images managed by a partner, select an image under this tab. Windows 11 desktop and GPU-optimized images are located under this tab.
-    * **Size**: Choose a hardware configuration from the list of available options. The available sizes depend on the image that you selected in a previous step. For GPU runners, select a size under the **GPU-powered** tab.
-    * **Maximum concurrency**: Choose the maximum number of jobs that can be active at any time.
-    * **Runner group**: Choose the group that your runner will be a member of. This group will host multiple instances of your runner, as they scale up and down to suit demand. {% ifversion ghec %}
-    * **Networking**: Choose whether static IP address ranges will be assigned to instances of the {% data variables.actions.hosted_runner %}. You can use up to 10 {% data variables.actions.hosted_runner %}s with static IP addresses in total. {% endif %}
+    * **Name:** Enter a name for your new runner. For easier identification, this should indicate its hardware and operating configuration, such as `ubuntu-20.04-16core`.
+    * **Platform:** Choose a platform from the available options. Once you've selected a platform, you will be able to choose a specific image.
+    * **Image:** Choose an image from the available options. Once you've selected an image, you will be able to choose a specific size.
+      * **GitHub-owned:** For images managed by GitHub, select an image under this tab.
+      * **Partner:** For images managed by a partner, select an image under this tab. Windows 11 desktop and GPU-optimized images are located under this tab.
+    * **Size:** Choose a hardware configuration from the list of available options. The available sizes depend on the image that you selected in a previous step. For GPU runners, select a size under the **GPU-powered** tab.
+    * **Maximum concurrency:** Choose the maximum number of jobs that can be active at any time.
+    * **Runner group:** Choose the group that your runner will be a member of. This group will host multiple instances of your runner, as they scale up and down to suit demand. {% ifversion ghec %}
+    * **Networking:** Choose whether static IP address ranges will be assigned to instances of the {% data variables.actions.hosted_runner %}. You can use up to 10 {% data variables.actions.hosted_runner %}s with static IP addresses in total. {% endif %}
 
     {% data reusables.actions.larger-runner-name-note %}
 
diff --git a/data/reusables/actions/apply-configuration-and-enable.md b/data/reusables/actions/apply-configuration-and-enable.md
deleted file mode 100644
index 6b5d01b81127..000000000000
--- a/data/reusables/actions/apply-configuration-and-enable.md
+++ /dev/null
@@ -1,5 +0,0 @@
-1. To apply the configuration and enable {% data variables.product.prodname_actions %} to connect to your external storage provider, enter the following command.
-
-   ```shell copy
-   ghe-config-apply
-   ```
diff --git a/data/reusables/actions/azure-vnet-hosted-compute-troubleshooting.md b/data/reusables/actions/azure-vnet-hosted-compute-troubleshooting.md
index 3d8228dcee3a..7ef8f8d8ecfb 100644
--- a/data/reusables/actions/azure-vnet-hosted-compute-troubleshooting.md
+++ b/data/reusables/actions/azure-vnet-hosted-compute-troubleshooting.md
@@ -68,6 +68,20 @@ VNetInjectionSubnetIsFull
 
 To fix this, either increase the size of the subnet you are using or reduce the pool's maximum runner count to match your subnet size.
 
+### Cannot delete subnet
+
+In some cases, a subnet cannot be deleted because it has a Service Association Link (SAL) applied to it. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization#deleting-a-subnet)."
+
+If you need to identify the network settings resource associated with the subnet, you can run the following `curl` command.
+To obtain an Azure Entra token, please refer to the [Azure documentation](https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli). Use the same `api-version` you used to create the resource.
+
+```shell
+curl --request GET \
+  --url "https://management.azure.com/subscriptions/{subscriptionId}/providers/GitHub.Network/NetworkSettings?api-version={api-version}&subnetId={subnetId}" \
+  --header 'Content-Type: application/json' \
+  --header "Authorization: Bearer {entra_token}"
+```
+
 ### Incorrect NSG or firewall rules
 
 The "Configuring your Azure resources" procedures list the required openings. However, you may have complex production networks with multiple downstream proxies or firewalls.
diff --git a/data/reusables/actions/enterprise-gcp-storage-credential-fields.md b/data/reusables/actions/enterprise-gcp-storage-credential-fields.md
index 67b93bef4832..75d0036d40f4 100644
--- a/data/reusables/actions/enterprise-gcp-storage-credential-fields.md
+++ b/data/reusables/actions/enterprise-gcp-storage-credential-fields.md
@@ -1,3 +1,3 @@
-* **Service URL**: The service URL for your bucket. This is usually `https://storage.googleapis.com`.
-* **Bucket Name**: The name of your bucket.
-* **HMAC Access Id** and **HMAC Secret**: The Google Cloud access ID and secret for your storage account. For more information, see "[Manage HMAC keys for service accounts](https://cloud.google.com/storage/docs/authentication/managing-hmackeys)" in the Google Cloud documentation.
+* **Service URL:** The service URL for your bucket. This is usually `https://storage.googleapis.com`.
+* **Bucket Name:** The name of your bucket.
+* **HMAC Access Id and HMAC Secret:** The Google Cloud access ID and secret for your storage account. For more information, see "[Manage HMAC keys for service accounts](https://cloud.google.com/storage/docs/authentication/managing-hmackeys)" in the Google Cloud documentation.
diff --git a/data/reusables/actions/enterprise-minio-storage-credential-fields.md b/data/reusables/actions/enterprise-minio-storage-credential-fields.md
index 5915bb671ef9..57ed2dfd0896 100644
--- a/data/reusables/actions/enterprise-minio-storage-credential-fields.md
+++ b/data/reusables/actions/enterprise-minio-storage-credential-fields.md
@@ -1,3 +1,3 @@
-* **AWS Service URL**: The URL to your MinIO service. For example, `https://my-minio.example:9000`.
-* **AWS S3 Bucket**: The name of your S3 bucket.
-* **AWS S3 Access Key** and **AWS S3 Secret Key**: The `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY` used for your MinIO instance.
+* **AWS Service URL:** The URL to your MinIO service. For example, `https://my-minio.example:9000`.
+* **AWS S3 Bucket:** The name of your S3 bucket.
+* **AWS S3 Access Key and AWS S3 Secret Key:** The `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY` used for your MinIO instance.
diff --git a/data/reusables/actions/enterprise-s3-storage-credential-fields.md b/data/reusables/actions/enterprise-s3-storage-credential-fields.md
index 2ec8c89eb79b..a489441ddd1d 100644
--- a/data/reusables/actions/enterprise-s3-storage-credential-fields.md
+++ b/data/reusables/actions/enterprise-s3-storage-credential-fields.md
@@ -1,5 +1,5 @@
-* **AWS Service URL**: The service URL for your bucket. For example, if your S3 bucket was created in the `us-west-2` region, this value should be `https://s3.us-west-2.amazonaws.com`.
+* **AWS Service URL:** The service URL for your bucket. For example, if your S3 bucket was created in the `us-west-2` region, this value should be `https://s3.us-west-2.amazonaws.com`.
 
