From e3ed561050a7dee102a02cc4fc35fa1ce6896c64 Mon Sep 17 00:00:00 2001 From: Roniece Ricardo <33437850+RonRicardo@users.noreply.github.com> Date: Tue, 26 Nov 2024 12:09:32 -0500 Subject: [PATCH 1/6] Add reviewers dependabot action (#52983) Co-authored-by: Kevin Heis Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> --- .github/workflows/reviewers-dependabot.yml | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .github/workflows/reviewers-dependabot.yml diff --git a/.github/workflows/reviewers-dependabot.yml b/.github/workflows/reviewers-dependabot.yml new file mode 100644 index 000000000000..8c5855846afa --- /dev/null +++ b/.github/workflows/reviewers-dependabot.yml @@ -0,0 +1,34 @@ +name: Add Dependabot Core Maintainers as Reviewers + +# **What it does**: Automatically add reviewers based on paths, for docs-internal and docs repos. +# **Why we have it**: So dependabot maintainers can be notified about relevant pull requests. +# **Who does it impact**: dependabot-core. + +on: + pull_request: + paths: + - 'data/reusable/dependabot/**' + - 'content/code-security/dependabot/**' + - 'content/rest/dependabot/**' + +jobs: + add-reviewer: + if: github.repository == 'github/docs-internal' || github.repository == 'github/docs' + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Add Dependabot Core Maintainers as reviewers + env: + GH_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }} + PR: ${{ github.event.pull_request.html_url }} + run: | + has_reviewer=$( + gh pr view $PR --json reviews | + jq 'any(.reviews[]; select(length > 0))' + ) + if ! $has_reviewer + then + gh pr edit $PR --add-reviewer github/dependabot-core + fi From b56010a3c9aa97fa143a185aaaa87e121704c68e Mon Sep 17 00:00:00 2001 From: Artur Kordowski <9746197+akordowski@users.noreply.github.com> Date: Tue, 26 Nov 2024 18:14:11 +0100 Subject: [PATCH 2/6] Fix alert header (#35425) --- .../dependabot-alerts/viewing-and-updating-dependabot-alerts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md b/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index 71d5b6c612e5..2c46ee5f04d0 100644 --- a/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -146,7 +146,7 @@ With a {% data variables.product.prodname_copilot_enterprise %} license, you can ## Dismissing {% data variables.product.prodname_dependabot_alerts %} -> [!TIP] +> [!NOTE] > You can only dismiss open alerts. If you schedule extensive work to upgrade a dependency, or decide that an alert does not need to be fixed, you can dismiss the alert. Dismissing alerts that you have already assessed makes it easier to triage new alerts as they appear. From e8c69a2acffc3c0529b67e8c5338069beea4487b Mon Sep 17 00:00:00 2001 From: Artur Kordowski <9746197+akordowski@users.noreply.github.com> Date: Tue, 26 Nov 2024 18:28:49 +0100 Subject: [PATCH 3/6] Fix alert header - part 2 (#35427) Co-authored-by: Alex Nguyen <150945400+nguyenalex836@users.noreply.github.com> --- .../configuration-options-for-the-dependabot.yml-file.md | 2 +- .../about-dependabot-on-github-actions-runners.md | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index ea3fc1925b8c..100d81a4b6f9 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -190,7 +190,7 @@ updates: interval: "daily" ``` ->[!TIP] +> [!NOTE] > The `directories` key supports globbing and the wildcard character `*`. These features are not supported by the `directory` key. ```yaml diff --git a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md index 60743efa50b3..55f7d09fb645 100644 --- a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md +++ b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md @@ -23,7 +23,8 @@ topics: Using {% data variables.product.prodname_actions %} runners allows you to more easily identify {% data variables.product.prodname_dependabot %} job errors and manually detect and troubleshoot failed runs. You can also integrate {% data variables.product.prodname_dependabot %} into your CI/CD pipelines by using {% data variables.product.prodname_actions %} APIs and webhooks to detect {% data variables.product.prodname_dependabot %} job status such as failed runs, and perform downstream processing. For more information, see "[AUTOTITLE](/rest/actions)" and "[AUTOTITLE](/webhooks/webhook-events-and-payloads)." ->[!TIP] Running {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_dotcom %}-hosted and self-hosted runners **does not** count towards your included {% data variables.product.prodname_actions %} minutes. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)." +> [!NOTE] +> Running {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_dotcom %}-hosted and self-hosted runners **does not** count towards your included {% data variables.product.prodname_actions %} minutes. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)." You can run {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_actions %} using: * {% data variables.product.prodname_dotcom %}-hosted runners From 5d94c62415df7d5547f0077299f387f33b1e0935 Mon Sep 17 00:00:00 2001 From: Artur Kordowski <9746197+akordowski@users.noreply.github.com> Date: Tue, 26 Nov 2024 19:06:10 +0100 Subject: [PATCH 4/6] Fix NuGet typo (#35428) Co-authored-by: Alex Nguyen <150945400+nguyenalex836@users.noreply.github.com> --- .../about-server-statistics.md | 2 +- .../codeql-code-scanning-for-compiled-languages.md | 10 +++++----- ...onfiguration-options-for-the-dependabot.yml-file.md | 2 +- ...nfiguration-of-private-registries-for-dependabot.md | 4 ++-- .../removing-dependabot-access-to-public-registries.md | 6 +++--- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md index 3ed1d4baef7c..aba6e5b66427 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md @@ -141,7 +141,7 @@ The following aggregate metrics will be collected and transmitted on a daily bas | CF | `packages_stats.ecosystems.nuget.internal_packages_count` | Number of internal NuGet packages | | CG | `packages_stats.ecosystems.nuget.user_packages_count` | Number of NuGet packages owned by user accounts | | CH | `packages_stats.ecosystems.nuget.organization_packages_count` | Number of NuGet packages owned by organizations | -| CI | `packages_stats.ecosystems.nuget.daily_download_count` | Number of downloads of Nuget packages | +| CI | `packages_stats.ecosystems.nuget.daily_download_count` | Number of downloads of NuGet packages | | CJ | `packages_stats.ecosystems.nuget.daily_update_count` | Number of NuGet packages updated | | CK | `packages_stats.ecosystems.nuget.daily_delete_count` | Number of NuGet packages deleted | | CL | `packages_stats.ecosystems.nuget.daily_create_count` | Number of NuGet packages created | diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md index a88a4415038a..935508eb4999 100644 --- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md +++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md @@ -334,8 +334,8 @@ Creating a {% data variables.product.prodname_codeql %} database without buildin You can ensure a more accurate analysis by taking the following steps: -* Provide access to the public internet or ensure that access to a private Nuget feed is available. -* Check whether the repository requires multiple versions of the same Nuget dependency. {% data variables.product.prodname_codeql %} can use only one version and usually chooses the newer version where there are multiple versions. This approach may not work for all repositories. +* Provide access to the public internet or ensure that access to a private NuGet feed is available. +* Check whether the repository requires multiple versions of the same NuGet dependency. {% data variables.product.prodname_codeql %} can use only one version and usually chooses the newer version where there are multiple versions. This approach may not work for all repositories. * Check whether multiple versions of .NET are referenced, for example, `net48`, `net5.0`, and `netstandard1.6`. {% data variables.product.prodname_codeql %} can use only one version and this may affect accuracy. * Avoid colliding class names, otherwise this may cause missing method call targets, which has an impact on dataflow analysis. @@ -379,13 +379,13 @@ If `autobuild` detects multiple solution or project files at the same (shortest) For .NET Core application development on self-hosted runners, the .NET SDK is required (for `dotnet`). -For .NET Framework application development, you will need Microsoft Build Tools (for `msbuild`) and Nuget CLI (for `nuget`). +For .NET Framework application development, you will need Microsoft Build Tools (for `msbuild`) and NuGet CLI (for `nuget`). Windows runners require `powershell.exe` to be on the `PATH`. {% ifversion codeql-no-build-csharp %} -If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private Nuget feed is available. +If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private NuGet feed is available. {% endif %} @@ -404,7 +404,7 @@ For .NET Framework application development, you will require Mono Runtime (to ru {% ifversion codeql-no-build-csharp %} -If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private Nuget feed is available. +If you plan to create {% data variables.product.prodname_codeql %} databases using `build-mode: none`, you also need to provide access to the public internet, or you must ensure that access to a private NuGet feed is available. {% endif %} diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 100d81a4b6f9..986df68a0268 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -1027,7 +1027,7 @@ You can give {% data variables.product.prodname_dependabot %} access to private > * Gradle > * Maven > * Npm -> * Nuget{% ifversion dependabot-updates-pub-private-registry %} +> * NuGet{% ifversion dependabot-updates-pub-private-registry %} > * Pub{% endif %} > * Python > * Yarn diff --git a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md index eb8faacac258..50a15135b959 100644 --- a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md +++ b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md @@ -34,7 +34,7 @@ You'll find detailed guidance for the setup of the following package managers: * [Gradle](#gradle) * [Maven](#maven) * [npm](#npm) -* [Nuget](#nuget){% ifversion dependabot-updates-pub-private-registry %} +* [NuGet](#nuget){% ifversion dependabot-updates-pub-private-registry %} * [pub](#pub){% endif %} * [Python](#python) * [Yarn](#yarn) @@ -323,7 +323,7 @@ For scoped dependencies (`@my-org/my-dep`), {% data variables.product.prodname_d Registries should be configured using the `https` protocol. -### Nuget +### NuGet Supported by Artifactory, Artifacts, Cloudsmith, {% data variables.product.prodname_registry %} registry, Nexus, and ProGet. diff --git a/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md b/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md index b9b63f1f6d74..78d41777e3bd 100644 --- a/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md +++ b/content/code-security/dependabot/working-with-dependabot/removing-dependabot-access-to-public-registries.md @@ -226,11 +226,11 @@ If the `yarn.lock` file doesn't list the private registry as the dependency sour > [!NOTE] > For scoped dependencies (`@my-org/my-dep`), {% data variables.product.prodname_dependabot %} requires that the private registry is defined in the project's `.yarnrc` file. To define private registries for individual scopes, use `"@myscope:registry" "https://private_registry_url"`. -## Nuget +## NuGet -To allow the Nuget ecosystem to only access private registries, you can configure the `dependabot.yml` file. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#nuget-feed)." +To allow the NuGet ecosystem to only access private registries, you can configure the `dependabot.yml` file. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#nuget-feed)." -The Nuget ecosystem additionally requires a `nuget.config` file to be checked into the repository, with either a `< clear />` tag in `` section or a key `nuget.org` as true in the `disabledPackageSources` section of the `nuget.config` file. +The NuGet ecosystem additionally requires a `nuget.config` file to be checked into the repository, with either a `< clear />` tag in `` section or a key `nuget.org` as true in the `disabledPackageSources` section of the `nuget.config` file. This is an example of a `< clear />` tag in the `packageSources` section of the `nuget.config`. From 56a55202715d66bc707f168daad8b58d0b23ff34 Mon Sep 17 00:00:00 2001 From: Artur Kordowski <9746197+akordowski@users.noreply.github.com> Date: Tue, 26 Nov 2024 20:33:30 +0100 Subject: [PATCH 5/6] Fix text formatting with colon - part 1 (#35432) Co-authored-by: Alex Nguyen <150945400+nguyenalex836@users.noreply.github.com> --- .../authenticating-to-the-github-api.md | 6 ++-- ...and-troubleshooting-self-hosted-runners.md | 6 ++-- .../running-scripts-before-or-after-a-job.md | 8 +++--- .../managing-environments-for-deployment.md | 8 +++--- ...-security-hardening-with-openid-connect.md | 10 +++---- ...-openid-connect-with-reusable-workflows.md | 12 ++++---- .../controlling-access-to-larger-runners.md | 4 +-- .../managing-larger-runners.md | 4 +-- ...toring-and-sharing-data-from-a-workflow.md | 4 +-- ...ritten-building-blocks-in-your-workflow.md | 8 +++--- .../about-the-management-console.md | 14 +++++----- ...naging-access-to-the-management-console.md | 4 +-- .../enabling-github-packages-with-aws.md | 2 +- .../enabling-github-packages-with-minio.md | 2 +- ...enabling-dependabot-for-your-enterprise.md | 4 +-- .../enabling-github-connect-for-ghecom.md | 2 +- ...ub-enterprise-cloud-with-data-residency.md | 2 +- ...s-for-github-actions-in-your-enterprise.md | 12 ++++---- ...rsonal-access-tokens-in-your-enterprise.md | 12 ++++---- .../deleting-users-from-your-instance.md | 4 +-- ...upport-entitlements-for-your-enterprise.md | 4 +-- .../roles-in-an-enterprise.md | 8 +++--- .../viewing-people-in-your-enterprise.md | 6 ++-- ...g-github-actions-with-amazon-s3-storage.md | 6 ++-- ...ithub-actions-with-google-cloud-storage.md | 8 +++--- ...tion-and-provisioning-with-pingfederate.md | 16 +++++------ .../creating-an-enterprise-account.md | 20 ++++++------- .../about-the-monitor-dashboards.md | 12 ++++---- .../about-github-enterprise-server.md | 8 +++--- .../overview/about-github-for-enterprises.md | 4 +-- .../installing-your-own-github-app.md | 6 ++-- .../using-ssh-over-the-https-port.md | 2 +- ...ase-6-rollout-and-scale-secret-scanning.md | 12 ++++---- .../using-the-codeql-model-editor.md | 4 +-- ...e-rules-to-prioritize-dependabot-alerts.md | 4 +-- ...ion-options-for-the-dependabot.yml-file.md | 24 ++++++++-------- .../troubleshooting-dependabot-errors.md | 4 +-- ...he-detection-of-vulnerable-dependencies.md | 8 +++--- .../introduction/about-push-protection.md | 14 +++++----- .../introduction/about-secret-scanning.md | 28 +++++++++---------- .../supported-secret-scanning-patterns.md | 12 ++++---- .../secret-scanning-partner-program.md | 8 +++--- ...-with-push-protection-from-the-rest-api.md | 2 +- ...-writing-repository-security-advisories.md | 6 ++-- .../viewing-security-insights.md | 6 ++-- .../about-supply-chain-security.md | 26 ++++++++--------- .../troubleshooting-the-dependency-graph.md | 4 +-- 47 files changed, 195 insertions(+), 195 deletions(-) diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md index 511de0b2ba39..6864494b15e0 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api.md @@ -28,15 +28,15 @@ You can authenticate {% data variables.product.prodname_actions_runner_controlle 1. For "Homepage URL," enter `https://github.com/actions/actions-runner-controller`. 1. Under "Permissions," click **Repository permissions**. Then use the dropdown menus to select the following access permissions. - * **Administration**: Read and write + * **Administration:** Read and write > [!NOTE] > `Administration: Read and write` is only required when configuring {% data variables.product.prodname_actions_runner_controller %} to register at the repository scope. It is not required to register at the organization scope. - * **Metadata**: Read-only + * **Metadata:** Read-only 1. Under "Permissions," click **Organization permissions**. Then use the dropdown menus to select the following access permissions. - * **Self-hosted runners**: Read and write + * **Self-hosted runners:** Read and write {% data reusables.actions.arc-app-post-install-steps %} diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md index 4609a8f32a8b..34fd8a8dc163 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md @@ -34,9 +34,9 @@ You may not be able to create a self-hosted runner for an organization-owned rep The status can be one of the following: - * **Idle**: The runner is connected to {% data variables.product.product_name %} and is ready to execute jobs. - * **Active**: The runner is currently executing a job. - * **Offline**: The runner is not connected to {% data variables.product.product_name %}. This could be because the machine is offline, the self-hosted runner application is not running on the machine, or the self-hosted runner application cannot communicate with {% data variables.product.product_name %}. + * **Idle:** The runner is connected to {% data variables.product.product_name %} and is ready to execute jobs. + * **Active:** The runner is currently executing a job. + * **Offline:** The runner is not connected to {% data variables.product.product_name %}. This could be because the machine is offline, the self-hosted runner application is not running on the machine, or the self-hosted runner application cannot communicate with {% data variables.product.product_name %}. ## Troubleshooting network connectivity diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md index 3271e1b15a1d..743c2cf8f37e 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/running-scripts-before-or-after-a-job.md @@ -17,15 +17,15 @@ The custom scripts are automatically triggered when a specific environment varia The following scripting languages are supported: -* **Bash**: Uses `bash` and can fallback to `sh`. Executes by running `-e {pathtofile}`. -* **PowerShell**: Uses `pwsh` and can fallback to `powershell`. Executes by running `-command \". '{pathtofile}'\"`. +* **Bash:** Uses `bash` and can fallback to `sh`. Executes by running `-e {pathtofile}`. +* **PowerShell:** Uses `pwsh` and can fallback to `powershell`. Executes by running `-command \". '{pathtofile}'\"`. ## Writing the scripts Your custom scripts can use the following features: -* **Variables**: Scripts have access to the default variables. The full webhook event payload can be found in `GITHUB_EVENT_PATH`. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables)." -* **Workflow commands**: Scripts can use workflow commands. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions)". Scripts can also use environment files. For more information, see [Environment files](/actions/using-workflows/workflow-commands-for-github-actions#environment-files). +* **Variables:** Scripts have access to the default variables. The full webhook event payload can be found in `GITHUB_EVENT_PATH`. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables)." +* **Workflow commands:** Scripts can use workflow commands. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions)". Scripts can also use environment files. For more information, see [Environment files](/actions/using-workflows/workflow-commands-for-github-actions#environment-files). Your script files must use a file extension for the relevant language, such as `.sh` or `.ps1`, in order to run successfully. diff --git a/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md b/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md index 6774d27239c0..200068b32a18 100644 --- a/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md +++ b/content/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment.md @@ -80,17 +80,17 @@ Use a wait timer to delay a job for a specific amount of time after the job is i Use deployment branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} to restrict which branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} can deploy to the environment. Below are the options for deployment branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} for an environment: {% ifversion deployment-protections-tag-patterns %} -* **No restriction**: No restriction on which branch or tag can deploy to the environment. +* **No restriction:** No restriction on which branch or tag can deploy to the environment. {%- else %} -* **All branches**: All branches in the repository can deploy to the environment. +* **All branches:** All branches in the repository can deploy to the environment. {%- endif %} -* **Protected branches{% ifversion deployment-protections-tag-patterns %} only{% endif %}**: Only branches with branch protection rules enabled can deploy to the environment. If no branch protection rules are defined for any branch in the repository, then all branches can deploy. For more information about branch protection rules, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."{% ifversion actions-protected-branches-restrictions %} +* **Protected branches{% ifversion deployment-protections-tag-patterns %} only{% endif %}:** Only branches with branch protection rules enabled can deploy to the environment. If no branch protection rules are defined for any branch in the repository, then all branches can deploy. For more information about branch protection rules, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."{% ifversion actions-protected-branches-restrictions %} > [!NOTE] > Deployment workflow runs triggered by tags with the same name as a protected branch and forks with branches that match the protected branch name cannot deploy to the environment. {% endif %} -* **Selected branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %}**: Only branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} that match your specified name patterns can deploy to the environment. +* **Selected branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %}:** Only branches{% ifversion deployment-protections-tag-patterns %} and tags{% endif %} that match your specified name patterns can deploy to the environment. If you specify `releases/*` as a deployment branch{% ifversion deployment-protections-tag-patterns %} or tag{% endif %} rule, only a branch{% ifversion deployment-protections-tag-patterns %} or tag{% endif %} whose name begins with `releases/` can deploy to the environment. (Wildcard characters will not match `/`. To match branches{% ifversion deployment-protections-tag-patterns %} or tags{% endif %} that begin with `release/` and contain an additional single slash, use `release/*/*`.) If you add `main` as a branch rule, a branch named `main` can also deploy to the environment. For more information about syntax options for deployment branches, see the [Ruby `File.fnmatch` documentation](https://ruby-doc.org/core-2.5.1/File.html#method-c-fnmatch). diff --git a/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md b/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md index fa27f6eb27a2..1b12c685e2d5 100644 --- a/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md +++ b/content/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md @@ -27,9 +27,9 @@ With OpenID Connect (OIDC), you can take a different approach by configuring you By updating your workflows to use OIDC tokens, you can adopt the following good security practices: -* **No cloud secrets**: You won't need to duplicate your cloud credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. Instead, you can configure the OIDC trust on your cloud provider, and then update your workflows to request a short-lived access token from the cloud provider through OIDC. -* **Authentication and authorization management**: You have more granular control over how workflows can use credentials, using your cloud provider's authentication (authN) and authorization (authZ) tools to control access to cloud resources. -* **Rotating credentials**: With OIDC, your cloud provider issues a short-lived access token that is only valid for a single job, and then automatically expires. +* **No cloud secrets:** You won't need to duplicate your cloud credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. Instead, you can configure the OIDC trust on your cloud provider, and then update your workflows to request a short-lived access token from the cloud provider through OIDC. +* **Authentication and authorization management:** You have more granular control over how workflows can use credentials, using your cloud provider's authentication (authN) and authorization (authZ) tools to control access to cloud resources. +* **Rotating credentials:** With OIDC, your cloud provider issues a short-lived access token that is only valid for a single job, and then automatically expires. ### Getting started with OIDC @@ -159,8 +159,8 @@ The token also includes custom claims provided by {% data variables.product.prod With OIDC, a {% data variables.product.prodname_actions %} workflow requires a token in order to access resources in your cloud provider. The workflow requests an access token from your cloud provider, which checks the details presented by the JWT. If the trust configuration in the JWT is a match, your cloud provider responds by issuing a temporary token to the workflow, which can then be used to access resources in your cloud provider. You can configure your cloud provider to only respond to requests that originate from a specific organization's repository. You can also specify additional conditions, described below. Audience and Subject claims are typically used in combination while setting conditions on the cloud role/resources to scope its access to the GitHub workflows. -* **Audience**: By default, this value uses the URL of the organization or repository owner. This can be used to set a condition that only the workflows in the specific organization can access the cloud role. -* **Subject**: By default, has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) environment. See "[Example subject claims](#example-subject-claims)" to see how the subject claim is assembled from concatenated metadata. +* **Audience:** By default, this value uses the URL of the organization or repository owner. This can be used to set a condition that only the workflows in the specific organization can access the cloud role. +* **Subject:** By default, has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) environment. See "[Example subject claims](#example-subject-claims)" to see how the subject claim is assembled from concatenated metadata. If you need more granular trust conditions, you can customize the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see "[Customizing the token claims](#customizing-the-token-claims)". diff --git a/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md b/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md index 3ba6e40d69c6..067a47c4ed32 100644 --- a/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md +++ b/content/actions/security-for-github-actions/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows.md @@ -27,11 +27,11 @@ You should be familiar with the concepts described in "[AUTOTITLE](/actions/usin When combined with OpenID Connect (OIDC), reusable workflows let you enforce consistent deployments across your repository, organization, or enterprise. You can do this by defining trust conditions on cloud roles based on reusable workflows. The available options will vary depending on your cloud provider: -* **Using `job_workflow_ref`**: +* **Using `job_workflow_ref`:** * To create trust conditions based on reusable workflows, your cloud provider must support custom claims for `job_workflow_ref`. This allows your cloud provider to identify which repository the job originally came from. * For clouds that only support the standard claims (audience (`aud`) and subject (`sub`)), you can use the API to customize the `sub` claim to include `job_workflow_ref`. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims)". Support for custom claims is currently available for Google Cloud Platform and HashiCorp Vault. -* **Customizing the token claims**: +* **Customizing the token claims:** * You can configure more granular trust conditions by customizing the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims)". ## How the token works with reusable workflows @@ -83,11 +83,11 @@ If your reusable workflow performs deployment steps, then it will typically need You can configure a custom claim that filters for any reusable workflow in a specific repository. In this example, the workflow run must have originated from a job defined in a reusable workflow in the `octo-org/octo-automation` repository, and in any repository that is owned by the `octo-org` organization. -* **Subject**: +* **Subject:** * Syntax: `repo:ORG_NAME/*` * Example: `repo:octo-org/*` -* **Custom claim**: +* **Custom claim:** * Syntax: `job_workflow_ref:ORG_NAME/REPO_NAME` * Example: `job_workflow_ref:octo-org/octo-automation@*` @@ -95,10 +95,10 @@ You can configure a custom claim that filters for any reusable workflow in a spe You can configure a custom claim that filters for a specific reusable workflow. In this example, the workflow run must have originated from a job defined in the reusable workflow `octo-org/octo-automation/.github/workflows/deployment.yml`, and in any repository that is owned by the `octo-org` organization. -* **Subject**: +* **Subject:** * Syntax: `repo:ORG_NAME/*` * Example: `repo:octo-org/*` -* **Custom claim**: +* **Custom claim:** * Syntax: `job_workflow_ref:ORG_NAME/REPO_NAME/.github/workflows/WORKFLOW_FILE@ref` * Example: `job_workflow_ref:octo-org/octo-automation/.github/workflows/deployment.yml@ 10040c56a8c0253d69db7c1f26a0d227275512e2` diff --git a/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md b/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md index 5d825bca61b2..3ec3fff02440 100644 --- a/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md +++ b/content/actions/using-github-hosted-runners/using-larger-runners/controlling-access-to-larger-runners.md @@ -25,8 +25,8 @@ redirect_from: Runner groups are used to control which repositories can run jobs on your {% data variables.actions.hosted_runner %}s. You must manage access to the group from each level of the management hierarchy, depending on where you've defined the {% data variables.actions.hosted_runner %}: -* **Runners at the enterprise level**: {% data reusables.actions.about-enterprise-level-runner-groups %} -* **Runners at the organization level**: {% data reusables.actions.about-organization-level-runner-groups %} +* **Runners at the enterprise level:** {% data reusables.actions.about-enterprise-level-runner-groups %} +* **Runners at the organization level:** {% data reusables.actions.about-organization-level-runner-groups %} For example, the following diagram has a runner group named `grp-ubuntu-20.04-16core` at the enterprise level. Before the repository named `octo-repo` can use the runners in the group, you must first configure the group at the enterprise level to allow access to the `octo-org` organization. You must then configure the group at the organization level to allow access to `octo-repo`. diff --git a/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md b/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md index 306096b6b283..460533a60ca6 100644 --- a/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md +++ b/content/actions/using-github-hosted-runners/using-larger-runners/managing-larger-runners.md @@ -48,8 +48,8 @@ Repositories are granted access to {% data variables.actions.hosted_runner %}s t Organization owners can use and configure enterprise-level runner groups for the repositories in their organization, or they can create organization-level runner groups to control access.{% ifversion custom-org-roles %} Users with the "Manage organization runners and runner groups" can only manage organization-level runner groups. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)."{% endif %} -* **For enterprise-level runner groups**: {% data reusables.actions.about-enterprise-level-runner-groups %} -* **For organization-level runner groups**: {% data reusables.actions.about-organization-level-runner-groups %} +* **For enterprise-level runner groups:** {% data reusables.actions.about-enterprise-level-runner-groups %} +* **For organization-level runner groups:** {% data reusables.actions.about-organization-level-runner-groups %} Once a repository has access to {% data variables.actions.hosted_runner %}s, the {% data variables.actions.hosted_runner %}s can be added to workflow files. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/running-jobs-on-larger-runners)." diff --git a/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md b/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md index 86741403e76e..0bfc8792b3eb 100644 --- a/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md +++ b/content/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow.md @@ -51,8 +51,8 @@ Artifacts are uploaded during a workflow run, and you can view an artifact's nam To share data between jobs: -* **Uploading files**: Give the uploaded file a name and upload the data before the job ends. -* **Downloading files**: You can only download artifacts that were uploaded during the same workflow run. When you download a file, you can reference it by name. +* **Uploading files:** Give the uploaded file a name and upload the data before the job ends. +* **Downloading files:** You can only download artifacts that were uploaded during the same workflow run. When you download a file, you can reference it by name. The steps of a job share the same environment on the runner machine, but run in their own individual processes. To pass data between steps in a job, you can use inputs and outputs. For more information about inputs and outputs, see "[AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions)." diff --git a/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md b/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md index 10d98b646f5c..2b8eeaa4eb62 100644 --- a/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md +++ b/content/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow.md @@ -26,10 +26,10 @@ You can use pre-written building blocks, called actions, in your workflow. An ac Actions can be: -* **Reusable**: actions can be used across different workflows and repositories, allowing you to avoid rewriting the same code. -* **Pre-written**: many actions are available in the {% data variables.product.prodname_marketplace %}, covering a wide range of tasks like checking out code, setting up environments, running tests, and deploying applications. -* **Configurable**: you can configure actions with inputs, outputs, and environment variables to tailor them to your specific needs. -* **Community-driven**: you can create your own actions and share them with others or use actions developed by the community. +* **Reusable:** actions can be used across different workflows and repositories, allowing you to avoid rewriting the same code. +* **Pre-written:** many actions are available in the {% data variables.product.prodname_marketplace %}, covering a wide range of tasks like checking out code, setting up environments, running tests, and deploying applications. +* **Configurable:** you can configure actions with inputs, outputs, and environment variables to tailor them to your specific needs. +* **Community-driven:** you can create your own actions and share them with others or use actions developed by the community. The actions you use in your workflow can be defined in: diff --git a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md index 3d7b1f76ddca..49000a4edb1b 100644 --- a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md +++ b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console.md @@ -34,13 +34,13 @@ When someone performs an action in the {% data variables.enterprise.management_c In the {% data variables.enterprise.management_console %}, you can perform administrative tasks for {% data variables.location.product_location %}, including: -* **Initial setup**: Walk through the initial setup process when first launching {% data variables.location.product_location %} by visiting {% data variables.location.product_location %}'s IP address in your browser. +* **Initial setup:** Walk through the initial setup process when first launching {% data variables.location.product_location %} by visiting {% data variables.location.product_location %}'s IP address in your browser. {%- ifversion enterprise-management-console-multi-user-auth %} -* **Identity and access management**: Improve the security of {% data variables.location.product_location %} by creating dedicated user accounts for the {% data variables.enterprise.management_console %}. {% ifversion management-console-editor %}The root site administrator account can control these user accounts' access by assigning either the editor or operator role. {% endif %}For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console)."{% ifversion management-console-editor %} +* **Identity and access management:** Improve the security of {% data variables.location.product_location %} by creating dedicated user accounts for the {% data variables.enterprise.management_console %}. {% ifversion management-console-editor %}The root site administrator account can control these user accounts' access by assigning either the editor or operator role. {% endif %}For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console)."{% ifversion management-console-editor %} {% data reusables.enterprise.editor-role-note %}{% endif %} {%- endif %} -* **Configuring authentication policies for the {% data variables.enterprise.management_console %}**: Set rate limits for login attempts, and the lockout duration if someone exceeds the rate limit. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console#configuring-rate-limits-for-authentication-to-the-management-console)." -* **Configuring basic settings for your instance**: Configure DNS, hostname, SSL, user authentication, email, monitoring services, and log forwarding on the Settings page. -* **Scheduling maintenance windows**: Take {% data variables.location.product_location %} offline while performing maintenance using the {% data variables.enterprise.management_console %} or administrative shell. -* **Troubleshooting**: Generate a support bundle or view high level diagnostic information. -* **License management**: View or update your {% data variables.product.prodname_enterprise %} license. +* **Configuring authentication policies for the {% data variables.enterprise.management_console %}:** Set rate limits for login attempts, and the lockout duration if someone exceeds the rate limit. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console#configuring-rate-limits-for-authentication-to-the-management-console)." +* **Configuring basic settings for your instance:** Configure DNS, hostname, SSL, user authentication, email, monitoring services, and log forwarding on the Settings page. +* **Scheduling maintenance windows:** Take {% data variables.location.product_location %} offline while performing maintenance using the {% data variables.enterprise.management_console %} or administrative shell. +* **Troubleshooting:** Generate a support bundle or view high level diagnostic information. +* **License management:** View or update your {% data variables.product.prodname_enterprise %} license. diff --git a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md index 4a388c42884a..f2c1eeda3a88 100644 --- a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md +++ b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-access-to-the-management-console.md @@ -44,8 +44,8 @@ Only {% data variables.enterprise.management_console %} users with the operator The root site administrator can provision one of two roles for {% data variables.enterprise.management_console %} users: -* **Editor**: A {% data variables.enterprise.management_console %} user with the editor role can perform basic administrative tasks for {% data variables.location.product_location %} in the {% data variables.enterprise.management_console %}. Editors cannot add public SSH keys to the {% data variables.enterprise.management_console %} to grant administrative SSH access to the instance. -* **Operator**: A {% data variables.enterprise.management_console %} user with the operator role +* **Editor:** A {% data variables.enterprise.management_console %} user with the editor role can perform basic administrative tasks for {% data variables.location.product_location %} in the {% data variables.enterprise.management_console %}. Editors cannot add public SSH keys to the {% data variables.enterprise.management_console %} to grant administrative SSH access to the instance. +* **Operator:** A {% data variables.enterprise.management_console %} user with the operator role {%- else %} {% data variables.enterprise.management_console %} users, sometimes called operators, {%- endif %} can perform basic administrative tasks for {% data variables.location.product_location %} in the {% data variables.enterprise.management_console %} and can add SSH keys to the {% data variables.enterprise.management_console %} to grant administrative access to the instance via SSH. diff --git a/content/admin/configuring-packages/enabling-github-packages-with-aws.md b/content/admin/configuring-packages/enabling-github-packages-with-aws.md index cbb4e8295035..4306893650eb 100644 --- a/content/admin/configuring-packages/enabling-github-packages-with-aws.md +++ b/content/admin/configuring-packages/enabling-github-packages-with-aws.md @@ -45,7 +45,7 @@ Ensure your AWS access key ID and secret have the following permissions: For more information, see "[AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html)" in the AWS documentation. * **AWS S3 Bucket:** The name of your S3 bucket dedicated to {% data variables.product.prodname_registry %}. - * **AWS S3 Access Key** and **AWS S3 Secret Key**: The AWS access key ID and secret key to access your bucket. + * **AWS S3 Access Key** and **AWS S3 Secret Key:** The AWS access key ID and secret key to access your bucket. For more information on managing AWS access keys, see the "[AWS Identity and Access Management Documentation](https://docs.aws.amazon.com/iam/index.html)." {%- endif %} diff --git a/content/admin/configuring-packages/enabling-github-packages-with-minio.md b/content/admin/configuring-packages/enabling-github-packages-with-minio.md index acf4c390c56f..41f62168a67c 100644 --- a/content/admin/configuring-packages/enabling-github-packages-with-minio.md +++ b/content/admin/configuring-packages/enabling-github-packages-with-minio.md @@ -45,7 +45,7 @@ Although MinIO does not currently appear in the user interface under "Package St 1. Enter your MinIO storage bucket's details in the AWS storage settings. * **AWS Service URL:** The hosting URL for your MinIO bucket. * **AWS S3 Bucket:** The name of your S3-compatible MinIO bucket dedicated to {% data variables.product.prodname_registry %}. - * **AWS S3 Access Key** and **AWS S3 Secret Key**: Enter the MinIO access key ID and secret key to access your bucket. + * **AWS S3 Access Key** and **AWS S3 Secret Key:** Enter the MinIO access key ID and secret key to access your bucket. {%- endif %} {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index e2cdee276458..4c11d4e61f71 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -63,8 +63,8 @@ You can enable {% data variables.product.prodname_dependabot_updates %} for spec With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. -* **{% data variables.product.prodname_dependabot_version_updates %}**: Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)." -* **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)" and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." +* **{% data variables.product.prodname_dependabot_version_updates %}:** Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)." +* **{% data variables.product.prodname_dependabot_security_updates %}:** Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)" and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." ## Enabling {% data variables.product.prodname_dependabot_alerts %} diff --git a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md index 0e5ae9a85fe3..e02740006c5b 100644 --- a/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md +++ b/content/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-ghecom.md @@ -22,7 +22,7 @@ On {% data variables.enterprise.data_residency_site %}, {% data variables.produc * **Administrative access:** You need administrative access to both an enterprise account on {% data variables.enterprise.data_residency_site %} and a {% data variables.product.prodname_ghe_server %} instance. * **Version requirement:** Your {% data variables.product.prodname_ghe_server %} instance must run {% data variables.product.prodname_ghe_server %} 3.12 or later. -* **Proxy configuration**: If using a proxy server, allow connectivity to the following {% data variables.enterprise.data_residency_site %} hostnames (replace SUBDOMAIN with your enterprise's subdomain). +* **Proxy configuration:** If using a proxy server, allow connectivity to the following {% data variables.enterprise.data_residency_site %} hostnames (replace SUBDOMAIN with your enterprise's subdomain). * `{% data variables.enterprise.data_residency_domain %}` * `{% data variables.enterprise.data_residency_api %}` diff --git a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md index 046d8e9f6ba5..7dd6aa9f9382 100644 --- a/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md +++ b/content/admin/data-residency/about-github-enterprise-cloud-with-data-residency.md @@ -20,7 +20,7 @@ Access to this feature is currently managed by {% data variables.contact.contact {% data variables.product.github %} is a complete developer platform for building, scaling, and delivering secure software. In addition to these capabilities, {% data variables.product.product_name %} offers several key features designed to further optimize and secure your use of the platform: -* Includes an **enterprise account**: a dedicated, shared space for your company to store code, collaborate, and access {% data variables.product.company_short %} features +* Includes an **enterprise account:** a dedicated, shared space for your company to store code, collaborate, and access {% data variables.product.company_short %} features * Centralizes billing, administration, governance, and audit of your company’s resources and activity * Is accessible only to authorized users, isolated from the wider {% data variables.product.prodname_dotcom_the_website %} community * Includes management of authentication and user lifecycles from an external identity management system: diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md index 880656685f9f..4f53f47f9fde 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md @@ -50,8 +50,8 @@ In the "Policies" section, you can control which organizations within your enter You can also limit the use of public actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}, with the following options: -* **Allow all actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}**: Any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} can be used, regardless of who authored it or where it is defined. -* **Allow enterprise actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}**: Only actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} defined in a repository within the enterprise can be used. {% ifversion ghec or fpt %}Blocks all access to actions authored by {% data variables.product.prodname_dotcom %}, such as the [`actions/checkout`](https://github.com/actions/checkout) action.{% endif %} +* **Allow all actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}:** Any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} can be used, regardless of who authored it or where it is defined. +* **Allow enterprise actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %}:** Only actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} defined in a repository within the enterprise can be used. {% ifversion ghec or fpt %}Blocks all access to actions authored by {% data variables.product.prodname_dotcom %}, such as the [`actions/checkout`](https://github.com/actions/checkout) action.{% endif %} * {% data reusables.actions.policy-label-for-select-actions-workflows %}: Any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} defined in a repository within the enterprise can be used, plus any action {% ifversion actions-workflow-policy %}or reusable workflow{% endif %} that matches criteria you specify. @@ -87,8 +87,8 @@ By default, anyone with admin access to a repository can add a self-hosted runne In the "Runners" section, you can mediate these risks by disabling the use of repository-level self-hosted runners. {% ifversion ghec %} -* **Disable for all organizations**: Prevents the creation of runners at the repository level. -* **Disable in all Enterprise Managed User (EMU) repositories**: Prevents the creation of runners for repositories owned by {% data variables.enterprise.prodname_managed_users %}. +* **Disable for all organizations:** Prevents the creation of runners at the repository level. +* **Disable in all Enterprise Managed User (EMU) repositories:** Prevents the creation of runners for repositories owned by {% data variables.enterprise.prodname_managed_users %}. {% endif %} {% data reusables.actions.disable-selfhosted-runners-note %} @@ -163,8 +163,8 @@ If a policy is enabled for an enterprise, the policy can be selectively disabled In the "Workflow permissions" section, you can set the **default** permissions granted to the `GITHUB_TOKEN`. -* **Read and write permissions**: By default, `GITHUB_TOKEN` has read and write access for all scopes. -* **Read repository contents and packages permissions**: By default, `GITHUB_TOKEN` has only read access for the `contents` and `packages` scopes. The more permissive setting cannot be chosen as the default for individual organizations or repositories. +* **Read and write permissions:** By default, `GITHUB_TOKEN` has read and write access for all scopes. +* **Read repository contents and packages permissions:** By default, `GITHUB_TOKEN` has only read access for the `contents` and `packages` scopes. The more permissive setting cannot be chosen as the default for individual organizations or repositories. Anyone with write access to a repository can still modify the permissions granted to the `GITHUB_TOKEN` for a specific workflow, by editing the `permissions` key in the workflow file. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md index a05e70264f68..16a8d62994a5 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise.md @@ -18,9 +18,9 @@ redirect_from: ## Restricting access by {% data variables.product.pat_generic_plural %} Enterprise owners can prevent their members from using {% data variables.product.pat_generic_plural %} to access resources owned by the enterprise. You can configure these restrictions for {% data variables.product.pat_v1_plural %} and {% data variables.product.pat_v2_plural %} independently with the following options: -* **Allow organizations to configure access requirements**: Each organization owned by the enterprise can decide whether to restrict or permit access by {% data variables.product.pat_generic_plural %}. -* **Restrict access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_generic_caps_plural %} cannot access organizations owned by the enterprise. SSH keys created by these {% data variables.product.pat_generic_plural %} will continue to work. Organizations cannot override this setting. -* **Allow access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_generic_caps_plural %} can access organizations owned by the enterprise. Organizations cannot override this setting. +* **Allow organizations to configure access requirements:** Each organization owned by the enterprise can decide whether to restrict or permit access by {% data variables.product.pat_generic_plural %}. +* **Restrict access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_generic_caps_plural %} cannot access organizations owned by the enterprise. SSH keys created by these {% data variables.product.pat_generic_plural %} will continue to work. Organizations cannot override this setting. +* **Allow access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_generic_caps_plural %} can access organizations owned by the enterprise. Organizations cannot override this setting. Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plural %} will have access to public resources within the organizations managed by your enterprise. @@ -61,9 +61,9 @@ When you set a policy, tokens with non-compliant lifetimes will be blocked from ## Enforcing an approval policy for {% data variables.product.pat_v2_plural %} Enterprise owners can manage approval requirements for each {% data variables.product.pat_v2 %} with the following options: -* **Allow organizations to configure approval requirements**: Enterprise owners can allow each organization in the enterprise to set its own approval requirements for the tokens. -* **Require approval**: Enterprise owners can require that all organizations within the enterprise must approve each {% data variables.product.pat_v2 %} that can access the organization. These tokens can still read public resources within the organization without needing approval. -* **Disable approval**: {% data variables.product.pat_v2_caps %}s created by organization members can access organizations owned by the enterprise without prior approval. Organizations cannot override this setting. +* **Allow organizations to configure approval requirements:** Enterprise owners can allow each organization in the enterprise to set its own approval requirements for the tokens. +* **Require approval:** Enterprise owners can require that all organizations within the enterprise must approve each {% data variables.product.pat_v2 %} that can access the organization. These tokens can still read public resources within the organization without needing approval. +* **Disable approval:** {% data variables.product.pat_v2_caps %}s created by organization members can access organizations owned by the enterprise without prior approval. Organizations cannot override this setting. > [!NOTE] > Only {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}, are subject to approval. Any {% data variables.product.pat_v1 %} can access organization resources without prior approval, unless the organization or enterprise has restricted access by {% data variables.product.pat_v1_plural %} For more information about restricting {% data variables.product.pat_v1_plural %}, see "[Restricting access by {% data variables.product.pat_generic_plural %}](#restricting-access-by-personal-access-tokens)" on this page and "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)." diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md index 2195fac7708e..c70521b51846 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/deleting-users-from-your-instance.md @@ -25,8 +25,8 @@ Once a user account has been deleted, the username will be available for use wit You cannot delete a user that is currently an **organization owner**. -* **If the user is the only owner**: Transfer ownership to another person, or delete the organization. See "[AUTOTITLE](/organizations/managing-organization-settings/transferring-organization-ownership)" and "[AUTOTITLE](/organizations/managing-organization-settings/deleting-an-organization-account)." -* **If there are other owners**: Remove the user from the organization. See "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/removing-yourself-from-an-organization)." +* **If the user is the only owner:** Transfer ownership to another person, or delete the organization. See "[AUTOTITLE](/organizations/managing-organization-settings/transferring-organization-ownership)" and "[AUTOTITLE](/organizations/managing-organization-settings/deleting-an-organization-account)." +* **If there are other owners:** Remove the user from the organization. See "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/removing-yourself-from-an-organization)." You cannot delete **your own user account**. If you need to delete your own user account, ask another site administrator to delete your account for you. diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md index d97e8dd005d7..f18de4c4c0d0 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md @@ -17,8 +17,8 @@ shortTitle: Manage support entitlements People with support entitlements for your enterprise account can use the support portal to open, view, and comment on support tickets associated with the enterprise account. Enterprise owners and billing managers automatically have a support entitlement. Enterprise owners can add support entitlements to a limited number of enterprise members. -* **{% data variables.product.premium_support_plan %}**: Up to 20 members -* **{% data variables.product.premium_plus_support_plan %}**: Up to 40 members +* **{% data variables.product.premium_support_plan %}:** Up to 20 members +* **{% data variables.product.premium_plus_support_plan %}:** Up to 40 members ## Adding a support entitlement to an enterprise member diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md index 9fcb8fc4436c..df5cc267cb0a 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise.md @@ -19,13 +19,13 @@ topics: All users that are part of your enterprise have one of the following roles. -* **Enterprise owner**: Can manage all enterprise settings, members, and policies +* **Enterprise owner:** Can manage all enterprise settings, members, and policies {%- ifversion ghec %} -* **Billing manager**: Can manage enterprise billing settings +* **Billing manager:** Can manage enterprise billing settings {%- endif %} -* **Enterprise member**: Is a member or owner of any organization in the enterprise +* **Enterprise member:** Is a member or owner of any organization in the enterprise {%- ifversion guest-collaborators %} -* **Guest collaborator**: Can be granted access to repositories or organizations, but has limited access by default ({% data variables.product.prodname_emus %} only) +* **Guest collaborator:** Can be granted access to repositories or organizations, but has limited access by default ({% data variables.product.prodname_emus %} only) {%- endif %} {% ifversion ghec %}For information about which users consume a license, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing#people-that-consume-a-license)."{% endif %} diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md index fb4a7b968f5c..bdbaf1a9e429 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md @@ -210,9 +210,9 @@ If you use SAML authentication and SCIM provisioning, you can filter members bas {% data reusables.enterprise-accounts.people-tab %} 1. Select **Account Type**, then choose from the following options. - * **Built-in**: Users with local accounts on {% data variables.location.product_location %} who authenticate with a username and password. - * **SAML linked**: Users who authenticate with SAML via an identity provider, but were not provisioned by SCIM. - * **SAML and SCIM linked**: Users who authenticate with SAML via an identity provider, and were provisioned by SCIM. + * **Built-in:** Users with local accounts on {% data variables.location.product_location %} who authenticate with a username and password. + * **SAML linked:** Users who authenticate with SAML via an identity provider, but were not provisioned by SCIM. + * **SAML and SCIM linked:** Users who authenticate with SAML via an identity provider, and were provisioned by SCIM. {% endif %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md index a390178c36e8..5a5cba59d095 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md +++ b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage.md @@ -144,9 +144,9 @@ To configure {% data variables.product.prodname_ghe_server %} to use OIDC with a {% data reusables.actions.enterprise-enable-checkbox %} {% data reusables.actions.enterprise-s3-storage-setup %} 1. Under "Authentication", select **OpenID Connect (OIDC)**, and enter the values for your storage: - * **AWS S3 Bucket**: The name of your S3 bucket. - * **AWS Role**: The ARN for the role you created in the previous procedures. For example, `arn:aws:iam::123456789:role/my-role-name`. - * **AWS Region**: The AWS region for your bucket. For example, `us-east-1`. + * **AWS S3 Bucket:** The name of your S3 bucket. + * **AWS Role:** The ARN for the role you created in the previous procedures. For example, `arn:aws:iam::123456789:role/my-role-name`. + * **AWS Region:** The AWS region for your bucket. For example, `us-east-1`. {% data reusables.enterprise_management_console.test-storage-button %} {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md index 48d36d6c71c7..91d02869ff20 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md +++ b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md @@ -108,14 +108,14 @@ To configure {% data variables.product.prodname_ghe_server %} to use OIDC with G {% data reusables.actions.enterprise-enable-checkbox %} {% data reusables.actions.enterprise-gcp-storage-setup %} 1. Under "Authentication", select **OpenID Connect (OIDC)**, and enter the values for your storage: - * **Service URL**: The service URL for your bucket. This is usually `https://storage.googleapis.com`. - * **Bucket name**: The name of your bucket. - * **Workload Identity Provider ID**: The identity provider ID for your identity pool. + * **Service URL:** The service URL for your bucket. This is usually `https://storage.googleapis.com`. + * **Bucket name:** The name of your bucket. + * **Workload Identity Provider ID:** The identity provider ID for your identity pool. This is in the format `projects/PROJECT-NUMBER/locations/global/workloadIdentityPools/POOL-NAME/providers/PROVIDER-NAME`. Note that you must remove the `https://iam.googleapis.com/` prefix from the value noted in the previous procedure. For example, `projects/1234567890/locations/global/workloadIdentityPools/my-pool/providers/my-provider`. - * **Service account**: The service account email address that you noted in the previous procedure. For example, `ghes-oidc-service-account@my-project.iam.gserviceaccount.com`. + * **Service account:** The service account email address that you noted in the previous procedure. For example, `ghes-oidc-service-account@my-project.iam.gserviceaccount.com`. {% data reusables.enterprise_management_console.test-storage-button %} {% data reusables.enterprise_management_console.save-settings %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md index 7d0116609acc..4a9b0373b526 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md @@ -269,14 +269,14 @@ Before starting this section, ensure you have followed {% ifversion ghec %}the p On the "Attribute Mapping" tab, you will need to map fields from your LDAP server to SCIM fields. See the following list for {% data variables.product.github %}'s supported SCIM fields and the values expected in each one. -* **Username**: This will be normalized and used as the {% data variables.product.github %} username for the provisioned user. See "[AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication#about-username-normalization)." This must match the normalization of the subject sent with the SAML assertion that you configured with the `SAML_SUBJECT` property in PingFederate. -* **Email**: A field containing the user's email address. -* **Display Name**: A human-readable name for the user. -* **Formatted Name**: The user's full name, including all middle names, titles, and suffixes, formatted for display. -* **First Name**: The first name of the user. -* **Last Name**: The last name of the user. -* **External ID**: This identifier is generated by an IdP provider. -* **Roles**: This field should contain a string that represents the user's intended role on {% data variables.product.github %}. Valid roles are {% ifversion ghec %}`enterprise_owner`, `user`, `billing_manager`, and `guest_collaborator`{% else %}`enterprise_owner` and `user`{% endif %}. +* **Username:** This will be normalized and used as the {% data variables.product.github %} username for the provisioned user. See "[AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication#about-username-normalization)." This must match the normalization of the subject sent with the SAML assertion that you configured with the `SAML_SUBJECT` property in PingFederate. +* **Email:** A field containing the user's email address. +* **Display Name:** A human-readable