diff --git a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md index f562b611052f..ed104aeba5dc 100644 --- a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md +++ b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md @@ -58,7 +58,7 @@ Once enabled, you can do the following: 1. **Provide guidance**: Configure a custom link in the message that contributors will see if their push is blocked by {% data variables.product.prodname_secret_scanning %}. The linked resource can provide guidance for contributors on how to resolve the blocked push. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository)." -1. **Notify**: Define a webhook that specifically tracks {% data variables.secret-scanning.alerts %} created when someone bypasses push protection by using the alert property `"push_protection_bypassed": true`. Or, use the API to get updates on which {% data variables.secret-scanning.alerts %} were the result of a push protection bypass by filtering the list of results for `"push_protection_bypassed": true`. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)." +1. **Notify**: Define a webhook that specifically tracks {% data variables.secret-scanning.alerts %} created when someone bypasses push protection by using the alert property `"push_protection_bypassed": true`. Or, use the API to get updates on which {% data variables.secret-scanning.alerts %} were the result of a push protection bypass by filtering the list of results for `"push_protection_bypassed": true`. For more information, see "[AUTOTITLE](/code-security/getting-started/auditing-security-alerts)." {%- ifversion security-overview-push-protection-metrics-page %} diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md index f60dce08d4ba..a88a4415038a 100644 --- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md +++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md @@ -109,8 +109,8 @@ steps: echo 'If you are using a "manual" build mode for one or more of the' \ 'languages you are analyzing, replace this with the commands to build' \ 'your code, for example:' - echo ' make bootstrap' - echo ' make release' + echo ' make bootstrap' + echo ' make release' exit 1 ``` @@ -190,7 +190,7 @@ The basic {% data variables.code-scanning.codeql_workflow %} uses the `autobuild You can only specify manual build steps if you have enabled advanced setup, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-advanced-setup-for-a-repository)." -{% data reusables.code-scanning.autobuild-add-build-steps %} For information on how to edit the workflow file, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#editing-a-code-scanning-workflow)." +{% data reusables.code-scanning.autobuild-add-build-steps %} For information on how to edit the workflow file, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#editing-a-code-scanning-workflow)." {% ifversion codeql-no-build %} Update your workflow to define the `build-mode` as `manual`. diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md index cf30340a821a..3e8297b1923d 100644 --- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md +++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md @@ -38,7 +38,7 @@ You can run {% data variables.product.prodname_code_scanning %} on {% data varia With advanced setup for {% data variables.product.prodname_code_scanning %}, you can customize a {% data variables.product.prodname_code_scanning %} workflow for granular control over your configuration. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning)." -{% data variables.product.prodname_codeql %} analysis is just one type of {% data variables.product.prodname_code_scanning %} you can do in {% data variables.product.prodname_dotcom %}. {% data variables.product.prodname_marketplace %}{% ifversion ghes %} on {% data variables.product.prodname_dotcom_the_website %}{% endif %} contains other {% data variables.product.prodname_code_scanning %} workflows you can use. {% ifversion fpt or ghec %}You can find a selection of these on the "Get started with {% data variables.product.prodname_code_scanning %}" page, which you can access from the **{% octicon "shield" aria-hidden="true" %} Security** tab.{% endif %} The specific examples given in this article relate to the {% data variables.code-scanning.codeql_workflow %} file. +{% data variables.product.prodname_codeql %} analysis is just one type of {% data variables.product.prodname_code_scanning %} you can do in {% data variables.product.prodname_dotcom %}. {% data variables.product.prodname_marketplace %}{% ifversion ghes %} on {% data variables.product.prodname_dotcom_the_website %}{% endif %} contains other {% data variables.product.prodname_code_scanning %} workflows you can use. {% ifversion fpt or ghec %}You can find a selection of these on the "Get started with {% data variables.product.prodname_code_scanning %}" page, which you can access from the **{% octicon "shield" aria-hidden="true" %} Security** tab.{% endif %} The specific examples given in this article relate to the {% data variables.code-scanning.codeql_workflow %} file. ## Editing a {% data variables.product.prodname_code_scanning %} workflow @@ -156,7 +156,7 @@ jobs: {% ifversion ghes %}You must ensure that Git is in the PATH variable on your self-hosted runners.{% else %}If you use a self-hosted runner, you must ensure that Git is in the PATH variable.{% endif %} For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners)" and "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners)." -For recommended specifications (RAM, CPU cores, and disk) for running {% data variables.product.prodname_codeql %} analysis{% ifversion not ghes %} on self-hosted machines{% endif %}, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/recommended-hardware-resources-for-running-codeql)." +For recommended specifications (RAM, CPU cores, and disk) for running {% data variables.product.prodname_codeql %} analysis{% ifversion not ghes %} on self-hosted machines{% endif %}, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/recommended-hardware-resources-for-running-codeql)." ## Specifying the location for {% data variables.product.prodname_codeql %} databases @@ -336,7 +336,7 @@ If your workflow uses packs that are published on a {% data variables.product.pr The package patterns in the registries list are examined in order, so you should generally place the most specific package patterns first. The values for `token` must be a {% data variables.product.pat_v1 %} generated by the GitHub instance you are downloading from with the `read:packages` permission. -Notice the `|` after the `registries` property name. This is important since {% data variables.product.prodname_actions %} inputs can only accept strings. Using the `|` converts the subsequent text to a string, which is parsed later by the {% data reusables.actions.action-codeql-action-init %} action. +Notice the `|` after the `registries` property name. This is important since {% data variables.product.prodname_actions %} inputs can only accept strings. Using the `|` converts the subsequent text to a string, which is parsed later by the {% data reusables.actions.action-codeql-action-init %} action. ### Using queries in QL packs @@ -549,7 +549,7 @@ This step in a {% data variables.product.prodname_actions %} workflow file uses You can use the same approach to specify any valid configuration options in the workflow file. > [!TIP] -> You can share one configuration across multiple repositories using {% data variables.product.prodname_actions %} variables. One benefit of this approach is that you can update the configuration in a single place without editing the workflow file. +> You can share one configuration across multiple repositories using {% data variables.product.prodname_actions %} variables. One benefit of this approach is that you can update the configuration in a single place without editing the workflow file. > > In the following example, `vars.CODEQL_CONF` is a {% data variables.product.prodname_actions %} variable. Its value can be the contents of any valid configuration file. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows)." > diff --git a/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md b/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md index 5fffafa31b7e..52a814e20247 100644 --- a/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md +++ b/content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md @@ -164,7 +164,7 @@ Any valid SARIF 2.1.0 output file can be uploaded, however, {% data variables.pr ### `reportingDescriptor` object -This is where you store details of the rules that are run during analysis. Information in these objects should change infrequently, typically when you update the tool. For more information, see "[Understanding rules and results](#understanding-rules-and-results)" above. +This is where you store details of the rules that are run during analysis. Information in these objects should change infrequently, typically when you update the tool. For more information, see "[Understanding rules and results](#understanding-rules-and-results)" above. | Name | Required | Description | |----|----|----| @@ -182,7 +182,7 @@ This is where you store details of the rules that are run during analysis. Infor ### `result` object -Each `result` object contains details for one alert in the codebase. Within the `results` object, you can reference the rule that detected the alert. For more information, see "[Understanding rules and results](#understanding-rules-and-results)" above. +Each `result` object contains details for one alert in the codebase. Within the `results` object, you can reference the rule that detected the alert. For more information, see "[Understanding rules and results](#understanding-rules-and-results)" above. {% data reusables.code-scanning.upload-sarif-alert-limit %} @@ -194,7 +194,7 @@ Each `result` object contains details for one alert in the codebase. Within the | `level`| {% octicon "x" aria-label="Optional" %} | The severity of the result. This level overrides the default severity defined by the rule. {% data variables.product.prodname_code_scanning_caps %} uses the level to filter results by severity on {% data variables.product.prodname_dotcom %}. | `message.text`| {% octicon "check" aria-label="Required" %} | A message that describes the result. {% data variables.product.prodname_code_scanning_caps %} displays the message text as the title of the result. Only the first sentence of the message will be displayed when visible space is limited. | `locations[]`| {% octicon "check" aria-label="Required" %} | The set of locations where the result was detected up to a maximum of 10. Only one location should be included unless the problem can only be corrected by making a change at every specified location. **Note:** At least one location is required for {% data variables.product.prodname_code_scanning %} to display a result. {% data variables.product.prodname_code_scanning_caps %} will use this property to decide which file to annotate with the result. Only the first value of this array is used. All other values are ignored. -| `partialFingerprints`| {% octicon "check" aria-label="Required" %} | A set of strings used to track the unique identity of the result. {% data variables.product.prodname_code_scanning_caps %} uses `partialFingerprints` to accurately identify which results are the same across commits and branches. {% data variables.product.prodname_code_scanning_caps %} will attempt to use `partialFingerprints` if they exist. If you are uploading third-party SARIF files with the `upload-action`, the action will create `partialFingerprints` for you when they are not included in the SARIF file. For more information, see "[Providing data to track code scanning alerts across runs](#providing-data-to-track-code-scanning-alerts-across-runs)." **Note:** {% data variables.product.prodname_code_scanning_caps %} only uses the `primaryLocationLineHash`. +| `partialFingerprints`| {% octicon "check" aria-label="Required" %} | A set of strings used to track the unique identity of the result. {% data variables.product.prodname_code_scanning_caps %} uses `partialFingerprints` to accurately identify which results are the same across commits and branches. {% data variables.product.prodname_code_scanning_caps %} will attempt to use `partialFingerprints` if they exist. If you are uploading third-party SARIF files with the `upload-action`, the action will create `partialFingerprints` for you when they are not included in the SARIF file. For more information, see "[Providing data to track code scanning alerts across runs](#providing-data-to-track-code-scanning-alerts-across-runs)." **Note:** {% data variables.product.prodname_code_scanning_caps %} only uses the `primaryLocationLineHash`. | `codeFlows[].threadFlows[].locations[]`| {% octicon "x" aria-label="Optional" %} | An array of `location` objects for a `threadFlow` object, which describes the progress of a program through a thread of execution. A `codeFlow` object describes a pattern of code execution used to detect a result. If code flows are provided, {% data variables.product.prodname_code_scanning %} will expand code flows on {% data variables.product.prodname_dotcom %} for the relevant result. For more information, see the [`location` object](#location-object). | `relatedLocations[]`| {% octicon "x" aria-label="Optional" %} | A set of locations relevant to this result. {% data variables.product.prodname_code_scanning_caps %} will link to related locations when they are embedded in the result message. For more information, see the [`location` object](#location-object). diff --git a/content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md b/content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md index d20ef199cb47..efe91bf96d1d 100644 --- a/content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md +++ b/content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md @@ -49,7 +49,7 @@ You can upload the results using {% data variables.product.prodname_actions %}, ## Uploading a {% data variables.product.prodname_code_scanning %} analysis with {% data variables.product.prodname_actions %} -To use {% data variables.product.prodname_actions %} to upload a third-party SARIF file to a repository, you'll need a workflow. For more information, see "[AUTOTITLE](/actions/learn-github-actions)." +To use {% data variables.product.prodname_actions %} to upload a third-party SARIF file to a repository, you'll need a workflow. For more information, see "[AUTOTITLE](/actions/learn-github-actions)." Your workflow will need to use the `upload-sarif` action, which is part of the `github/codeql-action` repository. It has input parameters that you can use to configure the upload. The main input parameters you'll use are: @@ -58,7 +58,7 @@ Your workflow will need to use the `upload-sarif` action, which is part of the ` For more information, see the {% ifversion codeql-action-node16-deprecated %}[`upload-sarif` action](https://github.com/github/codeql-action/tree/v3/upload-sarif){% else %}[`upload-sarif` action](https://github.com/github/codeql-action/tree/v2/upload-sarif){% endif %}. -The `upload-sarif` action can be configured to run when the `push` and `scheduled` event occur. For more information about {% data variables.product.prodname_actions %} events, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows)." +The `upload-sarif` action can be configured to run when the `push` and `scheduled` event occur. For more information about {% data variables.product.prodname_actions %} events, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows)." If your SARIF file doesn't include `partialFingerprints`, the `upload-sarif` action will calculate the `partialFingerprints` field for you and attempt to prevent duplicate alerts. {% data variables.product.prodname_dotcom %} can only create `partialFingerprints` when the repository contains both the SARIF file and the source code used in the static analysis. For more information about preventing duplicate alerts, see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs)." diff --git a/content/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system.md b/content/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system.md index ef7c887079ce..79c8eceaed2d 100644 --- a/content/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system.md +++ b/content/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system.md @@ -33,7 +33,7 @@ You can add the {% data variables.product.prodname_codeql_cli %} to your third-p The {% data variables.product.prodname_codeql_cli %} is a standalone, command-line tool that you can use to analyze code. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/about-the-codeql-cli)." -Alerts for {% data variables.product.prodname_code_scanning %} that you generate externally are displayed in the same way as those for {% data variables.product.prodname_code_scanning %} that you generate within {% data variables.product.prodname_dotcom %}. {% data reusables.code-scanning.about-multiple-configurations-link %} +Alerts for {% data variables.product.prodname_code_scanning %} that you generate externally are displayed in the same way as those for {% data variables.product.prodname_code_scanning %} that you generate within {% data variables.product.prodname_dotcom %}. {% data reusables.code-scanning.about-multiple-configurations-link %} {% data reusables.code-scanning.upload-sarif-ghas %} @@ -41,7 +41,7 @@ Alerts for {% data variables.product.prodname_code_scanning %} that you generate You will first need to download your analysis tool of choice and set it up with your CI system. -If you are using the {% data variables.product.prodname_codeql_cli %}, you need to make the full contents of the {% data variables.product.prodname_codeql_cli %} bundle available to every CI server that you want to run {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} analysis on. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli)." +If you are using the {% data variables.product.prodname_codeql_cli %}, you need to make the full contents of the {% data variables.product.prodname_codeql_cli %} bundle available to every CI server that you want to run {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} analysis on. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli)." Once you've made your analysis tool available to servers in your CI system, you're ready to generate data. diff --git a/content/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts.md b/content/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts.md index e058970cbaf7..1707d3ece86c 100644 --- a/content/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts.md +++ b/content/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts.md @@ -97,7 +97,7 @@ The severity level for a {% data variables.product.prodname_code_scanning %} ale * **Severity.** All {% data variables.product.prodname_code_scanning %} alerts have a level of `Error`, `Warning`, or `Note`. * **Security severity.** Each security alert found using {% data variables.product.prodname_codeql %} also has a security severity level of `Critical`, `High`, `Medium`, or `Low`. -When an alert has a security severity level, {% data variables.product.prodname_code_scanning %} displays and uses this level in preference to the `severity`. Security severity levels follow the industry-standard Common Vulnerability Scoring System (CVSS) that is also used for advisories in the {% data variables.product.prodname_advisory_database %}. For more information, see [CVSS: Qualitative Severity Rating Scale](https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale). +When an alert has a security severity level, {% data variables.product.prodname_code_scanning %} displays and uses this level in preference to the `severity`. Security severity levels follow the industry-standard Common Vulnerability Scoring System (CVSS) that is also used for advisories in the {% data variables.product.prodname_advisory_database %}. For more information, see [CVSS: Qualitative Severity Rating Scale](https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale). ### Pull request check failures for {% data variables.product.prodname_code_scanning %} alerts diff --git a/content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md b/content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md index 2d61645b76aa..a537aee8fb5a 100644 --- a/content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md +++ b/content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md @@ -90,7 +90,7 @@ You can see any {% data variables.product.prodname_code_scanning %} alerts that You can also view all {% data variables.product.prodname_code_scanning %} alerts that are inside the diff of the changes introduced in the pull request in the **Files changed** tab. -If you add a new code scanning configuration in your pull request, you will see a comment on your pull request directing you to the **Security** tab of the repository so you can view all the alerts on the pull request branch. For more information about viewing the alerts for a repository, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/assessing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository)." +If you add a new code scanning configuration in your pull request, you will see a comment on your pull request directing you to the **Security** tab of the repository so you can view all the alerts on the pull request branch. For more information about viewing the alerts for a repository, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/assessing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository)." If you have write permission for the repository, some annotations contain links with extra context for the alert. In the example above, from {% data variables.product.prodname_codeql %} analysis, you can click **user-provided value** to see where the untrusted data enters the data flow (this is referred to as the source). In this case you can also view the full path from the source to the code that uses the data (the sink) by clicking **Show paths**. This makes it easy to check whether the data is untrusted or if the analysis failed to recognize a data sanitization step between the source and the sink. For information about analyzing data flow using {% data variables.product.prodname_codeql %}, see "[About data flow analysis](https://codeql.github.com/docs/writing-codeql-queries/about-data-flow-analysis/)." @@ -104,7 +104,7 @@ In the detailed view for an alert, some {% data variables.product.prodname_code_ ## Commenting on an alert in a pull request -You can comment on any {% data variables.product.prodname_code_scanning %} alert that appears in a pull request. Alerts appear as annotations in the **Conversation** tab of a pull request, as part of a pull request review, and also are shown in the **Files changed** tab. +You can comment on any {% data variables.product.prodname_code_scanning %} alert that appears in a pull request. Alerts appear as annotations in the **Conversation** tab of a pull request, as part of a pull request review, and also are shown in the **Files changed** tab. You can choose to require all conversations in a pull request, including those on {% data variables.product.prodname_code_scanning %} alerts, to be resolved before a pull request can be merged. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-conversation-resolution-before-merging)." diff --git a/content/code-security/code-scanning/troubleshooting-code-scanning/c-sharp-compiler-unexpectedly-failing.md b/content/code-security/code-scanning/troubleshooting-code-scanning/c-sharp-compiler-unexpectedly-failing.md index 240e0a38fc39..75329811bae0 100644 --- a/content/code-security/code-scanning/troubleshooting-code-scanning/c-sharp-compiler-unexpectedly-failing.md +++ b/content/code-security/code-scanning/troubleshooting-code-scanning/c-sharp-compiler-unexpectedly-failing.md @@ -13,7 +13,7 @@ versions: The {% data variables.product.prodname_codeql %} tracer injects some flags into the C# compiler invocation to ensure every component is built and included in the {% data variables.product.prodname_codeql %} database, which may cause your C# code to build differently to what you expect during {% data variables.product.prodname_codeql %} analysis. See "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages)." -`/p:EmitCompilerGeneratedFiles=true` is one of the injected properties, and emits compiler-generated files during the build process. This option causes the compiler to generate additional files that are used to support features such as improved regular expression support, serialization, and web application view generation. These generated artifacts are typically not written to disk by the compiler, but setting the option to `true` forces writing the files to disk, and so the extractor can process the files. +`/p:EmitCompilerGeneratedFiles=true` is one of the injected properties, and emits compiler-generated files during the build process. This option causes the compiler to generate additional files that are used to support features such as improved regular expression support, serialization, and web application view generation. These generated artifacts are typically not written to disk by the compiler, but setting the option to `true` forces writing the files to disk, and so the extractor can process the files. For some legacy projects, and projects that use `.sqlproj` files, you may see that the injected `/p:EmitCompilerGeneratedFiles=true` property causes unexpected issues with `msbuild`. diff --git a/content/code-security/code-scanning/troubleshooting-code-scanning/no-source-code-seen-during-build.md b/content/code-security/code-scanning/troubleshooting-code-scanning/no-source-code-seen-during-build.md index efeb4c7476ae..a0121acafe7c 100644 --- a/content/code-security/code-scanning/troubleshooting-code-scanning/no-source-code-seen-during-build.md +++ b/content/code-security/code-scanning/troubleshooting-code-scanning/no-source-code-seen-during-build.md @@ -28,7 +28,7 @@ If your workflow fails with `Error: "No source code was seen during the build"` For more information, see the workflow extract in "[AUTOTITLE](/code-security/code-scanning/troubleshooting-code-scanning/some-languages-were-not-analyzed)". -1. _Compilation of a compiled language failed:_ Your {% data variables.product.prodname_code_scanning %} workflow tries to compile a compiled language (C, C++, C#, Go, or Java), but the code was not compiled. {% ifversion codeql-no-build %}When a workflow specifies `build-mode: autobuild` for a language or contains an `autobuild` step,{% elsif ghes %}By default, the {% data variables.product.prodname_codeql %} analysis workflow contains an `autobuild` step and{% endif %} {% data variables.product.prodname_codeql %} makes a best effort to detect a suitable build method and build your code. The `autobuild` process may not succeed in building your code, depending on your specific build environment. Compilation may also fail if you have removed the `autobuild` step and did not include build steps manually. For more information about defining build steps, see {% ifversion codeql-no-build %}"[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#using-build-mode-manual-and-specifying-build-steps){% elsif ghes %}"[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#adding-build-steps-for-a-compiled-language){% endif %}." +1. _Compilation of a compiled language failed:_ Your {% data variables.product.prodname_code_scanning %} workflow tries to compile a compiled language (C, C++, C#, Go, or Java), but the code was not compiled. {% ifversion codeql-no-build %}When a workflow specifies `build-mode: autobuild` for a language or contains an `autobuild` step,{% elsif ghes %}By default, the {% data variables.product.prodname_codeql %} analysis workflow contains an `autobuild` step and{% endif %} {% data variables.product.prodname_codeql %} makes a best effort to detect a suitable build method and build your code. The `autobuild` process may not succeed in building your code, depending on your specific build environment. Compilation may also fail if you have removed the `autobuild` step and did not include build steps manually. For more information about defining build steps, see {% ifversion codeql-no-build %}"[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#using-build-mode-manual-and-specifying-build-steps){% elsif ghes %}"[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#adding-build-steps-for-a-compiled-language){% endif %}." 1. _Cached components not detected:_ Your workflow builds a compiled language (C, C++, C#, Go, or Java) to create a {% data variables.product.prodname_codeql %} database for analysis, but portions of your build are cached to improve performance (most likely to occur with build systems like Gradle or Bazel). Since {% data variables.product.prodname_codeql %} observes the activity of the compiler to understand the data flows in a repository, {% data variables.product.prodname_codeql %} requires a complete build to take place in order to perform analysis. diff --git a/content/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large.md b/content/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large.md index 66c0fb33cfad..ec3c15d51af7 100644 --- a/content/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large.md +++ b/content/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large.md @@ -79,7 +79,7 @@ Excluding non-production code from analysis is a simple way to reduce the size o Using a build command that compiles only one variant is a simple way to reduce the size of the results file. * {% data variables.product.prodname_codeql %} advanced setup for {% data variables.product.prodname_code_scanning %}: update the workflow file to specify your chosen build command. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#adding-build-steps-for-a-compiled-language)." -* {% data variables.product.prodname_codeql_cli %} `database create`: specify your chosen build command either by calling the `database create` command with the `--command` option, or by defining the build command in a YAML configuration file for code scanning and calling the file using the `--codescanning-config` option. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis#specifying-build-commands)." +* {% data variables.product.prodname_codeql_cli %} `database create`: specify your chosen build command either by calling the `database create` command with the `--command` option, or by defining the build command in a YAML configuration file for code scanning and calling the file using the `--codescanning-config` option. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis#specifying-build-commands)." ### Defining the query suite to run diff --git a/content/code-security/code-scanning/troubleshooting-sarif-uploads/missing-token.md b/content/code-security/code-scanning/troubleshooting-sarif-uploads/missing-token.md index 026341014da7..ccbdbf4be5bf 100644 --- a/content/code-security/code-scanning/troubleshooting-sarif-uploads/missing-token.md +++ b/content/code-security/code-scanning/troubleshooting-sarif-uploads/missing-token.md @@ -33,4 +33,4 @@ You could see this error for SARIF files created using any tool and uploaded usi ## Fixing the problem -Create a new {% data variables.product.pat_generic %} or {% data variables.product.prodname_github_app %} with the correct permission. For more information see, "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens)", or "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app)" and "[AUTOTITLE](/apps/creating-github-apps/about-creating-github-apps/deciding-when-to-build-a-github-app)." +Create a new {% data variables.product.pat_generic %} or {% data variables.product.prodname_github_app %} with the correct permission. For more information see, "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens)", or "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app)" and "[AUTOTITLE](/apps/creating-github-apps/about-creating-github-apps/deciding-when-to-build-a-github-app)." diff --git a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md index 26085d6c3a98..1d7a6d0c503c 100644 --- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md +++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md @@ -66,7 +66,7 @@ You must specify ``, `--format`, and `--output`. You can specify addit | --output | {% octicon "check" aria-label="Required" %} | Specify the location where you want to save the SARIF results file, including the desired filename with the `.sarif` extension. | | --sarif-category | {% octicon "question" aria-label="Required with multiple results sets" %} | Optional for single database analysis. Required to define the language when you analyze multiple databases for a single commit in a repository.

Specify a category to include in the SARIF results file for this analysis. A category is used to distinguish multiple analyses for the same tool and commit, but performed on different languages or different parts of the code. | | --sarif-add-baseline-file-info | {% octicon "x" aria-label="Optional" %} | **Recommended.** Use to submit file coverage information to the {% data variables.code-scanning.tool_status_page %}. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page#how-codeql-defines-scanned-files)." | -| --sarif-include-query-help | {% octicon "x" aria-label="Optional" %} | Specify whether to include query help in the SARIF output. One of: `always`: Include query help for all queries. `custom_queries_only` (default): Include query help only for custom queries, that is, queries in query packs which are not of the form `codeql/-queries`. `never`: Do not include query help for any queries. Any query help for custom queries included in the SARIF output will be displayed in any code scanning alerts for the query. For more information, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/using-custom-queries-with-the-codeql-cli#including-query-help-for-custom-codeql-queries-in-sarif-files)." | +| --sarif-include-query-help | {% octicon "x" aria-label="Optional" %} | Specify whether to include query help in the SARIF output. One of: `always`: Include query help for all queries. `custom_queries_only` (default): Include query help only for custom queries, that is, queries in query packs which are not of the form `codeql/-queries`. `never`: Do not include query help for any queries. Any query help for custom queries included in the SARIF output will be displayed in any code scanning alerts for the query. For more information, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/using-custom-queries-with-the-codeql-cli#including-query-help-for-custom-codeql-queries-in-sarif-files)." | | `` | {% octicon "x" aria-label="Optional" %} | Use if you want to include {% data variables.product.prodname_codeql %} query packs in your analysis. For more information, see "[Downloading and using {% data variables.product.prodname_codeql %} packs](/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs#downloading-and-using-codeql-query-packs)." | | --download | {% octicon "x" aria-label="Optional" %} | Use if some of your {% data variables.product.prodname_codeql %} query packs are not yet on disk and need to be downloaded before running queries. | | --threads | {% octicon "x" aria-label="Optional" %} | Use if you want to use more than one thread to run queries. The default value is `1`. You can specify more threads to speed up query execution. To set the number of threads to the number of logical processors, specify `0`. | diff --git a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md index 94e8d1d8098a..bf2ce1cea8e4 100644 --- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md +++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md @@ -149,7 +149,7 @@ pack. > The default query suite of the standard {% data variables.product.prodname_codeql %} query packs are `codeql-suites/-code-scanning.qls`. Several other useful query suites can also be found in the `codeql-suites` directory of each pack. For example, the `codeql/cpp-queries` pack contains the following query suites: > > * `cpp-code-scanning.qls` - Standard Code Scanning queries for C++. The default query suite for this pack. -> * `cpp-security-extended.qls` - Queries from the default `cpp-code-scanning.qls` suite for C++, plus lower severity and precision queries. +> * `cpp-security-extended.qls` - Queries from the default `cpp-code-scanning.qls` suite for C++, plus lower severity and precision queries. > * `cpp-security-and-quality.qls` - Queries from `cpp-security-extended.qls`, plus maintainability and reliability queries. > > You can see the sources for these query suites in the [{% data variables.product.prodname_codeql %} repository](https://github.com/github/codeql/tree/main/cpp/ql/src/codeql-suites). Query suites for other languages are similar. diff --git a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md index 9bc43e0f01fd..55a35601cfd6 100644 --- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md +++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md @@ -365,7 +365,7 @@ Based on your operating system, we recommend you run: ... The `codeql database init` command creates `/temp/tracingEnvironment` with files that contain environment variables and values that will enable {% data variables.product.prodname_codeql %} to trace a sequence of build steps. These files are named `start-tracing.{json,sh,bat,ps1}`. Use one of these files with your CI system’s mechanism for setting environment variables for future steps. You can: * Read the JSON file, process it, and print out environment variables in the format expected by your CI system. For example, Azure DevOps expects `echo "##vso[task.setvariable variable=NAME]VALUE"`. -* Or, if your CI system persists the environment, source the appropriate `start-tracing` script to set the {% data variables.product.prodname_codeql %} variables in the shell environment of the CI system. +* Or, if your CI system persists the environment, source the appropriate `start-tracing` script to set the {% data variables.product.prodname_codeql %} variables in the shell environment of the CI system. Build your code; optionally, unset the environment variables using an `end-tracing.{json,sh,bat,ps1}` script from the directory where the `start-tracing` scripts are stored; and then run the command `codeql database finalize `. diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/about-codeql-workspaces.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/about-codeql-workspaces.md index 071412c24aed..81761611ad5b 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/about-codeql-workspaces.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/about-codeql-workspaces.md @@ -69,7 +69,7 @@ This is particularly useful in the following situations: All {% data variables.product.prodname_codeql %} packs in a workspace are available as source dependencies for each other when you run any {% data variables.product.prodname_codeql %} command that resolves queries or packs. For example, when you run `codeql pack install` in a pack directory in a workspace, any dependency that can be found in the workspace will be used instead of downloading that dependency to the package cache and adding it to the `codeql-pack.lock.yml` file. For more information, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs#adding-and-installing-dependencies)." -Similarly, when you publish a {% data variables.product.prodname_codeql %} query pack to the {% data variables.product.prodname_dotcom %} container registry using `codeql pack publish` the command will always use the dependencies from the workspace instead of using dependencies found in the local package cache. +Similarly, when you publish a {% data variables.product.prodname_codeql %} query pack to the {% data variables.product.prodname_dotcom %} container registry using `codeql pack publish` the command will always use the dependencies from the workspace instead of using dependencies found in the local package cache. This ensures that any local changes you make to a query library in a dependency are automatically reflected in any query packs you publish from that workspace. @@ -100,7 +100,7 @@ dependencies: codeql/cpp-all: ~0.2.0 ``` -Notice that the `dependencies` block for the {% data variables.product.prodname_codeql %} query pack, `my-company/my-queries`, specifies `"*"` as the version of the library pack. Since the library pack is already defined as a source dependency in `codeql-workspace.yml`, the library pack’s content is always resolved from inside the workspace. Any version constraint you define will be ignored in this case. We recommend that you use `"*"` for source dependencies to make it clear that the version is inherited from the workspace. +Notice that the `dependencies` block for the {% data variables.product.prodname_codeql %} query pack, `my-company/my-queries`, specifies `"*"` as the version of the library pack. Since the library pack is already defined as a source dependency in `codeql-workspace.yml`, the library pack’s content is always resolved from inside the workspace. Any version constraint you define will be ignored in this case. We recommend that you use `"*"` for source dependencies to make it clear that the version is inherited from the workspace. When you execute `codeql pack install` from the query pack directory, an appropriate version of `codeql/cpp-all` is downloaded to the local package cache. Also, a `codeql-pack.lock.yml` file is created that contains the resolved version of `codeql/cpp-all`. The lock file won’t contain an entry for `my-company/my-library` since it is resolved from source dependencies. The `codeql-pack.lock.yml` file will look something like this: diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/advanced-setup-of-the-codeql-cli.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/advanced-setup-of-the-codeql-cli.md index 0a5341b0ec38..236f0d4ccbbf 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/advanced-setup-of-the-codeql-cli.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/advanced-setup-of-the-codeql-cli.md @@ -81,7 +81,7 @@ For example, if the path to your copy of the {% data variables.product.prodname_ * Run `codeql resolve languages` to show which languages are available for database creation. This will list the languages supported by default in your {% data variables.product.prodname_codeql_cli %} package. * Run `codeql resolve qlpacks` to show which {% data variables.product.prodname_codeql %} packs the CLI can find. This will display the names of all the {% data variables.product.prodname_codeql %} packs directly available to the {% data variables.product.prodname_codeql_cli %}. This should include: * Query packs for each supported language, for example, `codeql/{language}-queries`. These packs contain the standard queries that will be run for each analysis. -* Library packs for each supported language, for example, `codeql/{language}-all`. These packs contain query libraries, such as control flow and data flow libraries, that may be useful to query writers. +* Library packs for each supported language, for example, `codeql/{language}-all`. These packs contain query libraries, such as control flow and data flow libraries, that may be useful to query writers. * Example packs for each supported language, for example, `codeql/{language}-examples`. These packs contain useful snippets of {% data variables.product.prodname_codeql %} that query writers may find useful. * Legacy packs that ensure custom queries and libraries created using older products are compatible with your version of {% data variables.product.prodname_codeql %}. diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs.md index 6e0c4512adc6..5b43ee284c8d 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs.md @@ -134,7 +134,7 @@ This command downloads all dependencies to the shared cache on the local disk. The recommended way to experiment with changes to a pack is to clone the repository containing its source code. -If no source repository is available and you need to base modifications on a pack downloaded from the {% data variables.product.prodname_container_registry %}, be aware that these packs are not intended to be modified or customized after downloading, and their format may change in the future without much notice. We recommend taking the following steps after downloading a pack if you need to modify the content: +If no source repository is available and you need to base modifications on a pack downloaded from the {% data variables.product.prodname_container_registry %}, be aware that these packs are not intended to be modified or customized after downloading, and their format may change in the future without much notice. We recommend taking the following steps after downloading a pack if you need to modify the content: * Change the pack _name_ in `qlpack.yml` so you avoid confusion with results from the unmodified pack. diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/extractor-options.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/extractor-options.md index 0a899a3594b0..37bb5c593695 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/extractor-options.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/extractor-options.md @@ -82,7 +82,7 @@ When running these subcommands, you can set extractor options with the `--extrac * `codeql database create --extractor-option java.option1=abc ...` * `codeql database start-tracing --extractor-option java.group1.option2=102 ...` -`--extractor-option` requires exactly one argument of the form `extractor_option_name=extractor_option_value`. `extractor_option_name` is the name of the extractor (in this example, `java`) followed by a period and then the name of the extractor option (in this example, either `option1` or `group1.option2`). `extractor_option_value` is the value being assigned to the extractor option. The value must match the regular expression pattern of the extractor option (if it exists), and it must not contain newline characters. +`--extractor-option` requires exactly one argument of the form `extractor_option_name=extractor_option_value`. `extractor_option_name` is the name of the extractor (in this example, `java`) followed by a period and then the name of the extractor option (in this example, either `option1` or `group1.option2`). `extractor_option_value` is the value being assigned to the extractor option. The value must match the regular expression pattern of the extractor option (if it exists), and it must not contain newline characters. Using `--extractor-option` to assign an extractor option that does not exist is an error. diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md index f6af538ec9c5..0674c522c59d 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md @@ -55,7 +55,7 @@ You can publish packs and download private packs by authenticating to the approp {% endif %} -You can authenticate to the {% data variables.product.prodname_container_registry %} in two ways: +You can authenticate to the {% data variables.product.prodname_container_registry %} in two ways: 1. Pass the `--github-auth-stdin` option to the {% data variables.product.prodname_codeql_cli %}, then supply a {% data variables.product.prodname_github_apps %} token or {% data variables.product.pat_generic %} via standard input. 