   For more information, see "[AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html)" in the AWS documentation.
-* **AWS S3 Bucket**: The name of your S3 bucket.
-* **AWS S3 Access Key** and **AWS S3 Secret Key**: The AWS access key ID and secret key for your bucket.
+* **AWS S3 Bucket:** The name of your S3 bucket.
+* **AWS S3 Access Key and AWS S3 Secret Key:** The AWS access key ID and secret key for your bucket.
diff --git a/data/reusables/actions/github-hosted-runners-navigate-to-repo-org-enterprise.md b/data/reusables/actions/github-hosted-runners-navigate-to-repo-org-enterprise.md
index ce5d1a319223..d9e6ca974da1 100644
--- a/data/reusables/actions/github-hosted-runners-navigate-to-repo-org-enterprise.md
+++ b/data/reusables/actions/github-hosted-runners-navigate-to-repo-org-enterprise.md
@@ -4,9 +4,9 @@
 1. In the left sidebar, click **Actions**, then click **Runners**.
 {% elsif ghec %}
 1. Navigate to your runner settings:
-   * **In an organization or repository**: Navigate to the main page, then click **{% octicon "gear" aria-hidden="true" %} Settings**.
-   * **If using an enterprise account**: Navigate to your enterprise account by clicking your profile photo in the top-right corner of {% data variables.product.github %}, then clicking **Your enterprises**, then clicking the enterprise.
+   * **In an organization or repository:** Navigate to the main page, then click **{% octicon "gear" aria-hidden="true" %} Settings**.
+   * **If using an enterprise account:** Navigate to your enterprise account by clicking your profile photo in the top-right corner of {% data variables.product.github %}, then clicking **Your enterprises**, then clicking the enterprise.
 1. Navigate to the {% data variables.product.prodname_actions %} settings:
-   * **In an organization or repository**: Click **Actions** in the left sidebar, then click **Runners**.
-   * **If using an enterprise account**: In the left sidebar, click **"{% octicon "law" aria-hidden="true" %} Policies"**, then click **Actions**, then click the **Runners** tab.
+   * **In an organization or repository:** Click **Actions** in the left sidebar, then click **Runners**.
+   * **If using an enterprise account:** In the left sidebar, click **"{% octicon "law" aria-hidden="true" %} Policies"**, then click **Actions**, then click the **Runners** tab.
 {% endif %}
diff --git a/data/reusables/actions/larger-runners-troubleshooting-linux-windows.md b/data/reusables/actions/larger-runners-troubleshooting-linux-windows.md
index c8cf7a0587be..e6f4f9ae0e42 100644
--- a/data/reusables/actions/larger-runners-troubleshooting-linux-windows.md
+++ b/data/reusables/actions/larger-runners-troubleshooting-linux-windows.md
@@ -1,8 +1,8 @@
 If you notice the jobs that target your {% data variables.actions.hosted_runner %}s are delayed or not running, there are several factors that may be causing this.
 
-* **Concurrency settings**: You may have reached your maximum concurrency limit. If you would like to enable more jobs to run in parallel, you can update your autoscaling settings to a larger number. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#configuring-autoscaling-for-larger-runners)."
-* **Repository permissions**: Ensure you have the appropriate repository permissions enabled for your {% data variables.actions.hosted_runner %}s. By default, enterprise runners are not available at the repository level and must be manually enabled by an organization administrator. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#allowing-repositories-to-access-larger-runners)."
-* **Billing information**: You must have a valid credit card on file in order to use {% data variables.actions.hosted_runner %}s. After adding a credit card to your account, it can take up to 10 minutes to enable the use of your {% data variables.actions.hosted_runner %}s. For more information, see "[AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method)."
-* **Spending limit**: Your {% data variables.product.prodname_actions %} spending limit must be set to a value greater than zero. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/managing-your-spending-limit-for-github-actions)."
-* **Fair use policy**: {% data variables.product.company_short %} has a fair use policy that begins to throttle jobs based on several factors, such as how many jobs you are running or how many jobs are running across the entirety of {% data variables.product.prodname_actions %}.
-* **Job queue to assign time**: Job queue to assign time refers to the time between a job request and {% data variables.product.company_short %} assigning a VM to execute the job. Standard {% data variables.product.company_short %}-hosted runners utilizing prescribed YAML workflow labels (such as `ubuntu-latest`) are always in a "warm" state. With larger runners, a warm machine may not be ready to pick up a job on first request as the pools for these machines are smaller. As a result, {% data variables.product.company_short %} may need to create a new VM, which increases the queue to assign time. Once a runner is in use, VMs are readily for subsequent workflow runs, reducing the queue to assign time for future workflow runs over the next 24 hours.
+* **Concurrency settings:** You may have reached your maximum concurrency limit. If you would like to enable more jobs to run in parallel, you can update your autoscaling settings to a larger number. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#configuring-autoscaling-for-larger-runners)."
+* **Repository permissions:** Ensure you have the appropriate repository permissions enabled for your {% data variables.actions.hosted_runner %}s. By default, enterprise runners are not available at the repository level and must be manually enabled by an organization administrator. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#allowing-repositories-to-access-larger-runners)."
+* **Billing information:** You must have a valid credit card on file in order to use {% data variables.actions.hosted_runner %}s. After adding a credit card to your account, it can take up to 10 minutes to enable the use of your {% data variables.actions.hosted_runner %}s. For more information, see "[AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method)."
+* **Spending limit:** Your {% data variables.product.prodname_actions %} spending limit must be set to a value greater than zero. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/managing-your-spending-limit-for-github-actions)."
+* **Fair use policy:** {% data variables.product.company_short %} has a fair use policy that begins to throttle jobs based on several factors, such as how many jobs you are running or how many jobs are running across the entirety of {% data variables.product.prodname_actions %}.
+* **Job queue to assign time:** Job queue to assign time refers to the time between a job request and {% data variables.product.company_short %} assigning a VM to execute the job. Standard {% data variables.product.company_short %}-hosted runners utilizing prescribed YAML workflow labels (such as `ubuntu-latest`) are always in a "warm" state. With larger runners, a warm machine may not be ready to pick up a job on first request as the pools for these machines are smaller. As a result, {% data variables.product.company_short %} may need to create a new VM, which increases the queue to assign time. Once a runner is in use, VMs are readily for subsequent workflow runs, reducing the queue to assign time for future workflow runs over the next 24 hours.
diff --git a/data/reusables/actions/more-resources-for-ghes.md b/data/reusables/actions/more-resources-for-ghes.md
index c9af14e5a724..7e210b31480a 100644
--- a/data/reusables/actions/more-resources-for-ghes.md
+++ b/data/reusables/actions/more-resources-for-ghes.md
@@ -1,8 +1,8 @@
 If you plan to enable {% data variables.product.prodname_actions %} or {% data variables.product.prodname_GH_advanced_security %} for the users of your instance, more resources are required.
 
