Merge branch 'main' into repo-sync

.github/workflows/staging-deploy-pr.yml

@@ -36,14 +36,6 @@ env:
   BUILD_ACTIONS_RUN_LOG: https://github.com/${{ github.repository }}/actions/runs/${{ github.event.workflow_run.id }}
 
 jobs:
-  debug:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Dump full context for debugging
-        env:
-          GITHUB_CONTEXT: ${{ toJSON(github) }}
-        run: echo "$GITHUB_CONTEXT"
-
   pr-metadata:
     # This is needed because the workflow we depend on
     # (see on.workflow_run.workflows) might be running from pushes on

lib/page.js

@@ -13,7 +13,6 @@ import renderContent from './render-content/index.js'
 import processLearningTracks from './process-learning-tracks.js'
 import { productMap } from './all-products.js'
 import slash from 'slash'
-import statsd from './statsd.js'
 import readFileContents from './read-file-contents.js'
 import getLinkData from './get-link-data.js'
 import getDocumentType from './get-document-type.js'
@@ -114,9 +113,7 @@ class Page {
       this.showMiniToc = this.showMiniToc === false ? this.showMiniToc : true
     }
 
-    // Instrument the `_render` method, so externally we call #render
-    // but it's wrapped in a timer that reports to Datadog
-    this.render = statsd.asyncTimer(this._render.bind(this), 'page.render')
+    this.render = this._render.bind(this)
 
     return this
   }

middleware/index.js

@@ -34,6 +34,7 @@ import helpToDocs from './redirects/help-to-docs.js'
 import languageCodeRedirects from './redirects/language-code-redirects.js'
 import handleRedirects from './redirects/handle-redirects.js'
 import findPage from './find-page.js'
+import spotContentFlaws from './spot-content-flaws.js'
 import blockRobots from './block-robots.js'
 import archivedEnterpriseVersionsAssets from './archived-enterprise-versions-assets.js'
 import events from './events.js'
@@ -173,6 +174,7 @@ export default function (app) {
 
   // *** Config and context for rendering ***
   app.use(asyncMiddleware(instrument(findPage, './find-page'))) // Must come before archived-enterprise-versions, breadcrumbs, featured-links, products, render-page
+  app.use(asyncMiddleware(instrument(spotContentFlaws, './spot-content-flaws'))) // Must come after findPage
   app.use(instrument(blockRobots, './block-robots'))
 
   // Check for a dropped connection before proceeding

middleware/render-page.js

@@ -2,11 +2,10 @@ import { get } from 'lodash-es'
 import patterns from '../lib/patterns.js'
 import getMiniTocItems from '../lib/get-mini-toc-items.js'
 import Page from '../lib/page.js'
+import statsd from '../lib/statsd.js'
 import { isConnectionDropped } from './halt-on-dropped-connection.js'
 import { nextApp, nextHandleRequest } from './next.js'
 
-const pageCache = new Map()
-
 export default async function renderPage(req, res, next) {
   if (req.path.startsWith('/storybook')) {
     return nextHandleRequest(req, res)
@@ -31,45 +30,6 @@ export default async function renderPage(req, res, next) {
   // Is the request for JSON debugging info?
   const isRequestingJsonForDebugging = 'json' in req.query && process.env.NODE_ENV !== 'production'
 
-  // ****** temporary caching measure for holiday spam prevention *********
-
-  const isApiPage =
-    req.context.currentPathWithoutLanguage.includes('rest/reference') ||
-    req.context.currentPathWithoutLanguage.includes('graphql/reference')
-
-  // Serve from the cache if possible
-  const isCacheable =
-    // Skip for CI
-    !process.env.CI &&
-    // Skip for tests
-    process.env.NODE_ENV !== 'test' &&
-    // Skip for HTTP methods other than GET
-    req.method === 'GET' &&
-    // Skip for JSON debugging info requests
-    !isRequestingJsonForDebugging &&
-    // Only API pages
-    isApiPage
-
-  // don't cache query strings
-  const originalUrl = req.originalUrl.split('?')[0]
-
-  if (isCacheable) {
-    // Stop processing if the connection was already dropped
-    if (isConnectionDropped(req, res)) return
-
-    const cachedHtml = pageCache.get(originalUrl)
-    if (cachedHtml) {
-      // Stop processing if the connection was already dropped
-      if (isConnectionDropped(req, res)) return
-
-      console.log(`Serving from cached version of ${originalUrl}`)
-      // statsd.increment('page.sent_from_cache')
-      return res.send(cachedHtml)
-    }
-  }
-
-  // ****** [end] temporary caching measure for holiday spam prevention *********
-
   // add page context
   const context = Object.assign({}, req.context, { page })
 
@@ -88,7 +48,10 @@ export default async function renderPage(req, res, next) {
   if (isConnectionDropped(req, res)) return
 
   // render page
-  context.renderedPage = await page.render(context)
+  const pageRenderTimed = statsd.asyncTimer(page.render, 'middleware.render_page', [
+    `path:${req.pagePath || req.path}`,
+  ])
+  context.renderedPage = await pageRenderTimed(context)
 