1. Set the `GITHUB_TOKEN` environment variable to a {% data variables.product.prodname_github_apps %} token or {% data variables.product.pat_generic %}. @@ -135,7 +135,7 @@ This command accepts arguments for multiple packs. If you write scripts that specify a particular version number of a query pack to download, keep in mind that when you update your version of {% data variables.product.prodname_codeql %} to a newer one, you may -also need to switch to a newer version of the query pack. Newer +also need to switch to a newer version of the query pack. Newer versions of {% data variables.product.prodname_codeql %} _may_ provide degraded performance when used with query packs that have been pinned to a very old version. For more information, see "[About {% data variables.product.prodname_codeql %} @@ -162,7 +162,7 @@ codeql analyze / / ``` > [!NOTE] -> The `codeql pack download` command stores the pack it downloads in an internal location that is not intended for local modification. Unexpected (and hard to troubleshoot) behavior may result if the pack is modified after downloading. For more information about customizing packs, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs)." +> The `codeql pack download` command stores the pack it downloads in an internal location that is not intended for local modification. Unexpected (and hard to troubleshoot) behavior may result if the pack is modified after downloading. For more information about customizing packs, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs)." ## About {% data variables.product.prodname_codeql %} pack compatibility diff --git a/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries-at-scale-with-multi-repository-variant-analysis.md b/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries-at-scale-with-multi-repository-variant-analysis.md index 5a79a1ae0558..c03717e9f266 100644 --- a/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries-at-scale-with-multi-repository-variant-analysis.md +++ b/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries-at-scale-with-multi-repository-variant-analysis.md @@ -21,7 +21,7 @@ When you run MRVA against a list of repositories, your query is run against each You need to enable {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %} on {% data variables.product.github %}, using either default setup or advanced setup, before adding your repository to a list for analysis. For information about enabling {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#configuring-code-scanning-automatically)." -### How MRVA runs queries against {% data variables.product.prodname_codeql %} databases on {% data variables.product.prodname_dotcom_the_website %} +### How MRVA runs queries against {% data variables.product.prodname_codeql %} databases on {% data variables.product.prodname_dotcom_the_website %} When you run MRVA, the analysis is run entirely using {% data variables.product.prodname_actions %}. You don't need to create any workflows, but you must specify which repository the {% data variables.product.prodname_codeql %} for {% data variables.product.prodname_vscode %} extension should use as a controller repository. As the analysis of each repository completes, the results are sent to {% data variables.product.prodname_vscode_shortname %} for you to view. @@ -125,7 +125,7 @@ You can export your results for further analysis or to discuss them with collabo ## Creating a custom list of repositories > [!NOTE] -> {% data variables.product.prodname_codeql %} analysis always requires a {% data variables.product.prodname_codeql %} database to run queries against. When you run variant analysis against a list of repositories, your query will only be executed against the repositories that currently have a {% data variables.product.prodname_codeql %} database available to download. The best way to make a repository available for variant analysis is to enable {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}. For information about enabling {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#configuring-code-scanning-automatically)." +> {% data variables.product.prodname_codeql %} analysis always requires a {% data variables.product.prodname_codeql %} database to run queries against. When you run variant analysis against a list of repositories, your query will only be executed against the repositories that currently have a {% data variables.product.prodname_codeql %} database available to download. The best way to make a repository available for variant analysis is to enable {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}. For information about enabling {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, see "[AUTOTITLE](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#configuring-code-scanning-automatically)." 1. In the "Variant Analysis Repositories" view, click the "Add list" icon. diff --git a/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries.md b/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries.md index cd4a13e99be6..69405fdf9c6a 100644 --- a/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries.md +++ b/content/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries.md @@ -121,7 +121,7 @@ The "Query History" view contains information including the date and time when t If a result links to a source code element, you can click it to display it in the source. -To use standard code navigation features in the source code, you can right-click an element and use the commands **Go to Definition** or **Go to References**. This runs a {% data variables.product.prodname_codeql %} query over the active file, which may take a few seconds. This query needs to run once for every file, so any additional references from the same file will be fast. +To use standard code navigation features in the source code, you can right-click an element and use the commands **Go to Definition** or **Go to References**. This runs a {% data variables.product.prodname_codeql %} query over the active file, which may take a few seconds. This query needs to run once for every file, so any additional references from the same file will be fast. > [!NOTE] > If you're using an older database, code navigation commands such as **Go to Definition** and **Go to References** may not work. To use code navigation, try unzipping the database and running `codeql database cleanup ` on the unzipped database using the {% data variables.product.prodname_codeql_cli %}. Then, re-add the database to {% data variables.product.prodname_vscode %}. For more information, see "[AUTOTITLE](/code-security/codeql-cli/codeql-cli-manual/database-cleanup)." diff --git a/content/code-security/codeql-for-vs-code/troubleshooting-codeql-for-vs-code/accessing-logs.md b/content/code-security/codeql-for-vs-code/troubleshooting-codeql-for-vs-code/accessing-logs.md index a7e3b237789d..fbd6679bde23 100644 --- a/content/code-security/codeql-for-vs-code/troubleshooting-codeql-for-vs-code/accessing-logs.md +++ b/content/code-security/codeql-for-vs-code/troubleshooting-codeql-for-vs-code/accessing-logs.md @@ -29,7 +29,7 @@ You can access the following logs: * {% data variables.product.prodname_codeql %} Tests > [!NOTE] -> The {% data variables.product.prodname_codeql %} Language Server log contains more advanced debug logs for {% data variables.product.prodname_codeql %} language maintainers. You should only need these to provide details in a bug report. +> The {% data variables.product.prodname_codeql %} Language Server log contains more advanced debug logs for {% data variables.product.prodname_codeql %} language maintainers. You should only need these to provide details in a bug report. ## Accessing logs diff --git a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/setting-up-a-codeql-workspace.md b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/setting-up-a-codeql-workspace.md index 4698cf181ed7..952897f60dc4 100644 --- a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/setting-up-a-codeql-workspace.md +++ b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/setting-up-a-codeql-workspace.md @@ -54,6 +54,6 @@ There are several different ways to give the extension access to the standard li ### Option 3: Open the directory containing the extracted {% data variables.product.prodname_codeql_cli %} archive > [!NOTE] -> For this option, you need to set up the {% data variables.product.prodname_codeql_cli %}. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli)." +> For this option, you need to set up the {% data variables.product.prodname_codeql_cli %}. For more information, see "[AUTOTITLE](/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli)." In {% data variables.product.prodname_vscode_shortname %}, open the directory where you extracted the {% data variables.product.prodname_codeql_cli %} .zip archive to create a {% data variables.product.prodname_codeql %} directory (for example `codeql-home`). diff --git a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/telemetry-in-codeql-for-visual-studio-code.md b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/telemetry-in-codeql-for-visual-studio-code.md index ab718a75ee95..1163bbcda58a 100644 --- a/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/telemetry-in-codeql-for-visual-studio-code.md +++ b/content/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/telemetry-in-codeql-for-visual-studio-code.md @@ -41,7 +41,7 @@ If you opt in, {% data variables.product.company_short %} collects the following * IP address of the client sending the telemetry data. This is discarded before aggregation. -* Whether any {% data variables.product.prodname_codeql %} for {% data variables.product.prodname_vscode_shortname %} extension settings are configured. For more information about customizing settings, see "[AUTOTITLE](/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/customizing-settings)." +* Whether any {% data variables.product.prodname_codeql %} for {% data variables.product.prodname_vscode_shortname %} extension settings are configured. For more information about customizing settings, see "[AUTOTITLE](/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/customizing-settings)." ## How long data is retained diff --git a/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md b/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md index 44f9595ad89a..5565b75ef043 100644 --- a/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md @@ -85,7 +85,7 @@ When {% data variables.product.product_name %} identifies a vulnerable dependenc > [!WARNING] > {% data variables.product.product_name %}'s security features do not claim to catch all vulnerabilities. We actively maintain {% data variables.product.prodname_advisory_database %} and generate alerts with the most up-to-date information. However, we cannot catch everything or tell you about known vulnerabilities within a guaranteed time frame. These features are not substitutes for human review of each dependency for potential vulnerabilities or any other issues, and we recommend consulting with a security service or conducting a thorough dependency review when necessary. -## Access to {% data variables.product.prodname_dependabot_alerts %} +## Access to {% data variables.product.prodname_dependabot_alerts %} You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's **Security** tab or{% endif %} in the repository's dependency graph. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts)." diff --git a/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md b/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md index 12b8f7f4c8da..eb7500fb1ecc 100644 --- a/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md +++ b/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md @@ -1,7 +1,7 @@ --- title: Configuring notifications for Dependabot alerts shortTitle: Configure notifications -intro: 'Optimize how you receive notifications about {% data variables.product.prodname_dependabot_alerts %}.' +intro: 'Optimize how you receive notifications about {% data variables.product.prodname_dependabot_alerts %}.' redirect_from: - /github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies - /code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies @@ -52,7 +52,7 @@ You can configure notification settings for yourself or your organization from t ![Screenshot of the notification options for {% data variables.product.prodname_dependabot_alerts %}.](/assets/images/help/enterprises/dependabot-alerts-options-no-ui.png){% endif %} > [!NOTE] -> You can filter your notifications on {% data variables.product.company_short %} to show {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox#dependabot-custom-filters)." +> You can filter your notifications on {% data variables.product.company_short %} to show {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox#dependabot-custom-filters)." {% data reusables.repositories.security-alerts-x-github-severity %} For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications#filtering-email-notifications)." diff --git a/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md b/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md index 2d941a81ed4e..ae354cbe09ee 100644 --- a/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md +++ b/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -41,7 +41,7 @@ If you enable {% data variables.product.prodname_dependabot_security_updates %}, {% data reusables.dependabot.dependabot-security-updates-disable-for-alert-rules %} -{% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} +{% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} {% data variables.product.prodname_dependabot %} checks whether it's possible to upgrade the vulnerable dependency to a fixed version without disrupting the dependency graph for the repository. Then {% data variables.product.prodname_dependabot %} raises a pull request to update the dependency to the minimum version that includes the patch and links the pull request to the {% data variables.product.prodname_dependabot %} alert, or reports an error on the alert. For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors)." diff --git a/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index 0a1bd63c5977..b66aae1aedd1 100644 --- a/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md +++ b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -149,7 +149,7 @@ updates: ``` > [!NOTE] -> In order for {% data variables.product.prodname_dependabot %} to use this configuration for security updates, the `directory` must be the path to the manifest files, and you should not specify a `target-branch`. +> In order for {% data variables.product.prodname_dependabot %} to use this configuration for security updates, the `directory` must be the path to the manifest files, and you should not specify a `target-branch`. ## Further reading diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index def75282d524..b2de5e9321ef 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -29,14 +29,14 @@ The {% data variables.product.prodname_dependabot %} configuration file, `depend You must store this file in the `.github` directory of your repository in the default branch. When you add or update the `dependabot.yml` file, this triggers an immediate check for version updates. For more information and an example, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#enabling-dependabot-version-updates)." -Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." +Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." > [!NOTE] > You cannot configure {% data variables.product.prodname_dependabot_alerts %} using the `dependabot.yml` file. The `dependabot.yml` file has two mandatory top-level keys: `version`, and `updates`. You can, optionally, include a top-level `registries` key. The file must start with `version: 2`. -For a real-world example of `dependabot.yml` file, see [{% data variables.product.prodname_dependabot %}'s own configuration file](https://github.com/dependabot/dependabot-core/blob/main/.github/dependabot.yml). +For a real-world example of `dependabot.yml` file, see [{% data variables.product.prodname_dependabot %}'s own configuration file](https://github.com/dependabot/dependabot-core/blob/main/.github/dependabot.yml). ## Configuration options for the `dependabot.yml` file @@ -230,7 +230,7 @@ updates: interval: "weekly" ``` -{% data reusables.dependabot.multidirectory-vs-pr-grouping %} For more information about grouping, see "[`groups`](#groups)." +{% data reusables.dependabot.multidirectory-vs-pr-grouping %} For more information about grouping, see "[`groups`](#groups)." {% endif %} @@ -1098,7 +1098,7 @@ registries: ### `docker-registry` -{% data variables.product.prodname_dependabot %} works with any container registries that implement the OCI container registry spec. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md). {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central token service or HTTP Basic Auth. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation and [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) on Wikipedia. +{% data variables.product.prodname_dependabot %} works with any container registries that implement the OCI container registry spec. For more information, see [https://github.com/opencontainers/distribution-spec/blob/main/spec.md](https://github.com/opencontainers/distribution-spec/blob/main/spec.md). {% data variables.product.prodname_dependabot %} supports authentication to private registries via a central token service or HTTP Basic Auth. For further details, see [Token Authentication Specification](https://docs.docker.com/registry/spec/auth/token/) in the Docker documentation and [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) on Wikipedia. The `docker-registry` type supports username and password. {% data reusables.dependabot.password-definition %} diff --git a/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md b/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md index ba6d5b24525c..1eb499d4f585 100644 --- a/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md @@ -77,7 +77,7 @@ updates: By default, {% data variables.product.prodname_dependabot %} raises pull requests without any reviewers or assignees. -You can use `reviewers` and `assignees` to specify reviewers and assignees for all pull requests raised for a package manager. When you specify a team, you must use the full team name, as if you were @mentioning the team (including the organization). +You can use `reviewers` and `assignees` to specify reviewers and assignees for all pull requests raised for a package manager. When you specify a team, you must use the full team name, as if you were @mentioning the team (including the organization). The example `dependabot.yml` file below changes the npm configuration so that all pull requests opened with version and security updates for npm will have two reviewers and one assignee. diff --git a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md index 0ca05c4469ae..60743efa50b3 100644 --- a/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md +++ b/content/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners.md @@ -63,7 +63,7 @@ You can manage {% data variables.product.prodname_dependabot %} on {% data varia {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Dependabot", to the right of "{% data variables.product.prodname_dependabot %} on Actions runners", click **Enable** to enable the feature or **Disable** to disable it. +1. Under "Dependabot", to the right of "{% data variables.product.prodname_dependabot %} on Actions runners", click **Enable** to enable the feature or **Disable** to disable it. ### Enabling or disabling for your organization diff --git a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md index 12beffb7b393..eb8faacac258 100644 --- a/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md +++ b/content/code-security/dependabot/working-with-dependabot/guidance-for-the-configuration-of-private-registries-for-dependabot.md @@ -95,7 +95,7 @@ registries: ### Cargo -Cargo supports username, password and token-based authentication. For more information, see `cargo-registry` in "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#cargo-registry)." +Cargo supports username, password and token-based authentication. For more information, see `cargo-registry` in "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#cargo-registry)." The snippet below shows a `dependabot.yml` file configuration that uses a token. @@ -575,7 +575,7 @@ If the `yarn.lock` file doesn't list the private registry as the dependency sour {% data reusables.dependabot.access-private-dependencies-link %} -For scoped dependencies (`@my-org/my-dep`), {% data variables.product.prodname_dependabot %} requires that the private registry is defined in the project's `.yarnrc file`. To define private registries for individual scopes, use `@myscope:registry" "https://private_registry_url"`. +For scoped dependencies (`@my-org/my-dep`), {% data variables.product.prodname_dependabot %} requires that the private registry is defined in the project's `.yarnrc file`. To define private registries for individual scopes, use `@myscope:registry" "https://private_registry_url"`. ## Configuring private registry hosts @@ -603,7 +603,7 @@ The `target branch` setting does not work with {% data variables.product.prodnam ### Azure Artifacts -For information about Azure Artifacts and instructions on how to configure {% data variables.product.prodname_dependabot %} to work with Azure Artifacts, see [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/artifacts/?view=azure-devops) in the Azure Artifacts documentation, and [Use Dependabot in GitHub with Azure Artifacts](https://josh-ops.com/posts/github-dependabot-with-azure-artifacts/), respectively. +For information about Azure Artifacts and instructions on how to configure {% data variables.product.prodname_dependabot %} to work with Azure Artifacts, see [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/artifacts/?view=azure-devops) in the Azure Artifacts documentation, and [Use Dependabot in GitHub with Azure Artifacts](https://josh-ops.com/posts/github-dependabot-with-azure-artifacts/), respectively. Example of Azure Artifacts registry: diff --git a/content/code-security/dependabot/working-with-dependabot/managing-dependabot-on-self-hosted-runners.md b/content/code-security/dependabot/working-with-dependabot/managing-dependabot-on-self-hosted-runners.md index 27ac620e63f1..f6fd7b8d9b3e 100644 --- a/content/code-security/dependabot/working-with-dependabot/managing-dependabot-on-self-hosted-runners.md +++ b/content/code-security/dependabot/working-with-dependabot/managing-dependabot-on-self-hosted-runners.md @@ -17,7 +17,7 @@ topics: ## About {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_actions %} self-hosted runners -{% data reusables.dependabot.dependabot-updates-and-actions %} For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners)." +{% data reusables.dependabot.dependabot-updates-and-actions %} For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners)." {% data reusables.dependabot.dependabot-on-actions-future-note %} @@ -84,7 +84,7 @@ You can manage {% data variables.product.prodname_dependabot %} on self-hosted r {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %} -1. Under "Dependabot", to the right of "{% data variables.product.prodname_dependabot %} on self-hosted runners", click **Enable** to enable the feature or **Disable** to disable it. +1. Under "Dependabot", to the right of "{% data variables.product.prodname_dependabot %} on self-hosted runners", click **Enable** to enable the feature or **Disable** to disable it. ### Enabling or disabling for your organization diff --git a/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md index 99a9603005ce..564b5eacd145 100644 --- a/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -102,7 +102,7 @@ my project --> B (1.0.1) [~1.0.0] ``` -If a security vulnerability