-* {% data variables.product.prodname_actions %} - increase CPU and memory by 25%
-* {% data variables.product.prodname_GH_advanced_security %} - increase CPU and memory by 15%
+* {% data variables.product.prodname_actions %} - increase both CPU and memory by at least 25%
+* {% data variables.product.prodname_GH_advanced_security %} - increase both CPU and memory by at least 25%
 
-These adjustments should be applied to the base requirements for each user tier.
+These adjustments should be applied to the base requirements for each user tier. We recommend monitoring all changes to your resources, as further increases may be needed.
 
 For more information about these requirements, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)."
diff --git a/data/reusables/actions/org-roles-for-gh-actions.md b/data/reusables/actions/org-roles-for-gh-actions.md
index ba6be335f2b2..b95401086cdb 100644
--- a/data/reusables/actions/org-roles-for-gh-actions.md
+++ b/data/reusables/actions/org-roles-for-gh-actions.md
@@ -2,5 +2,5 @@ For {% data variables.product.prodname_actions %}, you can enable any of the fol
 
 * **Manage organization Actions policies:** Access to manage all settings on the "Actions General" settings page, except for self-hosted runners settings.
 * **Manage organization runners and runner groups:** Access to create and manage GitHub-hosted runners, self-hosted runners, and runner groups, and control where self-hosted runners can be created.
-* **Manage organization Actions secrets**: Access to create and manage Actions organization secrets.
-* **Manage organization Actions variables**: Access to create and manage Actions organization variables.
+* **Manage organization Actions secrets:** Access to create and manage Actions organization secrets.
+* **Manage organization Actions variables:** Access to create and manage Actions organization variables.
diff --git a/data/reusables/actions/self-hosted-runner-management-permissions-required.md b/data/reusables/actions/self-hosted-runner-management-permissions-required.md
index db0e353bbed5..b91f29948519 100644
--- a/data/reusables/actions/self-hosted-runner-management-permissions-required.md
+++ b/data/reusables/actions/self-hosted-runner-management-permissions-required.md
@@ -1,9 +1,9 @@
 A self-hosted runner can be located in either your repository, organization, or {% ifversion fpt or ghec %}enterprise account settings on {% data variables.product.prodname_dotcom %}{% elsif ghes %} enterprise settings on {% data variables.product.prodname_ghe_server %}{% endif %}. To manage a self-hosted runner, you must have the following permissions, depending on where the self-hosted runner was added:
-* **User repository**: You must be the repository owner.
-* **Organization**: You must be an organization owner.
-* **Organization repository**: You must be an organization owner, or have admin access to the repository.
+* **User repository:** You must be the repository owner.
+* **Organization:** You must be an organization owner.
+* **Organization repository:** You must be an organization owner, or have admin access to the repository.
 {% ifversion ghec %}
-* **Enterprise account**: You must be an enterprise owner.
+* **Enterprise account:** You must be an enterprise owner.
 {% elsif ghes %}
-* **Enterprise**: You must be a {% data variables.product.prodname_enterprise %} site administrator.
+* **Enterprise:** You must be a {% data variables.product.prodname_enterprise %} site administrator.
 {% endif %}
diff --git a/data/reusables/code-scanning/enabling-options.md b/data/reusables/code-scanning/enabling-options.md
index 0c13aec193bd..69ab845cced5 100644
--- a/data/reusables/code-scanning/enabling-options.md
+++ b/data/reusables/code-scanning/enabling-options.md
@@ -1,2 +1,2 @@
-* **{% data variables.product.prodname_codeql %}**: Uses {% data variables.product.prodname_actions %} with either default setup (see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)") or advanced setup (see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-advanced-setup-for-code-scanning-with-codeql)"), or runs {% data variables.product.prodname_codeql %} analysis in a third-party continuous integration (CI) system (see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system)").
-* **Third‑party**: Uses {% data variables.product.prodname_actions %} {% ifversion fpt or ghec %}(see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-workflows)") {% endif %}or third-party tools and uploads results to {% data variables.product.product_name %} (see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github)").
+* **{% data variables.product.prodname_codeql %}:** Uses {% data variables.product.prodname_actions %} with either default setup (see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)") or advanced setup (see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-advanced-setup-for-code-scanning-with-codeql)"), or runs {% data variables.product.prodname_codeql %} analysis in a third-party continuous integration (CI) system (see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system)").
+* **Third‑party:** Uses {% data variables.product.prodname_actions %} {% ifversion fpt or ghec %}(see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-workflows)") {% endif %}or third-party tools and uploads results to {% data variables.product.product_name %} (see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github)").
diff --git a/data/reusables/codespaces/devcontainer-properties-1.md b/data/reusables/codespaces/devcontainer-properties-1.md
index 4af2abd60b2d..23a037fc65ed 100644
--- a/data/reusables/codespaces/devcontainer-properties-1.md
+++ b/data/reusables/codespaces/devcontainer-properties-1.md
@@ -1,4 +1,4 @@
-* **name**: You can name your dev container anything you want. A default value is supplied.
-* **image**: The name of an image in a container registry ([DockerHub](https://hub.docker.com/), [{% data variables.product.prodname_dotcom %} {% data variables.product.prodname_container_registry %}](/packages/learn-github-packages/introduction-to-github-packages), or [Azure Container Registry](https://azure.microsoft.com/services/container-registry/)) that will be used to create the dev container for the codespace.