name for the user. +* **Formatted Name:** The user's full name, including all middle names, titles, and suffixes, formatted for display. +* **First Name:** The first name of the user. +* **Last Name:** The last name of the user. +* **External ID:** This identifier is generated by an IdP provider. +* **Roles:** This field should contain a string that represents the user's intended role on {% data variables.product.github %}. Valid roles are {% ifversion ghec %}`enterprise_owner`, `user`, `billing_manager`, and `guest_collaborator`{% else %}`enterprise_owner` and `user`{% endif %}. When you have finished configuring these settings, click **Next**. diff --git a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md index 635835c14ff3..3c85616cedb2 100644 --- a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md +++ b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md @@ -41,17 +41,17 @@ In these cases, contact {% data variables.contact.contact_enterprise_sales %}. The following changes also apply to single organizations that are automatically upgraded to an enterprise account. For details, see [{% data variables.product.prodname_blog %}](https://github.blog/changelog/2024-06-19-upcoming-automatic-upgrade-to-the-enterprise-account-experience/). -* **Ownership transfer**: Your organization will automatically be owned by the enterprise account. For details, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#about-addition-of-organizations-to-your-enterprise-account)." -* **Ownership roles**: All organization owners will become enterprise owners. -* **Billing details**: The organization’s billing details will now apply to the enterprise account. -* **Billing managers**: All organization billing managers will become enterprise billing managers. -* **Billing process**: {% data variables.product.company_short %} will bill the enterprise account for usage within **all** organizations owned by the enterprise. -* **Enterprise account name**: During the upgrade, the new enterprise account name will match your organization name or be as close as possible if taken. You can rename it after the upgrade. +* **Ownership transfer:** Your organization will automatically be owned by the enterprise account. For details, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#about-addition-of-organizations-to-your-enterprise-account)." +* **Ownership roles:** All organization owners will become enterprise owners. +* **Billing details:** The organization’s billing details will now apply to the enterprise account. +* **Billing managers:** All organization billing managers will become enterprise billing managers. +* **Billing process:** {% data variables.product.company_short %} will bill the enterprise account for usage within **all** organizations owned by the enterprise. +* **Enterprise account name:** During the upgrade, the new enterprise account name will match your organization name or be as close as possible if taken. You can rename it after the upgrade. * **SAML SSO:** Existing SAML SSO will stay at the organization level after being added to the new enterprise account. You can configure SSO at the enterprise level post-upgrade, which will override the organization level. Existing PATs and SAML-authorized tokens will remain unchanged. -* **Policies**: The new enterprise account starts with no policies, so existing organization policies won't be overridden. -* **Spending limits**: Existing organization spending limits transfer to the new enterprise account. Post-upgrade, billing is handled at the enterprise level. To adjust spending limits, under "Settings" in the enterprise account sidebar, select **Billing**. -* **Coupons**: Existing coupons will carry over to the new enterprise account with no interruptions. -* **Workflow permissions**: The new enterprise account will inherit your organization's workflow permissions. If the organization has a permissive setting ("Read and write"), the enterprise account will also default to permissive. Otherwise, it defaults to restrictive ("Read repository contents and packages"). For workflows with the id-token permission, the default changes to read-only due to a February 2023 update. Add an explicit permissions block in these workflows to grant the required permissions. +* **Policies:** The new enterprise account starts with no policies, so existing organization policies won't be overridden. +* **Spending limits:** Existing organization spending limits transfer to the new enterprise account. Post-upgrade, billing is handled at the enterprise level. To adjust spending limits, under "Settings" in the enterprise account sidebar, select **Billing**. +* **Coupons:** Existing coupons will carry over to the new enterprise account with no interruptions. +* **Workflow permissions:** The new enterprise account will inherit your organization's workflow permissions. If the organization has a permissive setting ("Read and write"), the enterprise account will also default to permissive. Otherwise, it defaults to restrictive ("Read repository contents and packages"). For workflows with the id-token permission, the default changes to read-only due to a February 2023 update. Add an explicit permissions block in these workflows to grant the required permissions. ## Upgrading an organization to an enterprise account diff --git a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md index 10fa7812131b..044539d53c9d 100644 --- a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md +++ b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards.md @@ -74,12 +74,12 @@ The system health graphs provide a general overview of services and system resou These graphs include key metrics for the resource utilization of services that power {% data variables.product.prodname_ghe_server %}. They help visualize ongoing issues while processing requests. -* **Nomad jobs**: The CPU and memory usage of individual services. {% data variables.product.prodname_ghe_server %} utilizes Nomad internally as the workload orchestrator. -* **Response code**: The number of responses by status code returned across {% data variables.product.prodname_ghe_server %} services. -* **Response time**: The speed of web requests at the 90th percentile in milliseconds. -* **Active workers**: The number of web workers busy per {% data variables.product.prodname_ghe_server %} application. -* **Queued requests**: The number of web requests queued per {% data variables.product.prodname_ghe_server %} application. It is expected for this panel to display 'No data' when no requests are queued up. -* **ElasticSearch Cluster Health**: The health status of the ElasticSearch cluster, based on the state of its primary and replica shards. This cluster powers {% data variables.product.prodname_ghe_server %} search. +* **Nomad jobs:** The CPU and memory usage of individual services. {% data variables.product.prodname_ghe_server %} utilizes Nomad internally as the workload orchestrator. +* **Response code:** The number of responses by status code returned across {% data variables.product.prodname_ghe_server %} services. +* **Response time:** The speed of web requests at the 90th percentile in milliseconds. +* **Active workers:** The number of web workers busy per {% data variables.product.prodname_ghe_server %} application. +* **Queued requests:** The number of web requests queued per {% data variables.product.prodname_ghe_server %} application. It is expected for this panel to display 'No data' when no requests are queued up. +* **ElasticSearch Cluster Health:** The health status of the ElasticSearch cluster, based on the state of its primary and replica shards. This cluster powers {% data variables.product.prodname_ghe_server %} search. {% endif %} ### Processes diff --git a/content/admin/overview/about-github-enterprise-server.md b/content/admin/overview/about-github-enterprise-server.md index 3b1c23b0aa8a..8e6016152857 100644 --- a/content/admin/overview/about-github-enterprise-server.md +++ b/content/admin/overview/about-github-enterprise-server.md @@ -27,10 +27,10 @@ Most features are released on {% data variables.product.prodname_dotcom_the_webs You can also configure optional features on {% data variables.product.product_name %} to improve the software development lifecycle for your enterprise. -* **{% data variables.product.prodname_actions %}**: Automate CI/CD and development workflows -* **{% data variables.product.prodname_GH_advanced_security %}**: Scan code for secrets and vulnerabilities -* **{% data variables.product.prodname_github_connect %}**: Benefit from data and features on {% data variables.product.prodname_dotcom_the_website %} -* **{% data variables.product.prodname_registry %}**: Host software packages for your enterprise +* **{% data variables.product.prodname_actions %}:** Automate CI/CD and development workflows +* **{% data variables.product.prodname_GH_advanced_security %}:** Scan code for secrets and vulnerabilities +* **{% data variables.product.prodname_github_connect %}:** Benefit from data and features on {% data variables.product.prodname_dotcom_the_website %} +* **{% data variables.product.prodname_registry %}:** Host software packages for your enterprise ## How do I deploy {% data variables.product.product_name %}? diff --git a/content/admin/overview/about-github-for-enterprises.md b/content/admin/overview/about-github-for-enterprises.md index 40f3500f55c2..f7497f3ab8b2 100644 --- a/content/admin/overview/about-github-for-enterprises.md +++ b/content/admin/overview/about-github-for-enterprises.md @@ -69,13 +69,13 @@ When businesses adopt {% data variables.product.prodname_enterprise %}, their re {% data reusables.enterprise.ghe-includes-ghec-and-ghes %} You can choose to use **one or both** of these deployment options. -**With {% data variables.product.prodname_ghe_cloud %}**: +**With {% data variables.product.prodname_ghe_cloud %}:** * Your repositories and other resources are hosted by {% data variables.product.company_short %}, and you'll automatically have access to the latest features and bugfixes. * You can choose for your enterprise to be hosted on {% data variables.product.prodname_dotcom_the_website %} or, for more control over where your company's code and data reside, on your own subdomain of {% data variables.enterprise.data_residency_site %}. * To access your resources, members of your enterprise can use their personal account or, if you use {% data variables.product.prodname_emus %}, you will provision accounts for users using an external system. -**With {% data variables.product.prodname_ghe_server %}**: +**With {% data variables.product.prodname_ghe_server %}:** * You run your own {% data variables.product.prodname_dotcom %} instance, either on-premises or on a public cloud service. * You create accounts for users, and authenticate users using either built-in authentication or an external system. diff --git a/content/apps/using-github-apps/installing-your-own-github-app.md b/content/apps/using-github-apps/installing-your-own-github-app.md index 69d56cd9660a..6ae920fc226a 100644 --- a/content/apps/using-github-apps/installing-your-own-github-app.md +++ b/content/apps/using-github-apps/installing-your-own-github-app.md @@ -20,9 +20,9 @@ shortTitle: Install your own app After creating a {% data variables.product.prodname_github_app %}, you can install it based on its visibility. -* **Only on this account**: The {% data variables.product.prodname_github_app %} can only be installed on the organization or user account that created it.{% ifversion ghec %} If you are an {% data variables.product.prodname_emu %}, this option is not available for apps you create.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise.{% endif %}{% endif %} -* **Any account**: You can install this {% data variables.product.prodname_github_app %} on your user account or any organization account where you are an organization owner.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise. -* **Only enterprise organizations**: If the {% data variables.product.prodname_github_app %} is owned by an enterprise, you can only install the app on organizations within the enterprise. Organizations where you are an organization owner will appear in the installation options.{% endif %}{% ifversion ghec %} +* **Only on this account:** The {% data variables.product.prodname_github_app %} can only be installed on the organization or user account that created it.{% ifversion ghec %} If you are an {% data variables.product.prodname_emu %}, this option is not available for apps you create.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise.{% endif %}{% endif %} +* **Any account:** You can install this {% data variables.product.prodname_github_app %} on your user account or any organization account where you are an organization owner.{% ifversion enterprise-apps-public-beta %} This visibility is not available for apps registered by an enterprise. +* **Only enterprise organizations:** If the {% data variables.product.prodname_github_app %} is owned by an enterprise, you can only install the app on organizations within the enterprise. Organizations where you are an organization owner will appear in the installation options.{% endif %}{% ifversion ghec %} If you are an {% data variables.product.prodname_emu %}, you cannot install a {% data variables.product.prodname_github_app %} on your user account.{% endif %} diff --git a/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index 80ae728046f2..849fb795d97a 100644 --- a/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -14,7 +14,7 @@ shortTitle: Use SSH over HTTPS port --- {% tip %} -**{% data variables.product.prodname_ghe_server %} users**: Accessing {% data variables.product.prodname_ghe_server %} via SSH over the HTTPS port is currently not supported. +**{% data variables.product.prodname_ghe_server %} users:** Accessing {% data variables.product.prodname_ghe_server %} via SSH over the HTTPS port is currently not supported. {% endtip %} diff --git a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md index ed104aeba5dc..e3909c14c799 100644 --- a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md +++ b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md @@ -37,13 +37,13 @@ When you enable {% data variables.product.prodname_secret_scanning %}, you shoul There are a few approaches for tackling newly committed credentials, but one example approach would be: -1. **Notify**: Use webhooks to ensure that any new secret alerts are seen by the right teams as quickly as possible. A webhook fires when a secret alert is either created, resolved, or reopened. You can then parse the webhook payload, and integrate it into any tools you and your team use such Slack, Teams, Splunk, or email. For more information, see "[AUTOTITLE](/webhooks-and-events/webhooks/about-webhooks)" and "[AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert)." -1. **Follow Up**: Create a high-level remediation process that works for all secret types. For example, you could contact the developer who committed the secret and their technical lead on that project, highlighting the dangers of committing secrets to {% data variables.product.prodname_dotcom %}, and asking the them to revoke, and update the detected secret. +1. **Notify:** Use webhooks to ensure that any new secret alerts are seen by the right teams as quickly as possible. A webhook fires when a secret alert is either created, resolved, or reopened. You can then parse the webhook payload, and integrate it into any tools you and your team use such Slack, Teams, Splunk, or email. For more information, see "[AUTOTITLE](/webhooks-and-events/webhooks/about-webhooks)" and "[AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert)." +1. **Follow Up:** Create a high-level remediation process that works for all secret types. For example, you could contact the developer who committed the secret and their technical lead on that project, highlighting the dangers of committing secrets to {% data variables.product.prodname_dotcom %}, and asking the them to revoke, and update the detected secret. > [!NOTE] > You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create an email/message to the responsible people or open an issue. -1. **Educate**: Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well. +1. **Educate:** Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well. Repeat the last two steps for any new secrets leaked. This process encourages developers to take responsibility for managing the secrets used in their code securely, and allows you to measure the reduction in newly committed secrets. @@ -56,13 +56,13 @@ Once you have enabled {% data variables.product.prodname_secret_scanning %}, you Once enabled, you can do the following: -1. **Provide guidance**: Configure a custom link in the message that contributors will see if their push is blocked by {% data variables.product.prodname_secret_scanning %}. The linked resource can provide guidance for contributors on how to resolve the blocked push. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository)." +1. **Provide guidance:** Configure a custom link in the message that contributors will see if their push is blocked by {% data variables.product.prodname_secret_scanning %}. The linked resource can provide guidance for contributors on how to resolve the blocked push. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository)." -1. **Notify**: Define a webhook that specifically tracks {% data variables.secret-scanning.alerts %} created when someone bypasses push protection by using the alert property `"push_protection_bypassed": true`. Or, use the API to get updates on which {% data variables.secret-scanning.alerts %} were the result of a push protection bypass by filtering the list of results for `"push_protection_bypassed": true`. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)." +1. **Notify:** Define a webhook that specifically tracks {% data variables.secret-scanning.alerts %} created when someone bypasses push protection by using the alert property `"push_protection_bypassed": true`. Or, use the API to get updates on which {% data variables.secret-scanning.alerts %} were the result of a push protection bypass by filtering the list of results for `"push_protection_bypassed": true`. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)." {%- ifversion security-overview-push-protection-metrics-page %} -1. **Monitor**: Use security overview to view metrics on how push protection is performing in repositories across your organization, so you can quickly identify any repositories where you might need to take action. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)." +1. **Monitor:** Use security overview to view metrics on how push protection is performing in repositories across your organization, so you can quickly identify any repositories where you might need to take action. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/viewing-metrics-for-secret-scanning-push-protection)." {%- endif %} diff --git a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md index f58b14c6d063..2be02933cdcb 100644 --- a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md +++ b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/using-the-codeql-model-editor.md @@ -25,9 +25,9 @@ When you open the model editor, it analyzes the currently selected {% data varia The model editor has two different modes: -* **Application mode** (default view): The editor lists each external framework used by the selected {% data variables.product.prodname_codeql %} database. When you expand a framework, a list of all calls to and from the external API is shown with the options available to model dataflow through each call. This mode is most useful for improving the {% data variables.product.prodname_codeql %} results for a specific codebase. +* **Application mode (default view)**: The editor lists each external framework used by the selected {% data variables.product.prodname_codeql %} database. When you expand a framework, a list of all calls to and from the external API is shown with the options available to model dataflow through each call. This mode is most useful for improving the {% data variables.product.prodname_codeql %} results for a specific codebase. -* **Dependency mode**: The editor identifies all of the publicly accessible APIs in the selected {% data variables.product.prodname_codeql %} database. This view guides you through modeling each public API that the codebase makes available. When you have finished modeling the entire API, you can save the model and use it to improve the {% data variables.product.prodname_codeql %} analysis for all codebases that use the dependency. +* **Dependency mode:** The editor identifies all of the publicly accessible APIs in the selected {% data variables.product.prodname_codeql %} database. This view guides you through modeling each public API that the codebase makes available. When you have finished modeling the entire API, you can save the model and use it to improve the {% data variables.product.prodname_codeql %} analysis for all codebases that use the dependency. The rest of this article covers the practical aspects of modelling dependencies using the {% data variables.product.prodname_codeql %} model editor. For technical information, see [Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/){% ifversion fpt or ghec or ghes > 3.14 %}, [Customizing Library Models for Python](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-python/), [Customizing Library Models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/), and [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/){% elsif ghes > 3.12 %}, [Customizing Library Models for Ruby](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-ruby/), and [Customizing library models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/){% endif %} in the {% data variables.product.prodname_codeql %} language documentation. diff --git a/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md b/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md index 4ce447da6c9e..fb043eab08c7 100644 --- a/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md @@ -26,8 +26,8 @@ Repository administrators can create {% data variables.dependabot.custom_rules % Organization owners and security managers can set {% data variables.dependabot.custom_rules %} at the organization-level, and then choose if a rule is enforced or enabled across all public {% ifversion ghec %}and private {% endif %} repositories in the organization. - * **Enforced**: If an organization-level rule is "enforced", repository administrators cannot edit, disable, or delete the rule. - * **Enabled**: If an organization-level rule is "enabled", repository administrators can still disable the rule for their repository. + * **Enforced:** If an organization-level rule is "enforced", repository administrators cannot edit, disable, or delete the rule. + * **Enabled:** If an organization-level rule is "enabled", repository administrators can still disable the rule for their repository. > [!NOTE] > In the event that an organization-level rule and a repository-level rule specify conflicting behaviors, the action set out by the organization-level rule takes precedence. Dismissal rules always act before rules which trigger {% data variables.product.prodname_dependabot %} pull requests. diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 986df68a0268..ff14867bd7aa 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -996,18 +996,18 @@ updates: #### Versioning tag glossary -* **`alpha`**: Early version, may be unstable and have incomplete features. -* **`beta`**: More stable than alpha but may still have bugs. -* **`canary`**: Regularly updated pre-release version for testing. -* **`dev`**: Represents development versions. -* **`experimental`**: Versions with experimental features. -* **`latest`**: The latest stable release. -* **`legacy`**: Older or deprecated versions. -* **`next`**: Upcoming release version. -* **`nightly`**: Versions built nightly; often includes the latest changes. -* **`rc`**: Release candidate, close to stable release. -* **`release`**: The official release version. -* **`stable`**: The most reliable, production-ready version. +* **`alpha`:** Early version, may be unstable and have incomplete features. +* **`beta`:** More stable than alpha but may still have bugs. +* **`canary`:** Regularly updated pre-release version for testing. +* **`dev`:** Represents development versions. +* **`experimental`:** Versions with experimental features. +* **`latest`:** The latest stable release. +* **`legacy`:** Older or deprecated versions. +* **`next`:** Upcoming release version. +* **`nightly`:** Versions built nightly; often includes the latest changes. +* **`rc`:** Release candidate, close to stable release. +* **`release`:** The official release version. +* **`stable`:** The most reliable, production-ready version. {% endif %} diff --git a/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md index 48fbce04da2a..345185eb7d45 100644 --- a/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -256,8 +256,8 @@ If you continue to see CI failures, you should remove the group configuration so If you unblock {% data variables.product.prodname_dependabot %}, you can manually trigger a fresh attempt to create a pull request. -* **Security updates**: Display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. -* **Version updates**: On the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked _TIME_ ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. +* **Security updates:** Display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. +* **Version updates:** On the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked _TIME_ ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. ## Further reading diff --git a/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index 4f2544e5e51c..9f9ebbe7a773 100644 --- a/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -42,7 +42,7 @@ topics: * Direct dependencies explicitly declared in a manifest or lockfile * Transitive dependencies declared in a lockfile -**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? +**Check:** Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? ## Why don't I get {% data variables.product.prodname_dependabot_alerts %} for some ecosystems? @@ -50,7 +50,7 @@ topics: It's worth noting that security advisories may exist for other ecosystems. The information in an unreviewed security advisory is provided by the maintainers of a particular repository. This data is not curated by {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.link-browsing-advisory-db %} -**Check**: Does the uncaught vulnerability apply to an unsupported ecosystem? +**Check:** Does the uncaught vulnerability apply to an unsupported ecosystem? ## Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years? @@ -58,7 +58,7 @@ The {% data variables.product.prodname_advisory_database %} was launched in Nove Some information on older vulnerabilities is available, especially where these CVEs are particularly widespread, however some old vulnerabilities are not included in the {% data variables.product.prodname_advisory_database %}. If there's a specific old vulnerability that you need to be included in the database, contact {% data variables.contact.contact_support %}. -**Check**: Does the uncaught vulnerability have a publish date earlier than 2017 in the National Vulnerability Database? +**Check:** Does the uncaught vulnerability have a publish date earlier than 2017 in the National Vulnerability Database? ## Why does {% data variables.product.prodname_advisory_database %} use a subset of published vulnerability data? @@ -80,7 +80,7 @@ Legacy {% data variables.product.prodname_dependabot_alerts %} were grouped into The {% data variables.product.prodname_dependabot_alerts %} count in {% data variables.product.prodname_dotcom %} shows a total for the number of alerts, which is the number of vulnerabilities, not the number of dependencies. -**Check**: If there is a discrepancy in the totals you are seeing, check that you are not comparing alert numbers with dependency numbers. Also check that you are viewing all alerts and not a subset of filtered alerts. +**Check:** If there is a discrepancy in the totals you are seeing, check that you are not comparing alert numbers with dependency numbers. Also check that you are viewing all alerts and not a subset of filtered alerts. {% endif %} ## Can Dependabot ignore specific dependencies? diff --git a/content/code-security/secret-scanning/introduction/about-push-protection.md b/content/code-security/secret-scanning/introduction/about-push-protection.md index 4792c34c38cf..0c957edf3e26 100644 --- a/content/code-security/secret-scanning/introduction/about-push-protection.md +++ b/content/code-security/secret-scanning/introduction/about-push-protection.md @@ -57,19 +57,19 @@ By default, anyone with write access to the repository can choose to bypass push ## About the benefits of push protection -* **Preventative security**: Push protection acts as a frontline defense mechanism by scanning code for secrets at the time of the push. This preventative approach helps to catch potential issues before they are merged into your repository. +* **Preventative security:** Push protection acts as a frontline defense mechanism by scanning code for secrets at the time of the push. This preventative approach helps to catch potential issues before they are merged into your repository. -* **Immediate feedback**: Developers receive instant feedback if a potential secret is detected during a push attempt. This immediate notification allows for quick remediation, reducing the likelihood of sensitive information being exposed. +* **Immediate feedback:** Developers receive instant feedback if a potential secret is detected during a push attempt. This immediate notification allows for quick remediation, reducing the likelihood of sensitive information being exposed. -* **Reduced risk of data leaks**: By blocking commits that contain sensitive information, push protection significantly reduces the risk of accidental data leaks. This helps in safeguarding against unauthorized access to your infrastructure, services, and data. +* **Reduced risk of data leaks:** By blocking commits that contain sensitive information, push protection significantly reduces the risk of accidental data leaks. This helps in safeguarding against unauthorized access to your infrastructure, services, and data. -* **Efficient secret management**: Instead of retrospectively dealing with exposed secrets, developers can address issues at the source. This makes secret management more efficient and less time-consuming. +* **Efficient secret management:** Instead of retrospectively dealing with exposed secrets, developers can address issues at the source. This makes secret management more efficient and less time-consuming. -* **Integration with CI/CD pipelines**: Push Protection can be integrated into your Continuous Integration/Continuous Deployment (CI/CD) pipelines, ensuring that every push is scanned for secrets before it gets deployed. This adds an extra layer of security to your DevOps practices. +* **Integration with CI/CD pipelines:** Push Protection can be integrated into your Continuous Integration/Continuous Deployment (CI/CD) pipelines, ensuring that every push is scanned for secrets before it gets deployed. This adds an extra layer of security to your DevOps practices. -{% ifversion secret-scanning-push-protection-custom-patterns %}* **Ability to detect custom patterns**: Organizations can define custom patterns for detecting secrets unique to their environment. This customization ensures that push Protection can effectively identify and block even non-standard secrets.{% endif %} +{% ifversion secret-scanning-push-protection-custom-patterns %}* **Ability to detect custom patterns:** Organizations can define custom patterns for detecting secrets unique to their environment. This customization ensures that push Protection can effectively identify and block even non-standard secrets.{% endif %} -{% ifversion push-protection-delegated-bypass %}* **Delegated bypass for flexibility**: For cases where false positives occur or when certain patterns are necessary, the delegated bypass feature allows designated users to approve specific pushes. This provides flexibility without compromising overall security.