is released for `B` versions `<2.0.0` and a patch is available at `2.0.0` then {% data variables.product.prodname_dependabot %} will attempt to update `B` but will find that it's not possible due to the restriction in place by `A` which only allows lower vulnerable versions. To fix the vulnerability, {% data variables.product.prodname_dependabot %} will look for updates to dependency `A` which allow the fixed version of `B` to be used. +If a security vulnerability is released for `B` versions `<2.0.0` and a patch is available at `2.0.0` then {% data variables.product.prodname_dependabot %} will attempt to update `B` but will find that it's not possible due to the restriction in place by `A` which only allows lower vulnerable versions. To fix the vulnerability, {% data variables.product.prodname_dependabot %} will look for updates to dependency `A` which allow the fixed version of `B` to be used. {% data variables.product.prodname_dependabot %} automatically generates a pull request that upgrades both the locked parent and child transitive dependencies. diff --git a/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index b0d5e4a63c5f..4f2544e5e51c 100644 --- a/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -46,7 +46,7 @@ topics: ## Why don't I get {% data variables.product.prodname_dependabot_alerts %} for some ecosystems? -{% data variables.product.prodname_dependabot_alerts %} are supported for a set of ecosystems where we can provide high-quality, actionable data. Curated advisories in the {% data variables.product.prodname_advisory_database %}, the dependency graph, {% ifversion fpt or ghec %}{% data variables.product.prodname_dependabot %} security updates, {% endif %}and {% data variables.product.prodname_dependabot_alerts %} are provided for several ecosystems, including Java’s Maven, JavaScript’s npm and Yarn, .NET’s NuGet, Python’s pip, Ruby's RubyGems, and PHP’s Composer. For an overview of the package ecosystems that we support for {% data variables.product.prodname_dependabot_alerts %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/dependency-graph-supported-package-ecosystems#supported-package-ecosystems)." +{% data variables.product.prodname_dependabot_alerts %} are supported for a set of ecosystems where we can provide high-quality, actionable data. Curated advisories in the {% data variables.product.prodname_advisory_database %}, the dependency graph, {% ifversion fpt or ghec %}{% data variables.product.prodname_dependabot %} security updates, {% endif %}and {% data variables.product.prodname_dependabot_alerts %} are provided for several ecosystems, including Java’s Maven, JavaScript’s npm and Yarn, .NET’s NuGet, Python’s pip, Ruby's RubyGems, and PHP’s Composer. For an overview of the package ecosystems that we support for {% data variables.product.prodname_dependabot_alerts %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/dependency-graph-supported-package-ecosystems#supported-package-ecosystems)." It's worth noting that security advisories may exist for other ecosystems. The information in an unreviewed security advisory is provided by the maintainers of a particular repository. This data is not curated by {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.link-browsing-advisory-db %} diff --git a/content/code-security/getting-started/dependabot-quickstart-guide.md b/content/code-security/getting-started/dependabot-quickstart-guide.md index 5d458e0cdf6c..f7fa67784405 100644 --- a/content/code-security/getting-started/dependabot-quickstart-guide.md +++ b/content/code-security/getting-started/dependabot-quickstart-guide.md @@ -18,7 +18,7 @@ shortTitle: Dependabot quickstart ## About {% data variables.product.prodname_dependabot %} -This quickstart guide walks you through setting up and enabling {% data variables.product.prodname_dependabot %} and viewing {% data variables.product.prodname_dependabot_alerts %} and updates for a repository. +This quickstart guide walks you through setting up and enabling {% data variables.product.prodname_dependabot %} and viewing {% data variables.product.prodname_dependabot_alerts %} and updates for a repository. {% data reusables.dependabot.dependabot-overview %} @@ -34,7 +34,7 @@ You need to start by forking the demo repository. 1. Navigate to [https://github.com/dependabot/demo](https://github.com/dependabot/demo). 1. At the top of the page, on the right, click **{% octicon "repo-forked" aria-hidden="true" %} Fork**. -1. Select an owner (you can select your {% data variables.product.prodname_dotcom %} personal account) and type a repository name. For more information about forking repositories, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo#forking-a-repository)." +1. Select an owner (you can select your {% data variables.product.prodname_dotcom %} personal account) and type a repository name. For more information about forking repositories, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo#forking-a-repository)." 1. Click **Create fork**. ## Enabling {% data variables.product.prodname_dependabot %} for your repository diff --git a/content/code-security/secret-scanning/introduction/about-secret-scanning.md b/content/code-security/secret-scanning/introduction/about-secret-scanning.md index 37bdb1a8eb94..505b99163c74 100644 --- a/content/code-security/secret-scanning/introduction/about-secret-scanning.md +++ b/content/code-security/secret-scanning/introduction/about-secret-scanning.md @@ -32,7 +32,7 @@ When a supported secret is leaked, {% data variables.product.product_name %} gen {% ifversion fpt or ghec %}Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. We automatically run {% data variables.product.prodname_secret_scanning %} for partner patterns on all public repositories and public npm packages.{% data reusables.secret-scanning.partner-program-link %} -Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner, and aren't displayed on {% data variables.product.prodname_dotcom %}. For more information about partner patterns, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)."{% endif %} +Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner, and aren't displayed on {% data variables.product.prodname_dotcom %}. For more information about partner patterns, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)."{% endif %} For information about the secrets and service providers supported by {% data variables.product.prodname_secret_scanning %}, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)." diff --git a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts.md b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts.md index ac9bd343f95d..c2d6a386c313 100644 --- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts.md +++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts.md @@ -66,7 +66,7 @@ You will only see the option to report a privately exposed secret to {% data var ## Closing alerts > [!NOTE] ->{% data variables.product.prodname_secret_scanning_caps %} doesn't automatically close alerts when the corresponding token has been removed from the repository. You must manually close these alerts in the alert list on {% data variables.product.prodname_dotcom %}. +>{% data variables.product.prodname_secret_scanning_caps %} doesn't automatically close alerts when the corresponding token has been removed from the repository. You must manually close these alerts in the alert list on {% data variables.product.prodname_dotcom %}. {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md index e3433484ca50..d4e6023a8da7 100644 --- a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md +++ b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md @@ -28,7 +28,7 @@ You can define custom patterns for your enterprise, organization, or repository. You can specify custom patterns for {% data variables.product.prodname_secret_scanning %} as one or more regular expressions. -{% data variables.product.prodname_secret_scanning_caps %} uses the [Hyperscan library](https://github.com/intel/hyperscan) and only supports Hyperscan regex constructs, which are a subset of PCRE syntax. Hyperscan option modifiers are not supported. For more information on Hyperscan pattern constructs, see "[Pattern support](http://intel.github.io/hyperscan/dev-reference/compilation.html#pattern-support)" in the Hyperscan documentation. +{% data variables.product.prodname_secret_scanning_caps %} uses the [Hyperscan library](https://github.com/intel/hyperscan) and only supports Hyperscan regex constructs, which are a subset of PCRE syntax. Hyperscan option modifiers are not supported. For more information on Hyperscan pattern constructs, see "[Pattern support](http://intel.github.io/hyperscan/dev-reference/compilation.html#pattern-support)" in the Hyperscan documentation. {% ifversion secret-scanning-custom-pattern-ai-generated %}Regular expressions can be entered manually or generated using {% data variables.secret-scanning.copilot-secret-scanning %}'s {% data variables.secret-scanning.custom-pattern-regular-expression-generator %}. @@ -41,7 +41,7 @@ The **More options {% octicon "chevron-down" aria-hidden="true" %}** section in * **After secret:** an expression that describes the characters that come after the secret. By default, this is set to `\z|[^0-9A-Za-z]` which means that the secret must be followed by a new line or a non-alphanumeric character. * **Additional match requirements:** one or more optional expressions that the secret itself must or must not match. -For simple tokens you will usually only need to specify a secret format. The other fields provide flexibility so that you can specify more complex secrets without creating complex regular expressions. For an example of a custom pattern, see "[Example of a custom pattern specified using additional requirements](#example-of-a-custom-pattern-specified-using-additional-requirements)" below. +For simple tokens you will usually only need to specify a secret format. The other fields provide flexibility so that you can specify more complex secrets without creating complex regular expressions. For an example of a custom pattern, see "[Example of a custom pattern specified using additional requirements](#example-of-a-custom-pattern-specified-using-additional-requirements)" below. {% ifversion secret-scanning-custom-pattern-ai-generated %} diff --git a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md index cd14cd02b015..1196a061794c 100644 --- a/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md +++ b/content/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/best-practices-for-writing-repository-security-advisories.md @@ -59,7 +59,7 @@ For more information about the {% data variables.product.prodname_advisory_datab * Smaller numbers are earlier versions than larger numbers. for example, `1.0.0` is a lower version than `2.0.0` * Earlier letters in the alphabet are earlier versions than later letters in the alphabet. For example, `2.0.0-a` is an earlier version than `2.0.0-b`. -* Any letters that come after a number are considered part of a prerelease, so any versions with letters after the numbers are earlier versions than numbers without letters in the version number. For example, `2.0.0-alpha`, `2.0.0-beta`, and `2.0.0-rc` are earlier than `2.0.0`. +* Any letters that come after a number are considered part of a prerelease, so any versions with letters after the numbers are earlier versions than numbers without letters in the version number. For example, `2.0.0-alpha`, `2.0.0-beta`, and `2.0.0-rc` are earlier than `2.0.0`. * A fixed version cannot be smaller than the largest number in the VVR. For example, a vulnerable version is released and the maintainer recommends downgrading. The maintainer cannot label that lower version as a fixed or patched version in the `Fixed` field because that version is smaller than the vulnerable version. ### Supported operators diff --git a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database.md b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database.md index 836dcb1d4aeb..504d81027e08 100644 --- a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database.md +++ b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database.md @@ -107,7 +107,7 @@ The {% data variables.product.prodname_advisory_database %} uses the CVSS levels The Exploit Prediction Scoring System, or EPSS, is a system devised by the global Forum of Incident Response and Security Teams (FIRST) for quantifying the likelihood of vulnerability exploit. The model produces a probability score between 0 and 1 (0 and 100%), where the higher the score, the greater the probability that a vulnerability will be exploited. For more information about FIRST, see https://www.first.org/. -The {% data variables.product.prodname_advisory_database %} includes EPSS scores from FIRST for advisories containing CVEs with corresponding EPSS data. {% data variables.product.company_short %} also displays the EPSS score percentile, which is the proportion of all scored vulnerabilities with the same or a lower EPSS score. +The {% data variables.product.prodname_advisory_database %} includes EPSS scores from FIRST for advisories containing CVEs with corresponding EPSS data. {% data variables.product.company_short %} also displays the EPSS score percentile, which is the proportion of all scored vulnerabilities with the same or a lower EPSS score. For example, if an advisory had an EPSS score that had a percentage of 90.534% at the 95th percentile, according to the [EPSS model](https://www.first.org/epss/model), this means that: @@ -116,7 +116,7 @@ For example, if an advisory had an EPSS score that had a percentage of 90.534% a Extended information about how to interpret this data can be found in FIRST's EPSS User Guide. This information helps you understand how both percentage and percentile can be used to interpret the likelihood that a vulnerability could be exploited in the wild according to FIRST's model. For more information, see the [FIRST's EPSS User Guide](https://www.first.org/epss/user-guide) on the FIRST website. -FIRST also provides additional information around the distribution of their EPSS data. For more information, see [EPSS data and statistics documentation](https://www.first.org/epss/data_stats) on the FIRST website. +FIRST also provides additional information around the distribution of their EPSS data. For more information, see [EPSS data and statistics documentation](https://www.first.org/epss/data_stats) on the FIRST website. >[!NOTE] {% data variables.product.company_short %} keeps EPSS data up to date with a daily synchronization action. While EPSS score percentages will always be fully synchronized, score percentiles will only be updated when significantly different. diff --git a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md index 744f63e9db8e..492d52ba735f 100644 --- a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md +++ b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md @@ -27,7 +27,7 @@ The advisories in the {% data variables.product.prodname_advisory_database %} ar Anyone can suggest improvements on any global security advisory in the {% data variables.product.prodname_advisory_database %}. You can edit or add any detail, including additionally affected ecosystems, severity level or description of who is impacted. The {% data variables.product.prodname_security %} curation team will review the submitted improvements and publish them onto the {% data variables.product.prodname_advisory_database %} if accepted. {% ifversion security-advisories-credit-types %} -If we accept and publish the improvement, the person who submitted the improvement will automatically be assigned a credit type of "Analyst". For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/creating-a-repository-security-advisory#about-credits-for-repository-security-advisories)."{% endif %} +If we accept and publish the improvement, the person who submitted the improvement will automatically be assigned a credit type of "Analyst". For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/creating-a-repository-security-advisory#about-credits-for-repository-security-advisories)."{% endif %} {% ifversion fpt or ghec %} Only repository owners and administrators can edit repository-level security advisories. For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/editing-a-repository-security-advisory)."{% endif %} diff --git a/content/code-security/security-advisories/working-with-repository-security-advisories/permission-levels-for-repository-security-advisories.md b/content/code-security/security-advisories/working-with-repository-security-advisories/permission-levels-for-repository-security-advisories.md index 6628e8abc37e..883bc218eee9 100644 --- a/content/code-security/security-advisories/working-with-repository-security-advisories/permission-levels-for-repository-security-advisories.md +++ b/content/code-security/security-advisories/working-with-repository-security-advisories/permission-levels-for-repository-security-advisories.md @@ -18,7 +18,7 @@ topics: - Permissions shortTitle: Permission levels --- -This article applies only to repository-level security advisories. Anyone can contribute to global security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories). Edits to global advisories will not change or affect how the advisory appears on the repository. For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database)." +This article applies only to repository-level security advisories. Anyone can contribute to global security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories). Edits to global advisories will not change or affect how the advisory appears on the repository. For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database)." ## Permissions overview diff --git a/content/code-security/security-overview/filtering-alerts-in-security-overview.md b/content/code-security/security-overview/filtering-alerts-in-security-overview.md index bef09d25e828..af87d65c5a15 100644 --- a/content/code-security/security-overview/filtering-alerts-in-security-overview.md +++ b/content/code-security/security-overview/filtering-alerts-in-security-overview.md @@ -148,8 +148,8 @@ The level of risk for a repository is determined by the number and severity of a | Qualifier | Description | | -------- | -------- | | `code-scanning-alerts` | Display data for repositories that have exactly (`=`), more than (`>`) or fewer than (`<`) a specific number of {% data variables.product.prodname_code_scanning %} alerts. For example: `code-scanning-alerts:>100` for repositories with more than 100 alerts. | -| `dependabot-alerts` | Display data for repositories that have a specific number (`=`), more than (`>`) or fewer than (`<`) a specific number of {% data variables.product.prodname_dependabot_alerts %}. For example: `dependabot-alerts:<=10` for repositories with fewer than or equal to 10 alerts.| -| `secret-scanning-alerts` | Display data for repositories that have a specific number (`=`), more than (`>`) or fewer than (`<`) a specific number of {% data variables.secret-scanning.alerts %}. For example: `secret-scanning-alerts:=10` for repositories with exactly 10 alerts.| +| `dependabot-alerts` | Display data for repositories that have a specific number (`=`), more than (`>`) or fewer than (`<`) a specific number of {% data variables.product.prodname_dependabot_alerts %}. For example: `dependabot-alerts:<=10` for repositories with fewer than or equal to 10 alerts.| +| `secret-scanning-alerts` | Display data for repositories that have a specific number (`=`), more than (`>`) or fewer than (`<`) a specific number of {% data variables.secret-scanning.alerts %}. For example: `secret-scanning-alerts:=10` for repositories with exactly 10 alerts.| {% ifversion security-overview-dashboard %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md index 33ab81d7b048..e3eaa1580847 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -45,7 +45,7 @@ Other supply chain features on {% data variables.product.prodname_dotcom %} rely * Dependency review uses the dependency graph to identify dependency changes and help you understand the security impact of these changes when you review pull requests. * {% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of advisories published in the {% data variables.product.prodname_advisory_database %}, scans your dependencies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. -* {% data variables.product.prodname_dependabot_security_updates %} use the dependency graph and {% data variables.product.prodname_dependabot_alerts %} to help you update dependencies with known vulnerabilities in your repository. +* {% data variables.product.prodname_dependabot_security_updates %} use the dependency graph and {% data variables.product.prodname_dependabot_alerts %} to help you update dependencies with known vulnerabilities in your repository. {% data variables.product.prodname_dependabot_version_updates %} don't use the dependency graph and rely on the semantic versioning of dependencies instead. {% data variables.product.prodname_dependabot_version_updates %} help you keep your dependencies updated, even when they don’t have any vulnerabilities. diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index 9d874fe87dff..6f48aa11b47d 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -53,7 +53,7 @@ The dependency graph includes all the dependencies of a repository that are deta * Direct dependencies, that are explicitly defined in a manifest or lock file or have been submitted using the {% data variables.dependency-submission-api.name %} * Indirect dependencies of these direct dependencies, also known as transitive dependencies or sub-dependencies -The dependency graph identifies indirect dependencies{% ifversion fpt or ghec %} only if they are defined in a lock file or have been submitted using the {% data variables.dependency-submission-api.name %}. For the most reliable graph, you should use lock files (or their equivalent) because they define exactly which versions of the direct and indirect dependencies you currently use. If you use lock files, you also ensure that all contributors to the repository are using the same versions, which will make it easier for you to test and debug code{% else %} from the lock files{% endif %}. If your ecosystem does not have lock files, you can use pre-made actions that resolve transitive dependencies for many ecosystems. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api#using-pre-made-actions)." +The dependency graph identifies indirect dependencies{% ifversion fpt or ghec %} only if they are defined in a lock file or have been submitted using the {% data variables.dependency-submission-api.name %}. For the most reliable graph, you should use lock files (or their equivalent) because they define exactly which versions of the direct and indirect dependencies you currently use. If you use lock files, you also ensure that all contributors to the repository are using the same versions, which will make it easier for you to test and debug code{% else %} from the lock files{% endif %}. If your ecosystem does not have lock files, you can use pre-made actions that resolve transitive dependencies for many ecosystems. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api#using-pre-made-actions)." For more information on how {% data variables.product.product_name %} helps you understand the dependencies in your environment, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)." diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository.md index 02bb3383c5f2..3f11aadf2382 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository.md @@ -67,7 +67,7 @@ Once enabled, automatic dependency submission jobs will run on the self-hosted r * The self-hosted runners are unavailable. * There aren't any runner groups tagged with a `dependency-submission` label. ->[!NOTE] When using self-hosted runners, you need to add access to the Maven server settings file to allow the dependency submission workflows to connect to private registries. Dependencies from private registries will be included in the dependency tree in the next `pom.xml` update. For more information about the Maven server settings file, see [Security and Deployment Settings](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#transitive-dependencies) in the Maven documentation. +>[!NOTE] When using self-hosted runners, you need to add access to the Maven server settings file to allow the dependency submission workflows to connect to private registries. Dependencies from private registries will be included in the dependency tree in the next `pom.xml` update. For more information about the Maven server settings file, see [Security and Deployment Settings](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#transitive-dependencies) in the Maven documentation. ## Using {% data variables.product.company_short %}-hosted {% data variables.actions.hosted_runners %} for automatic dependency submission diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md index ced05270835f..4ccb3dc539c6 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md @@ -54,7 +54,7 @@ Dependency review is available when dependency graph is enabled for the instance {% data reusables.dependency-review.org-level-enforcement %} -Here is a list of common configuration options. For more information, and a full list of options, see [Dependency Review](https://github.com/marketplace/actions/dependency-review) on the {% data variables.product.prodname_marketplace %}. +Here is a list of common configuration options. For more information, and a full list of options, see [Dependency Review](https://github.com/marketplace/actions/dependency-review) on the {% data variables.product.prodname_marketplace %}. | Option | Required | Usage | |------------------|-------------------------------|--------| @@ -74,7 +74,7 @@ Here is a list of common configuration options. For more information, and a ful {% ifversion dependency-review-action-licenses %} > [!TIP] -> The `allow-licenses` and `deny-licenses` options are mutually exclusive. +> The `allow-licenses` and `deny-licenses` options are mutually exclusive. ## Configuring the {% data variables.dependency-review.action_name %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md index 0cffca354ddf..4ab565119d2f 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md @@ -46,7 +46,7 @@ Alternatively, you can write your own action to submit dependencies for your pro ### Generating a software bill of materials (SBOM) To generate an SBOM, you can use: -* The **{% data variables.product.prodname_dotcom %} UI**. For more information about how to export an SBOM for a repository using information from the dependency graph, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exporting-a-software-bill-of-materials-for-your-repository)." +* The **{% data variables.product.prodname_dotcom %} UI**. For more information about how to export an SBOM for a repository using information from the dependency graph, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exporting-a-software-bill-of-materials-for-your-repository)." * The **REST API**. For more information, see "[AUTOTITLE](/rest/dependency-graph/sboms)." * **{% data variables.product.prodname_actions %}**. The following actions will generate an SBOM for your repository and attach it as a workflow artifact which you can download and use in other applications. For more information about downloading workflow artifacts, see "[AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts)." diff --git a/content/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository.md b/content/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository.md index 6fe81f2b77e4..1c412d4b8e21 100644 --- a/content/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository.md +++ b/content/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository.md @@ -116,7 +116,7 @@ If you want to use Git hooks for your codespace, then you should set up hooks us The names of user-defined secrets may be displayed on the advanced options page when you create a codespace. This will happen if recommended secrets have been specified in the dev container configuration you have selected. For more information, see "[AUTOTITLE](/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/specifying-recommended-secrets-for-a-repository)." -Screenshot of the "Create codespace" page with four recommended secrets highlighted with a dark orange outline. +Screenshot of the "Create codespace" page with four recommended secrets highlighted with a dark orange outline. Entering values for these development environment secrets, when you're prompted to do so, is recommended because it's likely your project will need values for these secrets. However, supplying values is not required for you to create a codespace. You can set these secrets within the codespace if you prefer. diff --git a/content/codespaces/developing-in-a-codespace/using-github-codespaces-in-your-jetbrains-ide.md b/content/codespaces/developing-in-a-codespace/using-github-codespaces-in-your-jetbrains-ide.md index fe2e290ba626..049141cd7875 100644 --- a/content/codespaces/developing-in-a-codespace/using-github-codespaces-in-your-jetbrains-ide.md +++ b/content/codespaces/developing-in-a-codespace/using-github-codespaces-in-your-jetbrains-ide.md @@ -80,7 +80,7 @@ The first time you use JetBrains Gateway for {% data variables.product.prodname_ 1. In the list of installed tools, click **Gateway**. 1. Under **Install More Providers** click the **Install** link for {% data variables.product.prodname_github_codespaces %}. - ![Screenshot of the "Welcome to JetBrains Gateway" page, with "{% data variables.product.prodname_github_codespaces %}" listed under "Install More Providers."](/assets/images/help/codespaces/jetbrains-gateway-initial-view.png) + ![Screenshot of the "Welcome to JetBrains Gateway" page, with "{% data variables.product.prodname_github_codespaces %}" listed under "Install More Providers."](/assets/images/help/codespaces/jetbrains-gateway-initial-view.png) 1. Click **Connect to Codespace**. diff --git a/content/codespaces/developing-in-a-codespace/using-github-codespaces-with-github-cli.md b/content/codespaces/developing-in-a-codespace/using-github-codespaces-with-github-cli.md index 845ea364d4c7..e2394863cdf6 100644 --- a/content/codespaces/developing-in-a-codespace/using-github-codespaces-with-github-cli.md +++ b/content/codespaces/developing-in-a-codespace/using-github-codespaces-with-github-cli.md @@ -19,7 +19,7 @@ redirect_from: {% data reusables.cli.about-cli %} For more information, see "[AUTOTITLE](/github-cli/github-cli/about-github-cli)." -You can work with {% data variables.product.prodname_github_codespaces %} in the {% data variables.product.prodname_cli %} to: +You can work with {% data variables.product.prodname_github_codespaces %} in the {% data variables.product.prodname_cli %} to: * [List all of your codespaces](#list-all-of-your-codespaces) * [Create a new codespace](#create-a-new-codespace) * [View details of a codespace](#view-details-of-a-codespace) diff --git a/content/codespaces/getting-started/quickstart.md b/content/codespaces/getting-started/quickstart.md index 27db602493c2..0c9d8d2dcb70 100644 --- a/content/codespaces/getting-started/quickstart.md +++ b/content/codespaces/getting-started/quickstart.md @@ -77,7 +77,7 @@ Now that you've made a few changes, you can use the integrated terminal or the s ![Screenshot of the "Source control" side bar showing the "Publish Branch" button.](/assets/images/help/codespaces/vscode-publish-branch-button.png) -1. In the "Repository Name" dropdown, type a name for your new repository, then select **Publish to {% data variables.product.prodname_dotcom %} private repository** or **Publish to {% data variables.product.prodname_dotcom %} public repository**. +1. In the "Repository Name" dropdown, type a name for your new repository, then select **Publish to {% data variables.product.prodname_dotcom %} private repository** or **Publish to {% data variables.product.prodname_dotcom %} public repository**. ![Screenshot of the repository name dropdown in {% data variables.product.prodname_vscode_shortname %}. Two options are shown, for publishing to a private or a public repository.](/assets/images/help/codespaces/choose-new-repository.png) diff --git a/content/codespaces/managing-codespaces-for-your-organization/index.md b/content/codespaces/managing-codespaces-for-your-organization/index.md index cc1c73e24cf3..32686e531035 100644 --- a/content/codespaces/managing-codespaces-for-your-organization/index.md +++ b/content/codespaces/managing-codespaces-for-your-organization/index.md @@ -2,7 +2,7 @@ title: Managing GitHub Codespaces for your organization allowTitleToDifferFromFilename: true shortTitle: Managing your organization -intro: 'You can manage and review how users in your organization can use {% data variables.product.prodname_github_codespaces %}.' +intro: 'You can manage and review how users in your organization can use {% data variables.product.prodname_github_codespaces %}.' versions: fpt: '*' ghec: '*' diff --git a/content/codespaces/reference/allowing-your-codespace-to-access-a-private-registry.md b/content/codespaces/reference/allowing-your-codespace-to-access-a-private-registry.md index 68d9eed38c7d..4ea9638621ad 100644 --- a/content/codespaces/reference/allowing-your-codespace-to-access-a-private-registry.md +++ b/content/codespaces/reference/allowing-your-codespace-to-access-a-private-registry.md @@ -92,7 +92,7 @@ Once you've added the secrets, you may need to stop and then start the codespace #### Accessing AWS Elastic Container Registry -To access AWS Elastic Container Registry (ECR), you can provide an AWS access key ID and secret key, and {% data variables.product.prodname_dotcom %} can retrieve an access token for you and log in on your behalf. +To access AWS Elastic Container Registry (ECR), you can provide an AWS access key ID and secret key, and {% data variables.product.prodname_dotcom %} can retrieve an access token for you and log in on your behalf. ```shell *_CONTAINER_REGISTRY_SERVER = diff --git a/content/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers.md b/content/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers.md index 30e3cfb199c9..bbed105a6d48 100644 --- a/content/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers.md +++ b/content/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers.md @@ -41,7 +41,7 @@ If you create a codespace from a repository without a `devcontainer.json` file, The `devcontainer.json` file is usually located in the `.devcontainer` directory of your repository. Alternatively, you can locate it directly in the root of the repository, in which case the file name must begin with a period: `.devcontainer.json`. -If you want to have a choice of dev container configurations in your repository, any alternatives to the `.devcontainer/devcontainer.json` (or `.devcontainer.json`) file must be located in their own subdirectory at the path `.devcontainer/SUBDIRECTORY/devcontainer.json`. For example, you could have a choice of two configurations: +If you want to have a choice of dev container configurations in your repository, any alternatives to the `.devcontainer/devcontainer.json` (or `.devcontainer.json`) file must be located in their own subdirectory at the path `.devcontainer/SUBDIRECTORY/devcontainer.json`. For example, you could have a choice of two configurations: * `.devcontainer/database-dev/devcontainer.json` * `.devcontainer/gui-dev/devcontainer.json` diff --git a/content/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/specifying-recommended-secrets-for-a-repository.md b/content/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/specifying-recommended-secrets-for-a-repository.md index dc1391d862f2..bfe553e51bed 100644 --- a/content/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/specifying-recommended-secrets-for-a-repository.md +++ b/content/codespaces/setting-up-your-project-for-codespaces/configuring-dev-containers/specifying-recommended-secrets-for-a-repository.md @@ -22,7 +22,7 @@ After you specify recommended secrets, if people have not already created those Recommended secrets are listed at the bottom of the page. -Screenshot of the "Create codespace" page with four recommended secrets highlighted with a dark orange outline. +Screenshot of the "Create codespace" page with four recommended secrets highlighted with a dark orange outline. > [!NOTE] > The names of the recommended secrets are only listed on this page when the container configuration on the selected branch specifies these secrets. @@ -54,7 +54,7 @@ Alternatively, for development environment secrets that the owner of the reposit } ``` -1. Add a property within `secrets` for each secret you want to recommend. For example, change `NAME_OF_SECRET_1` and `NAME_OF_SECRET_2`, in the previous code example, to the names of the secrets that people should create in their personal settings for {% data variables.product.prodname_codespaces %}. +1. Add a property within `secrets` for each secret you want to recommend. For example, change `NAME_OF_SECRET_1` and `NAME_OF_SECRET_2`, in the previous code example, to the names of the secrets that people should create in their personal settings for {% data variables.product.prodname_codespaces %}. 1. Optionally, supply a description for each secret and a URL for more information about this secret. You can omit `description` and `documentationUrl`, as shown by `NAME_OF_SECRET_2` in the previous code example. diff --git a/content/codespaces/the-githubdev-web-based-editor.md b/content/codespaces/the-githubdev-web-based-editor.md index 967cdb393ed6..5d5a675da3a8 100644 --- a/content/codespaces/the-githubdev-web-based-editor.md +++ b/content/codespaces/the-githubdev-web-based-editor.md @@ -51,7 +51,7 @@ Both {% data variables.codespaces.serverless %} and {% data variables.product.pr | **Cost** | Free. | Free monthly quota of usage for personal accounts. For information on pricing, see "[AUTOTITLE](/free-pro-team@latest/billing/managing-billing-for-your-products/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#about-github-codespaces-pricing)."| | **Availability** | Available to everyone on GitHub.com. | Available to everyone on GitHub.com. | | **Start up** | {% data variables.codespaces.serverless %} opens instantly with a key-press and you can start using it right away, without having to wait for additional configuration or installation. | When you create or resume a codespace, the codespace is assigned a VM and the container is configured based on the contents of a `devcontainer.json` file. This set up may take a few minutes to create the environment. See "[AUTOTITLE](/codespaces/developing-in-a-codespace/creating-a-codespace-for-a-repository)." | -| **Compute** | There is no associated compute, so you won’t be able to build and run your code or use the integrated terminal. | With {% data variables.product.prodname_github_codespaces %}, you get the power of a dedicated VM on which you can run and debug your application.| +| **Compute** | There is no associated compute, so you won’t be able to build and run your code or use the integrated terminal. | With {% data variables.product.prodname_github_codespaces %}, you get the power of a dedicated VM on which you can run and debug your application.| | **Terminal access** | None. | {% data variables.product.prodname_github_codespaces %} provides a common set of tools by default, meaning that you can use the Terminal exactly as you would in your local environment.| | **Extensions** | Only a subset of extensions that can run in the web will appear in the Extensions View and can be installed. See "[Using extensions](#using-extensions)."| With {% data variables.product.prodname_github_codespaces %}, you can use most extensions from the {% data variables.product.prodname_vscode_marketplace %}.| @@ -82,7 +82,7 @@ Because {% data variables.codespaces.serverless %} uses the GitHub Repositories ![Screenshot of the {% data variables.product.prodname_vscode_shortname %} Activity Bar with the source control button, labeled with a branch icon, highlighted with an orange outline.](/assets/images/help/codespaces/githubdotdev-source-control-activity-bar-button.png) -1. To stage your changes, click {% octicon "plus" aria-label="Stage changes" %} next to the file you've changed, or next to **Changes** if you've changed multiple files and you want to stage them all. +1. To stage your changes, click {% octicon "plus" aria-label="Stage changes" %} next to the file you've changed, or next to **Changes** if you've changed multiple files and you want to stage them all. ![Screenshot of the "Source control" side bar with the staging button (a plus sign), to the right of "Changes," highlighted with a dark orange outline.](/assets/images/help/codespaces/githubdotdev-codespaces-commit-stage.png) diff --git a/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md b/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md index 7f35875cf8c3..38d69e504476 100644 --- a/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md +++ b/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md @@ -12,7 +12,7 @@ redirect_from: - /codespaces/troubleshooting/troubleshooting-port-forwarding-for-codespaces --- -When an application running inside a codespace outputs a port to the console, {% data variables.product.prodname_github_codespaces %} detects the localhost URL pattern and automatically forwards the port. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/forwarding-ports-in-your-codespace)." +When an application running inside a codespace outputs a port to the console, {% data variables.product.prodname_github_codespaces %} detects the localhost URL pattern and automatically forwards the port. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/forwarding-ports-in-your-codespace)." If a port is not automatically forwarded, you can forward it manually. For more information, see "[AUTOTITLE](/codespaces/developing-in-a-codespace/forwarding-ports-in-your-codespace#forwarding-a-port)." diff --git a/content/communities/documenting-your-project-with-wikis/about-wikis.md b/content/communities/documenting-your-project-with-wikis/about-wikis.md index d8a0b4b71417..379180701c23 100644 --- a/content/communities/documenting-your-project-with-wikis/about-wikis.md +++ b/content/communities/documenting-your-project-with-wikis/about-wikis.md @@ -14,7 +14,7 @@ topics: - Community --- -Every repository on {% data variables.product.product_name %} comes equipped with a section for hosting documentation, called a wiki. You can use your repository's wiki to share long-form content about your project, such as how to use it, how you designed it, or its core principles. A README file quickly tells what your project can do, while you can use a wiki to provide additional documentation. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes)." +Every repository on {% data variables.product.product_name %} comes equipped with a section for hosting documentation, called a wiki. You can use your repository's wiki to share long-form content about your project, such as how to use it, how you designed it, or its core principles. A README file quickly tells what your project can do, while you can use a wiki to provide additional documentation. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes)." With wikis, you can write content just like everywhere else on {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github)." We use [our open-source Markup library](https://github.com/github/markup) to convert different formats into HTML, so you can choose to write in Markdown or any other supported format. diff --git a/content/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-personal-account.md b/content/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-personal-account.md index 28b0a8c6f3cd..5cd897a57c44 100644 --- a/content/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-personal-account.md +++ b/content/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-personal-account.md @@ -27,7 +27,7 @@ You can unblock a user in your account settings or from the user's profile page. ## Unblocking a user from their profile page {% data reusables.profile.user_profile_page_navigation %} -1. In the left sidebar, below the user's profile information, click **Unblock or report user**. +1. In the left sidebar, below the user's profile information, click **Unblock or report user**. ![Screenshot of the sidebar of a user's profile page. A link, labeled "Unblock or report", is outlined in dark orange.](/assets/images/help/profile/profile-unblock-or-report-user.png) 1. Click **Unblock user**. diff --git a/content/contributing/setting-up-your-environment-to-work-on-github-docs/creating-a-local-environment.md b/content/contributing/setting-up-your-environment-to-work-on-github-docs/creating-a-local-environment.md index e0d915d71028..5b55b98a95ad 100644 --- a/content/contributing/setting-up-your-environment-to-work-on-github-docs/creating-a-local-environment.md +++ b/content/contributing/setting-up-your-environment-to-work-on-github-docs/creating-a-local-environment.md @@ -65,7 +65,7 @@ The [`src/bookmarklets`](https://github.com/github/docs/tree/main/src/bookmarkle ### Enabling different languages -By default, the local server does not run with all supported languages enabled. If you need to run a local server with a particular language, you can temporarily edit the `start` script in `package.json` and update the `ENABLED_LANGUAGES` variable. +By default, the local server does not run with all supported languages enabled. If you need to run a local server with a particular language, you can temporarily edit the `start` script in `package.json` and update the `ENABLED_LANGUAGES` variable. For example, to enable Japanese and Portuguese in addition to English, you can edit `package.json` and set `ENABLED_LANGUAGES='en,ja,pt'` in the `start` script. Then restart the server for the change to take effect. diff --git a/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md b/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md index 26ef05cfa227..33f5591063d0 100644 --- a/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md +++ b/content/contributing/setting-up-your-environment-to-work-on-github-docs/troubleshooting-your-environment.md @@ -22,7 +22,7 @@ git commit --allow-empty -m 'empty commit to redeploy staging' git push ``` -## Troubleshooting stalled or stuck CI +## Troubleshooting stalled or stuck CI If your tests are stuck on "In progress" or "Pending" for more than an hour, use the commands below to rerun CI by pushing an empty commit on the command line. diff --git a/content/contributing/setting-up-your-environment-to-work-on-github-docs/working-on-github-docs-in-a-codespace.md b/content/contributing/setting-up-your-environment-to-work-on-github-docs/working-on-github-docs-in-a-codespace.md index 86aac328217d..599d2fef5b25 100644 --- a/content/contributing/setting-up-your-environment-to-work-on-github-docs/working-on-github-docs-in-a-codespace.md +++ b/content/contributing/setting-up-your-environment-to-work-on-github-docs/working-on-github-docs-in-a-codespace.md @@ -16,7 +16,7 @@ For more information, see "[AUTOTITLE](/free-pro-team@latest/codespaces/overview The following steps assume you have {% data variables.product.prodname_github_codespaces %} set up to edit files using {% data variables.product.prodname_vscode %} for Web. The steps are very similar if you have set a different editor. For more information, see "[AUTOTITLE](/free-pro-team@latest/codespaces/customizing-your-codespace/setting-your-default-editor-for-codespaces)." -1. Navigate to the open source repository for {% data variables.product.prodname_docs %}, [`github/docs`](https://github.com/github/docs). +1. Navigate to the open source repository for {% data variables.product.prodname_docs %}, [`github/docs`](https://github.com/github/docs). 