   // Stop processing if the connection was already dropped
   if (isConnectionDropped(req, res)) return
@@ -145,12 +108,5 @@ export default async function renderPage(req, res, next) {
   // Hand rendering over to NextJS
   req.context.renderedPage = context.renderedPage
   req.context.miniTocItems = context.miniTocItems
-
-  // ****** temporary caching measure for holiday spam prevention *********
-  if (isCacheable) {
-    pageCache.set(originalUrl, req.context.renderedPage)
-  }
-  // ****** [end] temporary caching measure for holiday spam prevention *********
-
   return nextHandleRequest(req, res)
 }

middleware/spot-content-flaws.js

@@ -0,0 +1,32 @@
+// This middleware, exclusively in 'development' tries to spot flaws in
+// the content you're actively viewing.
+// The hopeful assumption is that if you're actively viewing this
+// page on localhost, you're actively working on its content.
+
+import path from 'path'
+
+import kleur from 'kleur'
+
+export default async function spotContentFlaws(req, res, next) {
+  const { page } = req.context
+  if (process.env.NODE_ENV === 'development' && page) {
+    const trailingSlashRedirects = (page.redirect_from || []).filter(
+      (uri) => uri.endsWith('/') && uri.startsWith('/')
+    )
+    if (trailingSlashRedirects.length > 0) {
+      console.warn(
+        `The page ${kleur.bold(path.relative(process.cwd(), page.fullPath))} has ${
+          trailingSlashRedirects.length
+        } redirect_from entries that have a trailing slash\n  ${kleur.yellow(
+          trailingSlashRedirects.join('\n  ')
+        )}`
+      )
+      console.log(
+        "If you're actively working on this page, consider",
+        kleur.bold('deleting all trailing slashes in redirect_from.\n')
+      )
+    }
+  }
+
+  return next()
+}

package.json

@@ -49,6 +49,7 @@
     "imurmurhash": "^0.1.4",
     "js-cookie": "^3.0.1",
     "js-yaml": "^4.1.0",
+    "kleur": "4.1.4",
     "liquidjs": "^9.22.1",
     "lodash": "^4.17.21",
     "lodash-es": "^4.17.21",

translations/ja-JP/content/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance/disabling-unauthenticated-sign-ups.md

@@ -1,11 +1,11 @@
 ---
-title: 認証のないサインアップの無効化
+title: Disabling unauthenticated sign-ups
 redirect_from:
-  - /enterprise/admin/articles/disabling-sign-ups/
+  - /enterprise/admin/articles/disabling-sign-ups
   - /enterprise/admin/user-management/disabling-unauthenticated-sign-ups
   - /enterprise/admin/authentication/disabling-unauthenticated-sign-ups
   - /admin/authentication/disabling-unauthenticated-sign-ups
-intro: ビルトイン認証を使っている場合、認証されていない人がアカウントを作成するのをブロックできます。
+intro: 'If you''re using built-in authentication, you can block unauthenticated people from being able to create an account.'
 versions:
   ghes: '*'
 type: how_to
@@ -15,9 +15,9 @@ topics:
   - Enterprise
 shortTitle: Block account creation
 ---
-
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.enterprise_site_admin_settings.management-console %}
 {% data reusables.enterprise_management_console.privacy %}
-3. **Enable sign-up（サインアップの有効化）**の選択を外してください。 ![[Enable sign-up] チェックボックス](/assets/images/enterprise/management-console/enable-sign-up.png)
+3. Unselect **Enable sign-up**.
+![Enable sign-up checkbox](/assets/images/enterprise/management-console/enable-sign-up.png)
 {% data reusables.enterprise_management_console.save-settings %}

translations/ja-JP/content/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance/index.md

@@ -1,11 +1,11 @@
 ---
-title: GitHub Enterprise Server インスタンスでユーザを認証する
-intro: '{% data variables.product.prodname_ghe_server %} のビルトイン認証を使うか、CAS、LDAP、SAML のいずれかを選択して既存のアカウントを統合し、{% data variables.product.product_location %} へのユーザアクセスを集中管理できます。'
+title: Authenticating users for your GitHub Enterprise Server instance
+intro: 'You can use {% data variables.product.prodname_ghe_server %}''s built-in authentication, or choose between CAS, LDAP, or SAML to integrate your existing accounts and centrally manage user access to {% data variables.product.product_location %}.'
 redirect_from:
-  - /enterprise/admin/categories/authentication/
-  - /enterprise/admin/guides/installation/user-authentication/
-  - /enterprise/admin/articles/inviting-users/
-  - /enterprise/admin/guides/migrations/authenticating-users-for-your-github-enterprise-instance/
+  - /enterprise/admin/categories/authentication
+  - /enterprise/admin/guides/installation/user-authentication
+  - /enterprise/admin/articles/inviting-users
+  - /enterprise/admin/guides/migrations/authenticating-users-for-your-github-enterprise-instance
   - /enterprise/admin/user-management/authenticating-users-for-your-github-enterprise-server-instance
   - /enterprise/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance
 versions:

translations/ja-JP/content/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance/using-cas.md

