Merge branch 'main' into codespaces-universe-megabranch

Author: hubwriter

.github/workflows/site-policy-sync.yml

@@ -61,7 +61,7 @@ jobs:
           git config --local user.name 'site-policy-bot'
           git config --local user.email 'site-policy-bot@github.com'
           NUM_FILES_CHANGED=$(git diff --name-only HEAD^..HEAD | wc -l)
-          if [[ $NUM_FILES_CHANGED -ge 1]]
+          if [[ $NUM_FILES_CHANGED -ge 1 ]]
             then
               git push --set-upstream origin automated-sync-$GITHUB_RUN_ID
             else

assets/images/help/billing/download-enterprise-GHAS-usage-data.png

@@ -17,26 +17,28 @@ export const ProductGuides = () => {
         <GuidesHero />
       </LandingSection>
 
-      {learningTracks && learningTracks.length > 0 && (
-        <LandingSection
-          title={`${title} learning paths`}
-          className="border-top py-6"
-          sectionLink="learning-paths"
-          description={t('learning_paths_desc')}
-        >
-          <LearningTracks />
-        </LandingSection>
-      )}
+      <div data-search="article-body">
+        {learningTracks && learningTracks.length > 0 && (
+          <LandingSection
+            title={`${title} learning paths`}
+            className="border-top py-6"
+            sectionLink="learning-paths"
+            description={t('learning_paths_desc')}
+          >
+            <LearningTracks />
+          </LandingSection>
+        )}
 
-      {includeGuides && (
-        <LandingSection
-          title={`All ${title} guides`}
-          className="border-top py-6 color-border-default"
-          sectionLink="all-guides"
-        >
-          <ArticleCards />
-        </LandingSection>
-      )}
+        {includeGuides && (
+          <LandingSection
+            title={`All ${title} guides`}
+            className="border-top py-6 color-border-default"
+            sectionLink="all-guides"
+          >
+            <ArticleCards />
+          </LandingSection>
+        )}
+      </div>
     </DefaultLayout>
   )
 }

assets/images/help/billing/download-organization-GHAS-usage-data.png

@@ -28,53 +28,55 @@ export const ProductLanding = () => {
 
   return (
     <DefaultLayout>
-      <LandingSection className="pt-3">
-        <LandingHero />
-      </LandingSection>
-
-      <LandingSection>
-        <FeaturedArticles />
-      </LandingSection>
-
-      {productCodeExamples.length > 0 && (
-        <LandingSection
-          title={t('code_examples')}
-          sectionLink="code-examples"
-          className="my-6 pb-6"
-        >
-          <CodeExamples />
+      <div data-search="article-body">
+        <LandingSection className="pt-3">
+          <LandingHero />
         </LandingSection>
-      )}
 
-      {productCommunityExamples.length > 0 && (
-        <LandingSection title={t('communities_using_discussions')} className="my-6 pb-6">
-          <CommunityExamples />
+        <LandingSection>
+          <FeaturedArticles />
         </LandingSection>
-      )}
 
-      {productUserExamples.length > 0 && (
-        <LandingSection title={t('sponsor_community')} className="my-6 pb-6">
-          <SponsorsExamples />
-        </LandingSection>
-      )}
+        {productCodeExamples.length > 0 && (
+          <LandingSection
+            title={t('code_examples')}
+            sectionLink="code-examples"
+            className="my-6 pb-6"
+          >
+            <CodeExamples />
+          </LandingSection>
+        )}
 
-      {router.query.productId === 'admin' && isEnterpriseServer && (
-        <LandingSection title={t('supported_releases')} className="my-6 pb-6">
-          <ProductReleases />
-        </LandingSection>
-      )}
+        {productCommunityExamples.length > 0 && (
+          <LandingSection title={t('communities_using_discussions')} className="my-6 pb-6">
+            <CommunityExamples />
+          </LandingSection>
+        )}
+
+        {productUserExamples.length > 0 && (
+          <LandingSection title={t('sponsor_community')} className="my-6 pb-6">
+            <SponsorsExamples />
+          </LandingSection>
+        )}
 