-* **features**: A list of one or more objects, each of which references one of the available dev container features. Features are self-contained, shareable units of installation code and development container configuration. They provide an easy way to add more tooling, runtime, or library features to your development container. You can add features either within {% data variables.product.prodname_vscode_shortname %} or in the `devcontainer.json` editor on {% data variables.product.github %}. For more information, click either the **{% data variables.product.prodname_vscode %}** or **Web browser** tab in "[AUTOTITLE](/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/adding-features-to-a-devcontainer-file?tool=webui)."
-* **forwardPorts**: Any ports listed here will be forwarded automatically. For more information, see "[AUTOTITLE](/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace)."
+* **name:** You can name your dev container anything you want. A default value is supplied.
+* **image:** The name of an image in a container registry ([DockerHub](https://hub.docker.com/), [{% data variables.product.prodname_dotcom %} {% data variables.product.prodname_container_registry %}](/packages/learn-github-packages/introduction-to-github-packages), or [Azure Container Registry](https://azure.microsoft.com/services/container-registry/)) that will be used to create the dev container for the codespace.
+* **features:** A list of one or more objects, each of which references one of the available dev container features. Features are self-contained, shareable units of installation code and development container configuration. They provide an easy way to add more tooling, runtime, or library features to your development container. You can add features either within {% data variables.product.prodname_vscode_shortname %} or in the `devcontainer.json` editor on {% data variables.product.github %}. For more information, click either the **{% data variables.product.prodname_vscode %}** or **Web browser** tab in "[AUTOTITLE](/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/adding-features-to-a-devcontainer-file?tool=webui)."
+* **forwardPorts:** Any ports listed here will be forwarded automatically. For more information, see "[AUTOTITLE](/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace)."
diff --git a/data/reusables/codespaces/devcontainer-properties-2.md b/data/reusables/codespaces/devcontainer-properties-2.md
index 3cc1a08a6ffb..a1a9b6c8d177 100644
--- a/data/reusables/codespaces/devcontainer-properties-2.md
+++ b/data/reusables/codespaces/devcontainer-properties-2.md
@@ -1,3 +1,3 @@
-* **postCreateCommand**: Use this property to run commands after your codespace is created. This can be formatted as a string (as above), an array, or an object. For more information, see the [dev containers specification](https://containers.dev/implementors/json_reference/#lifecycle-scripts) on the Development Containers website.
-* **customizations**: This property allows you to customize a specific tool or service when it is used for working in a codespace. For example, you can configure specific settings and extensions for {% data variables.product.prodname_vscode_shortname %}. For more information, see "[Supporting tools and services](https://containers.dev/supporting)" on the Development Containers website.
-* **remoteUser**: By default, you’re running as the vscode user, but you can optionally set this to root.
+* **postCreateCommand:** Use this property to run commands after your codespace is created. This can be formatted as a string (as above), an array, or an object. For more information, see the [dev containers specification](https://containers.dev/implementors/json_reference/#lifecycle-scripts) on the Development Containers website.
+* **customizations:** This property allows you to customize a specific tool or service when it is used for working in a codespace. For example, you can configure specific settings and extensions for {% data variables.product.prodname_vscode_shortname %}. For more information, see "[Supporting tools and services](https://containers.dev/supporting)" on the Development Containers website.
+* **remoteUser:** By default, you’re running as the vscode user, but you can optionally set this to root.
diff --git a/data/reusables/community/types-of-interaction-limits.md b/data/reusables/community/types-of-interaction-limits.md
index 4f74190474eb..a841be827cab 100644
--- a/data/reusables/community/types-of-interaction-limits.md
+++ b/data/reusables/community/types-of-interaction-limits.md
@@ -1,4 +1,4 @@
 There are three types of interaction limits.
-* **Limit to existing users**: Limits activity for users with accounts that are less than 24 hours old who do not have prior contributions and are not collaborators.
-* **Limit to prior contributors**: Limits activity for users who have not previously contributed to the default branch of the repository and are not collaborators.
-* **Limit to repository collaborators**: Limits activity for users who do not have write access to the repository.
+* **Limit to existing users:** Limits activity for users with accounts that are less than 24 hours old who do not have prior contributions and are not collaborators.
+* **Limit to prior contributors:** Limits activity for users who have not previously contributed to the default branch of the repository and are not collaborators.
+* **Limit to repository collaborators:** Limits activity for users who do not have write access to the repository.
diff --git a/data/reusables/copilot/assess-copilot-suggestion.md b/data/reusables/copilot/assess-copilot-suggestion.md
index b25c7eeb256e..ba3471702815 100644
--- a/data/reusables/copilot/assess-copilot-suggestion.md
+++ b/data/reusables/copilot/assess-copilot-suggestion.md
@@ -1,4 +1,4 @@
 1. Assess {% data variables.product.prodname_copilot_short %}'s suggestion and, if you agree with the change:
 