{% endif %} +{% ifversion push-protection-delegated-bypass %}* **Delegated bypass for flexibility:** For cases where false positives occur or when certain patterns are necessary, the delegated bypass feature allows designated users to approve specific pushes. This provides flexibility without compromising overall security.{% endif %} {% ifversion secret-scanning-push-protection-for-users %} diff --git a/content/code-security/secret-scanning/introduction/about-secret-scanning.md b/content/code-security/secret-scanning/introduction/about-secret-scanning.md index ef6afa7c951d..21765ae52294 100644 --- a/content/code-security/secret-scanning/introduction/about-secret-scanning.md +++ b/content/code-security/secret-scanning/introduction/about-secret-scanning.md @@ -48,47 +48,47 @@ You can also use security overview to see an organization-level view of which re Below is a typical workflow that explains how {% data variables.product.prodname_secret_scanning %} works: -* **Detection**: {% data variables.product.prodname_secret_scanning_caps %} automatically scans your repository's contents for sensitive data, such as API keys, passwords, tokens, and other secrets. It looks for patterns and heuristics that match known types of secrets. +* **Detection:** {% data variables.product.prodname_secret_scanning_caps %} automatically scans your repository's contents for sensitive data, such as API keys, passwords, tokens, and other secrets. It looks for patterns and heuristics that match known types of secrets. -* **Alerts**: When a potential secret is detected, {% data variables.product.prodname_dotcom %} generates an alert and notifies the relevant repository administrators and users. This notification includes details about the detected secret, such as its location in the repository. For more information about alert types and alert details, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)." +* **Alerts:** When a potential secret is detected, {% data variables.product.prodname_dotcom %} generates an alert and notifies the relevant repository administrators and users. This notification includes details about the detected secret, such as its location in the repository. For more information about alert types and alert details, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)." -* **Review**: When a secret is detected, you'll need to review the alert details provided. +* **Review:** When a secret is detected, you'll need to review the alert details provided. -* **Remediation**: You then need to take appropriate actions to remediate the exposure. This might include: +* **Remediation:** You then need to take appropriate actions to remediate the exposure. This might include: * Rotating the affected credential to ensure it is no longer usable. * Removing the secret from the repository's history (using tools like BFG Repo-Cleaner or {% data variables.product.prodname_dotcom %}'s built-in features). -* **Monitoring**: It's good practice to regularly audit and monitor your repositories to ensure no other secrets are exposed. +* **Monitoring:** It's good practice to regularly audit and monitor your repositories to ensure no other secrets are exposed. {% ifversion fpt or ghec %} -* **Integration with partners**: {% data variables.product.prodname_dotcom %} works with various service providers to validate secrets. When a partner secret is detected, {% data variables.product.prodname_dotcom %} notifies the provider so they can take appropriate action, such as revoking the credential. For more information about the partnership program, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." +* **Integration with partners:** {% data variables.product.prodname_dotcom %} works with various service providers to validate secrets. When a partner secret is detected, {% data variables.product.prodname_dotcom %} notifies the provider so they can take appropriate action, such as revoking the credential. For more information about the partnership program, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." {% endif %} ## About the benefits of {% data variables.product.prodname_secret_scanning %} -* **Enhanced security**: {% data variables.product.prodname_secret_scanning_caps %} scans your repositories for sensitive information like API keys, passwords, tokens, and other secrets. By detecting these early, you can mitigate potential security risks before they are exploited by malicious actors. +* **Enhanced security:** {% data variables.product.prodname_secret_scanning_caps %} scans your repositories for sensitive information like API keys, passwords, tokens, and other secrets. By detecting these early, you can mitigate potential security risks before they are exploited by malicious actors. -* **Automated detection**: The feature automatically scans your codebase, including commits, issues, and pull requests, ensuring continuous protection without requiring manual intervention. This automation helps in maintaining security even as your repository evolves. +* **Automated detection:** The feature automatically scans your codebase, including commits, issues, and pull requests, ensuring continuous protection without requiring manual intervention. This automation helps in maintaining security even as your repository evolves. -* **Real-time alerts**: When a secret is detected, {% data variables.product.prodname_secret_scanning %} provides real-time alerts to repository administrators and contributors. This immediate feedback allows for swift remediation actions. +* **Real-time alerts:** When a secret is detected, {% data variables.product.prodname_secret_scanning %} provides real-time alerts to repository administrators and contributors. This immediate feedback allows for swift remediation actions. {% ifversion fpt or ghec %} -* **Integration with service providers**: {% data variables.product.prodname_dotcom %} partners with various service providers to validate detected secrets. When a secret is identified, {% data variables.product.prodname_dotcom %} notifies the corresponding service provider to take appropriate actions, such as revoking the exposed credential. For more information, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." +* **Integration with service providers:** {% data variables.product.prodname_dotcom %} partners with various service providers to validate detected secrets. When a secret is identified, {% data variables.product.prodname_dotcom %} notifies the corresponding service provider to take appropriate actions, such as revoking the exposed credential. For more information, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program)." {% endif %} {% ifversion ghec or ghes %} -* **Custom pattern support**: Organizations can define custom patterns to detect proprietary or unique types of secrets that may not be covered by default patterns. This flexibility allows for tailored security measures specific to your environment. +* **Custom pattern support:** Organizations can define custom patterns to detect proprietary or unique types of secrets that may not be covered by default patterns. This flexibility allows for tailored security measures specific to your environment. {% endif %} {% ifversion secret-scanning-non-provider-patterns %} -* **Ability to detect non-provider patterns**: You can expand the detection to include non-provider patterns such as connection strings, authentication headers, and private keys, for your repository or organization. +* **Ability to detect non-provider patterns:** You can expand the detection to include non-provider patterns such as connection strings, authentication headers, and private keys, for your repository or organization. {% endif %} @@ -120,8 +120,8 @@ Define your own patterns for secrets used by your organization that {% data vari ### {% data variables.secret-scanning.copilot-secret-scanning %} -* **{% data variables.secret-scanning.generic-secret-detection-caps %}**: Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to detect unstructured secrets, such as passwords, in your repository. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets)."{% ifversion secret-scanning-custom-pattern-ai-generated %} -* **{% data variables.secret-scanning.custom-pattern-regular-expression-generator-caps %}**: Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to generate regular expressions that will capture all your custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-regex-generator).{% endif %} +* **{% data variables.secret-scanning.generic-secret-detection-caps %}:** Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to detect unstructured secrets, such as passwords, in your repository. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets)."{% ifversion secret-scanning-custom-pattern-ai-generated %} +* **{% data variables.secret-scanning.custom-pattern-regular-expression-generator-caps %}:** Leverage {% data variables.product.prodname_secret_scanning %}'s AI capabilities to generate regular expressions that will capture all your custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-regex-generator).{% endif %} {% endif %} diff --git a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md index 86a5216596ec..b312d0032199 100644 --- a/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md +++ b/content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md @@ -33,19 +33,19 @@ If you believe that {% data variables.product.prodname_secret_scanning %} should This table lists the secrets supported by {% data variables.product.prodname_secret_scanning %}. You can see the types of alert that get generated for each token, as well as whether a validity check is performed on the token. -* **Provider**: Name of the token provider.{% ifversion fpt or ghec %} -* **Partner**: Token for which leaks are reported to the relevant token partner. Applies to public repositories only. -* **User**: Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} +* **Provider:** Name of the token provider.{% ifversion fpt or ghec %} +* **Partner:** Token for which leaks are reported to the relevant token partner. Applies to public repositories only. +* **User:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} * Applies to public repositories, and to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled. * Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which usually have a higher ratio of false positives. * For {% data variables.product.prodname_secret_scanning %} to scan for non-provider patterns, the detection of non-provider patterns must be enabled for the repository or the organization. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository)." {% data reusables.secret-scanning.non-provider-patterns-beta %}{% endif %}{% endif %}{% ifversion ghes %} -* **{% data variables.product.prodname_secret_scanning_caps %} alert**: Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} +* **{% data variables.product.prodname_secret_scanning_caps %} alert:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}.{% ifversion secret-scanning-non-provider-patterns %} * Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled. * Includes {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which often result in false positives.{% else %} Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled.{% endif %}{% endif %} -* **Push protection**: Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}. Applies to repositories with {% data variables.product.prodname_secret_scanning %} and push protection enabled. +* **Push protection:** Token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}. Applies to repositories with {% data variables.product.prodname_secret_scanning %} and push protection enabled. -* **Validity check**: Token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see "[{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security)" in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see "[AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %} +* **Validity check:** Token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see "[{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security)" in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see "[AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %} {% ifversion secret-scanning-non-provider-patterns %} diff --git a/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md b/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md index dab2de9795b8..b8fc5f3468c3 100644 --- a/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md +++ b/content/code-security/secret-scanning/secret-scanning-partnership-program/secret-scanning-partner-program.md @@ -82,10 +82,10 @@ Create a public, internet accessible HTTP endpoint at the URL you provided to us The message body is a JSON array that contains one or more objects, with each object representing a single secret match. Your endpoint should be able to handle requests with a large number of matches without timing out. The keys for each secret match are: -* **token**: The value of the secret match. -* **type**: The unique name you provided to identify your regular expression. -* **url**: The public URL where the match was found (may be empty) -* **source**: Where the token was found on {% data variables.product.prodname_dotcom %}. +* **token:** The value of the secret match. +* **type:** The unique name you provided to identify your regular expression. +* **url:** The public URL where the match was found (may be empty) +* **source:** Where the token was found on {% data variables.product.prodname_dotcom %}. The list of valid values for `source` are: diff --git a/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md b/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md index 2a81b932b264..7f79cf4bbc4b 100644 --- a/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md +++ b/content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api.md @@ -24,7 +24,7 @@ If you make a request with these endpoints whose content includes a supported se To resolve the error, you can either: * **Remove** the secret from the content of your API request before trying again. -* **Create a push protection bypass**: You can bypass push protection using the "Create a push protection bypass" endpoint. For more information, see "[AUTOTITLE](/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28#create-a-push-protection-bypass)." +* **Create a push protection bypass:** You can bypass push protection using the "Create a push protection bypass" endpoint. For more information, see "[AUTOTITLE](/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28#create-a-push-protection-bypass)." ## Further reading diff --git a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md index 1196a061794c..eaad4d26e089 100644 --- a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md +++ b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md @@ -51,9 +51,9 @@ For more information about the {% data variables.product.prodname_advisory_datab ### Glossary -* **Vulnerable Version Range (VVR)**: the range of versions that are vulnerable to a particular software bug. -* **Operator**: any symbol that indicates the boundary of a vulnerable version range. -* **Open Source Vulnerability format (OSV)**: format that the {% data variables.product.prodname_advisory_database %} data strives to be compatible with. +* **Vulnerable Version Range (VVR):** the range of versions that are vulnerable to a particular software bug. +* **Operator:** any symbol that indicates the boundary of a vulnerable version range. +* **Open Source Vulnerability format (OSV):** format that the {% data variables.product.prodname_advisory_database %} data strives to be compatible with. ### Version syntax diff --git a/content/code-security/security-overview/viewing-security-insights.md b/content/code-security/security-overview/viewing-security-insights.md index 26e0f8035658..7c1280cd5e7d 100644 --- a/content/code-security/security-overview/viewing-security-insights.md +++ b/content/code-security/security-overview/viewing-security-insights.md @@ -34,9 +34,9 @@ You can view a variety of metrics about the security alerts in your organization {% ifversion security-overview-3-tab-dashboard %} The dashboard is divided into three tabs, each focused around a different security goal: -* **Detection**: this tab shows metrics about the status and age of alerts in your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}, the secrets that have been blocked or bypassed, and the top repositories and vulnerabilities that pose the highest potential security risk. -* **Remediation**: this tab shows metrics about how alerts are resolved and alert activity over time. -* **Prevention**: this tab shows metrics about how vulnerabilities have been prevented and fixed. +* **Detection:** this tab shows metrics about the status and age of alerts in your organization{% ifversion security-overview-dashboard-enterprise %} or enterprise{% endif %}, the secrets that have been blocked or bypassed, and the top repositories and vulnerabilities that pose the highest potential security risk. +* **Remediation:** this tab shows metrics about how alerts are resolved and alert activity over time. +* **Prevention:** this tab shows metrics about how vulnerabilities have been prevented and fixed. >[!NOTE] > Unlike the **Detection** and **Remediation** tabs which report alerts on the default branch, the **Prevention** tab gives you insights for {% data variables.product.prodname_codeql %} alerts found in merged pull requests. diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md index a8ce6db98c20..e81bd205a4b3 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -139,31 +139,31 @@ For more information about {% data variables.product.prodname_dependabot_updates {% ifversion fpt or ghec %} Public repositories: -* **Dependency graph**: Enabled by default and cannot be disabled. -* **Dependency review**: Enabled by default and cannot be disabled. -* **{% data variables.product.prodname_dependabot_alerts %}**: Not enabled by default. {% data variables.product.prodname_dotcom %} detects insecure dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. +* **Dependency graph:** Enabled by default and cannot be disabled. +* **Dependency review:** Enabled by default and cannot be disabled. +* **{% data variables.product.prodname_dependabot_alerts %}:** Not enabled by default. {% data variables.product.prodname_dotcom %} detects insecure dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account)" or "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." Private repositories: -* **Dependency graph**: Not enabled by default. The feature can be enabled by repository administrators. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +* **Dependency graph:** Not enabled by default. The feature can be enabled by repository administrators. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." {% ifversion fpt %} -* **Dependency review**: Available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +* **Dependency review:** Available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). {% elsif ghec %} -* **Dependency review**: Available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)" and "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +* **Dependency review:** Available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)" and "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." {% endif %} -* **{% data variables.product.prodname_dependabot_alerts %}**: Not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. +* **{% data variables.product.prodname_dependabot_alerts %}:** Not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account)" or "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." Any repository type: -* **{% data variables.product.prodname_dependabot_security_updates %}**: Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." -* **{% data variables.product.prodname_dependabot_version_updates %}**: Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." +* **{% data variables.product.prodname_dependabot_security_updates %}:** Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." +* **{% data variables.product.prodname_dependabot_version_updates %}:** Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." {% endif %} {% ifversion ghes %} -* **Dependency graph** and **{% data variables.product.prodname_dependabot_alerts %}**: Not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." -* **Dependency review**: Available when dependency graph is enabled for your instance and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)." +* **Dependency graph and {% data variables.product.prodname_dependabot_alerts %}:** Not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." +* **Dependency review:** Available when dependency graph is enabled for your instance and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)." {% endif %} {% ifversion ghes %} -* **{% data variables.product.prodname_dependabot_security_updates %}**: Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." -* **{% data variables.product.prodname_dependabot_version_updates %}**: Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." +* **{% data variables.product.prodname_dependabot_security_updates %}:** Not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For information about enabling security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." +* **{% data variables.product.prodname_dependabot_version_updates %}:** Not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling version updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)." {% endif %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md index 951aadd6ca7d..73b98cc49411 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -28,7 +28,7 @@ The dependency graph doesn't automatically include "loose" dependencies. "Loose" However, you can use the {% data variables.dependency-submission-api.name %} to add dependencies to a project's dependency graph, even if the dependencies are not declared in a manifest or lock file, such as dependencies resolved when a project is built. {% data reusables.dependency-graph.dependency-submission-API-short %} For more information on the {% data variables.dependency-submission-api.name %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api)." -**Check**: Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? +**Check:** Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? ## Does the dependency graph detect dependencies specified using variables? @@ -36,7 +36,7 @@ The dependency graph analyzes manifests as they’re pushed to {% data variables However, you can use the {% data variables.dependency-submission-api.name %} to add dependencies to a project's dependency graph, even if the dependencies are only resolved when a project is built. For more information on the {% data variables.dependency-submission-api.name %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api)." -**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? +**Check:** Is the missing dependency declared in the manifest by using a variable for its name or version? ## Are there limits which affect the dependency graph data? From e5877f87572ef5539f7652426b5471007ae53a35 Mon Sep 17 00:00:00 2001 From: Artur Kordowski <9746197+akordowski@users.noreply.github.com> Date: Tue, 26 Nov 2024 21:54:30 +0100 Subject: [PATCH 6/6] Fix text formatting with colon - part 2 (#35433) Co-authored-by: Alex Nguyen <150945400+nguyenalex836@users.noreply.github.com> --- ...ays-for-codespaces-in-your-organization.md | 4 +- .../security-in-github-codespaces.md | 12 +- .../troubleshooting-your-environment.md | 4 +- .../style-guide.md | 22 +- .../using-videos-in-github-docs.md | 24 +- .../about-building-copilot-extensions.md | 18 +- .../building-copilot-skillsets.md | 12 +- ...-availability-of-your-copilot-extension.md | 8 +- .../setting-up-copilot-extensions.md | 8 +- ...ating-a-custom-model-for-github-copilot.md | 24 +- ...factoring-to-implement-a-design-pattern.md | 6 +- ...ring-github-copilot-in-your-environment.md | 6 +- ...g-up-github-copilot-for-your-enterprise.md | 6 +- ...up-github-copilot-for-your-organization.md | 6 +- ...thub-copilot-questions-in-github-mobile.md | 6 +- ...ng-github-copilot-questions-in-your-ide.md | 6 +- ...best-practices-for-using-github-copilot.md | 10 +- .../code-review/using-copilot-code-review.md | 4 +- ...estions-in-your-ide-with-github-copilot.md | 6 +- .../refactoring-code-with-github-copilot.md | 2 +- .../writing-tests-with-github-copilot.md | 18 +- ...egrate-external-tools-with-copilot-chat.md | 12 +- .../about-github-education-for-students.md | 4 +- ...gress-with-the-assignment-overview-page.md | 22 +- .../use-autograding.md | 8 +- .../managing-access-to-your-projects.md | 20 +- ...-tracking-work-for-your-team-or-project.md | 8 +- .../overview/migration-paths-to-github.md | 268 +++++++++--------- .../about-custom-organization-roles.md | 10 +- ...cess-token-policy-for-your-organization.md | 8 +- .../repository-roles-for-an-organization.md | 10 +- .../about-pull-request-reviews.md | 6 +- .../managing-a-merge-queue.md | 10 +- .../viewing-branches-in-your-repository.md | 8 +- .../available-rules-for-rulesets.md | 12 +- .../getting-started-with-the-rest-api.md | 18 +- ...-against-modern-slavery-and-child-labor.md | 6 +- ...thub-copilot-extension-developer-policy.md | 10 +- ...delines-for-legal-requests-of-user-data.md | 22 +- 39 files changed, 337 insertions(+), 337 deletions(-) diff --git a/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md b/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md index 189f12aca9a5..48264e23314e 100644 --- a/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md +++ b/content/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization.md @@ -79,8 +79,8 @@ If you change from **user ownership** to **organization ownership**, existing co {% data reusables.organizations.click-codespaces %} {% data reusables.organizations.click-general %} 1. On the {% data variables.product.prodname_codespaces %} settings page, under "Codespace ownership," select the setting you want for your organization: - * **Organization ownership**: Codespaces can be owned and paid for by your organization. - * **User ownership**: Codespaces are always owned and paid for by the user who creates the codespace. + * **Organization ownership:** Codespaces can be owned and paid for by your organization. + * **User ownership:** Codespaces are always owned and paid for by the user who creates the codespace. 1. Optionally, under "Codespaces access," review the members and collaborators for whom you have enabled {% data variables.product.prodname_codespaces %}. These are the only users who can create codespaces that your organization pays for. See "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization)." diff --git a/content/codespaces/reference/security-in-github-codespaces.md b/content/codespaces/reference/security-in-github-codespaces.md index 56915d838138..d8c9bec7f8c4 100644 --- a/content/codespaces/reference/security-in-github-codespaces.md +++ b/content/codespaces/reference/security-in-github-codespaces.md @@ -42,9 +42,9 @@ Every time a codespace is created or restarted, it's assigned a new {% data vari The token's scope will vary depending on the access you have to the repository where the codespace was created: -* **If you have write access to the repository**: The token will be scoped for read/write access to the repository. -* **If you only have read access to the repository**: The token will only allow the code to be cloned from the source repository. If you make a commit in the codespace, or push a new branch, {% data variables.product.prodname_github_codespaces %} automatically creates a fork of the repository, or links the codespace to an existing fork if you already have one for the upstream repository. The token is updated to have read and write access to the fork. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/using-source-control-in-your-codespace#about-automatic-forking)." -* **If you've authorized your codespace to access other repositories**: The token will be scoped for read or read/write access to the source repository and to any other repositories to which you've authorized access. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces#authorizing-requested-permissions)." +* **If you have write access to the repository:** The token will be scoped for read/write access to the repository. +* **If you only have read access to the repository:** The token will only allow the code to be cloned from the source repository. If you make a commit in the codespace, or push a new branch, {% data variables.product.prodname_github_codespaces %} automatically creates a fork of the repository, or links the codespace to an existing fork if you already have one for the upstream repository. The token is updated to have read and write access to the fork. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/using-source-control-in-your-codespace#about-automatic-forking)." +* **If you've authorized your codespace to access other repositories:** The token will be scoped for read or read/write access to the source repository and to any other repositories to which you've authorized access. For more information, see "[AUTOTITLE](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces#authorizing-requested-permissions)." ### Codespace connections @@ -58,11 +58,11 @@ If you need to connect to a service (such as a development web server) running w Organization owners can restrict the ability to make forward ports available publicly or within the organization. For more information, see "[AUTOTITLE](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)." -**Privately forwarded ports**: Are accessible on the internet, but only the codespace creator can access them, after authenticating to {% data variables.product.product_name %}. +**Privately forwarded ports:** Are accessible on the internet, but only the codespace creator can access them, after authenticating to {% data variables.product.product_name %}. -**Publicly forwarded ports within your organization**: Are accessible on the internet, but only to members of the same organization as the codespace, after authenticating to {% data variables.product.product_name %}. +**Publicly forwarded ports within your organization:** Are accessible on the internet, but only to members of the same organization as the codespace, after authenticating to {% data variables.product.product_name %}. -**Publicly forwarded ports**: Are accessible on the internet, and anyone on the internet can access them. No authentication is needed to access public forwarded ports. +**Publicly forwarded ports:** Are accessible on the internet, and anyone on the internet can access them. No authentication is needed to access public forwarded ports. All forwarded ports are private by default, which means that you will need to authenticate before you can access the port. Access to a codespace's private forwarded ports is controlled by authentication cookies with a 3-hour expiry period. When the cookie expires, you will need to reauthenticate. diff --git a/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md b/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md index 33f5591063d0..fb61f7f58a0c 100644 --- a/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md +++ b/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md @@ -95,13 +95,13 @@ During development, you can visit any page on `http://localhost:4000` and add `? If your text or code example includes content between curly brackets (`{` and `}`), you need to wrap it between {% raw %} and {% raw %} tags to disable Liquid processing for that section. For example: -* **Use**: +* **Use:** 
   GITHUB_TOKEN: {% raw %}${% raw %}{{ secrets.GITHUB_TOKEN }}{% endraw %}{% endraw %}
-* **Avoid**: +* **Avoid:** 
   GITHUB_TOKEN: ${% raw %}${{ secrets.GITHUB_TOKEN }}${% endraw %}
diff --git a/content/contributing/style-guide-and-content-model/style-guide.md b/content/contributing/style-guide-and-content-model/style-guide.md
index b70c30597319..e09ad94fb15c 100644
--- a/content/contributing/style-guide-and-content-model/style-guide.md
+++ b/content/contributing/style-guide-and-content-model/style-guide.md
@@ -29,10 +29,10 @@ We document each of the events that may appear in the audit logs for each type o
 
