Repo sync

content/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-github-app-for-your-copilot-agent.md

@@ -24,21 +24,26 @@ Once you have configured your server and created your {% data variables.product.
 {% data reusables.user-settings.developer_settings %}
 {% data reusables.user-settings.github_apps %}
 1. To the right of the {% data variables.product.prodname_github_app %} you want to configure for your {% data variables.product.prodname_copilot_extension_short %}, click **Edit**.
-1. In the "Identifying and authorizing users" section, under "Callback URL," enter your server's hostname, then click **Save changes**.
+1. In the "Identifying and authorizing users" section, under "Callback URL", enter your server's hostname, then click **Save changes**.
 
-    > [!NOTE] Your server's hostname is the forwarding endpoint that you copied from your terminal when you configured your server. For more information, see [AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-server-to-deploy-your-copilot-agent).
+    > [!NOTE] This step is only required if you intend to request user authorization (OAuth) during installation.
+    >
+    > Your server's hostname is the forwarding endpoint that you copied from your terminal when you configured your server. For more information, see "[AUTOTITLE](/copilot/building-copilot-extensions/creating-a-copilot-extension/configuring-your-server-to-deploy-your-copilot-agent)."
     >
     > If you are using an ephemeral domain in ngrok, you will need to update this URL every time you restart your ngrok server.
 
+1. In the left sidebar, click **Permissions & events**.
+1. To expand the "Account permissions" section, click anywhere in the section.
+1. In the "{% data variables.product.prodname_copilot_chat %}" row, select the **Access:** dropdown menu, then click **Read-only**. Click **Save changes**.
 1. In the left sidebar, click **{% data variables.product.prodname_copilot_short %}**.
-1. Under "URL," enter your server's hostname (aka forwarding endpoint) that you copied from your terminal, then click **Save changes**.
+1. Read the {% data variables.product.prodname_marketplace %} Developer Agreement and the {% data variables.product.github %} Pre-release License Terms, then accept the terms for creating a {% data variables.product.prodname_copilot_extension_short %}.
+1. In the "App type" section, select the dropdown menu, then click **Agent**.
+1. Under "URL," enter your server's hostname (aka forwarding endpoint) that you copied from your terminal.
 
     > [!NOTE] If you are using an ephemeral domain in ngrok, you will need to update this URL every time you restart your ngrok server.
 
+1. Under "Inference description", type a brief description of your agent, then click **Save**. This will be the description users see when they hover over your agent's slug in the chat window.
 1. Your pre-authorization URL is a link on your website that starts the authorization process for your extension. Users will be redirected to this URL when they decide to authorize your extension. If you are using a pre-authorization URL, under "Pre-authorization URL," enter the URL, then click **Save changes**.
-1. In the left sidebar, click **Permissions and events**.
-1. Expand the "Account permissions" section.
-1. In the dropdown menu, to the right of {% data variables.product.prodname_copilot_chat %}, select **Read only**, then click **Save changes**.
 1. In your {% data variables.product.prodname_github_app %} settings, in the left sidebar, click **Install App**, then, next to the account you want to install your app on, click **Install**.
 {% data reusables.copilot.go-to-copilot-page %}
 1. Invoke your extension by typing `@EXTENSION-NAME`, replacing any spaces in the extension name with `-`, then press `Enter`.

package.json

@@ -252,7 +252,7 @@
     "dayjs": "^1.11.3",
     "dotenv": "^16.4.5",
     "escape-string-regexp": "5.0.0",
-    "express": "4.20.0",
+    "express": "4.21.0",
     "express-rate-limit": "7.4.0",
     "fastest-levenshtein": "1.0.16",
     "file-type": "19.4.1",

src/audit-logs/lib/config.json

@@ -3,5 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "ee7d96263a737a0fd8c2b25b852a2ebbb1041ab3"
+  "sha": "59756bf36a9f30cef18140b482fa177f265a41ce"
 }

src/secret-scanning/data/public-docs.yml

@@ -847,6 +847,28 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Coveo
+  supportedSecret: Coveo Access Token
+  secretType: coveoaccesstoken
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
+- provider: Coveo
+  supportedSecret: Coveo API Key
+  secretType: coveoapikey
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: false
+  hasPushProtection: false
+  hasValidityCheck: false
+  isduplicate: false
 - provider: crates.io
   supportedSecret: Crates.io API Token
   secretType: cratesio_api_token
@@ -2355,7 +2377,7 @@
     ghec: '*'
   isPublic: false
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
 - provider: PagerDuty
@@ -2640,7 +2662,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
 - provider: Rootly
@@ -2882,6 +2904,17 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Siemens
+  supportedSecret: Siemens API Token
+  secretType: siemens_api_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: true
+  isPrivateWithGhas: true
+  hasPushProtection: true
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Slack
   supportedSecret: Slack API Token
   secretType: slack_api_token
@@ -3122,6 +3155,17 @@
   hasPushProtection: false
   hasValidityCheck: false
   isduplicate: false
+- provider: Thunderstore
+  supportedSecret: Thunderstore IO API Token
+  secretType: thunderstore_io_api_token
+  versions:
+    fpt: '*'
+    ghec: '*'
+  isPublic: false
+  isPrivateWithGhas: true
+  hasPushProtection: true
+  hasValidityCheck: false
+  isduplicate: false
 - provider: Twilio
   supportedSecret: Twilio Access Token
   secretType: twilio_access_token
@@ -3308,7 +3352,7 @@
     ghec: '*'
   isPublic: true
   isPrivateWithGhas: true
-  hasPushProtection: false
+  hasPushProtection: true
   hasValidityCheck: false
   isduplicate: false
 - provider: Yandex

src/secret-scanning/lib/config.json

@@ -1,5 +1,5 @@
 {
-  "sha": "56c8651ebb221acc9104fa32616f5aad80f1a0c7",
-  "blob-sha": "9c6236aeb13877928f41889c9d10ea85823e9254",
+  "sha": "b37f300b0ad41b4a3cc2bdfb0799b7443edf4311",
+  "blob-sha": "1c84fda1a814138b457b020b75f05e5e35fe6951",
   "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns"
 }