    * **In {% data variables.product.prodname_vscode_shortname %} and {% data variables.product.prodname_vs %}:** Click **Accept**.
-   * **In JetBrains**: Click the Preview icon (double arrows), then click the Apply All Diffs icon (double angle brackets).
+   * **In JetBrains:** Click the Preview icon (double arrows), then click the Apply All Diffs icon (double angle brackets).
diff --git a/data/reusables/copilot/chat-about-specific-lines.md b/data/reusables/copilot/chat-about-specific-lines.md
new file mode 100644
index 000000000000..56e0e5d16bad
--- /dev/null
+++ b/data/reusables/copilot/chat-about-specific-lines.md
@@ -0,0 +1,31 @@
+1. On {% data variables.product.github %}, navigate to a repository and open a file.
+1. Do one of the following:
+   * To ask a question about the **entire file**, click the {% data variables.product.prodname_copilot_short %} icon ({% octicon "copilot" aria-hidden="true" %}) at the top right of the file view.
+
+     ![Screenshot of the {% data variables.product.prodname_copilot_short %} button, highlighted with a dark orange outline, at the top of the file view.](/assets/images/help/copilot/copilot-button-for-file.png)
+
+   * To ask a question about **specific lines** within the file:
+
+     1. Click the line number for the first line you want to ask about, hold down Shift, then click the line number for the last line you want to select.
+     1. To ask your own question about the selected lines, click the {% data variables.product.prodname_copilot_short %} icon ({% octicon "copilot" aria-hidden="true" %}) to the right of your selection, then type your question in the {% data variables.product.prodname_copilot_chat %} panel.
+     1. To ask a predefined question, click the drop-down menu beside the {% data variables.product.prodname_copilot_short %} icon, then choose one of the options.
+
+     ![Screenshot of the {% data variables.product.prodname_copilot_short %} buttons, highlighted with a dark orange outline, to the right of some selected code.](/assets/images/help/copilot/copilot-buttons-inline-code.png)
+
+1. If you clicked the {% data variables.product.prodname_copilot_short %} icon, type a question in the "Ask {% data variables.product.prodname_copilot_short %}" box at the bottom of the chat panel and press Enter.
+
+   For example, if you are asking about the entire file, you could enter:
+   * `Explain this file.`
+   * `How could I improve this code?`
+   * `How can I test this script?`
+
+   If you are asking about specific lines, you could enter:
+   * `Explain the function at the selected lines.`
+   * `How could I improve this class?`
+   * `Add error handling to this code.`
+   * `Write a unit test for this method.`
+
+   {% data variables.product.prodname_copilot_short %} responds to your request in the panel.
+
+{% data reusables.copilot.stop-response-generation %}
+1. You can continue the conversation by asking a follow-up question. For example, you could type "tell me more" to get {% data variables.product.prodname_copilot_short %} to expand on its last comment.
diff --git a/data/reusables/copilot/copilot-chat-models-list.md b/data/reusables/copilot/copilot-chat-models-list.md
index d5b89de8cb58..f1332fa58307 100644
--- a/data/reusables/copilot/copilot-chat-models-list.md
+++ b/data/reusables/copilot/copilot-chat-models-list.md
@@ -1,9 +1,9 @@
 The following models are currently available through multi-model {% data variables.product.prodname_copilot_chat_short %}:
 
-* **GPT 4o**: This is the default {% data variables.product.prodname_copilot_chat_short %} model. It is a versatile, multimodal model that excels in both text and image processing and is designed to provide fast, reliable responses. It also has superior performance in non-English languages. Learn more about the [model's capabilities](https://platform.openai.com/docs/models/gpt-4o) and review the [model card](https://openai.com/index/gpt-4o-system-card/). Gpt-4o is hosted on Azure.
-* **{% data variables.copilot.copilot_claude_sonnet %}**: This model excels at coding tasks across the entire software development lifecycle, from initial design to bug fixes, maintenance to optimizations. Learn more about the [model's capabilities](https://www.anthropic.com/claude/sonnet) or read the [model card](https://assets.anthropic.com/m/61e7d27f8c8f5919/original/Claude-3-Model-Card.pdf). {% data variables.product.prodname_copilot %} uses {% data variables.copilot.copilot_claude_sonnet %} hosted on Amazon Web Services.
-* **o1-preview**: This model is focused on advanced reasoning and solving complex problems, in particular in math and science. It responds more slowly than the `gpt-4o` model. You can make 10 requests to this model per day. Learn more about the [model's capabilities](https://platform.openai.com/docs/models/o1) and review the [model card](https://openai.com/index/openai-o1-system-card/). o1-preview is hosted on Azure.
-* **o1-mini**: This is the faster version of the `o1-preview` model, balancing the use of complex reasoning with the need for faster responses. It is best suited for code generation and small context operations. You can make 50 requests to this model per day. Learn more about the [model's capabilities](https://platform.openai.com/docs/models/o1) and review the [model card](https://openai.com/index/openai-o1-system-card/). o1-mini is hosted on Azure.
+* **GPT 4o:** This is the default {% data variables.product.prodname_copilot_chat_short %} model. It is a versatile, multimodal model that excels in both text and image processing and is designed to provide fast, reliable responses. It also has superior performance in non-English languages. Learn more about the [model's capabilities](https://platform.openai.com/docs/models/gpt-4o) and review the [model card](https://openai.com/index/gpt-4o-system-card/). Gpt-4o is hosted on Azure.
+* **{% data variables.copilot.copilot_claude_sonnet %}:** This model excels at coding tasks across the entire software development lifecycle, from initial design to bug fixes, maintenance to optimizations. Learn more about the [model's capabilities](https://www.anthropic.com/claude/sonnet) or read the [model card](https://assets.anthropic.com/m/61e7d27f8c8f5919/original/Claude-3-Model-Card.pdf). {% data variables.product.prodname_copilot %} uses {% data variables.copilot.copilot_claude_sonnet %} hosted on Amazon Web Services.
+* **o1-preview:** This model is focused on advanced reasoning and solving complex problems, in particular in math and science. It responds more slowly than the `gpt-4o` model. You can make 10 requests to this model per day. Learn more about the [model's capabilities](https://platform.openai.com/docs/models/o1) and review the [model card](https://openai.com/index/openai-o1-system-card/). o1-preview is hosted on Azure.
+* **o1-mini:** This is the faster version of the `o1-preview` model, balancing the use of complex reasoning with the need for faster responses. It is best suited for code generation and small context operations. You can make 50 requests to this model per day. Learn more about the [model's capabilities](https://platform.openai.com/docs/models/o1) and review the [model card](https://openai.com/index/openai-o1-system-card/). o1-mini is hosted on Azure.
 