 When writing the description for an audit log event, describe the event that took place in a way that applies to all versions, using past tense and passive voice. Do not begin the sentence with phrases that are already implied by the context of the article, such as "Triggered by."
 
-* **Use**: The visibility of a repository was changed.
-* **Use**: Secret scanning was enabled for all new repositories.
-* **Avoid**: An organization owner disabled a two-factor authentication requirement for the organization.
-* **Avoid**: Triggered when a user updates which repositories a codespace can access.
+* **Use:** The visibility of a repository was changed.
+* **Use:** Secret scanning was enabled for all new repositories.
+* **Avoid:** An organization owner disabled a two-factor authentication requirement for the organization.
+* **Avoid:** Triggered when a user updates which repositories a codespace can access.
 
 ## Alerts
 
@@ -175,13 +175,13 @@ Within code blocks:
     ```
 
 * If your code example includes `{` or `}` that should render, wrap that section in {% raw %} {% endraw %} to disable Liquid processing for that section.
-  * **Use**:
+  * **Use:**
 
     
     GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
     

 
-  * **Avoid**:
+  * **Avoid:**
 
     
     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -1031,9 +1031,9 @@ A release note for a security fix answers the following questions.
 
 #### Examples of release notes for security fixes
 
-* > **MEDIUM**: An attacker could cause unbounded resource exhaustion on the instance by making parallel requests to the Markdown REST API. To mitigate this issue, {% data variables.product.company_short %} has updated [CommonMarker](https://github.com/gjtorikian/commonmarker). {% data variables.product.company_short %} has requested CVE ID [CVE-2022-39209](https://nvd.nist.gov/vuln/detail/CVE-2022-39209) for this vulnerability.
+* > **MEDIUM:** An attacker could cause unbounded resource exhaustion on the instance by making parallel requests to the Markdown REST API. To mitigate this issue, {% data variables.product.company_short %} has updated [CommonMarker](https://github.com/gjtorikian/commonmarker). {% data variables.product.company_short %} has requested CVE ID [CVE-2022-39209](https://nvd.nist.gov/vuln/detail/CVE-2022-39209) for this vulnerability.
 
-* > **MEDIUM**: An attacker could embed dangerous links in the instance's web UI because pull request preview links did not properly sanitize URLs. This vulnerability was reported via the [{% data variables.product.company_short %} Bug Bounty program](https://bounty.github.com).
+* > **MEDIUM:** An attacker could embed dangerous links in the instance's web UI because pull request preview links did not properly sanitize URLs. This vulnerability was reported via the [{% data variables.product.company_short %} Bug Bounty program](https://bounty.github.com).
 
 #### Base image and package updates
 
@@ -1147,7 +1147,7 @@ A release note for a deprecation answers the following questions.
 
 #### Examples of release notes for deprecations
 
-* > **Upcoming deprecation**: In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
+* > **Upcoming deprecation:** In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
 
 * > Commit comments, which are comments that users add directly to a commit outside of a pull request, no longer appear in the pull request timeline. Users could not reply to or resolve these comments. The Timeline events REST API and the GraphQL API's `PullRequest` object also no longer return commit comments.
 
@@ -1175,7 +1175,7 @@ A release note for a feature that is closing down answers the following question
 
 #### Examples of release notes for features that are closing down
 
-* > **Closing down**: In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
+* > **Closing down:** In {% data variables.product.prodname_ghe_server %} 3.8 and later, to ensure instance security, unsecure algorithms will be disabled for SSH connections to the administrative shell.
 
 * > Commit comments, which are comments that users add directly to a commit outside of a pull request, no longer appear in the pull request timeline. Users could not reply to or resolve these comments. The Timeline events REST API and the GraphQL API's `PullRequest` object also no longer return commit comments.
 
@@ -1201,7 +1201,7 @@ A release note for a retired feature answers the following questions.
 
 #### Examples of release notes for retired features
 
-* > **Retired**: {% data variables.product.github %} no longer supports required workflows for {% data variables.product.prodname_actions %} in {% data variables.product.prodname_ghe_server %} 3.11 and later. Use repository rulesets instead. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-workflows-to-pass-before-merging)."
+* > **Retired:** {% data variables.product.github %} no longer supports required workflows for {% data variables.product.prodname_actions %} in {% data variables.product.prodname_ghe_server %} 3.11 and later. Use repository rulesets instead. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-workflows-to-pass-before-merging)."
 
 {% endif %}
 
diff --git a/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md b/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md
index 94167af8ad49..e0fcea95b887 100644
--- a/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md
+++ b/content/contributing/writing-for-github-docs/using-videos-in-github-docs.md
@@ -45,24 +45,24 @@ Videos are broadly grouped into three categories: product overviews, feature vid
 
 ### Product overviews
 
-* **Purpose**: Briefly explain what the product is, showcase the main functionality, and get people interested
-* **Length**: Less than a minute
-* **Possible audiences**: People who want to know if a feature is useful for their goals, people who are new to {% data variables.product.company_short %} and trying to understand what the products do
-* **Possible locations in the docs**: Landing pages and guides
+* **Purpose:** Briefly explain what the product is, showcase the main functionality, and get people interested
+* **Length:** Less than a minute
+* **Possible audiences:** People who want to know if a feature is useful for their goals, people who are new to {% data variables.product.company_short %} and trying to understand what the products do
+* **Possible locations in the docs:** Landing pages and guides
 
 ### Feature videos
 
-* **Purpose**: Supplement conceptual or procedural content
-* **Length**: As short as possible, without exceeding five minutes. Break longer content into multiple shorter, focused videos
-* **Possible audiences**: People who are learning about or how to use a feature
-* **Possible locations in the docs**: Guides, conceptual articles, procedural articles
+* **Purpose:** Supplement conceptual or procedural content
+* **Length:** As short as possible, without exceeding five minutes. Break longer content into multiple shorter, focused videos
+* **Possible audiences:** People who are learning about or how to use a feature
+* **Possible locations in the docs:** Guides, conceptual articles, procedural articles
 
 ### Tutorials
 
-* **Purpose**: Help novice users get going with a product, drive adoption, or explain complex functionalities
-* **Length**: Individual videos should be five minutes or less. Complex topics can have a series of shorter videos spread across an article. Total length should be a maximum of 15 minutes
-* **Possible audiences**: New users of features or products
-* **Possible locations**: Guides
+* **Purpose:** Help novice users get going with a product, drive adoption, or explain complex functionalities
+* **Length:** Individual videos should be five minutes or less. Complex topics can have a series of shorter videos spread across an article. Total length should be a maximum of 15 minutes
+* **Possible audiences:** New users of features or products
+* **Possible locations:** Guides
 
 ## When to use videos
 
diff --git a/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md b/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md
index cbc46622b2ad..eca5460c8121 100644
--- a/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md
+++ b/content/copilot/building-copilot-extensions/about-building-copilot-extensions.md
@@ -15,10 +15,10 @@ type: overview
 
 {% data variables.product.prodname_copilot_extensions_short %} are integrations that expand the functionality of {% data variables.product.prodname_copilot_chat_short %}, allowing developers to bring external tools, services, and custom behaviors into the Chat experience. You can use {% data variables.product.prodname_copilot_extensions_short %} to extend the capabilities of {% data variables.product.prodname_copilot_chat_short %} in a variety of ways, including:
 
-* **Querying documentation**: A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party documentation service to find information about a specific topic.
-* **AI-assisted coding**: A {% data variables.product.prodname_copilot_extension_short %} can use a third-party AI model to provide code suggestions.
-* **Data retrieval**: A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party data service to retrieve information about a specific topic.
-* **Action execution**: A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to execute a specific action, such as posting to a message board or updating a tracking item in an external system.
+* **Querying documentation:** A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party documentation service to find information about a specific topic.
+* **AI-assisted coding:** A {% data variables.product.prodname_copilot_extension_short %} can use a third-party AI model to provide code suggestions.
+* **Data retrieval:** A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to query a third-party data service to retrieve information about a specific topic.
+* **Action execution:** A {% data variables.product.prodname_copilot_extension_short %} can allow {% data variables.product.prodname_copilot_chat_short %} to execute a specific action, such as posting to a message board or updating a tracking item in an external system.
 
 ## About building {% data variables.product.prodname_copilot_extensions %}
 
@@ -57,13 +57,13 @@ For more information about skillsets, see "[AUTOTITLE](/copilot/building-copilot
 
 Before creating your own {% data variables.product.prodname_copilot_extension %} from scratch, you may want to explore an existing {% data variables.product.prodname_copilot_agent_short %}, then integrate it with a {% data variables.product.prodname_github_app %} to see how it works. {% data variables.product.company_short %} provides a few example {% data variables.product.prodname_copilot_agents_short %} that you can clone and use as the basis for your own {% data variables.product.prodname_copilot_extension %}:
 
-* **Blackbeard**: A simple {% data variables.product.prodname_copilot_agent_short %} that responds to requests like a pirate, using {% data variables.product.prodname_copilot_short %}'s LLM API and special system prompts. It is a good starting point for learning how to build a {% data variables.product.prodname_copilot_extension %}. For more information, see the [Blackbeard {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/blackbeard-extension).
-* **{% data variables.product.prodname_github_models %}**: A more complex {% data variables.product.prodname_copilot_agent_short %} that lets you ask about and interact with various LLMs listed on the {% data variables.product.prodname_marketplace %} from within {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [{% data variables.product.prodname_github_models %} {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/github-models-extension).
+* **Blackbeard:** A simple {% data variables.product.prodname_copilot_agent_short %} that responds to requests like a pirate, using {% data variables.product.prodname_copilot_short %}'s LLM API and special system prompts. It is a good starting point for learning how to build a {% data variables.product.prodname_copilot_extension %}. For more information, see the [Blackbeard {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/blackbeard-extension).
+* **{% data variables.product.prodname_github_models %}:** A more complex {% data variables.product.prodname_copilot_agent_short %} that lets you ask about and interact with various LLMs listed on the {% data variables.product.prodname_marketplace %} from within {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [{% data variables.product.prodname_github_models %} {% data variables.product.prodname_copilot_extension_short %}](https://github.com/copilot-extensions/github-models-extension).
 
     > [!NOTE] {% data variables.product.prodname_github_models %} are in {% data variables.release-phases.public_preview %} and subject to change. To request access, join the [waitlist](https://github.com/marketplace/models/waitlist).
-* **Function calling**: an example agent written in Go that demonstrates function calling and confirmation dialogues. For more information, see the [Function calling extension](https://github.com/copilot-extensions/function-calling-extension).
-* **RAG extension**: an example agent written in Go that demonstrates a simple implementation of retrieval augmented generation. For more information, see the [RAG extension](https://github.com/copilot-extensions/rag-extension).
-* **Preview SDK**: An SDK that simplifies the process of building {% data variables.product.prodname_copilot_extensions %} by handling request verification, response formatting, and API interactions. It allows builders to focus on their extension's core functionality rather than boilerplate, by streamlining the integration of tools, APIs, and data sources into {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [Preview SDK](https://github.com/copilot-extensions/preview-sdk.js).
+* **Function calling:** an example agent written in Go that demonstrates function calling and confirmation dialogues. For more information, see the [Function calling extension](https://github.com/copilot-extensions/function-calling-extension).
+* **RAG extension:** an example agent written in Go that demonstrates a simple implementation of retrieval augmented generation. For more information, see the [RAG extension](https://github.com/copilot-extensions/rag-extension).
+* **Preview SDK:** An SDK that simplifies the process of building {% data variables.product.prodname_copilot_extensions %} by handling request verification, response formatting, and API interactions. It allows builders to focus on their extension's core functionality rather than boilerplate, by streamlining the integration of tools, APIs, and data sources into {% data variables.product.prodname_copilot_chat_short %}. For more information, see the [Preview SDK](https://github.com/copilot-extensions/preview-sdk.js).
 
 ## About building {% data variables.product.prodname_copilot_extensions_vsc %}
 
diff --git a/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md b/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md
index 80b9a72b2bac..34e105ea4e11 100644
--- a/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md
+++ b/content/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/building-copilot-skillsets.md
@@ -19,8 +19,8 @@ type: how_to
 
 Before you begin, make sure you have the following:
 
-1. **A configured {% data variables.product.prodname_github_app %}**: You’ll need a {% data variables.product.prodname_github_app %} to act as the container for your skillset. If you haven’t already set one up, refer to "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/creating-a-github-app-for-your-copilot-extension)" and "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-github-app-for-your-copilot-extension)".
-1. **API endpoints**: You need one endpoint per skill. Each endpoint must:
+1. **A configured {% data variables.product.prodname_github_app %}:** You’ll need a {% data variables.product.prodname_github_app %} to act as the container for your skillset. If you haven’t already set one up, refer to "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/creating-a-github-app-for-your-copilot-extension)" and "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-github-app-for-your-copilot-extension)".
+1. **API endpoints:** You need one endpoint per skill. Each endpoint must:
     * Accept POST requests with the `application/json` MIME type
     * Be able to verify the signature of requests from {% data variables.product.github %} to authenticate their origin and prevent unauthorized access
     * Be publicly accessible via HTTPS
@@ -30,10 +30,10 @@ For more information about signature verification, see "[Verifying that payloads
 ## Configuration requirements
 
 Each skillset is defined within a {% data variables.product.prodname_github_app %}. A single{% data variables.product.prodname_github_app %} can contain up to five skills. Each individual skill needs:
-* **Name**: A clear and descriptive name (for example, "Get Issues").
-* **Inference description**: A detailed explanation of what the skill does and when to use it (for example, "Searches for external issues matching specific criteria like status and labels").
-* **API endpoint**: A POST endpoint that accepts JSON requests.
-* **JSON schema**: The structure of data your endpoint expects.
+* **Name:** A clear and descriptive name (for example, "Get Issues").
+* **Inference description:** A detailed explanation of what the skill does and when to use it (for example, "Searches for external issues matching specific criteria like status and labels").
+* **API endpoint:** A POST endpoint that accepts JSON requests.
+* **JSON schema:** The structure of data your endpoint expects.
 
 ### Example JSON schema
 
diff --git a/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md b/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md
index afc0ede58557..7db995f7936f 100644
--- a/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md
+++ b/content/copilot/building-copilot-extensions/managing-the-availability-of-your-copilot-extension.md
@@ -13,8 +13,8 @@ type: how_to
 
 When you build a {% data variables.product.prodname_copilot_extension_short %}, you have two options for the visibility of your {% data variables.product.prodname_github_app %}:
 
-* **Public**: Any user or organization account with the link to your app's installation page can install it. Making your app public automatically creates a public installation page, but does not list the app on the {% data variables.product.prodname_marketplace %}.
-* **Private**: Only the user or organization account that created the app can install it.
+* **Public:** Any user or organization account with the link to your app's installation page can install it. Making your app public automatically creates a public installation page, but does not list the app on the {% data variables.product.prodname_marketplace %}.
+* **Private:** Only the user or organization account that created the app can install it.
 
 If you make your app public, you can choose to publish it on the {% data variables.product.prodname_marketplace %}.
 
@@ -25,8 +25,8 @@ If you make your app public, you can choose to publish it on the {% data variabl
 1. At the bottom of the sidebar, select **{% octicon "code" aria-hidden="true" %} Developer settings**, then click **{% data variables.product.prodname_github_apps %}**.
 1. In the "{% data variables.product.prodname_github_apps %}" section, next to the name of your {% data variables.product.prodname_copilot_extension_short %}, click **Edit**.
 1. In the sidebar, click **Advanced**. At the bottom of the "Danger Zone" section, you will see one of two options:
-   * **Make public**: If you see the **Make public** option, your {% data variables.product.prodname_github_app %} is currently private, and can only be installed by the organization or user that created the app. You can click **Make public** to allow any other account with the link to your app's installation page to install your {% data variables.product.prodname_copilot_extension_short %}, or leave your settings as they are to keep your app private.
-   * **Make private**: If you see the **Make private** option, your {% data variables.product.prodname_github_app %} is currently public, and can be installed by any account with the link to your app's installation page. You can click **Make private** to only allow the organization or user that created the app to install it, or leave your settings as they are to keep your app public.
+   * **Make public:** If you see the **Make public** option, your {% data variables.product.prodname_github_app %} is currently private, and can only be installed by the organization or user that created the app. You can click **Make public** to allow any other account with the link to your app's installation page to install your {% data variables.product.prodname_copilot_extension_short %}, or leave your settings as they are to keep your app private.
+   * **Make private:** If you see the **Make private** option, your {% data variables.product.prodname_github_app %} is currently public, and can be installed by any account with the link to your app's installation page. You can click **Make private** to only allow the organization or user that created the app to install it, or leave your settings as they are to keep your app public.
 1. Optionally, if your {% data variables.product.prodname_github_app %} is public, you can share the link to the installation page for your {% data variables.product.prodname_copilot_extension_short %}. In the sidebar, click **Public page** in the sidebar, then copy the link for your listing.
 
 ## Listing your {% data variables.product.prodname_copilot_extension_short %} on the {% data variables.product.prodname_marketplace %}
diff --git a/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md b/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md
index bac3cb166ba2..882c65254cc8 100644
--- a/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md
+++ b/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md
@@ -56,8 +56,8 @@ To create a {% data variables.product.prodname_copilot_extension_short %}, you n
 ## 6. Choose the availability of your {% data variables.product.prodname_copilot_extension_short %}
 
 Choose one of two visibility levels for your {% data variables.product.prodname_copilot_extension_short %}:
-* **Public**: Any user or organization account with the installation page link for the extension can install it.
-* **Private**: Only the user or organization account that created the extension can install it.
+* **Public:** Any user or organization account with the installation page link for the extension can install it.
+* **Private:** Only the user or organization account that created the extension can install it.
 
 If you make your {% data variables.product.prodname_copilot_extension_short %} public, you can then choose to list it on the {% data variables.product.prodname_marketplace %}.
 
@@ -94,8 +94,8 @@ To create a {% data variables.product.prodname_copilot_extension_short %}, you n
 ## 5. Choose the availability of your {% data variables.product.prodname_copilot_skillset_short %}
 
 Choose one of two visibility levels for your {% data variables.product.prodname_copilot_extension_short %}:
-* **Public**: Any user or organization account with the installation page link for the extension can install it.
-* **Private**: Only the user or organization account that created the extension can install it.
+* **Public:** Any user or organization account with the installation page link for the extension can install it.
+* **Private:** Only the user or organization account that created the extension can install it.
 
 If you make your {% data variables.product.prodname_copilot_extension_short %} public, you can then choose to list it on the {% data variables.product.prodname_marketplace %}.
 
diff --git a/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md b/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md
index 26b1bafd4e4a..3c12355fcd45 100644
--- a/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md
+++ b/content/copilot/customizing-copilot/creating-a-custom-model-for-github-copilot.md
@@ -135,33 +135,33 @@ When you create a custom model, you can choose to allow {% data variables.produc
 
 ### What telemetry data is collected?
 
-* **Prompts**: This includes all the information sent to the {% data variables.product.prodname_copilot %} language model by the {% data variables.product.prodname_copilot_short %} extension, including context from your open files.
-* **Suggestions**: The code completion suggestions that {% data variables.product.prodname_copilot_short %} generates.
-* **Code snippet**: A snapshot of the code 30 seconds after a suggestion is accepted, capturing how the suggestion was integrated into the codebase. This helps determine whether the suggestion was accepted as is or modified by the user before final integration.
+* **Prompts:** This includes all the information sent to the {% data variables.product.prodname_copilot %} language model by the {% data variables.product.prodname_copilot_short %} extension, including context from your open files.
+* **Suggestions:** The code completion suggestions that {% data variables.product.prodname_copilot_short %} generates.
+* **Code snippet:** A snapshot of the code 30 seconds after a suggestion is accepted, capturing how the suggestion was integrated into the codebase. This helps determine whether the suggestion was accepted as is or modified by the user before final integration.
 
 ### How is telemetry data used?
 
 Telemetry data is primarily used to fine-tune the {% data variables.product.prodname_copilot_short %} custom model to better understand and predict your organization’s coding patterns. Specifically, it helps:
 
-* **Enhance model accuracy**: By analyzing the collected telemetry, {% data variables.product.prodname_copilot_short %} refines your custom model to increase the relevance and accuracy of future coding suggestions.
-* **Monitor performance**: Telemetry data allows {% data variables.product.company_short %} to monitor how well custom models are performing compared to the base model, enabling ongoing improvements.
-* **Feedback loops**: The data helps {% data variables.product.company_short %} create feedback loops where the model learns from real-world usage, adapting to your specific coding environment over time.
+* **Enhance model accuracy:** By analyzing the collected telemetry, {% data variables.product.prodname_copilot_short %} refines your custom model to increase the relevance and accuracy of future coding suggestions.
+* **Monitor performance:** Telemetry data allows {% data variables.product.company_short %} to monitor how well custom models are performing compared to the base model, enabling ongoing improvements.
+* **Feedback loops:** The data helps {% data variables.product.company_short %} create feedback loops where the model learns from real-world usage, adapting to your specific coding environment over time.
 
