From 1c5acee6589920f768b9d368bd485d352037e31c Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Thu, 6 Nov 2025 09:48:21 +0000
Subject: [PATCH 1/3] Add "Understanding the 'why' of a pull request" section
 to pull request review documentation #19100 (#58357)

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 ...wing-proposed-changes-in-a-pull-request.md | 46 +++++++++++++++++--
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md
index 9335a22f2134..e148c9af0035 100644
--- a/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md
+++ b/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md
@@ -16,7 +16,13 @@ shortTitle: Review proposed changes
 ---
 ## About reviewing pull requests
 
-You can review changes in a pull request one file at a time. While reviewing the files in a pull request, you can leave individual comments on specific changes. After you finish reviewing each file, you can mark the file as viewed. This collapses the file, helping you identify the files you still need to review. A progress bar in the pull request header shows the number of files you've viewed. After reviewing as many files as you want, you can approve the pull request or request additional changes by submitting your review with a summary comment.
+It's best to review changes in a pull request one file at a time:
+
+* **Examine** each individual file changed in the pull request.
+* **Leave comments** on specific changes.
+* After reviewing a file, mark it as **Viewed** to collapse it and track your progress.
+* The **progress bar** in the pull request header shows how many files you've viewed.
+* When you've finished, you can **approve** the pull request or **request changes** by submitting your review with a summary comment.
 
 {% ifversion copilot %}
 
@@ -24,10 +30,44 @@ If the pull request was raised by {% data variables.product.prodname_copilot %}
 
 {% endif %}
 
-{% data reusables.search.requested_reviews_search_tip %}
-
 {% webui %}
 
+## Understanding the purpose of the pull request
+
+Gaining a clear understanding of the motivation behind a pull request helps inform your review, so you can keep it targeted and meaningful, and provide feedback that is aligned with the pull request author’s intent and the project's goals.
+
+There are several options available to you to better understand the context and rationale for proposed changes.
+
+### Using the pull request sidebar for context
+
+In the pull request sidebar, you can find valuable context including:
+
+* Linked **issues** or **discussions**: Review these to understand the problems or goals that the pull request aims to address, or to gather information on, for example, any background, design decisions, or current debates.
+* Linked **projects** or **milestones**: Review how this pull request fits within larger projects or upcoming releases.
+
+Use this information to frame your review and check if the goals of the pull request align with the original intent.
+
+{% ifversion copilot %}
+
+### Using {% data variables.copilot.copilot_chat_short %} to understand the rationale
+
+You can ask {% data variables.copilot.copilot_chat_short %} for help understanding the pull request’s intent or for clarification on any part of the change.
+
+1. At the top right of the pull request page, click the **{% octicon "copilot" aria-label="Copilot icon" %}** button next to the search bar.
+
+   The full-page, immersive, mode of {% data variables.copilot.copilot_chat_short %} is displayed, with the pull request attached as context to the prompt window.
+
+1. In the prompt box, type a question and press <kbd>Enter</kbd>. For example, you could enter:
+
+   * `What problem does this pull request solve?`
+   * `Why were these changes needed?`
+   * `Summarize the goals of this PR based on the linked issue.`
+   * `How does this PR relate to issue ISSUE-URL?`
+
+{% data variables.copilot.copilot_chat_short %} can help you clarify the bigger picture before diving into line-level review.
+
+{% endif %}
+
 ## Starting a review
 
 {% data reusables.repositories.sidebar-pr %}

From 60bfa9c7c36e2615f9741d91737e911ff36a7aff Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Thu, 6 Nov 2025 10:38:24 +0000
Subject: [PATCH 2/3] Propose fix to Dependabot documentation (#58315)

---
 .../dependabot-options-reference.md                | 14 ++++++++++----
 data/features/dependabot-schedule-updates.yml      |  6 ++++++
 2 files changed, 16 insertions(+), 4 deletions(-)
 create mode 100644 data/features/dependabot-schedule-updates.yml

diff --git a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
index 97d2c450e448..2d3ab1ad4c43 100644
--- a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
+++ b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
@@ -607,7 +607,9 @@ Reviewers must have at least read access to the repository.
 | `interval` | **Required.** Defines the frequency for {% data variables.product.prodname_dependabot %}. |
 | `day` | Specify the day to run for a **weekly** interval. |
 | `time` | Specify the time to run. |
+| {% ifversion dependabot-schedule-updates %} |
 | `cronjob` | Defines the cron expression if the interval type is `cron`. |
+| {% endif %} |
 | `timezone` | Specify the timezone of the `time` value.  |
 
 {% ifversion fpt or ghec %}
@@ -630,18 +632,18 @@ Each package manager **must** define a schedule interval.
 
 ### `interval`
 
-Supported values: `daily`, `weekly`, `monthly`, or `cron`
+Supported values: `daily`, `weekly`, `monthly`{% ifversion dependabot-schedule-updates %}, or `cron`{% endif %}
 
 Each package manager **must** define a schedule interval.
 