 For more information about the o1 models, see [Models](https://platform.openai.com/docs/models/models) in the OpenAI Platform documentation.
 
diff --git a/data/reusables/copilot/copilot-requires-subscription.md b/data/reusables/copilot/copilot-requires-subscription.md
new file mode 100644
index 000000000000..45d899e05d41
--- /dev/null
+++ b/data/reusables/copilot/copilot-requires-subscription.md
@@ -0,0 +1 @@
+You'll need a {% data variables.product.prodname_copilot %} subscription. For more information, see "[AUTOTITLE](/copilot/about-github-copilot/what-is-github-copilot#getting-access-to-copilot)."
diff --git a/data/reusables/copilot/example-prompts/responses-are-examples.md b/data/reusables/copilot/example-prompts/responses-are-examples.md
deleted file mode 100644
index ae9cc39d2762..000000000000
--- a/data/reusables/copilot/example-prompts/responses-are-examples.md
+++ /dev/null
@@ -1 +0,0 @@
-> [!NOTE] The following responses are examples. {% data variables.product.prodname_copilot_chat_short %} responses are non-deterministic, so you may get different responses from the ones shown here.
diff --git a/data/reusables/copilot/policies-for-dotcom.md b/data/reusables/copilot/policies-for-dotcom.md
index 4b7869d38904..965cd9a678da 100644
--- a/data/reusables/copilot/policies-for-dotcom.md
+++ b/data/reusables/copilot/policies-for-dotcom.md
@@ -1,5 +1,5 @@
-* **Opt in to user feedback collection**: If enabled, users can provide feedback on {% data variables.product.prodname_copilot_short %} pull request summaries. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/copilot/github-copilot-enterprise/copilot-pull-request-summaries/creating-a-pull-request-summary-with-github-copilot)."
-* **Opt in to preview features**: If enabled, users can test new {% data variables.product.prodname_copilot_short %} features that are not yet generally available. Be aware that previews of features may have flaws, and the features may be changed or discontinued at any time. Current previews of {% data variables.product.prodname_copilot_short %} features include:
+* **Opt in to user feedback collection:** If enabled, users can provide feedback on {% data variables.product.prodname_copilot_short %} pull request summaries. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/copilot/github-copilot-enterprise/copilot-pull-request-summaries/creating-a-pull-request-summary-with-github-copilot)."
+* **Opt in to preview features:** If enabled, users can test new {% data variables.product.prodname_copilot_short %} features that are not yet generally available. Be aware that previews of features may have flaws, and the features may be changed or discontinued at any time. Current previews of {% data variables.product.prodname_copilot_short %} features include:
 
   * {% data variables.product.prodname_copilot_autocomplete_pr %}. See "[AUTOTITLE](/copilot/using-github-copilot/using-copilot-text-completion)."
   * Asking {% data variables.product.prodname_copilot_short %} why a workflow has failed. See "[AUTOTITLE](/copilot/using-github-copilot/asking-github-copilot-questions-in-githubcom#ask-why-a-workflow-has-failed)."
diff --git a/data/reusables/enterprise-accounts/emu-cap-public-preview.md b/data/reusables/enterprise-accounts/emu-cap-public-preview.md
index 7ab1d460b663..adcc16b1e947 100644
--- a/data/reusables/enterprise-accounts/emu-cap-public-preview.md
+++ b/data/reusables/enterprise-accounts/emu-cap-public-preview.md
@@ -1,5 +1,3 @@
 >[!NOTE] CAP protection for web sessions is currently in {% data variables.release-phases.public_preview %} and may change.
 >
-> New enterprises that enable IdP CAP support after November 5th, 2024, will have protection for web sessions enabled by default.
->
-> Existing enterprises that already enabled IdP CAP support can opt into extended protection for web sessions from their enterprise's "Authentication security" settings.
+> If IdP CAP support is already enabled for your enterprise, you can opt into extended protection for web sessions from your enterprise's "Authentication security" settings. To enable this feature, your enterprise must have 1,000 or fewer members, active or suspended.
diff --git a/data/reusables/enterprise-migration-tool/limitations-of-migrated-data.md b/data/reusables/enterprise-migration-tool/limitations-of-migrated-data.md
index 63034fdd8c5d..14c85b86cecd 100644
--- a/data/reusables/enterprise-migration-tool/limitations-of-migrated-data.md
+++ b/data/reusables/enterprise-migration-tool/limitations-of-migrated-data.md
@@ -9,9 +9,9 @@ There are limits to what {% data variables.product.prodname_importer_proper_name
 ### Limitations of {% data variables.product.prodname_importer_proper_name %}
 