 ### Data storage and retention
 
-* **Data storage**: All telemetry data collected is stored in the {% data variables.product.prodname_copilot_short %} Data Store, a secure and restricted environment. The data is encrypted and isolated to prevent unauthorized access.
-* **Retention period**: Telemetry data is retained for a rolling 28-day period. After this period, the data is automatically deleted from {% data variables.product.company_short %}'s systems, ensuring that only recent and relevant data is used for model training and improvement.
+* **Data storage:** All telemetry data collected is stored in the {% data variables.product.prodname_copilot_short %} Data Store, a secure and restricted environment. The data is encrypted and isolated to prevent unauthorized access.
+* **Retention period:** Telemetry data is retained for a rolling 28-day period. After this period, the data is automatically deleted from {% data variables.product.company_short %}'s systems, ensuring that only recent and relevant data is used for model training and improvement.
 
 ### Privacy and data security
 
 {% data variables.product.company_short %} is committed to ensuring that your organization’s data remains private and secure.
 
-* **Exclusive use**: The telemetry data collected from your organization is used exclusively for training your custom model and is never shared with other organizations or used to train other customers’ models.
-* **Data leakage prevention**: {% data variables.product.company_short %} implements strict data isolation protocols to prevent cross-contamination between different organizations’ data. This means that your proprietary code and information are protected from exposure to other organizations or individuals.
+* **Exclusive use:** The telemetry data collected from your organization is used exclusively for training your custom model and is never shared with other organizations or used to train other customers’ models.
+* **Data leakage prevention:** {% data variables.product.company_short %} implements strict data isolation protocols to prevent cross-contamination between different organizations’ data. This means that your proprietary code and information are protected from exposure to other organizations or individuals.
 
 ### Important considerations
 
-* **Opt-in for telemetry**: Participation in telemetry data collection is optional and controlled via your organization’s admin policies. Telemetry data is only collected when explicitly enabled for training custom models.
-* **Potential risks**: Although {% data variables.product.company_short %} takes extensive measures to prevent data leakage, there are scenarios where sensitive data, such as internal links or names, could be included in the telemetry and subsequently used in training. We recommend reviewing and filtering the data you submit for training to minimize these risks.
+* **Opt-in for telemetry:** Participation in telemetry data collection is optional and controlled via your organization’s admin policies. Telemetry data is only collected when explicitly enabled for training custom models.
+* **Potential risks:** Although {% data variables.product.company_short %} takes extensive measures to prevent data leakage, there are scenarios where sensitive data, such as internal links or names, could be included in the telemetry and subsequently used in training. We recommend reviewing and filtering the data you submit for training to minimize these risks.
 
   For more details about our data-handling practices, see the [{% data variables.product.prodname_copilot %} Trust Center](https://resources.github.com/copilot-trust-center) or review {% data variables.product.company_short %}’s [data protection agreement](https://github.com/customer-terms/github-data-protection-agreement).
diff --git a/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md b/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md
index 1779d99d4cbd..9cf6ebbd8a4f 100644
--- a/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md
+++ b/content/copilot/example-prompts-for-github-copilot-chat/refactoring-code/refactoring-to-implement-a-design-pattern.md
@@ -60,9 +60,9 @@ getAge("Mario");
 
 {% data variables.product.prodname_copilot_short %} suggests the following patterns:
 
-* **Singleton pattern**: to ensure that there is only one instance of the `people` object.
-* **Factory pattern**: to create a factory for creating `Person` objects.
-* **Module pattern**: to encapsulate the `people` object and related functions within a module to avoid polluting the global namespace.
+* **Singleton pattern:** to ensure that there is only one instance of the `people` object.
+* **Factory pattern:** to create a factory for creating `Person` objects.
+* **Module pattern:** to encapsulate the `people` object and related functions within a module to avoid polluting the global namespace.
 
 ## Example prompt 2
 
diff --git a/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md b/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md
index 9c0f1910da00..44beb7bc7054 100644
--- a/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md
+++ b/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md
@@ -103,9 +103,9 @@ To configure language settings in the `github-copilot.xml` file, you must edit t
 
 The file is located in the following directory:
 
-* **macOS**: `~/Library/Application Support/JetBrains//options/github-copilot.xml`
-* **Windows**: `%APPDATA%\JetBrains\\options\github-copilot.xml`
-* **Linux**: `~/.config/JetBrains//options/github-copilot.xml`
+* **macOS:** `~/Library/Application Support/JetBrains//options/github-copilot.xml`
+* **Windows:** `%APPDATA%\JetBrains\\options\github-copilot.xml`
+* **Linux:** `~/.config/JetBrains//options/github-copilot.xml`
 
 For example, if you are using IntelliJ IDEA 2021.1 on macOS, the file is located at `~/Library/Application Support/JetBrains/IdeaIC2021.1/options/github-copilot.xml`.
 
diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md
index de1efb4661f8..883a9bda8b87 100644
--- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md
+++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md
@@ -34,6 +34,6 @@ Enable {% data variables.product.prodname_copilot_short %} for some or all organ
 
 ## 5. Share onboarding material
 
-* **Share onboarding material**: Share onboarding material with each organization that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization)."
-* **Encourage adoption**: Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your enterprise. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your enterprise.
-* **Set up training sessions or workshops**: Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
+* **Share onboarding material:** Share onboarding material with each organization that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization)."
+* **Encourage adoption:** Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your enterprise. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your enterprise.
+* **Set up training sessions or workshops:** Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md
index 46aa9a042993..3524118f5034 100644
--- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md
+++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md
@@ -41,9 +41,9 @@ Alternatively, you can set up a self-serve workflow using the API. See "[Add tea
 
 ## 5. Share onboarding material
 
-* **Share onboarding material**: Share onboarding material with each member that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself)" and "[AUTOTITLE](/copilot/using-github-copilot/best-practices-for-using-github-copilot)."
-* **Encourage adoption**: Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your organization. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your organization.
-* **Set up training sessions or workshops**: Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
+* **Share onboarding material:** Share onboarding material with each member that you granted {% data variables.product.prodname_copilot_short %} access to. See "[AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself)" and "[AUTOTITLE](/copilot/using-github-copilot/best-practices-for-using-github-copilot)."
+* **Encourage adoption:** Encouragement from leadership can help drive adoption of {% data variables.product.prodname_copilot_short %} in your organization. Consider messaging your support of {% data variables.product.prodname_copilot_short %} and how it can help your organization.
+* **Set up training sessions or workshops:** Training sessions or workshops can help members learn how to use {% data variables.product.prodname_copilot_short %} effectively.
 
 ## 6. Enhance the {% data variables.product.prodname_copilot_short %} experience
 
diff --git a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md
index 8f1deaa75991..a6a368d6a472 100644
--- a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md
+++ b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-github-mobile.md
@@ -44,12 +44,12 @@ The following {% ifversion fpt %}limitation applies{% else %} limitations apply{
 
 To use {% data variables.product.prodname_copilot_mobile_short %} you will need the following.
 
-* **Subscription to {% data variables.product.prodname_copilot %}**: You must have an active {% data variables.product.prodname_copilot %} subscription. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot)."
+* **Subscription to {% data variables.product.prodname_copilot %}:** You must have an active {% data variables.product.prodname_copilot %} subscription. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot)."
 
    If you do not have a {% data variables.product.prodname_copilot %} subscription, you can purchase a {% data variables.product.prodname_copilot_individuals_short %} subscription directly in the iOS version of {% data variables.product.prodname_mobile %}, or in the Google Play Store for the Android version of {% data variables.product.prodname_mobile %}.
 
-* **Access to {% data variables.product.prodname_copilot_mobile_short %}**: If you are part of an organization{% ifversion ghec %} or enterprise{% endif %} with a {% data variables.product.prodname_copilot_for_business %}{% ifversion ghec %} or {% data variables.product.prodname_copilot_enterprise %}{% endif %} subscription, the organization{% ifversion ghec %} or enterprise{% endif %} owner will need to grant you access to {% data variables.product.prodname_copilot_mobile_short %}. For more information, see "[AUTOTITLE](/copilot/github-copilot-chat/copilot-chat-in-github-mobile/enabling-github-copilot-chat-for-github-mobile)."
-* **Enable {% data variables.product.prodname_copilot_short %} features for your device**: {% data variables.product.prodname_copilot_short %} needs to be enabled from within {% data variables.product.prodname_mobile %}. For more information, see "[AUTOTITLE](/copilot/using-github-copilot/getting-started-with-github-copilot#enabling-or-disabling-copilot-in-github-mobile)." If you cannot see the {% data variables.product.prodname_copilot_short %} logo in the {% data variables.product.prodname_mobile %} home page, you may need to update your app version.
+* **Access to {% data variables.product.prodname_copilot_mobile_short %}:** If you are part of an organization{% ifversion ghec %} or enterprise{% endif %} with a {% data variables.product.prodname_copilot_for_business %}{% ifversion ghec %} or {% data variables.product.prodname_copilot_enterprise %}{% endif %} subscription, the organization{% ifversion ghec %} or enterprise{% endif %} owner will need to grant you access to {% data variables.product.prodname_copilot_mobile_short %}. For more information, see "[AUTOTITLE](/copilot/github-copilot-chat/copilot-chat-in-github-mobile/enabling-github-copilot-chat-for-github-mobile)."
+* **Enable {% data variables.product.prodname_copilot_short %} features for your device:** {% data variables.product.prodname_copilot_short %} needs to be enabled from within {% data variables.product.prodname_mobile %}. For more information, see "[AUTOTITLE](/copilot/using-github-copilot/getting-started-with-github-copilot#enabling-or-disabling-copilot-in-github-mobile)." If you cannot see the {% data variables.product.prodname_copilot_short %} logo in the {% data variables.product.prodname_mobile %} home page, you may need to update your app version.
 
 ## Asking a general question about software development
 
diff --git a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md
index 376127e7b934..3bfccf8d9669 100644
--- a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md
+++ b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md
@@ -167,9 +167,9 @@ You can tell {% data variables.product.prodname_copilot_short %} to answer a que
 
 In addition to submitting prompts through the chat view, you can submit prompts in other ways:
 
-* **Inline**: To start an inline chat directly in the editor or integrated terminal, enter Command+i (Mac) / Ctrl+i (Windows/Linux).
-* **Quick chat**: To open the quick chat dropdown, enter Shift+Command+i (Mac) / Shift+Ctrl+i (Windows/Linux)
-* **Smart actions**: To submit prompts via the context menu, right click in your editor, select **Copilot** in the menu that appears, then select one of the actions. Smart actions can also be accessed via the sparkle icon that sometimes appears when you select a line of code.
+* **Inline:** To start an inline chat directly in the editor or integrated terminal, enter Command+i (Mac) / Ctrl+i (Windows/Linux).
+* **Quick chat:** To open the quick chat dropdown, enter Shift+Command+i (Mac) / Shift+Ctrl+i (Windows/Linux)
+* **Smart actions:** To submit prompts via the context menu, right click in your editor, select **Copilot** in the menu that appears, then select one of the actions. Smart actions can also be accessed via the sparkle icon that sometimes appears when you select a line of code.
 
 See [inline chat](https://code.visualstudio.com/docs/copilot/copilot-chat#_inline-chat), [quick chat](https://code.visualstudio.com/docs/copilot/copilot-chat#_quick-chat), and [chat smart actions](https://code.visualstudio.com/docs/copilot/copilot-chat#_chat-smart-actions) in the {% data variables.product.prodname_vscode %} documentation for more details.
 
diff --git a/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md b/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md
index 40ea80fbcef6..7f50d22018c6 100644
--- a/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md
+++ b/content/copilot/using-github-copilot/best-practices-for-using-github-copilot.md
@@ -12,14 +12,14 @@ shortTitle: Best practices
 
 {% data variables.product.prodname_copilot %} is an AI coding assistant that helps you write code faster and with less effort, allowing you to focus more energy on problem solving and collaboration. Before you start working with {% data variables.product.prodname_copilot_short %}, it's important to understand when you should and shouldn't use it.
 
-**Some of the things {% data variables.product.prodname_copilot_short %} does best include**:
+**Some of the things {% data variables.product.prodname_copilot_short %} does best include:**
 
 * Writing tests and repetitive code
 * Debugging and correcting syntax
 * Explaining and commenting code
 * Generating regular expressions
 
-**{% data variables.product.prodname_copilot_short %} is not designed to**:
+**{% data variables.product.prodname_copilot_short %} is not designed to:**
 
 * Respond to prompts unrelated to coding and technology
 * Replace your expertise and skills. Remember that you are in charge, and {% data variables.product.prodname_copilot_short %} is a powerful tool at your service.
@@ -28,14 +28,14 @@ shortTitle: Best practices
 
 While {% data variables.product.prodname_copilot_short %} code completions and {% data variables.product.prodname_copilot_chat_short %} share some functionality, the two tools are best used in different circumstances.
 
-**Code completions work best for**:
+**Code completions work best for:**
 
 * Completing code snippets, variable names, and functions as you write them
 * Generating repetitive code
 * Generating code from inline comments in natural language
 * Generating tests for test-driven development
 
-**Alternatively, {% data variables.product.prodname_copilot_chat_short %} is best suited for**:
+**Alternatively, {% data variables.product.prodname_copilot_chat_short %} is best suited for:**
 
 * Answering questions about code in natural language
 * Generating large sections of code, then iterating on that code to meet your needs
@@ -67,7 +67,7 @@ While {% data variables.product.prodname_copilot_short %} is very powerful, it i
 
 There are several adjustments you can make to steer {% data variables.product.prodname_copilot_short %} towards more valuable responses:
 
-* **Provide {% data variables.product.prodname_copilot_short %} with helpful context**:
+* **Provide {% data variables.product.prodname_copilot_short %} with helpful context:**
   * If you are using {% data variables.product.prodname_copilot_short %} in your IDE, open relevant files and close irrelevant files.
   * In {% data variables.product.prodname_copilot_chat_short %}, if a particular request is no longer helpful context, delete that request from the conversation. Alternatively, if none of the context of a particular conversation is helpful, start a new conversation.
   * If you are using {% data variables.product.prodname_copilot_chat_dotcom_short %}, provide specific repositories, files, symbols, and more as context. See "[AUTOTITLE](/copilot/using-github-copilot/asking-github-copilot-questions-in-githubcom)."
diff --git a/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md b/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md
index 2f5d2472fe0b..e65c796bdda6 100644
--- a/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md
+++ b/content/copilot/using-github-copilot/code-review/using-copilot-code-review.md
@@ -24,8 +24,8 @@ redirect_from:
 
 {% data variables.copilot.copilot_code-review_short %} supports two types of review:
 
-* **Review selection**: Highlight code and ask for an initial review _({% data variables.product.prodname_vscode %} only)_
-* **Review changes**: Request a deeper review of all your changes _({% data variables.product.github %} website and {% data variables.product.prodname_vscode %})_
+* **Review selection:** Highlight code and ask for an initial review _({% data variables.product.prodname_vscode %} only)_
+* **Review changes:** Request a deeper review of all your changes _({% data variables.product.github %} website and {% data variables.product.prodname_vscode %})_
 
 The current functionality and availability of the two types of review is summarized in the following table:
 
diff --git a/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md b/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md
index 8d00328da7de..2da03d0f17f9 100644
--- a/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md
+++ b/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md
@@ -439,9 +439,9 @@ func CalculateDaysBetweenDates(
 
 If you encounter issues with code suggestions, such as conflicting or missing suggestions, you can try the following:
 
-* **Disable Xcode's native predictive text completion**: To avoid receiving two sets of code suggestions, you can disable Xcode's native predictive text completion. You can find this setting in the Xcode settings in the "Editing" tab under "Text Editing".
-* **Check for duplication detection in {% data variables.product.prodname_copilot_short %}**: If you receive limited or no suggestions from {% data variables.product.prodname_copilot_short %}, you may have duplication detection enabled. For more information on duplication detection, see "[AUTOTITLE](/copilot/configuring-github-copilot/configuring-your-personal-github-copilot-settings-on-githubcom#enabling-or-disabling-suggestions-matching-public-code)."
-* **Check for updates and restart Xcode**: Ensure you have the latest version of {% data variables.product.prodname_copilot_short %} for Xcode in the extension application and restart Xcode.
+* **Disable Xcode's native predictive text completion:** To avoid receiving two sets of code suggestions, you can disable Xcode's native predictive text completion. You can find this setting in the Xcode settings in the "Editing" tab under "Text Editing".
+* **Check for duplication detection in {% data variables.product.prodname_copilot_short %}:** If you receive limited or no suggestions from {% data variables.product.prodname_copilot_short %}, you may have duplication detection enabled. For more information on duplication detection, see "[AUTOTITLE](/copilot/configuring-github-copilot/configuring-your-personal-github-copilot-settings-on-githubcom#enabling-or-disabling-suggestions-matching-public-code)."
+* **Check for updates and restart Xcode:** Ensure you have the latest version of {% data variables.product.prodname_copilot_short %} for Xcode in the extension application and restart Xcode.
 
 You can also open an issue in the [{% data variables.product.prodname_copilot_short %} for Xcode repository](https://github.com/github/CopilotForXcode).
 
diff --git a/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md b/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md
index 04321af56fd3..d8613691f46d 100644
--- a/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md
+++ b/content/copilot/using-github-copilot/guides-on-using-github-copilot/refactoring-code-with-github-copilot.md
@@ -53,7 +53,7 @@ done
 1. Open {% data variables.product.prodname_copilot_chat_short %} by clicking the chat icon in the activity bar or by using the keyboard shortcut:
 
    * **{% data variables.product.prodname_vscode_shortname %} and {% data variables.product.prodname_vs %}:** Control+Command+i (Mac) / Ctrl+Alt+i (Windows/Linux)
-   * **JetBrains**: Control+Shift+c
+   * **JetBrains:** Control+Shift+c
 
 1. In the input box at the bottom of the chat panel, type: `Can this script be improved?`
 
diff --git a/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md b/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md
index 56937d493500..3dcf0fde4917 100644
--- a/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md
+++ b/content/copilot/using-github-copilot/guides-on-using-github-copilot/writing-tests-with-github-copilot.md
@@ -59,11 +59,11 @@ You can prompt Copilot with a request to write tests that cover a range of scena
 **Prompt:** _Develop a comprehensive suite of unit tests for the BankAccount() function in Python. Write multiple test methods that cover a wide range of scenarios, including edge cases, exception handling, and data validation._
 
 This prompt does a few important things:
-* **Scope**: It explicitly asks for a comprehensive suite of unit tests, so that {% data variables.product.prodname_copilot_short %} generates more than just basic tests, covering a variety of potential use cases.
-* **Scenarios**: The prompt specifies that the tests should include:
-  * **Edge cases**: Tests for boundary conditions (e.g., negative values for deposits or withdrawals, withdrawing more than the available balance).
-  * **Exception handling**: Tests for errors that should be raised when certain invalid actions occur (e.g., withdrawing more than the available balance, depositing negative amounts).
-  * **Data validation**: Ensures that inputs are correctly validated and handled by the methods.
+* **Scope:** It explicitly asks for a comprehensive suite of unit tests, so that {% data variables.product.prodname_copilot_short %} generates more than just basic tests, covering a variety of potential use cases.
+* **Scenarios:** The prompt specifies that the tests should include:
+  * **Edge cases:** Tests for boundary conditions (e.g., negative values for deposits or withdrawals, withdrawing more than the available balance).
+  * **Exception handling:** Tests for errors that should be raised when certain invalid actions occur (e.g., withdrawing more than the available balance, depositing negative amounts).
+  * **Data validation:** Ensures that inputs are correctly validated and handled by the methods.
 
 {% data variables.product.prodname_copilot_short %} will give you a response like the following.
 
@@ -188,10 +188,10 @@ Here we'll break down our request for {% data variables.product.prodname_copilot
 **Prompt:** _"Write integration tests for the `deposit` function in the `BankAccount` class. Use mocks to simulate the `NotificationSystem` and verify that it is called correctly after a deposit."_
 
 This prompt does a few important things:
-* **Scope**: It specifies integration tests, focusing on the interaction between the `deposit` function and the `NotificationSystem`, rather than just unit tests.
-* **Mocks**: It explicitly asks for the use of mocks to simulate the `NotificationSystem`, ensuring that the interaction with external systems is tested without relying on their actual implementation.
-* **Verification**: The prompt emphasizes verifying that the `NotificationSystem` is called correctly after a deposit, ensuring that the integration between the components works as expected.
-* **Specificity**: The prompt clearly states the method (`deposit`) and the class (`BankAccount`) to be tested.
+* **Scope:** It specifies integration tests, focusing on the interaction between the `deposit` function and the `NotificationSystem`, rather than just unit tests.
+* **Mocks:** It explicitly asks for the use of mocks to simulate the `NotificationSystem`, ensuring that the interaction with external systems is tested without relying on their actual implementation.
+* **Verification:** The prompt emphasizes verifying that the `NotificationSystem` is called correctly after a deposit, ensuring that the integration between the components works as expected.
+* **Specificity:** The prompt clearly states the method (`deposit`) and the class (`BankAccount`) to be tested.
 
 > [!TIP] If {% data variables.product.prodname_copilot_short %} is producing invalid tests, provide examples of inputs and outputs for the function you want to test. This will help {% data variables.product.prodname_copilot_short %} evaluate the expected behavior of the function.
 
diff --git a/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md b/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md
index 0996a94f47a1..b30c687ee732 100644
--- a/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md
+++ b/content/copilot/using-github-copilot/using-extensions-to-integrate-external-tools-with-copilot-chat.md
@@ -44,7 +44,7 @@ You can interact with your custom-built or installed extension in a {% data vari
 
 **If you have a {% data variables.product.prodname_copilot_individuals_short %} subscription**, you need to install a {% data variables.product.prodname_copilot_extension_short %} before you can use the extension in {% data variables.product.prodname_copilot_chat_short %}. See "[AUTOTITLE](/copilot/github-copilot-chat/github-copilot-extensions/installing-github-copilot-extensions-for-your-personal-account)."
 
-**If you have access to {% data variables.product.prodname_copilot_short %} through a {% data variables.product.prodname_copilot_business_short %} or {% data variables.product.prodname_copilot_enterprise_short %} subscription**:
+**If you have access to {% data variables.product.prodname_copilot_short %} through a {% data variables.product.prodname_copilot_business_short %} or {% data variables.product.prodname_copilot_enterprise_short %} subscription:**
   1. An organization owner or enterprise owner needs to enable the {% data variables.product.prodname_copilot_extensions_short %} policy for your organization or enterprise. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/setting-policies-for-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization#setting-a-policy-for-github-copilot-extensions-in-your-organization)" and "[AUTOTITLE](/enterprise-cloud@latest/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-policies-and-features-for-copilot-in-your-enterprise#configuring-policies-for-github-copilot)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
   1. An organization owner needs to install {% data variables.product.prodname_copilot_extensions_short %} for your organization. See "[AUTOTITLE](/copilot/github-copilot-chat/github-copilot-extensions/installing-github-copilot-extensions-for-your-organization)."
 
@@ -76,11 +76,11 @@ You can interact with your custom-built or installed extension in a {% data vari
 
 For questions and issues related to {% data variables.product.prodname_copilot_extensions %}, please use the following resources:
 
-* **General issues for users and builders**: Visit the [{% data variables.product.github %} Support Portal](https://support.github.com/).
-* **Requests or feedback for {% data variables.product.github %}**: Use the [{% data variables.product.github %} Community Discussion Thread](https://gh.io/community-feedback).
-* **Requests or feedback for third-party extension publishers**: File an issue in the [User Feedback Repo](https://github.com/copilot-extensions/user-feedback) and add a label with the extension's slug name.
-* **{% data variables.product.github %} Technology Partners**: Email the partnerships team directly for assistance.
-* **{% data variables.product.prodname_copilot_extensions_vsc %}**: For more information on this type of {% data variables.product.prodname_copilot_extension_short %}, see [Chat extensions](https://code.visualstudio.com/api/extension-guides/chat) in the {% data variables.product.prodname_vscode %} documentation.
+* **General issues for users and builders:** Visit the [{% data variables.product.github %} Support Portal](https://support.github.com/).
+* **Requests or feedback for {% data variables.product.github %}:** Use the [{% data variables.product.github %} Community Discussion Thread](https://gh.io/community-feedback).
+* **Requests or feedback for third-party extension publishers:** File an issue in the [User Feedback Repo](https://github.com/copilot-extensions/user-feedback) and add a label with the extension's slug name.
+* **{% data variables.product.github %} Technology Partners:** Email the partnerships team directly for assistance.
+* **{% data variables.product.prodname_copilot_extensions_vsc %}:** For more information on this type of {% data variables.product.prodname_copilot_extension_short %}, see [Chat extensions](https://code.visualstudio.com/api/extension-guides/chat) in the {% data variables.product.prodname_vscode %} documentation.
 