1. If you're an open source contributor, create a fork of the repository, then follow the rest of the steps in this procedure from your fork. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo)." 1. Create a branch to work on. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)." 1. On the main page of the repository, click **{% octicon "code" aria-hidden="true" %} Code**, then click **Create codespace on BRANCH-NAME**. diff --git a/content/contributing/style-guide-and-content-model/style-guide.md b/content/contributing/style-guide-and-content-model/style-guide.md index 3f2520b5bcc9..b70c30597319 100644 --- a/content/contributing/style-guide-and-content-model/style-guide.md +++ b/content/contributing/style-guide-and-content-model/style-guide.md @@ -541,7 +541,7 @@ Below are some usage highlights for how we present keyboard shortcuts in our doc * The basic syntax is to show keys with `+` between key combinations, without any spaces. * **Use:** `Command+B`, which is rendered as Command+B. - * **Avoid:** `Command + B` or `Command + B` which are rendered as Command + B or Command + B. + * **Avoid:** `Command + B` or `Command + B` which are rendered as Command + B or Command + B. * Always capitalize letter keys for general references and keyboard shortcuts. * **Use:** Command+B diff --git a/content/contributing/writing-for-github-docs/content-design-principles.md b/content/contributing/writing-for-github-docs/content-design-principles.md index 7b4490dca20b..294040d48489 100644 --- a/content/contributing/writing-for-github-docs/content-design-principles.md +++ b/content/contributing/writing-for-github-docs/content-design-principles.md @@ -19,7 +19,7 @@ We create product documentation that helps, teaches, and engages everyone who us We provide a style guide and content models as building blocks and guidelines for anyone to design and create documentation. * Our style guide and content models apply to a range of scenarios. -* Decisions are based on what is best for people using our docs, not simply what is right or wrong according to grammar or style rules. We are flexible and open to change while maintaining consistency. +* Decisions are based on what is best for people using our docs, not simply what is right or wrong according to grammar or style rules. We are flexible and open to change while maintaining consistency. * We focus our attention on documenting high-impact, high-value scenarios rather than attempting to comprehensively cover every possible use case for the many {% data variables.product.prodname_dotcom %} products and features. * Our highest priorities are clarity, meaning, correctness, and consistency. * When making a style or structure decision, we consider what people are trying to do with the information and how our content can best support their goals. diff --git a/content/contributing/writing-for-github-docs/using-markdown-and-liquid-in-github-docs.md b/content/contributing/writing-for-github-docs/using-markdown-and-liquid-in-github-docs.md index bd5ac1596757..3a5f58fc1f18 100644 --- a/content/contributing/writing-for-github-docs/using-markdown-and-liquid-in-github-docs.md +++ b/content/contributing/writing-for-github-docs/using-markdown-and-liquid-in-github-docs.md @@ -448,7 +448,7 @@ Sometimes you want to link to a Dotcom-only article in Enterprise content and yo "[GitHub's Terms of Service](/free-pro-team@latest/github/site-policy/github-terms-of-service)" ``` -Sometimes the canonical home of content moves outside the docs site. None of the links included in [`src/redirects/lib/external-sites.json`](https://github.com/github/docs/blob/main/src/redirects/lib/external-sites.json) get rewritten. See [`contributing/redirects.md`](https://github.com/github/docs/blob/main/contributing/redirects.md) for more info about this type of redirect. +Sometimes the canonical home of content moves outside the docs site. None of the links included in [`src/redirects/lib/external-sites.json`](https://github.com/github/docs/blob/main/src/redirects/lib/external-sites.json) get rewritten. See [`contributing/redirects.md`](https://github.com/github/docs/blob/main/contributing/redirects.md) for more info about this type of redirect. ### Legacy filepaths and redirects for links diff --git a/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md b/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md index b8eebb7c5820..b2f16152fd6a 100644 --- a/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md +++ b/content/contributing/writing-for-github-docs/using-yaml-frontmatter.md @@ -305,7 +305,7 @@ Index pages are the table of contents files for the Docs site. Every product, ca The homepage is the main Table of Contents file for the docs site. The homepage must have a complete list of `children`, like every [Index page](#index-pages) but must also specify the `childGroups` frontmatter property that will be highlighted in the main content area. -`childGroups` is an array of mappings containing a `name` for the group, an optional `icon` for the group, and an array of `children`. The `children` in the array must be present in the `children` frontmatter property. +`childGroups` is an array of mappings containing a `name` for the group, an optional `icon` for the group, and an array of `children`. The `children` in the array must be present in the `children` frontmatter property. ## Creating new product guides pages diff --git a/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md b/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md index c2271164b320..bac3cb166ba2 100644 --- a/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md +++ b/content/copilot/building-copilot-extensions/setting-up-copilot-extensions.md @@ -75,7 +75,7 @@ To learn how to use your {% data variables.product.prodname_copilot_extension_sh {% data variables.product.prodname_copilot_skillsets %} contain the custom code for your {% data variables.product.prodname_copilot_extension_short %}, and integrate with a {% data variables.product.prodname_github_app %} to form the {% data variables.product.prodname_copilot_extension_short %} itself. -Unlike {% data variables.product.prodname_copilot_agents_short %}, {% data variables.product.prodname_copilot_skillsets_short %} handle the logic behind prompt crafting, function evaluation, and response generation, making them an ideal choice for developers seeking quick and effective integrations with minimal effort. For more information, see "[AUTOTITLE](/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/about-copilot-skillsets)." +Unlike {% data variables.product.prodname_copilot_agents_short %}, {% data variables.product.prodname_copilot_skillsets_short %} handle the logic behind prompt crafting, function evaluation, and response generation, making them an ideal choice for developers seeking quick and effective integrations with minimal effort. For more information, see "[AUTOTITLE](/copilot/building-copilot-extensions/building-a-copilot-skillset-for-your-copilot-extension/about-copilot-skillsets)." ## 2. Build a {% data variables.product.prodname_copilot_skillset_short %} diff --git a/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md b/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md index 310edd003a6e..9c0f1910da00 100644 --- a/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md +++ b/content/copilot/managing-copilot/configure-personal-settings/configuring-github-copilot-in-your-environment.md @@ -426,7 +426,7 @@ You can use the default keyboard shortcuts for inline suggestions in Xcode when If you don't want to use the default keyboard shortcuts for {% data variables.product.prodname_copilot %}, you can rebind the shortcuts in the Key Bindings editor and use your preferred keyboard shortcuts. -If you want to use something besides Tab to accept the first line of a suggestion, you need to disable the "Accept suggestions with Tab" option in the advanced settings in the {% data variables.product.prodname_copilot %} for Xcode application. Additionally, we currently only support the Option key for the "View full suggestion" action. +If you want to use something besides Tab to accept the first line of a suggestion, you need to disable the "Accept suggestions with Tab" option in the advanced settings in the {% data variables.product.prodname_copilot %} for Xcode application. Additionally, we currently only support the Option key for the "View full suggestion" action. 1. In the Xcode menu bar, click **Settings**. 1. Click **Key Bindings** and search for "{% data variables.product.prodname_copilot_short %}" to find the commands you want to rebind. diff --git a/content/copilot/managing-copilot/configure-personal-settings/installing-the-github-copilot-extension-in-your-environment.md b/content/copilot/managing-copilot/configure-personal-settings/installing-the-github-copilot-extension-in-your-environment.md index 781a2991f774..e8c99ed2a800 100644 --- a/content/copilot/managing-copilot/configure-personal-settings/installing-the-github-copilot-extension-in-your-environment.md +++ b/content/copilot/managing-copilot/configure-personal-settings/installing-the-github-copilot-extension-in-your-environment.md @@ -174,7 +174,7 @@ To see instructions for other popular coding environments, use the tool switcher 1. Install {% data variables.product.prodname_vscode %}. See the [{% data variables.product.prodname_vscode %} download page](https://code.visualstudio.com/Download). -1. Install the [{% data variables.product.prodname_copilot %} extension](https://marketplace.visualstudio.com/items?itemName=GitHub.copilot) in {% data variables.product.prodname_vscode %}. For detailed instructions, see "[Set up {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vscode %}](https://code.visualstudio.com/docs/copilot/setup)" in the {% data variables.product.prodname_vscode %} documentation. +1. Install the [{% data variables.product.prodname_copilot %} extension](https://marketplace.visualstudio.com/items?itemName=GitHub.copilot) in {% data variables.product.prodname_vscode %}. For detailed instructions, see "[Set up {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vscode %}](https://code.visualstudio.com/docs/copilot/setup)" in the {% data variables.product.prodname_vscode %} documentation. {% endvscode %} diff --git a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/granting-access-to-copilot-for-members-of-your-organization.md b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/granting-access-to-copilot-for-members-of-your-organization.md index 77fab3ecd09b..0e0568f5f72e 100644 --- a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/granting-access-to-copilot-for-members-of-your-organization.md +++ b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-access-to-github-copilot-in-your-organization/granting-access-to-copilot-for-members-of-your-organization.md @@ -39,7 +39,7 @@ Billing for {% data variables.product.prodname_copilot %} starts when you grant {% ifversion ghec %} -> [!NOTE] You can automatically enable access for every member of a group in your identity provider (IdP) by synchronizing that group with a {% data variables.product.prodname_dotcom %} team, then giving that team access to {% data variables.product.prodname_copilot %}. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group)." +> [!NOTE] You can automatically enable access for every member of a group in your identity provider (IdP) by synchronizing that group with a {% data variables.product.prodname_dotcom %} team, then giving that team access to {% data variables.product.prodname_copilot %}. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group)." {% endif %} diff --git a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md index fc33d9831f12..942faaa5a291 100644 --- a/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md +++ b/content/copilot/using-github-copilot/asking-github-copilot-questions-in-your-ide.md @@ -62,7 +62,7 @@ Chat participants include: * `@terminal`: Has context about the {% data variables.product.prodname_vscode %} terminal shell and its contents. Use `@terminal` when you want help creating or debugging terminal commands. * `@azure`: Has context about Azure services and how to use, deploy and manage them. Use `@azure` when you want help with Azure. The `@azure` chat participant is currently in {% data variables.release-phases.public_preview %} and is subject to change. {% ifversion ghec %} -* `@github`: Allows you to use {% data variables.product.prodname_dotcom %}-specific {% data variables.product.prodname_copilot_short %} skills. See "[Using {% data variables.product.prodname_dotcom %} skills for {% data variables.product.prodname_copilot_short %}](#using-github-skills-for-copilot)." +* `@github`: Allows you to use {% data variables.product.prodname_dotcom %}-specific {% data variables.product.prodname_copilot_short %} skills. See "[Using {% data variables.product.prodname_dotcom %} skills for {% data variables.product.prodname_copilot_short %}](#using-github-skills-for-copilot)." {% endif %} In addition to the built-in {% data variables.product.prodname_vscode %} chat participants, you can also install {% data variables.product.prodname_copilot_extensions_short %} that provide chat participants. You can install these extensions from [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=apps&copilot_app=true) and from [{% data variables.product.prodname_vscode_marketplace %}](https://marketplace.visualstudio.com/search?target=VSCode&category=Chat&sortBy=Installs). For information about extensions from {% data variables.product.prodname_marketplace %} that provide chat participants, see "[AUTOTITLE](/copilot/github-copilot-chat/github-copilot-extensions/about-github-copilot-extensions)." diff --git a/content/copilot/using-github-copilot/example-use-cases/writing-tests-with-github-copilot.md b/content/copilot/using-github-copilot/example-use-cases/writing-tests-with-github-copilot.md index 0765862adf71..a7cd2ca04a69 100644 --- a/content/copilot/using-github-copilot/example-use-cases/writing-tests-with-github-copilot.md +++ b/content/copilot/using-github-copilot/example-use-cases/writing-tests-with-github-copilot.md @@ -112,7 +112,7 @@ The test suite generated by {% data variables.product.prodname_copilot_short %} Once {% data variables.product.prodname_copilot_short %} has generated the test suite to your satisfaction, add the code to a new file `test_bank_account.py`. You can ask it how to run the tests. -**Prompt:** _"How do I run these unit tests in Python using the unittest framework?"_ +**Prompt:** _"How do I run these unit tests in Python using the unittest framework?"_ {% data variables.product.prodname_copilot_short %} will give you the following bash command. diff --git a/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md b/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md index 90b992745964..8d00328da7de 100644 --- a/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md +++ b/content/copilot/using-github-copilot/getting-code-suggestions-in-your-ide-with-github-copilot.md @@ -195,7 +195,7 @@ The examples in this guide use JavaScript, however other languages will work sim ## Prerequisites -* **Subscription to {% data variables.product.prodname_copilot_short %}**. To use {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vscode %}, you must have an active {% data variables.product.prodname_copilot %} subscription. {% data reusables.copilot.subscription-prerequisite %} +* **Subscription to {% data variables.product.prodname_copilot_short %}**. To use {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vscode %}, you must have an active {% data variables.product.prodname_copilot %} subscription. {% data reusables.copilot.subscription-prerequisite %} * **{% data variables.product.prodname_vscode %}**. To use {% data variables.product.prodname_copilot %} in {% data variables.product.prodname_vscode %}, you must have {% data variables.product.prodname_vscode %} installed. For more information, see the [{% data variables.product.prodname_vscode %} download page](https://code.visualstudio.com/Download). diff --git a/content/copilot/using-github-copilot/prompt-engineering-for-github-copilot.md b/content/copilot/using-github-copilot/prompt-engineering-for-github-copilot.md index 18e4753d571d..c3ffebb2196c 100644 --- a/content/copilot/using-github-copilot/prompt-engineering-for-github-copilot.md +++ b/content/copilot/using-github-copilot/prompt-engineering-for-github-copilot.md @@ -121,5 +121,5 @@ Similarly, if you aren't getting the responses you want when you use {% data var * [How to use GitHub Copilot: Prompts, tips, and use cases](https://github.blog/2023-06-20-how-to-write-better-prompts-for-github-copilot/) in the {% data variables.product.company_short %} blog * [Using GitHub Copilot in your IDE: Tips, tricks, and best practices](https://github.blog/2024-03-25-how-to-use-github-copilot-in-your-ide-tips-tricks-and-best-practices/) in the {% data variables.product.company_short %} blog -* [A developer’s guide to prompt engineering and LLMs](https://github.blog/2023-07-17-prompt-engineering-guide-generative-ai-llms/) in the {% data variables.product.company_short %} blog -* [Prompting GitHub Copilot Chat to become your personal AI assistant for accessibility](https://github.blog/2023-10-09-prompting-github-copilot-chat-to-become-your-personal-ai-assistant-for-accessibility/) in the {% data variables.product.company_short %} blog +* [A developer’s guide to prompt engineering and LLMs](https://github.blog/2023-07-17-prompt-engineering-guide-generative-ai-llms/) in the {% data variables.product.company_short %} blog +* [Prompting GitHub Copilot Chat to become your personal AI assistant for accessibility](https://github.blog/2023-10-09-prompting-github-copilot-chat-to-become-your-personal-ai-assistant-for-accessibility/) in the {% data variables.product.company_short %} blog diff --git a/content/desktop/adding-and-cloning-repositories/cloning-a-repository-from-github-to-github-desktop.md b/content/desktop/adding-and-cloning-repositories/cloning-a-repository-from-github-to-github-desktop.md index 5209b00830b2..ac614bb4d417 100644 --- a/content/desktop/adding-and-cloning-repositories/cloning-a-repository-from-github-to-github-desktop.md +++ b/content/desktop/adding-and-cloning-repositories/cloning-a-repository-from-github-to-github-desktop.md @@ -11,7 +11,7 @@ shortTitle: Clone a GitHub repo --- > [!TIP] -> You also can use {% data variables.product.prodname_desktop %} to clone repositories that exist on {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/desktop/adding-and-cloning-repositories/cloning-and-forking-repositories-from-github-desktop)." +> You also can use {% data variables.product.prodname_desktop %} to clone repositories that exist on {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/desktop/adding-and-cloning-repositories/cloning-and-forking-repositories-from-github-desktop)." 1. Sign in to {% data variables.product.github %} and {% data variables.product.prodname_desktop %} before you start to clone. {% data reusables.repositories.navigate-to-repo %} diff --git a/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md b/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md index d513eac88a99..4d943b2a5e0c 100644 --- a/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md +++ b/content/desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project-in-github-desktop.md @@ -18,7 +18,7 @@ shortTitle: Commit & review changes {% ifversion repo-rules %} -Repository administrators can enable rulesets for a branch to enforce specific conventions when committing. For example, a ruleset can require a commit to be signed, or for an issue number to be referenced at the start of a commit message. {% data variables.product.prodname_desktop %} will display a warning and prevent committing if a commit does not follow the rulesets. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets)." +Repository administrators can enable rulesets for a branch to enforce specific conventions when committing. For example, a ruleset can require a commit to be signed, or for an issue number to be referenced at the start of a commit message. {% data variables.product.prodname_desktop %} will display a warning and prevent committing if a commit does not follow the rulesets. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets)." {% endif %} @@ -34,7 +34,7 @@ Repository administrators can enable rulesets for a branch to enforce specific c You can change the way diffs are displayed in {% data variables.product.prodname_desktop %} to suit your reviewing needs. To change how you view diffs, in the top-right corner of the diff view, click {% octicon "gear" aria-label="The Gear icon" %}. -* To change how the entire diff is displayed, under "Diff display", select **Unified** or **Split**. The Unified view shows changes linearly, while the Split view shows old content on the left side and new content on the right side. +* To change how the entire diff is displayed, under "Diff display", select **Unified** or **Split**. The Unified view shows changes linearly, while the Split view shows old content on the left side and new content on the right side. * To hide whitespace changes so you can focus on more substantive changes, select **Hide Whitespace Changes**. ![Screenshot of the diff view of a file. A gear icon is outlined in orange and expanded to display "Whitespace" and "Diff display" settings.](/assets/images/help/desktop/diff-selection.png) diff --git a/content/desktop/managing-commits/reordering-commits-in-github-desktop.md b/content/desktop/managing-commits/reordering-commits-in-github-desktop.md index 00331d3f0331..b6ef51ae80ad 100644 --- a/content/desktop/managing-commits/reordering-commits-in-github-desktop.md +++ b/content/desktop/managing-commits/reordering-commits-in-github-desktop.md @@ -31,7 +31,7 @@ While the application reorders the commits, a **Reorder in process** dialog indi When you reorder commits, you may see one of the following notifications or error messages. -* A notification states that the requested change to the branch will require a force push to update the remote branch. This is shown when the commits that you reordered were previously pushed to the remote branch. Force pushing alters the commit history of the branch and will affect other collaborators who are working in that branch. Select **Begin reorder** to start the reorder, and then click **Force push origin** to push your changes. +* A notification states that the requested change to the branch will require a force push to update the remote branch. This is shown when the commits that you reordered were previously pushed to the remote branch. Force pushing alters the commit history of the branch and will affect other collaborators who are working in that branch. Select **Begin reorder** to start the reorder, and then click **Force push origin** to push your changes. * An error states that the reorder failed because there is a merge commit among the reordered commits. * A notification is shown indicating that there are uncommitted changes present on your current branch. Select **Stash Changes and Continue** to store the changes and proceed, or select **Close** to dismiss the message and commit the changes. When there are no longer any uncommitted changes, you can reorder your commits. * A message states that there are merge conflicts that you must resolve before the application can continue reordering commits on your branch. diff --git a/content/desktop/managing-commits/squashing-commits-in-github-desktop.md b/content/desktop/managing-commits/squashing-commits-in-github-desktop.md index ed5145645afa..a59188c55cb0 100644 --- a/content/desktop/managing-commits/squashing-commits-in-github-desktop.md +++ b/content/desktop/managing-commits/squashing-commits-in-github-desktop.md @@ -41,7 +41,7 @@ Squashing allows you to combine multiple commits in your branch's history into a When you squash commits, you may see one of the following notifications or error messages. -* A notification states that the requested change to the branch will require a force push to update the remote branch. Force pushing alters the commit history of the branch and will affect other collaborators who are working in that branch. Select **Begin Squash** to start the squash, and then click **Force push origin** to push your changes. +* A notification states that the requested change to the branch will require a force push to update the remote branch. Force pushing alters the commit history of the branch and will affect other collaborators who are working in that branch. Select **Begin Squash** to start the squash, and then click **Force push origin** to push your changes. * An error states that the squash failed because there is a merge commit among the squashed commits. * A notification is shown indicating that there are uncommitted changes present on your current branch. Select **Stash Changes and Continue** to store the changes and proceed, or select **Close** to dismiss the message and commit the changes. When there are no longer any uncommitted changes you can squash your commits. diff --git a/content/discussions/managing-discussions-for-your-community/creating-discussion-category-forms.md b/content/discussions/managing-discussions-for-your-community/creating-discussion-category-forms.md index b83fd8d9b11e..3f96632f0de8 100644 --- a/content/discussions/managing-discussions-for-your-community/creating-discussion-category-forms.md +++ b/content/discussions/managing-discussions-for-your-community/creating-discussion-category-forms.md @@ -12,7 +12,7 @@ You can encourage community members to include specific, structured information {% data reusables.actions.learn-more-about-yaml %} -To use a discussion category form in your repository, you must create a new file and add it to the `/.github/DISCUSSION_TEMPLATE/` folder in your repository. +To use a discussion category form in your repository, you must create a new file and add it to the `/.github/DISCUSSION_TEMPLATE/` folder in your repository. You can also create discussion category forms for your organization. For more information, see "[AUTOTITLE](/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file)." diff --git a/content/discussions/managing-discussions-for-your-community/managing-categories-for-discussions.md b/content/discussions/managing-discussions-for-your-community/managing-categories-for-discussions.md index b11d886ac8c8..ff14af998c46 100644 --- a/content/discussions/managing-discussions-for-your-community/managing-categories-for-discussions.md +++ b/content/discussions/managing-discussions-for-your-community/managing-categories-for-discussions.md @@ -39,7 +39,7 @@ Each category must have a unique name and emoji pairing, and can be accompanied {% data reusables.discussions.edit-categories %} 1. Click **New category**. - ![Screenshot of the "Manage discussion categories" page. A button, labeled "New category", is highlighted with an orange outline.](/assets/images/help/discussions/click-new-category-button.png) + ![Screenshot of the "Manage discussion categories" page. A button, labeled "New category", is highlighted with an orange outline.](/assets/images/help/discussions/click-new-category-button.png) 1. {% data reusables.discussions.edit-category-details %} {% ifversion discussions-category-section %} @@ -54,7 +54,7 @@ Each category must have a unique name and emoji pairing, and can be accompanied {% data reusables.discussions.discussions-tab %} {% data reusables.discussions.edit-categories %} 1. Click **New section**. - ![Screenshot of the "Manage discussion categories" page. A button, labeled "New section", is highlighted with an orange outline.](/assets/images/help/discussions/click-new-section-button.png) + ![Screenshot of the "Manage discussion categories" page. A button, labeled "New section", is highlighted with an orange outline.](/assets/images/help/discussions/click-new-section-button.png) 1. Edit the emoji and title of the section. 1. Select the categories that you want to add to the section. A category can only belong to one section at a time. 1. Click **Create**. diff --git a/content/education/guides.md b/content/education/guides.md index e84d7b57ed9c..1ff203b4dd96 100644 --- a/content/education/guides.md +++ b/content/education/guides.md @@ -11,7 +11,7 @@ shortTitle: Guides Teachers, students, and researchers can use tools from {% data variables.product.product_name %} to enrich a software development curriculum and develop real-world collaboration skills. -* [Sign up for a new {% data variables.product.prodname_dotcom %} account](/get-started/start-your-journey/creating-an-account-on-github) +* [Sign up for a new {% data variables.product.prodname_dotcom %} account](/get-started/start-your-journey/creating-an-account-on-github) * [Git and {% data variables.product.prodname_dotcom %} quickstart](/get-started/start-your-journey) * [About {% data variables.product.prodname_global_campus %} for students](/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-students/about-github-education-for-students) * [Apply to {% data variables.product.prodname_global_campus %} as a teacher](/education/explore-the-benefits-of-teaching-and-learning-with-github-education/github-education-for-teachers/apply-to-github-education-as-a-teacher) diff --git a/content/education/manage-coursework-with-github-classroom/get-started-with-github-classroom/about-github-classroom.md b/content/education/manage-coursework-with-github-classroom/get-started-with-github-classroom/about-github-classroom.md index c10e59ddfef8..1fc25e88ed4d 100644 --- a/content/education/manage-coursework-with-github-classroom/get-started-with-github-classroom/about-github-classroom.md +++ b/content/education/manage-coursework-with-github-classroom/get-started-with-github-classroom/about-github-classroom.md @@ -22,7 +22,7 @@ With {% data variables.product.prodname_classroom %}, you can create assignments ### Autograding -Through {% data variables.product.prodname_classroom %}, you can configure tests to automatically grade the work of each student every time that student pushes to their assignment repository. To learn more about autograding with {% data variables.product.prodname_classroom %}, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding)." +Through {% data variables.product.prodname_classroom %}, you can configure tests to automatically grade the work of each student every time that student pushes to their assignment repository. To learn more about autograding with {% data variables.product.prodname_classroom %}, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-autograding)." ### Ability to connect a learning management system diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/editing-an-assignment.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/editing-an-assignment.md index 9d326378834a..4b0359811679 100644 --- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/editing-an-assignment.md +++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/editing-an-assignment.md @@ -87,7 +87,7 @@ If you need to update the starter code for your assignment after students have a 1. Click **Sync assignments**. If changes are detected, an **Assignments are out of date** button will be shown. 1. To open pull requests in all of your students' assignment repositories, click **Assignments are out of date**. -The pull requests will be titled "{% data variables.product.prodname_classroom %}: Sync Assignment". Ask your students to merge these pull requests. +The pull requests will be titled "{% data variables.product.prodname_classroom %}: Sync Assignment". Ask your students to merge these pull requests. ## Further reading diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/register-a-learning-management-system-with-github-classroom.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/register-a-learning-management-system-with-github-classroom.md index 636becc13005..f0b815bc3d29 100644 --- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/register-a-learning-management-system-with-github-classroom.md +++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/register-a-learning-management-system-with-github-classroom.md @@ -149,9 +149,9 @@ You must be using Moodle version 3.0 or greater. * "LTI 1.3 Platform Issuer": The "LTI 1.3 Platform Issuer" field as provided by Sakai * "Domain": The base URL to your Sakai instance * "LTI 1.3 Client ID": The "LTI 1.3 Client ID" field as provided by Sakai - * "LTI 1.3 Platform OIDC Authentication URL": The "LTI 1.3 Platform OIDC Authentication URL" field as provided by Sakai + * "LTI 1.3 Platform OIDC Authentication URL": The "LTI 1.3 Platform OIDC Authentication URL" field as provided by Sakai * "LTI 1.3 Platform OAuth2 Bearer Token Retrieval URL": The "LTI 1.3 Platform OAuth2 Bearer Token Retrieval URL" field as provided by Sakai * "LTI 1.3 Platform OAuth2 Well-Known/KeySet URL": The "LTI 1.3 Platform OAuth2 Well-Known/KeySet URL" field as provided by Sakai 1. Click **Register**. -1. You should see the "Successfully registered LMS" banner at the top of the screen, which means that you've registered your LMS instance and teachers can now link their classrooms. +1. You should see the "Successfully registered LMS" banner at the top of the screen, which means that you've registered your LMS instance and teachers can now link their classrooms. diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/reuse-an-assignment.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/reuse-an-assignment.md index 933ebcf11268..b287b81f31fb 100644 --- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/reuse-an-assignment.md +++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/reuse-an-assignment.md @@ -22,7 +22,7 @@ The copied assignment includes assignment details such as the name, source repos ![Screenshot of an assignment. The "Edit" dropdown is expanded and the "Reuse assignment" option is outlined in dark orange.](/assets/images/help/classroom/reuse-assignment-button.png) -1. In the "Reuse assignment" modal, use the **Choose an organization** dropdown menu to select the organization you want the assignment to be in. Then use the **Choose a classroom** dropdown menu to select the classroom within that organization that you want to copy the assignment to. +1. In the "Reuse assignment" modal, use the **Choose an organization** dropdown menu to select the organization you want the assignment to be in. Then use the **Choose a classroom** dropdown menu to select the classroom within that organization that you want to copy the assignment to. 1. Click **Create assignment**. 1. The assignment is copied to the selected classroom, and a confirmation message is shown. If you chose to reuse an assignment with a template repository, the copying process may take a few minutes to complete, and you may need to refresh the page to see the completed message. @@ -33,7 +33,7 @@ The copied assignment includes assignment details such as the name, source repos ![Screenshot of the tile for a classroom. The "Reuse assignment" option in the dropdown menu is outlined in dark orange.](/assets/images/help/classroom/classroom-reuse-assignment-modal.png) -1. In the "Reuse assignments" modal, use the **Choose an organization** dropdown menu to select the organization you want the assignments to be in. Then use the **Choose a classroom** dropdown menu to select the classroom within that organization that you want to copy the assignments to. +1. In the "Reuse assignments" modal, use the **Choose an organization** dropdown menu to select the organization you want the assignments to be in. Then use the **Choose a classroom** dropdown menu to select the classroom within that organization that you want to copy the assignments to. 1. To the left of each assignment, select the assignment you want to reuse. 1. Click **Create assignments**. 1. The assignments are copied to the selected classroom. If you chose to reuse an assignment with a template repository, the copying process may take a few minutes to complete. diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-the-git-and-github-starter-assignment.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-the-git-and-github-starter-assignment.md index 1010037f3a68..fc6dd0a9bdc0 100644 --- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-the-git-and-github-starter-assignment.md +++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-the-git-and-github-starter-assignment.md @@ -21,7 +21,7 @@ The Git & {% data variables.product.company_short %} starter assignment is a pre 1. Sign into {% data variables.product.prodname_classroom_with_url %}. 1. Navigate to a classroom. -1. In the **{% octicon "repo" aria-hidden="true" %} Assignments** tab, click **Use starter assignment**. +1. In the **{% octicon "repo" aria-hidden="true" %} Assignments** tab, click **Use starter assignment**. ### If there already are existing assignments in the classroom diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/using-github-classroom-with-github-cli.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/using-github-classroom-with-github-cli.md index b3b36f20f9fb..e4bdef10e033 100644 --- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/using-github-classroom-with-github-cli.md +++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/using-github-classroom-with-github-cli.md @@ -12,7 +12,7 @@ type: how_to {% data reusables.cli.about-cli %} For more information, see "[AUTOTITLE](/github-cli/github-cli/about-github-cli)." -You can work with {% data variables.product.prodname_classroom %} in the {% data variables.product.prodname_cli %} to: +You can work with {% data variables.product.prodname_classroom %} in the {% data variables.product.prodname_cli %} to: * [List classrooms](#list-classrooms) * [View classroom information](#view-classroom-information) diff --git a/content/education/quickstart.md b/content/education/quickstart.md index 21118adbd75f..94a47cd62f68 100644 --- a/content/education/quickstart.md +++ b/content/education/quickstart.md @@ -34,7 +34,7 @@ For more information, see "[AUTOTITLE](/get-started/learning-about-github/types- ## Applying for teacher benefits -Next, you'll sign up for teacher benefits and resources from {% data variables.product.company_short %} by applying to {% data variables.product.prodname_global_campus %}, a portal that allows you to access your education benefits all in one place. {% data reusables.education.educator-requirements %} +Next, you'll sign up for teacher benefits and resources from {% data variables.product.company_short %} by applying to {% data variables.product.prodname_global_campus %}, a portal that allows you to access your education benefits all in one place. {% data reusables.education.educator-requirements %} > [!TIP] > In addition to individual discounts, {% data variables.product.company_short %} offers partnerships with educational institutions through the {% data variables.product.prodname_campus_program %}. For more information, see the [{% data variables.product.prodname_campus_program %}](https://education.github.com/schools) website. @@ -72,7 +72,7 @@ With your personal account and organization account, you're ready to get started ## Next steps -You've created a classroom, and you're ready to enrich your course with {% data variables.product.product_name %} and {% data variables.product.prodname_classroom %}! 🎉 +You've created a classroom, and you're ready to enrich your course with {% data variables.product.product_name %} and {% data variables.product.prodname_classroom %}! 🎉 * Manage your classrooms and classroom admins, and create a roster of students for your classroom. For more information, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/teach-with-github-classroom/manage-classrooms)." * Use the Git and {% data variables.product.company_short %} starter assignment to give students an overview of Git and {% data variables.product.product_name %} fundamentals. For more information, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/teach-with-github-classroom/use-the-git-and-github-starter-assignment)." diff --git a/content/get-started/getting-started-with-git/caching-your-github-credentials-in-git.md b/content/get-started/getting-started-with-git/caching-your-github-credentials-in-git.md index f92a3ec2529f..3b03e4d1d3b3 100644 --- a/content/get-started/getting-started-with-git/caching-your-github-credentials-in-git.md +++ b/content/get-started/getting-started-with-git/caching-your-github-credentials-in-git.md @@ -16,7 +16,7 @@ shortTitle: Caching credentials --- > [!TIP] -> If you clone {% data variables.product.product_name %} repositories using SSH, then you can authenticate using an SSH key instead of using other credentials. For information about setting up an SSH connection, see "[AUTOTITLE](/authentication/connecting-to-github-with-ssh)." +> If you clone {% data variables.product.product_name %} repositories using SSH, then you can authenticate using an SSH key instead of using other credentials. For information about setting up an SSH connection, see "[AUTOTITLE](/authentication/connecting-to-github-with-ssh)." ## {% data variables.product.prodname_cli %} diff --git a/content/get-started/getting-started-with-git/set-up-git.md b/content/get-started/getting-started-with-git/set-up-git.md index aaaf45db4cf1..1da731fcb631 100644 --- a/content/get-started/getting-started-with-git/set-up-git.md +++ b/content/get-started/getting-started-with-git/set-up-git.md @@ -28,7 +28,7 @@ topics: To use Git on the command line, you will need to download, install, and configure Git on your computer. You can also install {% data variables.product.prodname_cli %} to use {% data variables.product.prodname_dotcom %} from the command line. For more information, see "[AUTOTITLE](/github-cli/github-cli/about-github-cli)." -If you want to work with Git locally, but do not want to use the command line, you can download and install the [{% data variables.product.prodname_desktop %}]({% data variables.product.desktop_link %}) client. For more information, see "[AUTOTITLE](/desktop/overview/about-github-desktop)." +If you want to work with Git locally, but do not want to use the command line, you can download and install the [{% data variables.product.prodname_desktop %}]({% data variables.product.desktop_link %}) client. For more information, see "[AUTOTITLE](/desktop/overview/about-github-desktop)." If you do not need to work with files locally, {% data variables.product.product_name %} lets you complete many Git-related actions directly in the browser, including: diff --git a/content/get-started/onboarding/getting-started-with-github-enterprise-cloud.md b/content/get-started/onboarding/getting-started-with-github-enterprise-cloud.md index 7f85dfd08310..ab663dfc77f4 100644 --- a/content/get-started/onboarding/getting-started-with-github-enterprise-cloud.md +++ b/content/get-started/onboarding/getting-started-with-github-enterprise-cloud.md @@ -45,7 +45,7 @@ You can add any number of new or existing organizations to manage within your en ### 6. Viewing the subscription and usage for your enterprise account -You can view your current subscription, license usage, invoices, payment history, and other billing information for your enterprise account at any time. Both enterprise owners and billing managers can access and manage billing settings for enterprise accounts. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/billing/managing-the-plan-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)." +You can view your current subscription, license usage, invoices, payment history, and other billing information for your enterprise account at any time. Both enterprise owners and billing managers can access and manage billing settings for enterprise accounts. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/billing/managing-the-plan-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)." ## Part 2: Managing your enterprise members with {% data variables.product.prodname_ghe_cloud %} @@ -150,7 +150,7 @@ Members of your organization or enterprise can use tools from the {% data variab ### 5. Using {% data variables.product.prodname_pages %} -{% data variables.product.prodname_pages %} is a static site hosting service that takes HTML, CSS, and JavaScript files straight from a repository and publishes a website. You can manage the publication of {% data variables.product.prodname_pages %} sites at the organization level. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)" and "[AUTOTITLE](/pages/getting-started-with-github-pages/about-github-pages)." +{% data variables.product.prodname_pages %} is a static site hosting service that takes HTML, CSS, and JavaScript files straight from a repository and publishes a website. You can manage the publication of {% data variables.product.prodname_pages %} sites at the organization level. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)" and "[AUTOTITLE](/pages/getting-started-with-github-pages/about-github-pages)." ## Part 6: Participating in {% data variables.product.prodname_dotcom %}'s community diff --git a/content/get-started/onboarding/getting-started-with-github-enterprise-server.md b/content/get-started/onboarding/getting-started-with-github-enterprise-server.md index adbfe2eda97e..95e5832a1422 100644 --- a/content/get-started/onboarding/getting-started-with-github-enterprise-server.md +++ b/content/get-started/onboarding/getting-started-with-github-enterprise-server.md @@ -22,7 +22,7 @@ To get started with {% data variables.product.product_name %}, you will need to ### 1. Creating your enterprise account -Before you install {% data variables.product.product_name %}, you can create an enterprise account on {% data variables.product.prodname_dotcom_the_website %} by contacting [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact). An enterprise account on {% data variables.product.prodname_dotcom_the_website %} is useful for billing and for shared features with {% data variables.product.prodname_dotcom_the_website %} via {% data variables.product.prodname_github_connect %}. For more information, see "[AUTOTITLE](/admin/managing-your-enterprise-account/about-enterprise-accounts)." +Before you install {% data variables.product.product_name %}, you can create an enterprise account on {% data variables.product.prodname_dotcom_the_website %} by contacting [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact). An enterprise account on {% data variables.product.prodname_dotcom_the_website %} is useful for billing and for shared features with {% data variables.product.prodname_dotcom_the_website %} via {% data variables.product.prodname_github_connect %}. For more information, see "[AUTOTITLE](/admin/managing-your-enterprise-account/about-enterprise-accounts)." ### 2. Installing {% data variables.product.product_name %} @@ -30,7 +30,7 @@ To get started with {% data variables.product.product_name %}, you will need to ### 3. Using the {% data variables.enterprise.management_console %} -You will use the {% data variables.enterprise.management_console %} to walk through the initial setup process when first launching {% data variables.location.product_location %}. You can also use the {% data variables.enterprise.management_console %} to manage instance settings such as the license, domain, authentication, and TLS. For more information, see "[AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui)." +You will use the {% data variables.enterprise.management_console %} to walk through the initial setup process when first launching {% data variables.location.product_location %}. You can also use the {% data variables.enterprise.management_console %} to manage instance settings such as the license, domain, authentication, and TLS. For more information, see "[AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui)." ### 4. Configuring {% data variables.location.product_location %} @@ -44,7 +44,7 @@ You can configure {% data variables.location.product_location %} for high availa ### 6. Setting up a staging instance -You can set up a staging instance to test modifications, plan for disaster recovery, and try out updates before applying them to {% data variables.location.product_location %}. For more information, see "[AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." +You can set up a staging instance to test modifications, plan for disaster recovery, and try out updates before applying them to {% data variables.location.product_location %}. For more information, see "[AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." ### 7. Designating backups and disaster recovery diff --git a/content/get-started/onboarding/getting-started-with-github-team.md b/content/get-started/onboarding/getting-started-with-github-team.md index 844b8b8a7d06..95ecb8633f91 100644 --- a/content/get-started/onboarding/getting-started-with-github-team.md +++ b/content/get-started/onboarding/getting-started-with-github-team.md @@ -27,7 +27,7 @@ You must manage billing settings, payment method, and paid features and products Your organization's billing settings page allows you to manage settings like your payment method, billing cycle and billing email, or view information such as your subscription, billing date and payment history. You can also view and upgrade your storage and GitHub Actions minutes. For more information on managing your billing settings, see "[AUTOTITLE](/billing/managing-your-github-billing-settings)." -Only organization members with the _owner_ or _billing manager_ role can access or change billing settings for your organization. A billing manager is someone who manages the billing settings for your organization and does not use a paid license in your organization's subscription. For more information on adding a billing manager to your organization, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization)." +Only organization members with the _owner_ or _billing manager_ role can access or change billing settings for your organization. A billing manager is someone who manages the billing settings for your organization and does not use a paid license in your organization's subscription. For more information on adding a billing manager to your organization, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization)." ## Part 2: Adding members and setting up teams diff --git a/content/get-started/start-your-journey/hello-world.md b/content/get-started/start-your-journey/hello-world.md index c1293bc49a61..4bf4b6b1537c 100644 --- a/content/get-started/start-your-journey/hello-world.md +++ b/content/get-started/start-your-journey/hello-world.md @@ -131,7 +131,7 @@ We won't cover reviewing pull requests in this tutorial, but if you're intereste ## Step 5: Merge your pull request -In this final step, you will merge your `readme-edits` branch into the `main` branch. After you merge your pull request, the changes on your `readme-edits` branch will be incorporated into `main`. +In this final step, you will merge your `readme-edits` branch into the `main` branch. After you merge your pull request, the changes on your `readme-edits` branch will be incorporated into `main`. Sometimes, a pull request may introduce changes to code that conflict with the existing code on `main`. If there are any conflicts, {% data variables.product.product_name %} will alert you about the conflicting code and prevent merging until the conflicts are resolved. You can make a commit that resolves the conflicts or use comments in the pull request to discuss the conflicts with your team members. diff --git a/content/get-started/using-git/about-git-subtree-merges.md b/content/get-started/using-git/about-git-subtree-merges.md index dc3a2bd65b88..f892e2a76c6b 100644 --- a/content/get-started/using-git/about-git-subtree-merges.md +++ b/content/get-started/using-git/about-git-subtree-merges.md @@ -102,7 +102,7 @@ The best way to explain subtree merges is to show by example. We will: Although we've only added one subproject, any number of subprojects can be incorporated into a Git repository. > [!TIP] -> If you create a fresh clone of the repository in the future, the remotes you've added will not be created for you. You will have to add them again using [the `git remote add` command](/get-started/getting-started-with-git/managing-remote-repositories). +> If you create a fresh clone of the repository in the future, the remotes you've added will not be created for you. You will have to add them again using [the `git remote add` command](/get-started/getting-started-with-git/managing-remote-repositories). ## Synchronizing with updates and changes diff --git a/content/get-started/using-git/dealing-with-non-fast-forward-errors.md b/content/get-started/using-git/dealing-with-non-fast-forward-errors.md index a13171f3d7d5..0e6dbff04ac7 100644 --- a/content/get-started/using-git/dealing-with-non-fast-forward-errors.md +++ b/content/get-started/using-git/dealing-with-non-fast-forward-errors.md @@ -20,7 +20,7 @@ $ git push origin main > ! [rejected] main -> main (non-fast-forward) > error: failed to push some refs to 'https://{% data variables.product.product_url %}/USERNAME/REPOSITORY.git' > To prevent you from losing history, non-fast-forward updates were rejected -> Merge the remote changes (e.g. 'git pull') before pushing again. See the +> Merge the remote changes (e.g. 'git pull') before pushing again. See the > 'Note about fast-forwards' section of 'git push --help' for details. ``` diff --git a/content/get-started/using-git/splitting-a-subfolder-out-into-a-new-repository.md b/content/get-started/using-git/splitting-a-subfolder-out-into-a-new-repository.md index 78089feda7bd..d7f9090a4ae2 100644 --- a/content/get-started/using-git/splitting-a-subfolder-out-into-a-new-repository.md +++ b/content/get-started/using-git/splitting-a-subfolder-out-into-a-new-repository.md @@ -17,7 +17,7 @@ shortTitle: Splitting a subfolder > [!NOTE] > You need Git version 2.22.0 or later to follow these instructions, otherwise `git filter-repo` will not work. -If you create a new clone of the repository, you won't lose any of your Git history or changes when you split a folder into a separate repository. However, note that the new repository won't have the branches and tags of the original repository. +If you create a new clone of the repository, you won't lose any of your Git history or changes when you split a folder into a separate repository. However, note that the new repository won't have the branches and tags of the original repository. {% data reusables.command_line.open_the_multi_os_terminal %} diff --git a/content/get-started/using-git/troubleshooting-the-2-gb-push-limit.md b/content/get-started/using-git/troubleshooting-the-2-gb-push-limit.md index cbd92069111a..887f746b5abe 100644 --- a/content/get-started/using-git/troubleshooting-the-2-gb-push-limit.md +++ b/content/get-started/using-git/troubleshooting-the-2-gb-push-limit.md @@ -43,7 +43,7 @@ You can avoid hitting the limit by breaking your push into smaller parts, each o 1. If this is the first time this repository is being pushed to {% data variables.product.prodname_dotcom %}, perform a final mirror push to ensure any remaining refs are pushed up. ```shell - git push REMOTE-NAME --mirror + git push REMOTE-NAME --mirror ``` If this is still too large, you'll need to push up other branches in stages using the same steps. diff --git a/content/get-started/using-git/using-git-rebase-on-the-command-line.md b/content/get-started/using-git/using-git-rebase-on-the-command-line.md index e139b09633fb..81723ca347a6 100644 --- a/content/get-started/using-git/using-git-rebase-on-the-command-line.md +++ b/content/get-started/using-git/using-git-rebase-on-the-command-line.md @@ -107,7 +107,7 @@ Once you are satisfied with your changes, run At this point, you can edit any of the files in your project to make any additional changes. For each change you make, you'll need to perform a new commit, and you can do that by entering the `git commit --amend` command. When you're finished making all your changes, you can run `git rebase --continue`. -Git then gets to the `reword 4ca2acc` command. It opens up your text editor one more time, and presents the following information: +Git then gets to the `reword 4ca2acc` command. It opens up your text editor one more time, and presents the following information: ```text i cant' typ goods diff --git a/content/get-started/working-with-subversion-on-github/support-for-subversion-clients.md b/content/get-started/working-with-subversion-on-github/support-for-subversion-clients.md index 579a4673f1c0..805ac3adff17 100644 --- a/content/get-started/working-with-subversion-on-github/support-for-subversion-clients.md +++ b/content/get-started/working-with-subversion-on-github/support-for-subversion-clients.md @@ -18,9 +18,9 @@ GitHub supports Subversion clients via the HTTPS protocol. We use a Subversion b ### Checkout -The first thing you'll want to do is a Subversion checkout. Since Git clones keep the working directory (where you edit files) separate from the repository data, there is only one branch in the working directory at a time. +The first thing you'll want to do is a Subversion checkout. Since Git clones keep the working directory (where you edit files) separate from the repository data, there is only one branch in the working directory at a time. -Subversion checkouts are different: they mix the repository data in the working directories, so there is a working directory for each branch and tag you've checked out. For repositories with many branches and tags, checking out everything can be a bandwidth burden, so you should start with a partial checkout. +Subversion checkouts are different: they mix the repository data in the working directories, so there is a working directory for each branch and tag you've checked out. For repositories with many branches and tags, checking out everything can be a bandwidth burden, so you should start with a partial checkout. {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.copy-clone-url %} @@ -43,7 +43,7 @@ Subversion checkouts are different: they mix the repository data in the working > Updated to revision 1. ``` -1. Get an empty checkout of the `branches` directory. This is where all of the non-`HEAD` branches live, and where you'll be making feature branches. +1. Get an empty checkout of the `branches` directory. This is where all of the non-`HEAD` branches live, and where you'll be making feature branches. ```shell $ svn up --depth empty branches diff --git a/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md b/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md index d675451d51ed..98c056431dcd 100644 --- a/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md +++ b/content/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax.md @@ -143,7 +143,7 @@ The code block below demonstrates the basic rules used to generate anchors from ## Sample Section -## This'll be a _Helpful_ Section About the Greek Letter Θ! +## This'll be a _Helpful_ Section About the Greek Letter Θ! A heading containing characters not allowed in fragments, UTF-8 characters, two consecutive spaces between the first and second words, and formatting. ## This heading is not unique in the file @@ -207,7 +207,7 @@ You can display an image by adding ! and wrapping the alt text in `[ ![Screenshot of a comment on a GitHub issue showing an image, added in the Markdown, of an Octocat smiling and raising a tentacle.](/assets/images/help/writing/image-rendered.png) -{% data variables.product.product_name %} supports embedding images into your issues, pull requests{% ifversion fpt or ghec %}, discussions{% endif %}, comments and `.md` files. You can display an image from your repository, add a link to an online image, or upload an image. For more information, see "[Uploading assets](#uploading-assets)." +{% data variables.product.product_name %} supports embedding images into your issues, pull requests{% ifversion fpt or ghec %}, discussions{% endif %}, comments and `.md` files. You can display an image from your repository, add a link to an online image, or upload an image. For more information, see "[Uploading assets](#uploading-assets)." > [!NOTE] > When you want to display an image that is in your repository, use relative links instead of absolute links. diff --git a/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md b/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md index beb6ba5692c7..f792a8454bae 100644 --- a/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md +++ b/content/get-started/writing-on-github/working-with-advanced-formatting/writing-mathematical-expressions.md @@ -24,7 +24,7 @@ To include a math expression inline within your text, delimit the expression wit {% endif %} ```text -This sentence uses `$` delimiters to show math inline: $\sqrt{3x-1}+(1+x)^2$ +This sentence uses `$` delimiters to show math inline: $\sqrt{3x-1}+(1+x)^2$ ``` ![Screenshot of rendered Markdown showing how a mathematical expression displays on {% data variables.product.prodname_dotcom %}. The equation is the square root of 3 x minus 1 plus open paren 1 plus x close paren squared.](/assets/images/help/writing/inline-math-markdown-rendering.png) @@ -32,7 +32,7 @@ This sentence uses `$` delimiters to show math inline: $\sqrt{3x-1}+(1+x)^2$ {% ifversion math-backtick-syntax %} ```text -This sentence uses $\` and \`$ delimiters to show math inline: $`\sqrt{3x-1}+(1+x)^2`$ +This sentence uses $\` and \`$ delimiters to show math inline: $`\sqrt{3x-1}+(1+x)^2`$ ``` ![Screenshot of rendered Markdown showing how a mathematical expression displays inline on {% data variables.product.prodname_dotcom %}. The equation is the square root of 3 x minus 1 plus open paren 1 plus x close paren squared.](/assets/images/help/writing/inline-backtick-math-markdown-rendering.png) diff --git a/content/github-models/prototyping-with-ai-models.md b/content/github-models/prototyping-with-ai-models.md index 02bc5526d7e1..93fe4bdc9e94 100644 --- a/content/github-models/prototyping-with-ai-models.md +++ b/content/github-models/prototyping-with-ai-models.md @@ -214,7 +214,7 @@ Low, high, and embedding models have different rate limits. To see which type of 1 - Azure OpenAI o1-mini + Azure OpenAI o1-mini Requests per minute 2 3 diff --git a/content/graphql/guides/forming-calls-with-graphql.md b/content/graphql/guides/forming-calls-with-graphql.md index cfc9778c3907..0059ca36fb15 100644 --- a/content/graphql/guides/forming-calls-with-graphql.md +++ b/content/graphql/guides/forming-calls-with-graphql.md @@ -211,7 +211,7 @@ Looking at the composition line by line: * The [docs](/graphql/reference/objects#repository) tell us this object has the type `IssueConnection`. * Schema validation indicates this object requires a `last` or `first` number of results as an argument, so we provide `20`. - * The [docs](/graphql/reference/objects#repository) also tell us this object accepts a `states` argument, which is an [`IssueState`](/graphql/reference/enums#issuestate) enum that accepts `OPEN` or `CLOSED` values. To find only closed issues, we give the `states` key a value of `CLOSED`. + * The [docs](/graphql/reference/objects#repository) also tell us this object accepts a `states` argument, which is an [`IssueState`](/graphql/reference/enums#issuestate) enum that accepts `OPEN` or `CLOSED` values. To find only closed issues, we give the `states` key a value of `CLOSED`. * `edges {` diff --git a/content/graphql/guides/managing-enterprise-accounts.md b/content/graphql/guides/managing-enterprise-accounts.md index cfd3d851df95..711af82aeb65 100644 --- a/content/graphql/guides/managing-enterprise-accounts.md +++ b/content/graphql/guides/managing-enterprise-accounts.md @@ -127,7 +127,7 @@ variables { } ``` -The next GraphQL query example shows how challenging it is to retrieve the number of `public` repositories in each organization without using the Enterprise Account API. Notice that the GraphQL Enterprise Accounts API has made this task simpler for enterprises since you only need to customize a single variable. To customize this query, replace `` and ``, etc. with the organization names on your instance. +The next GraphQL query example shows how challenging it is to retrieve the number of `public` repositories in each organization without using the Enterprise Account API. Notice that the GraphQL Enterprise Accounts API has made this task simpler for enterprises since you only need to customize a single variable. To customize this query, replace `` and ``, etc. with the organization names on your instance. ```graphql # Each organization is queried separately diff --git a/content/graphql/guides/migrating-graphql-global-node-ids.md b/content/graphql/guides/migrating-graphql-global-node-ids.md index f26220481da9..935ca3b0da39 100644 --- a/content/graphql/guides/migrating-graphql-global-node-ids.md +++ b/content/graphql/guides/migrating-graphql-global-node-ids.md @@ -11,7 +11,7 @@ shortTitle: Migrating global node IDs ## Background -The {% data variables.product.product_name %} GraphQL API currently supports two types of global node ID formats. The legacy format will be {% data variables.release-phases.closing_down %} and replaced with a new format. This guide shows you how to migrate to the new format, if necessary. +The {% data variables.product.product_name %} GraphQL API currently supports two types of global node ID formats. The legacy format will be {% data variables.release-phases.closing_down %} and replaced with a new format. This guide shows you how to migrate to the new format, if necessary. By migrating to the new format, you ensure that the response times of your requests remain consistent and small. You also ensure that your application continues to work once the legacy IDs are {% data variables.release-phases.closing_down %}. @@ -19,13 +19,13 @@ To learn more about why the legacy global node ID format will be {% data variabl ## Determining if you need to take action -You only need to follow the migration steps if you store references to GraphQL global node IDs. These IDs correspond to the `id` field for any object in the schema. If you don't store any global node IDs, then you can continue to interact with the API with no change. +You only need to follow the migration steps if you store references to GraphQL global node IDs. These IDs correspond to the `id` field for any object in the schema. If you don't store any global node IDs, then you can continue to interact with the API with no change. -Additionally, if you currently decode the legacy IDs to extract type information (for example, if you use the first two characters of `PR_kwDOAHz1OX4uYAah` to determine if the object is a pull request), your service will break since the format of the IDs has changed. You should migrate your service to treat these IDs as opaque strings. These IDs will be unique, therefore you can rely on them directly as references. +Additionally, if you currently decode the legacy IDs to extract type information (for example, if you use the first two characters of `PR_kwDOAHz1OX4uYAah` to determine if the object is a pull request), your service will break since the format of the IDs has changed. You should migrate your service to treat these IDs as opaque strings. These IDs will be unique, therefore you can rely on them directly as references. ## Migrating to the new global IDs -To facilitate migration to the new ID format, you can use the `X-Github-Next-Global-ID` header in your GraphQL API requests. The value of the `X-Github-Next-Global-ID` header can be `1` or `0`. Setting the value to `1` will force the response payload to always use the new ID format for any object that you requested the `id` field for. Setting the value to `0` will revert to default behavior, which is to show the legacy ID or new ID depending on the object creation date. +To facilitate migration to the new ID format, you can use the `X-Github-Next-Global-ID` header in your GraphQL API requests. The value of the `X-Github-Next-Global-ID` header can be `1` or `0`. Setting the value to `1` will force the response payload to always use the new ID format for any object that you requested the `id` field for. Setting the value to `0` will revert to default behavior, which is to show the legacy ID or new ID depending on the object creation date. Here is an example request using a `curl` command: @@ -64,7 +64,7 @@ You can also get the new ID for a collection of items. For example, if you wante } ``` -Note that setting `X-Github-Next-Global-ID` to `1` will affect the return value of every `id` field in your query. This means that even when you submit a non-`node` query, you will get back the new format ID if you requested the `id` field. +Note that setting `X-Github-Next-Global-ID` to `1` will affect the return value of every `id` field in your query. This means that even when you submit a non-`node` query, you will get back the new format ID if you requested the `id` field. ## Sharing feedback diff --git a/content/graphql/reference/unions.md b/content/graphql/reference/unions.md index 11cb7dbd08a6..876e279c85fa 100644 --- a/content/graphql/reference/unions.md +++ b/content/graphql/reference/unions.md @@ -1,6 +1,6 @@ --- title: Unions -intro: A union is a type of object representing many objects. +intro: A union is a type of object representing many objects. redirect_from: - /v4/union - /v4/reference/union diff --git a/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md b/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md index 49e52da457bc..4bbab8ffbe98 100644 --- a/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md +++ b/data/reusables/advanced-security/secret-scanning-add-custom-pattern-details.md @@ -1,6 +1,6 @@ 1. Enter the details for your new custom pattern. You must at least provide the name for your pattern, and a regular expression for the format of your secret pattern. 1. In the "Pattern name" field, type a name for your pattern. - 1. In the "Secret format" field, type a regular expression for the format of your secret pattern.{% ifversion secret-scanning-custom-pattern-ai-generated %} Alternatively, you can use the generator to generate a regular expression for you. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/generating-regular-expressions-for-custom-patterns-with-ai)."{% endif %} + 1. In the "Secret format" field, type a regular expression for the format of your secret pattern.{% ifversion secret-scanning-custom-pattern-ai-generated %} Alternatively, you can use the generator to generate a regular expression for you. For more information, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/generating-regular-expressions-for-custom-patterns-with-copilot-secret-scanning)."{% endif %} 1. You can click **More options {% octicon "chevron-down" aria-hidden="true" %}** to provide other surrounding content or additional match requirements for the secret format. 1. Provide a sample test string to make sure your configuration is matching the patterns you expect.