 * **10 GB size limit for a Git repository:** This limit only applies to the source code. To check if the repository archive is over the limit, use the [git-sizer](https://github.com/github/git-sizer) tool and review the total blob size in the output. The git-sizer tool also helps to identify potential issues related to large files, blob size, commit size, and tree counts that could impact migrations.
-* **10 GB limit for metadata**: The {% data variables.product.prodname_importer_secondary_name %} cannot migrate repositories with more than 10 GB of metadata. Metadata includes issues, pull requests, releases, and attachments. In most cases, large metadata is caused by binary assets attached to releases. You can exclude releases from the migration with the `migrate-repo` command's `--skip-releases` flag, and then move your releases manually after the migration.
-* **{% data variables.large_files.product_name_short %} objects not migrated**: The {% data variables.product.prodname_importer_secondary_name %} can migrate repositories that use {% data variables.large_files.product_name_short %}, but the LFS objects themselves will not be migrated. They can be pushed to your migration destination as a follow-up task after the migration is complete. For more information, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/duplicating-a-repository#mirroring-a-repository-that-contains-git-large-file-storage-objects)."
+* **10 GB limit for metadata:** The {% data variables.product.prodname_importer_secondary_name %} cannot migrate repositories with more than 10 GB of metadata. Metadata includes issues, pull requests, releases, and attachments. In most cases, large metadata is caused by binary assets attached to releases. You can exclude releases from the migration with the `migrate-repo` command's `--skip-releases` flag, and then move your releases manually after the migration.
+* **{% data variables.large_files.product_name_short %} objects not migrated:** The {% data variables.product.prodname_importer_secondary_name %} can migrate repositories that use {% data variables.large_files.product_name_short %}, but the LFS objects themselves will not be migrated. They can be pushed to your migration destination as a follow-up task after the migration is complete. For more information, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/duplicating-a-repository#mirroring-a-repository-that-contains-git-large-file-storage-objects)."
 * **Follow-up tasks required:** When migrating between {% data variables.product.prodname_dotcom %} products, certain settings are not migrated and must be reconfigured in the new repository. For a list of follow-up tasks you'll need to complete after each migration, see "[AUTOTITLE](/migrations/using-github-enterprise-importer/migrating-between-github-products/overview-of-a-migration-between-github-products#completing-follow-up-tasks)."
 * **Delayed code search functionality:** Re-indexing the search index can take a few hours after a repository is migrated, and code searches may return unexpected results until re-indexing is complete.
-* **Rulesets configured for your organization can cause migrations to fail**: For example, if you configured a rule that requires email addresses for commit authors to end with `@monalisa.cat`, and the repository you're migrating contains commits that don't comply with this rule, your migration will fail. For more information about rulesets, see "[AUTOTITLE](/enterprise-cloud@latest/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets)."
-* **Mannequin content might not be searchable**: Mannequins are placeholder users to which imported content (such as issues, pull requests, comments, etc.) is associated. When you search for content associated with a mannequin, such as assigned issues, the issues may not be found. Once a mannequin is reclaimed, the content should be found via the new owner. For more information, see "[AUTOTITLE](/migrations/using-github-enterprise-importer/completing-your-migration-with-github-enterprise-importer/reclaiming-mannequins-for-github-enterprise-importer)."
+* **Rulesets configured for your organization can cause migrations to fail:** For example, if you configured a rule that requires email addresses for commit authors to end with `@monalisa.cat`, and the repository you're migrating contains commits that don't comply with this rule, your migration will fail. For more information about rulesets, see "[AUTOTITLE](/enterprise-cloud@latest/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets)."
+* **Mannequin content might not be searchable:** Mannequins are placeholder users to which imported content (such as issues, pull requests, comments, etc.) is associated. When you search for content associated with a mannequin, such as assigned issues, the issues may not be found. Once a mannequin is reclaimed, the content should be found via the new owner. For more information, see "[AUTOTITLE](/migrations/using-github-enterprise-importer/completing-your-migration-with-github-enterprise-importer/reclaiming-mannequins-for-github-enterprise-importer)."
diff --git a/data/reusables/enterprise_clustering/proxy_xff_firewall_warning.md b/data/reusables/enterprise_clustering/proxy_xff_firewall_warning.md
index bf524e760b4a..3328f075d787 100644
--- a/data/reusables/enterprise_clustering/proxy_xff_firewall_warning.md
+++ b/data/reusables/enterprise_clustering/proxy_xff_firewall_warning.md
@@ -1,5 +1,5 @@
 {% danger %}
 
-**Security Warning**: When either PROXY support or HTTP forwarding is enabled, it is critical that no external traffic can directly reach the {% data variables.product.prodname_ghe_server %} appliances. If external traffic is not properly blocked, the source IP addresses can be forged.
+**Security Warning:** When either PROXY support or HTTP forwarding is enabled, it is critical that no external traffic can directly reach the {% data variables.product.prodname_ghe_server %} appliances. If external traffic is not properly blocked, the source IP addresses can be forged.
 
 {% enddanger %}
diff --git a/data/reusables/gated-features/dependency-vulnerable-calls.md b/data/reusables/gated-features/dependency-vulnerable-calls.md
index 896ca2de523e..0ee68c783f3e 100644
--- a/data/reusables/gated-features/dependency-vulnerable-calls.md
+++ b/data/reusables/gated-features/dependency-vulnerable-calls.md
@@ -1,7 +1,4 @@
-{%- ifversion fpt -%}
-Detection of vulnerable calls is enabled on public repositories. This analysis is also available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have licensed {% data variables.product.prodname_GH_advanced_security %}.
+{%- ifversion fpt -%}Detection of vulnerable calls is enabled on public repositories. This analysis is also available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have licensed {% data variables.product.prodname_GH_advanced_security %}.
+{%- elsif ghec -%}Detection of vulnerable calls is included in {% data variables.product.product_name %} for public repositories. To detect vulnerable calls in private repositories owned by organizations, your organization must have a license for {% data variables.product.prodname_GH_advanced_security %}.{%- endif %}
 
-{%- elsif ghec -%}
-Detection of vulnerable calls is included in {% data variables.product.product_name %} for public repositories. To detect vulnerable calls in private repositories owned by organizations, your organization must have a license for {% data variables.product.prodname_GH_advanced_security %}.
-
-{%- endif %} {% data reusables.advanced-security.more-info-ghas %}
+{% data reusables.advanced-security.more-info-ghas %}
diff --git a/data/reusables/organizations/pre-defined-organization-roles.md b/data/reusables/organizations/pre-defined-organization-roles.md
index 6981b8661440..61238e53f370 100644
--- a/data/reusables/organizations/pre-defined-organization-roles.md
+++ b/data/reusables/organizations/pre-defined-organization-roles.md
@@ -2,11 +2,11 @@ Pre-defined organization roles are roles that are available by default in every
 
 The current set of pre-defined roles are:
 