 > [!NOTE] {% data variables.product.github %} Support is not able to answer questions regarding {% data variables.product.prodname_copilot_extensions_vsc %}, as this implementation path is owned and maintained by the {% data variables.product.prodname_vscode_shortname %} team.
 
diff --git a/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md b/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md
index 483593afd7c1..1e870c13c074 100644
--- a/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md
+++ b/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students.md
@@ -34,8 +34,8 @@ Once you are a verified {% data variables.product.prodname_global_campus %} stud
 * Discover student-created repositories from {% data variables.product.prodname_community_exchange %}. For more information, see "[AUTOTITLE](/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-global-campus-for-students/about-github-community-exchange)."
 
 {% data variables.product.prodname_global_campus %} students also receive the following {% data variables.product.prodname_dotcom %} benefits.
-* **{% data variables.product.prodname_copilot %}**: Verified students receive a free subscription for {% data variables.product.prodname_copilot %}. See "[AUTOTITLE](/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/getting-free-access-to-copilot-as-a-student-teacher-or-maintainer)."
-* **{% data variables.product.prodname_github_codespaces %}**: {% data reusables.education.student-codespaces-benefit %} For more information on getting started with {% data variables.product.prodname_github_codespaces %}, see "[AUTOTITLE](/codespaces/overview)."
+* **{% data variables.product.prodname_copilot %}:** Verified students receive a free subscription for {% data variables.product.prodname_copilot %}. See "[AUTOTITLE](/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/getting-free-access-to-copilot-as-a-student-teacher-or-maintainer)."
+* **{% data variables.product.prodname_github_codespaces %}:** {% data reusables.education.student-codespaces-benefit %} For more information on getting started with {% data variables.product.prodname_github_codespaces %}, see "[AUTOTITLE](/codespaces/overview)."
 
 > [!NOTE]
 > {% data reusables.education.note-on-student-codespaces-usage %} For more information, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/using-github-codespaces-with-github-classroom)."
diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md
index c5e0f37bdad8..b466ae4c9ffd 100644
--- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md
+++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/monitor-students-progress-with-the-assignment-overview-page.md
@@ -15,20 +15,20 @@ Each assignment you create on {% data variables.product.prodname_classroom %} ha
 
 For individual assignments, you can view the following information at the top of the assignment overview page:
 
-* **Rostered students**: The number of students on the classroom's roster.
-* **Added students**: The number of {% data variables.product.prodname_dotcom %} accounts that have accepted the assignment and are not associated with a roster identifier.
-* **Accepted students**: The number of accounts that have accepted this assignment.
-* **Assignment submissions**: The number of students that have submitted the assignment. Submission is triggered at the assignment deadline.
-* **Passing students**: The number of students currently passing the autograding tests for this assignment.
+* **Rostered students:** The number of students on the classroom's roster.
+* **Added students:** The number of {% data variables.product.prodname_dotcom %} accounts that have accepted the assignment and are not associated with a roster identifier.
+* **Accepted students:** The number of accounts that have accepted this assignment.
+* **Assignment submissions:** The number of students that have submitted the assignment. Submission is triggered at the assignment deadline.
+* **Passing students:** The number of students currently passing the autograding tests for this assignment.
 
 For group assignments, you can view the following information at the top of the assignment overview page:
 
-* **Total teams**: The number of teams that have been created.
-* **Rostered students**: The number of students on the classroom's roster.
-* **Students not on a team**: The number of students on the classroom roster who have not yet joined a team.
-* **Accepted teams**: The number of teams who have accepted this assignment.
-* **Assignment submissions**: The number of teams that have submitted the assignment. Submission is triggered at the assignment deadline.
-* **Passing teams**: The number of teams that are currently passing the autograding tests for this assignment.
+* **Total teams:** The number of teams that have been created.
+* **Rostered students:** The number of students on the classroom's roster.
+* **Students not on a team:** The number of students on the classroom roster who have not yet joined a team.
+* **Accepted teams:** The number of teams who have accepted this assignment.
+* **Assignment submissions:** The number of teams that have submitted the assignment. Submission is triggered at the assignment deadline.
+* **Passing teams:** The number of teams that are currently passing the autograding tests for this assignment.
 
 ## Viewing the assignment overview page for an assignment
 
diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md
index 1177bdaf7c66..18e72baa867d 100644
--- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md
+++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding.md
@@ -40,7 +40,7 @@ An input/output test optionally runs a setup command, then provides standard inp
 | **Run command** | The command to run the test and generate standard output for evaluation |
 | **Inputs** | Standard input for run command |
 | **Expected output** | The output that you want to see as standard output from the run command |
-| **Comparison** | The type of comparison between the run command's output and the expected output

  • **Included**: Passes when the expected output appears
    anywhere in the standard output from the run command
  • **Exact**: Passes when the expected output is completely identical
    to the standard output from the run command
  • **Regex**: Passes if the regular expression in expected
    output matches against the standard output from the run command
 |
+| **Comparison** | The type of comparison between the run command's output and the expected output

  • **Included:** Passes when the expected output appears
    anywhere in the standard output from the run command
  • **Exact:** Passes when the expected output is completely identical
    to the standard output from the run command
  • **Regex:** Passes if the regular expression in expected
    output matches against the standard output from the run command
 |
 | **Timeout** | In minutes, how long a test should run before resulting in failure |
 | **Points** | _Optional_. The number of points the test is worth toward a total score |
 
@@ -106,9 +106,9 @@ By default, autograding tests will automatically run whenever a student pushes t
 {% data reusables.classroom.assignments-click-pencil %}
 1. In the left sidebar, click **Grading and feedback**.
 1. Below your list of autograding tests, you can configure when autograding tests are run.
-    * **Every time a student submits an assignment**: This is the default behavior.
-    * **On a schedule**: You can set a time every day or every week for autograding tests to be run.
-    * **Manually**: Autograding test runs will be manually triggered by you from the assignment dashboard.
+    * **Every time a student submits an assignment:** This is the default behavior.
+    * **On a schedule:** You can set a time every day or every week for autograding tests to be run.
+    * **Manually:** Autograding test runs will be manually triggered by you from the assignment dashboard.
 
 ## Viewing and downloading results from autograding tests
 
diff --git a/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md b/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md
index 2a9d3eb41cf0..2a8133adfdf9 100644
--- a/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md
+++ b/content/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects.md
@@ -45,10 +45,10 @@ The default base role is `write`, meaning that everyone in the organization can
 
    ![Screenshot showing the "Who has access" settings. The dropdown for setting the base role is highlighted with an orange outline.](/assets/images/help/projects-v2/base-role.png)
 
-   * **No access**: Only organization owners and users granted individual access can see the project. Organization owners are also admins for the project.
-   * **Read**: Everyone in the organization can see the project. Organization owners are also admins for the project.
-   * **Write**: Everyone in the organization can see and edit the project. Organization owners are also admins for the project.
-   * **Admin**: Everyone in the organization is an admin for the project.
+   * **No access:** Only organization owners and users granted individual access can see the project. Organization owners are also admins for the project.
+   * **Read:** Everyone in the organization can see the project. Organization owners are also admins for the project.
+   * **Write:** Everyone in the organization can see and edit the project. Organization owners are also admins for the project.
+   * **Admin:** Everyone in the organization is an admin for the project.
 
 ### Managing access for teams and individual members of your organization
 
@@ -69,9 +69,9 @@ You can only invite an individual user to collaborate on your organization-level
    ![Screenshot showing searching for a collaborator.](/assets/images/help/projects-v2/access-search.png)
 
 1. Select the role for the collaborator.
-   * **Read**: The team or individual can view the project.
-   * **Write**: The team or individual can view and edit the project.
-   * **Admin**: The team or individual can view, edit, and add new collaborators to the project.
+   * **Read:** The team or individual can view the project.
+   * **Write:** The team or individual can view and edit the project.
+   * **Admin:** The team or individual can view, edit, and add new collaborators to the project.
 1. Click **Invite**.
 
 ### Managing access of an existing collaborator on your project
@@ -104,9 +104,9 @@ This only affects collaborators for your project, not for repositories in your p
    ![Screenshot showing searching for a collaborator.](/assets/images/help/projects-v2/access-search.png)
 
 1. Select the role for the collaborator.
-   * **Read**: The individual can view the project.
-   * **Write**: The individual can view and edit the project.
-   * **Admin**: The individual can view, edit, and add new collaborators to the project.
+   * **Read:** The individual can view the project.
+   * **Write:** The individual can view and edit the project.
+   * **Admin:** The individual can view, edit, and add new collaborators to the project.
 1. Click **Invite**.
 
 ### Managing access of an existing collaborator on your project
diff --git a/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md b/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md
index 7b5c09338124..ddd604713790 100644
--- a/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md
+++ b/content/issues/tracking-your-work-with-issues/configuring-issues/planning-and-tracking-work-for-your-team-or-project.md
@@ -24,10 +24,10 @@ When starting a new project, initiative, or feature, the first step is to create
 
 You can set up repositories for different purposes based on your needs. The following are some common use cases:
 
-* **Product repositories**: Larger organizations that track their work and goals around specific products may have one or more repositories containing the code and other files. These repositories can also be used for documentation, reporting on product health or future plans for the product.
-* **Project repositories**: You can create a repository for an individual project you are working on, or for a project you are collaborating on with others. For an organization that tracks work for short-lived initiatives or projects, such as a consulting firm, there is a need to report on the health of a project and move people between different projects based on skills and needs. Code for the project is often contained in a single repository.
-* **Team repositories**: For an organization that groups people into teams, and brings projects to them, such as a dev tools team, code may be scattered across many repositories for the different work they need to track. In this case it may be helpful to have a team-specific repository as one place to track all the work the team is involved in.
-* **Personal repositories**: You can create a personal repository to track all your work in one place, plan future tasks, or even add notes or information you want to save. You can also add collaborators if you want to share this information with others.
+* **Product repositories:** Larger organizations that track their work and goals around specific products may have one or more repositories containing the code and other files. These repositories can also be used for documentation, reporting on product health or future plans for the product.
+* **Project repositories:** You can create a repository for an individual project you are working on, or for a project you are collaborating on with others. For an organization that tracks work for short-lived initiatives or projects, such as a consulting firm, there is a need to report on the health of a project and move people between different projects based on skills and needs. Code for the project is often contained in a single repository.
+* **Team repositories:** For an organization that groups people into teams, and brings projects to them, such as a dev tools team, code may be scattered across many repositories for the different work they need to track. In this case it may be helpful to have a team-specific repository as one place to track all the work the team is involved in.
+* **Personal repositories:** You can create a personal repository to track all your work in one place, plan future tasks, or even add notes or information you want to save. You can also add collaborators if you want to share this information with others.
 
 You can create multiple, separate repositories if you want different access permissions for the source code and for tracking issues and discussions. For more information, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/creating-an-issues-only-repository)."
 
diff --git a/content/migrations/overview/migration-paths-to-github.md b/content/migrations/overview/migration-paths-to-github.md
index 856a4a0ac52d..4fea074b00f7 100644
--- a/content/migrations/overview/migration-paths-to-github.md
+++ b/content/migrations/overview/migration-paths-to-github.md
@@ -40,23 +40,23 @@ You can review the scope and tooling for your migration to {% data variables.pro
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.1 or newer to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.0 or older to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
@@ -64,97 +64,97 @@ You can review the scope and tooling for your migration to {% data variables.pro
 
 Migrations from {% data variables.product.prodname_dotcom_the_website %} include {% data variables.product.prodname_ghe_cloud %}. This path includes adoption of {% data variables.product.prodname_emus %} or a move between managed enterprises.
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### Azure DevOps Services (Azure DevOps Cloud) to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**: "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:** "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
 
 ### Azure DevOps Server to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * [Migrate data from Azure DevOps Server to Azure DevOps Services](https://learn.microsoft.com/en-us/azure/devops/migrate/migration-overview?view=azure-devops) in the Microsoft Docs
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
-* **Caveats**: If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, "[Migrations from any Git repository to {% data variables.product.prodname_dotcom_the_website %}](#any-git-repository-to-githubcom)."
+* **Caveats:** If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, "[Migrations from any Git repository to {% data variables.product.prodname_dotcom_the_website %}](#any-git-repository-to-githubcom)."
 
 ### Bitbucket Cloud (Bitbucket.org) to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI or {% data variables.product.prodname_importer %}
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI or {% data variables.product.prodname_importer %}
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
   * "[AUTOTITLE]({% ifversion ghes %}/free-pro-team@latest{% endif %}/migrations/importing-source-code/using-github-importer/about-github-importer)"
 
 ### Bitbucket Server or Bitbucket Data Center to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * For complex repositories larger than around 5 GB, you may need to use `bbs-exporter` and Enterprise Cloud Importer instead. Enterprise Cloud Importer is only available for expert-led migrations.
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### GitLab to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: `gl-exporter`, then Enterprise Cloud Importer (expert-led migrations only)
-* **More information**: [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** `gl-exporter`, then Enterprise Cloud Importer (expert-led migrations only)
+* **More information:** [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
+* **Caveats:**
   * Enterprise Cloud Importer is only available for expert-led migrations.
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-githubcom %}
 
 ### Any Git repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI or {% data variables.product.prodname_importer %} if the repository is accessible over the public internet
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI or {% data variables.product.prodname_importer %} if the repository is accessible over the public internet
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
   * "[AUTOTITLE]({% ifversion ghes %}/free-pro-team@latest{% endif %}/migrations/importing-source-code/using-github-importer/about-github-importer)"
 
 ### Any Mercurial repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Mercurial, Git CLI, and Python
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
+* **Scope:** Source and history
+* **Tooling:** Mercurial, Git CLI, and Python
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
 
 ### Any Subversion (SVN) repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Subversion and Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
+* **Scope:** Source and history
+* **Tooling:** Subversion and Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
 
 ### Any Team Foundation Version Control (TFVC) repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: Azure Repos, then Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
+* **Scope:** Source and history
+* **Tooling:** Azure Repos, then Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
 
 ### Any Perforce repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source and history
-* **Tooling**: `git-p4`, then Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** `git-p4`, then Git CLI
+* **More information:**
   * [git-p4](https://git-scm.com/docs/git-p4) in the Git documentation
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github#importing-a-git-repository-with-the-command-line)"
 
 ### Any other repository to {% data variables.product.prodname_dotcom_the_website %}
 
-* **Scope**: Source snapshot
-* **Tooling**: {% data variables.product.prodname_cli %} or Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
+* **Scope:** Source snapshot
+* **Tooling:** {% data variables.product.prodname_cli %} or Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
 
 ### {% data variables.enterprise.data_residency_site %} to {% data variables.product.prodname_dotcom_the_website %}
 
@@ -185,116 +185,116 @@ Follow a link below to review the scope and tooling for your migration to {% dat
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.1 or newer to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### {% data variables.product.prodname_ghe_server %} 3.4.0 or older to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### {% data variables.product.prodname_dotcom_the_website %} to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %} or {% data variables.product.prodname_expert_services %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### Azure DevOps Services (Azure DevOps Cloud) to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**: "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:** "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
 
 ### Azure DevOps Server to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Migration to Azure DevOps Services, then {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * [Migrate data from Azure DevOps Server to Azure DevOps Services](https://learn.microsoft.com/en-us/azure/devops/migrate/migration-overview?view=azure-devops) in the Microsoft Docs
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
-* **Caveats**: If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, see "[Migrations from any Git repository to {% data variables.enterprise.data_residency_site %}](#any-git-repository-to-githubcom)."
+* **Caveats:** If you can't migrate to Azure DevOps Services first, you must perform a "source and history" migration instead. For more information, see "[Migrations from any Git repository to {% data variables.enterprise.data_residency_site %}](#any-git-repository-to-githubcom)."
 
 ### Bitbucket Cloud (Bitbucket.org) to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Bitbucket Server or Bitbucket Data Center to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: {% data variables.product.prodname_importer_proper_name %}
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** {% data variables.product.prodname_importer_proper_name %}
+* **More information:**
   * "[AUTOTITLE](/migrations/using-github-enterprise-importer)"
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Caveats:**
   * {% data reusables.migrations.large-repositories-require-expert-services-ghecom %}
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### GitLab to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Contact {% data variables.product.prodname_expert_services %}
-* **More information**: [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
-* **Caveats**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Contact {% data variables.product.prodname_expert_services %}
+* **More information:** [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
+* **Caveats:**
   * {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghecom %}
 
 ### Any Git repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:**
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Any Mercurial repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Mercurial, Git CLI, and Python
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
+* **Scope:** Source and history
+* **Tooling:** Mercurial, Git CLI, and Python
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
 
 ### Any Subversion (SVN) repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Subversion and Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
+* **Scope:** Source and history
+* **Tooling:** Subversion and Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
 
 ### Any Team Foundation Version Control (TFVC) repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: Azure Repos, then Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
+* **Scope:** Source and history
+* **Tooling:** Azure Repos, then Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
 
 ### Any Perforce repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source and history
-* **Tooling**: `git-p4`, then Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** `git-p4`, then Git CLI
+* **More information:**
   * [git-p4](https://git-scm.com/docs/git-p4) in the Git documentation
   * "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github#importing-a-git-repository-with-the-command-line)"
 
 ### Any other repository to {% data variables.enterprise.data_residency_site %}
 
-* **Scope**: Source snapshot
-* **Tooling**: {% data variables.product.prodname_cli %} or Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
+* **Scope:** Source snapshot
+* **Tooling:** {% data variables.product.prodname_cli %} or Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
 
 ## Migrations to {% data variables.product.prodname_ghe_server %}
 
@@ -318,87 +318,87 @@ You can review the scope and tooling for your migration to {% data variables.pro
 
 Migrations from {% data variables.product.prodname_dotcom_the_website %} include {% data variables.product.prodname_ghe_cloud %}.
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Organization migrations API, then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Organization migrations API, then `ghe-migrator`
+* **More information:**
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/exporting-migration-data-from-githubcom)"
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
 
 ### {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: Organization migrations API, then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** Organization migrations API, then `ghe-migrator`
+* **More information:**
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/exporting-migration-data-from-github-enterprise-server)"
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
 
 ### Azure DevOps to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Bitbucket Cloud (Bitbucket.org) to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Bitbucket Server or Bitbucket Data Center to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: `bbs-exporter` (expert-led migrations only), then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** `bbs-exporter` (expert-led migrations only), then `ghe-migrator`
+* **More information:**
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
-* **Caveats**: {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
+* **Caveats:** {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
 
 ### GitLab to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source, history, and metadata
-* **Tooling**: `gl-exporter` (expert-led migrations only), then `ghe-migrator`
-* **More information**:
+* **Scope:** Source, history, and metadata
+* **Tooling:** `gl-exporter` (expert-led migrations only), then `ghe-migrator`
+* **More information:**
   * [{% data variables.product.prodname_expert_services %}](https://github.com/services/) website
   * "[AUTOTITLE](/enterprise-server/migrations/using-ghe-migrator/migrating-data-to-github-enterprise-server)"
-* **Caveats**: {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
+* **Caveats:** {% data reusables.migrations.migration-instructions-for-any-git-repository-to-ghes %}
 
 ### Any Git repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Git CLI
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
+* **Scope:** Source and history
+* **Tooling:** Git CLI
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-an-external-git-repository-using-the-command-line)"
 
 ### Any Mercurial repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Mercurial, Git CLI, and Python
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
+* **Scope:** Source and history
+* **Tooling:** Mercurial, Git CLI, and Python
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-mercurial-repository)"
 
 ### Any Subversion (SVN) repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Subversion and Git CLI
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
+* **Scope:** Source and history
+* **Tooling:** Subversion and Git CLI
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-subversion-repository)"
 
 ### Any Team Foundation Version Control (TFVC) repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: Azure Repos, then Git CLI
-* **More information**: "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
+* **Scope:** Source and history
+* **Tooling:** Azure Repos, then Git CLI
+* **More information:** "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/importing-a-team-foundation-version-control-repository)"
 
 ### Any Perforce repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source and history
-* **Tooling**: `git-p4`, then Git CLI
-* **More information**:
+* **Scope:** Source and history
+* **Tooling:** `git-p4`, then Git CLI
+* **More information:**
   * [git-p4](https://git-scm.com/docs/git-p4) in the Git documentation
   * "[AUTOTITLE](/enterprise-server/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github#importing-a-git-repository-with-the-command-line)"
 
 ### Any other repository to {% data variables.product.prodname_ghe_server %}
 
-* **Scope**: Source snapshot
-* **Tooling**: {% data variables.product.prodname_cli %} or Git CLI
-* **More information**: "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
+* **Scope:** Source snapshot
+* **Tooling:** {% data variables.product.prodname_cli %} or Git CLI
+* **More information:** "[AUTOTITLE](/migrations/importing-source-code/using-the-command-line-to-import-source-code/adding-locally-hosted-code-to-github)"
 
 ### {% data variables.enterprise.data_residency_site %} to {% data variables.product.prodname_ghe_server %}
 
diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md
index 2e644b046b46..2938f0df4133 100644
--- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md
+++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md
@@ -78,11 +78,11 @@ The base repository role determines the initial set of permissions included in t
 
 The base repository roles are:
 
-* **Read**: Grants read access to all repositories in the organization.
-* **Write**: Grants write access to all repositories in the organization.
-* **Triage**: Grants triage access to all repositories in the organization.
-* **Maintain**: Grants maintenance access to all repositories in the organization.
-* **Admin**: Grants admin access to all repositories in the organization.
+* **Read:** Grants read access to all repositories in the organization.
+* **Write:** Grants write access to all repositories in the organization.
+* **Triage:** Grants triage access to all repositories in the organization.
+* **Maintain:** Grants maintenance access to all repositories in the organization.
+* **Admin:** Grants admin access to all repositories in the organization.
 
 ## Additional permissions for repository access
 
diff --git a/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md
index c790b3c3fc3e..b8786271ed4c 100644
--- a/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md
+++ b/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md
@@ -13,8 +13,8 @@ shortTitle: Set a token policy
 ## Restricting access by {% data variables.product.pat_generic_plural %}
 
 Organization owners can prevent {% data variables.product.pat_generic_plural %} from accessing resources owned by the organization with the following options:
-* **Restrict access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} cannot access resources owned by the organization. SSH keys created by {% data variables.product.pat_generic_plural %} will continue to work.
-* **Allow access via {% data variables.product.pat_generic_plural %}**: {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} can access resources owned by the organization.
+* **Restrict access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} cannot access resources owned by the organization. SSH keys created by {% data variables.product.pat_generic_plural %} will continue to work.
+* **Allow access via {% data variables.product.pat_generic_plural %}:** {% data variables.product.pat_v1_caps_plural %} or {% data variables.product.pat_v2_plural %} can access resources owned by the organization.
 
 Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plural %} will have access to public resources within the organization.
 
@@ -48,8 +48,8 @@ When you set a policy, tokens with non-compliant lifetimes will be blocked from
 ## Enforcing an approval policy for {% data variables.product.pat_v2_plural %}
 
 Organization owners can manage approval requirements for each {% data variables.product.pat_v2 %} that can access the organization with the following options:
-  * **Require administrator approval**: An organization owner must approve each {% data variables.product.pat_v2 %} that can access the organization. {% data variables.product.pat_v2_caps_plural %} created by organization owners will not need approval.
-  * **Do not require administrator approval**: {% data variables.product.pat_v2_caps %}s created by organization members can access resources in the organization without prior approval.
+  * **Require administrator approval:** An organization owner must approve each {% data variables.product.pat_v2 %} that can access the organization. {% data variables.product.pat_v2_caps_plural %} created by organization owners will not need approval.
+  * **Do not require administrator approval:** {% data variables.product.pat_v2_caps %}s created by organization members can access resources in the organization without prior approval.
 