 * Use `daily` to run on every weekday, Monday to Friday.
 * Use `weekly` to run once a week, by default on Monday.
-* Use `monthly` to run on the first day of each month.
-* Use `cron` for cron expression based scheduling option. See [`cronjob`](#cronjob).
+* Use `monthly` to run on the first day of each month.{% ifversion dependabot-schedule-updates %}
+* Use `cron` for cron expression based scheduling option. See [`cronjob`](#cronjob).{% endif %}
 
 {% endif %}
 
-By default, {% data variables.product.prodname_dependabot %} randomly assigns a time to apply all the updates in the configuration file. You can use the `time` and `timezone` parameters to set a specific runtime for all intervals.  If you use a `cron` interval, you can define the update time with a `cronjob` expression.
+By default, {% data variables.product.prodname_dependabot %} randomly assigns a time to apply all the updates in the configuration file. You can use the `time` and `timezone` parameters to set a specific runtime for all intervals.  {% ifversion dependabot-schedule-updates %}If you use a `cron` interval, you can define the update time with a `cronjob` expression.{% endif %}
 
 ### `day`
 
@@ -655,6 +657,8 @@ Format: `hh:mm`
 
 Optionally, run all updates for a package manager at a specific time of day. By default, times are interpreted as UTC.
 
+{% ifversion dependabot-schedule-updates %}
+
 ### `cronjob`
 
 Supported values: Valid cron expression in cron syntax or natural expression.
@@ -684,6 +688,8 @@ updates:
       cronjob: "0 9 * * *"
 ```
 
+{% endif %}
+
 ### `timezone`
 
 Specify a time zone for the `time` value.
diff --git a/data/features/dependabot-schedule-updates.yml b/data/features/dependabot-schedule-updates.yml
new file mode 100644
index 000000000000..48814338060c
--- /dev/null
+++ b/data/features/dependabot-schedule-updates.yml
@@ -0,0 +1,6 @@
+# Reference: #17004
+# Dependabot `schedule` enhancements [GA]
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '> 3.17'

From 899413f3ae0d0b7a1f7785332a35cf11f4e3b954 Mon Sep 17 00:00:00 2001
From: mc <42146119+mchammer01@users.noreply.github.com>
Date: Thu, 6 Nov 2025 11:41:47 +0100
Subject: [PATCH 3/3] [Bug fix] - fix code scanning section for GHES 3.17
 (#58319)

---
 ...global-security-settings-for-your-organization.md | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md
index 5402d7ea3542..3d8fb5c22675 100644
--- a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md
@@ -69,15 +69,17 @@ To update private dependencies of repositories in your organization, {% data var
 {% data reusables.code-scanning.about-code-scanning %}
 
 {% ifversion ghes > 3.16 %}
-<!-- There is only one bullet point in this section, so we don't display a list for GHES 3.17. -->
+<!-- There is only one bullet point in this section, so we don't display a list for GHES 3.17+. -->
+
+You can recommend that repositories in your organization use the "Extended" query suite instead of the "Default" query suite for broader {% data variables.product.prodname_code_scanning %} coverage across your organization. See [Recommending the extended query suite for default setup](#recommending-the-extended-query-suite-for-default-setup).
+
 {% else %}
 
 You can customize several {% data variables.product.prodname_global_settings %} for {% data variables.product.prodname_code_scanning %}:
 
-{% ifversion code-scanning-autofix %}
-* [Enabling {% data variables.copilot.copilot_autofix_short %} for {% data variables.product.prodname_codeql %}](#enabling-copilot-autofix-for-codeql){% endif %}
+{% ifversion code-scanning-autofix %}* [Enabling {% data variables.copilot.copilot_autofix_short %} for {% data variables.product.prodname_codeql %}](#enabling-copilot-autofix-for-codeql){% endif %}
 * [Recommending the extended query suite for default setup](#recommending-the-extended-query-suite-for-default-setup){% ifversion ghes < 3.17 %}
-* [Setting a failure threshold for {% data variables.product.prodname_code_scanning %} checks in pull requests](#setting-a-failure-threshold-for-code-scanning-checks-in-pull-requests)
+* [Setting a failure threshold for {% data variables.product.prodname_code_scanning %} checks in pull requests](#setting-a-failure-threshold-for-code-scanning-checks-in-pull-requests).{% endif %}
 
 {% endif %}
 
@@ -108,7 +110,7 @@ You can choose the severity levels at which {% data variables.product.prodname_c
 You can customize several {% data variables.product.prodname_global_settings %} for {% data variables.product.prodname_secret_scanning %}:
 
 * [Adding a resource link for blocked commits](#adding-a-resource-link-for-blocked-commits)
-* [Defining custom patterns](#defining-custom-patterns){% endif %}{% ifversion push-protected-pattern-configuration %}
+* [Defining custom patterns](#defining-custom-patterns){% ifversion push-protected-pattern-configuration %}
 * [Specifying patterns to include in push protection](#specifying-patterns-to-include-in-push-protection){% endif %}
 
 ### Adding a resource link for blocked commits