-      {featuredLinks.guideCards?.length > 0 && (
-        <div className="color-bg-subtle py-6">
-          <LandingSection title={t('guides')} sectionLink="guides-2" className="my-6">
-            <GuideCards />
+        {router.query.productId === 'admin' && isEnterpriseServer && (
+          <LandingSection title={t('supported_releases')} className="my-6 pb-6">
+            <ProductReleases />
           </LandingSection>
-        </div>
-      )}
+        )}
 
-      <LandingSection title={`All ${shortTitle} docs`} sectionLink="all-docs" className="pt-9">
-        <ProductArticlesList />
-      </LandingSection>
+        {featuredLinks.guideCards?.length > 0 && (
+          <div className="color-bg-subtle py-6">
+            <LandingSection title={t('guides')} sectionLink="guides-2" className="my-6">
+              <GuideCards />
+            </LandingSection>
+          </div>
+        )}
+
+        <LandingSection title={`All ${shortTitle} docs`} sectionLink="all-docs" className="pt-9">
+          <ProductArticlesList />
+        </LandingSection>
+      </div>
     </DefaultLayout>
   )
 }

components/guides/ProductGuides.tsx

@@ -124,7 +124,7 @@ Next, the script gets the current time and sets it as an output variable that ac
 1. Make your `entrypoint.sh` file executable. Git provides a way to explicitly change the permission mode of a file so that it doesn’t get reset every time there is a clone/fork.
 
   ```shell{:copy}
-  $ git update-index —chmod=+x entrypoint.sh
+  $ git update-index --chmod=+x entrypoint.sh
   ```
 
 1. Optionally, to check the permission mode of the file in the git index, run the following command.

components/landing/ProductLanding.tsx

@@ -36,7 +36,7 @@ When you use external authentication, {% data variables.product.product_location
 
 If you use an enterprise with {% data variables.product.prodname_emus %}, members of your enterprise authenticate to access {% data variables.product.prodname_dotcom %} through your SAML identity provider (IdP). For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)" and "[About authentication for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#authentication-methods-for-github-enterprise-server)."
 
-{% data variables.product.product_name %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. You can resolve username conflicts by making a change in your IdP so that the normalized usernames will be unique.
+{% data variables.product.product_name %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} You can resolve username conflicts by making a change in your IdP so that the normalized usernames will be unique.
 
 {% elsif ghae %}
 

content/actions/creating-actions/creating-a-docker-container-action.md

@@ -135,7 +135,7 @@ By default, when an unauthenticated user attempts to access an enterprise that u
 
 {% data variables.product.product_name %} automatically creates a username for each person by normalizing an identifier provided by your IdP. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)."
 
-A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
+A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
 
 The profile name and email address of a {% data variables.product.prodname_managed_user %} is also provided by the IdP. {% data variables.product.prodname_managed_users_caps %} cannot change their profile name or email address on {% data variables.product.prodname_dotcom %}, and the IdP can only provide a single email address.
 

content/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication.md

@@ -66,7 +66,8 @@ If you are a site administrator for {% data variables.product.product_location %
    ```shell
    > Generating public/private ALGORITHM key pair.
    ```
-3. When you're prompted to "Enter a file in which to save the key," press Enter. This accepts the default file location.
+When you're prompted to "Enter a file in which to save the key", you can press **Enter** to accept the default file location. Please note that if you created SSH keys previously, ssh-keygen may ask you to rewrite another key, in which case we recommend creating a custom-named SSH key. To do so, type the default file location and replace id_ssh_keyname with your custom key name.
+
 
    {% mac %}
 

content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md

@@ -88,15 +88,15 @@ You can download the {% data variables.product.prodname_advanced_security %} lic
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.billing_plans %}
-1. Underneath "{% data variables.product.prodname_GH_advanced_security %}," click {% octicon "download" aria-label="The download icon" %} next to "Committers."
+1. Underneath "{% data variables.product.prodname_GH_advanced_security %}," click **{% octicon "download" aria-label="The download icon" %} CSV report** next to "Committers."
   ![Download button for organization-level data](/assets/images/help/billing/download-organization-GHAS-usage-data.png)
 