@@ -1,12 +1,12 @@
 ---
-title: CASの利用
+title: Using CAS
 redirect_from:
-  - /enterprise/admin/articles/configuring-cas-authentication/
-  - /enterprise/admin/articles/about-cas-authentication/
+  - /enterprise/admin/articles/configuring-cas-authentication
+  - /enterprise/admin/articles/about-cas-authentication
   - /enterprise/admin/user-management/using-cas
   - /enterprise/admin/authentication/using-cas
   - /admin/authentication/using-cas
-intro: 'CAS は、複数の Web アプリケーションのためのシングルサインオン (SSO) プロトコルです。 CASのユーザアカウントは、ユーザがサインインするまで{% ifversion ghes %}ユーザライセンス{% else %}シート{% endif %}を消費しません。'
+intro: 'CAS is a single sign-on (SSO) protocol for multiple web applications. A CAS user account does not take up a {% ifversion ghes %}user license{% else %}seat{% endif %} until the user signs in.'
 versions:
   ghes: '*'
 type: how_to
@@ -17,10 +17,9 @@ topics:
   - Identity
   - SSO
 ---
-
 {% data reusables.enterprise_user_management.built-in-authentication %}
 
-## CASでのユーザ名についての考慮
+## Username considerations with CAS
 
 {% data reusables.enterprise_management_console.username_normalization %}
 
@@ -29,24 +28,25 @@ topics:
 {% data reusables.enterprise_user_management.two_factor_auth_header %}
 {% data reusables.enterprise_user_management.external_auth_disables_2fa %}
 
-## CASの属性
+## CAS attributes
 
-以下の属性が利用できます。
+The following attributes are available.
 
-| 属性名    | 種類 | 説明                                                       |
-| ------ | -- | -------------------------------------------------------- |
-| `ユーザ名` | 必須 | {% data variables.product.prodname_ghe_server %} のユーザ名 |
+| Attribute name           | Type     | Description |
+|--------------------------|----------|-------------|
+| `username`               | Required | The {% data variables.product.prodname_ghe_server %} username. |
 
-## CASの設定
+## Configuring CAS
 {% warning %}
 
-**警告：**{% data variables.product.product_location %}でCASを設定するまでは、ユーザはCASのユーザ名とパスワードをAPIリクエストの認証やHTTP/HTTPS経由のGit操作に使えないことに注意してください。 その代わりに、ユーザは[アクセストークンを作成](/enterprise/{{ currentVersion }}/user/articles/creating-an-access-token-for-command-line-use)しなければなりません。
+**Warning:** Before configuring CAS on {% data variables.product.product_location %}, note that users will not be able to use their CAS usernames and passwords to authenticate API requests or Git operations over HTTP/HTTPS. Instead, they will need to [create an access token](/enterprise/{{ currentVersion }}/user/articles/creating-an-access-token-for-command-line-use).
 
 {% endwarning %}
 
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.enterprise_site_admin_settings.management-console %}
 {% data reusables.enterprise_management_console.authentication %}
-3. **CAS**を選択してください。 ![CAS の選択](/assets/images/enterprise/management-console/cas-select.png)
-4. {% data reusables.enterprise_user_management.built-in-authentication-option %} ![CAS ビルトイン認証の選択チェックボックス](/assets/images/enterprise/management-console/cas-built-in-authentication.png)
-5. **Server URL（サーバのURL）**フィールドにCASサーバの完全なURLを入力してください。 CAS サーバが {% data variables.product.prodname_ghe_server %} が検証できない証明書を使っているなら、`ghe-ssl-ca-certificate-install` を使えばその証明書を信頼済みの証明書としてインストールできます。
+3. Select **CAS**.
+![CAS select](/assets/images/enterprise/management-console/cas-select.png)
+4. {% data reusables.enterprise_user_management.built-in-authentication-option %} ![Select CAS built-in authentication checkbox](/assets/images/enterprise/management-console/cas-built-in-authentication.png)
+5. In the **Server URL** field, type the full URL of your CAS server. If your CAS server uses a certificate that can't be validated by {% data variables.product.prodname_ghe_server %}, you can use the `ghe-ssl-ca-certificate-install` command to install it as a trusted certificate.

translations/ja-JP/content/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance/using-ldap.md

@@ -1,11 +1,11 @@
 ---
 title: Using LDAP
 redirect_from:
-  - /enterprise/admin/articles/configuring-ldap-authentication/
-  - /enterprise/admin/articles/about-ldap-authentication/
-  - /enterprise/admin/articles/viewing-ldap-users/
-  - /enterprise/admin/hidden/enabling-ldap-sync/
-  - /enterprise/admin/hidden/ldap-sync/
+  - /enterprise/admin/articles/configuring-ldap-authentication
+  - /enterprise/admin/articles/about-ldap-authentication
+  - /enterprise/admin/articles/viewing-ldap-users
+  - /enterprise/admin/hidden/enabling-ldap-sync
+  - /enterprise/admin/hidden/ldap-sync
   - /enterprise/admin/user-management/using-ldap
   - /enterprise/admin/authentication/using-ldap
   - /admin/authentication/using-ldap