 {% data variables.product.pat_v2_caps %}s will still be able to read public resources within the organization without approval.
 
diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
index 3458024bb8ad..ead662e282b8 100644
--- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
+++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md
@@ -23,11 +23,11 @@ shortTitle: Repository roles
 You can give organization members, outside collaborators, and teams of people different levels of access to repositories owned by an organization by assigning them to roles. Choose the role that best fits each person or team's function in your project without giving people more access to the project than they need.
 
 From least access to most access, the roles for an organization repository are:
-* **Read**: Recommended for non-code contributors who want to view or discuss your project
-* **Triage**: Recommended for contributors who need to proactively manage issues{% ifversion discussions-moderators-control-who-can-report %}, discussions,{% endif %} and pull requests without write access
-* **Write**: Recommended for contributors who actively push to your project
-* **Maintain**: Recommended for project managers who need to manage the repository without access to sensitive or destructive actions
-* **Admin**: Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository
+* **Read:** Recommended for non-code contributors who want to view or discuss your project
+* **Triage:** Recommended for contributors who need to proactively manage issues{% ifversion discussions-moderators-control-who-can-report %}, discussions,{% endif %} and pull requests without write access
+* **Write:** Recommended for contributors who actively push to your project
+* **Maintain:** Recommended for project managers who need to manage the repository without access to sensitive or destructive actions
+* **Admin:** Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository
 
 {% ifversion fpt %}
 If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can create custom repository roles. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)" in the {% data variables.product.prodname_ghe_cloud %} documentation.
diff --git a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md
index f83439462e30..e1c2a5cb5ba9 100644
--- a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md
+++ b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews.md
@@ -29,9 +29,9 @@ For an introduction to requesting and providing pull request reviews, see the [R
 {% ifversion fpt or ghec %}You can schedule reminders for pull requests that need to be reviewed. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team)."{% endif %}
 
 A review has three possible statuses:
-* **Comment**: Submit general feedback without explicitly approving the changes or requesting additional changes.
-* **Approve**: Submit feedback and approve merging the changes proposed in the pull request.
-* **Request changes**: Submit feedback that must be addressed before the pull request can be merged.
+* **Comment:** Submit general feedback without explicitly approving the changes or requesting additional changes.
+* **Approve:** Submit feedback and approve merging the changes proposed in the pull request.
+* **Request changes:** Submit feedback that must be addressed before the pull request can be merged.
 
 {% data reusables.repositories.request-changes-tips %}
 
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md b/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
index 37e4043844be..70c457442a13 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
@@ -53,19 +53,19 @@ Repository administrators can require a merge queue by enabling the branch prote
 
 Once you have enabled the "Require merge queue" setting, you can also access the following settings:
 
-* **Merge method**: Select which method to use when merging queued pull requests: merge, rebase, or squash.
+* **Merge method:** Select which method to use when merging queued pull requests: merge, rebase, or squash.
 
-* **Build concurrency**: The maximum number of `merge_group` webhooks to dispatch (between `1` and `100`), throttling the total amount of concurrent CI builds. This affects the velocity of merges that a merge queue can complete.
-* **Only merge non-failing pull requests**: This setting determines how a merge queue forms groups of pull requests to be merged.
+* **Build concurrency:** The maximum number of `merge_group` webhooks to dispatch (between `1` and `100`), throttling the total amount of concurrent CI builds. This affects the velocity of merges that a merge queue can complete.
+* **Only merge non-failing pull requests:** This setting determines how a merge queue forms groups of pull requests to be merged.
 
   | Enabled? | Description |
   | -------- | ----------- |
   | Yes      | All pull requests must satisfy required checks to be merged. |
   | No       | Pull requests that have failed required checks can be added to a group as long as the last pull request in the group has passed required checks. If the last pull request in the group has passed required checks, this means that the checks have passed for the combined set of changes in the merge group. Leaving this checkbox unselected can be useful if you have intermittent test failures, but don't want false negatives to hold up the queue. |
 
-* **Status check timeout**: Choose how long the queue should wait for a response from CI before assuming that checks have failed.
+* **Status check timeout:** Choose how long the queue should wait for a response from CI before assuming that checks have failed.
 
-* **Merge limits**: Select the minimum and maximum number of pull requests to merge into the base branch at the same time (between `1` and `100`), and a timeout after which the queue should stop waiting for more entries and merge with fewer than the minimum number.
+* **Merge limits:** Select the minimum and maximum number of pull requests to merge into the base branch at the same time (between `1` and `100`), and a timeout after which the queue should stop waiting for more entries and merge with fewer than the minimum number.
 
   > [!NOTE]
   > Merge limits do not combine `merge_group` **builds**. Merge limits only affect merges to the base branch once one or more `merge_group` has satisfied build checks.
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md
index 5a71c6e1efbf..e73b0341e380 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/viewing-branches-in-your-repository.md
@@ -16,10 +16,10 @@ shortTitle: View branches
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.navigate-to-branches %}
 1. Use the navigation at the top of the page to view specific lists of branches:
-    * **Your branches**: In repositories that you have push access to, the **Yours** view shows all branches that you’ve pushed to, excluding the default branch, with the most recent branches first.
-    * **Active branches**: The **Active** view shows all branches (excluding the default branch) that anyone has committed to within the last three months, ordered by the branches with the most recent commits first.
-    * **Stale branches**: The **Stale** view shows all branches that no one has committed to in the last three months, ordered by the branches with the oldest commits first. Use this list to determine [which branches to delete](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository).
-    * **All branches**: The **All** view shows the default branch, followed by all other branches ordered by the branches with the most recent commits first.
+    * **Your branches:** In repositories that you have push access to, the **Yours** view shows all branches that you’ve pushed to, excluding the default branch, with the most recent branches first.
+    * **Active branches:** The **Active** view shows all branches (excluding the default branch) that anyone has committed to within the last three months, ordered by the branches with the most recent commits first.
+    * **Stale branches:** The **Stale** view shows all branches that no one has committed to in the last three months, ordered by the branches with the oldest commits first. Use this list to determine [which branches to delete](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository).
+    * **All branches:** The **All** view shows the default branch, followed by all other branches ordered by the branches with the most recent commits first.
 
 1. Optionally, use the search field on the top right. It provides a simple, case-insensitive, sub-string search on the branch name. It does not support any additional query syntax.
 
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md
index bd923f48de8e..9c45b9936f02 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets.md
@@ -53,16 +53,16 @@ You can require that merges must be performed with a merge queue at the reposito
 
 You can configure various settings for your merge queue rule.
 
-* **Merge method**: Method to use when merging changes from pull requests.
-* **Build concurrency**: Limit the number of queued pull requests requesting checks and workflow runs at the same time.
+* **Merge method:** Method to use when merging changes from pull requests.
+* **Build concurrency:** Limit the number of queued pull requests requesting checks and workflow runs at the same time.
   * This setting controls when merge queue dispatches the `merge_group.checks_requested` webhook event, which triggers {% data variables.product.prodname_actions %} workflows that are configured to run on `merge_group`. For more information, see "[AUTOTITLE](/webhooks/webhook-events-and-payloads#merge_group)."
   * For example, if there are 5 pull requests added to the queue and the build concurrency setting is 3, merge queue will dispatch the `checks_requested` event for the first 3 pull requests. When it receives a result for one of those pull requests, merge queue will dispatch the event for the 4th pull request, and so on.
-* **Minimum/maximum group size**: The number of pull requests that will be merged together in a group.
-* **Wait time to meet minimum group size (minutes)**: The time the merge queue will wait after the first pull request is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.
-* **Require all queue entries to pass required checks**:
+* **Minimum/maximum group size:** The number of pull requests that will be merged together in a group.
+* **Wait time to meet minimum group size (minutes):** The time the merge queue will wait after the first pull request is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.
+* **Require all queue entries to pass required checks:**
     * When this setting is enabled, each item in the merge group must pass all required checks.
     * When this setting is disabled, only the commit at the head of the merge group, i.e. the commit containing changes from all of the pull requests in the group, must pass its required checks to merge.
-* **Status check timeout (minutes)**: Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed
+* **Status check timeout (minutes):** Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed
 
 {% endif %}
 
diff --git a/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md b/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md
index 700b960cefa0..3850b5ed9e39 100644
--- a/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md
+++ b/content/rest/using-the-rest-api/getting-started-with-the-rest-api.md
@@ -234,19 +234,19 @@ Use the {% data variables.product.prodname_cli %} `api` subcommand to make your
 In your request, specify the following options and values:
 
 {%- ifversion not fpt %}
-* **--hostname**: If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
+* **--hostname:** If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
 {%- endif %}
 * **--method** followed by the HTTP method and the path of the endpoint. For more information, see "[HTTP method](#http-method)" and "[Path](#path)."
-* **--header**:
-  * **`Accept`**: Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
-  * **`X-GitHub-Api-Version`**: Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
+* **--header:**
+  * **`Accept`:** Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
+  * **`X-GitHub-Api-Version`:** Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
 * **`-f`** or **`-F`** followed by any body parameters or query parameters in `key=value` format. Use the `-F` option to pass a parameter that is a number, Boolean, or null. Use the `-f` option to pass string parameters.
 
   Some endpoints use query parameters that are arrays. To send an array in the query string, use the query parameter once per array item, and append `[]` after the query parameter name. For example, to provide an array of two repository IDs, use `-f repository_ids[]=REPOSITORY_A_ID -f repository_ids[]=REPOSITORY_B_ID`.
 
   If you do not need to specify any body parameters or query parameters in your request, omit this option. For more information, see "[Body parameters](#body-parameters)" and "[Query parameters](#query-parameters)." For examples, see "[Example request using body parameters](#example-request-using-body-parameters)" and "[Example request using query parameters](#example-request-using-query-parameters)."
 {%- ifversion not fpt %}
-* **--hostname**: If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
+* **--hostname:** If you are authenticated to multiple accounts across {% data variables.product.github %} platforms, specify where you are making the request. For example: `--hostname {% data variables.enterprise.data_residency_example_domain %}`.
 {%- endif %}
 
 #### Example request
@@ -318,10 +318,10 @@ Specify the following options and values in your request:
 * **`--url`** followed by the full path as the value. The full path is a URL that includes the base URL for the GitHub REST API (`{% data variables.product.rest_url %}`{% ifversion ghec %} or `https://{% data variables.enterprise.data_residency_api %}`, depending on where you access {% data variables.product.github %}{% endif %}) and the path of the endpoint, like this: `{% data variables.product.rest_url %}/PATH`.{% ifversion ghes %} Replace `HOSTNAME` with the name of {% data variables.location.product_location %}.{% endif %} Replace `PATH` with the path of the endpoint. For more information, see "[Path](#path)."
 
   To use query parameters, add a `?` to the end of the path, then append your query parameter name and value in the form `parameter_name=value`. Separate multiple query parameters with `&`. If you need to send an array in the query string, use the query parameter once per array item, and append `[]` after the query parameter name. For example, to provide an array of two repository IDs, use `?repository_ids[]=REPOSITORY_A_ID&repository_ids[]=REPOSITORY_B_ID`. For more information, see "[Query parameters](#query-parameters)." For an example, see "[Example request using query parameters](#example-request-using-query-parameters-1)."
-* **`--header` or `-H`**:
-  * **`Accept`**: Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma, for example: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
-  * **`X-GitHub-Api-Version`**: Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
-  * **`Authorization`**: Pass your authentication token in an `Authorization` header. Note that in most cases you can use `Authorization: Bearer` or `Authorization: token` to pass a token. However, if you are passing a JSON web token (JWT), you must use `Authorization: Bearer`. For more information, see "[Authentication](#authentication)." For an example of a request that uses an `Authorization` header, see "[Example request using body parameters](#example-request-using-body-parameters-1)."
+* **`--header` or `-H`:**
+  * **`Accept`:** Pass the media type in an `Accept` header. To pass multiple media types in an `Accept` header, separate the media types with a comma, for example: `Accept: application/vnd.github+json,application/vnd.github.diff`. For more information, see "[`Accept`](#accept)" and "[Media types](#media-types)."
+  * **`X-GitHub-Api-Version`:** Pass the API version in a `X-GitHub-Api-Version` header. For more information, see "[`X-GitHub-Api-Version`](#x-github-api-version)."
+  * **`Authorization`:** Pass your authentication token in an `Authorization` header. Note that in most cases you can use `Authorization: Bearer` or `Authorization: token` to pass a token. However, if you are passing a JSON web token (JWT), you must use `Authorization: Bearer`. For more information, see "[Authentication](#authentication)." For an example of a request that uses an `Authorization` header, see "[Example request using body parameters](#example-request-using-body-parameters-1)."
 * **`--data` or `-d`** followed by any body parameters within a JSON object. If you do not need to specify any body parameters in your request, omit this option. For more information, see "[Body parameters](#body-parameters)." For an example, see "[Example request using body parameters](#example-request-using-body-parameters-1)."
 
 #### Example request
diff --git a/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md b/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md
index 0e2431922cb8..d848582bf6e4 100644
--- a/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md
+++ b/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md
@@ -56,19 +56,19 @@ GitHub has a non-retaliation policy for reporting workplace-related concerns. Co
 
 GitHub's labor practices are
 
-**fair**:
+**fair:**
    * GitHub pays its employees and contractors a fair wage, in accordance with applicable legal wages
    * GitHub maintains humane working conditions
    * GitHub does not require workers to exceed the maximum hours of daily labor set by local and national laws or regulations
    * GitHub pays its employees and contractors in a timely manner, with documentation (such as a pay stub) stating the basis on which they are paid, and keeps employee records in accordance with local and national laws
 
-**humane and ethical**:
+**humane and ethical:**
    * GitHub uses only voluntary labor
    * GitHub prohibits child labor
    * GitHub does not engage in physical discipline or abuse
    * GitHub does not tolerate harassment or unlawful discrimination in the workforce or workplace
 
-**respectful**:
+**respectful:**
    * GitHub protects its employees' rights to freedom of association and collective bargaining in accordance with legal requirements, including to post legal notices of employees' rights under the National Labor Relations Act
    * GitHub provides benefits to employees at or in excess of levels expected in the industry
    * GitHub encourages employees to report any workplace complaint and does not tolerate retaliation for reporting
diff --git a/content/site-policy/github-terms/github-copilot-extension-developer-policy.md b/content/site-policy/github-terms/github-copilot-extension-developer-policy.md
index f86f82fb99d0..d9a30aa99f5d 100644
--- a/content/site-policy/github-terms/github-copilot-extension-developer-policy.md
+++ b/content/site-policy/github-terms/github-copilot-extension-developer-policy.md
@@ -27,9 +27,9 @@ Violations of this Agreement may result in removing the Extension from the Platf
 
 While we want You to develop useful, fun, and interesting Extensions with GitHub Copilot, we want to make sure that our Users receive a safe, secure, productive, and enjoyable experience. When creating Extensions, you must understand the use cases and limitations of GitHub Copilot, and not rely on it for tasks where its use could lead to significant harm. With that in mind, You are required to comply with this Policy and other obligations.
 
-**Terms of Service**: Your Extension must comply with the GitHub Terms of Service (ToS) including the Acceptable Use Policy.
+**Terms of Service:** Your Extension must comply with the GitHub Terms of Service (ToS) including the Acceptable Use Policy.
 
-**Security**: We take the security of Personal Data seriously and you must as well. As you develop your Extension, You must properly configure your systems to protect Personal Data and ensure that any stored Personal Data is encrypted. Furthermore, Extensions and developers must not:
+**Security:** We take the security of Personal Data seriously and you must as well. As you develop your Extension, You must properly configure your systems to protect Personal Data and ensure that any stored Personal Data is encrypted. Furthermore, Extensions and developers must not:
 
 * Degrade or compromise security
 * Bypass or circumvent protocols and access controls
@@ -38,7 +38,7 @@ While we want You to develop useful, fun, and interesting Extensions with GitHub
 * Transmit any viruses or other code that may damage, detrimentally interfere with, surreptitiously intercept or expropriate any system or Personal Data
 * Attempt to reverse engineer or otherwise derive source code, trade secrets, or know-how of the Platform or any portion thereof
 
-**Use of Personal Data**: Protecting User privacy is paramount at GitHub, and must be for you. You are responsible for good Personal Data practices. You do not have independent rights to any Personal Data. In accordance with this, Extensions and developers are prohibited from:
+**Use of Personal Data:** Protecting User privacy is paramount at GitHub, and must be for you. You are responsible for good Personal Data practices. You do not have independent rights to any Personal Data. In accordance with this, Extensions and developers are prohibited from:
 
 * Collecting, storing, and using Personal Data without obtaining proper User consent
 * Utilizing Personal Data to contact Users. You must gain permission through a clear and separate permissions process to contact Users outside of GitHub. Contacting Users is limited to emergencies in which the User’s safety and security is at risk and in compliance with the law
@@ -52,7 +52,7 @@ While we want You to develop useful, fun, and interesting Extensions with GitHub
 * Accessing Data for surveillance purposes. You may not allow or assist any entity to conduct surveillance or obtain Personal Data using your access to the Platform
 * Otherwise exploiting Personal Data in a way not approved by GitHub and not disclosed to and permitted by Users. You may, however, use Data that is both aggregated and anonymized for purposes of analytics and development related to the Extension
 
-**Law and Safety**: Extensions should not create unsafe environments or hardships for Users. Each Extension must comply with all applicable laws and legal requirements in all locations where it is made available to Users. In addition, Extensions and developers are prohibited from:
+**Law and Safety:** Extensions should not create unsafe environments or hardships for Users. Each Extension must comply with all applicable laws and legal requirements in all locations where it is made available to Users. In addition, Extensions and developers are prohibited from:
 
 * Inferring people’s emotional states from their physical, physiological, or behavioral characteristics
 * Inferring people’s sensitive attributes such as gender, race, nationality, religion, or specific age (not including age range, position of mouth (e.g., smile or frown), and hair color)
@@ -62,7 +62,7 @@ While we want You to develop useful, fun, and interesting Extensions with GitHub
 * For any real-time facial recognition technology on mobile cameras used by any law enforcement globally to attempt to identify individuals in uncontrolled, "in the wild" environments, which includes (without limitation) police officers on patrol using body-worn or dash-mounted cameras using facial recognition technology to attempt to identify individuals present in a database of suspects or prior inmates
 * Without the individual’s valid consent, for ongoing surveillance or real-time or near real-time identification or persistent tracking of the individual using any of their personal information, including biometric data
 
-**Transparency**: GitHub Copilot is a generative artificial intelligence (AI) tool intended to increase developer productivity. You must inform Users of Your Extensions intended use cases, best practices, and limitations as well as when they are interacting with generative AI content. Furthermore, Extensions and developers must:
+**Transparency:** GitHub Copilot is a generative artificial intelligence (AI) tool intended to increase developer productivity. You must inform Users of Your Extensions intended use cases, best practices, and limitations as well as when they are interacting with generative AI content. Furthermore, Extensions and developers must:
 
 * Test the Extension to ensure outputs do not violate this Agreement
 * Provide a mechanism for Users to report feedback to You and GitHub related to errors, bugs, improper, or undesired outputs
diff --git a/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md b/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md
index 26c59ed430dd..2513d3071a73 100644
--- a/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md
+++ b/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md
@@ -75,7 +75,7 @@ Gists can either be public or secret (accessible only through a known URL). Publ
 Here is a non-exhaustive list of the kinds of data we maintain about users and projects on GitHub.
 
 * 
-**Public account data**:
+**Public account data:**
 There is a variety of information publicly available on GitHub about users and their repositories.
 User profiles can be found at a URL such as `https://github.com/username`.
 User profiles display information about when the user created their account as well their public activity on GitHub.com and social interactions.
@@ -96,7 +96,7 @@ All user public profiles display:
   * Organizations to which the user is a member (_depending on either the organizations' or the users' preferences_)
 
 * 
-**Private account data**:
+**Private account data:**
 GitHub also collects and maintains certain private information about users as outlined in our [Privacy Policy](/site-policy/privacy-policies/github-privacy-statement).
 This may include:
   * Private email addresses
@@ -107,7 +107,7 @@ This may include:
     To get a sense of the type of private account information that GitHub collects, you can visit your {% data reusables.user-settings.personal_dashboard %} and browse through the sections in the left-hand menubar.
 
 * 
-**Organization account data**:
+**Organization account data:**
 Information about organizations, their administrative users and repositories is publicly available on GitHub.
 Organization profiles can be found at a URL such as `https://github.com/organization`.
 Public organization profiles can also include additional information that the owners have chosen to share publicly.
@@ -124,7 +124,7 @@ All organization public profiles display:
   * Collaborators
 
 * 
-**Public repository data**:
+**Public repository data:**
 GitHub is home to millions of public, open-source software projects.
 You can browse almost any public repository (for example, the [GitHub Docs](https://github.com/github/docs)) to get a sense for the information that GitHub collects and maintains about repositories.
 This can include:
@@ -139,11 +139,11 @@ This can include:
   * Statistics and graphs showing contributions to the project and the network of contributors
 
 * 
-**Private repository data**:
+**Private repository data:**
 GitHub collects and maintains the same type of data for private repositories that can be seen for public repositories, except only specifically invited users may access private repository data.
 
 * 
-**Other data**:
+**Other data:**
 Additionally, GitHub collects analytics data such as page visits and information occasionally volunteered by our users (such as communications with our support team, survey information and/or site registrations).
 
 ## We will notify any affected account owners
@@ -158,11 +158,11 @@ Where GitHub agrees to produce non-public information in response to a lawful re
 Here are the kinds of information we will agree to produce, depending on the kind of legal process we are served with:
 
 * 
-**With user consent**:
+**With user consent:**
 GitHub will provide private account information, if requested, directly to the user (or an owner, in the case of an organization account), or to a designated third party with the user's written consent once GitHub is satisfied that the user has verified his or her identity.
 
 * 
-**With a subpoena**:
+**With a subpoena:**
 If served with a valid subpoena, civil investigative demand, or similar legal process issued in connection with an official criminal or civil investigation, we can provide certain non-public account information, which may include:
 
   * Name(s) associated with the account
@@ -177,7 +177,7 @@ In the case of organization accounts, we can provide the name(s) and email addre
 Please note that the information available will vary from case to case. Some of the information is optional for users to provide. In other cases, we may not have collected or retained the information.
 
 * 
-**With a court order _or_ a search warrant**: We will not disclose account access logs unless compelled to do so by either
+**With a court order _or_ a search warrant:** We will not disclose account access logs unless compelled to do so by either
 (i) a court order issued under 18 U.S.C. Section 2703(d), upon a showing of specific and articulable facts showing that there are reasonable grounds to believe that the information sought is relevant and material to an ongoing criminal investigation; or
 (ii) a search warrant issued under the procedures described in the Federal Rules of Criminal Procedure or equivalent state warrant procedures, upon a showing of probable cause.
 In addition to the non-public account information listed above, we can provide account access logs in response to a court order or search warrant, which may include:
@@ -188,7 +188,7 @@ In addition to the non-public account information listed above, we can provide a
   * Security access logs other than account creation or for a specific time and date
 
 * 
-**Only with a search warrant**:
+**Only with a search warrant:**
 We will not disclose the private contents of any account unless compelled to do so under a search warrant issued under the procedures described in the Federal Rules of Criminal Procedure or equivalent state warrant procedures upon a showing of probable cause.
 In addition to the non-public account information and account access logs mentioned above, we will also provide private account contents in response to a search warrant, which may include:
 
@@ -199,7 +199,7 @@ In addition to the non-public account information and account access logs mentio
   * Any security keys used for authentication or encryption
 
 * 
-**Under exigent circumstances**:
+**Under exigent circumstances:**
 If we receive a request for information under certain exigent circumstances (where we believe the disclosure is necessary to prevent an emergency involving danger of death or serious physical injury to a person), we may disclose limited information that we determine necessary to enable law enforcement to address the emergency. For any information beyond that, we would require a subpoena, search warrant, or court order, as described above. For example, we will not disclose contents of private repositories without a search warrant. Before disclosing information, we confirm that the request came from a law enforcement agency, an authority sent an official notice summarizing the emergency, and how the information requested will assist in addressing the emergency.
 
 ## Cost reimbursement