 #### At the enterprise-level
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
 {% data reusables.enterprise-accounts.license-tab %}
-1. Under "{% data variables.product.prodname_GH_advanced_security %}," click {% octicon "download" aria-label="The download icon" %} next to "Commiters."
+1. Under "{% data variables.product.prodname_GH_advanced_security %}," click **{% octicon "download" aria-label="The download icon" %} CSV report** next to "Committers."
   ![Download button for enterprise-level data](/assets/images/help/billing/download-enterprise-GHAS-usage-data.png)
 
 ### Downloading {% data variables.product.prodname_advanced_security %} license usage information through the REST API

content/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent.md

@@ -40,7 +40,8 @@ For general information about configuring {% data variables.product.prodname_cod
 
 ##  About autobuild for {% data variables.product.prodname_codeql %}
 
-Code scanning works by running queries against one or more databases. Each database contains a representation of all of the code in a single language in your repository. For the compiled languages C/C++, C#, and Java, the process of populating this database involves building the code and extracting data. {% data reusables.code-scanning.analyze-go %}
+{% data variables.product.prodname_code_scanning_capc %} works by running queries against one or more databases. Each database contains a representation of all of the code in a single language in your repository.   
+For the compiled languages C/C++, C#, and Java, the process of populating this database involves building the code and extracting data. {% data reusables.code-scanning.analyze-go %}
 
 {% data reusables.code-scanning.autobuild-compiled-languages %}
 

content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md

@@ -57,7 +57,8 @@ Generally, we name our supported ecosystems after the software programming langu
 - Maven (registry: https://repo.maven.apache.org/maven2)
 - npm (registry: https://www.npmjs.com/)
 - NuGet (registry: https://www.nuget.org/)
-- pip (registry: https://pypi.org/)
+- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
+- pub (registry: https://pub.dev/packages/registry){% endif %}
 - RubyGems (registry: https://rubygems.org/)
 - Rust (registry: https://crates.io/)
 

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md

@@ -784,15 +784,7 @@ registries:
 
 ### `docker-registry`
 
-{% data variables.product.prodname_dependabot %} works with container registries that implement the OCI container registry. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md).  {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central service. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation.
-
-We currently support the container registries listed here:
-
-* Docker Hub
-* {% data variables.product.company_short %} {% data variables.product.prodname_container_registry %}
-* GCR (Google Cloud)
-* Private ECR (AWS) - public ECR support is tracked in [https://github.com/dependabot/dependabot-core/issues/4212](https://github.com/dependabot/dependabot-core/issues/4212).
-
+{% data variables.product.prodname_dependabot %}  works with any container registries that implement the OCI container registry spec. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md).  {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central token service or HTTP Basic Auth. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation and [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) on Wikipedia.
 
 The `docker-registry` type supports username and password.
 

content/code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database.md

@@ -61,7 +61,7 @@ jobs:
           go-version: ">=1.18.0"
 
       - name: Run snapshot action
-        uses: @actions/go-dependency-submission@v1
+        uses: actions/go-dependency-submission@v1
         with:
             # Required: Define the repo path to the go.mod file used by the
             # build target

content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md

@@ -283,14 +283,16 @@ you or your users have two-factor authentication enabled.
 
 The `redirect_uri` parameter is optional. If left out, GitHub will
 redirect users to the callback URL configured in the OAuth Application
-settings. If provided, the redirect URL's host and port must exactly
+settings. If provided, the redirect URL's host (excluding sub-domains) and port must exactly
 match the callback URL. The redirect URL's path must reference a
 subdirectory of the callback URL.
 
     CALLBACK: http://example.com/path
 
     GOOD: http://example.com/path
     GOOD: http://example.com/path/subdir/other
+    GOOD: http://oauth.example.com/path
+    GOOD: http://oauth.example.com/path/subdir/other
     BAD:  http://example.com/bar
     BAD:  http://example.com/
     BAD:  http://example.com:8080/path