github · docs-bot · Sep 1, 2023 · Sep 1, 2023 · Sep 1, 2023 · Sep 1, 2023
diff --git a/...gement/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md b/...gement/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
@@ -95,7 +95,9 @@ To discover how a member was added to an organization, you can filter the member
 - {% data variables.enterprise.prodname_managed_users_caps %} cannot create gists or comment on gists.
 - {% data variables.enterprise.prodname_managed_users_caps %} cannot follow users outside of the enterprise.
 - {% data variables.enterprise.prodname_managed_users_caps %} cannot create starter workflows for {% data variables.product.prodname_actions %}.
-- {% data variables.enterprise.prodname_managed_users_caps %} cannot install {% data variables.product.prodname_github_apps %} on their user accounts. {% data variables.enterprise.prodname_managed_users_caps %} can install a {% data variables.product.prodname_github_app %} on an organization if the app does not request organization permissions and if the {% data variables.enterprise.prodname_managed_user %} has admin access to the repositories that they are granting the app access to.
+- {% data variables.enterprise.prodname_managed_users_caps %} cannot install {% data variables.product.prodname_github_apps %} on their user accounts.
+- {% data variables.enterprise.prodname_managed_users_caps %} can install {% data variables.product.prodname_github_app %} on a repository if the app does not request organization permissions and if the {% data variables.enterprise.prodname_managed_user %} has admin access to the repositories that they are granting the app access to.
+- {% data variables.enterprise.prodname_managed_users_caps %} can install {% data variables.product.prodname_github_app %} on an organization if the {% data variables.enterprise.prodname_managed_user %} is an organization owner.
 - You can choose whether {% data variables.enterprise.prodname_managed_users %} are able to create repositories owned by their user accounts. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation)."
 - If you allow {% data variables.enterprise.prodname_managed_users %} to create repositories owned by their user accounts, they can only own private repositories and can only invite other enterprise members to collaborate on their user-owned repositories.
 - {% data reusables.enterprise-accounts.emu-forks %}

diff --git a/...-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md b/...-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning.md
@@ -113,7 +113,7 @@ Compiled languages are not automatically included in default setup configuration
   {% endnote %}
 {% endif %}
 
-1. Review the settings for default setup on your repository, then click **Enable {% data variables.product.prodname_codeql %}**.
+1. Review the settings for default setup on your repository, then click **Enable {% data variables.product.prodname_codeql %}**. This will trigger a workflow that tests the new, automatically generated configuration.
 
   {% note %}
 

@@ -33,6 +33,8 @@ sections:
       Administrators can display all repositories in a network with `spokesctl` by using the `repositories` subcommand. 
     - |
       Site administrators can see improved diagnostic information about repositories that have been deleted. 
+    - |
+      The secondary abuse rate limits of the GraphQL API are now configurable in the Management Console. [Updated: 2023-09-01]
   known_issues:
     - |
       Custom firewall rules are removed during the upgrade process.

@@ -29,6 +29,8 @@ sections:
       On GitHub Enterprise Server 3.8 and above, a blob storage provider must be configured in the Management Console in order to use the GitHub Enterprise Importer CLI, "startRepositoryMigration" GraphQL API, or "Start an organization migration" REST API. The "Migrations" section in the Management Console was mistakenly removed and has been added back. 
     - |
       Administrators can display all repositories in a network with `spokesctl` by using the `repositories` subcommand. 
+    - |
+      The secondary abuse rate limits of the GraphQL API are now configurable in the Management Console. [Updated: 2023-09-01]
   known_issues:
     - |
       Custom firewall rules are removed during the upgrade process.

@@ -26,6 +26,8 @@ sections:
       On GitHub Enterprise Server 3.8 and above, a blob storage provider must be configured in the Management Console in order to use the GitHub Enterprise Importer CLI, "startRepositoryMigration" GraphQL API, or "Start an organization migration" REST API. The "Migrations" section in the Management Console was mistakenly removed and has been added back. 
     - |
       Administrators can display all repositories in a network with `spokesctl` by using the `repositories` subcommand. 
+    - |
+      The secondary abuse rate limits of the GraphQL API are now configurable in the Management Console. [Updated: 2023-09-01]
   known_issues:
     - |
       {% data reusables.release-notes.upgrade-to-3-9-or-to-3-10-io-utilization-increase %} [Updated: 2023-08-11]