-* **All-repository read**: Grants read access to all repositories in the organization.
-* **All-repository write**: Grants write access to all repositories in the organization.
-* **All-repository triage**: Grants triage access to all repositories in the organization.
-* **All-repository maintain**: Grants maintenance access to all repositories in the organization.
-* **All-repository admin**: Grants admin access to all repositories in the organization.
+* **All-repository read:** Grants read access to all repositories in the organization.
+* **All-repository write:** Grants write access to all repositories in the organization.
+* **All-repository triage:** Grants triage access to all repositories in the organization.
+* **All-repository maintain:** Grants maintenance access to all repositories in the organization.
+* **All-repository admin:** Grants admin access to all repositories in the organization.
 {%- ifversion fpt or ghec or ghes > 3.15 %}
-* **CI/CD admin**: Grants admin access to manage Actions policies, runners, runner groups, hosted compute network configurations, secrets, variables, and usage metrics for an organization.
+* **CI/CD admin:** Grants admin access to manage Actions policies, runners, runner groups, hosted compute network configurations, secrets, variables, and usage metrics for an organization.
 {%- endif %}
diff --git a/data/reusables/repositories/push-rulesets-overview.md b/data/reusables/repositories/push-rulesets-overview.md
index 5bda4ef41bda..850562a79050 100644
--- a/data/reusables/repositories/push-rulesets-overview.md
+++ b/data/reusables/repositories/push-rulesets-overview.md
@@ -4,12 +4,12 @@ Push rules do not require any branch targeting because they apply to every push
 
 Push rulesets allow you to:
 
-* **Restrict file paths**: Prevent commits that include changes in specified file paths from being pushed.
+* **Restrict file paths:** Prevent commits that include changes in specified file paths from being pushed.
 
   {% data reusables.repositories.rulesets-push-rules-path-example %}
-* **Restrict file path length**: Prevent commits that include file paths that exceed a specified character limit from being pushed.
-* **Restrict file extensions**: Prevent commits that include files with specified file extensions from being pushed.
-* **Restrict file size**: Prevent commits that exceed a specified file size limit from being pushed.
+* **Restrict file path length:** Prevent commits that include file paths that exceed a specified character limit from being pushed.
+* **Restrict file extensions:** Prevent commits that include files with specified file extensions from being pushed.
+* **Restrict file size:** Prevent commits that exceed a specified file size limit from being pushed.
 
 #### About push rulesets for forked repositories
 
diff --git a/data/reusables/repositories/rulesets-about-enforcement-statuses.md b/data/reusables/repositories/rulesets-about-enforcement-statuses.md
index 7daf16dbd8f6..32ef826e835f 100644
--- a/data/reusables/repositories/rulesets-about-enforcement-statuses.md
+++ b/data/reusables/repositories/rulesets-about-enforcement-statuses.md
@@ -2,9 +2,9 @@ While creating or editing your ruleset, you can use enforcement statuses to conf
 
 You can select any of the following enforcement statuses for your ruleset.
 
-   * **{% octicon "play" aria-hidden="true" %} Active**: your ruleset will be enforced upon creation.{% ifversion repo-rules-enterprise %}
-   * **{% octicon "meter" aria-hidden="true" %} Evaluate**: your ruleset will not be enforced, but you will be able to monitor which actions would or would not violate rules on the "Rule Insights" page.{% endif %}
-   * **{% octicon "skip" aria-hidden="true" %} Disabled**: your ruleset will not be enforced{% ifversion repo-rules-enterprise %} or evaluated{% endif %}.
+   * **{% octicon "play" aria-hidden="true" %} Active:** your ruleset will be enforced upon creation.{% ifversion repo-rules-enterprise %}
+   * **{% octicon "meter" aria-hidden="true" %} Evaluate:** your ruleset will not be enforced, but you will be able to monitor which actions would or would not violate rules on the "Rule Insights" page.{% endif %}
+   * **{% octicon "skip" aria-hidden="true" %} Disabled:** your ruleset will not be enforced{% ifversion repo-rules-enterprise %} or evaluated{% endif %}.
 
 {% ifversion repo-rules-enterprise %}
 
diff --git a/data/reusables/secret-scanning/alert-types.md b/data/reusables/secret-scanning/alert-types.md
index 9a7b0cdbceef..1f8ab4d7dbcd 100644
--- a/data/reusables/secret-scanning/alert-types.md
+++ b/data/reusables/secret-scanning/alert-types.md
@@ -1,5 +1,5 @@
 There are {% ifversion fpt or ghec %}three{% else %}two{% endif %} types of {% data variables.secret-scanning.alerts %}:
 
-* **{% ifversion fpt or ghec %}User alerts{% else %}{% data variables.secret-scanning.alerts_caps %}{% endif %}**: Reported to users in the **Security** tab of the repository, when a supported secret is detected in the repository.
-* **Push protection alerts**: Reported to users in the **Security** tab of the repository, when a contributor bypasses push protection. {% ifversion fpt or ghec %}
-* **Partner alerts**: Reported directly to secret providers that are part of {% data variables.product.prodname_secret_scanning %}'s partner program. These alerts are not reported in the **Security** tab of the repository.{% endif %}
+* **{% ifversion fpt or ghec %}User alerts{% else %}{% data variables.secret-scanning.alerts_caps %}{% endif %}:** Reported to users in the **Security** tab of the repository, when a supported secret is detected in the repository.
+* **Push protection alerts:** Reported to users in the **Security** tab of the repository, when a contributor bypasses push protection. {% ifversion fpt or ghec %}
+* **Partner alerts:** Reported directly to secret providers that are part of {% data variables.product.prodname_secret_scanning %}'s partner program. These alerts are not reported in the **Security** tab of the repository.{% endif %}
diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json
index 281047669120..1146aabd92d5 100644
--- a/src/audit-logs/lib/config.json
+++ b/src/audit-logs/lib/config.json
@@ -3,5 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "49363b4aeeaf1b397f113178250e939829c4c684"
+  "sha": "d0b493306f08311371fb627084f8870cc1ce77e1"
 }
\ No newline at end of file
diff --git a/src/landings/components/CategoryLanding.tsx b/src/landings/components/CategoryLanding.tsx
index f004f3b844e0..8dac7779ef31 100644
--- a/src/landings/components/CategoryLanding.tsx
+++ b/src/landings/components/CategoryLanding.tsx
@@ -132,9 +132,9 @@ export const CategoryLanding = () => {
               />
             
           
-          
    
+          
      
             {searchResults.map((item, index) => (
-              
    • 
+              
    •